General Info

URL

https://www2.openstax.org/e/218812/g-2022-b2s-drip-1-utm-term-CTA/wl92kr/1497717912?h=HSuHRYCRyt-F-ecjBAapuZ9KXhDmHMKf2aQXF90wOuQ

Full analysis
https://app.any.run/tasks/c358cfef-abe1-4c00-8deb-424061663760
Verdict
Malicious activity
Analysis date
14/01/2022, 21:18:26
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 64 bit)
Tags:

opendir

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
35 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 11.0.9600.18860 KB4052978
  • Adobe Acrobat Reader DC MUI (15.007.20033)
  • Adobe Flash Player 27 ActiveX (27.0.0.187)
  • Adobe Flash Player 27 NPAPI (27.0.0.187)
  • Adobe Flash Player 27 PPAPI (27.0.0.187)
  • CCleaner (5.35)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (64-bit) (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.1 (4.7.02558)
  • Microsoft Office Access MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Office 32-bit Components 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared 32-bit MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared 32-bit MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Single Image 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2005 Redistributable (x64) (8.0.61000)
  • Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (11.0.61030.0)
  • Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (11.0.61030)
  • Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (11.0.61030)
  • Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X64 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 67.0.4 (x64 en-US) (67.0.4)
  • Mozilla Maintenance Service (67.0.4)
  • Notepad++ (64-bit x64) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • QGA (2.14.32)
  • Skype™ 7.39 (7.39.102)
  • Update for Microsoft .NET Framework 4.7.1 (KB4054852) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (64-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Hyphenation Parent Package English
  • IE Spelling Parent Package English
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • InternetExplorer Package TopLevel
  • KB2479943
  • KB2491683
  • KB2506014
  • KB2506212
  • KB2506928
  • KB2509553
  • KB2532531
  • KB2533552
  • KB2534111
  • KB2545698
  • KB2547666
  • KB2552343
  • KB2560656
  • KB2563227
  • KB2564958
  • KB2579686
  • KB2585542
  • KB2585542 SP1
  • KB2598845
  • KB2603229
  • KB2604115
  • KB2620704
  • KB2621440
  • KB2631813
  • KB2640148
  • KB2653956
  • KB2654428
  • KB2656356
  • KB2656356 SP1
  • KB2660075
  • KB2667402
  • KB2685811
  • KB2685813
  • KB2685939
  • KB2690533
  • KB2698365
  • KB2705219
  • KB2706045
  • KB2719857
  • KB2726535
  • KB2727528
  • KB2729094
  • KB2729452
  • KB2732059
  • KB2732487
  • KB2736422
  • KB2742599
  • KB2750841
  • KB2758857
  • KB2761217
  • KB2763523
  • KB2770660
  • KB2773072
  • KB2786081
  • KB2789645
  • KB2789645 SP1
  • KB2791765
  • KB2799926
  • KB2800095
  • KB2807986
  • KB2808679
  • KB2809215
  • KB2813430
  • KB2834140
  • KB2836942
  • KB2836943
  • KB2840631
  • KB2843630
  • KB2847927
  • KB2852386
  • KB2853952
  • KB2861698
  • KB2862152
  • KB2862330
  • KB2862335
  • KB2864202
  • KB2868038
  • KB2871997
  • KB2872035
  • KB2884256
  • KB2888049
  • KB2891804
  • KB2892074
  • KB2893294
  • KB2893519
  • KB2894844
  • KB2900986
  • KB2908783
  • KB2911501
  • KB2912390
  • KB2918077
  • KB2919469
  • KB2931356
  • KB2937610
  • KB2943357
  • KB2952664
  • KB2966583
  • KB2968294
  • KB2970228
  • KB2972100
  • KB2972211
  • KB2973112
  • KB2973201
  • KB2973351
  • KB2977292
  • KB2978120
  • KB2978742
  • KB2984972
  • KB2985461
  • KB2991963
  • KB2992611
  • KB3003743
  • KB3004361
  • KB3004375
  • KB3006121
  • KB3006137
  • KB3010788
  • KB3011780
  • KB3013531
  • KB3019978
  • KB3020370
  • KB3021674
  • KB3021917
  • KB3022777
  • KB3023215
  • KB3030377
  • KB3031432
  • KB3035126
  • KB3035132
  • KB3037574
  • KB3042058
  • KB3045685
  • KB3046017
  • KB3046269
  • KB3054476
  • KB3055642
  • KB3059317
  • KB3060716
  • KB3067903
  • KB3068708
  • KB3071756
  • KB3072305
  • KB3074543
  • KB3075220
  • KB3076895
  • KB3078601
  • KB3078667
  • KB3080149
  • KB3084135
  • KB3086255
  • KB3092601
  • KB3092627
  • KB3093513
  • KB3097989
  • KB3101722
  • KB3107998
  • KB3108371
  • KB3108381
  • KB3108664
  • KB3109103
  • KB3109560
  • KB3110329
  • KB3115858
  • KB3115858 SP1
  • KB3122648
  • KB3124275
  • KB3126587
  • KB3127220
  • KB3133977
  • KB3137061
  • KB3138378
  • KB3138612
  • KB3138910
  • KB3139398
  • KB3139914
  • KB3140245
  • KB3147071
  • KB3150220
  • KB3155178
  • KB3156016
  • KB3156019
  • KB3159398
  • KB3161102
  • KB3161949
  • KB3161958
  • KB3170735
  • KB3170735 SP1
  • KB3172605
  • KB3177467
  • KB3179573
  • KB3184143
  • KB4019990
  • KB4040980
  • KB958488
  • KB976902
  • KB982018
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • Package 1 for KB2656356
  • Package 1 for KB2789645
  • Package 1 for KB3115858
  • Package 1 for KB3170735
  • Package 2 for KB2585542
  • Package 2 for KB2656356
  • Package 2 for KB2789645
  • Package 2 for KB3115858
  • Package 2 for KB3170735
  • Package 3 for KB2585542
  • Package 3 for KB2656356
  • Package 4 for KB2656356
  • Package 4 for KB2789645
  • Package 5 for KB2656356
  • Package 7 for KB2656356
  • PlatformUpdate Win7 SRV08R2 Package TopLevel
  • ProfessionalEdition
  • RollupFix
  • UltimateEdition
  • WUClient SelfUpdate ActiveX
  • WUClient SelfUpdate Aux TopLevel
  • WUClient SelfUpdate Core TopLevel
  • WinMan WinIP Package TopLevel

