General Info

URL

http://free.packagetracer.com/index.jhtml?partner=^AFW^xdm096&pkw=default&adfi=&adti=kwd-0&adm=&adn=d&add=c&adc=323757318174&adt=&ada=&adap=none&adp=www.sejda.com&gclid=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE

Full analysis
https://app.any.run/tasks/de1d0809-5004-4e3a-8e83-778490b616dc
Verdict
Malicious activity
Analysis date
1/11/2019, 12:31:13
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
120 seconds
Additional time used
60 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
off

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (68.0.3440.106)
  • Google Update Helper (1.3.33.17)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 61.0.2 (x86 en-US) (61.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Modifies files in Chrome extension folder
  • chrome.exe (PID: 2876)
Dropped object may contain Bitcoin addresses
  • chrome.exe (PID: 2876)
Reads Internet Cache Settings
  • chrome.exe (PID: 2876)
Reads settings of System Certificates
  • chrome.exe (PID: 2876)
Application launched itself
  • chrome.exe (PID: 2876)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
60
Monitored processes
32
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2876
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://free.packagetracer.com/index.jhtml?partner=^AFW^xdm096&pkw=default&adfi=&adti=kwd-0&adm=&adn=d&add=c&adc=323757318174&adt=&ada=&adap=none&adp=www.sejda.com&gclid=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\credui.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winsta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\credssp.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msisip.dll
c:\windows\system32\wshext.dll
c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\winshfhc.dll
c:\windows\system32\wdscore.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll

PID
3616
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x78,0x7c,0x80,0x74,0x84,0x6f6000b0,0x6f6000c0,0x6f6000cc
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2852
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2880 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_watcher.dll

PID
4024
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=33FF2C0AC3CCF2B4F5A9F9DE1C426F58 --mojo-platform-channel-handle=968 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
2452
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --service-pipe-token=9FA4BEFECCF0649080EA9ECA35DF4D97 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9FA4BEFECCF0649080EA9ECA35DF4D97 --renderer-client-id=4 --mojo-platform-channel-handle=1904 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3240
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --service-pipe-token=02DBA480D340FA215A8D5DC114AEBCDF --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=02DBA480D340FA215A8D5DC114AEBCDF --renderer-client-id=3 --mojo-platform-channel-handle=2152 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2280
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=D671C63E4E581707ED42B4434E249087 --mojo-platform-channel-handle=3840 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\68.0.3440.106\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\68.0.3440.106\swiftshader\libegl.dll

PID
2764
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=4C63307F9C6978DF1BC45FAA70599EB8 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4C63307F9C6978DF1BC45FAA70599EB8 --renderer-client-id=6 --mojo-platform-channel-handle=1972 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2448
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=70ECCD4D85175859762E9932349F0A49 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=70ECCD4D85175859762E9932349F0A49 --renderer-client-id=7 --mojo-platform-channel-handle=4016 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2972
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=25F946D9F755FA772345A271B9869B0F --mojo-platform-channel-handle=4268 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3080
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=EFA500227BB2E02B75FB789CCC2BBB1C --mojo-platform-channel-handle=3892 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3976
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=78990A00938866EB8D82B7C2A48BCEDA --mojo-platform-channel-handle=4708 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3404
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8F701093A3286D446BA7C429A0329E3B --mojo-platform-channel-handle=4696 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3136
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=FBA76E8381CAD9666847B309E982F6EB --mojo-platform-channel-handle=4772 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3784
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=0098FC8B096D6FC4EAAF3F56C07C098A --mojo-platform-channel-handle=4896 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3128
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=8179B38D0F36CFCEFC54BD6C5B38A945 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8179B38D0F36CFCEFC54BD6C5B38A945 --renderer-client-id=14 --mojo-platform-channel-handle=4748 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2760
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=503030840B2A23C44802639FB795348A --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=503030840B2A23C44802639FB795348A --renderer-client-id=15 --mojo-platform-channel-handle=5300 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2960
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=68B15890B4C59FBAB03C958F5343B3F0 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=68B15890B4C59FBAB03C958F5343B3F0 --renderer-client-id=16 --mojo-platform-channel-handle=5156 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3360
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=B72D979F07843A0BBBAF3B78D9C89990 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B72D979F07843A0BBBAF3B78D9C89990 --renderer-client-id=17 --mojo-platform-channel-handle=5384 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3872
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=DBAC9E3FB2F11E4ABD5ABF02602EE2E0 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=DBAC9E3FB2F11E4ABD5ABF02602EE2E0 --renderer-client-id=18 --mojo-platform-channel-handle=5232 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2592
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=FCFD5431C7334B24A7654C4BF27B59E0 --mojo-platform-channel-handle=4300 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1396
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=94A8CF984C7E8DBDD5ABBDEAB8C52BF5 --mojo-platform-channel-handle=6096 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2420
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=7A21705F2805C9B82A028B93C228C78F --mojo-platform-channel-handle=5300 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\zipfldr.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
2664
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8C744F3B2E2776B844668D64B65739B2 --mojo-platform-channel-handle=5744 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3448
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=C5EB496BC9629E08F0B0B11E7F3EDB63 --mojo-platform-channel-handle=4352 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2820
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=C5BCF64C1C9EA06F9B1CAFA8CF82BB10 --mojo-platform-channel-handle=6076 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3032
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=AB5BD602F945F77626F841AEAD04CB79 --mojo-platform-channel-handle=5328 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2608
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=0DB00C3224C4222B1E7B843CA7563DF7 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=0DB00C3224C4222B1E7B843CA7563DF7 --renderer-client-id=26 --mojo-platform-channel-handle=4820 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3068
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=FB202876241A68D1AE865F49327E4685 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FB202876241A68D1AE865F49327E4685 --renderer-client-id=27 --mojo-platform-channel-handle=5744 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2584
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=EA6F28BC7BC4669481400703424E3AB7 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=EA6F28BC7BC4669481400703424E3AB7 --renderer-client-id=28 --mojo-platform-channel-handle=6276 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3680
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=5B02B51824121CC57B66B60B7443BDC0 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5B02B51824121CC57B66B60B7443BDC0 --renderer-client-id=30 --mojo-platform-channel-handle=5916 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3564
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=984,1112433181398300262,13346142530850764726,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=CF8D85C44A261DA401019F1B37AE2405 --mojo-platform-channel-handle=516 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
68.0.3440.106
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\68.0.3440.106\chrome_child.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

Registry activity

Total events
687
Read events
584
Write events
100
Delete events
3

Modification events

PID
Process
Operation
Key
Name
Value
2876
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2876
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2876
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2876
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2876
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2876
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2876
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13191679895972250
2876
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000069000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307010005000B000B0020000700B30300000000
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
1B1D58B8A44F6F281CF27E6D0F4F8B5B7F3466AD60C4CBB385AC3D006191F660
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
AB10344C22514B6E11FF5AA96C187BAF5A98E213F711BD2C8B13F7BE16CD0391
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
2615E1171DBB74120AD9E42E72DF4B459183492D4FC52BDD6DCF8EA5086C190F
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
2CA2A5581229E448ACBCF212F1916535368632DBEFA9BB380A5DE5F8A98F39C7
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
9483F6CDD08F2E3FDA15A6F5CE99EBFFF29803EE59A9C28C495BD1CD4610D463
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
C5A7CC22A7527F454E1E5DB16DDAA1A029693382A081DEBE7B4BEE3B89F64C37
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gidaofklkglaecfmdpcobbmhibpacokc
1DC5C363B61134B5BCCD994DE2882DFBE3F7ADED0B7A09AD94AF8931198522DB
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
37A858BD3327FACA61D625B462EC605ED64E520E108B94F4C3325B757DB435C4
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
17F7787CEDB9B66B8D78F7E985DCA6E31DBA26B1F7D92176EDBEDAFB5838AEBC
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
9A0044B183822416E036FA2670FC5F085B3D015E358899EB0B24B5D6E5EEB39D
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
F352BAFFF69707C195521155540FF88C6669539B398E3D551C3E3E2B01D1F985
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
6FB66E9D1A5A92BE1B0868FE1669E627024387D2A70A0A9BC150D5C0DFE17ABF
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
230C2396765981675322D6D42D1170C14223FC3D694C857C5A54D6487496FFEB
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
eocnnoackodjagdbaoddhjbkpjabimed
F0DA80EDB46696A68631A9462DF312B7FC84F24EDE164BB0F89F0DB339C0A648
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gidaofklkglaecfmdpcobbmhibpacokc
71B6BD12C64841B20F05139393D00882D6961D330B897B24A4437EA9C7DF9EA0
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\PTimes
C
5E475F6BA1A9D401
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C1
1C1GCEA_enUA812UA812
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C2
1C2GCEA_enUA812
2876
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C7
1C7GCEA_enUA812
2852
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2876-13191679894034750
259
2420
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\5F\52C64B7E
LanguageList
en-US

