General Info

File name

index.html

Full analysis
https://app.any.run/tasks/b7a1707c-6b93-4b3a-8243-dd53945d8c0b
Verdict
Malicious activity
Analysis date
2/11/2019, 06:13:28
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

MIME:
text/html
File info:
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5

c08fb201faa1b75f063ba1bc1702cb5a

SHA1

95ac117a0d93be1166913f4308e89a764af842aa

SHA256

9b88db0294f1266f5b6a270a66cb0f788ada14ddb2e735f4ee38b75f7efa33e7

SSDEEP

1536:ClsvGpYXfkZkriM/7GVynMNWpFOlOXfDlf2k76KGwur4BF/3/52q/fnY:wsvGpYXfkZkriA7GVynMNSOlOXfDlf23

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
60 seconds
Additional time used
none
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

No suspicious indicators.

Reads internet explorer settings
  • iexplore.exe (PID: 2208)
  • iexplore.exe (PID: 3312)
Changes internet zones settings
  • iexplore.exe (PID: 2836)
Application launched itself
  • iexplore.exe (PID: 2836)
  • chrome.exe (PID: 3028)
Dropped object may contain TOR URL's
  • iexplore.exe (PID: 2208)
Creates files in the user directory
  • iexplore.exe (PID: 3312)
  • iexplore.exe (PID: 2208)
Reads Internet Cache Settings
  • iexplore.exe (PID: 2208)
  • iexplore.exe (PID: 3312)
Reads settings of System Certificates
  • iexplore.exe (PID: 2208)
  • chrome.exe (PID: 3028)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.htm/html
|   HyperText Markup Language with DOCTYPE (80.6%)
.html
|   HyperText Markup Language (19.3%)
EXIF
HTML
viewport:
width=device-width, initial-scale=1
Title:
Strona główna | Wirtualne Legionowo
Generator:
WordPress 4.9.9
msapplicationTileImage:
http://wirtualnelegionowo.pl/wp-content/uploads/2016/03/cropped-Profilowe-270x270.jpg

Screenshots

Processes

Total processes
43
Monitored processes
13
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start iexplore.exe iexplore.exe no specs iexplore.exe chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2836
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\admin\AppData\Local\Temp\index.html
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\cryptbase.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\url.dll
c:\windows\system32\version.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\msfeeds.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\program files\common files\microsoft shared\ink\tiptsf.dll
c:\windows\system32\naturallanguage6.dll
c:\windows\system32\nlsdata0009.dll
c:\windows\system32\nlslexicons0009.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\tquery.dll
c:\windows\system32\structuredquery.dll
c:\windows\system32\secur32.dll
c:\windows\system32\mlang.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\wer.dll

PID
3312
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2836 CREDAT:79873
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
No indicators
Parent process
iexplore.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\rpcrtremote.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\rsaenh.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\program files\java\jre1.8.0_92\bin\ssv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\version.dll
c:\progra~1\micros~1\office14\urlredir.dll
c:\windows\system32\secur32.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\progra~1\micros~1\office14\msohev.dll
c:\program files\java\jre1.8.0_92\bin\jp2ssv.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\deploy.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll

PID
2208
CMD
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:2836 CREDAT:203009
Path
C:\Program Files\Internet Explorer\iexplore.exe
Indicators
Parent process
iexplore.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Internet Explorer
Version
8.00.7600.16385 (win7_rtm.090713-1255)
Modules
Image
c:\program files\internet explorer\iexplore.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\internet explorer\ieshims.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\cryptsp.dll
c:\program files\internet explorer\sqmapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\profapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mlang.dll
c:\windows\system32\uxtheme.dll
c:\program files\java\jre1.8.0_92\bin\ssv.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\version.dll
c:\progra~1\micros~1\office14\urlredir.dll
c:\windows\system32\secur32.dll
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
c:\progra~1\micros~1\office14\msohev.dll
c:\program files\java\jre1.8.0_92\bin\jp2ssv.dll
c:\program files\java\jre1.8.0_92\bin\msvcr100.dll
c:\program files\java\jre1.8.0_92\bin\deploy.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\winmm.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\ksuser.dll
c:\windows\system32\avrt.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wship6.dll
c:\windows\system32\audioses.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\midimap.dll
c:\windows\system32\iepeers.dll
c:\windows\system32\winspool.drv
c:\windows\system32\jscript.dll
c:\windows\system32\t2embed.dll
c:\windows\system32\userenv.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\credssp.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\dxtrans.dll
c:\windows\system32\atl.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\dxtmsft.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\d3dim700.dll
c:\windows\system32\msxml3.dll

PID
3028
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe"
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\credui.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll

PID
3932
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x78,0x7c,0x80,0x74,0x84,0x6cd200b0,0x6cd200c0,0x6cd200cc
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3516
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3012 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_watcher.dll

PID
3036
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=57E9BE88CD071886AB8F783894AD4F17 --mojo-platform-channel-handle=980 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
2448
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --service-pipe-token=CA89488523988371A2063178B572793C --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=CA89488523988371A2063178B572793C --renderer-client-id=5 --mojo-platform-channel-handle=1916 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3224
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --service-pipe-token=FD14016F4099A3F2C4A3E5219885E7EE --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FD14016F4099A3F2C4A3E5219885E7EE --renderer-client-id=3 --mojo-platform-channel-handle=2088 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2276
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=ECEB05086FEC9934820723450AF62788 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=ECEB05086FEC9934820723450AF62788 --renderer-client-id=6 --mojo-platform-channel-handle=3540 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2296
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=7BF8D8707265B07096D6A637B1D4A6E2 --mojo-platform-channel-handle=3772 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2232
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=0FCDC6A6FEA5C4916E448CD4274634DB --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=0FCDC6A6FEA5C4916E448CD4274634DB --renderer-client-id=8 --mojo-platform-channel-handle=3968 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2844
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=936,11888443782932172974,12728857008823790944,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=C277E8EA65281E1260397AF7A2B8E58C --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C277E8EA65281E1260397AF7A2B8E58C --renderer-client-id=9 --mojo-platform-channel-handle=4204 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

Registry activity

Total events
1036
Read events
899
Write events
133
Delete events
4

Modification events

PID
Process
Operation
Key
Name
Value
2836
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018082720180903
2836
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012018090920180910
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
CompatibilityFlags
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
SecuritySafe
1
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000069000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Recovery\Active
{D50FA0BD-2DBB-11E9-BAD8-5254004A04AF}
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Type
4
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Count
3
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4F3C-8081-5663EE0C6C49}\iexplore
Time
E307020001000B0005000D003A00BE01
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Type
4
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Count
3
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\iexplore
Time
E307020001000B0005000D003A00BE01
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
FullScreen
no
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Window_Placement
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF20000000200000004003000078020000
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Links
Order
08000000020000000C01000001000000020000007E0000000000000070003200EC000000464B245120005355474745537E312E55524C0000540008000400EFBE454B974D464B24512A000000F94300000000020000000000000000000000000000005300750067006700650073007400650064002000530069007400650073002E00750072006C0000001C00000000000000820000000100000074003200E2000000464B24512000574542534C497E312E55524C0000580008000400EFBE454B864A464B24512A000000743E0000000003000000000000000000000000000000570065006200200053006C006900630065002000470061006C006C006500720079002E00750072006C0000001C00000000000000
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Path
C:\Users\admin\Favorites\Links\Suggested Sites.url
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
FeedUrl
https://ieonline.microsoft.com/#ieslice
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayName
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
ErrorState
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0
DisplayMask
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Path
C:\Users\admin\Favorites\Links\Web Slice Gallery.url
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
Handler
{B0FA7D7C-7195-4F03-B03E-9DC1C9EBC394}
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
FeedUrl
http://go.microsoft.com/fwlink/?LinkId=121315
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayName
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
ErrorState
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1
DisplayMask
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
4
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E307020001000B0005000E002000DD01
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
LoadTime
15
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
4
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E307020001000B0005000E002000FD01
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
LoadTime
34
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
4
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E307020001000B0005000E0020000C02
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
LoadTime
29
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url1
http://www.wirtualnelegionowo.pl/
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url2
http://fb.com/
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url3
ecollege.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url4
searchalgo.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url5
pantip.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url6
popcash.net
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url7
mit.edu
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url8
instagram.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url9
.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url10
wetransfer.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url11
ebay.it
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url12
timeanddate.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url13
rule.tmall.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url14
torrent
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs
url15
aliexpress.com
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019021120190212
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019021120190212
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019021120190212
CachePrefix
:2019021120190212:
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019021120190212
CacheLimit
8192
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019021120190212
CacheOptions
11
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012019021120190212
CacheRepair
0
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
7EC43EAEC8C1D401
2836
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\WindowsSearch
UpgradeTime
D82641AEC8C1D401
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Type
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Count
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
Time
E307020001000B0005000D003A006A02
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\iexplore
LoadTime
16
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Type
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Count
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
Time
E307020001000B0005000D003A009902
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\iexplore
LoadTime
34
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Type
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Count
3
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
Time
E307020001000B0005000D003A00E702
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore
LoadTime
33
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
3312
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
460000006A000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2208
iexplore.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012018082820180829
2208
iexplore.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication
Name
iexplore.exe
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019021120190212
CachePath
%USERPROFILE%\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012019021120190212
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019021120190212
CachePrefix
:2019021120190212:
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019021120190212
CacheLimit
8192
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019021120190212
CacheOptions
11
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\MSHist012019021120190212
CacheRepair
0
2208
iexplore.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\ErrorReporting
LastShipAssertTime
08142EAEC8C1D401
3028
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
3028
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
3028
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
3028
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
3028
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
3028
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3028
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13194335683077484
3028
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
3516
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
3028-13194335681827484
259