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Reads the computer name
  • chrome.exe (PID: 1232)
  • chrome.exe (PID: 1052)
  • chrome.exe (PID: 2792)
Checks supported languages
  • chrome.exe (PID: 1232)
  • chrome.exe (PID: 1212)
  • chrome.exe (PID: 448)
  • chrome.exe (PID: 2792)
  • chrome.exe (PID: 860)
  • chrome.exe (PID: 456)
  • chrome.exe (PID: 2412)
  • chrome.exe (PID: 1052)
  • chrome.exe (PID: 2352)
Reads the hosts file
  • chrome.exe (PID: 1232)
  • chrome.exe (PID: 1052)
Application launched itself
  • chrome.exe (PID: 1232)
Reads settings of System Certificates
  • chrome.exe (PID: 1052)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Video and screenshots

Processes

Total processes
44
Monitored processes
9
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
1232
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disk-cache-dir=null --disk-cache-size=1 --media-cache-size=1 --disable-gpu-shader-disk-cache --disable-background-networking "https://www2.openstax.org/e/218812/g-2022-b2s-drip-1-utm-term-CTA/wl92kr/1497717912?h=HSuHRYCRyt-F-ecjBAapuZ9KXhDmHMKf2aQXF90wOuQ"
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\lpk.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\sechost.dll
c:\windows\system32\userenv.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\profapi.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\advapi32.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\shell32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\user32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\samcli.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wbemcomn2.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\samlib.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\rsaenh.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome.dll
c:\windows\system32\netutils.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\psapi.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\credui.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\webio.dll
c:\windows\system32\secur32.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\propsys.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\wship6.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\slc.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\cscui.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\wbem\wmiperfinst.dll
c:\windows\system32\pdh.dll
c:\windows\system32\audioses.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\program files\microsoft office\office14\mlshext.dll
c:\program files\common files\microsoft shared\ime14\imejp\imjptip.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\webcheck.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\windows\system32\shdocvw.dll
c:\program files\common files\microsoft shared\ime14\imekr\imkrtip.dll
c:\windows\system32\mf.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\syncui.dll
c:\program files\windows sidebar\sbdrop.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\stobject.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\colorui.dll
c:\windows\system32\wininet.dll
c:\windows\system32\winspool.drv
c:\windows\system32\urlmon.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

PID
1212
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x84,0x88,0x8c,0x80,0x90,0x7fef5653ef8,0x7fef5653f08,0x7fef5653f18
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\gdi32.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\sechost.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\user32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\lpk.dll
c:\windows\system32\userenv.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msctf.dll
c:\windows\system32\usp10.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\shell32.dll

PID
448
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=408 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\lpk.dll
c:\windows\system32\ntdll.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\gdi32.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msctf.dll
c:\windows\system32\usp10.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_watcher.dll
c:\windows\system32\sechost.dll
c:\windows\system32\user32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll

PID
2792
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --gpu-preferences=KAAAAAAAAADgACAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=12604696801702740033 --mojo-platform-channel-handle=1116 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\kernel32.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\version.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\lpk.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\msctf.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\profapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\winspool.drv
c:\windows\system32\nsi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\webio.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\dwrite.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\winnsi.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\avrt.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\ole32.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\evr.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\atl.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\slc.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\swiftshader\libglesv2.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\swiftshader\libegl.dll

PID
1052
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --lang=en-US --service-sandbox-type=network --service-request-channel-token=5129757341701301222 --mojo-platform-channel-handle=1568 /prefetch:8
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\imm32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\userenv.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\rpcrt4.dll
c:\windows\system32\version.dll
c:\windows\system32\sechost.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\user32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\lpk.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\kernel32.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\psapi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dbghelp.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\secur32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dxgi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wship6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\windowspowershell\v1.0\powershell.exe
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll

PID
2352
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1828915497782822994 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\kernelbase.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\sechost.dll
c:\windows\system32\profapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msctf.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\lpk.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\psapi.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\nsi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\sspicli.dll

PID
860
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8428730744646909845 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2244 /prefetch:1
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\shlwapi.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\oleaut32.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\nsi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\winnsi.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\comdlg32.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wininet.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\psapi.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\uiautomationcore.dll

PID
456
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12395740541500719409 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2588 /prefetch:1
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\version.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msctf.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\normaliz.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\crypt32.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\webio.dll
c:\windows\system32\wininet.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\sspicli.dll

PID
2412
CMD
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1048,1262032317923515546,9175618153933257295,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAADgACAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=1335067446905022017 --mojo-platform-channel-handle=3384 /prefetch:2
Path
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google LLC
Description
Google Chrome
Version
75.0.3770.100
Modules
Image
c:\windows\system32\shell32.dll
c:\windows\system32\kernel32.dll
c:\program files (x86)\google\chrome\application\chrome.exe
c:\windows\system32\kernelbase.dll
c:\windows\system32\userenv.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\msctf.dll
c:\windows\system32\user32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\lpk.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\winmm.dll
c:\windows\system32\webio.dll
c:\windows\system32\msasn1.dll
c:\program files (x86)\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\nsi.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winspool.drv
c:\windows\system32\iertutil.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\secur32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\avrt.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\mf.dll
c:\windows\system32\slc.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\devobj.dll
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\atl.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\normaliz.dll

