General Info

URL

http://decompiler.cpupk.com/content.jar

Full analysis
https://app.any.run/tasks/a21a8749-4762-4901-80cc-6dce244dd439
Verdict
Malicious activity
Analysis date
4/15/2019, 14:53:52
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
240 seconds
Additional time used
180 seconds
Fakenet option
off
Heavy Evaision option
on
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Modifies files in Chrome extension folder
  • chrome.exe (PID: 3044)
Application launched itself
  • chrome.exe (PID: 3044)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
52
Monitored processes
21
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
3044
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://decompiler.cpupk.com/content.jar
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winspool.drv

PID
1008
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6fa60f18,0x6fa60f28,0x6fa60f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3300
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3040 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_watcher.dll

PID
3484
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=3395898415685761709 --mojo-platform-channel-handle=972 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.75\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libegl.dll

PID
2172
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=14585021511065589160 --mojo-platform-channel-handle=1516 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
2276
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --service-pipe-token=4658536170051861043 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4658536170051861043 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1984 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3140
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --service-pipe-token=11299477481701816766 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11299477481701816766 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2024 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3324
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --service-pipe-token=2833185701234255491 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2833185701234255491 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2204 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2864
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8264601097220516804 --mojo-platform-channel-handle=3104 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2904
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=9762272855038917111 --mojo-platform-channel-handle=3240 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1356
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=10814552814063981347 --mojo-platform-channel-handle=3220 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2892
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=5852951817965756795 --mojo-platform-channel-handle=3324 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2160
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=10404833976663561836 --mojo-platform-channel-handle=3328 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1780
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=18093374258155831192 --mojo-platform-channel-handle=3472 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
2080
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=5886352957994645551 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5886352957994645551 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2580 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2888
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=7923380867004701100 --mojo-platform-channel-handle=2936 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
3412
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=3927465252141411050 --mojo-platform-channel-handle=2840 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2280
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=10529791781094596685 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10529791781094596685 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2104 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3728
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=13929563026164789877 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13929563026164789877 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1824
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=243488669087036809 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=243488669087036809 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=880 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3916
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=952,8857211242881081657,3085108593435089620,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=2374069329333577955 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2374069329333577955 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

Registry activity

Total events
580
Read events
478
Write events
99
Delete events
3

Modification events

PID
Process
Operation
Key
Name
Value
3300
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3044-13199806446782375
259
2172
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3044
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3044
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3044
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
3044
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
3044
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
3044
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199806447829250
3044
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3044
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
76685F68F600C0A879E840B84DDA8F7099E53738CBDC8193F6E7A21E6F923E69
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
DA05B26A7D3319A379604454C2000F0ED14CFD70CECBC50445A48468B4CCF217
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
576795A29CA25E45558DAFC079D9651F80DC4B6DE353FD5219DCB7AFA94A876A
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
796CB2CEAE567DD802AD3723D1568A48CF2B095DFB57E2C61C07DE6AA9E1D903
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
1339F2E13891DA3B79B670CB40994115892E844C6212CFF44BEFD03B77AE2876
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
99085321A83C3721B776F0FA15C2B3ECBB438236ED07E38F7CE8B5556415975B
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
EFA63CBF982B82CF44E63E567FF3BB95FE3F51570D9A0CED8846E77B13199169
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
D44C0F04088B2655A9CE157037AA2B1F2C6A03B34FD788E6B7E7A735CB5CC173
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
540AF8282B2094E8BF29F53B96F65B701EB82F6E542054E3626E02C94C8E97EF
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
C9C7C55C3B0456C01523E1E313F89F6E3EF387B638A504A05D5DEAB5DE57A01E
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
51E6736F9D020ECE3B8DB7882C6322834811594B364F3C70167E075DA9E03794
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\PTimes
C
7191D7858AF3D401
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C1
1C1GCEA_enUA812UA812
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C2
1C2GCEA_enUA812
3044
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C7
1C7GCEA_enUA812
2888
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2888
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-21
Desktop (create shortcut)
2888
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@zipfldr.dll,-10148
Compressed (zipped) folder
2888
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-4
Mail recipient
2888
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
Fax recipient

