File name:

data.txt

Full analysis: https://app.any.run/tasks/a28e10ea-a304-411e-a588-1de4b3f0f337
Verdict: Malicious activity
Analysis date: January 24, 2022, 18:27:38
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: text/plain
File info: ASCII text, with CRLF line terminators
MD5:

740658D8C3F66CC1755AD0B987D06FEE

SHA1:

73FC2F4A179DCEA90433EF4B2B8CF1A44FD793F8

SHA256:

FA8213FA3E7B1975500F79EADCB7F3E08555E6A0AAB82B906FE037A569829F3F

SSDEEP:

3:RWSv:t

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Modifies files in Chrome extension folder

      • chrome.exe (PID: 1236)

    • Checks supported languages

      • cmd.exe (PID: 1500)
      • cmd.exe (PID: 4084)
      • cmd.exe (PID: 1004)
      • cmd.exe (PID: 2392)
      • cmd.exe (PID: 3992)
      • cmd.exe (PID: 4016)
      • cmd.exe (PID: 3908)
      • cmd.exe (PID: 2212)
      • cmd.exe (PID: 2452)
      • cmd.exe (PID: 3824)
      • cmd.exe (PID: 2700)
      • cmd.exe (PID: 3884)
      • cmd.exe (PID: 1128)
      • cmd.exe (PID: 2068)
      • cmd.exe (PID: 1068)
      • cmd.exe (PID: 3276)
      • cmd.exe (PID: 3500)
      • cmd.exe (PID: 2920)
      • cmd.exe (PID: 1648)
      • cmd.exe (PID: 3708)
      • cmd.exe (PID: 2140)
      • cmd.exe (PID: 2192)
      • cmd.exe (PID: 1488)
      • cmd.exe (PID: 1508)
      • cmd.exe (PID: 3440)
      • cmd.exe (PID: 3996)
      • cmd.exe (PID: 3324)
      • cmd.exe (PID: 3712)
      • cmd.exe (PID: 2908)
      • cmd.exe (PID: 4064)
      • cmd.exe (PID: 3744)
      • cmd.exe (PID: 2148)
      • cmd.exe (PID: 3800)
      • cmd.exe (PID: 3596)
      • cmd.exe (PID: 3644)
      • cmd.exe (PID: 3132)
      • cmd.exe (PID: 3404)
      • cmd.exe (PID: 2832)
      • cmd.exe (PID: 3912)
      • cmd.exe (PID: 3832)
      • cmd.exe (PID: 3680)
      • cmd.exe (PID: 2884)
      • cmd.exe (PID: 3452)
      • cmd.exe (PID: 3896)
      • cmd.exe (PID: 4060)
      • cmd.exe (PID: 3784)
      • cmd.exe (PID: 2000)
      • cmd.exe (PID: 344)
      • cmd.exe (PID: 1160)
      • cmd.exe (PID: 3476)
      • cmd.exe (PID: 3640)
      • cmd.exe (PID: 3184)
      • cmd.exe (PID: 1984)
      • cmd.exe (PID: 1096)
      • cmd.exe (PID: 1388)
      • cmd.exe (PID: 1412)
      • cmd.exe (PID: 2332)
      • cmd.exe (PID: 4080)
      • cmd.exe (PID: 1000)
      • cmd.exe (PID: 3472)
      • cmd.exe (PID: 356)
      • cmd.exe (PID: 3552)
      • cmd.exe (PID: 3968)
      • cmd.exe (PID: 1564)
      • cmd.exe (PID: 3520)
      • cmd.exe (PID: 3252)
      • cmd.exe (PID: 3352)
      • cmd.exe (PID: 3588)
      • cmd.exe (PID: 3752)
      • cmd.exe (PID: 2568)
      • cmd.exe (PID: 676)
      • cmd.exe (PID: 4008)
      • cmd.exe (PID: 3052)
      • cmd.exe (PID: 2276)
      • cmd.exe (PID: 832)
      • cmd.exe (PID: 2916)
      • cmd.exe (PID: 3616)
      • cmd.exe (PID: 1284)
      • cmd.exe (PID: 1272)
      • cmd.exe (PID: 2736)
      • cmd.exe (PID: 3148)
      • cmd.exe (PID: 2860)
      • cmd.exe (PID: 1164)
      • cmd.exe (PID: 2984)