Registry activity

Total events
4485
Read events
0
Write events
48
Delete events
1

Modification events

PID
Process
Operation
Key
Name
Value
1232
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
(default)
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
1
1232
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
1232
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\14B\52C64B7E
LanguageList
en-US
1232
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13286668710328546
448
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
1232-13286668709687921
259
1052
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\14B\52C64B7E
LanguageList
en-US
1052
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\14B\52C64B7E
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
Document Encryption

Files activity

Executable files
0
Suspicious files
83
Text files
39
Unknown types
5

Dropped files

PID
Process
Filename
Type
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
––
MD5:  ––
SHA256:  ––
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
binary
MD5: 6c83cc6d3a9c755c805cc4076066465c
SHA256: da8e2b9070395fb52ecefd39112936efada6e913b770c0fa43926fdd6738738e
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF17e08c.TMP
binary
MD5: 3cd5e0a5929ab1f16a687ae55903ee67
SHA256: 991e28647978f11fe3348303dc1f01d7e29c0ae7385185646374ea605337bd0a
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\1e5261c6-f0f2-46fa-b4f5-295ba9bff807.tmp
binary
MD5: 6c83cc6d3a9c755c805cc4076066465c
SHA256: da8e2b9070395fb52ecefd39112936efada6e913b770c0fa43926fdd6738738e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\16005591e2bb2fde_0
binary
MD5: 2d63664dd526f73e88e043936a403076
SHA256: d5b8b80cec8b08797fe3f9cf868026c96dae1b4cf54baaf6430cfcf57bb48b11
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF17c786.TMP
text
MD5: 51d6a99c5613a0c061dc32a1b45933a4
SHA256: 7917c2a732d940a36509d790a2b6b43881940808a8fc69b3ed5b1c9e0d957ff8
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\26a52505-8671-487d-a3cb-1c5648e0fe71.tmp
text
MD5: 51d6a99c5613a0c061dc32a1b45933a4
SHA256: 7917c2a732d940a36509d790a2b6b43881940808a8fc69b3ed5b1c9e0d957ff8
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c89d61ef7c3702a0_0
binary
MD5: eb2a3da0a0670a413c5e61518167e9a6
SHA256: dfc193760c8f0d172a3829d52f8c87d86fcca4a6d4696e1af5bb3611d247d1e1
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ca90d8744ea5e991_0
binary
MD5: 1c2d64469b9e46e65e68c690b809143a
SHA256: 1af051e13df486961c002a8d9932b328ed189401368a8c47c9919fee0220d2cd
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\efdc568ff8ffc174_0
binary
MD5: a73011223506cfc107770af48788445d
SHA256: efa26d8066d5fd4d75590f79246c1a5cb801368a1d6c784c5626e30d2824a302
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ab194cbf37d59ce5_0
binary
MD5: e1cb5353f6a1a2f7c2ab7b69a15e5eb6
SHA256: aad76031e052543fde398987600f8352511cc61fa8f0dffb5e3ec653ca5f389a
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\50b7f2bbccc82e74_0
binary
MD5: 9001d74ef9960b7e0351a4055386595f
SHA256: 7619d1bfec5b0274bd485977e2826b9127e40537555a586e7622f0b3497c7f0d
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f12ab55d9822fbce_0
binary
MD5: 0111ac2d35b27c24c98073cffc2738a7
SHA256: db8d20248401c1fa17cf761fbd9a2ad43229903a84e67ac2dbdd1a69a7dd03b8
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\baa6b3ef0e3d8a48_0
binary
MD5: 72dca5cae47cb738875196b43417ac4e
SHA256: 265ca6ebe1c5856944ff1b44d16bb1618bf456b1a4ba9ddd0fa1ddb890b0b312
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d9f8cbf4fcf50f2_0
binary
MD5: a4f5ba01dc8b1fd8943c08442543b639
SHA256: bd8788e5fcb46b365c2f7f204a0a6a3249b0302672fbae393041475371914c15
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa36c1ef958dd7f4_0
binary
MD5: 00736661f9c70a8937b93d9dab5ef2ac
SHA256: c8dada00dff40fbd2a22ba99c9b7a7701c3d880bf6619263be2109fb72b0ceba
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\046fe68ec37250f0_0
binary
MD5: 66a7d98d422e4b929f23b78636dfd106
SHA256: 6805cee019daf70b4bbab66988045408e9b6d974b664d7cd8d499ea31382c605
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a9fba44cf5dbdc0e_0
binary
MD5: d5abfca558280614d8be1affd8b9fd8f
SHA256: b9b397ec540d25ff70cfadc97435c9275c3c34909dfa7a86c6326c0c7528277f
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a01bf623e7e532f5_0
binary
MD5: 40d4c72fa76c20eb0fffb4aa08f22051
SHA256: 94df356de34e0e3716fdf53fb11a23160dc5abfd523ee26e38af729e369bf55d
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f55082dc98f19b4_0
binary
MD5: cf2860d51b74819300f45234a5f25c37
SHA256: 8a8c5961df0ef6cf1ec6fd524a02ded4a5f518985b723e1e841c22caf2482034
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\971e4e22a0340c63_0
binary
MD5: 278f967a88b0a4bff2f1b930f5997286
SHA256: a29fb7aadecfa481a9fe7c2b44d0cf89c58c9fdd713f8ffa631472db99254a72
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\61545af7b4c91502_0
binary
MD5: 9f0fc4cd471258225becb7242b395dee
SHA256: 7b63567e400af8e4080b797c88740401a792f3e8ba08a9d268f41e908c260204
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\acfc0ea3acfd2bab_0
binary
MD5: d354ace48ed528c4920706cb3ba4342e
SHA256: 5fc0374b81ad42634c8376a6fd59daf770fcb4e2adbd078088667b0e00383dc2
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cecf70075dade3c7_0
binary
MD5: 42e563584fb813871bf54ba8c9b9980a
SHA256: 1caabf43e5a0a70ff0189b8e8b14100a39de17c5cf115dbf8261f8279aaf233c
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d3301304eaf5b79_0
binary
MD5: 73afdf4f88a12271e348295b0082a91a
SHA256: df2797cafe1eb15d8b7fc9c3d1bbe61c5e8466ec935dd392161b38f311240cac
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b9bf92fb21a987e_0
binary
MD5: b2d6f5102e4795a80f6b7d2afce0bc07
SHA256: 4f0ab0d843bb7c7ddc87eee4c71a2b289fd157cb86143982e62051fdc36356e1
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\53ba0ad363547abc_0
binary
MD5: cb2ed1090ce82f60125babe5f6af3134