Files activity

Executable files
0
Suspicious files
86
Text files
148
Unknown types
2

Dropped files

PID
Process
Filename
Type
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: 2601d2eac04201cf6f5db8257a036ef2
SHA256: ff0152daadbc52e8c3b82a4bd39ee305ebd0c2f01ee7e1ff37e441787f186d52
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7319.128.0.1_0
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF13c6ed.TMP
text
MD5: 334950a10e77ac6c90d826d379d06ce7
SHA256: c246a8f1cd066090a59c888553cff09bfeefde762e7b03a67654e8f8b6b780c3
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 334950a10e77ac6c90d826d379d06ce7
SHA256: c246a8f1cd066090a59c888553cff09bfeefde762e7b03a67654e8f8b6b780c3
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\7753503d-2660-469e-a628-0d1b14092278.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 7f3bb2e55c755043fc4dcabce11f54fd
SHA256: 516ee7caf2315749dbb28f1da95186b64c868c9bd79584571bcce6b77210c4a5
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF13c18e.TMP
text
MD5: 7f3bb2e55c755043fc4dcabce11f54fd
SHA256: 516ee7caf2315749dbb28f1da95186b64c868c9bd79584571bcce6b77210c4a5
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\2f051aaf-331a-4475-b4a1-4ae6d08715aa.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0268f437f5702152_0
binary
MD5: 5d630c83795232273e96ed245897cb97
SHA256: 598aa4299818823b6893294222b76cef684b880b9348aeb54ab29f8e72877554
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df590dc9860f7c42_0
binary
MD5: ab361547a496953c565d4522352ec90a
SHA256: 97f680266b7276957e085a2e67526900019332b60c706e713bddf06c87dcce88
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\52c477b704358f04_0
binary
MD5: f850c94feded17b68161bff6b3dace46
SHA256: ee0e0826ca077808d0429aa8f0eaabf827aeb8eedb81c2ff74156dc182d33f8d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\423f07b6abc5e2cf_0
binary
MD5: 4a2a0bab6a9cca04cac9e2b4f5300a90
SHA256: fabc4527bac0cd600bc5e3166d3e8fd8d62b410a23d82864dc866278653760d7
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ad1d73dc026a290_0
binary
MD5: ce7ae431176f59363eaaee5e7bbc8cc5
SHA256: 67526fe652bbf4ce321131d5372c9b43f602dfb235faf812b18ceff7e9c62ae6
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43a76d3fa876de1f_0
binary
MD5: ad35d879f96e1e863070de24ca1e4dcd
SHA256: bfa3d7666951937edf83af198218204e0d274dd8af97dee5659f90758a5963e2
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa56acf261271b6d_0
binary
MD5: fcab021d1da135294c5abcbf9d044b3a
SHA256: eff207eebcc51c41517f1085ffc88ed55d8bdc895b57d03e1b20738fa9a9ed16
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
image
MD5: f1bf18eb1191aa01f532b393d730aac8
SHA256: 8b422222d551844d810be2ea44be3bb7dc19cf7b40c8c16bbbee2777bfc179dd
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
compressed
MD5: a7f68d1dd6452866b02ef38fccdbb317
SHA256: 1fa447d7ed64d2b5cc0cd83e6d6a229c1dc6801c21b090218b2f6d68aebc5bd8
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
compressed
MD5: ae726590e283b71f11d237f0331e6370
SHA256: cac28d9ca754907a0ad4a32e53ef2024dd346ca485d251108057951ae228e2e7
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 39b6b4c6e0907a16cdcabfab0e0897df
SHA256: eb1a8452a7f082ba742961c9c1b91122fb40da3aa29668afe09628d2b691aad7
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF139984.TMP
text
MD5: 39b6b4c6e0907a16cdcabfab0e0897df
SHA256: eb1a8452a7f082ba742961c9c1b91122fb40da3aa29668afe09628d2b691aad7
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\8e7175e9-e9af-4f1d-9c8a-bb64c427813a.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 9ac43fa0eacba42dd3cff98422ce5804
SHA256: 4f0c8516a5b94d9eed53cb9d2860606a1d09a108f00f03614a4306a494920adf
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF13980d.TMP
text
MD5: 9ac43fa0eacba42dd3cff98422ce5804
SHA256: 4f0c8516a5b94d9eed53cb9d2860606a1d09a108f00f03614a4306a494920adf
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\55f2613f-7223-4ae9-ad0a-839046a7d08c.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000005.ldb
binary
MD5: e0f91e1752f906849ed43144baa253a7
SHA256: 25dd610bdd881fd2c9705ec165e819e4ae9f6d9835c212ece616cbee9f16959c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\386e2e5a247d7e91_0
binary
MD5: 58768e3702c1e5b92b17c80991a71e8f
SHA256: 1f27d315a047e1dc5686edb8795878c9afda498c1e614994380d392c82d3bd22
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4c1ae064a473fed_0
binary
MD5: 284f0eea958b58dc042d09f2af35926b
SHA256: 93e80feb348af7e5bcd5f05887f4dae1711db8251681c43f657977f8d1f052db
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b418fda5edb7ad4_0
binary
MD5: 056ba2a2b74378f0a4daf41effb63f1b
SHA256: 11b4f44124964b9c1794a52f737f7eca6de1e87f476e22dbcffb598efcd09a0c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa8db5580d989139_0
binary
MD5: 2b388f123b9f8e87ce1f33e6790a271b
SHA256: e59959924942d7b93c6e7f047341d3b884ab24c639001c38b153b5fa39950ed3
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c496de569731085_0
binary
MD5: dda72847311619f6c120b4e9e6af1776
SHA256: 74e2a00580a9a9df66aff202a78cc8f34b7fb27e7ccd2ffa5c10daf905089bf1
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
compressed
MD5: a6ce90b9145f18e7a721eb3819daaaab
SHA256: 94fe45c14a2ce4fd5f1401c835e5d63111ebf89ff58e03d6b780592f02abf778
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0004a55d82550616_0
binary
MD5: 47a8098421c293d464361b69b0796570
SHA256: 419639301e4ac8f641adc1ee5692fb8321e9c45cbe4cf263065c39dca1a31ab8
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6fa60631f9b14921_0
binary
MD5: 824004cc6c829319eb56ca63dce79833
SHA256: fbff11d8a718036f551f7a9947b15019a5ab249e67d081db338d1de8ab55d44b
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6c90d34051f8da77_0
binary
MD5: fe879589908b19c1a2c38293b453e8f6
SHA256: 6f572b2985b6b1f39facfbded1d203e49f28e89156dd89c694d847f66fe5f1c4
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54a3ca9d37dca719_0
binary
MD5: 67e1e42fee263131f1ef536dbf2a6454
SHA256: 213eb761770cd6e0b6e2838e0778d041d6eaa4d22e1447f2545b518ae4b74181
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
compressed
MD5: a8f3a48499fdb9ac753f83b3741f602b
SHA256: 65f0229be7f540ea256148b464d60dae028dbba6ff368bbefd09f03fdd66d98e
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c32c9c85652253b_0
binary
MD5: 74d07c33a2ed8d1100fabfb87228a981
SHA256: f1a2585a4ff84bf07776d4d8e763e29695160a8f6ed95abca3e79583a7e672ca
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f07a39d2b6bdda23_0
binary
MD5: 592d438c356455444f4b910243800299
SHA256: 82c1564b7333e98808d44e2a6d93b946d5abd19aafe69fc6784662f363178a50
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
compressed
MD5: 1d3a2d5c1bd5de13ba0dea4937caa924
SHA256: 33aabfda6a60be6632a86b6e3342aef1d32ba46c08d1a68ee04b638b64c748f0
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\56d1a61dff4722b7_0
binary
MD5: 7c004eef43ff96c804ec61da117c778a
SHA256: 6537fa383f5dc47f9f4661da0f9a32be03c5332a402051ca696a7d03c632928b
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dd1773753bd5967_0
binary
MD5: 0a435ab8be4b8bf636b9954b0cc6ca59
SHA256: 18269707d7abf9c6c245c3c0b4ed99acd9913d134b09651f7c49a29df922d8d6
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
ini
MD5: 2d14db9a4fdbec53a457cc176238c9d2
SHA256: 041261e2881f0b9e85cc906d20b10830d1e9c3b6e4fd4d7dedbd818d2a68d1d6
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
compressed
MD5: 56b0fcdde849b242a2775bd5e87ca700
SHA256: 80e6c7cae168628a7b67266073ff3afb5af8bd693412b5e96aec2a732f14b6af
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
image
MD5: 6de6f0f48131196b75818b74b15a9445
SHA256: 076bf2d361326df07520f79c5a6f7fb35d8cffb41113c95a9fc0dcefe9ace14d
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: a008cfce4ed4edfc6c02eef6ef992605
SHA256: aee0a63dc8dc2f165a2837007546db163c5c53f2fcb85a6bb565895778832e8b
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF12cc31.TMP
text
MD5: a008cfce4ed4edfc6c02eef6ef992605
SHA256: aee0a63dc8dc2f165a2837007546db163c5c53f2fcb85a6bb565895778832e8b
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\875a3e54-4a03-42af-aa7a-d56dfa3c47f9.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b67bb9ea9cf5609b8835ca2deb01b0ec
SHA256: 653062c611641b91a2abf97f5c722db134c7ac1f115522666fd36b087031d264
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1267f9.TMP
text
MD5: b67bb9ea9cf5609b8835ca2deb01b0ec
SHA256: 653062c611641b91a2abf97f5c722db134c7ac1f115522666fd36b087031d264
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\fb446a06-757f-4ec8-85eb-75e94fe925f0.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF12504b.TMP
binary
MD5: 71d88bc8337eb24f796f6af659449d36
SHA256: f6dc6df75fd0b374475ab91f9a6771a1949376b6100fc797d697184fb271a180
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: 71d88bc8337eb24f796f6af659449d36
SHA256: f6dc6df75fd0b374475ab91f9a6771a1949376b6100fc797d697184fb271a180
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b0af8805f081ffa1ecac3c09609e0993
SHA256: 798d9f40e4d69ea41f0af6ec1664a5063c87209b5f55aa039e512477755d2a72
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF123699.TMP
text
MD5: b0af8805f081ffa1ecac3c09609e0993
SHA256: 798d9f40e4d69ea41f0af6ec1664a5063c87209b5f55aa039e512477755d2a72
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d4feb4e9-b349-467e-b6b1-c3d25294be13.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF12117d.TMP
text
MD5: 4ea37b01e4dbad13602aef6a3192aa8b
SHA256: e7d2fc9e4003caf39f922db0ee4d335735c7b893edd5a2949e057e703bdd73c4
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 4ea37b01e4dbad13602aef6a3192aa8b
SHA256: e7d2fc9e4003caf39f922db0ee4d335735c7b893edd5a2949e057e703bdd73c4
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\cbe80ceb-13e3-475e-a65f-d533843de824.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2dd7655d67c54a62_0
binary
MD5: 1bc0d04de293f1edd7d660c4ddb74b8f
SHA256: 4f851c0332f42693b4e6dee71dece02b740211105f54689340b6c307ca12e5d8
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: a1e32d4a5a1b8c2bbf227b53454fc021
SHA256: 6c396a811ba2423b207f8359428d0dab8db31be678c6d401d0f5060305fc372f
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF11e210.TMP
text
MD5: a1e32d4a5a1b8c2bbf227b53454fc021
SHA256: 6c396a811ba2423b207f8359428d0dab8db31be678c6d401d0f5060305fc372f
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\692dbada-f52f-4294-8f01-0709725fe2aa.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 00e1f88b7935804f2263e6db59323971
SHA256: f2c48eadf843a3db50c8490748e83dc8f4e821306dc2b11c9848cb5cbd153832
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF11dc34.TMP
text
MD5: 00e1f88b7935804f2263e6db59323971
SHA256: f2c48eadf843a3db50c8490748e83dc8f4e821306dc2b11c9848cb5cbd153832
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\7abbb470-2664-4a10-90e7-1faad85a5dcf.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF11cca4.TMP
text
MD5: 7a00c9118193b817efa71f76923a6291
SHA256: a40e18b93fd0c6188d18d24dca1ef8e3132c1c1a29c942728bf7c7a30bfa0f8d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 7a00c9118193b817efa71f76923a6291
SHA256: a40e18b93fd0c6188d18d24dca1ef8e3132c1c1a29c942728bf7c7a30bfa0f8d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d1b77651-0e50-452a-9673-12d5de493b5a.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\302fde6af4910274_0
binary
MD5: 322a9e84daf12e8e46e08d73c6b59caf
SHA256: e4ee91b42cdf43039ce7531e2a96f2ceaaf810ff6c4bc9c71bb4d8be2c7bb21c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store
binary
MD5: 2caf9b7c46d2b1df7d09e3a3436896da
SHA256: 7b28fa5fe088bbf0dcfab4f3787b7227e65b83af4a474af49532a2f7ca48338b
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store
binary
MD5: c2ff148597f36f1b04553d37b1779892
SHA256: 208b04a0595569e954132071863fc6f2bb1197e7e69105dd2d207fc17088c821
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store
binary
MD5: bd2a05bc63a946ea99e1de94c59059c0
SHA256: 46a9238c3152029a3371ba7b757cac42b7feb9bfbf9f196b1fdd990261065978
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store
binary
MD5: 2e2b2e2ba1af72a9b553cf3b46a38d26
SHA256: 0d5b2e253befb6f61e74efae5413b9faa470fb76b21f8c8bb645bb3d42f2e035
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store
binary
MD5: 66c92b1140aa749918a55702c6970adf
SHA256: a44106fda23390de0a17956e0c300f39971def52406edb33dc5fa839b61a85ee
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store
binary
MD5: e50228378053a9decfb589a5e71f5de5
SHA256: 7b48d79d8630935a97a60ddac2336f3ee9708a6307383e6fa1d491e329a0f191
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store
binary
MD5: f6f80700db870ab9d60791096ed375ea
SHA256: 4df5476f457442ea8445f49d2a5717cfc2fd721f955e801ecbf077039111d04a
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store
binary
MD5: 1255b17603ae5b73327a378260de5584
SHA256: 156283215c2982ab8501d12b137428eeb9625a1089c838993fb93d116722e4c7
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store
binary
MD5: ddf9fddbc9dbd4af96dfefc0b7a0fa4e
SHA256: f5c46fe16061ff5cfc78baf11428d22d261a162415091d93cbc47f5b560ff53c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store
binary
MD5: ba7e1753fe1bd1d210a0e7ec46799474