Files activity

Executable files
0
Suspicious files
32
Text files
162
Unknown types
8

Dropped files

PID
Process
Filename
Type
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: 8336d63abb3428a59a4db0cd7060f3cf
SHA256: 5d2545579d46e4a29c14ee55103c83c0045af234961cc233d9371a5d5e432685
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\newtabproduct.html
html
MD5: 2dc7a63e2e9a94721f6bf23dcadc7ce8
SHA256: 293fe1b38ea92fb1eb99107b2a08e6f323453d15262ea9cb7f4c717492661818
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF1a9e35.TMP
text
MD5: 8336d63abb3428a59a4db0cd7060f3cf
SHA256: 5d2545579d46e4a29c14ee55103c83c0045af234961cc233d9371a5d5e432685
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\14eb6534-d3a2-4754-9faf-d093fcef1967.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 81394db186ff677f96d5ab3aa93b8f90
SHA256: c185fba9b928ea643518734337494aeef665b39ecd184b5b01a5c39b0a36a9a2
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a9d1c.TMP
text
MD5: 81394db186ff677f96d5ab3aa93b8f90
SHA256: c185fba9b928ea643518734337494aeef665b39ecd184b5b01a5c39b0a36a9a2
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\e4dfaf44-b25c-4388-ad03-b75f1d7cc9c9.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 21513be8a38f26a55685e50ea265e242
SHA256: cbc0b9ea7d396ee177b862be1c423b127b734823dd952d075a8df6e815dc41be
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF1a6d13.TMP
text
MD5: 21513be8a38f26a55685e50ea265e242
SHA256: cbc0b9ea7d396ee177b862be1c423b127b734823dd952d075a8df6e815dc41be
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d71a5b9e-4812-4a52-a2ab-24c6bccdb4b9.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b3e6c011235c212423fd90db7fff9fff
SHA256: 6723cea982fae5e7b7d5ba2c3029e051b199f4bdf7335c4b124476800e0cf335
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a662d.TMP
text
MD5: b3e6c011235c212423fd90db7fff9fff
SHA256: 6723cea982fae5e7b7d5ba2c3029e051b199f4bdf7335c4b124476800e0cf335
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\87d662cb-9a0b-4017-82af-bf7a860acd51.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 5cb92d59e7ff122be561f589c87197a2
SHA256: 972a3a547b461893e36282b20e33f4e05baaf2d0245cfce2a2d4c0c0a251813e
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a6080.TMP
text
MD5: 5cb92d59e7ff122be561f589c87197a2
SHA256: 972a3a547b461893e36282b20e33f4e05baaf2d0245cfce2a2d4c0c0a251813e
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\b4868c8a-3f0b-4725-a2bc-5c68d937cbc9.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
compressed
MD5: 8851b18e3bda0ef19bd47c40da8fd6e1
SHA256: b199fec389b80e9af3e492059ae0dba395b92be20ffc49800e77cfdf13f4d5bd
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
image
MD5: eea5dcf9d9b0f80a53a6fadc072fdaa2
SHA256: 390edaa6ac3829b2be50a76a5371f9d794f736ef40b802fcf6715142c74f4794
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_metadata\computed_hashes.json
text
MD5: 8cc804a2cb4c8aa7553bac01d85709c0
SHA256: e26afb37a994af6d1e01a1e0c3732dc016675a609451a67721e89bb73f44463b
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a4632.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\febe84bb-7714-4aea-b544-eda3a5a72770.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a4613.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\9cbbd6e4-c4fc-4e7d-99ff-b29eec9d289c.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\es_419\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon19on.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir2876_2398\CRX_INSTALL
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon48.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon128.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\manifest.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_metadata\verified_contents.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\libs\PartnerId.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\pt_br\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\pt_pt\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\es_419\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\config\config.json
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon16.png
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon128.png
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon19on.png
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon48.png
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\icons\icon19disabled.png
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\background.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\templateParser.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\dlp.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\logger.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\settingsOverridesUtils.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\storageUtils.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\internationalSearchUtils.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\util.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\extension_detect.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\content_script.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\ul.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\chrome.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\ajax.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\index.js
––
MD5:  ––
SHA256:  ––
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\urlUtils.js
text
MD5: 37ac2c3e76a146c6bdf020c009dc60af
SHA256: 2932ba338ed0185f89605c3e8a2e86f667b71bade3980a20ab87668ef548aa4d
2820
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\js\dlpHelper.js
text
MD5: 3af8add36fef6a5feafd6247d8c9a2c5
SHA256: 1961bb8645f56b889d4f054975cfc60727c52874a63781e098f841e570e2f579
2664
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\CRX_INSTALL\manifest.json
text
MD5: d1cbaca7204f0b568101e9e67bbc1bbd
SHA256: 94cd2e0f57d3f07501a08cadbb43d7d32ea47f8d1998973e1fd142b43cdad308
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\eocnnoackodjagdbaoddhjbkpjabimed_33095.crx
crx
MD5: 6917f7f787636702b89095e410bcc16d
SHA256: d928610c932e0720b233ff1a16f326dea7f043fe5522522f6c9e0460f7e5e4fc
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a3fd9.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26843\eocnnoackodjagdbaoddhjbkpjabimed_33095.crx\:Zone.Identifier:$DATA
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
binary
MD5: 9e0d0d1fb090156b80f36ac571ff095d
SHA256: 1ab935c2121469d315e903918617c7813d3298ed69ff7fe7505a96badc2bbea2
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\be6341a7-aaff-477b-91f2-719f0147602b.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\7cb9ec06-4ee4-4ae5-8f56-7d4e062037be.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\df9b12d0-369b-4c6a-bcc1-7c56f4964380.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\eocnnoackodjagdbaoddhjbkpjabimed_33095.crx:Zone.Identifier
text
MD5: fbccf14d504b7b2dbcb5a5bda75bd93b
SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a3f4c.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\eocnnoackodjagdbaoddhjbkpjabimed_33095.crx
crx
MD5: 6917f7f787636702b89095e410bcc16d
SHA256: d928610c932e0720b233ff1a16f326dea7f043fe5522522f6c9e0460f7e5e4fc
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d86951bf-a249-41a5-892d-40beb87751cf.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 8b0b05ae380a8c16a2d5cfa547b98993
SHA256: cae70faaf38efe734e9e828e602cb12c5da259d10a73828c6305d553dd3dc548
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a3b06.TMP
text
MD5: 8b0b05ae380a8c16a2d5cfa547b98993
SHA256: cae70faaf38efe734e9e828e602cb12c5da259d10a73828c6305d553dd3dc548
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d1a71edb-9985-46a2-85f6-278d98f2aaf1.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 9bb5805f40fac8478f95efaa255ac51d
SHA256: 7df7900a19fac93616a501dae506dd5b00fd898d5c885f1dda5e40b7662b5c78
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 8807510e06d5c5c1a416f74a3b308ceb
SHA256: f916cc001aa128b0584fbdf67c950fc976116fb094fb1d4ac2d8ca4676ef8889
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF1a3559.TMP
text
MD5: 8807510e06d5c5c1a416f74a3b308ceb
SHA256: f916cc001aa128b0584fbdf67c950fc976116fb094fb1d4ac2d8ca4676ef8889
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1a3559.TMP
text
MD5: 9bb5805f40fac8478f95efaa255ac51d
SHA256: 7df7900a19fac93616a501dae506dd5b00fd898d5c885f1dda5e40b7662b5c78
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\1aa7c234-cd31-42fe-8170-58e8ee9052f1.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\3295fab0-0d1d-47fb-aae9-ba8e230241f1.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
image
MD5: c80130969dc4a3c068a4f039b24bc62b
SHA256: 70bd032b9dbba55725a7adb0111dd7d3a9dc4a42dbc3b3b5952a87ab147a84ec
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
image
MD5: 226c8ca34a47efcf17da1da6f8248aed