SHA256: 60b77669b3d4ca452d6c750150267fe3d26f4c32c823ff7278d79689d84cb0c2
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83bbb76809de56d0_0
binary
MD5: a5fc2c761e121f5b0a30bea7ae378c6b
SHA256: 025dc1132216f2194111601772daadfe3e6d52e66015a583b016a65c73f0b45e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae3db4582d8d25f2_0
binary
MD5: 00704683001abc313c9f981bebce2bac
SHA256: d915476efce743969c879490c1a1a819cb88d60972db1daf4f84a395a128676f
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40f8dc60ce1b8d17_0
binary
MD5: 9e17df78f2c246b4eeeb164f4241a4b1
SHA256: f90e08ca69a24fbff5c7d034b101050bb26deed70b86c55fa8ec23fb18d6ae5a
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ba3e4f90eea873f_0
binary
MD5: f5e67ef3ceb53ee1be483568930d5ff9
SHA256: e04984b1191d2bf4c390149ad5077738db2e6f177f209333bede470c1dbc6140
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4817583e2a8c60e_0
binary
MD5: 4225f64016117eb66902c0a46137c357
SHA256: 0999142836bf5e3cfff5d2603f51367c2ef68f433e3e4c87b9fbccd29f3114ee
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c8616c21467f9143_0
binary
MD5: b81ff35bc28fa4f7155f9278c012e335
SHA256: e60ef32129c2b3ef7ebe2c809163a3f47b1c85c0bcab8723d5874546ce1d0356
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
der
MD5: c5dfb849ca051355ee2dba1ac33eb028
SHA256: cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9023a4f165b1c18e_0
binary
MD5: f51a1a08d260e720b4b5efb5c88e53d0
SHA256: f455d5adcfd71ae7342ffd3c59de6ccbcd5965ff5b4db4c6da19477009279f2e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\81a226b10674b504_0
binary
MD5: c0695b407bdcea90b3bc33cb9ae55c92
SHA256: 3298d20fd0eb61a535974670df286f5fd2e22afc8afa27354c472cce7d895b2e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\99b28091d5cfce0a_0
binary
MD5: 850b9cf0b8ee80937743362a811fb71b
SHA256: 1464e005ebeb48d48398393877f984faab41feadcfcef23552f682c842c4ce8c
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\15761287505a3326_0
binary
MD5: 41fe47b9f206a7ee279e7916e03b480b
SHA256: 0eeb126a103d3aad9b4e5a5dcbad72db4ba1e00aa29f53f985a53ecf408bd517
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
binary
MD5: ad11c6edd15d7e84e8da369ed63ce5ef
SHA256: d58a6a807f36005cea0c27d39816c836ab60299dea5ee3f5d1c6d5441660f000
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c3d14935b20996f_0
binary
MD5: 70f2681a8949299e1655da77141de102
SHA256: 33c9485bb142b7caae4487e11204c590cc77a9c321fb6d40f70fbdec53ad72f2
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9e9ad70d3fb3393_0
binary
MD5: b2809ff43b3902571da2df657aafd742
SHA256: bec487400fb185eb41d46a2fd14e6d42f619cc3d2f7112f4c224d652254717be
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7e1f4bd34a0590f_0
binary
MD5: f01bc1e54cb76e35b6265424b6a08af0
SHA256: b547fc0dd0d94331c2cf64f03277aa7c16e8389ac31a9de37d187cb74885cf15
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c97dc13ca179ff85_0
binary
MD5: 75c2820833b936bba17ce909bb7f7a8b
SHA256: e798693a289b0a74d9fabe81e6786d9c75f7d4e98d1d98f57d41ccef23fc7529
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f72b081faa8ccff7_0
binary
MD5: dbc7b9e607159f45af8bec36fb82e8ca
SHA256: 8738f402f32f741cfc9066512d1319a8af3ab03c2fe129e62039cb6c64e3c63c
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7743922afbc4db0f_0
binary
MD5: 689460a03c52b33065ddb0bc111f0a61
SHA256: bce19ade9da44022ca885f5460f7f94fb87f5e3a1f0591279ed62851b2765321
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f5b5bcb844d1834b_0
binary
MD5: ee39ba5cbb9528588b2de0cff2b4e054
SHA256: 0c194e6f6c6bc8263885fd155ff52e8ecb76c5c11a5858361a59e9fe6186d9d0
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41328085c9177610_0
binary
MD5: 9f136b86d0ccaf5aa59900d775220e2d
SHA256: df6a032494db864f057b66a9db1fd6d0a03c3879d4820d0b503c891ec13a8913
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\900d6729ce717dde_0
binary
MD5: 5ae636cdd1b4bf15c76a3d3804b902a3
SHA256: a189c16168425266c5585e29b3657ddc24d884d57ba5767bca432109d1cfa92e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4f0b2fb1585cd5dd_0
binary
MD5: e95eae7120e8b42a3a7d213e15f1aa5c
SHA256: 6689ba19f7cb3d87ad964de9c5a1b403a1869f658efb0bd744337284162b7c03
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\57331d0e04e82a7d_0
binary
MD5: c6fd6315c99f3681f19de71bd22338db
SHA256: 956ea970dabfe4d8d66e0cff38a54840e508cedcf05857342d1a8d6a82253a3f
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3f796df5880d70b1_0
binary
MD5: 531d8c6207a243bd1492d6b64a899f28
SHA256: e75bc33be498f28a5fa7cd1e6ff8e815328c7a1920ad1aa8b0a4141bd356ad60
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cdddd67c0ce28ee3_0
binary
MD5: 2021eaa8ebb9891e21124a30c0b272a9
SHA256: cfbcf2475d660f3de680e31b9874e2c5a07486921b06059663bf50bf1e345592
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2be70ff6e295482_0
binary
MD5: 2362f11f0183adf5be1d0936eb074784
SHA256: f96a1bf9ffd8e23b4c3e714c173f15cde129098178655e1eeca0564e40f79325
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF178b67.TMP
text
MD5: 7b0d11383b304611487c0590d6292985
SHA256: 765d7469a0993997548f51fb7a9b3d175dbac7226ca707e2b3d8eecbf5e49eea
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 36daa3865171824751d21d66c490ab1a
SHA256: 083e59b8368f8216feaf214c4219083e889c2e84195326f35001ce8ad8ff0cf2
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ebb83c34c86e3705_0
binary
MD5: 2c9eec12b5c3de48b8d3b610623f14ce
SHA256: cfe45690b4b05a18471fcfca6835e945b7bd111a81c04cc8a2ea3d8c48f88046
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF178caf.TMP
binary
MD5: 724dc5e5b4e0f1f5bb5e6552e745c026
SHA256: a67017fd88cf0e6ac17b453aed6a635a0c9e4dea51afb43825e9b988aa74ffef
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\369c617f6e1be41d_0
binary
MD5: cdf63f4cf56ca7f40204ee6cfd01ad11
SHA256: ea03ea42ebe9ab05dcb9d5cf77880a6f212d2995e0447586c8ff0939a5d8731f
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF17b3ee.TMP
binary
MD5: febac9f5a38e96d67c0b4b58b0812dc5