      • cmd.exe (PID: 2640)
      • cmd.exe (PID: 4056)
      • cmd.exe (PID: 2200)
      • cmd.exe (PID: 1044)
      • cmd.exe (PID: 472)
      • cmd.exe (PID: 576)
      • cmd.exe (PID: 2176)
      • cmd.exe (PID: 2280)
      • cmd.exe (PID: 272)
      • cmd.exe (PID: 2656)
      • cmd.exe (PID: 2688)
      • cmd.exe (PID: 2128)
      • cmd.exe (PID: 2812)
      • cmd.exe (PID: 2888)
      • cmd.exe (PID: 984)
      • cmd.exe (PID: 2440)
      • cmd.exe (PID: 3256)
      • cmd.exe (PID: 3816)
      • cmd.exe (PID: 2816)
      • cmd.exe (PID: 2408)
      • cmd.exe (PID: 3076)
      • cmd.exe (PID: 3004)
      • cmd.exe (PID: 3740)
      • cmd.exe (PID: 2480)
      • cmd.exe (PID: 1088)
      • cmd.exe (PID: 3620)
      • cmd.exe (PID: 4160)
      • cmd.exe (PID: 4108)
      • cmd.exe (PID: 4688)
      • cmd.exe (PID: 4400)
      • cmd.exe (PID: 4248)
      • cmd.exe (PID: 4728)
      • cmd.exe (PID: 4812)
      • cmd.exe (PID: 4932)
      • cmd.exe (PID: 5092)
      • cmd.exe (PID: 6024)
      • cmd.exe (PID: 3284)
      • cmd.exe (PID: 5648)
      • cmd.exe (PID: 5144)
      • cmd.exe (PID: 5376)
      • cmd.exe (PID: 4244)
      • cmd.exe (PID: 5636)
      • cmd.exe (PID: 5780)
      • cmd.exe (PID: 4708)
      • cmd.exe (PID: 4520)
      • cmd.exe (PID: 4808)
      • cmd.exe (PID: 4560)
      • cmd.exe (PID: 5848)
      • cmd.exe (PID: 6068)
      • cmd.exe (PID: 5244)
      • cmd.exe (PID: 5132)
      • cmd.exe (PID: 5136)
      • cmd.exe (PID: 5300)
      • cmd.exe (PID: 5592)
      • cmd.exe (PID: 5716)
      • cmd.exe (PID: 6008)
      • cmd.exe (PID: 5720)
      • cmd.exe (PID: 4324)
      • cmd.exe (PID: 4276)
      • cmd.exe (PID: 5860)
      • cmd.exe (PID: 3024)
      • cmd.exe (PID: 5316)
      • cmd.exe (PID: 5188)
      • cmd.exe (PID: 4572)
      • cmd.exe (PID: 5764)
      • cmd.exe (PID: 4368)
      • cmd.exe (PID: 4928)
      • cmd.exe (PID: 6052)
      • cmd.exe (PID: 4328)
      • cmd.exe (PID: 5656)
      • cmd.exe (PID: 4232)
      • cmd.exe (PID: 5612)
      • cmd.exe (PID: 4756)
      • cmd.exe (PID: 5348)
      • cmd.exe (PID: 4608)
      • cmd.exe (PID: 5960)
      • cmd.exe (PID: 5276)
      • cmd.exe (PID: 5480)
      • cmd.exe (PID: 5688)
      • cmd.exe (PID: 4456)
      • cmd.exe (PID: 4340)
      • cmd.exe (PID: 4364)
      • cmd.exe (PID: 5020)
      • cmd.exe (PID: 4864)
      • cmd.exe (PID: 5108)
      • cmd.exe (PID: 6060)
      • cmd.exe (PID: 4468)
      • cmd.exe (PID: 4824)
      • cmd.exe (PID: 5660)
      • cmd.exe (PID: 5532)
      • cmd.exe (PID: 2804)
      • cmd.exe (PID: 4424)
      • cmd.exe (PID: 4260)
      • cmd.exe (PID: 4236)
      • cmd.exe (PID: 4768)
      • cmd.exe (PID: 4856)
      • cmd.exe (PID: 5708)
      • cmd.exe (PID: 4280)
      • cmd.exe (PID: 968)
      • cmd.exe (PID: 4192)
      • cmd.exe (PID: 5976)
      • cmd.exe (PID: 5540)
      • cmd.exe (PID: 5816)
      • cmd.exe (PID: 4124)
      • cmd.exe (PID: 5048)
      • cmd.exe (PID: 5800)
      • cmd.exe (PID: 5368)