SHA256: fc6bdf70c44e1fd4ef953ab6052cd02ae8f95a1def7cc41f64751b309b51008b
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
image
MD5: 00e55ca81e9e7cd41f437c36532e091a
SHA256: bff7008dd0a4fc18d31cd8bdee9584c28abed84d8be8fa16078083ab11408366
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
image
MD5: b04c867a4137185f0d47a042d9eddf58
SHA256: 982bc73cef426105d5a6dcefe30b128b843c19f073e46df81910080a481729d1
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
image
MD5: 4a13b1df3446ca2436625e6c83275fd9
SHA256: b32911f00b8eb1877bb61d06007fa85501d26c8aa0fa78b4c4e910d7224194e4
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
image
MD5: c8be06ed94d77d4d20e00dfffcad7f42
SHA256: 83028b97fad2f77f69457e95bf6e629150fd0424263c1cf0ec3ca6130ee29e2f
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
image
MD5: 6319dde07c895cf5d38a43b2d015da9c
SHA256: 1b7e59c6b3edc644fe2b2517e0b728e270c57bcc24f3b30821cb7ebb046ec50a
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
image
MD5: 9e891b28dea6716ec22b97f168f39021
SHA256: 460ace6dd7356df17e2bfb4f10c3596133ccfb6a6725d1afeb0832204df07b01
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
image
MD5: 8517715d1897ac4ae14acb3b60af6519
SHA256: d61d593c7a2190e5a3b2123c1cd93d3ed1d26519f18078a00e385b997e13bdb7
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
binary
MD5: a8e82a7b005c019937780cf6dd58026e
SHA256: 7c1ad72ac072325d3829c4d809b99d70c08b6471b919ab88a9cae45c36431e13
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
binary
MD5: 8a33df3c92d25dbad87868c3dbfd0ce7
SHA256: d5b511effd93eb1b2d9dd42e761d56f5ef95ff377c7de6e3082d678a1e29e2a9
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
binary
MD5: cbd234df177fad9c59251be734db20f3
SHA256: 7b7efad5bf3e22318dd0b1f48f9976719db0485dd085e01c0e0dd1dc49c9e24a
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000005.ldb
binary
MD5: 823063d3768bc66f0e17f91303cac578
SHA256: c3a4e7ecf1dc13a937133d0e08c217bf666495bd80e6d223a4d8fbc6cc0a46ca
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: 40404c1d6b9914e44c868104ec730133
SHA256: 7ab5a9d7ffbd428bab3eea86f6cfdb36847852605cf2cb8fd4bdb1d99ee97639
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF1a15ac.TMP
text
MD5: 40404c1d6b9914e44c868104ec730133
SHA256: 7ab5a9d7ffbd428bab3eea86f6cfdb36847852605cf2cb8fd4bdb1d99ee97639
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f94fe688-133a-4d99-aeba-4d9be93c98c1.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
image
MD5: 5cdd1da936c5ab826483a70a22f7f609
SHA256: 09d2f08e8efdfee954aa6f07e3498f886d0bcc1862ffbb607ab5595cd0be1998
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
image
MD5: a4620c6bb53682378e7b45a9418593fa
SHA256: e1bd1af82c7f6f84e8ef4b37b36cec29a8b3b408766986cee88ea49e98fb1d8b
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
binary
MD5: c370b6ebd46a7abacbc45bb3779d0b22
SHA256: 85212ec246e817772f15ad5d56735f22cc2fc81a56f7f769a8b759e730c47616
2876
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
binary
MD5: 31a45561a5884c62bc0e764400880998
SHA256: 368fbf6b9603f53d61f27a94a32da4511e7a8702d97aa11021c2fe2831d46ae7
2876
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
der
MD5: 55540a230bdab55187a841cfe1aa1545
SHA256: d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 1532a01cb48fa91826636496ff1529f3
SHA256: b48a2403dada399b97a372496dcbede171f482965f1e6827822a4235a145cdc1
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1a11b4.TMP
text
MD5: 1532a01cb48fa91826636496ff1529f3
SHA256: b48a2403dada399b97a372496dcbede171f482965f1e6827822a4235a145cdc1
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\3b8368cd-6fb4-479e-a01a-d6eefc135cea.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gidaofklkglaecfmdpcobbmhibpacokc\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gidaofklkglaecfmdpcobbmhibpacokc\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gidaofklkglaecfmdpcobbmhibpacokc\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidaofklkglaecfmdpcobbmhibpacokc\13.803.13.65344_0\_metadata\computed_hashes.json
text
MD5: e5b46791f901febedc8226385d79199b
SHA256: 901bcaa2529b4cb45abd275d5fc6a7979ecab5197ae72ed71d6cfb313e3355be
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a0e69.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f54901ef-e8cc-4482-aab4-86830c4f0009.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a0e59.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\fbbf0f30-45c4-41d5-8f47-0fbdc3f58323.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old~RF1a0e3a.TMP
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidaofklkglaecfmdpcobbmhibpacokc\13.803.13.65344_0
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir2876_11281\CRX_INSTALL
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\pt_PT\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\pt_BR\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\es_419\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon48.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon128.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon19on.png
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\manifest.json
––
MD5:  ––
SHA256:  ––
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_metadata\verified_contents.json
text
MD5: d6ee8cc1be684bd7bc897e3282cc4f5a
SHA256: 3a37a83b1cbcf01320edda3c65536bfec8991f8a14ccc6e536e21d457a7641c0
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma
––
MD5:  ––
SHA256:  ––
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\fr\messages.json
text
MD5: 33012a41913a7d9b826890b61f2c3a61
SHA256: 7722ed3bbea390895b99eeefc9d978bc26f7f28fb828dfbdd392f428754e65a2
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\en\messages.json
text
MD5: ec7c85d58d8b79558a21f6f3daf363bf
SHA256: 8e2e7aa4a5f4024b44d41c0533e1708751cc85c836c37c0233418a98de7269d5
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\pt_PT\messages.json
text
MD5: e9922758ca289d9a303e20e29c3d17f6
SHA256: 16719a9ee40650d47f439228e8394d1badd89513f712694affb3815de50dbc3f
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\es\messages.json
text
MD5: 698c499302a631d01945a1665a49267b
SHA256: b144dc01b98384654da52876ffa00321e2972d573b2181d6a4e5fd3807d821e5
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\de\messages.json
text
MD5: ff82325dc77ed0823f3f15a364aeb946
SHA256: 3884d6362d47c1b2b7a6b97d8a5b5a81114e75efe1e650fcb5e1d5c1cc098192
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\es_419\messages.json
text
MD5: 698c499302a631d01945a1665a49267b
SHA256: b144dc01b98384654da52876ffa00321e2972d573b2181d6a4e5fd3807d821e5
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\it\messages.json
text
MD5: dd1626d1c115c6fffd6f9045248f35f4
SHA256: 6a3e143fb8a98a7d14d77de4814c086dc5e1775774fcaedc506f155d4a19ad15
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\ja\messages.json
text
MD5: 1fe4f1ba0feb1555bc289c39c00732a4
SHA256: 259e83bc5ff9d1af01935803ccd2524e58f708214cf169c6da0f93553b955833
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\_locales\pt_BR\messages.json
text
MD5: e9922758ca289d9a303e20e29c3d17f6
SHA256: 16719a9ee40650d47f439228e8394d1badd89513f712694affb3815de50dbc3f
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\config\config.json
text
MD5: 3520ae20213895d0cdca3cf298348037
SHA256: bb7d87ff29edf03bc54ccb7820f893ec319b2434c206a9a381c93ae93aaa4e01
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon16.png
image
MD5: f7e408123436022650b5d47882e4d4a2
SHA256: c7701112d68cb83dbe4414d62b77cc31183e7f0a6056068960908e7e0b1dc1c7
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon128.png
image
MD5: 641b68edccd3bcecb21ae2bcc5828d04
SHA256: 930ca0c0f639d92ecdeae3c81f7e870d4402d822a8380ceb371a41b639a89b32
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon19on.png
image
MD5: cb01f7aa338b1f23fe86ff6d29fef593
SHA256: 5f39da75c5736866bd8643aac6bb1620b978ae7a183bb5e1ae09eb182234f4b2
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon48.png
image
MD5: 91def1f03e6c3200d79138c1eb779336
SHA256: 52a8adb57bc2725166d1fb064a94295b37b318b4900bbca30b5451fd9e82d166
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\icons\icon19disabled.png
image
MD5: 1ba8081fb78a7d4b423c46968b7e68e9
SHA256: 3534bfa4159af36e92b05f362cf9fb716057728ed73d5b4eb549964fbe0653ab
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\product.js
text
MD5: 4f998c1a7e7e4796ca8fa6b5f0496609
SHA256: 6ed800dca78a248af178dacef2e3990ac9d9a4b0d539c6da3fe9a6c14a0fe4a8
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\background.js
text
MD5: ae6350ee21f59eb4e8241feba34fdc27
SHA256: 9ff06c9aacd6a2c1c1db24c364e2789d97d310ea47e16786c622029de46d10db
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\PartnerId.js
text
MD5: ecdfb045323e5f31f04689de4223586b
SHA256: 9a337d2d4cd46eea129fec7e965d7bd7266e13f59139116276fa3d14ec52d0f3
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\genericLoadRemoteSettings.js