SHA256: b4a25a333c2b470ee8336f75c4c0e232abb1e1e613964a70994b19af2edc694e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9964351d8a0782d4_0
binary
MD5: 9f8c8dacf3f62f0b4d967c9759395ca0
SHA256: 688dc1074d9687cbf055d32ca205c47d10b5662cee3a96f7ffb450fe14bafac9
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\8d56e584-89f5-4600-96f2-661174d98bc8.tmp
binary
MD5: 3cd5e0a5929ab1f16a687ae55903ee67
SHA256: 991e28647978f11fe3348303dc1f01d7e29c0ae7385185646374ea605337bd0a
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d18395da7d37114_0
binary
MD5: 2f4ed8c78fce2f07e9c339eaf9a449e9
SHA256: 62c3199a3d1009ccf55d6444028bfeefeb0283a3f51b7af08cabd7375281a82b
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\740f834d2dd3b09f_0
binary
MD5: 5783dc453902f21e5b1e61316d5e8df7
SHA256: 76911800b5323d5555163cd07a9ddb35c1fdbef6e0393e139089f13b531899d6
1052
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\4d8f8fee-4fdc-4cb6-bff1-da8bee701cdc.tmp
binary
MD5: febac9f5a38e96d67c0b4b58b0812dc5
SHA256: b4a25a333c2b470ee8336f75c4c0e232abb1e1e613964a70994b19af2edc694e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b7410c497298b03_0
binary
MD5: 3b64b50e82a08b52d820fbcf6f7078ef
SHA256: 6ddc1ebe61bb94738a0b6ddaea83d9365fc0d0b8e8ba4835ca204026a517b575
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9c9b7df5b8ede35b_0
binary
MD5: 220de871fd4c55db3896741f07e78b26
SHA256: 5d465ab0502e39e87c6103cb9e40ad7ac600c712430f6be9c5fb67aa15c0b873
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c34285e8063b9f01_0
binary
MD5: 3086ffe7cf4f52cb94e1741fcdc1bef6
SHA256: cd39c9dc1c14f2f2d378f78cdf835c4cc09a47f313dbca50c46ce18f80979930
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\c12df762-afb3-4a12-bdcf-ebab001813fe.tmp
text
MD5: 36daa3865171824751d21d66c490ab1a
SHA256: 083e59b8368f8216feaf214c4219083e889c2e84195326f35001ce8ad8ff0cf2
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ec70ea8a68ef516_0
binary
MD5: 6a18cfaa50e550243178ee1db0a402ee
SHA256: 8086747c21726208143fbddd68efaf5d62a7afeb82596ce1d2f4b67cd9b50344
1052
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar735C.tmp
cat
MD5: d99661d0893a52a0700b8ae68457351a
SHA256: bdd5111162a6fa25682e18fa74e37e676d49cafcb5b7207e98e5256d1ef0d003
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7805572dbe3e59fc_0
binary
MD5: 0aa168719118f8fe1f6b2f4de200cb16
SHA256: 05c377ea4fccabaf1f77b768c7638b91dc569c26227b2a3207f4b1bd79a5e0fc
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF178b19.TMP
text
MD5: 2975d9fa9480b36c59f897319eb3b19f
SHA256: ea498f399c04ccd0a2734010d72f895040d93fdb5d55040eeab8bf7ce6fc19eb
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e2a6202e179cc58_0
binary
MD5: 6a2d1e614ec7153f11b4a533bafe3fd1
SHA256: eed73da9f392580b4ee508d930efb105aad34cb0320c10cceddf9d0df7bf8971
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1e85cdbbb6b5efc0_0
binary
MD5: 1f35eb57392ee5cd654b6a0967bf0f32
SHA256: 82373f54a4db0d5eb62198c1d2ce3361d513f74d5efc7efe3cc4c5e9eeb389a7
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
binary
MD5: ff35230406eb036d7d6be9aa293274c1
SHA256: 8ea2c9977dd5e632e8603274df77dbd5c01a9b8a8e4ce39aba22050747ae8caf
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\189f2d60e8abf170_0
binary
MD5: ff30f03b7b7b38a8870cf246f9fe6d3a
SHA256: 1c07065fb70e79bb48f7edaee179f1004e074996f253f424a7ed6238f388cea7
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0a8c7e021200f21a_0
binary
MD5: ec9ecc0ffb53ad843839cd96f44e78ac
SHA256: ec5b0d8186f50ff9255e6238b65f0042c38052e813f25f3b8c21bfbaf352376c
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
der
MD5: 55540a230bdab55187a841cfe1aa1545
SHA256: d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\3db045ee-1c79-46b2-bab8-0701651e7e67.tmp
text
MD5: 51d6a99c5613a0c061dc32a1b45933a4
SHA256: 7917c2a732d940a36509d790a2b6b43881940808a8fc69b3ed5b1c9e0d957ff8
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
binary
MD5: 55c4735f865d09ae0e0b0a9af649db31
SHA256: 08842ec7f47c33af9fe075e47c812b436ffb96313096453a902e5a1d77c86e12
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
binary
MD5: a99fd3496abfddc307415beefc0c3b4d
SHA256: eb6eff0a388e8f70a3e32cbcf929e760fee9ce81831074416b11b787cc94a4d4
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
compressed
MD5: acaeda60c79c6bcac925eeb3653f45e0
SHA256: 6b0ceccf0103afd89844761417c1d23acc41f8aebf3b7230765209b61eee5658
1052
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab735B.tmp
compressed
MD5: acaeda60c79c6bcac925eeb3653f45e0
SHA256: 6b0ceccf0103afd89844761417c1d23acc41f8aebf3b7230765209b61eee5658
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c52f375afd299dcd_0
binary
MD5: 64635a9bf57da214d060788f937a4173
SHA256: c33f06c0175607345a202603b2e4b443cbe9c783c481725820237b6dda02d280
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\07b55780044f234f_0
binary
MD5: aa3710b25de22850ec4816a9cecf234f
SHA256: d47abc7c6d3e1395bee53a43db6825475016a33dcfd8f898e3f7b64d1c9f3796
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\437bef5ee9f142e5_0
binary
MD5: 23c3a8308806256130fe18c422a70e42
SHA256: 1436f13843b698fd964872be1eb41bfc352555339b023cfd712d9e4065cb88de
1052
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
cat
MD5: d4ae187b4574036c2d76b6df8a8c1a30
SHA256: a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 7a7dd3f74fa307715866eab28e57e91a
SHA256: 2500aa4cf4a5996273364684f7e1bc3243d9b03a6b8b4f4f1b9399833dedee60
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old~RF176bf8.TMP
text
MD5: c0013363a304f0515a13041f0476743f
SHA256: c3c63bcf4caada0a2c01b2c15945d189e42b431fcd277a16b0f4907d7b4fdf1b
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 9c60c4c93d406e1c6e51c22ff89e2b10
SHA256: 32eeab24ecb12ac170cf60bedcccddb146835a7c4e97eefbd8af044782513910
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: c46f36ee5b2d52335e875e4a594543b9
SHA256: 2f9a41cb154d755f0e247b5eedf7756dcc6ed2b7547cf307b9d2f1ef8dfef0d3
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old~RF176699.TMP