Files activity

Executable files
0
Suspicious files
54
Text files
189
Unknown types
19

Dropped files

PID
Process
Filename
Type
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
binary
MD5: cd91de4edc23cb6c236e6fe9bff3c031
SHA256: f79e55363377ea8c8223526ac82c604051a9f28b7cb45773ed538cb37c50bb87
2836
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012019021120190212\index.dat
dat
MD5: 2224008c5f5513f332a682f4d619ff61
SHA256: 8f1cedd1b34f7919aec0f7e16911282130227f593769ccacacd07195f462a7c6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
woff2
MD5: 21ea92a8ba2f89d37eb03fccd96bd52e
SHA256: 53e0846fc445f969ec69c3bd6f521ed71bb13ed46b6f3a7a964c8664bdd4b196
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
woff2
MD5: 0161c227f906d426b759cc1326a38215
SHA256: 6969364e56a0268ed191a7d1ee9a591312d8c792a5f173e961366fc0d1f5b4df
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
woff2
MD5: 5b2af1710ea19711951b2114c8e8db01
SHA256: 9d506504c6029948917d949ecf326bacb8d8f723d81c048c7cbdff295dcb8977
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
woff2
MD5: 63b22b7945f520d76fd0026511f03909
SHA256: 1900d2167a186564c118ae6e19b6806a6d0db1a91f094cef676cd58c2b8effe7
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
compressed
MD5: a6ce90b9145f18e7a721eb3819daaaab
SHA256: 94fe45c14a2ce4fd5f1401c835e5d63111ebf89ff58e03d6b780592f02abf778
3028
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: e0de636b4e7c0e289e099d1deb85e95d
SHA256: 3cf43e38d4755f660c930cdb1582458ab7fff78fae748a77db0b1aa46e7e6b96
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
image
MD5: 8687a1a4f0607b07919b75d767d753e2
SHA256: 8b0e1065fec41dca663c9733889087bf560d26136f526b9fd62687aca37d5628
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar6AD6.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
image
MD5: f877ccfc265f95dff95faafcbcb4aee9
SHA256: 60b8155e58faf2abb6a2d37ac45f055d1c0293bdafc7e5b9fbf978bfaece681e
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab6AD5.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
image
MD5: 0e73e0da33d72e2c66a7247e7026a135
SHA256: ca02a4679df98eb9beaa2725975d067ed587f5fe11bd17353cd83063f3450660
3028
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: bb377df27a55c05bb3793cd1e125c869
SHA256: 3c4ec495f17d21cc236bc7238bc02728bd945c07157fbf875cac340269afc207
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
image
MD5: 30007d5d05ad1bc6aaafd9444c687d8f
SHA256: 44c52eabee47b68f10d5818cd767c66a87424097838ab16d48f2a2f5eceaadf0
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
image
MD5: 0155dd0b099ba2a3225d99e083fc3f56
SHA256: 8fadc0da2bf61a37079c5ab99fff09dbbe3b16a8c0e55bebf5cc76e8ac12de36
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
image
MD5: 20174782bf13e0f2e9fea3a4a7ec799a
SHA256: 616ec159b19d3652b28c26ed655a94dbe67c57f0feaf3daedc2e58839a7847c2
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar69AB.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab69AA.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
image
MD5: 27868fef9c827870bdd62121871035cb
SHA256: 8858f11c15914a0b7cc4df14a1c29fd4fd780c5aabb89c873a942c9e24a1c1a1
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar698A.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
image
MD5: 0155dd0b099ba2a3225d99e083fc3f56
SHA256: 8fadc0da2bf61a37079c5ab99fff09dbbe3b16a8c0e55bebf5cc76e8ac12de36
3028
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab6989.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
binary
MD5: b9439afa43d7326ab89a4ba31e7eba67
SHA256: 818a5dc03f233cc3b29ae2a2e09158ea41e4bc070c19d229da051c17527c8078
3028
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
der
MD5: 55540a230bdab55187a841cfe1aa1545
SHA256: d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
image
MD5: 714c849d03056538ad05ac2c68cdcf36
SHA256: 3163da805089b1e418a0b0ef11aa95754355f96fd73fa09e44cfb8ff7295b426
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
image
MD5: 5e62e6da6d145f65811897d5c272275d
SHA256: fecd7de085c63afe295a466657b2e2cec827ad320ea6b60e736ce4c7098322b6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
image
MD5: f2c9f40d08bd7ad890a367c0b66cfab3
SHA256: dc8156338246d874929c7935cb08d267fe80f005bb87e3e4e89af672c5f9e232
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
image
MD5: 46426a1b4f36ecc5b9bb3a956313362d
SHA256: 19cdb06e9b121dcfa234be7f0687e2f4e9388476b1ede07a2df53475c6d5ba17
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
image
MD5: 3029f099db3469564d6df5fa3c857b81
SHA256: 2a6769e49d5dc9d31f8e7b7938721cb3dac6edd140f0f021087c6a1b770e7bf1
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
image
MD5: 9b2cb4f6fda1f9a8a24c1e87d4f58a06
SHA256: 5cc5e95412dead46b425cf93adc3435c9c6ed208e9b3ea77e4553195299d0510
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
image
MD5: 3a6bb5bbe41377e7da9bc85af307b67e
SHA256: 1d8baac111649019cca5fb2f45e4bea17cc0bb80f5803bdb24d926f38e53dc94
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
image
MD5: e159e4e19043c65c1cd543edd700ab48
SHA256: 80b2106745e2c810ad92f4f23fff04e8f2eda08b618e26e6263a4397d956c17c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
image
MD5: 2c3716151849c43bca1b85d3f8567076
SHA256: e76396e9ec5adae56183ef0eaafd73c45c8a216e58ffbcee1210aa67dbc9d5d8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
image
MD5: ef33a46fa1bab52abd9fe026d0ef54a8
SHA256: 2a95277b40d45d18e5b0f91c78e03d25613ccdf0d8cc545f5ac6c8a6571b4599
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
image
MD5: 8f913f73e738564e76636586c1663579
SHA256: 81767ac912bb8893638ecb4d69c23a5f0d2098292582b41f68745915999216d1
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
image
MD5: dad9a12cefedbc77791dc062c708f379
SHA256: 21ae4529c4681c25477174a6275ba247f7f6757235cdbb22fc147fa972cd346e
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
image
MD5: 4dbe02252cd53d4cfaf4907be2548e98
SHA256: 45c5c1c8f12fadb7825fa9f716be5a1cb561ab5ecfc301f206cf2cf01ec766fb
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
image
MD5: 22567f5db8eedd409e2526de65ff3bef
SHA256: e29f45a6f1fc4f4f4b3856603137be28e773a058da72db23439d646ca38ba58c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
image
MD5: d4fea0c69ba3ef6fc2eeaab957ae77f5
SHA256: ccecfeae6a940c2cb0ec9976ce52b7f0880b11227bae45ed4bd29224fc696168
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
image
MD5: e0ed8b43b630753fdaf465709800e8ff
SHA256: a1c78e208264a60da89af7b458fe815f2e5310370f193ffc056abda264e4fdbd
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
image
MD5: 762f2daa025546d0f2cac52bf180366e
SHA256: cc44131971f216f18b1b911e8b1aba4a139de0539e0674a3bfdd04b1612ec983
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
image
MD5: da0e852e1ce769c6baed485012f33d45
SHA256: 9dca0c07e0281997e12d44dd73d78ba19cc9531beb5c3a99adb5179ce638dd93
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
compressed
MD5: 321d981c71059d379cbf937e42530183
SHA256: 90159b07afbcee8213d4261687fa2c2a734216f9dd1ccfb85eea1c82d8c489a8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
woff2
MD5: d62e65602a0e8702cefd1897d1d14fa4
SHA256: 057a6ed8e8d34c07cbb45b05a46efe004929631b6642e87bb892d485c8b72e9d
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
compressed
MD5: 4b6b959f6edf2553ec28183f8ed48533
SHA256: 503dc29a2990f901465ea3fa733f695d40b368fe0cb1ea2462eeba98c0cfccee
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
compressed
MD5: 5090e64605d4339f6f9f0a492e65b0d1
SHA256: 02eb266fac65907482a3eb2ad510a8b0c1e5282c469439155e7ce0827d62fd5a
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
compressed
MD5: ece4c435a2eaf7913f3204d4a1a91491
SHA256: 241e9bc9e258ef9687b9c6346cd43fa8e60d0ce416e4895d6e4f154a9d14007d
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\the-real-index~RF1a6766.TMP
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\the-real-index
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt
binary
MD5: f79c3c9132a3680b05c89b5449988015
SHA256: 89b2320b799d4a6de384f42dee3126ab1d7e6b44a0ed7ef018a309014e897bc8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt~RF1a6737.TMP
binary
MD5: f79c3c9132a3680b05c89b5449988015
SHA256: 89b2320b799d4a6de384f42dee3126ab1d7e6b44a0ed7ef018a309014e897bc8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\the-real-index~RF1a6737.TMP
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\e64f4a26267430e4_1
binary
MD5: f5fede522dfbd7410fd6fe34a0153023
SHA256: fa11c5bf184294ebaab8f06ca9c8c8a5a02f911fe3ffd843dfc1b15cff74e7ce
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\e64f4a26267430e4_0
binary
MD5: 9c270ed776c306c389729685cb3623f0
SHA256: cb13d85269e7b62925e77d5b45cd41a36808e11e56764f67bc66667ea3888a5d
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\4db55b0a5eaa7ca5_0
binary
MD5: 0f8eb060a4ef6f3df5d51f41c348edf0
SHA256: 207ea023a484cf20ce3a43dd7c045aadeca3674d4f18299d988ec2eccdb8cc1c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: f10d3fde64dc6a7f562aceb744ef89f6
SHA256: 74c59322742671b6e3256fa0354a0609fd96655f503342562be20542e30d21b8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1a66ca.TMP
text
MD5: f10d3fde64dc6a7f562aceb744ef89f6
SHA256: 74c59322742671b6e3256fa0354a0609fd96655f503342562be20542e30d21b8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\dcbb350b-e2a5-4d9b-a30f-0998b56c36fd.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
binary
MD5: 689dc80f5d96147c333ea20dda405310
SHA256: 20f126ca1620322aa0297a4a49138cec8f51ed43283c4739f91304d96d6cf21b
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\index-dir\the-real-index
binary
MD5: f68ac072e65e695af62bf720f1f4f334
SHA256: 3b2eb09d5ade7377c0b7101115625ff77b1a0372cb6b6601c7088530a8ebe880
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt~RF1a65fe.TMP
binary
MD5: f79c3c9132a3680b05c89b5449988015
SHA256: 89b2320b799d4a6de384f42dee3126ab1d7e6b44a0ed7ef018a309014e897bc8
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\a1d42ed6-906a-4e85-9d63-63fd72b69759\index
text
MD5: 4f67aba5cb5b04976834ad6da18d2017
SHA256: 4476d281b3d119577eb8f19fd90e042e5a456cba30d0bb16d05654acc91aec5b
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1
binary
MD5: c2e4e0fb64dac5cdcf18397bf83568b3
SHA256: 842f338dfea4ca2cc40807dc94067e62c4f9d43c846749f5721fbe679a0f8d4e
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0
binary
MD5: f315b6afd57665d66072b8d64b4b68f4
SHA256: fef5a269aef4fc40adbef454f39d1b544dcc39e1bf9825145da57e2675897da1
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 0dd2b827c0e16cd9e2a1bccb4d8b969e
SHA256: 05b50f11223d8b8eb9427e1a0d55c335548950c377fafc6272e6f788f52039d0
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a65c0.TMP
text