text
MD5: a6e6f1cb9f9e0e9a0a821285bc5be55f
SHA256: a5beb4d320337b85465d8ef7684b08084dec17da348f980e537e4e9d71e7dab7
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\pageUtils.js
text
MD5: d954693889cc791a7d53f531449c2111
SHA256: d6f3b040b067c65e7ad5347416c4dd78d3b5cdbc4815372e2c72ad1008348ce1
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\TabManager.js
text
MD5: d9da65fc38d732958ee44e9e3ce46885
SHA256: 624bd155f6e10fc7dd0ef7869b1346fbbe2ba3fc653d5e956c2252880d0c106e
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\dlp.js
text
MD5: b3a43e726d664f4f81e43cbb0127d545
SHA256: c1a3afe6b78ddcfd77b7be777c54611f902960553c056966141970ec997bb58e
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\webTooltabAPIProxy.js
text
MD5: 3873695b5694f1798e95b41d84d7dda9
SHA256: c40c5b8191fbc0e7323454da4654a57dd7be1b703bace94a0cb76f2114f04285
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\logger.js
text
MD5: 67d0b48fb0f8d49b34a2281fd9f289a3
SHA256: 18206094abb76be48476935c0d70045472c9890e491d5e509483fe6f61b193bb
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\webtooltabAPI.js
text
MD5: 75769bdcaa6c853e0bd79f4b16df4c28
SHA256: 4743d5c021ebaacaa583c841eaa9459925befde6d214cff2e258dfde7e8a64a6
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\offerService.js
text
MD5: b895b06a5c1af0a1ccc38853e71c6a2b
SHA256: f5693e2b62a2608750534ce3c7055d47aa72f2e28a50fccd77958f588cacb444
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\urlFragmentActions.js
text
MD5: a9e8ce29d0ec805bbb828fa26839e24d
SHA256: ddd6f21fcbb7245cd5e6d6fbd23667e75fe8d6138c3330709ddfed4c08b151ba
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\storage.js
text
MD5: 26f9b5e8d7ebb120fb90e684da2b8b64
SHA256: 773dfa099987c3b276293067f3e85bc3e2ea24760d28ce50430543950c3a9e06
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\util.js
text
MD5: a2a9be48c184b2f5455bea41e27261d8
SHA256: a1b25d7da7856a7a8fb8e7295f4803e929c950c1b88358f57e8abcdc57cb04db
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\extension_detect.js
text
MD5: ac23aa66d6246b36c7362e48c8a2508a
SHA256: ab6b99cba5f4105070fa86ad4f826b2705ad149c70f7546503ff4e1df583360f
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\content_script.js
text
MD5: e68851bd145ab5a7c75f40b9edfa23dd
SHA256: 516bbde72ec52b91c5f0985bd3f92b9689c20344f6adb35cccdc945caee3670e
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\ul.js
text
MD5: 8db415cfe04b94f9fad4a32eef87ccef
SHA256: 2bbe088fa7b1e0c66bc27fbfa21c6f33293802d245c4a444fa6c8fa3d797880a
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\splashPageRedirectHandler.js
text
MD5: bed60158e51b498d51e0871159d9da29
SHA256: 2d26e6d1ee6d2669f167612cbd61338e1404fb4daf210df8a92c2c7ac38cf082
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\chrome.js
text
MD5: b2c99407822c379e64db34c166ee6896
SHA256: 6bda94f9bd0695f0cc830d20be8fa4825e8809485cd4afad839eee531bb47f41
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\ajax.js
text
MD5: 8b89b8762601212dd731408998dc5727
SHA256: ab2d13fc6dc7791bb00a03e941ccae6cb2b0f250c96e73538f887988fe43fd02
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\index.js
text
MD5: c4207f2b196dc5f5480d51bdfa3cb3d4
SHA256: 5735ccee5f20227293f8c8053ee30027ace8c9af105e1e17810d97b7f0882103
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\initOfferCEF.js
text
MD5: 993e959f06960a925f99c46351ae3d1e
SHA256: 4415a576708a6f94b16bdbce74bd2e0578081e6724a6b1207c59dd3bd1ca2e9c
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\urlUtils.js
text
MD5: be75279c0a1e94c79500d00cafcfb05a
SHA256: 12230c7b96310d5c411ed27eda8a73a551c6a6284d64f0e09f191c9eaa8636a1
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\browserUtils.js
text
MD5: f341142ac8f1d4ae36d31e0df7191f4e
SHA256: 6be3b4a56ff41d683bc8e0a20b2d96c18c1aa50813cadf4869d690fa0859ddd2
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\dlpHelper.js
text
MD5: 3af8add36fef6a5feafd6247d8c9a2c5
SHA256: 1961bb8645f56b889d4f054975cfc60727c52874a63781e098f841e570e2f579
3136
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\js\TemplateParser.js
text
MD5: a50d56f3dd3c033a19730220c4906fd3
SHA256: 96a9f61607c551d3002f88982cb29b6b0fca3bc8ce822d68a497910439e80e54
3976
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\CRX_INSTALL\manifest.json
text
MD5: 824be2e619c6698ccf4c60b7172b1de9
SHA256: 350d844f31ee261858d29faf1743202d016f8f2119482e3cb31c58bf91150cb6
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\gidaofklkglaecfmdpcobbmhibpacokc_47434.crx
crx
MD5: f86440c57831c56952c801eedc037ef0
SHA256: a96fa1538b336dcd596cbedea7e6426a0d2759408b8fc31ad814e0198146bdf7
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2876_26044\gidaofklkglaecfmdpcobbmhibpacokc_47434.crx\:Zone.Identifier:$DATA
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a09a6.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
binary
MD5: 768ef6255a0bfd01083d6bb41232b1ff
SHA256: da8ceec56c9ccf0b0ae9e78d62592736d74d781c5d38eef8602656c980b6a64f
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b1d39a44-16ed-4161-9d43-701cabc9c8c7.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\c7f7d792-93f6-4c0e-b7bd-9711f783e9ec.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\975b8292-4dec-40f6-933d-0521cb2f6f8b.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\gidaofklkglaecfmdpcobbmhibpacokc_47434.crx:Zone.Identifier
text
MD5: fbccf14d504b7b2dbcb5a5bda75bd93b
SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store
binary
MD5: c2a065d09300dfa4115251bf78ec34eb
SHA256: 73305aafabd6b9ad7956f61eee6d9225994cfd0b87769d94b8a3352f4d9ffb89
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\in_progress_download_metadata_store~RF1a07e1.TMP
binary
MD5: c2a065d09300dfa4115251bf78ec34eb
SHA256: 73305aafabd6b9ad7956f61eee6d9225994cfd0b87769d94b8a3352f4d9ffb89
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\7cf133fb-b1f0-4c49-976f-13ece52a783e.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\gidaofklkglaecfmdpcobbmhibpacokc_47434.crx
crx
MD5: f86440c57831c56952c801eedc037ef0
SHA256: a96fa1538b336dcd596cbedea7e6426a0d2759408b8fc31ad814e0198146bdf7
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
image
MD5: 8767a81ca2defe4d92211052217f6fdd
SHA256: fc6d86dbb812cdafa3bca0a6212b1a029d4b537ab3dda638b3d80fa767312ee0
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
image
MD5: 29a3f93468498c4b65059a5db6c244f3
SHA256: 85c7433c797fdf6ce7ac0d4e3d36602f58f8e105df62d2d2c25ddbf01f1c79f5
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
image
MD5: ae123e1dc4a38a9b0e9f17058b44fc4a
SHA256: 4c689cb0077b8a55b7c81edf020bf48b0e29f35755776d4cd6fe13e76598b6c8
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
image
MD5: 2b38a465ba544d3b26e362ebcfe48676
SHA256: daa38d2a2bb0166a5221ede327f9632ee7363b5a0ca9e1c712e5894e7e919ae0
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
image
MD5: 012203c73d75cd50cdce3d275ce33d22
SHA256: b35f07a70e9fa0620c2fdbbd96cee777765790631783cf0fdaa30555dc65f9fa
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
image
MD5: 60a6470a3a8c6e53f8ac549fc3951ff7
SHA256: 6f233401089522fb178dd5f404cb80ee263d2f4c928f382be7cdffa2478d8e68
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
image
MD5: edff8d6cbc8ab6b816d1a62f4eba3de1
SHA256: 75e47342aa66a7eae838ba819536b76575ac945e4102ff77e3a8d61c4b03600f
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
image
MD5: bd6ec62be4aa1ac2446153ae1efa4eb0
SHA256: 6bc95909fe334b65ad1bd95014eb0367981081891e81edd2b6464e0d7b2f8653
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
image
MD5: 26c39e1e3bad31a4e5910a9833a15686
SHA256: b46edb840051e0ef747df157e0d6c244910a638135ff44663f6f06fe519e5d87
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
image
MD5: f35ab3cfa3aa6eefb8fe045e46e6a442
SHA256: 19f1734e82e43c65e56448dbbe6d5a3216bf48d672f0d1c092617ed17a752b7e
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
image
MD5: 3d24a443de945b02f1be45b217427a58
SHA256: 3b3f0c6cc7070d31ed60d65f8e38256a5a75c7501404b4d2e3edfd79feeef35d
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
image
MD5: 0fca6ac7194fe45e0605e1a90db892e8
SHA256: 1d2bb30c29bedb3d12272f2aca57689478fe02b5e5812f654025adc722d3c045
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
image
MD5: fff4cd4afa6fcc9186c0144fcc9a4527
SHA256: bb7b3bef9a390e53e3bfd43bc514d89337e6d56786c5dccbd196c6d624c532bf
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
image
MD5: 598157d5b4e71c6f5bf894bde4ae0f96
SHA256: 12c324a3c382aa76cd514e30d07763a102904c1ab5a422478c84d812c5de7309
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
image
MD5: 85c14e096e8c0a844aff34e9a30e1f16
SHA256: 47ef35fe4bea1d7c46c92618ab9422ce6f43dc5e6176f673d79253fb0c93b433
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
image
MD5: 9123477bf4e7f94bc3614d9bdad2eb3b
SHA256: 4986eeb08ded6d1ff92191994f415d8948d16e6b4f3fc0df1e2c4af9787e4120
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