––
MD5:  ––
SHA256:  ––
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG.old
––
MD5:  ––
SHA256:  ––
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
text
MD5: 0ba17e7990572e32f99197dbb807a9ae
SHA256: e4a087b507618abc4955def10651b2dfacdb50b7ff2de1b07a5c297bcb7daa41
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF17683f.TMP
text
MD5: ed03532b74669199745b9746263537bc
SHA256: 9f0c6d6047961836b9fcdf9400464c5bb3e8072d98c0682a906e5b9420a62a4a
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
binary
MD5: 16fd67d91540483c7c1d029d3aa39ae6
SHA256: 3c9b04c37907ce34d683996e5ef4106d0357c0130cbdd298188a160a6032e1c4
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old~RF17665b.TMP
text
MD5: 9c32f2a361d0451465a2868d1f647823
SHA256: ff6268eb50e5ab3f5cd2963932c354ae410129aebc5ec36fb09d2917a1bd7308
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 9b6e0513edf776a069f212dbab862d14
SHA256: 623d732674546568ffe74dd09aac2e8e8ab68e46692d3e50d300e80d4837be5f
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old~RF1765bf.TMP
text
MD5: f06b7894a14cb01c8b4f58d33bac2dd2
SHA256: 067ca56e863fe1df554f8cf44155a5aad0e2ebcedd7e66d77c270393b08ca526
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old
text
MD5: 2cdb2ec4d426442d6a4b3894bdf31aa5
SHA256: efa3727ab3828ad84c7c220636806e71777fcc6cbcd9eac1e9c733bbd6dae96a
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 10cf7eecdc7213a7aed437c8f831f92b
SHA256: 916128a4d2bea5dcd4a4235b729a0c82b2d9a1930f501192dcd54cf39a0b0789
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF176801.TMP
text
MD5: 11327e331c20eae708ec19f689702c33
SHA256: b1e90c8405e6d0599b9d23118a0e38e49f4a2b9514ad09d92b509bdea998edba
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old~RF17660d.TMP
text
MD5: 8eee649fcdb8fa2ec3d50458f1792260
SHA256: 6109712d799ac847d6715f204e565a9250b15bb4148844ce6788fa75710e7b45
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: c6c1a9af50f7c72361bd73480e0fb318
SHA256: e9a8e32f40b836d602a577d0255943a91f438191fdfbb14de66ebe612079cdbb
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old
text
MD5: bf3d2abadf911dae82e26e3c619e093c
SHA256: c174447718de6b9ab16aad3ed5631c1c60520214d34133e3147b8f19c65aa96c
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old
text
MD5: 04caa309e3f8880f3758b0ae4f52a91a
SHA256: 939eb21ca99ad38915b1a7f43f57a5f89c56c8a8302f6441ea68fa76b32278f1
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old~RF176532.TMP
text
MD5: 0a064b06145c3ce248038e68b504d54b
SHA256: c788ee3caac8ed4e6afb0e9953834a565ebef0e1d60190e0f7d2b01887840df1
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000024.dbtmp
text
MD5: c6c1a9af50f7c72361bd73480e0fb318
SHA256: e9a8e32f40b836d602a577d0255943a91f438191fdfbb14de66ebe612079cdbb
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old
text
MD5: f57612e71fce9a73bbe603b7f71283f4
SHA256: 7b66f095e55351b3f178b78d877923c38353e80a9637552f0840eb3dd3d7d50b
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF17659f.TMP
text
MD5: 6671db8c02f3c234bc5b756619a0ed77
SHA256: f7858098c26ef2a143b0e7cafbc03040c3c1c3185f446517108a7bdd2a6d9c4d
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old~RF1764f3.TMP
text
MD5: 58e28fb62a1db9f38da83d5028cf1ba5
SHA256: 2bdb53c81cc175f232bf127a2c1d16991ee4599176f188944a3f2070d92bc9b3
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old~RF1764e4.TMP
text
MD5: f1b02ab14358a138daa4f4071e700a47
SHA256: 5a0b423511fe8784b0e2bfe94cb4c4a6c54fc53612143fc07c52d5d2b783fff8
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61E1E8A5-4D0.pma
––
MD5:  ––
SHA256:  ––
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: 963ed646a41c3dcef8b1a846a70b0e99
SHA256: fa6fbcdcfd899a377dddd9b259ad140edeedc7ad90dd49ee22edd3e1f66f2d7f
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: c6b9a05fd15975fff5c2f43b077282d0
SHA256: 3a528b467033205a860f933d55da85a6533d035d33097eb7d2f9a10e79c12308
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 352f40ad53ab7f1152cad77c58a149a5
SHA256: bc7a7a8b6d0e52c14fb25c6715e244a2f0127f2fbfb5f2ba78e9df663605b55e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
binary
MD5: cb365a74345514912554055d740a43c1
SHA256: 7d79b7d7eeaa370246e6f584f77aa546fdc41be365d4246edb6910ed68663b58
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old~RF1764d4.TMP
text
MD5: 6519e8c7ce15713e3378b95f11f75e19
SHA256: 2a160e205e88700bc807a81abc6542fa9e0666266d71fda1acafaf4397583436
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: 56052c3cba145d49130b2518f4724e40
SHA256: e267f083aeb0c0de2b4ec93d65a3bc13d5ee6e06f61c4d07d049bc1f1af5a343
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: fc009d5e3c6db37f901ecad1f5122a32
SHA256: 659b898ded54e27c8f95eecd693cfae624ffbf4d1cb8539e7fd24bdc4525c285
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF1764e4.TMP
text
MD5: b245aaa3571c9adbedbfbbbfacef624d
SHA256: 00e5026f0f64f9a25dc2407361a74f167c1f65a88b5087e6ccb7c56527e1679e
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF1764f3.TMP
text
MD5: 5adbb7aa4f0cd9335f9884f5c89f10bb
SHA256: 69d66abb57bed2d642097f32061e77cffce42f2a9ffa6ba95f2764cc59c4f538
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old~RF1764f3.TMP
text
MD5: e2ac0b7af53a1d0a1583853af31f45e3
SHA256: 2765035b4f31069b8834687986517759c8d687ce8b5c0ce7e202aea12ce12f42
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\3f069846-c3ef-4345-bfc3-13d8cc2d1195.tmp
binary
MD5: 5058f1af8388633f609cadb75a75dc9d
SHA256: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: 1a89a1bebe6c843c4ff582e7ed33ca1f
SHA256: 65099ca087b66aa8ca420ab121daad713e1db5a61c5a574d9b1c0df24f012520
1232
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c7925a6b262c5676d1c36638981a6ea
SHA256: 07f6fb1e9cbce4d15c00a9fbf9a95c1f31de20c4c48b433198862e8759cd128d
1212
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
gmc
MD5: b6d81b360a5672d80c27430f39153e2c
SHA256: 30e14955ebf1352266dc2ff8067e68104607e750abb9d3b36582b8af909fcb58