MD5: 0dd2b827c0e16cd9e2a1bccb4d8b969e
SHA256: 05b50f11223d8b8eb9427e1a0d55c335548950c377fafc6272e6f788f52039d0
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\6551b51e-b7b1-435f-82f8-248eb9d9fe8a.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 25a991d1e74ff48055f0f6514ab3a321
SHA256: 52d81339b502e6b1b14f9fbc05c5e47e53bac7b8477c96b085aa130b9ad759ea
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a6514.TMP
text
MD5: 25a991d1e74ff48055f0f6514ab3a321
SHA256: 52d81339b502e6b1b14f9fbc05c5e47e53bac7b8477c96b085aa130b9ad759ea
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ebab9254-e726-4799-8f5a-c89bf71c7111.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
compressed
MD5: 25822d81282f6ece8d8af63aea83e3b8
SHA256: cfdf18bb705dc3aeefe70d0f12c9c6812012b6f88025e52b1ac38bf25db65296
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\000003.log
binary
MD5: 991641dbcc63a7eacba784846f16492f
SHA256: d402a1e89776f26565012ebd063638b57e09e58efc77105415906eebafc0fdd0
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\LOG
text
MD5: cdce2bf1fe090908195f975f22d34b04
SHA256: 0d66c8a59c5b754294ac1d58b90a4897b172a48a79e5d31c5fe7cae6285f1bc6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt
binary
MD5: 65b200cde0994dadacb905b0754f6be2
SHA256: a57f85cf5c485d6e045e4ccdb1ffa6414d0990edff79c6b7880bfcdd5212573f
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\index.txt~RF1a58df.TMP
binary
MD5: 65b200cde0994dadacb905b0754f6be2
SHA256: a57f85cf5c485d6e045e4ccdb1ffa6414d0990edff79c6b7880bfcdd5212573f
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
compressed
MD5: 4692ed3130e0ab989e96756a2ef55d0b
SHA256: f103f4809b6b7240eaebff34974c85190f55e8e7b56af92f84852610b6491815
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
compressed
MD5: fb9c621d20785ead5857be3a3dd54bcd
SHA256: 0f014768b28900899a4ef1f74ede1d6d149ba3821d37792663b68e7136083f62
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
binary
MD5: 9910e30c7286c85b2ceb9bab24c80697
SHA256: 586c2770b35232e09b192b650499fd06686f1c832512a3096c347e3d67a35b08
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
compressed
MD5: 1b7227da00e4bd9da370113d89ca7f40
SHA256: 45e11133387ab0fefe4705aa0a641ac39723412b504a03192ac825487d95aa96
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 02536c23edc1e418a6fea313d20b2a39
SHA256: 8e8de8689482b477d0beebe0a4ac24b9cabcbfa84848f66b4c0f55cd96dc0fe9
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old~RF1a4864.TMP
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
compressed
MD5: 52084fa108193d5b2c71a12c410b5652
SHA256: ad2853845c2e83d33e4618d72f881f5fbdcd3a2dc605d3e217ebb0552624410d
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
image
MD5: 0515236318ac3251ff39eb8372a0c129
SHA256: 228cb9c602929e1a2fb17408fe812af3599ab9f734d0b7c499ab79e15c5b8dd4
2208
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
text
MD5: e492e9a6c5e7dffe3376010bc6b48ae4
SHA256: b39c4cbc3211e860b5002894191aa6c6d3b8b1c464e4548f6930e617f3478be0
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
binary
MD5: 877eeb9a4a04df0883f98672da1be3bf
SHA256: dbd410aa236a7d484e3717c5326a992ccab92d2430de0144e340a7fad977c5da
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\353ab5148181f0c4_0
binary
MD5: e8f7cba1c5dad9da5eb040b381db2503
SHA256: c96ad56988a683c3bc9d61020731abad407502318431c6dce3742e6f706f440f
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\40bba07c05914591_0
binary
MD5: f01405561cbb7199fdd042f550d5d377
SHA256: b8c2c008db371bd55e984468a20ba71410b1e88f95d14b160c9e57d9c19f50c5
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.de_0.indexeddb.leveldb\LOG.old
text
MD5: 65e3a899ee20811d157b572ffa34a607
SHA256: fdbc070214092df54b10dc06b2a40f0cc30ad00d410ba67de9f98a3d53f08a75
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old~RF1a44f9.TMP
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF1a44da.TMP
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\e64f4a26267430e4_0
binary
MD5: 2c7dfaa5ea5af63247bf16e4c56cdfee
SHA256: 73c8ac1de87b0c4a13642b21095bdc681bc04315e7d8b3957269becd0bc42481
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
compressed
MD5: 1a2e809ef04228cd18e3e2158c073614
SHA256: 1dc3f335d9bbc0fbea412449a63d1b96e4e610468b61f04249c9193e1ab46d48
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF1a444d.TMP
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\50da1ec5d44a313d_0
binary
MD5: de3ffe81d3ffc8945a2313f1fdf34d8e
SHA256: a329bcaacc453a94678946f86fd7df61c30cd09ce45df2fa3ef92a521f7be962
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\3a41e250d088c297_0
binary
MD5: ee42aced22f6cc3fdf249fe7bda7e5bd
SHA256: f773fecdb734d91ce5a75d5ddb2d731302a2b3f8c84a5b1d89cc78c6107e5733
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\the-real-index
binary
MD5: 7310bf883e828ae9b8e6bd793d45e139
SHA256: 6a17c6592725f64037ee1e3ce5a71ebc0535c92c7ca7ecdca4f055dee0ca6fac
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\caecb3bd-7969-4305-84d6-3a376453ec73\index-dir\the-real-index~RF1a43d0.TMP
binary
MD5: 7310bf883e828ae9b8e6bd793d45e139
SHA256: 6a17c6592725f64037ee1e3ce5a71ebc0535c92c7ca7ecdca4f055dee0ca6fac
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
binary
MD5: 989da5e2bc9dfe3db2771bb53d730dec
SHA256: bff474de2dfc5678053a5d0862bde523effae61702c05ec86291636f3af6b944
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model
binary
MD5: ce7795af892f884906ca476bbd57bd48
SHA256: 3b62a560848ebaeb8263bc682f392242e9a928323e8bfe4c5b21d46e5a356f46
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model~RF1a4353.TMP
binary
MD5: ce7795af892f884906ca476bbd57bd48
SHA256: 3b62a560848ebaeb8263bc682f392242e9a928323e8bfe4c5b21d46e5a356f46
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\bcaaff31-36b5-44ef-9ab7-602c522b6b2b.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old~RF1a4056.TMP
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF1a4027.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000016.dbtmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\8fd5a11e-eb8f-400a-8197-1819b20025fe.tmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF1a3f8b.TMP
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF1a3f7b.TMP
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT~RF1a3f8b.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old~RF1a3f7b.TMP
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\000016.dbtmp
––
MD5:  ––
SHA256:  ––
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old~RF1a3f0e.TMP
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old
text
MD5: 8ca4ba2b95d7089861a48ed69fde6561
SHA256: aa64c14d0c68b62bbab62a6d6fa4662ff89e1fbc7b337c926ac213c191d6406c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: c10ebd4db49249efc8d112b2920d5f73
SHA256: 90a1b994cafe902f22a88a22c0b6cc9cb5b974bf20f8964406dd7d6c9b8867d1
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
3932
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: 9543068b6751e1f3e11f91d72ee78d95
SHA256: d060ad21ae6e04cb58668caa52adfca573e018102cc07554d2ed3eae11ab7785
2208
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: 0d979a7120663ad5a951931530825f15
SHA256: a4a41a70135a4fae3874dc8ac2c19d68f64efb0e4b244ff6e652e5f335f56f75
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\loading_background[1].png
image
MD5: 7649e6a7c32b6d29ce63255a30b7405a
SHA256: 3c95a8d994224bd35102bbf1201ebe86911a2aab3d081be256eb7cde08165ea1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\controls[1].png
image
MD5: 05ad6ec2cbc17a7f3d1b1aac6dbe770d
SHA256: 32540d07148d051d94da8f37dd9e6ec931830ea92078eecd910e383a020394c6
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\border[1].png
image
MD5: b593eef877678cd14706323d199e047d
SHA256: ad2bf3040b1fdcc57b24e2e7ead1c1e65607ecda5991df7ded746d17664fd65d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\loading[1].gif
image
MD5: f1d7268ba36b264f8b33b5b2bf0f108c
SHA256: b91986fe9ef769912225701b0accfa89edb3e8344bc8e98f92a89ccdb1f4a2cc
2836
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_iexplore.exe_12df8271b62395a348f102b12959f9768e2baf9_0b0e253c\Report.wer
binary
MD5: 3ce7b3a85989c0677feda17d2c0e387f
SHA256: bb664f334e1b9d3a5a595c84d6518b99a4642f902fd175452c69cfb4692a8c1c
3028
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c
binary
MD5: e3520515a233ab9a5ac50dbb619efeda
SHA256: 4eb5953df7decb317a152c3b8cfcf715efc01b6358f4251fd280f068c3544330
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012019021120190212\index.dat
dat
MD5: dfc688daf74b06a92bc4724185f7f9b0
SHA256: aebae24646f80f0d47c2bea29e419ccc2d0e34015a19b336fed1733f650052f5
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
dat
MD5: f2db203db235c4b84d50355c0c134fa4
SHA256: 567421a7cf90fc0d9a4829ad652d0a478d6884d6f2435bfd73d0694367dae7c7
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\12832422_594478300707290_3018332522467377193_n[1].jpg
image
MD5: b5a9133778ccd3db8aaa3c3f4598c07c
SHA256: 11013c222428c2567e9b0ab74b028c7ec3154121a68710d45f51c5aca4c71d40
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\base[1].js
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\www-player-vfl_Xr0n8[1].css
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\www-embed-player[1].js
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\wirtualnelegionowo_pl[1].txt
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\7mhoN5JtZyw[1].htm
html
MD5: 9c79d287bb7419bb5da457f15a66d09f
SHA256: ee06e87dbf79ad3367b37b97531cc9584cf86bdcd5b7fb13ea567e3e5e839abd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\7mhoN5JtZyw[1].txt
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\F-Najh1Hl-q[1].js
text
MD5: 06afbfe9a9203e3feb0ac9d51ac082b4
SHA256: a71f928d9d8c3fe584272b2b598c5a662c3c3ed9313a7202a21e528102e7847c
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\cfa8JZ3NlkW[1].js
text
MD5: 635f2a590105f1df7a7c5f129fe0f881
SHA256: c18bd32338bed97e90c406daab218e3dd7b282741383274499fb4cb3a3e6e8f0
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\PJkVUzPfrK4[1].js
text
MD5: 90831e92d3656079c0600f9db4f29cfe
SHA256: c60520b0ca9e6616804f3ff801e876a64ab2b43c0a7e56e309084ebad8a2be35
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\KFOmCnqEu92Fr1Mu4mxO[1].eot
eot
MD5: 68889c246da2739681c1065d15a1ab0b
SHA256: 830d75bbf0e1f9289d787422f767b23f9d63fd79dbe75c091a119b6b7155d198
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\AdqQRdyiRQ6[1].css
text
MD5: f691a08858b5747745e3192bd7e891d1
SHA256: 238b68407aac368e71aef25c65f226808cf9c5173d3540d3e5440de1e1226254
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\rqJSWjGzYao[1].css
text
MD5: ed02c2968c495aef0907bab6e7f064d3
SHA256: 69cecf2cfdcdf1607b148c75495626721d640ffe9fdb1c94e531457ad62b65b3