image
MD5: b10cdc40b940ce74f65fa2151953cbe8
SHA256: 23b80b1f00b9fb6976a177b53cc9661186fd194985d96db03a11cc83c461a617
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
image
MD5: ef2fc30ce89a15fea3d31e7d44c858e3
SHA256: d5957b4a9c06611d360f76eceffa9296c5a7f41b15f08b4b992a1d91e1b76876
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19f226.TMP
text
MD5: ac9a092fb52ae8952371f322e33264d9
SHA256: f3131f97a216551ccb254e41a6fc9429f94a73d17d9a67b1903cae9fb5405edb
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: ac9a092fb52ae8952371f322e33264d9
SHA256: f3131f97a216551ccb254e41a6fc9429f94a73d17d9a67b1903cae9fb5405edb
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\fb3a0e17-a7ac-49d8-b743-5112535d76dd.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
image
MD5: eeb1a3e062434c40fad0ecc5072e007e
SHA256: dc080b0e34f0579c2b66c068ec7cc20715b66fb1dbba78686999bfb52d35c6b8
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
woff2
MD5: e4f6fea4312b740016ac2d2cb8dde51d
SHA256: ac61df79556a2cfc8cb1c01502394a8ff3fff7f2296aeb1f01087dcd221a09c6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
woff2
MD5: d8dbdbdd786ce13e9ccd12c64a20b470
SHA256: 16c9d94144be8f2f08032c9c10cc91ef4f6c436501ac9c211f96329069f6ec94
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
woff2
MD5: 23c11be15c6c119449e9bb4e9096c9dc
SHA256: 4ff6dbfb865d4ed19a9fafe2cddc21919974e8329f4503fe47cbe1fb66b97bd0
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
compressed
MD5: 01d5892e6e243b52998310c2925b9f3a
SHA256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000001
text
MD5: 8ab321798a7c09a26af97334537ce579
SHA256: 13df9ce73a006e0edf37a22eec4ebcb520b740665fdfcbdbe872f873dc51c653
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
compressed
MD5: f3f1bd0981b0152846067160edb8ba0c
SHA256: 7678f2ea615aef9097f1aaaff55446fb472865a88b80e7385b5d1c2035626660
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_3
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_2
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_1
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\data_0
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\index
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
compressed
MD5: a071e9e09825e0c94ed2b398a09f8ab6
SHA256: ef257d1222ac8d3dd3b7a0b08c23aaddc326ef869ef9372ab36cddce8e0ace62
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
compressed
MD5: 8998c9ecfd2c98688d7d4918eba44021
SHA256: 0c9f1c0884672231536a11747e23b284131e6597a8e0e9eaa52caa5a3dfd98d1
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: d932a31a0fb91833edb0325c6b434b34
SHA256: 8049465356163740d6e4c0bb56b9dcaa90149631646fa6bb56d01de223bd1f8e
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: aa25cfc7661b3720a37d69fe258964d2
SHA256: ef315f800b05d0c50ddc8f2784b0819faa4b25390f249f6ae5d1d5b823fa2d85
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF19b3a6.TMP
text
MD5: aa25cfc7661b3720a37d69fe258964d2
SHA256: ef315f800b05d0c50ddc8f2784b0819faa4b25390f249f6ae5d1d5b823fa2d85
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\10d4c051-6995-4dfb-af84-d0b32060b535.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF19b30a.TMP
text
MD5: ea1a35b027c097ddbd97d13702860bff
SHA256: 6cc89cff51f963d65e0f04e01c6a0f9bc45dcf4c30909fb668a7d600b1180953
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: ea1a35b027c097ddbd97d13702860bff
SHA256: 6cc89cff51f963d65e0f04e01c6a0f9bc45dcf4c30909fb668a7d600b1180953
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\0ef896b4-1dba-4b6e-980d-12c786cf0036.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 36e5badb10ca9cf82f1025f55785378f
SHA256: 7ad45e05480c3db6b9a8afe79c02262042b15b5889f2d1309776253cc44158b3
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF19b26e.TMP
text
MD5: 36e5badb10ca9cf82f1025f55785378f
SHA256: 7ad45e05480c3db6b9a8afe79c02262042b15b5889f2d1309776253cc44158b3
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\6e42ccd3-89b9-4974-b2f8-7bed05ac3f0f.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
compressed
MD5: fa0b8d4111911e2de67fef241255286a
SHA256: 09e096ac4fbdd06e448cc328a730cf373b7eef5b8829e0df940a2af2f60aaa8c
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
compressed
MD5: 5a4f553006a50e2180e994a25c230b04
SHA256: 3377acfa4d91e40e41daa307a06b9a56985610cd4e0cf5c6190aa1881f8e2c11
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old~RF1995be.TMP
text
MD5: 7282c871a31b4aae7e61cdbb39a13331
SHA256: af615c556e2a22e87135a967c01e869216f65268a88bd218fd6ab70467bdf733
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 02536c23edc1e418a6fea313d20b2a39
SHA256: 8e8de8689482b477d0beebe0a4ac24b9cabcbfa84848f66b4c0f55cd96dc0fe9
2876
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: f834c261848099b90b268b2d4a7df50e
SHA256: 8abb235a9b729b61082a73472c7fa1ffa532db3f174ac6a22bbea4093c9c3e6b
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar95B3.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab95B2.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: a902cf373e02f7dc34f456ed7449279c
SHA256: ea0c12aedea644678014991a96534145e85aa12cd8955396dfdc98a4fc96f0d5
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
compressed
MD5: 668b01f2e1dabeb9cf29b87b7860d6fe
SHA256: edd489b879c268871e48d44e3509aeeec6d842557488aae058fcd075fb913b56
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old~RF199531.TMP
text
MD5: 80b8c44b60f8bd20d1cf8277ec794bb1
SHA256: 6371157cf7270dd227625ddf799da6c38c60b3e2110fe540b8bc9df48aef09a6
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar9498.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab9497.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar9477.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab9476.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
image
MD5: 6d858752338360fb4f97ce0f555bcd2d
SHA256: 86063301c647905d96c7b1d8ffe1f6d080635348acd6b7114c1bb34f84777957
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
image
MD5: 7758ce1c24808d4207bff1e1e0f83bca
SHA256: 4e1d406771224181681e3f7034ceff07add2d2567d663a2a2e22841e3e65943f
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF199188.TMP
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: ea6d75c35eb812fdc5762d84963de026
SHA256: a4e911f2978a45872ede6742468623884a33bca6e015dfb35dd4d55034d9ab74
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF19911a.TMP
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 84042895723ac99f9599edfc7500051c
SHA256: ac49bbf4b490c77bddf11de45ef4965c72b16b00cb2519fdb627363f760c6219
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model
binary
MD5: 4c29efb52a39a268a8d037a7e7ed1052
SHA256: 8033fa82c2f8fc43693cce1b4312099b858a5d0720415f30af2fd21583f611ac
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Translate Ranker Model~RF199001.TMP
binary
MD5: 4c29efb52a39a268a8d037a7e7ed1052
SHA256: 8033fa82c2f8fc43693cce1b4312099b858a5d0720415f30af2fd21583f611ac
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e25be6ea-76d3-41b2-bdc2-456902fdc345.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Thumbnails\LOG.old~RF198d32.TMP
text
MD5: f727dd25cda7b2cc574098cee1f5764a
SHA256: 5f7bd6926940e400ee7faa6d620192ca299f7b5aaa92d672f8173a767b3fbbff
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF198ce4.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\CURRENT~RF198cd5.TMP
text
MD5: edd71dd3bade6cd69ff623e1ccf7012d
SHA256: befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000016.dbtmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\000016.dbtmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old~RF198c87.TMP
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: 1aa66efdb743fb0a8dcc1cd79b0b6542
SHA256: 28d56532cced7375a2a1c7731e57c1a1c2ec1ac9827f3e5beee7f8069a5f87dd
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF198c77.TMP
text
MD5: 197882774a7ecec9046bc48f63189b66
SHA256: 27377b0d5f989997c2c3f74acf163eed44b60631ddaa768f6655d7be555742b2
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\74802bb0-60c3-48cc-b75f-0942b928756a.tmp
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 92be6b127e72365885ad4c3fb6534ee2
SHA256: 54302a2573acc775720e7db0ad85873276713302b4f72596a8dcc44b01c70e51
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF198c38.TMP
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Download Service\EntryDB\LOG.old~RF198c29.TMP
text
MD5: fb715b5530f84e30bea7a95fabae22b6
SHA256: 755001ae5381a2614a081e196fefd7d926d5304a35718807f33a975aa521686a
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
––
MD5:  ––
SHA256:  ––
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: c10ebd4db49249efc8d112b2920d5f73
SHA256: 90a1b994cafe902f22a88a22c0b6cc9cb5b974bf20f8964406dd7d6c9b8867d1
2876
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
3616
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
57
TCP/UDP connections
119
DNS requests
68
Threats
0