SHA256: 61f1465482e63f2e662ab0b95a78300729f18482fd24cff8144221a120365b3a
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store
binary
MD5: da00f5f8a1e4bdb532342a9f0ab950a3
SHA256: 48efa99cdf638eb242b760569e6dbf15c0d0c78d6fa1e4e64ea15543d6bbca5a
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\386e2e5a247d7e91_0
binary
MD5: 939df92aa155033c61634bc9c5475a95
SHA256: bc897b9e78bc48c18470561a5b7b4cc2a6c8b59e2df447807f308f65f60bb4c1
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\386e2e5a247d7e91_0
binary
MD5: 4f92e7f36f804cf66aed373e0302de20
SHA256: 178a99b4c11827ab23f30b581f89c301b24ff1cb7888341549cb932dc4522fd9
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store
binary
MD5: 43424ec9a25f29f141319f796f26ce91
SHA256: 2906a981195b60d9d011e0447981e7f9082c2b2089517e81f42b380f5c9248d8
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store_new
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\16fa7d1e5fcc0c29_0
binary
MD5: 1887ba90c19737c311fb1a253ee9af81
SHA256: 56bdf8641114052b93a6259f76223b613541cfd5274625e61e58ab1a71a13c18
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
compressed
MD5: 01d5892e6e243b52998310c2925b9f3a
SHA256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4c1ae064a473fed_0
binary
MD5: b70784450fff46733d7b3d58e7eaff96
SHA256: 578ef4c8f1ecaa208f45a5760191b96e2bb352976ca9eb93510bea9bf9138ce5
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f550468c21f9c117_0
binary
MD5: 17a025fc69d2801adb77cf052bad579e
SHA256: ba9d306c36074646581b24448a1e27af87b84efaa84223251b960f9b73a2f21a
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
compressed
MD5: 22087efcdb28d4654bd3de6e538a871d
SHA256: 845319ec54d5d957643507e9275ecc265bc3dbef03b4e27755dc910e06fde6d2
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f95236b77c2c254_0
binary
MD5: dbadeb3454ec7e321f46633d02917899
SHA256: 7588be89775378504e6b5448acb5bc8d261ff5388cdcfac43ef292ae4d617a9a
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
compressed
MD5: c2de0d415b6c2ed6ed3d4ed4856f04d2
SHA256: abaf9c19f927b96ffc22367aff40b99d98cbf43b4abdf118c57d0f05faa79da1
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbd215ba8c3d40ad_0
binary
MD5: d26abc4124ed6d56910d93f91e9ca7f9
SHA256: 522ee169b76828aa542541f75e475889a30418272c87eb51777fa85a327a124c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\29688a5645519081_0
binary
MD5: 7278243f53f6b3a2ad119f5978b93924
SHA256: 080492b428ed85cd274dd43e04152d99471485708d91d9d65c193cf0027f1b79
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
compressed
MD5: 69d693dbdadd0edcdf7543753e35af18
SHA256: 3c79652fd01fb311c1aaf40738fb6ce4c7d34a05a605e552eaa1f544ecf1e687
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c25c377c1c471b31_0
binary
MD5: 41e60c0ee97f241af5099c7b54e08083
SHA256: ac01b8082fae0c7db2a0b9a8c35507a964489c739ded0813ae52d33503367e0e
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF11b340.TMP
text
MD5: d157886ad06223c604fcec253640afc0
SHA256: b60ca4578b486a7f05241bd22a4543fef47fa7879a5c05d21574a29f87366289
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\761d85ce-a8ec-48cf-91da-735d2e3f74f4.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e3a77ae49dec766c_0
binary
MD5: f49316e758bf996e94de08b7f78f4fd4
SHA256: 9a7c8db41041e5ed1f500a4ef50fa951cc94bd543b7dfd88d8ed9c4603f85a8d
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: 513b65956f22390a71445ac79e3e2b35
SHA256: 9b3a7817ea2af573202f12a0797ae4a7c0b24806354406f747c7fc5ef5d8aadc
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF117925.TMP
text
MD5: 513b65956f22390a71445ac79e3e2b35
SHA256: 9b3a7817ea2af573202f12a0797ae4a7c0b24806354406f747c7fc5ef5d8aadc
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\0e8a3e36-af3f-4d43-bdf2-3503814a3fc0.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: d157886ad06223c604fcec253640afc0
SHA256: b60ca4578b486a7f05241bd22a4543fef47fa7879a5c05d21574a29f87366289
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF117656.TMP
text
MD5: d157886ad06223c604fcec253640afc0
SHA256: b60ca4578b486a7f05241bd22a4543fef47fa7879a5c05d21574a29f87366289
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\6c62d8f3-4e96-4123-819a-c95097855a64.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF11756b.TMP
text
MD5: 85d33adf698bf5ed8211f30787b2c6a0
SHA256: ecda366265ee76f5bbde944d0056315c5789995ed808c49e528babf95e794f38
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 85d33adf698bf5ed8211f30787b2c6a0
SHA256: ecda366265ee76f5bbde944d0056315c5789995ed808c49e528babf95e794f38
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\158c3693-915e-4ec1-86ba-71b705e3ed36.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: df42e60414bbc091c41a86d5c083002a
SHA256: 5add263c700397b708bca2151783f7a0da2e4c6d8bc6a6f9320d90effe764eca
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF11274b.TMP
text
MD5: df42e60414bbc091c41a86d5c083002a
SHA256: 5add263c700397b708bca2151783f7a0da2e4c6d8bc6a6f9320d90effe764eca
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\6bfe4840-2c98-499c-914f-d8c9c3665c8d.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 2b2cff83eb19025709c0ad3520c9ee2e
SHA256: 9e46b038065daec11ff4642ce7cc2af6a41664af42a0a27844564185c565bac8
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF11002c.TMP
text
MD5: 2b2cff83eb19025709c0ad3520c9ee2e
SHA256: 9e46b038065daec11ff4642ce7cc2af6a41664af42a0a27844564185c565bac8
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\a2e301e1-46b5-4bce-ac4b-205fd0900e76.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10f0ca.TMP
text
MD5: d7a4fa16d70be0b1acb3ffd8d52b35f5
SHA256: 9afd8c099735aa163934a566b332ef5981274811d6933b7d092d3fbd7b1e4b9d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: d7a4fa16d70be0b1acb3ffd8d52b35f5
SHA256: 9afd8c099735aa163934a566b332ef5981274811d6933b7d092d3fbd7b1e4b9d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF10f0ca.TMP
text
MD5: 56612d585c86cfb54f3a7d5b65abb339
SHA256: ed3e00dd9f6ecd249c1528ab621bcc2c2c96e44a3577beb63e93ff60494fd822
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 56612d585c86cfb54f3a7d5b65abb339
SHA256: ed3e00dd9f6ecd249c1528ab621bcc2c2c96e44a3577beb63e93ff60494fd822
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\fc090069-cd99-4ace-8a06-03acc6fa1357.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\0a3fe5cf-d7dd-49ab-b0e3-3977d3932839.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7319.128.0.1_0\_metadata\computed_hashes.json
text
MD5: cb8c355bee1282f8b6e4b1302687e63e
SHA256: c27278a1ea72223df17c925c534fd74239bc6311514725e9910852c9ab8fbaa2
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old~RF10c9ab.TMP
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10c7c6.TMP
text
MD5: 8b30886f5ca47cc341043b70e101ac4a
SHA256: 9fa005ad0a03b669226126d8c3ae28eefe5d8431f40f3e7c33c3c9b118761af9
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 8b30886f5ca47cc341043b70e101ac4a
SHA256: 9fa005ad0a03b669226126d8c3ae28eefe5d8431f40f3e7c33c3c9b118761af9
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\7a2c364c-c4f4-4bbb-9e3c-d6caf1328f27.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: b3cd8d0db1ff30ce5c1ea8352b556313
SHA256: 4de8907f1102601c7c50c0730f1eab468ce583ea8911339a5a08853d8a398fcb
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF10c620.TMP
binary
MD5: b3cd8d0db1ff30ce5c1ea8352b556313
SHA256: 4de8907f1102601c7c50c0730f1eab468ce583ea8911339a5a08853d8a398fcb
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 2bd0667a8ac3daf8ca244c2debea7b2d
SHA256: 68272a09f4a961bf2daeb3cc80e11f348d4f23f04e4c99abc0ad21ed784530c3
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF10a913.TMP
text
MD5: 2bd0667a8ac3daf8ca244c2debea7b2d
SHA256: 68272a09f4a961bf2daeb3cc80e11f348d4f23f04e4c99abc0ad21ed784530c3
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\a0adf077-b4eb-4841-9704-5d4a7e13958e.tmp
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 9d38821fb16097bf39f736e91dcb3496
SHA256: 5d660fee79afd755441cfcc161667ac2b33cbc8d06219fbd660b6cbf85071c4c
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF108ed4.TMP
text
MD5: 9d38821fb16097bf39f736e91dcb3496
SHA256: 5d660fee79afd755441cfcc161667ac2b33cbc8d06219fbd660b6cbf85071c4c
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\113af4d8-44a7-495b-9b41-9ceabd1a9702.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 2c8b7bb630f5ee7e53a2d1b3230ac601
SHA256: 0f85cbe989dfb4a128d62b3cb45050a02c37e0fd24b5530fa64a9e4f5de9f985
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF108acd.TMP
text
MD5: 2c8b7bb630f5ee7e53a2d1b3230ac601
SHA256: 0f85cbe989dfb4a128d62b3cb45050a02c37e0fd24b5530fa64a9e4f5de9f985
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 4783108479055c20210da3c8c747ca9f
SHA256: 8d26c3114e086fd65fb60121f3f91d583b2592fa73801517c1a9e8035eb24c0c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\bd42ab27-afd2-4fd5-84ca-f69d27560f7c.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF108aae.TMP
text
MD5: 4783108479055c20210da3c8c747ca9f
SHA256: 8d26c3114e086fd65fb60121f3f91d583b2592fa73801517c1a9e8035eb24c0c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\4967aa15-c264-47b5-b654-d418b035ac34.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sv\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sw\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\zh_TW\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF13f2df.TMP
binary
MD5: 2601d2eac04201cf6f5db8257a036ef2
SHA256: ff0152daadbc52e8c3b82a4bd39ee305ebd0c2f01ee7e1ff37e441787f186d52
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sk\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3044_12852\CRX_INSTALL
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\uk\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\tr\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\vi\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\zh\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\te\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ru\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ta\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\th\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\nl\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sr\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sl\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\pt\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ro\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\pl\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\nb\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ms\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\gu\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\kn\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\lv\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hi\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\lt\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\mr\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fil\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hr\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ml\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ko\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\id\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hu\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\el\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\et\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\cs\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\da\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fi\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ca\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fa\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\bn\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ar\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\am\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\bg\messages.json
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\manifest.json
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_metadata\verified_contents.json
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\mirroring_webrtc.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\mirroring_hangouts.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\mirroring_common.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\feedback_script.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\material_css_min.css
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\mirroring_cast_streaming.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\feedback.html
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\common.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\feedback.css
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\offers.html
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\devices.html
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\setup.html
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\index.html
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\chromecast_logo_grey.png
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\cast_app_redirect.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\cast_app_min.css