    • Starts CMD.EXE for commands execution

      • cmd.exe (PID: 1500)
      • cmd.exe (PID: 3992)
      • cmd.exe (PID: 4084)
      • cmd.exe (PID: 1004)
      • cmd.exe (PID: 2212)
      • cmd.exe (PID: 3884)
      • cmd.exe (PID: 3824)
      • cmd.exe (PID: 2700)
      • cmd.exe (PID: 2392)
      • cmd.exe (PID: 4016)
      • cmd.exe (PID: 3908)
      • cmd.exe (PID: 1128)
      • cmd.exe (PID: 1488)
      • cmd.exe (PID: 2452)
      • cmd.exe (PID: 1068)
      • cmd.exe (PID: 1508)
      • cmd.exe (PID: 3500)
      • cmd.exe (PID: 2068)
      • cmd.exe (PID: 3276)
      • cmd.exe (PID: 1648)
      • cmd.exe (PID: 3440)
      • cmd.exe (PID: 2140)
      • cmd.exe (PID: 2192)
      • cmd.exe (PID: 3712)
      • cmd.exe (PID: 3708)
      • cmd.exe (PID: 2920)
      • cmd.exe (PID: 3996)
      • cmd.exe (PID: 3132)
      • cmd.exe (PID: 2908)
      • cmd.exe (PID: 3644)
      • cmd.exe (PID: 3324)
      • cmd.exe (PID: 2148)
      • cmd.exe (PID: 3744)
      • cmd.exe (PID: 3800)
      • cmd.exe (PID: 3912)
      • cmd.exe (PID: 4064)
      • cmd.exe (PID: 3404)
      • cmd.exe (PID: 2832)
      • cmd.exe (PID: 3596)
      • cmd.exe (PID: 3832)
      • cmd.exe (PID: 1984)
      • cmd.exe (PID: 3680)
      • cmd.exe (PID: 3896)
      • cmd.exe (PID: 3452)
      • cmd.exe (PID: 2000)
      • cmd.exe (PID: 4060)
      • cmd.exe (PID: 2884)
      • cmd.exe (PID: 344)
      • cmd.exe (PID: 3784)
      • cmd.exe (PID: 3476)
      • cmd.exe (PID: 1160)
      • cmd.exe (PID: 1096)
      • cmd.exe (PID: 1388)
      • cmd.exe (PID: 3640)
      • cmd.exe (PID: 4080)
      • cmd.exe (PID: 1412)
      • cmd.exe (PID: 3184)
      • cmd.exe (PID: 356)
      • cmd.exe (PID: 1000)
      • cmd.exe (PID: 2332)
      • cmd.exe (PID: 832)
      • cmd.exe (PID: 3472)
      • cmd.exe (PID: 3552)
      • cmd.exe (PID: 1564)
      • cmd.exe (PID: 3968)
      • cmd.exe (PID: 3588)
      • cmd.exe (PID: 3252)
      • cmd.exe (PID: 2568)
      • cmd.exe (PID: 3752)
      • cmd.exe (PID: 3520)
      • cmd.exe (PID: 3052)
      • cmd.exe (PID: 3352)
      • cmd.exe (PID: 2276)
      • cmd.exe (PID: 676)
      • cmd.exe (PID: 1272)
      • cmd.exe (PID: 2640)
      • cmd.exe (PID: 4056)
      • cmd.exe (PID: 4008)
      • cmd.exe (PID: 2916)
      • cmd.exe (PID: 1284)
      • cmd.exe (PID: 2736)
      • cmd.exe (PID: 3616)
      • cmd.exe (PID: 2860)
      • cmd.exe (PID: 3148)
      • cmd.exe (PID: 2984)
      • cmd.exe (PID: 1164)
      • cmd.exe (PID: 2280)
      • cmd.exe (PID: 1044)
      • cmd.exe (PID: 272)
      • cmd.exe (PID: 2176)
      • cmd.exe (PID: 472)
      • cmd.exe (PID: 2200)
      • cmd.exe (PID: 576)
      • cmd.exe (PID: 2816)
      • cmd.exe (PID: 3816)
      • cmd.exe (PID: 2688)
      • cmd.exe (PID: 2656)
      • cmd.exe (PID: 2888)
      • cmd.exe (PID: 984)
      • cmd.exe (PID: 2128)
      • cmd.exe (PID: 3256)
      • cmd.exe (PID: 2440)
      • cmd.exe (PID: 2812)
      • cmd.exe (PID: 2408)
      • cmd.exe (PID: 3076)
      • cmd.exe (PID: 3740)
      • cmd.exe (PID: 1088)
      • cmd.exe (PID: 3004)
      • cmd.exe (PID: 4688)
      • cmd.exe (PID: 4248)
      • cmd.exe (PID: 3620)
      • cmd.exe (PID: 2480)
      • cmd.exe (PID: 4160)
      • cmd.exe (PID: 4400)
      • cmd.exe (PID: 4812)
      • cmd.exe (PID: 4932)
      • cmd.exe (PID: 4108)
      • cmd.exe (PID: 4728)
      • cmd.exe (PID: 5092)
      • cmd.exe (PID: 6024)
      • cmd.exe (PID: 3284)