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
5
TCP/UDP connections
64
DNS requests
41
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
1052 chrome.exe GET 200 72.247.185.59:80 http://apps.identrust.com/roots/dstrootcax3.p7c NL
cat
shared
1052 chrome.exe GET 200 209.197.3.8:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?43e959b925083603 US
compressed
whitelisted
1052 chrome.exe GET 200 209.197.3.8:80 http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/CABD2A79A1076A31F21D253635CB039D4329A5E8.crt?54f16d6ad0295c7c US
der
whitelisted
1052 chrome.exe GET 200 143.204.214.125:80 http://x.ss2.us/x.cer US
der
whitelisted
1052 chrome.exe GET 200 104.18.21.226:80 http://secure.globalsign.com/cacert/root-r3.crt US
der
whitelisted

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
1052 chrome.exe 142.250.186.77:443 Google Inc. US unknown
1052 chrome.exe 72.247.185.59:80 Akamai International B.V. NL whitelisted
1052 chrome.exe 209.197.3.8:80 Highwinds Network Group, Inc. US suspicious
–– –– 13.224.193.54:443 US malicious
1052 chrome.exe 142.250.187.174:443 Google Inc. US whitelisted
1052 chrome.exe 104.19.148.8:443 Cloudflare Inc US shared
1052 chrome.exe 185.60.216.19:443 Facebook, Inc. IE whitelisted
1052 chrome.exe 13.225.80.92:443 US unknown
1052 chrome.exe 143.204.214.125:80 US suspicious
1052 chrome.exe 13.224.193.3:443 US unknown
1052 chrome.exe 18.66.248.37:443 Massachusetts Institute of Technology US unknown
1052 chrome.exe 157.240.20.35:443 Facebook, Inc. US whitelisted
1052 chrome.exe 34.105.198.99:443 US unknown
1052 chrome.exe 34.255.166.68:443 Amazon.com, Inc. IE suspicious
1052 chrome.exe 216.58.212.163:443 Google Inc. US whitelisted
1052 chrome.exe 172.217.17.110:443 Google Inc. US whitelisted
1052 chrome.exe 142.250.181.232:443 Google Inc. US suspicious
1052 chrome.exe 104.17.225.78:443 Cloudflare Inc US unknown
1052 chrome.exe 34.120.195.249:443 US unknown
–– –– 92.123.224.51:443 Akamai International B.V. –– unknown
–– –– 172.217.20.66:443 Google Inc. US whitelisted
–– –– 199.232.136.157:443 US unknown
1052 chrome.exe 74.125.133.156:443 Google Inc. US whitelisted
–– –– 74.125.133.156:443 Google Inc. US whitelisted
–– –– 13.107.42.14:443 Microsoft Corporation US suspicious
1052 chrome.exe 172.217.16.132:443 Google Inc. US whitelisted
–– –– 104.244.42.131:443 Twitter Inc. US unknown
–– –– 104.244.42.5:443 Twitter Inc. US suspicious
1052 chrome.exe 142.250.186.99:443 Google Inc. US whitelisted
–– –– 142.250.186.99:443 Google Inc. US whitelisted
1052 chrome.exe 18.66.112.90:443 Massachusetts Institute of Technology US unknown
–– –– 104.18.21.226:80 Cloudflare Inc US shared
–– –– 172.217.18.98:443 Google Inc. US whitelisted
1052 chrome.exe 151.101.2.133:443 Fastly US malicious
1052 chrome.exe 92.123.224.98:443 Akamai International B.V. –– unknown
1052 chrome.exe 13.224.193.115:443 US suspicious
1052 chrome.exe 52.86.94.156:443 Amazon.com, Inc. US unknown
1052 chrome.exe 13.224.193.54:443 US malicious
1052 chrome.exe 151.101.2.110:443 Fastly US suspicious
–– –– 18.66.97.43:443 Massachusetts Institute of Technology US unknown
1052 chrome.exe 35.174.150.168:443 Amazon.com, Inc. US malicious
1052 chrome.exe 54.164.226.60:443 Amazon.com, Inc. US unknown
1052 chrome.exe 52.4.238.53:443 Amazon.com, Inc. US unknown