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_setup\cast_app.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_game_sender.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\background_script.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\angular.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\cast_sender.js
––
MD5:  ––
SHA256:  ––
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\zh_TW\messages.json
html
MD5: c6f48c269246a6fa0e2f0b396b7604df
SHA256: 81bc1bc507238ab26ffaf68003d811fd603e5f4bdc1b0b94d0f4506cbbe97241
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\vi\messages.json
html
MD5: 47bbd75f76e25d79ea10f2014f7d9bc7
SHA256: 53b2b2454bb45be824119b15dda1ea2226958794fc259d80f0347d1bc706eb7b
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\uk\messages.json
text
MD5: ae50bf36f89d4706da22d21959863425
SHA256: 6b7f56819e94b99b792fe0c11273e259ce18c7fb57392bb47be8b0fd29b24e7d
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\zh\messages.json
html
MD5: 0a57b005bd27db7a0070f914c354a072
SHA256: 91a4c7d3fbd1e41d0801029bda6f14e52c8653a648fc5f39fe1f046564d0f60b
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\tr\messages.json
html
MD5: 2b0dfabc643cff3ec13e96e3ec842258
SHA256: 816add33835ba6028915b4532d5b45a71a280de6788398b008bd60733326ceb7
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\th\messages.json
html
MD5: 84140112d747bd5176c96a374a18ad1a
SHA256: b60a1cbb9ac067f4e903170c8564e4bc2c3572f76a5b09bbeedbd6e1b88df1e1
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\te\messages.json
text
MD5: cebd49bb6f838e23140cee4118c76dfb
SHA256: 0b71586dee26943b55899583ad4355b8f4007a4853510364faa76a99ba9a0566
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ta\messages.json
text
MD5: 5f7b6880dbea25f769f97d2c99e7b7f6
SHA256: 5a22269c0eda694e0131b0ac52ebfdf828aad3c735b592a54d210f6b8db0ab82
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sv\messages.json
html
MD5: cf637a380c4aecd9778a46a19108c406
SHA256: 4010ebf76c0af564b9c3026b98ff2885af77955be12d77a05a508ff7d5f8366d
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sr\messages.json
text
MD5: 59cdbb02241ab4e8a3e4421ee7800474
SHA256: 4d71ed4a97228755c0861b04da1a4c97eef7562406afc29e4213faba36fa3511
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sw\messages.json
html
MD5: 1712a3588bafaee411bc46ec5dcb8ca2
SHA256: 8485722d70475c9d98a8a7d6d2613117149bfaea487ad7f92d9a6e094de949f0
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sl\messages.json
html
MD5: 22a021701f9572cb94606ad35a9be88a
SHA256: 6adf87ecfc785e46593f8a8975989d344dfec3ac0e5672c394d999b7eef70a2c
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\sk\messages.json
html
MD5: 7c3596001e0e44f016816e422f664763
SHA256: d4f5ccd81ed83b460fe2dc51a8415076716c0aa593edb28bbbbaf76a2a49ca47
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ru\messages.json
text
MD5: e61ccfd8f13aa36fef4fd8d651aca7aa
SHA256: 04c6ac4f77a59052f5ceb07c06e6e1cf311b5d5231e8732d837c7f936c3ae219
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\pl\messages.json
html
MD5: 0bd6d31a53f196364e23f00f1f5b0768
SHA256: 4ea7d131167712c8756062d7b6e8f8ae6de7eb2be91c440d3b8b260b7c7d494e
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\pt\messages.json
html
MD5: 816dc05089e3ec573f5d4341a748fefb
SHA256: d610e5f9fae2d429ca1ba5c41bb52b93d2551222ceb751f335b0d43695544351
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ro\messages.json
html
MD5: 2228b9adecbfb55d24890c9510f20b5b
SHA256: d2ce829cc617a8d01c366ec60d1718f52c63f1a9515fb0b1611e55b22f909c69
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\nl\messages.json
html
MD5: 8e38c515a274c55a4b003c47a23ddb4e
SHA256: ed0c2304a02cc8c49d5f4b055b73412b31505ce290a5af73858761c50f2000ef
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ms\messages.json
html
MD5: 9c3779e6e9f6f10e232ee7ad03d75921
SHA256: 6d7e1a3b52ea61d53cf44e770c89b4a370075b786dfa64174fa8b4565d0fadf3
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\nb\messages.json
html
MD5: 3f56c75fcbcc66ba27df14b9ca5a1119
SHA256: d09c1ed9753d6ba323012a4b4ea4f186321bc3ae9bbaa7990b5773d95cc9a242
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\mr\messages.json
text
MD5: df8ae4588605c10278c88d94e9c1dbbc
SHA256: b783440d2b13c18b97b02f24e953aa7a0c778817162ac91c9afbfead2d0bc8ff
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ml\messages.json
text
MD5: 90f5f8ccfc9001b7845e2437d5b83740
SHA256: a0d6831c4dcb9492ceb7d8b1ff0426bf6bc7f6a9ceec7b26dafacde8ae06a3c3
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\lv\messages.json
html
MD5: 0cfd87cf25cd27b7928925f136978097
SHA256: a6dbd930c083e2e5dfb665131d9f1e6e6bd8896753cdb79cf059e21488a920da
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\lt\messages.json
html
MD5: a4e08cf83276578f0444c5c0a5b5196d
SHA256: c8a5d07ff98a92409aadcacd7ae99809e5f6e3be634ded7626dad8c00ec663e1
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ja\messages.json
html
MD5: d38392c4246c105fe2f394c7ef41d0a8
SHA256: d61644907520d8a808aed9fb1532ec0f5ef12461e66a5acc7327c9ed6c2a2681
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\iw\messages.json
html
MD5: 4b3a7915595b1f5a74027909bce968dd
SHA256: f95692a9717639fb9d3886efa9de71808cb5c6b0f4354e9b99816a996298fa8f
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ko\messages.json
html
MD5: 46060399fc358c0c0620463fbfd3f325
SHA256: 139c7f78ca0f385cfaf9f08066d3347eeeba8705f746bee8eae4e15c82ba40cc
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\kn\messages.json
text
MD5: b79cb28daffc5af94b6ecd39a3aa4032
SHA256: 27e2c6d453cd3398f8cb64fb9d4a8776be0d80eb608088804bb23ac985a3aae7
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\id\messages.json
html
MD5: 7b9a0847c6faa8402eab61c096024d33
SHA256: 5e50b077a10a977de39a8a99dbe25ee4c022e88f34d009a665ebf4b7cff688dc
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\it\messages.json
html
MD5: c248ee6105ae77036fbb4c4e3e9d66e7
SHA256: c7451e207005197a225a3e43b479643c4dbe03865c2fff052acb9facc1025980
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hu\messages.json
html
MD5: 2d794e2754e5c80f54bff8ed635184d0
SHA256: c83ec71e1b3b7f14910d05e962ecfc61dad91b034a6fa8abe6afaa5b968689e9
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hr\messages.json
html
MD5: 444cd89a9aab432251330292216f8dae
SHA256: 2defd1bcbd8d822f07a9c79e13e10bba7e61f49aa4d395b1315321dee6df6503
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\hi\messages.json
html
MD5: 46fca60f4c16afd5b68738750a16057e
SHA256: 61c146d44f9c4c054c9dbe79d565463496aae7fa95f784164649026eb852dee6
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\gu\messages.json
html
MD5: 18bd0fa4585a840991bbe01ea1d6bff9
SHA256: 5537157a0078c9485699fc8b103ffbbd069532e29245430c60cac08d6fc50e6e
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fr\messages.json
html
MD5: 4d3875bef5c65792c16abe203fde1f16
SHA256: a34353385db3b07a96bb1c2da7a8e623ee296618845858a239834f7371685144
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fi\messages.json
html
MD5: 9ad4a516864a35f4225410d0f353fb58
SHA256: 0ee5e9fd9615920fa51e50667f19e8ae4399f591de1d702516779f20d62e75f4
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fa\messages.json
html
MD5: edb2ec2c7f482909a814b903024ac672
SHA256: 60ce4f04acfba61db4c54f7e5e990a06535b205a12d53b62d36075b84bb5cbd8
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\fil\messages.json
html
MD5: ec51f209a7be042e832b851430ff75c6
SHA256: c137bd71c5266addf08cac46a606285e1be10e555eef8f0dbe804effe1d94d57
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\et\messages.json
html
MD5: 2e75cee7712c279bf151d93c40757e81
SHA256: 953cad518d95ade3150c43eb753ae24057164d3c2a2bd31109e45b9e0b42bf1b
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\es\messages.json
html
MD5: f76e1dec23c5b058be8d85ecf814ab45
SHA256: 1eda00d6c22c88a6bdec3fd9926f842ab845555096be68a492b92a983beab199
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\en\messages.json
html
MD5: 54536c1afc37045fc1e67404d3247775
SHA256: 525f6693856ec39183a2713b1f79decd65c82c7bde0ce426200fb288f791e5ad
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\de\messages.json
html
MD5: fc9bd60c101f41758269170812356cea
SHA256: 0bc5972106aa310219404ba5b9518b4d2f0f5780624ca7dd40321c4adce804ba
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\el\messages.json
text
MD5: 9463fd9c6e74bc71fd662b25719d2429
SHA256: 59a2e6a9682f367c81f381cdf0633b3217cc538604faa53f04116407f5d15608
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\cs\messages.json
html
MD5: 6c2f7dd3e5d63d41d463fb53d890f17d
SHA256: 7891476c3333a760037df7f9f319b1e47cc19058b66a208fa0127c9d7eb962ba
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\da\messages.json
html
MD5: d7a7b55a20e71db0c5924ba061362bdf
SHA256: 270ad3210aa587ee077b0762e0f38aa694f06f298a2f0a8531dda812843421d1
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\bn\messages.json
text
MD5: 98c0e976877ae91edc3dabdcea30b227
SHA256: e74817f1f5868faece3bbe1aefb3f7967969f0ad26b7c507b04787106d22ef0e
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ca\messages.json
html
MD5: e3cbb47ad514c8679a9681fcd22a19b7
SHA256: c0e35c1d23b8c5cf553772434d96a10e5ecf1f70170a81deca882b3f705d65d8
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\bg\messages.json
text
MD5: c7d7597209588826f1612285261af898
SHA256: 31aac8506daa5f302f6c4167b923788df4aab7cdf4f0673e712ad823b63536c0
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\ar\messages.json
html
MD5: cdfef1cc3d9b1a7f8295f469e5d7cce1
SHA256: 1fd3e52e3082ada8fad1f2f2ce654edaf7e99177b43f468016e8e09f11d061a9
2892
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\_locales\am\messages.json
html
MD5: 544acece47a9653d8908af804aa24c4f
SHA256: 4b1bdceed72e74dc5a64ef305c8dc476f5e2a56e00eb6884d09b0e82e59a69f5
2904
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\CRX_INSTALL\manifest.json
text
MD5: aa820edca2a1d86c3b0a259f28cd4b6c
SHA256: 0cb121b2c53dee18adedc1fa004ca640c88644fd75c5f062ce749401f96ebf49
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir3044_3588\da3a9a55-126c-4e41-8a97-6b293b2e1733.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\da3a9a55-126c-4e41-8a97-6b293b2e1733.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
3044
chrome.exe
C:\Users\admin\AppData\Local\Temp\b68cbcb1-c8a1-4793-a023-94fe3f54461b.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\302fde6af4910274_0
binary
MD5: 87932431a865d4cccfa507a3b2c054bd
SHA256: 4990768587f37a25325afcba9de6ebba12fcaae53f0a3bd43da20a875c03fa1c
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: 1c2c4bb805e49e0719deef84894dbb1f
SHA256: 1afb26b8e579f076590e61bb63648bb0230fee4516c08ebe588dfc31efd616da
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF1067f3.TMP
text
MD5: 1c2c4bb805e49e0719deef84894dbb1f
SHA256: 1afb26b8e579f076590e61bb63648bb0230fee4516c08ebe588dfc31efd616da
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF1067c4.TMP
text
MD5: 1b8036252b09dda7ad0963a5a40e4aba
SHA256: 89e90f5dc88f667b89afa57d04c939a3c7397bb98b9d259766fa452ec297ec06
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 1b8036252b09dda7ad0963a5a40e4aba
SHA256: 89e90f5dc88f667b89afa57d04c939a3c7397bb98b9d259766fa452ec297ec06
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: f50f89a0a91564d0b8a211f8921aa7de
SHA256: b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
––
MD5:  ––
SHA256:  ––
2172
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\index
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF106459.TMP
text
MD5: 904754a73eb4f8a75410a92b2b7a920c
SHA256: c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: 904754a73eb4f8a75410a92b2b7a920c
SHA256: c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000018.dbtmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f8d65f94-9459-4954-b1dc-1e2e90f627da.tmp
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: c5a804a5780cfc948a8db73979de968b
SHA256: 2c6f183b3e9dfa1bdf791091ad09cdcb079307d23864dbc07c81f280aa7d9227
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF10640b.TMP
text
MD5: c5a804a5780cfc948a8db73979de968b
SHA256: 2c6f183b3e9dfa1bdf791091ad09cdcb079307d23864dbc07c81f280aa7d9227
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: 70f27bb5ff84782e8065f81ee64e6008
SHA256: fd5dd0c6f1056c6ee6c2d29bd31653abb589e7d528957942e65b3972b7ecb4e9
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 768258eee3510091c97ade3bca3dc828
SHA256: 1f00cceba22a3fa7d0fffdebb99b95f0dfe19d2cda162abc09fc0d8a6e8ff21d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF1063dc.TMP
text
MD5: 768258eee3510091c97ade3bca3dc828
SHA256: 1f00cceba22a3fa7d0fffdebb99b95f0dfe19d2cda162abc09fc0d8a6e8ff21d
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: 007e2c8f160468cc5a8b6c225f0ac40c
SHA256: 7f09cf7ac785c12f0062eb23854505c4ed396c6522eca7109b43ad5cc1a5f74b
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\index
––
MD5:  ––
SHA256:  ––
3044
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: f679598350690f14a2479935d826682b
SHA256: 4e7e1987eaf5ec751eb16b9f7cbae1c55873f1afe8e2b52416ed454f4efbf239
1008
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
54
TCP/UDP connections
53
DNS requests
39
Threats
1