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
2876 chrome.exe GET 200 74.113.235.138:80 http://free.packagetracer.com/index.jhtml?partner=^AFW^xdm096&pkw=default&adfi=&adti=kwd-0&adm=&adn=d&add=c&adc=323757318174&adt=&ada=&adap=none&adp=www.sejda.com&gclid=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE IE
html
malicious
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.staticimgfarm.com/images/webtooltab/ttdetect-2/prd/ttDetectUtil.js unknown
text
whitelisted
2876 chrome.exe GET 200 2.18.232.251:80 http://akz.imgfarm.com/images/anx/anemone-1.2.7.js unknown
text
whitelisted
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.staticimgfarm.com/images/download/assist_21.gif unknown
image
whitelisted
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206296306&anxrd=none&anxrp=-&anxrk=-&anxrm=-&anxrb=-&anxrc=-&anxrs=-&anxsq=1&anxi=29D802AA-DFC7-4D2C-96AB-9E79F7558D61&anxe=backFill&anxr=752657607 IE
compressed
malicious
2876 chrome.exe GET 200 74.113.235.138:80 http://packagetracer.dl.myway.com/localStorage.jhtml IE
html
malicious
2876 chrome.exe GET 200 74.113.235.138:80 http://packagetracer.dl.tb.ask.com/localStorage.jhtml IE
html
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206296322&anxsq=3&present=false&anxe=ToolbarDetect&anxr=587197709 IE
––
––
malicious
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.imgfarm.com/images/download/chrome/overlay_bl_2.png unknown
image
whitelisted
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.imgfarm.com/images/download/symantec/nortonseal.gif unknown
image
whitelisted
2876 chrome.exe POST 200 74.113.235.138:80 http://packagetracer.dl.myway.com/mirrorCookies.jhtml IE
text
html
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206296347&anxsq=4&page=SplashPage&action=userconnection&downLink=1.55&effectiveType=4g&anxe=DLPInfo&anxr=302230856 IE
––
––
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206296526&anxsq=5&cookiesEnabled=1&pageLoad=653&anxe=SplashLanding&anxr=908761820 IE
compressed
malicious
2876 chrome.exe GET 200 74.113.235.138:80 http://free.packagetracer.com/splashPixels.jhtml?partner=%5eAFW%5exdm096&pkw=default&adfi=&adti=kwd-0&adm=&adn=d&add=c&adc=323757318174&adt=&ada=&adap=none&adp=www.sejda.com&gclid=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE IE
html
malicious
2876 chrome.exe GET 200 54.194.184.41:80 http://insight.adsrvr.org/track/conv/?adv=euc0u58&ct=0:d5p9cky&fmt=3 IE
image
whitelisted
2876 chrome.exe GET 200 172.217.22.98:80 http://www.googleadservices.com/pagead/conversion.js US
text
whitelisted
2876 chrome.exe GET 200 67.27.150.126:80 http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab US
compressed
whitelisted
2876 chrome.exe GET 200 74.113.235.138:80 http://free.packagetracer.com/favicon.ico IE
image
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206297670&anxsq=6&label=download_main_btn1&type=INPUT&anxe=UIControl&anxr=249811768 IE
––
––
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206318818&anxsq=7&anxe=SplashLandingClicked&anxr=1655569452 IE
––
––
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206318822&anxsq=8&action=pfraud&iframed=false&tabvisible=true&page=visible&pageLoad=false&distance=7707&duration=22942&anxe=DLPInfo&anxr=1720632391 IE
––
––
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206318823&anxsq=9&page=wtt_pre_cache&action=page_start&pageLoad=0&anxe=DLPInfo&anxr=1755268398 IE
––
––
malicious
2876 chrome.exe POST 200 74.113.235.138:80 http://packagetracer.dl.myway.com/mirrorCookies.jhtml IE
text
html
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Findex.jhtml&anxl=en-US&anxlv=1547206318827&anxsq=10&page=wtt_pre_cache&action=page_loaded&pageLoad=1010&anxe=DLPInfo&anxr=1920099331 IE
––
––
malicious
2876 chrome.exe GET 200 74.113.235.138:80 http://packagetracer.dl.myway.com/blank.jhtml IE
html
malicious
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.imgfarm.com/images/nocache/native/extension-config.json unknown
text
whitelisted
2876 chrome.exe GET 200 74.113.235.138:80 http://free.packagetracer.com/install_pixels.jhtml?partner=^AFW^xdm096^S29917^ch&sub_id=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&coId=17e434e37ca9423a8edad40630cf7ab7&tbGuid=92A7F184-F211-47AB-904C-56C5F3415651 IE
html
malicious
2876 chrome.exe GET 204 74.113.233.187:80 http://anx.tb.ask.com/anx.gif?anxa=CAPNative&anxv=13.803.13.65344&anxe=Info&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=13.803.13.65344&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T21%3A04%3A05.507Z&f=00400000&anxr=1547206329444&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&message=on-before&topic=extension-settings&data1=http%3A%2F%2Fak.imgfarm.com%2Fimages%2Fnocache%2Fnative%2Fextension-config.json&data2 US
––
––
unknown
2876 chrome.exe GET 204 74.113.233.156:80 http://live.tb.ask.com/tr.gif?anxa=CAPNative&anxv=13.803.13.65344&anxe=ToolbarActive&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=13.803.13.65344&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T21%3A04%3A05.507Z&f=00400000&anxr=1547206329449&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&cwsid=gidaofklkglaecfmdpcobbmhibpacokc US
––
––
whitelisted
2876 chrome.exe GET 204 74.113.233.187:80 http://anx.tb.ask.com/anx.gif?anxa=CAPNative&anxv=13.803.13.65344&anxe=Info&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=13.803.13.65344&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T21%3A04%3A05.507Z&f=00400000&anxr=1547206329505&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&message=on-after&topic=extension-settings&data1=http%3A%2F%2Fak.imgfarm.com%2Fimages%2Fnocache%2Fnative%2Fextension-config.json&data2=61 US
––
––
unknown
2876 chrome.exe GET 204 74.113.233.187:80 http://anx.tb.ask.com/anx.gif?anxa=CAPNative&anxv=13.803.13.65344&anxe=Info&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=13.803.13.65344&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T21%3A04%3A05.507Z&f=00400000&anxr=1547206329508&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&message=on-before&topic=offer-service&data1=https%3A%2F%2Ft0pqgf347a.execute-api.us-east-1.amazonaws.com%2Fprod%2Fapi%2Fv1%2Fusers%2F%7B%7BtoolbarID%7D%7D&data2 US
––
––
unknown
2876 chrome.exe GET 200 74.113.235.138:80 http://ext.ask.com/index.jhtml?productName=PackageTracer&installDate=2019011111&partnerId=^AFW^xdm096^S29917^ch&si=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&tbGuid=92A7F184-F211-47AB-904C-56C5F3415651&coId=17e434e37ca9423a8edad40630cf7ab7 IE
html
malicious
2876 chrome.exe GET 200 52.222.146.102:80 http://x.ss2.us/x.cer US
der
whitelisted
2876 chrome.exe GET 302 172.217.22.98:80 http://www.googleadservices.com/pagead/conversion/966289571/?value=1.00&currency_code=USD&label=zHRnCMX72mgQo9HhzAM&guid=ON&script=0 US
image
whitelisted
2876 chrome.exe GET 204 74.113.235.138:80 http://free.packagetracer.com/anemone.jhtml?anxuu=B2916FB8-259F-4887-B966-B3959F3BD3BD&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe15.dub.jabodo.com&anxu=http%3A%2F%2Ffree.packagetracer.com%2Finstall_pixels.jhtml&anxl=en-US&anxlv=1547206330140&anxrd=none&anxrp=-&anxrk=-&anxrm=-&anxrb=-&anxrc=-&anxrs=-&anxsq=2&tbUID=92A7F184-F211-47AB-904C-56C5F3415651&tbVer=13.803.14.28167&anxe=PixelFrameTB&anxr=1870280196 IE
compressed
malicious
2876 chrome.exe GET 302 54.228.198.247:80 http://d.adroll.com/ipixel/TULD5Y4XKZAZZBEX27KXSB/UZJL2AZYPVCCRCLFFLXPW4?name=conversion IE
text
unknown
2876 chrome.exe GET 302 54.228.198.247:80 http://d.adroll.com/cm/g/out?advertisable=TULD5Y4XKZAZZBEX27KXSB IE
text
unknown
2876 chrome.exe GET 304 2.18.232.251:80 http://ak.staticimgfarm.com/images/webtooltab/ttdetect-2/prd/ttDetectUtil.js unknown
image
whitelisted
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset2_4/1511982920746.png unknown
image
whitelisted
2876 chrome.exe GET 200 2.18.232.251:80 http://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/background7/1511982693301.png unknown
image
whitelisted
2876 chrome.exe GET 200 2.18.233.97:80 http://c1.rfihub.net/js/tc.min.js unknown
text
whitelisted
2876 chrome.exe GET 302 172.217.16.130:80 http://googleads.g.doubleclick.net/pagead/viewthroughconversion/966289571/?value=1.00&currency_code=USD&label=zHRnCMX72mgQo9HhzAM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=un44XMmrJZiugAeN0IL4Cw&random=2063237738&crd=CILQGwjJ0xs&gtd= US
image
whitelisted
2876 chrome.exe GET 204 74.113.235.138:80 http://ext.ask.com/anemone.jhtml?anxuu=747E62D1-AFC1-4C31-B7DA-CED70C1CB3E8&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe85.dub.jabodo.com&anxu=http%3A%2F%2Fext.ask.com%2Findex.jhtml&anxl=en-US&anxlv=1547206330344&anxrd=none&anxrp=-&anxrk=-&anxrm=-&anxrb=-&anxrc=-&anxrs=-&anxsq=1&anxi=394728B3-4522-48D8-B7FC-9565D4DC4F30&anxe=backFill&anxr=1082430031 IE
compressed
malicious
2876 chrome.exe GET 302 216.58.207.68:80 http://www.google.com/pagead/1p-conversion/966289571/?value=1.00&currency_code=USD&label=zHRnCMX72mgQo9HhzAM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2063237738&crd=CILQGwjJ0xs&gtd=&cdct=2&is_vtc=1&ocp_id=un44XMmrJZiugAeN0IL4Cw&random=3785077233 US
image
whitelisted
2876 chrome.exe GET 200 74.113.235.138:80 http://ext.dl.tb.ask.com/localStorage.jhtml IE
html
malicious
2876 chrome.exe GET 200 74.113.235.138:80 http://ext.dl.tb.ask.com/localStorage.jhtml IE
html
malicious
2876 chrome.exe POST 200 74.113.235.138:80 http://ext.dl.tb.ask.com/mirrorCookies.jhtml IE
text
html
malicious
2876 chrome.exe GET 204 74.113.235.138:80 http://ext.ask.com/anemone.jhtml?anxuu=747E62D1-AFC1-4C31-B7DA-CED70C1CB3E8&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe85.dub.jabodo.com&anxu=http%3A%2F%2Fext.ask.com%2Findex.jhtml&anxl=en-US&anxlv=1547206330358&anxsq=3&cookiesEnabled=1&pageLoad=435&anxe=3rdPartyOfferShow&anxr=368355646 IE
compressed
malicious
2876 chrome.exe GET 200 193.0.160.129:80 http://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl NL
text
whitelisted
2876 chrome.exe GET 200 74.113.235.138:80 http://ext.ask.com/favicon.ico IE
image
malicious
2876 chrome.exe GET 204 74.113.233.187:80 http://anx.tb.ask.com/anx.gif?anxa=CAPNative&anxv=13.803.13.65344&anxe=Info&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=13.803.13.65344&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T21%3A04%3A05.507Z&f=00400000&anxr=1547206330592&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&message=on-after&topic=offer-service&data1=https%3A%2F%2Ft0pqgf347a.execute-api.us-east-1.amazonaws.com%2Fprod%2Fapi%2Fv1%2Fusers%2F92A7F184-F211-47AB-904C-56C5F3415651&data2=1083 US
––
––
unknown
2876 chrome.exe GET 200 185.31.128.128:80 http://20787048p.rfihub.com/ca.html?rfiidc=640144482304047780&rfiaid=bb399191d9cc4ac0881e979598a731b2&ver=9&rb=32555&ca=20787048&_o=32555&_t=20787048&pe=http%3A%2F%2Ffree.packagetracer.com%2Finstall_pixels.jhtml%3Fpartner%3D%5EAFW%5Exdm096%5ES29917%5Ech%26sub_id%3DEAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE%26coId%3D17e434e37ca9423a8edad40630cf7ab7%26tbGuid%3D92A7F184-F211-47AB-904C-56C5F3415651&pf=&ra=7143510219320173 US
html
whitelisted
–– –– GET 200 172.217.16.131:80 http://www.google.ch/pagead/1p-conversion/966289571/?value=1.00&currency_code=USD&label=zHRnCMX72mgQo9HhzAM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2063237738&crd=CILQGwjJ0xs&gtd=&cdct=2&is_vtc=1&ocp_id=un44XMmrJZiugAeN0IL4Cw&random=3785077233&ipr=y US
image
whitelisted
2876 chrome.exe GET 204 74.113.235.138:80 http://ext.ask.com/anemone.jhtml?anxuu=747E62D1-AFC1-4C31-B7DA-CED70C1CB3E8&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe85.dub.jabodo.com&anxu=http%3A%2F%2Fext.ask.com%2Findex.jhtml&anxl=en-US&anxlv=1547206330576&anxsq=4&anxe=3rdPartyOfferClicked&anxr=1448181469 IE
compressed
malicious
2876 chrome.exe POST 200 74.113.235.138:80 http://ext.dl.tb.ask.com/mirrorCookies.jhtml IE
text
html
malicious
2876 chrome.exe GET 204 74.113.233.156:80 http://live.tb.ask.com/tr.gif?anxa=CAPNative&anxv=50.139.13.64978&anxe=SearchExtActive&anxt=92A7F184-F211-47AB-904C-56C5F3415651&anxtv=50.139.13.64978&anxp=%5EAFW%5Exdm096%5ES29917%5Ech&anxsi=EAIaIQobChMIjcnGqsrl3wIVzoVoCh0Lqg5QEAEYASAAEgLqr_D_BwE&anxd=2018-08-29T19%3A39%3A33.486Z&f=00400000&anxr=1547206343868&coid=17e434e37ca9423a8edad40630cf7ab7&userSegment&cwsid=eocnnoackodjagdbaoddhjbkpjabimed US
––
––
whitelisted
2876 chrome.exe GET 204 74.113.235.138:80 http://ext.ask.com/anemone.jhtml?anxuu=747E62D1-AFC1-4C31-B7DA-CED70C1CB3E8&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe85.dub.jabodo.com&anxu=http%3A%2F%2Fext.ask.com%2Findex.jhtml&anxl=en-US&anxlv=1547206335123&anxsq=5&errorCode=User%20cancelled%20install&errorType=chromeStoreWindow&anxe=Error&anxr=1218619646 IE
––
––
malicious