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\www-player-vfl_Xr0n8[1].css
text
MD5: fd7af49fc8940edc8140bd560b7b5e62
SHA256: 008fe04dba3cd9f30c86f9758c42f2861eee745c5935bb8f700d950b96851721
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\148-wersja%20animowana[1].gif
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\KFOlCnqEu92Fr1MmEU9fBBc8[1].eot
eot
MD5: 03bb29d6722bf52f7fe88a6ed47d9e6e
SHA256: daa5d6292a35a6dc7e075436d0567dbe02515d5e886731fa5ca230e3d8fe26dd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\KFOjCnqEu92Fr1Mu51S7ACc6CsA[1].eot
eot
MD5: 3d24765047e383a80652f464d8d8dc34
SHA256: 54412faeb9ed658523d5bac0fdc02a6d59285621062fc5f4fdbecacca2c7dfc4
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\base[1].js
text
MD5: d15d85ad7a7c769579d1a9aab35f07dc
SHA256: be2b39659e6170d0f0243c25b049985d26d798a6752f5cb04ef943f5defee816
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\KFOkCnqEu92Fr1Mu51xIIzY[1].eot
eot
MD5: f5c365f29f0193e60cf4927c7ce5b5b5
SHA256: 3e700198012f9480be89bd91e804640bcd3c3e9d9e7be7539393d6ba1b8363d6
2208
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
text
MD5: 5a031b95bb8816e26ebf05fb90fc916d
SHA256: 6872a6c2322fbd5adbdca3c91f9f46389c126c58dbabf273bb0f59e349558f3b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\page[1].php
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\overlay[1].png
image
MD5: 8918e1f6fbaae9e65880f3eff6fa3713
SHA256: 752df758c0fc34e6a6c0459a43d88fc37d622528b45468b6be5db2e95a0b86cd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\page[1].htm
html
MD5: 8812a5bc8ada90bce7469eda42629b91
SHA256: f436be0754e268d59eccda49dac31b415987141394b69fab7aeb346c2c4661e7
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\www-embed-player[1].js
text
MD5: 205be845c32475d60edd941fa3460bdc
SHA256: e079abf3e213e2cd0a3251176d2989451522ea4a967024614c7a41a988846766
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\2bAYJ4i25nI[1].txt
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\2bAYJ4i25nI[1].htm
html
MD5: 7278f1b5f5af46b728072ed44208956a
SHA256: 7ead7167440549063433b5d3b92f0158574bdaee4fc7018286d8725190965ff2
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\NJMk87f2xEA[1].htm
html
MD5: 1d1c2e6ac718feecdba15b83f6f68d77
SHA256: 0e463f0b4a1b1f22da372e93b0c325ed4a6a62ead6c1ba9fb00c2bc52c68c118
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\NJMk87f2xEA[1].txt
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\149-19[1].png
image
MD5: 0155dd0b099ba2a3225d99e083fc3f56
SHA256: 8fadc0da2bf61a37079c5ab99fff09dbbe3b16a8c0e55bebf5cc76e8ac12de36
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\1001-95x65[1].jpg
image
MD5: bf59e246540a8a4d1e50102e4670c6c8
SHA256: 561bafb61903cd6c9b3aa84d0b7bd261ad85796dede0687e7724c031eb3ff204
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\starostwo-95x65[1].jpg
image
MD5: bf15b0709b652a65f77718f94e6371a6
SHA256: a49708af514d8177bd23b27034110799f5670a077eccd1c4ade17c5ffb2667d3
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\wp-embed.min[1].js
text
MD5: 2dce40d16f9ff6332d3cbb7ae488a2b9
SHA256: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\2-95x65[1].jpg
image
MD5: 9cadea9087b928e6c16cfc35b1e1c9df
SHA256: aa110fc7c874280854dd59e19717f744299f5c4ff6092faacd8a1a0e904c2b43
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\tools[1]
image
MD5: 6f20ba58551e13cfd87ec059327effd0
SHA256: 62a7038cc42c1482d70465192318f21fc1ce0f0c737cb8804137f38a1f9d680b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\favcenter[1]
image
MD5: 25d76ee5fb5b890f2cc022d94a42fe19
SHA256: 07d07a467e4988d3c377acd6dc9e53abca6b64e8fbf70f6be19d795a1619289b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\qcWPcftfxyrH[1].js
text
MD5: 74a1db8e029c4f775f03bd8922b8aa8b
SHA256: 9178f87eef9ea904a42da5ed4b54c894392adb1fc92d8d1a186c52b64c504efd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\owl.carousel.min[1].js
text
MD5: 827cccbbe00ce4f1be2a4118172d3624
SHA256: 07c26e014639673985c86143d2407d9da7efb3a52686874d0744f1ec6a76bb9b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\noConnect[1]
image
MD5: 3cb8faccd5de434d415ab75c17e8fd86
SHA256: 6976c426e3ac66d66303c114b22b2b41109a7de648ba55ffc3e5a53bd0db09e7
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\down[1]
image
MD5: 555e83ce7f5d280d7454af334571fb25
SHA256: 70f316a5492848bb8242d49539468830b353ddaa850964db4e60a6d2d7db4880
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\background_gradient[1]
image
MD5: 20f0110ed5e4e0d5384a496e4880139b
SHA256: 1471693be91e53c2640fe7baeecbc624530b088444222d93f2815dfce1865d5b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\functions[1].js
text
MD5: 28b42bc0d9d164206daf14c079bd2de0
SHA256: df24f93224651a0f1c5b20980a263696f4b0d20b16fcfe3ffb26d34a27bafd14
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\errorPageStrings[1]
text
MD5: 1a0563f7fb85a678771450b131ed66fd
SHA256: eb5678de9d8f29ca6893d4e6ca79bd5ab4f312813820fe4997b009a2b1a1654c
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\httpErrorPagesScripts[1]
text
MD5: e7ca76a3c9ee0564471671d500e3f0f3
SHA256: 58268ca71a28973b756a48bbd7c9dc2f6b87b62ae343e582ce067c725275b63c
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\ErrorPageTemplate[1]
text
MD5: f4fe1cb77e758e1ba56b8a8ec20417c5
SHA256: 8d018639281b33da8eb3ce0b21d11e1d414e59024c3689f92be8904eb5779b5f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\jquery.adsenseloader[1].js
text
MD5: 72e41a1895b1d772c91e93d2c444599d
SHA256: 6497fbb988dee48be61635f18a5585734b6eeaed6f501d235187e2a934845594
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\machothemes.min[1].js
text
MD5: 97c83099935a645a549d80befff591b4
SHA256: 2a844ea2a94ee56bb980bee906e8e5040867e95b70d8a73a8da86c33786f1822
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\dnserror[1]
html
MD5: 68e03ed57ec741a4afbbcd11fab1bdbe
SHA256: 1ff3334c3eb27033f8f37029fd72f648edd4551fce85fc1f5159feaea1439630
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\skip-link-focus-fix[1].js
text
MD5: c29b9c67eb69f593acfce7cec1b34f7c
SHA256: 9d0e1c0dcd908c46d13404d733ba76ff92427f32e66f455cc4c2370d17a2d535
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\navigation[1].js
text
MD5: c59b15899b24e94f1ec9c43064745737
SHA256: 4b31a1b21865d2d82220d18ba4a04b84a747180d2f987a2c1b3ae42986356e0d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\bootstrap.min[1].js
text
MD5: fb0e635db142b1b9fce20fe2370ec6cc
SHA256: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
dat
MD5: 780b83d941f4817e905a75ac26959f15
SHA256: e2eee0703265e00c780e7c5a4d19483d27b8a8a8f2283ebc6724f26f264f0aa0
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\stickThis[1].js
text
MD5: 94b28304fdc64ff51ccb7c38a01839b0
SHA256: 8fc646c9ba5a91dded24716aec18659da956f775f3342854241fad3a53340f70
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\scripts[1].js
text
MD5: 1534f06aa2b1b721a45372f8238e2461
SHA256: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\cherry-plugin[1].js
text
MD5: e7694c9876a74d8af4840b08d8cc4364
SHA256: 9e806234df297746d665a8e76b129bf708e4470d7a50fef5905d306176bea1c1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\jquery.flexslider-min[1].js
text
MD5: 9ec3c315b67f434aabc4da58eabc6c3a
SHA256: 0c853c2cc205bafe5d893017b6a03a2acf0f04a11b85f80605514cf0ae540fe6
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\156-1[1].png
image
MD5: 8687a1a4f0607b07919b75d767d753e2
SHA256: 8b0e1065fec41dca663c9733889087bf560d26136f526b9fd62687aca37d5628
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\153-19[1].png
image
MD5: 0155dd0b099ba2a3225d99e083fc3f56
SHA256: 8fadc0da2bf61a37079c5ab99fff09dbbe3b16a8c0e55bebf5cc76e8ac12de36
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\154-3[1].gif
image
MD5: 0e73e0da33d72e2c66a7247e7026a135
SHA256: ca02a4679df98eb9beaa2725975d067ed587f5fe11bd17353cd83063f3450660
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\155-2[1].png
image
MD5: f877ccfc265f95dff95faafcbcb4aee9
SHA256: 60b8155e58faf2abb6a2d37ac45f055d1c0293bdafc7e5b9fbf978bfaece681e
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\150-17[1].png
image
MD5: 20174782bf13e0f2e9fea3a4a7ec799a
SHA256: 616ec159b19d3652b28c26ed655a94dbe67c57f0feaf3daedc2e58839a7847c2
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\151-16[1].jpg
image
MD5: 30007d5d05ad1bc6aaafd9444c687d8f
SHA256: 44c52eabee47b68f10d5818cd767c66a87424097838ab16d48f2a2f5eceaadf0
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\facebook[1].png
image
MD5: e9d05017261060f9876e89806ccfc727
SHA256: 7a149814906ce2d88df3cc191cce2576587d4bca5a0f5beb4559a5cef883db44
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\152-15[1].jpg
image
MD5: 27868fef9c827870bdd62121871035cb
SHA256: 8858f11c15914a0b7cc4df14a1c29fd4fd780c5aabb89c873a942c9e24a1c1a1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\147-20[1].gif
image
MD5: 714c849d03056538ad05ac2c68cdcf36
SHA256: 3163da805089b1e418a0b0ef11aa95754355f96fd73fa09e44cfb8ff7295b426
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\011-550x360[1].jpg
image
MD5: 5e62e6da6d145f65811897d5c272275d
SHA256: fecd7de085c63afe295a466657b2e2cec827ad320ea6b60e736ce4c7098322b6
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\DSC0555-1-550x360[1].jpg
image
MD5: f2c9f40d08bd7ad890a367c0b66cfab3
SHA256: dc8156338246d874929c7935cb08d267fe80f005bb87e3e4e89af672c5f9e232
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\35152-1-550x360[1].jpg
image
MD5: 46426a1b4f36ecc5b9bb3a956313362d
SHA256: 19cdb06e9b121dcfa234be7f0687e2f4e9388476b1ede07a2df53475c6d5ba17
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\Mazowsze-1-550x360[1].jpg
image
MD5: 3029f099db3469564d6df5fa3c857b81
SHA256: 2a6769e49d5dc9d31f8e7b7938721cb3dac6edd140f0f021087c6a1b770e7bf1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\czad-550x360[1].jpg
image
MD5: e159e4e19043c65c1cd543edd700ab48
SHA256: 80b2106745e2c810ad92f4f23fff04e8f2eda08b618e26e6263a4397d956c17c
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\35198-550x360[1].jpg
image
MD5: 9b2cb4f6fda1f9a8a24c1e87d4f58a06
SHA256: 5cc5e95412dead46b425cf93adc3435c9c6ed208e9b3ea77e4553195299d0510
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\00000-2-550x360[1].jpg
image
MD5: 2c3716151849c43bca1b85d3f8567076
SHA256: e76396e9ec5adae56183ef0eaafd73c45c8a216e58ffbcee1210aa67dbc9d5d8
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\bank-1-550x340[1].jpg
image
MD5: ef33a46fa1bab52abd9fe026d0ef54a8
SHA256: 2a95277b40d45d18e5b0f91c78e03d25613ccdf0d8cc545f5ac6c8a6571b4599
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\2-550x360[1].jpg
image
MD5: dad9a12cefedbc77791dc062c708f379