    • Application launched itself

      • cmd.exe (PID: 1500)
      • cmd.exe (PID: 1004)
      • cmd.exe (PID: 4084)
      • cmd.exe (PID: 3992)
      • cmd.exe (PID: 4016)
      • cmd.exe (PID: 2700)
      • cmd.exe (PID: 3884)
      • cmd.exe (PID: 2392)
      • cmd.exe (PID: 3908)
      • cmd.exe (PID: 2212)
      • cmd.exe (PID: 3824)
      • cmd.exe (PID: 2452)
      • cmd.exe (PID: 1488)
      • cmd.exe (PID: 1128)
      • cmd.exe (PID: 1508)
      • cmd.exe (PID: 3500)
      • cmd.exe (PID: 2068)
      • cmd.exe (PID: 3276)
      • cmd.exe (PID: 1648)
      • cmd.exe (PID: 3708)
      • cmd.exe (PID: 1068)
      • cmd.exe (PID: 3440)
      • cmd.exe (PID: 2140)
      • cmd.exe (PID: 3712)
      • cmd.exe (PID: 2192)
      • cmd.exe (PID: 2920)
      • cmd.exe (PID: 3324)
      • cmd.exe (PID: 3996)
      • cmd.exe (PID: 2908)
      • cmd.exe (PID: 3132)
      • cmd.exe (PID: 3644)
      • cmd.exe (PID: 3744)
      • cmd.exe (PID: 3800)
      • cmd.exe (PID: 3912)
      • cmd.exe (PID: 4064)
      • cmd.exe (PID: 2148)
      • cmd.exe (PID: 3596)
      • cmd.exe (PID: 3832)
      • cmd.exe (PID: 3680)
      • cmd.exe (PID: 3404)
      • cmd.exe (PID: 2832)
      • cmd.exe (PID: 3896)
      • cmd.exe (PID: 1984)
      • cmd.exe (PID: 3452)
      • cmd.exe (PID: 2000)
      • cmd.exe (PID: 4060)
      • cmd.exe (PID: 2884)
      • cmd.exe (PID: 3476)
      • cmd.exe (PID: 1096)
      • cmd.exe (PID: 344)
      • cmd.exe (PID: 3784)
      • cmd.exe (PID: 1160)
      • cmd.exe (PID: 3640)
      • cmd.exe (PID: 3184)
      • cmd.exe (PID: 1412)
      • cmd.exe (PID: 4080)
      • cmd.exe (PID: 1388)
      • cmd.exe (PID: 356)
      • cmd.exe (PID: 2332)
      • cmd.exe (PID: 1000)
      • cmd.exe (PID: 3472)
      • cmd.exe (PID: 832)
      • cmd.exe (PID: 3552)
      • cmd.exe (PID: 3520)
      • cmd.exe (PID: 3968)
      • cmd.exe (PID: 3588)
      • cmd.exe (PID: 3252)
      • cmd.exe (PID: 2568)
      • cmd.exe (PID: 3752)
      • cmd.exe (PID: 1564)
      • cmd.exe (PID: 2640)
      • cmd.exe (PID: 3352)
      • cmd.exe (PID: 676)
      • cmd.exe (PID: 2276)
      • cmd.exe (PID: 1272)
      • cmd.exe (PID: 4056)
      • cmd.exe (PID: 4008)
      • cmd.exe (PID: 3052)
      • cmd.exe (PID: 1284)
      • cmd.exe (PID: 2736)
      • cmd.exe (PID: 2860)
      • cmd.exe (PID: 3616)
      • cmd.exe (PID: 3148)
      • cmd.exe (PID: 2984)
      • cmd.exe (PID: 1164)
      • cmd.exe (PID: 2280)
      • cmd.exe (PID: 2916)
      • cmd.exe (PID: 272)
      • cmd.exe (PID: 1044)
      • cmd.exe (PID: 472)
      • cmd.exe (PID: 576)
      • cmd.exe (PID: 2816)
      • cmd.exe (PID: 2176)
      • cmd.exe (PID: 3816)
      • cmd.exe (PID: 2688)
      • cmd.exe (PID: 2200)
      • cmd.exe (PID: 2888)
      • cmd.exe (PID: 3256)
      • cmd.exe (PID: 2408)
      • cmd.exe (PID: 2440)
      • cmd.exe (PID: 2812)
      • cmd.exe (PID: 2656)
      • cmd.exe (PID: 984)
      • cmd.exe (PID: 2128)
      • cmd.exe (PID: 3740)
      • cmd.exe (PID: 1088)
      • cmd.exe (PID: 3004)
      • cmd.exe (PID: 2480)
      • cmd.exe (PID: 3076)
      • cmd.exe (PID: 4688)
      • cmd.exe (PID: 4248)
      • cmd.exe (PID: 3620)
      • cmd.exe (PID: 4160)
      • cmd.exe (PID: 4400)
      • cmd.exe (PID: 4812)
      • cmd.exe (PID: 4932)
      • cmd.exe (PID: 4108)
      • cmd.exe (PID: 4728)
      • cmd.exe (PID: 5092)
      • cmd.exe (PID: 6024)
      • cmd.exe (PID: 3284)