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
2876 chrome.exe 172.217.18.3:443 Google Inc. US whitelisted
2876 chrome.exe 74.113.235.138:80 Mindspark Interactive Network, Inc. IE malicious
2876 chrome.exe 172.217.18.99:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.18.13:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.22.42:443 Google Inc. US whitelisted
2876 chrome.exe 2.18.232.251:80 Akamai International B.V. –– whitelisted
2876 chrome.exe 216.58.207.67:443 Google Inc. US whitelisted
2876 chrome.exe 2.18.232.251:443 Akamai International B.V. –– whitelisted
2876 chrome.exe 74.113.233.187:443 Mindspark Interactive Network, Inc. US unknown
2876 chrome.exe 172.217.22.98:80 Google Inc. US whitelisted
2876 chrome.exe 54.194.184.41:80 Amazon.com, Inc. IE unknown
2876 chrome.exe 69.172.216.55:443 Integral Ad Science, Inc. US unknown
2876 chrome.exe 31.13.90.6:443 Facebook, Inc. IE whitelisted
2876 chrome.exe 172.217.16.130:443 Google Inc. US unknown
2876 chrome.exe 216.58.207.68:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.16.131:443 Google Inc. US whitelisted
2876 chrome.exe 67.27.150.126:80 Level 3 Communications, Inc. US unknown
2876 chrome.exe 157.240.1.35:443 Facebook, Inc. US whitelisted
2876 chrome.exe 69.172.216.58:443 Integral Ad Science, Inc. US unknown
2876 chrome.exe 104.244.39.20:443 Integral Ad Science, Inc. US unknown
2876 chrome.exe 172.217.21.195:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.22.78:443 Google Inc. US whitelisted
2876 chrome.exe 216.58.205.232:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.18.106:443 Google Inc. US whitelisted
2876 chrome.exe 173.194.76.155:443 Google Inc. US whitelisted
2876 chrome.exe 216.58.207.65:443 Google Inc. US whitelisted
2876 chrome.exe 216.58.205.238:443 Google Inc. US whitelisted
2876 chrome.exe 64.233.184.94:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.22.74:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.18.14:443 Google Inc. US whitelisted
2876 chrome.exe 172.217.22.46:443 Google Inc. US whitelisted
2876 chrome.exe 74.113.233.187:80 Mindspark Interactive Network, Inc. US unknown
2876 chrome.exe 74.113.233.156:80 Mindspark Interactive Network, Inc. US unknown
2876 chrome.exe 52.222.150.67:443 Amazon.com, Inc. US unknown
2876 chrome.exe 52.222.146.102:80 Amazon.com, Inc. US unknown
2876 chrome.exe 54.228.198.247:80 Amazon.com, Inc. IE unknown
2876 chrome.exe 2.18.233.97:80 Akamai International B.V. –– whitelisted
2876 chrome.exe 172.217.16.130:80 Google Inc. US unknown
2876 chrome.exe 172.217.22.34:443 Google Inc. US whitelisted
2876 chrome.exe 193.0.160.129:80 Rocket Fuel Inc. NL unknown
2876 chrome.exe 54.228.198.247:443 Amazon.com, Inc. IE unknown
2876 chrome.exe 216.58.207.68:80 Google Inc. US whitelisted
2876 chrome.exe 172.217.16.131:80 Google Inc. US whitelisted
2876 chrome.exe 185.31.128.128:80 Rocket Fuel Inc. US suspicious
–– –– 172.217.16.131:80 Google Inc. US whitelisted
2876 chrome.exe 172.217.22.34:80 Google Inc. US whitelisted
2876 chrome.exe 213.19.162.80:80 The Rubicon Project, Inc. GB unknown
2876 chrome.exe 185.64.189.110:80 PubMatic, Inc. GB unknown
2876 chrome.exe 185.33.223.83:80 AppNexus, Inc –– unknown
2876 chrome.exe 54.77.130.155:80 Amazon.com, Inc. IE unknown
2876 chrome.exe 23.60.196.160:80 Akamai Technologies, Inc. NL whitelisted
2876 chrome.exe 217.12.15.83:80 Yahoo! UK Services Limited GB shared
2876 chrome.exe 52.58.79.83:80 Amazon.com, Inc. DE unknown
2876 chrome.exe 199.38.167.209:80 Rocket Fuel Inc. US unknown
2876 chrome.exe 2.18.234.21:80 Akamai International B.V. –– whitelisted
2876 chrome.exe 74.113.237.38:443 Mindspark Interactive Network, Inc. US unknown
2876 chrome.exe 104.111.247.233:443 Akamai International B.V. NL whitelisted