SHA256: 21ae4529c4681c25477174a6275ba247f7f6757235cdbb22fc147fa972cd346e
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\020508-550x360[1].jpg
image
MD5: 22567f5db8eedd409e2526de65ff3bef
SHA256: e29f45a6f1fc4f4f4b3856603137be28e773a058da72db23439d646ca38ba58c
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\1140x200_jablonna[1].jpg
image
MD5: 4dbe02252cd53d4cfaf4907be2548e98
SHA256: 45c5c1c8f12fadb7825fa9f716be5a1cb561ab5ecfc301f206cf2cf01ec766fb
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\016-1-550x360[1].jpg
image
MD5: 3a6bb5bbe41377e7da9bc85af307b67e
SHA256: 1d8baac111649019cca5fb2f45e4bea17cc0bb80f5803bdb24d926f38e53dc94
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\IMG_9578-1-550x360[1].jpg
image
MD5: 8f913f73e738564e76636586c1663579
SHA256: 81767ac912bb8893638ecb4d69c23a5f0d2098292582b41f68745915999216d1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\cropped-WL_baner-1[1].png
image
MD5: 762f2daa025546d0f2cac52bf180366e
SHA256: cc44131971f216f18b1b911e8b1aba4a139de0539e0674a3bfdd04b1612ec983
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\mos-550x360[1].jpg
image
MD5: d4fea0c69ba3ef6fc2eeaab957ae77f5
SHA256: ccecfeae6a940c2cb0ec9976ce52b7f0880b11227bae45ed4bd29224fc696168
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\widget[1].js
text
MD5: 7d93e17ab54a1dd7194a80f0bd89c395
SHA256: 6fcfa423af8a87e13bd7ff5458e2ff74bca6ad53dcdd513bfe5dc52507bae29d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\starostwo-550x360[1].jpg
image
MD5: da0e852e1ce769c6baed485012f33d45
SHA256: 9dca0c07e0281997e12d44dd73d78ba19cc9531beb5c3a99adb5179ce638dd93
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\171-550x360[1].jpg
image
MD5: e0ed8b43b630753fdaf465709800e8ff
SHA256: a1c78e208264a60da89af7b458fe815f2e5310370f193ffc056abda264e4fdbd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jakoscpowietrza[1].png
image
MD5: eebe1fa71675fb5b68aa6c370ec0dfbe
SHA256: fefa915016e5e56268f0ef2425a529f32f7b02512fffc91b60a85371fa4ba6be
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\niepodlegla[1].png
image
MD5: fc6c51db4373d06166f0408bbae49bee
SHA256: 0c02fdfce113286c070217139ae6f1b79fb91b870f12f815f88c57531668f10f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\wirtualnelegionowo_pl[1].htm
html
MD5: c08fb201faa1b75f063ba1bc1702cb5a
SHA256: 9b88db0294f1266f5b6a270a66cb0f788ada14ddb2e735f4ee38b75f7efa33e7
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\blazy.min[1].js
text
MD5: 856e1e86edd9c957cb17f03a9b67ce9b
SHA256: 8f692a380f49abf35260e719cd1e7ad72d972e577ef4bf26474f5606d56cec57
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\ZguGcrPOhdrS[1].css
text
MD5: a58d808a92129677901ce2837e9402ba
SHA256: e15ce5af89745c896db542596f2a9ca0b256d6eeb6ed9d4e90f1bf8579ac7054
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\owl.theme.default[1].css
text
MD5: e5f221ec393b37c8c26bda78271e9337
SHA256: b9a72991034314afe97a519f16b315724f02d7d010fc989b7f478eb88457021b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\flexslider-icon[1].eot
eot
MD5: 9c9cb7a6055043933ba68854f521af45
SHA256: 427c549989d40688b2f96bf38cd63568b61c412fe0a60bdb642da5fa7af51954
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\wp-emoji-release.min[1].js
text
MD5: 15d0c302dc74fd87bd9cfeab513e13e4
SHA256: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\lightbox-gallery[1].css
text
MD5: 6610eb236861d840296c8f2e3f464e0b
SHA256: e2e50d74f3687d0b0b3e01fd0750b1a3105baac6c14a8ba932172c1eb5727db2
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7h[1].eot
eot
MD5: c7792c7e9e55ca9ce80b34d181e16609
SHA256: 5e3c5738b2f5b7c35e235349ffb29f14abe3cee79a31d3afc90987657f2b562f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\lightbox-gallery[1].js
text
MD5: fe849658b519c32537c2918bbed4a4a5
SHA256: 698bd45496e3705194a1ad2d55198e9e66d5af192a50ff0226b4d2ce13c48cd6
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jquery.tooltip[1].js
text
MD5: 3f14fd0afde5823edcc1a2012548f265
SHA256: 2f296f0c9483ab6b8458a4a031d654aa075ab09d4c3b018a279b976acb501b54
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\jquery.colorbox[1].js
text
MD5: eb79fa295d1ded56e7356a4f75e751ca
SHA256: c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\scripts[1].js
text
MD5: 65c31517751c7e40448415acc82efa41
SHA256: 5361196ab3d8482bbd565c27a89d7d9517099f8ffb728ede8f6f4238fbb52af8
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\cookie-law-info-public[1].js
text
MD5: 23df4b906609f2fffe105f66023c4293
SHA256: 1aeb5d0f4df04257362f4ee45d1e4409b75e98928c633525dd6733ad653c7dfd
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\pe0qMImSLYBIv1o4X1M8cce9I98[1].eot
eot
MD5: 3bdedf81513ea192b5dbc85d9cd32213
SHA256: bf6f8c4ba6b1118766665df55c608a3929e4a28cc1ff564a5537474888429793
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jquery[1].js
text
MD5: 8610f03fe77640dee8c4cc924e060f12
SHA256: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\jq-sticky-anything.min[1].js
text
MD5: 0ad30029d495988af1eee6e5aeeb9c6d
SHA256: c78670d74dd4276ebea41acf32ea50bef3e18c35c9f0f85afc929baa14d5e690
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\tDbI2oqRg1oM3QBjjcaDkOr9rAE[1].eot
eot
MD5: 6717d7313abfcaec1e51167a87d53002
SHA256: ff30073d4da66fb7eb9e6248f7796c82a5e096fd3e70de33710eb65dfb91cfd8
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\js[1]
text
MD5: 94e3c8b681283b5beaca13592e5de639
SHA256: 2da283d5d52f927e8bea95de9a06a9018ff9820c527b228bbf2792312f08241b
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\colorbox[1].css
text
MD5: 7b1c39bc344c31838599a690e01ef763
SHA256: ffb2f2d99b0c239c9f6d40069d5d31aebbe1544fe5e3195b4444236abcaed3a6
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jquery.elastislide[1].js
text
MD5: eac02bd7783edab0f1a0dbebb32aa8a7
SHA256: dadd36769deca1a3720b875de9624093ae6623daebfc5a13061e129c61dfea24
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jquery-migrate.min[1].js
text
MD5: 7121994eec5320fbe6586463bf9651c2
SHA256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2ZG9DE0\jquery.easing.1.3[1].js
text
MD5: 3720b3ccb887382d0716a49cc52d7901
SHA256: 605b6fe57753665bd450ccc691b2b32eb508f05d8cb9bd3747d8f37c808990b1
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\sharethis[1].js
text
MD5: b9abdc6566a79030cd206b0d66592a07
SHA256: a12ac6865a0f5be32d5ee9548f7483c6c280af63c0c1ae5724851718f574df51
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\bootstrap.min[1].css
text
MD5: 2fb564b704befe83bd0bd38f6d71cea5
SHA256: 5c0871497d62cd9d02b645aa76d2b13d88b54cc94ec3852459578c7daf1ffceb
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\style[1].css
text
MD5: c6651effdf8d12e47cf823827142b240
SHA256: 796c81b17e93f522417a3a003cdbaf7a861dc182ab4a772df177905aafd58a1f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\style[2].css
text
MD5: a3e51539ca5209c1b1a672d8af4bcc53
SHA256: 121b4d7131b4b7f3916746a37e16bdc62e978569c4fefd53338208353d0de154
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\bootstrap-theme.min[1].css
text
MD5: 989148ee5e239b1b864009f3853e1a3c
SHA256: b3ebdb2ba9e1ce19d186b7214d1c3abc7e6ad940790586c7283994bd475c7347
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\fontawesome-webfont[1].eot
eot
MD5: 5ae23ad29b67289a1375d2043e289c52
SHA256: a9595e5bf3b6dbbc076902b9abdea356053d69a2fe66506706de9bb39a126b8f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BWPPCY0O\owl.carousel.min[1].css
text
MD5: d11891449d343dce2b34c9f55bf6452d
SHA256: da18a535024d54499a5148a6c3ad5c223b529b47f77b1b81e1a04f98ba1e7091
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\owl.carousel[1].css
text
MD5: 6feb160fd06cb99cdc79b04a5cbe07dc
SHA256: 4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\slick[1].css
text
MD5: 6163040c329b44297eaadd392ee4cd92
SHA256: 9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\cookie-law-info-gdpr[1].css
text
MD5: cf817a9701248877faaa40b39493d14c
SHA256: bf59c6832eb9df82772307968b03faa3ed06bf8b2bd2bd994e5ac900e7ac58da
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\widget-options[1].css
text
MD5: 075f4a4a001114164bbd67ebe7a8b361
SHA256: acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PP6KS563\recent-post-style[1].css
text
MD5: f49706bed7a8c4b00693d12e0cfdc484
SHA256: 399f7dab331d909d9e5478dce54156a86a2b05d2f7511febc5cbb1cd1419ddab
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\owl.theme[1].css
text
MD5: fe31a99f51a65ec2a31ad4b63702c93d
SHA256: 8f8439f41dd768871bde30fceb034a6de5a50945a564658a60a06b23cb5d039a
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\css[1].txt
text
MD5: 4b436b38eb6e563fd5ad78a1d9576570
SHA256: c620deefab429b166d317bad94f753570bbc81618b94a15abd3c0b996ef05a1d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\styles[1].css
text
MD5: 5ad1cfa3f5175f627385651790ed0bbd
SHA256: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\flexslider[1].css
text
MD5: c553a58b7b87830d624bc55c478732ad
SHA256: 013585d07f16d114d3402e3b540854c914254d7f17fd430e216e8df7334c9c92
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\font-awesome[1].css
text
MD5: 2d53b06f292dcb355b5e1a39ec065054
SHA256: 22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\cherry-plugin[1].css
text
MD5: dae626758902bfd073920d8376822de0
SHA256: d00dd4a54dc8736da1a68b2c57490d6f827e69fed3f23f5746771499a77feaf9
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\cookie-law-info-public[1].css
text
MD5: b4db3094eac97a2c91459c866bb736d9
SHA256: 8df692c63a3ad001e018a83f4578ac10c639ad4003619757293b5a192cd3704d
2836
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{D50FA0BE-2DBB-11E9-BAD8-5254004A04AF}.dat
binary
MD5: 13de0fed625d0cbaec916befab08d8de
SHA256: 184793c86368d56350c8da9d4e580ff6c64e4e8569b4696269b287c9ddddf7b6
2836
iexplore.exe
C:\Users\admin\AppData\Local\Temp\~DF721174CB9A89B865.TMP
––
MD5:  ––
SHA256:  ––
2208
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OCDM6JB6\wirtualnelegionowo_pl[1].htm
html
MD5: 38096030be6e489249588062a4cf3797
SHA256: d98054df4a06d18257ecea1025de092b1ed115b9a494e54f97168740729ae9a9
2836
iexplore.exe
C:\Users\admin\AppData\Local\Temp\StructuredQuery.log
text
MD5: 3701549183ab1e2a1167f2df4e161603
SHA256: 18e7d6c290989e42d4009f03ca2002312780b65a530768605669c342827e0bd6
2836
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RB73MZ6Y\favicon[3].png
image
MD5: 9fb559a691078558e77d6848202f6541
SHA256: 6d8a01dc7647bc218d003b58fe04049e24a9359900b7e0cebae76edf85b8b914
2836
iexplore.exe
C:\Users\admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
––
MD5:  ––
SHA256:  ––
2836
iexplore.exe
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RB73MZ6Y\favicon[1].ico
––
MD5:  ––
SHA256:  ––