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2172 chrome.exe GET 302 5.79.68.108:80 http://decompiler.cpupk.com/content.jar NL
text
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/ VG
html
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/?fp=942Rbd1cpp02WSjb5lbnVV8%2F3gPUi%2BGnCAkhkIbdCNMGSm5YaH4YAHyFYAH445Pd21eZ5ZM2OEZoi5IMNcEfo9O%2FZGWZIx7Mq93vBR2YG0e%2FIPma0HmI4dUXvb%2F1qaxQIS5Gql6Fxn3J7OkLDhizfBEX3vo%2FI0LyTNUIRzIuMBY%3D&prvtof=K%2BvlbC43UX0Hgr89qr7%2BnXklpmcoJ48WVV5w%2BYoHiGs%3D&poru=RllqxREEA%2FovUsQ58yGvvnTjGx7vhfX0nsfMYWj50WTAivL9LUvh%2B8PQkRV0Sfti& VG
html
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/px.js?ch=1 VG
text
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/px.js?ch=2 VG
text
malicious
2172 chrome.exe GET 200 2.16.186.106:80 http://i4.cdn-image.com/__media__/pics/8243/logo.png unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/js/min.js?v2.2 unknown
text
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/8243/bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/7867/srch-bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/8243/bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/8243/lhs.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/pics/8243/h_bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/pics/8243/rhs.gif unknown
image
whitelisted
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/sk-logabpstatus.php?a=S1M2L2M2a0I5d0JBWXVwOFZhM0dadkZWaTE2Vm1HbmoyUlpXSnVnQWFWcmNRdTE2VzRaaWhWZ2p6dTdTdkpHOGowbmhBTkZDMmZJaXAyVm5PRjhwZTZZS3lNNS84dTdqTHgyRSs5bUQyRG89&b=false VG
text
malicious
2172 chrome.exe GET 404 208.91.196.145:80 http://ww1.cpupk.com/favicon.ico VG
text
malicious
2172 chrome.exe GET 302 172.217.21.238:80 http://redirector.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvMjJlQUFXRC12Ny1ldUFnMXF3SDlXZDlFZw/7319.128.0.1_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx US
html
whitelisted
2172 chrome.exe GET 200 172.217.133.70:80 http://r1---sn-f5f7lne6.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvMjJlQUFXRC12Ny1ldUFnMXF3SDlXZDlFZw/7319.128.0.1_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx?cms_redirect=yes&mip=62.212.86.130&mm=28&mn=sn-f5f7lne6&ms=nvh&mt=1555332552&mv=u&pl=27&shardbypass=yes US
crx
whitelisted
2172 chrome.exe GET –– 208.91.196.145:80 http://ww1.cpupk.com/Computer_Benchmark_Test.cfm?fp=Xb3taa6Lzl8DD6wI26zlAlLxHxt4kKTSgKptXkTHh2153NfH4eSiTmmZr7Q1AkrXKJc2CC1dW8EYQCM7xY2RD%2FheMoJJaw01y23Z6Wj7Njl7bfJ2Lvw8RnKhDpSOHj%2FMr7r56XeWEoK5%2BFwIAH4luuZu9sqp8%2B2fryOQn1z3cSP3Zx5JXvqUyLbpzNpo66d1Z0ZvOQMrBhF%2FK26CycQxfg%3D%3D&yep=Ym2OX2reog9A5w62E1NFAueY01YPGHuhHFBodBG9I2xeBy0hnjdv8wL0HgHoAp%2FOCYkLsooXYuCWuYen5kmo%2F9eIbCc0wzqYLg6D%2F%2BpJCylw%2F0HsJj3xsnmKLZu2wdok59QhLe7iAErN%2F85pEW0z8Pfs00uVLUol1mqI2%2F18OS9jHBPUoMuz0gscMu7bHdh6Q7OWzaQCogInzEjpjqL3xr8qYgqlwN4MdtP%2BCtkdQNkT46BllXNYfF4ej%2BKbjZc0SxuiuYMoZNZjCK7k1Y13iaA3hSw5D7j1imwHoOvXGVRD3%2BKrFiAoGP4d5Zsu7TObk%2FrzvxPUtIUBIUkPgDIbVEUEOKxrzGicuenL6Zq1Qkg2t1UZaWxaZ9mYGnSSMmRTjtEdlH6m24Ucyw3YIyrdci8irBTDVKtLLNjwkQ%2FZZx7eFAuxd%2FEMipxScQdsl%2FHPVeAUMisxy7%2FhktY4mrw6klRncK7mixFeaeav7GB0WTh31PKpfIv3lPaUGnAp5I4tsgSKjsMTql6nfVQf%2F6R6NO2ILgHvaYfpPOzQnGLsSrSwCjULPpvKzH0GEIRiDMOxm8QjkI36hFt4I6Kbd85vPA%3D%3D&gtnp=0&gtpp=0&maxads=0&kld=1040&yprpnd=%2FeWU%2B4fWDR4ogE7HfT4adMthbPqvdlwNN7gBisjgchk%3D&prvtof=K%2BvlbC43UX0Hgr89qr7%2BnXklpmcoJ48WVV5w%2BYoHiGs%3D&&gtnp=0&gtpp=0&kt=210&&kbc=3997&ki=6654596&ktd=0&kld=1040&kp=1&bd=1%23720%231280%231%230%23598%23197 VG
––
––
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/Computer_Benchmark_Test.cfm?fp=Xb3taa6Lzl8DD6wI26zlAlLxHxt4kKTSgKptXkTHh2153NfH4eSiTmmZr7Q1AkrXKJc2CC1dW8EYQCM7xY2RD%2FheMoJJaw01y23Z6Wj7Njl7bfJ2Lvw8RnKhDpSOHj%2FMr7r56XeWEoK5%2BFwIAH4luuZu9sqp8%2B2fryOQn1z3cSP3Zx5JXvqUyLbpzNpo66d1Z0ZvOQMrBhF%2FK26CycQxfg%3D%3D&yep=Ym2OX2reog9A5w62E1NFAueY01YPGHuhHFBodBG9I2xeBy0hnjdv8wL0HgHoAp%2FOCYkLsooXYuCWuYen5kmo%2F9eIbCc0wzqYLg6D%2F%2BpJCylw%2F0HsJj3xsnmKLZu2wdok59QhLe7iAErN%2F85pEW0z8Pfs00uVLUol1mqI2%2F18OS9jHBPUoMuz0gscMu7bHdh6Q7OWzaQCogInzEjpjqL3xr8qYgqlwN4MdtP%2BCtkdQNkT46BllXNYfF4ej%2BKbjZc0SxuiuYMoZNZjCK7k1Y13iaA3hSw5D7j1imwHoOvXGVRD3%2BKrFiAoGP4d5Zsu7TObk%2FrzvxPUtIUBIUkPgDIbVEUEOKxrzGicuenL6Zq1Qkg2t1UZaWxaZ9mYGnSSMmRTjtEdlH6m24Ucyw3YIyrdci8irBTDVKtLLNjwkQ%2FZZx7eFAuxd%2FEMipxScQdsl%2FHPVeAUMisxy7%2FhktY4mrw6klRncK7mixFeaeav7GB0WTh31PKpfIv3lPaUGnAp5I4tsgSKjsMTql6nfVQf%2F6R6NO2ILgHvaYfpPOzQnGLsSrSwCjULPpvKzH0GEIRiDMOxm8QjkI36hFt4I6Kbd85vPA%3D%3D&gtnp=0&gtpp=0&maxads=0&kld=1040&yprpnd=%2FeWU%2B4fWDR4ogE7HfT4adMthbPqvdlwNN7gBisjgchk%3D&prvtof=K%2BvlbC43UX0Hgr89qr7%2BnXklpmcoJ48WVV5w%2BYoHiGs%3D&&gtnp=0&gtpp=0&kt=210&&kbc=3997&ki=6654596&ktd=0&kld=1040&kp=1&bd=1%23720%231280%231%230%23598%23197%23584%23189 VG
html
malicious
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/js/min.js?v2.2 unknown
text
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/pics/8243/logo.png unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i4.cdn-image.com/__media__/pics/9163/bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/9161/h_bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/9161/numArrowres.png unknown
image
whitelisted
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/sk-logabpstatus.php?a=ZmxHWGhqMkxiVnFWZmpiUUd5RXo5eDQxcEszZlZTdFJNZEdxWGxpMGtnM2pBcGNyaFpwYTZqdXIvZm4vMWdrVW93R2l6L29nTFBqRWJIdnNjSmxVTU9SSVlMZ2hlaGZodWtnNmtNUUhiWGFoRGc1RUE0dzNQQWpWNUwvRjZTdG8=&b=false VG
compressed
malicious
2172 chrome.exe GET 302 208.91.196.145:80 http://ww1.cpupk.com/trf?q=Computer+Benchmark+Test&&r=https%3A%2F%2Fr.search.yahoo.com%2Fcbclk%2FdWU9NkFEQzgyMENCNjg2NERGRCZ1dD0xNTU1MzMyOTI5MjYwJnVvPTc4MjcxNTAyNzQ1NzE3Jmx0PTImZXM9ZVVTaDk0UUdQUzliS0hRLQ--%2FRV%3D2%2FRE%3D1555361729%2FRO%3D10%2FRU%3Dhttps%253a%252f%252fwww.bing.com%252faclick%253fld%253de3Ahn-Gf0w5sTjYR8PoDipOjVUCUzQElM6F7-052_Lq2PtJAgrK5yazTorcHEc2jjxe6dc-K6MPy8yDhOvc06jPYiWsMQ7G5asTxcSFqLHdTHJvsyGWVHtbPebgnNfrmKmWPr93BnzOdvEctpBqZ88QZy7T6c%2526u%253daHR0cCUzYSUyZiUyZnd3dy52aW5kZW4ubmwlMmZ3cyUzZnElM2Rjb21wdXRlciUyNTIwdGVzdCUyNmRlJTNkYyUyNmFzaWQlM2R2bmRfYmFfZ2MzXzAxJTI2bXNjbGtpZCUzZDdhMTQ5OTI4ZmY5NzE5OWZkZGFlYzU5YzgwZDZkODEw%2526rlid%253d7a149928ff97199fddaec59c80d6d810%2FRK%3D2%2FRS%3DzpeQAe44cn7KQKFuSEVSDTP9JYU-&o=Jaxu8rWi4mmKpMOe4J6Rs4pbsiAFj4v5P2OBCeb6bw4qvNduG5cOYVuTZ8GSuBRLihuNpgE73QiPkoD34KZvCNtyA9KehE14QZyB9WITWnKwET%2Bz5cO5duKdTJePGGkqZUeqCeo4x5%2B5rhNvD%2FVVbCG31L9PeaX7OTo1mn5eywmgsV4pRtD%2B0lVtL2iOtolYxyhUXvvaNTfBHMxh5rl5p9Ab9CsKUDCoTIaNcaphIumzy1L9b3Z2TaJpKk1%2FBBgVMfmzkoJv7n4C%2F19j%2Bb5nbHHLdx4VNhrvOo7rDjgz1PB7XzXcUnPHXrDlt1MjlfBqzI%2FHgdmaewhCZ9QxCFSozXqPQN6396ddWie59ZF1KZGP9KHtJCyz9tMn%2FHKsBnUmJsUDEQlITBANi3Bgu%2FOG6YdsfgKQULJsYryww%2BjEdT8%3D&c=211130287852914240681777&n=iF6UL5dugSh6y4SWYfnxnWeSLQ81Hl237WlCZH1yjn%2B2T64Xyf%2FKxc%2B2ZKLl7NAyyrWugYFaK0EOJWMIyTafb4Nv0na6UQBWHifO0nKfb4gs1flt0UeG4V0rrgTuNqScqBpIzD4dsKPLydbLkCkoy0Jsx6PVkbDgSGFr007ZnPaE%2B6ZR9%2BBb2Uukjr59DimRDhGrHz4wyaC930DCPKFCl%2Bhay99uN4C%2BXfVAb8sb85fVhcKm8YBGxMGVyD%2BIjveD%2F%2F5VL32oAHWESCPUZvUIjAQiXexmI04dOwk1WuYv5boHNR1zuZb5awjG722hY5ZmHvm6Z6%2BIVJg2GlmJnHHXMVoui6Opl3W93EVLuwrS8eILj4lY9XexxqTjoYdtWwu3c0dOc82CxXKTU3vFOatZCKKyBxIPgIaKQmAYJDWfuxS4fpy%2FUELe5kGxfv56E9J0q4ShUagRJoXd6NtZAaoJ%2FR4GvEZe%2Bt%2F4KE3kTgID5pZEsRHPoBRXtJ1%2Fr4AyvKakXJgMjxlJmte9fyt9Jj4shm2oktUp77aPMBHjcIkRd4X3ajewu4qrn7SdorzgWblH&kgp=0&bd=1%23720%231280%231%230 VG
compressed
malicious
2172 chrome.exe GET 302 94.236.112.192:80 http://www.vinden.nl/ws?q=computer%20test&de=c&asid=vnd_ba_gc3_01&msclkid=7a149928ff97199fddaec59c80d6d810 GB
html
unknown
2172 chrome.exe GET 302 208.91.196.145:80 http://ww1.cpupk.com/RAM_Benchmark.cfm?fp=Xb3taa6Lzl8DD6wI26zlAlLxHxt4kKTSgKptXkTHh2153NfH4eSiTmmZr7Q1AkrXKJc2CC1dW8EYQCM7xY2RD%2FheMoJJaw01y23Z6Wj7Njl7bfJ2Lvw8RnKhDpSOHj%2FMr7r56XeWEoK5%2BFwIAH4luuZu9sqp8%2B2fryOQn1z3cSP3Zx5JXvqUyLbpzNpo66d1Z0ZvOQMrBhF%2FK26CycQxfg%3D%3D&yep=Ym2OX2reog9A5w62E1NFAueY01YPGHuhHFBodBG9I2xeBy0hnjdv8wL0HgHoAp%2FOCYkLsooXYuCWuYen5kmo%2F9eIbCc0wzqYLg6D%2F%2BpJCylw%2F0HsJj3xsnmKLZu2wdok59QhLe7iAErN%2F85pEW0z8Pfs00uVLUol1mqI2%2F18OS9jHBPUoMuz0gscMu7bHdh6Q7OWzaQCogInzEjpjqL3xr8qYgqlwN4MdtP%2BCtkdQNkT46BllXNYfF4ej%2BKbjZc0SxuiuYMoZNZjCK7k1Y13iaA3hSw5D7j1imwHoOvXGVRD3%2BKrFiAoGP4d5Zsu7TObk%2FrzvxPUtIUBIUkPgDIbVEUEOKxrzGicuenL6Zq1Qkg2t1UZaWxaZ9mYGnSSMmRTjtEdlH6m24Ucyw3YIyrdci8irBTDVKtLLNjwkQ%2FZZx7eFAuxd%2FEMipxScQdsl%2FHPVeAUMisxy7%2FhktY4mrw6klRncK7mixFeaeav7GB0WTh31PKpfIv3lPaUGnAp5I4tsgSKjsMTql6nfVQf%2F6R6NO2ILgHvaYfpPOzQnGLsSrSwCjULPpvKzH0GEIRiDMOxm8QjkI36hFt4I6Kbd85vPA%3D%3D&gtnp=0&gtpp=0&maxads=0&kld=1040&yprpnd=%2FeWU%2B4fWDR4ogE7HfT4adMthbPqvdlwNN7gBisjgchk%3D&prvtof=K%2BvlbC43UX0Hgr89qr7%2BnXklpmcoJ48WVV5w%2BYoHiGs%3D&&gtnp=0&gtpp=0&kt=210&&kbc=3997&ki=215667049&ktd=0&kld=1040&kp=2&bd=1%23720%231280%231%230%23572%23244 VG
compressed
malicious
2172 chrome.exe GET 200 109.201.133.71:80 http://cpupk.com/?pid=9PO4402G4&rpid=1PO8G3V7O NL
html
malicious
2172 chrome.exe GET 302 109.201.133.71:80 http://cpupk.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&pid=9PO4402G4&rpid=1PO8G3V7O&uuid=8ee2f44a-5f7d-11e9-b46f-ab0fe20a9faf NL
text
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/ VG
html