DNS requests

Domain IP Reputation
accounts.google.com 142.250.186.77
shared
www2.openstax.org 35.174.150.168
unknown
apps.identrust.com 72.247.185.59
72.247.185.41
shared
ctldl.windowsupdate.com 209.197.3.8
whitelisted
openstax.org 13.224.193.54
13.224.193.115
13.224.193.56
13.224.193.16
whitelisted
www.googleoptimize.com 142.250.187.174
whitelisted
www.google-analytics.com 172.217.17.110
shared
pi.pardot.com 35.174.150.168
whitelisted
script.crazyegg.com 104.19.148.8
104.19.147.8
whitelisted
connect.facebook.net 185.60.216.19
shared
x.ss2.us 143.204.214.125
143.204.214.29
143.204.214.104
143.204.214.191
whitelisted
js.pulseinsights.com 13.225.80.92
13.225.80.83
13.225.80.31
13.225.80.38
whitelisted
pagestates-tracking.crazyegg.com 13.224.193.3
13.224.193.116
13.224.193.121
13.224.193.63
shared
assets-tracking.crazyegg.com 18.66.248.37
18.66.248.92
18.66.248.91
18.66.248.47
malicious
tracking.crazyegg.com 34.255.166.68
99.81.19.154
34.249.212.247
whitelisted
www.facebook.com 157.240.20.35
shared
survey.pulseinsights.com 34.105.198.99
unknown
ssl.gstatic.com 216.58.212.163
shared
www.googletagmanager.com 142.250.181.232
whitelisted
fast.fonts.net 104.17.225.78
104.17.224.78
whitelisted
o484761.ingest.sentry.io 34.120.195.249
unknown
snap.licdn.com 92.123.224.51
92.123.224.65
92.123.224.25
92.123.224.91
whitelisted
static.ads-twitter.com 199.232.136.157
whitelisted
www.googleadservices.com 172.217.20.66
whitelisted
cdn.abrankings.com 18.66.97.43
18.66.97.42
18.66.97.48
18.66.97.114
whitelisted
px.ads.linkedin.com 13.107.42.14
whitelisted
stats.g.doubleclick.net 74.125.133.156
74.125.133.154
74.125.133.155
74.125.133.157
whitelisted
t.co 104.244.42.5
104.244.42.133
104.244.42.69
104.244.42.197
shared
analytics.twitter.com 104.244.42.131
104.244.42.3
104.244.42.67
104.244.42.195
whitelisted
www.google.com 172.217.16.132
shared
www.google.co.uk 142.250.186.99
whitelisted
googleads.g.doubleclick.net 172.217.18.98
whitelisted
www.linkedin.com 13.107.42.14
whitelisted
assets.openstax.org 18.66.112.90
18.66.112.30
18.66.112.111
18.66.112.32
unknown
fast.wistia.com 151.101.2.110
151.101.66.110
151.101.194.110
151.101.130.110
whitelisted
secure.globalsign.com 104.18.21.226
104.18.20.226
whitelisted
embedwistia-a.akamaihd.net 92.123.224.98
92.123.224.26
whitelisted
embed-fastly.wistia.com 151.101.2.133
151.101.66.133
151.101.130.133
151.101.194.133
whitelisted
distillery.wistia.com 52.86.94.156
54.86.117.43
whitelisted
pipedream.wistia.com 54.164.226.60
174.129.139.249
whitelisted
fg8vvsvnieiv3ej16jby.litix.io 52.4.238.53
34.192.199.150
52.71.4.132
44.196.102.166
52.2.254.220
3.225.203.229
shared

Threats

No threats detected.

Debug output strings

No debug info.