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
191
TCP/UDP connections
104
DNS requests
63
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2836 iexplore.exe GET 200 204.79.197.200:80 http://www.bing.com/favicon.ico US
image
whitelisted
2208 iexplore.exe GET 301 188.128.183.146:80 http://www.wirtualnelegionowo.pl/ PL
html
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/ PL
html
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/flexslider.css?ver=2.2.0 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.theme.css?ver=1.24 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/includes/css/cherry-plugin.css?ver=1.2.8.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.7.3 PL
text
unknown
2208 iexplore.exe GET 200 172.217.23.138:80 http://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%7CNunito+Sans%3A300%2C400%2C700%2C900%7CSource+Sans+Pro%3A400%2C700&ver=1.2.9 US
text
whitelisted
2208 iexplore.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1 US
text
whitelisted
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.carousel.css?ver=1.24 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/widget-options/assets/css/widget-options.css PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.7.3 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.0.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.0.1 PL
text
unknown
2208 iexplore.exe GET 200 172.217.23.170:80 http://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.9.9 US
text
whitelisted
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap.min.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap-theme.min.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/style.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/css/style.css?ver=1.2.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.carousel.min.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.eot? US
eot
whitelisted
2208 iexplore.exe GET 200 2.19.43.118:80 http://platform-api.sharethis.com/js/sharethis.js unknown
text
unknown
2208 iexplore.exe GET 200 172.217.22.3:80 http://fonts.gstatic.com/s/droidserif/v8/tDbI2oqRg1oM3QBjjcaDkOr9rAE.eot US
eot
whitelisted
2208 iexplore.exe GET 200 172.217.22.3:80 http://fonts.gstatic.com/s/nunitosans/v3/pe0qMImSLYBIv1o4X1M8cce9I98.eot US
eot
whitelisted
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/colorbox.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/jquery.easing.1.3.js?ver=1.3 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/jquery.elastislide.js?ver=1.2.8.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.7.3 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/useful-banner-manager/scripts.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/js/jquery.colorbox.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 172.217.22.3:80 http://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7h.eot US
eot
whitelisted
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/lightbox-gallery.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/js/jquery.tooltip.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/lightbox-gallery.css PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/fonts/flexslider-icon.eot? PL
eot
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/wp-emoji-release.min.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.theme.default.css?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/qloefdjziRDU/ZguGcrPOhdrS.css?ver=2.2.3 PL
text
unknown
2208 iexplore.exe GET –– 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/fonts/glyphicons-halflings-regular.eot? PL
––
––
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/blazy/blazy.min.js?ver=1.9.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/cropped-WL_baner-1.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/niepodlegla.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/jakoscpowietrza.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/1140x200_jablonna.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/starostwo-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 46.242.143.213:80 http://www.ekologia.pl/pogoda/widget/widget.js PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/171-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/mos-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/020508-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/2-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/IMG_9578-1-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/016-1-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/00000-2-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/bank-1-550x340.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2017/04/czad-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/35198-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/04/Mazowsze-1-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/35152-1-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/DSC0555-1-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/011-550x360.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/147-20.gif PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/150-17.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/148-wersja%20animowana.gif PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/151-16.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/152-15.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/facebook.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/153-19.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/154-3.gif PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/155-2.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/156-1.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/jquery.flexslider-min.js?ver=2.2.2 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/includes/js/cherry-plugin.js?ver=1.2.8.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap.min.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/navigation.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/skip-link-focus-fix.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/adsenseloader/jquery.adsenseloader.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/machothemes/machothemes.min.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/functions.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.carousel.min.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/qloefdjziRDU/qcWPcftfxyrH.js?ver=2.2.3 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/wp-embed.min.js?ver=4.9.9 PL
text
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/starostwo-95x65.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/2-95x65.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/1001-95x65.jpg PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/149-19.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/overlay.png PL
image
unknown
2208 iexplore.exe POST 200 188.128.183.146:80 http://wirtualnelegionowo.pl/?ga_action=googleanalytics_get_script PL
text
text
unknown
2836 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/favicon.ico PL
––
––
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/controls.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/border.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/loading_background.png PL
image
unknown
2208 iexplore.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/loading.gif PL
image
unknown
3028 chrome.exe GET 301 188.128.183.146:80 http://www.wirtualnelegionowo.pl/ PL
html
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/ PL
html
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/flexslider.css?ver=2.2.0 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.carousel.css?ver=1.24 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.theme.css?ver=1.24 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/includes/css/cherry-plugin.css?ver=1.2.8.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 PL
text
unknown
3028 chrome.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1 US
text
whitelisted
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.7.3 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.7.3 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/widget-options/assets/css/widget-options.css PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.0.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.0.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap.min.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap-theme.min.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/style.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.carousel.min.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/css/style.css?ver=1.2.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/wp-emoji-release.min.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.theme.default.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/qloefdjziRDU/ZguGcrPOhdrS.css?ver=2.2.3 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/colorbox.css?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/lightbox-gallery.css PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/jquery.easing.1.3.js?ver=1.3 PL
text
unknown
3028 chrome.exe GET 200 172.217.22.74:80 http://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.9.9 US
text
whitelisted
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/jquery.elastislide.js?ver=1.2.8.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.7.3 PL
text
unknown
3028 chrome.exe GET 200 2.19.43.118:80 http://platform-api.sharethis.com/js/sharethis.js unknown
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/useful-banner-manager/scripts.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/blazy/blazy.min.js?ver=1.9.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/js/jquery.colorbox.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/js/jquery.tooltip.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/lightbox-gallery.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/jquery.flexslider-min.js?ver=2.2.2 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/cherry-plugin/includes/js/cherry-plugin.js?ver=1.2.8.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/bootstrap/bootstrap.min.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/navigation.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 209.197.3.15:80 http://netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1 US
woff
whitelisted
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/skip-link-focus-fix.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/adsenseloader/jquery.adsenseloader.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/machothemes/machothemes.min.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/js/functions.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/qloefdjziRDU/qcWPcftfxyrH.js?ver=2.2.3 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/assets/vendors/owl-carousel/owl.carousel.min.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/cropped-WL_baner-1.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/jakoscpowietrza.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/niepodlegla.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-includes/js/wp-embed.min.js?ver=4.9.9 PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/1140x200_jablonna.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/starostwo-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 13.32.222.66:80 http://x.ss2.us/x.cer US
der
whitelisted
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/171-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/mos-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/020508-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/2-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/IMG_9578-1-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/016-1-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/01/00000-2-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/bank-1-550x340.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2017/04/czad-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/35198-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 46.242.143.213:80 http://www.ekologia.pl/pogoda/widget/widget.js PL
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/04/Mazowsze-1-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/35152-1-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/DSC0555-1-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2018/12/011-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/147-20.gif PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/148-wersja%20animowana.gif PL
image
unknown
3028 chrome.exe GET 301 46.242.143.213:80 http://www.ekologia.pl/pogoda/widget/widget.php?widget-type=pogoda-3dni-mini&w=300&h=78&city=legionowo&colors=47A5D3,313A6D,EDEDED&t=1549862093509 PL
html
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/149-19.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/150-17.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/151-16.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/152-15.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/153-19.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/154-3.gif PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/155-2.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/useful_banner_manager_banners/156-1.png PL
image
unknown
3028 chrome.exe GET 200 67.27.235.126:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/1001-95x65.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/2-95x65.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/starostwo-95x65.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/themes/newspaper-x/img/facebook.png PL
image
unknown
3028 chrome.exe POST 200 188.128.183.146:80 http://wirtualnelegionowo.pl/?ga_action=googleanalytics_get_script PL
text
text
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/plugins/lightbox-gallery/colorbox/example1/images/overlay.png PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2019/02/1001-550x360.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2016/03/cropped-Profilowe-32x32.jpg PL
image
unknown
3028 chrome.exe GET 200 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-content/uploads/2016/03/cropped-Profilowe-192x192.jpg PL
image
unknown
3028 chrome.exe POST –– 188.128.183.146:80 http://wirtualnelegionowo.pl/wp-admin/admin-ajax.php PL
text
––
––
unknown