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/?fp=pHqhDYL1VhanPjbT4xFCctnNXaoduSi4FSKUeGYug6eGDBiXzFvTyZLErfhj%2BVohABPrNDsY1h7RJl34Z07JjrSxvBey4yfSNCAecYYJ2kLEMSmQ2E%2FR9rOdEomMsmKeFYDlo3zbwf6ne81ct3sFEx0sryq8otftNkNfUxUAYYw%3D&prvtof=kvEBjjiJTUhH5xBY0ZD1%2FSnc1w%2BkgOO2%2BA7mrmSHwi77RIrueGiKQPnbmpLuo8wRJI%2Fk1WiP6PGKFe4MfJ0QPw%3D%3D&poru=AmSiWbnpHGBwKT3jqO7fA9De3mxDrTIwHfuo4zo9Q9M6PXmKbjYogQM3wHfwCR1I& VG
html
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/sk-logabpstatus.php?a=OXFkTFdUOGRxRXNGSkp4cHFwVlRLQndEbzM0RVFUZ0JUc3Ywa0Z3RzRXWHRzdmIvZ2FvRXk2dkQwMEQ3b1pwV3FQV2pqQ3BjMzRiclJ3Ui9oaDVwV0ZDMzQxOWdETFAxeTRkdGtwUDNzRHByVzZVcTJCVEtFZmUxTVowLzBPeW0=&b=false VG
compressed
malicious
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/8243/h_bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/pics/8243/bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i4.cdn-image.com/__media__/pics/7867/srch-bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/8243/rhs.gif unknown
image
whitelisted
2172 chrome.exe GET 302 208.91.196.145:80 http://ww1.cpupk.com/RAM_Benchmark.cfm?fp=IZv3EzeN2ZhIkGlNsnWbtmdLwPpDwsNII2H40WEHl7jXT4LCh7HM7STe3aBGot0wrMMai71YGNODVvFlmo4tp63d2IztBJV48dKKV7P2FnyHXCcvWrzj%2FuF5Zj7lI5va4ZxIprI33KAe8cFKE0qIVALAME0a7piewWV3ii0LetJ9ggw7Gp5cgqNZrdbglqK9W6LhGdLb1xt%2B7sCdC0uzQA%3D%3D&yep=1%2FfDICmKwl2EXuLHqL8wlo0TUD%2FGkjsx6gVily%2Bv7lYwz2bpuQc9hZ%2BTYBd62cQrP8hdrrWGHXIIOhZGg76t5qTeHlehkI4e6VMxoAO3AqKEv%2BlDjBWdTpD0s5gREBk5%2FCckY0cV9H%2BPwdgPRAevt2cnbivY7D7oGV19qKz1KOhtcNgXj%2FfPEt42Agvil847D%2FXJogqdj78LZo2s992ehnnMiFUKH8pj3i5vVr3BJyKtlmNAb0isuAwQDptj8IloMLj1JnxGHkzR1RyZU6WqLMf8nLG4v8ZI82r3DBarIiVWKcc4iBfuYD%2BraCdpWTQUEqdp7Ha5oUv7PRgD3EuS1uNWB%2BmGB8DwAJk43VS%2FnUNuwP8MqPr2Q%2B0R9XyVRoLlbXfjEGHT1R3mIEqw7Rv2BYW15RJ3xOw28G%2BRPh3gHV98le64MNbIIBYfgYWBTXf%2FDzdb0TJwVok1u1mS401upiLNiopiHjTvwqFTEQe5GMcVguGGpjx0mYDsCa4ztGh5xQfMm4Bd0Zmb6MoHXSfePFzPfKnUGCEnN6SqAyPuhlK2uRzR0eNaByCehiwSY6yaJOcbB75Shc3%2BoUPe3ec6jQ%3D%3D&gtnp=0&gtpp=0&maxads=0&kld=1040&yprpnd=FCtDfQqnhPZw9hzXrYttX3A7I8HW4JOryWEtFrMHa8o%3D&prvtof=kvEBjjiJTUhH5xBY0ZD1%2FSnc1w%2BkgOO2%2BA7mrmSHwi77RIrueGiKQPnbmpLuo8wRJI%2Fk1WiP6PGKFe4MfJ0QPw%3D%3D&&gtnp=0&gtpp=0&kt=210&&kbc=3997&ki=215667049&ktd=0&kld=1040&kp=2&bd=1%23720%231280%231%230%23567%23236 VG
compressed
malicious
2172 chrome.exe GET 200 109.201.133.71:80 http://cpupk.com/?pid=9PO4402G4&rpid=1PO8G3V7O NL
html
malicious
2172 chrome.exe GET 302 109.201.133.71:80 http://cpupk.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqcyI6MX0.fADWc9hUOlh58R9UzufQBROmie3I7c7vE835oE6YmU4&pid=9PO4402G4&rpid=1PO8G3V7O&uuid=8ee2f44a-5f7d-11e9-b46f-ab0fe20a9faf NL
text
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/ VG
html
malicious
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/?fp=cvv0coPRoVldJSPjn6XF9ci%2FjehElt%2BDS1LPFQbtNnjIJuc%2F0ubXAAx7T7gup13l0ipAcHZmKucaRTySgLbCW2zwxkwdhs%2FMQt5bTiKwtvekzQlRZ%2Fz0Od%2BjLs1Kj5hPZpnw1Wy7H89hv2OuCVlP4kgTOu0jjyuCbBZ6orcCLi4%3D&prvtof=TDMJTeh7dusCZCERdjdw6%2BP18Bl4Zrgbe8lv1dt7JZVLvZUP9Kd8ra0p9Cg%2Bskj0F%2FXBnCN4KMl5TadnaNExqA%3D%3D&poru=CZUgpvcAcjyG3J2Br6Oe%2FvZb948kD7EzpbD0WBJNln%2Fj7jKdiRMMgoI5UGqr4SAP& VG
html
malicious
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/js/min.js?v2.2 unknown
text
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i3.cdn-image.com/__media__/pics/8243/logo.png unknown
image
whitelisted
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/sk-logabpstatus.php?a=S2k5NHE2QmpMeDZ5Z2ZOYUlEallISTRPNzh3am0vbDE2RlhXNllPK2FzUUVNdVFMSjFwNk9iZ1pzSkdaZWY5M2kzYWtCcWluakRqUnJFazhVbVhqd0FxTlBOUS9FVG4yQTkxYThQQWtYcXM9&b=false VG
compressed
malicious
2172 chrome.exe GET 200 2.16.186.106:80 http://i4.cdn-image.com/__media__/pics/8243/bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/7867/srch-bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/GPU_Benchmark.cfm?fp=gOmC7dIrFYfP8uvELQMFobS7Rg%2FP2TYUr2ml4b1%2F4%2BwKFOXRGZH3iTu2momHkCj2GNU%2BfnDmbtcnx908UsH6R3lpjR9jN8iNS05sw4aSA65GWk6p108m4evDxWWp5%2BdrwIMZWAi1QdfJ5vjKyi6qrZ8rK%2Bj%2B9TxdFSz938Rz2CxwZMNruA2N%2FYMQGGIMliROTLXuQ8Wx3lUo8KcgbGF6eQ%3D%3D&yep=JyIOhV7R9PBfkXKbyjOzCwD7Nhbv9AP0%2BuRWW3bNfFy7s%2Bm5NGsWBwEcSPjg9v22sjv4BVk%2BP1Ohk0o3pWQHuVp4KIeIaX%2F%2BA7nkd10CwmW%2F3QWcoS%2BFGvPRVkBewzBKHNgtx81pbU%2FIoDLRm9vGl9sz723Za1vt7WQMoNZclzovFRf2eDs6unEsoJJpoi47n8FqECmExoVNUjIJRJA6KUgASIyM8krfrT%2FDUV42AM7FkmNy1KOpIG%2BWIXRzDBHK3XUQSgRcq%2FK1Cjjxb7w9Uz28ZZUtm7IzM2G8WFydBiCUZsYT%2BAiYJuSLU1kNN%2FChcYbDIFchlJ4Vg%2Fv8YgA4FaFbNCCQvTWtxFLVH%2FAiQB0uajEIpY1JXQN6w1GNUz8Ss8UpTTxtB6u%2B4QUSk5CqYXCUFek7VeGIwa4Md6Fj3RfB%2FJl44r6N7apEZGjvzFJIxizW1Y8TbgBdVAoi0w6eBPOq3dEX00qG3887dTfq%2Fd%2FAuSJKcv5hxMNI58x86Y%2BmkzJbdKRCQJBDw8OqH%2BDiIPQhkNv6QVEpplDAoBuOq51qyH9WTBNocn%2BZcIxiHjFzihkUOHQ1sOJQoaZqxF565A%3D%3D&gtnp=0&gtpp=0&maxads=0&kld=1040&yprpnd=ZM1XWExt1F6ZqUgS2FQmFOjJY%2FaM0rEaylr4Z0rBJ4U%3D&prvtof=TDMJTeh7dusCZCERdjdw6%2BP18Bl4Zrgbe8lv1dt7JZVLvZUP9Kd8ra0p9Cg%2Bskj0F%2FXBnCN4KMl5TadnaNExqA%3D%3D&&gtnp=0&gtpp=0&kt=210&&kbc=3997&ki=91164402&ktd=0&kld=1040&kp=3&bd=1%23720%231280%231%230%23577%23297 VG
html
malicious
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/8243/logo.png unknown
image
whitelisted
2172 chrome.exe GET 200 208.91.196.145:80 http://ww1.cpupk.com/sk-logabpstatus.php?a=bVlFblF1UHJ2cEN2V1drZUdWdjM5TDVqUTdMRVFMSk5Dc1ZmV1lnYmVPY1c0N2MxaVNDMEkra2M2WDZYSzIzbzhDN2dHWVF3QWFuVUxQMUNNNlNiZFJ1ZkhIYnNCQmhLRlVrWEFkVFo4QkZ3bjgwNkE3UHZkTWtNTi9ZQm91czY=&b=false VG
compressed
malicious
2172 chrome.exe GET 200 2.16.186.64:80 http://i2.cdn-image.com/__media__/pics/9161/h_bg.gif unknown
image
whitelisted
2172 chrome.exe GET 200 2.16.186.106:80 http://i1.cdn-image.com/__media__/pics/9161/numArrowres.png unknown
image
whitelisted
2172 chrome.exe GET 302 208.91.196.145:80 http://ww1.cpupk.com/trf?q=GPU+Benchmark&&r=https%3A%2F%2Fr.search.yahoo.com%2Fcbclk%2FdWU9NTA5QTY5NkVFN0ZBNDc0OCZ1dD0xNTU1MzMyOTU2OTIzJnVvPTc5MDk2MTczNjk3NzE0Jmx0PTImZXM9aDAwT2QyQUdQUy5udWhDdg--%2FRV%3D2%2FRE%3D1555361757%2FRO%3D10%2FRU%3Dhttps%253a%252f%252fwww.bing.com%252faclick%253fld%253de3Nq6DYA5Zs2bZVNzWFbNeJjVUCUxgrieixQQwOBJTNjRFlJYkjAaL0XvoknIhGh7_t4rCyMhyVxhM2mAVRJx6Igl3J_-6Ze7xYUC4FqZSzTbLH41SLcqSaMx3sncUJoZht_HKDmQo3cCFH2-tBcCxOwUYDII%2526u%253daHR0cHMlM2ElMmYlMmZ3d3cuc21hcnRlci5jb20lMmZubCUyZmFyJTNmcSUzZGNwdSUyNTIwYmVuY2htYXJrcyUyNm8lM2Q3NjQ0MzAlMjZyY2glM2RpbnRsNTI2%2526rlid%253d15094ac0bca8107c91db1674c3f55ddb%2FRK%3D2%2FRS%3DHRDFmhS4BLKNNFjtSUHKffMf2mI-&o=BUehlsAnvQUT7S9vkBP0drvO5Pj1QV4LCpuJ6yniD6jlBA4uXZ5lPbunMd2FIVmqveT8CwEZuj7j4Fs6fS%2F1qa0zExCxj%2Fsk1ZINLH4Aw2gUQW%2BdYpKi%2B2TqpFDqO28IP1KSjq%2B0ZX%2FigEMVhhBQ0yguUv5STrqObWT%2BH6I9xlGgwNZicagga%2FuBSEPbo8%2FITyT%2B5YbVmgpzPdLFdfwNc8ZNQwHSVBxKaoAjEqBOJGxMOHvx7i3NzP%2F1ilYdgSN%2BHmI3CjCJNdjJgoULRkVBb%2FNze7dCde957XWStnmumNaxHXh0%2F3Kmr4MvwwZzw1R8R3Dtm0HL8Vor907kfYTUEz6LNhalWBZbO24jDAWj8XhBp7D7h0VziRIV9G%2Bz6SIsYq61bN11v4uDuct46zVbBqkFvbwgX2kxofHb3HgEuXs%3D&c=211030287855681155333170&n=SEhSJB1N23q1G1P3Fj8J5Z5VI8Okm51OYOZDGXlfuDNBSfP1WrphgC%2Fxar2HpPjNpYVe4TZK8MWwl8mMLJtgPsj%2BZg5Am18i39OE7cjzf6l90L7ff6%2BOf3dSpxVGMTOXOR3IYzSnCA5%2BHCGfAl4bdsCF9PkfLW2X72xBr5voblHJzv80lxYC4S1aAsAlcaQPmJ7kbftwRJbBNnh8bmlW3wvM8OI3OQbfsU0oyVvMjjkh370BzZ1RzI0Kyrve2ouljoKinj%2FQ4UNtPzTqC6ZH3rJFCkxp35%2FCzgSuGJrPU4ux0p3BpaOJK0F45wP6oSJNQ81yJAX407Vs1uH3%2FrORmA4i1qggp84f590Klg%2ByMIg4qRi32Kzy3xZj705soaiXZqRwZO2ycdZnSaHu86NQqD%2B89eBlPwaSrs5AZUpUthjM0hDXTqXmgztN50nS%2BNbI3YGK11iqC%2F5kdz1Yw0j565yp%2BzwrfdXMnfRbrRoAEVQC2s5lsMKeXKGw%2BPSmlX4lvy%2BGOrhz9dqTDvsrOFNrKQpV8GCo7z9twS1H41C0Kwg%3D&kgp=0&bd=1%23720%231280%231%230 VG
compressed
malicious
2172 chrome.exe GET 302 208.91.196.145:80 http://ww1.cpupk.com/trf?q=GPU+Benchmark&&r=https%3A%2F%2Fr.search.yahoo.com%2Fcbclk%2FdWU9NTA5QTY5NkVFN0ZBNDc0OCZ1dD0xNTU1MzMyOTU2OTIzJnVvPTc5NjQ1OTI5OTU1MzE4Jmx0PTImZXM9OTVVUXJGRUdQUy5sV3VVTg--%2FRV%3D2%2FRE%3D1555361757%2FRO%3D10%2FRU%3Dhttps%253a%252f%252fwww.bing.com%252faclick%253fld%253de3IAFBOgdWe4ceb8Ar89DpNTVUCUxZGMnr5PR97aqsjDMT8DJx5kCyS3ORH9ETORyE8-cYAyI4izKwOXUkLsRI0Z6C5w4xp7o9KpMB45LbnS8-fij_R0ydVep_PZpw85yVezCtKvkh3p7DoEL5mSakR21nTnw%2526u%253daHR0cHMlM2ElMmYlMmZ3d3cucHJvbnRvLmNvbSUyZm5sJTJmYXIlM2ZxJTNkY3B1JTI1MjBiZW5jaG1hcmtzJTI2byUzZDc2NTA1MSUyNnJjaCUzZGludGw1MjI%2526rlid%253d462f91785e891affc1e8cdcc21d466cb%2FRK%3D2%2FRS%3D6duChJptMtORulBw5oG5qJkAYbk-&o=%2B2e1kt50SZYiJXnTSf0dLVLtHAQwfXmVNSRduCYeRynoxph3VdWY9iG1gouMUjF%2B8jmnV2liLHHS0TVyRvi2abZyK2fafSu39h8HZ%2FOioGHrRKNZge%2BwISOQQirWpiMMIn%2BWSbt7TtkuewEyG9clcUG9jbRdsMnXSFaqQvbs5XawM24OjtqHOkp4PxAohbX3zNloRv0Mxkgtkddk5edglDTQdSFiju36et6pL%2B6dx63MhRNmGSqSrTl9wf74IfYBJdASw56CQfytOK1pKTkcg%2Bf1zGR07iydmnd9Fzg2XCvA%2FsE9tE5PC39TNHerRUyvO82UA11SkEa42gBTvg4yp8XMttT%2Bj1FIONY46Ff832LMx4%2F3EMoMkwKbD40yUl0tXIfDFz28jq1fZVqM%2FacUyIadVglWXB8HTAi5TCNQVeFE61UzE3uIeWGCqoRTY3nj&c=211030287855681155334367&n=cwKdkaSgKe4NSnnCs1ecOpQAkRIgn6oczeaA%2F4Xrws%2FHtqMlQ3AoQ%2Bg%2BFdg6gYXQcTmuwvVDMkF2AFBG8W3oGgukmXKi1HYpku4cJCaNlBbWjFFTb9WgMO8qwDQNyIc6jHxjGW9KmQ3i65HWzGqXqRaZxmrkhFnTPMb9EsyAc9EsjUhVm4N6rlC%2FrEYdRvUjhlEZ2SYFYxdnB2nBORSjqriSJR42x0Typ8j%2FqcAFJ4ixb4B%2BatGEFET0S11eRdWruYAoJsLS%2FqDr04XfTFeiOVdO9Xp1KaqaSdvibRCwpJKfbI3srGiW6mtiEKYgqdoxcNN7KJCBsMe6ZDZ%2BIJaSfJWbVG281eKX5%2B2POj1IwyGbN%2BFBsWVtE4lwK8O%2F3fNRR9p%2FZ7OWIcq3l6G1OV9xpSpj80BaXiEuedKWBKev0T82417Uw4ludp%2B4k%2BwiW8ygG%2BAu14JtsmFmj5%2B1jCx1zSUAQH1OgHXbeODks3y9MIK7tfMJGP8mdSY3MCpvkgEGjcRwGkxM%2BZuWC6QbRwbEtrWNtBQiwUXkeyVKV3oV2c4%3D&kgp=0&bd=1%23720%231280%231%230 VG
compressed
malicious