DNS requests

Domain IP Reputation
www.gstatic.com 172.217.18.3
whitelisted
free.packagetracer.com 74.113.235.138
malicious
clientservices.googleapis.com 172.217.18.99
whitelisted
accounts.google.com 172.217.18.13
whitelisted
fonts.googleapis.com 172.217.22.42
whitelisted
ak.staticimgfarm.com 2.18.232.251
whitelisted
akz.imgfarm.com 2.18.232.251
whitelisted
fonts.gstatic.com 216.58.207.67
whitelisted
ak.imgfarm.com 2.18.232.251
whitelisted
packagetracer.dl.tb.ask.com 74.113.235.138
malicious
packagetracer.dl.myway.com 74.113.235.138
malicious
eula.mindspark.com 74.113.233.64
unknown
support.myway.com 104.16.52.111
104.16.54.111
104.16.53.111
104.16.51.111
104.16.55.111
unknown
trustsealinfo.verisign.com 69.58.181.84
unknown
www.googleadservices.com 172.217.22.98
whitelisted
anx.mywebsearch.com 74.113.233.187
unknown
insight.adsrvr.org 54.194.184.41
54.246.153.43
54.72.147.141
whitelisted
pixel.adsafeprotected.com 69.172.216.55
whitelisted
connect.facebook.net 31.13.90.6
whitelisted
googleads.g.doubleclick.net 172.217.16.130
whitelisted
www.download.windowsupdate.com 67.27.150.126
67.27.151.126
67.27.234.254
67.27.235.126
67.27.159.126
whitelisted
www.google.ch 172.217.16.131
whitelisted
www.google.com 216.58.207.68
whitelisted
www.facebook.com 157.240.1.35
whitelisted
static.adsafeprotected.com 69.172.216.58
whitelisted
dt.adsafeprotected.com 104.244.39.20
whitelisted
ssl.gstatic.com 172.217.21.195
whitelisted
hp.myway.com 2.18.232.251
whitelisted
chrome.google.com 172.217.22.78
whitelisted
anx.tb.ask.com 74.113.233.187
unknown
int.search.myway.com 2.18.232.251
malicious
lss.sse-iacapps.com 199.36.102.124
unknown
search.myway.com 2.18.232.251
malicious
ssl.google-analytics.com 216.58.205.232
whitelisted
safebrowsing.googleapis.com 172.217.18.106
whitelisted
stats.g.doubleclick.net 173.194.76.155
173.194.76.157
173.194.76.156
173.194.76.154
whitelisted
lh3.googleusercontent.com 216.58.207.65
whitelisted
plus.google.com 216.58.205.238
whitelisted
csi.gstatic.com 64.233.184.94
64.233.184.120
74.125.126.94
74.125.126.120
108.177.12.94
108.177.12.120
74.125.23.94
74.125.23.120
74.125.28.94
74.125.28.120
74.125.200.94
74.125.200.120
64.233.161.94
64.233.161.120
74.125.128.94
74.125.128.120
whitelisted
www.googleapis.com 172.217.22.74
172.217.22.106
172.217.16.202
172.217.18.106
172.217.23.170
172.217.21.202
172.217.22.10
216.58.205.234
172.217.18.10
172.217.18.170
172.217.23.138
216.58.206.10
216.58.207.42
216.58.207.74
172.217.16.138
172.217.22.42
whitelisted
clients2.google.com 172.217.18.14
whitelisted
clients2.googleusercontent.com 216.58.207.65
whitelisted
sb-ssl.google.com 172.217.22.46
whitelisted
live.tb.ask.com 74.113.233.156
whitelisted
ext.ask.com 74.113.235.138
malicious
t0pqgf347a.execute-api.us-east-1.amazonaws.com 52.222.150.67
52.222.150.239
52.222.150.133
52.222.150.37
whitelisted
x.ss2.us 52.222.146.102
52.222.146.253
52.222.146.61
52.222.146.188
whitelisted
d.adroll.com 54.228.198.247
54.246.117.46
54.228.212.94
54.228.241.138
54.246.107.171
54.228.234.5
54.246.110.173
54.228.255.22
unknown
c1.rfihub.net 2.18.233.97
unknown
cm.g.doubleclick.net 172.217.22.34
whitelisted
a.rfihub.com 193.0.160.129
whitelisted
ext.dl.tb.ask.com 74.113.235.138
malicious
apnstatic.ask.com 104.111.232.252
suspicious
www.ask.com 151.101.2.114
151.101.66.114
151.101.130.114
151.101.194.114
whitelisted
apn.ask.com 199.36.100.104
unknown
20787048p.rfihub.com 185.31.128.128
whitelisted
ib.adnxs.com 185.33.223.83
185.33.223.204
185.33.223.206
185.33.223.202
185.33.223.80
185.33.223.100
185.33.223.215
185.33.223.197