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
–– –– 209.197.3.15:445 Highwinds Network Group, Inc. US whitelisted
2836 iexplore.exe 204.79.197.200:80 Microsoft Corporation US whitelisted
–– –– 209.197.3.15:139 Highwinds Network Group, Inc. US whitelisted
–– –– 172.217.23.138:445 Google Inc. US whitelisted
–– –– 172.217.23.138:139 Google Inc. US whitelisted
2208 iexplore.exe 188.128.183.146:80 home.pl S.A. PL unknown
2208 iexplore.exe 209.197.3.15:80 Highwinds Network Group, Inc. US whitelisted
2208 iexplore.exe 172.217.23.138:80 Google Inc. US whitelisted
2208 iexplore.exe 172.217.23.170:80 Google Inc. US whitelisted
2208 iexplore.exe 2.19.43.118:80 Akamai International B.V. –– unknown
2208 iexplore.exe 172.217.22.3:80 Google Inc. US whitelisted
2208 iexplore.exe 13.32.223.216:443 Amazon.com, Inc. US unknown
2208 iexplore.exe 46.242.143.213:80 home.pl S.A. PL unknown
2208 iexplore.exe 31.13.90.36:443 Facebook, Inc. IE whitelisted
2208 iexplore.exe 172.217.22.14:443 Google Inc. US whitelisted
2208 iexplore.exe 172.217.22.3:443 Google Inc. US whitelisted
2208 iexplore.exe 185.60.216.19:443 Facebook, Inc. IE whitelisted
2208 iexplore.exe 31.13.91.6:443 Facebook, Inc. IE whitelisted
2836 iexplore.exe 188.128.183.146:80 home.pl S.A. PL unknown
3028 chrome.exe 216.58.205.227:443 Google Inc. US whitelisted
3028 chrome.exe 216.58.208.35:443 Google Inc. US whitelisted
3028 chrome.exe 216.58.207.35:443 Google Inc. US whitelisted
3028 chrome.exe 216.58.206.10:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.22.13:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.23.131:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.22.46:443 Google Inc. US whitelisted
3028 chrome.exe 216.58.207.68:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.18.3:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.23.138:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.22.3:443 Google Inc. US whitelisted
3028 chrome.exe 188.128.183.146:80 home.pl S.A. PL unknown
3028 chrome.exe 209.197.3.15:80 Highwinds Network Group, Inc. US whitelisted
3028 chrome.exe 172.217.22.74:80 Google Inc. US whitelisted
3028 chrome.exe 2.19.43.118:80 Akamai International B.V. –– unknown
3028 chrome.exe 13.32.223.252:443 Amazon.com, Inc. US unknown
3028 chrome.exe 46.242.143.213:80 home.pl S.A. PL unknown
3028 chrome.exe 13.32.222.66:80 Amazon.com, Inc. US unknown
3028 chrome.exe 2.16.186.243:443 Akamai International B.V. –– whitelisted
3028 chrome.exe 3.120.53.177:443 US unknown
3028 chrome.exe 46.242.143.213:443 home.pl S.A. PL unknown
3028 chrome.exe 67.27.235.126:80 Level 3 Communications, Inc. US unknown
3028 chrome.exe 216.58.207.78:443 Google Inc. US whitelisted
3028 chrome.exe 31.13.90.36:443 Facebook, Inc. IE whitelisted
3028 chrome.exe 172.217.21.238:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.22.74:443 Google Inc. US whitelisted
3028 chrome.exe 172.217.21.232:443 Google Inc. US whitelisted
3028 chrome.exe 31.13.91.6:443 Facebook, Inc. IE whitelisted
–– –– 172.217.16.196:443 Google Inc. US whitelisted
–– –– 34.249.154.198:443 Amazon.com, Inc. IE unknown
–– –– 13.32.223.144:443 Amazon.com, Inc. US unknown
–– –– 74.125.206.154:443 Google Inc. US whitelisted
–– –– 216.58.207.68:443 Google Inc. US whitelisted
–– –– 172.217.22.98:443 Google Inc. US whitelisted
–– –– 172.217.16.198:443 Google Inc. US whitelisted
–– –– 216.58.208.54:443 Google Inc. US whitelisted
–– –– 216.58.206.1:443 Google Inc. US whitelisted