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2172 chrome.exe 216.58.207.67:443 Google Inc. US whitelisted
2172 chrome.exe 5.79.68.108:80 LeaseWeb Netherlands B.V. NL malicious
2172 chrome.exe 216.58.206.13:443 Google Inc. US whitelisted
2172 chrome.exe 208.91.196.145:80 Confluence Networks Inc VG malicious
2172 chrome.exe 2.16.186.106:80 Akamai International B.V. –– whitelisted
2172 chrome.exe 2.16.186.64:80 Akamai International B.V. –– whitelisted
2172 chrome.exe 172.217.16.142:443 Google Inc. US whitelisted
–– –– 172.217.21.238:80 Google Inc. US whitelisted
2172 chrome.exe 172.217.133.70:80 Google Inc. US whitelisted
2172 chrome.exe 172.217.16.131:443 Google Inc. US whitelisted
2172 chrome.exe 172.217.22.67:443 Google Inc. US whitelisted
2172 chrome.exe 172.217.16.202:443 Google Inc. US whitelisted
2172 chrome.exe 172.217.21.234:443 Google Inc. US whitelisted
2172 chrome.exe 212.82.100.137:443 Yahoo! UK Services Limited CH shared
2172 chrome.exe 204.79.197.200:443 Microsoft Corporation US whitelisted
2172 chrome.exe 94.236.112.192:80 Rackspace Ltd. GB unknown
2172 chrome.exe 94.236.112.192:443 Rackspace Ltd. GB unknown
2172 chrome.exe 172.217.23.164:443 Google Inc. US whitelisted
2172 chrome.exe 216.58.206.3:443 Google Inc. US whitelisted
2172 chrome.exe 172.217.16.200:443 Google Inc. US whitelisted
2172 chrome.exe 109.201.133.71:80 NForce Entertainment B.V. NL unknown
–– –– 109.201.133.71:80 NForce Entertainment B.V. NL unknown
2172 chrome.exe 151.101.2.114:443 Fastly US unknown
2172 chrome.exe 31.13.90.6:443 Facebook, Inc. IE whitelisted
2172 chrome.exe 68.232.35.38:443 MCI Communications Services, Inc. d/b/a Verizon Business US whitelisted
2172 chrome.exe 216.58.208.40:443 Google Inc. US whitelisted
2172 chrome.exe 172.217.18.14:443 Google Inc. US whitelisted
2172 chrome.exe 157.240.1.35:443 Facebook, Inc. US whitelisted
2172 chrome.exe 104.125.24.244:443 Akamai Technologies, Inc. NL unknown
2172 chrome.exe 74.125.133.155:443 Google Inc. US whitelisted