DNS requests

Domain IP Reputation
wirtualnelegionowo.pl 188.128.183.146
unknown
netdna.bootstrapcdn.com 209.197.3.15
whitelisted
www.bing.com 204.79.197.200
13.107.21.200
whitelisted
fonts.googleapis.com 172.217.23.138
whitelisted
www.wirtualnelegionowo.pl 188.128.183.146
unknown
maps.googleapis.com 172.217.23.170
172.217.21.202
216.58.205.234
172.217.21.234
172.217.22.10
172.217.18.10
172.217.18.170
172.217.23.138
216.58.206.10
216.58.207.42
216.58.207.74
172.217.16.170
216.58.208.42
172.217.16.138
172.217.22.42
172.217.22.74
whitelisted
platform-api.sharethis.com 2.19.43.118
unknown
airly.eu 13.32.223.216
13.32.223.130
13.32.223.206
13.32.223.252
unknown
fonts.gstatic.com 172.217.22.3
whitelisted
www.ekologia.pl 46.242.143.213
unknown
www.facebook.com 31.13.90.36
whitelisted
www.youtube.com 172.217.22.14
172.217.18.14
172.217.18.174
172.217.23.142
216.58.206.14
216.58.207.46
172.217.16.174
172.217.16.142
172.217.22.46
172.217.22.110
216.58.210.14
172.217.16.206
172.217.18.110
172.217.23.174
172.217.21.238
whitelisted
s.ytimg.com 172.217.22.14
whitelisted
static.xx.fbcdn.net 185.60.216.19
whitelisted
scontent-ams3-1.xx.fbcdn.net 31.13.91.6
unknown
clientservices.googleapis.com 216.58.207.35
whitelisted
www.gstatic.com 216.58.208.35
whitelisted
www.google.de 216.58.205.227
whitelisted
safebrowsing.googleapis.com 216.58.206.10
whitelisted
accounts.google.com 172.217.22.13
shared
ssl.gstatic.com 172.217.23.131
whitelisted
apis.google.com 172.217.22.46
whitelisted
www.google.com 216.58.207.68
whitelisted
www.google.dk 172.217.18.3
whitelisted
ogs.google.com 172.217.22.46
whitelisted
s.w.org 192.0.77.48
whitelisted
x.ss2.us 13.32.222.66
13.32.222.72
13.32.222.241
13.32.222.79
whitelisted
www.szlak.powiat-legionowski.pl 89.161.195.197
unknown
c.sharethis.mgr.consensu.org 2.16.186.243
2.16.186.146
malicious
l.sharethis.com 3.120.53.177
18.185.185.214
18.185.192.244
18.184.119.244
18.195.194.147
whitelisted
www.download.windowsupdate.com 67.27.235.126
8.248.131.254
67.27.159.126
67.27.233.254
8.248.141.254
whitelisted
www.google-analytics.com 216.58.207.78
whitelisted
pl.wordpress.org 198.143.164.252
unknown
budowa-domow.info 185.36.169.49
unknown
rainbowmultimedia.com.pl 193.107.88.70
unknown
rybadiving.pl 194.181.228.55
unknown
web.facebook.com 157.240.1.41
whitelisted
www.eko-radek.pl 188.128.137.232
unknown
www.kariera.leroymerlin.pl 94.237.24.38
unknown
translate.googleapis.com 172.217.22.74
whitelisted
www.googletagmanager.com 172.217.21.232
whitelisted
google-analytics.com 172.217.16.196
whitelisted
airapi.airly.eu 34.249.154.198
54.72.134.5
unknown
cdn.airly.eu 13.32.223.144
13.32.223.117
13.32.223.191
13.32.223.160
unknown
stats.g.doubleclick.net 74.125.206.154
74.125.206.155
74.125.206.157
74.125.206.156
whitelisted
googleads.g.doubleclick.net 172.217.22.98
whitelisted
static.doubleclick.net 172.217.16.198
whitelisted
i.ytimg.com 216.58.208.54
172.217.16.150
172.217.22.54
172.217.22.86
172.217.22.118
216.58.210.22
172.217.16.214
172.217.18.118
172.217.21.246
172.217.18.22
172.217.18.182
172.217.23.150
216.58.206.22
216.58.207.54
216.58.207.86
172.217.16.182
whitelisted
yt3.ggpht.com 216.58.206.1
whitelisted

Threats

No threats detected.

Debug output strings

No debug info.