DNS requests

Domain IP Reputation
decompiler.cpupk.com 5.79.68.108
malicious
clientservices.googleapis.com 216.58.207.67
whitelisted
accounts.google.com 216.58.206.13
shared
ww1.cpupk.com 208.91.196.145
malicious
i3.cdn-image.com 2.16.186.106
2.16.186.64
whitelisted
i4.cdn-image.com 2.16.186.106
2.16.186.64
whitelisted
i1.cdn-image.com 2.16.186.106
2.16.186.64
whitelisted
i2.cdn-image.com 2.16.186.64
2.16.186.106
whitelisted
clients1.google.com 172.217.16.142
whitelisted
clients2.google.com 172.217.16.142
whitelisted
redirector.gvt1.com 172.217.21.238
whitelisted
r1---sn-f5f7lne6.gvt1.com 172.217.133.70
whitelisted
ssl.gstatic.com 172.217.16.131
whitelisted
www.gstatic.com 172.217.22.67
whitelisted
translate.googleapis.com 172.217.16.202
whitelisted
safebrowsing.googleapis.com 172.217.21.234
whitelisted
r.search.yahoo.com 212.82.100.137
whitelisted
www.bing.com 204.79.197.200
13.107.21.200
whitelisted
www.vinden.nl 94.236.112.192
unknown
www.google.com 172.217.23.164
whitelisted
images.vinden.nl 94.236.112.192
unknown
www.google.nl 216.58.206.3
whitelisted
ssl.google-analytics.com 172.217.16.200
whitelisted
cpupk.com 109.201.133.71
unknown
www.smarter.com 151.101.2.114
151.101.66.114
151.101.130.114
151.101.194.114
unknown
connect.facebook.net 31.13.90.6
whitelisted
www.googletagmanager.com 216.58.208.40
whitelisted
g.3gl.net 68.232.35.38
unknown
www.google-analytics.com 172.217.18.14
whitelisted
sb.scorecardresearch.com 104.125.24.244
whitelisted
www.facebook.com 157.240.1.35
whitelisted
www.pronto.com 151.101.2.114
151.101.66.114
151.101.130.114
151.101.194.114
unknown
stats.g.doubleclick.net 74.125.133.155
74.125.133.156
74.125.133.157
74.125.133.154
whitelisted

Threats

PID Process Class Message
2172 chrome.exe Generic Protocol Command Decode SURICATA STREAM excessive retransmissions

Debug output strings

No debug info.