  • INFO

    • Checks supported languages

      • NOTEPAD.EXE (PID: 1252)
      • WINWORD.EXE (PID: 3668)
      • chrome.exe (PID: 3932)
      • chrome.exe (PID: 1236)
      • chrome.exe (PID: 3436)
      • chrome.exe (PID: 3848)
      • chrome.exe (PID: 636)
      • chrome.exe (PID: 1828)
      • chrome.exe (PID: 3032)
      • chrome.exe (PID: 1128)
      • chrome.exe (PID: 3808)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 2148)
      • chrome.exe (PID: 3980)
      • chrome.exe (PID: 2932)
      • chrome.exe (PID: 2504)
      • chrome.exe (PID: 1296)
      • chrome.exe (PID: 3140)
      • chrome.exe (PID: 3852)
      • chrome.exe (PID: 2148)
      • chrome.exe (PID: 496)
      • chrome.exe (PID: 2080)
      • chrome.exe (PID: 2300)
      • chrome.exe (PID: 2948)
      • chrome.exe (PID: 1988)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 876)
      • chrome.exe (PID: 688)
      • chrome.exe (PID: 3528)
      • chrome.exe (PID: 3992)
      • chrome.exe (PID: 1876)
      • chrome.exe (PID: 2260)
      • chrome.exe (PID: 2724)
      • chrome.exe (PID: 3284)
      • chrome.exe (PID: 1240)
      • chrome.exe (PID: 2812)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 2376)
      • chrome.exe (PID: 3120)
      • chrome.exe (PID: 4020)
      • chrome.exe (PID: 356)
      • chrome.exe (PID: 2580)
      • chrome.exe (PID: 3480)
      • chrome.exe (PID: 3364)
      • chrome.exe (PID: 3316)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 2968)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 2096)
      • chrome.exe (PID: 1144)
      • chrome.exe (PID: 4052)
      • chrome.exe (PID: 3148)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 3904)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 1544)
      • chrome.exe (PID: 2840)
      • chrome.exe (PID: 3576)
      • chrome.exe (PID: 1400)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3068)
      • chrome.exe (PID: 3044)
      • chrome.exe (PID: 3108)
      • chrome.exe (PID: 3648)
      • chrome.exe (PID: 1124)
      • chrome.exe (PID: 2072)
      • chrome.exe (PID: 828)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 2740)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 3404)
      • chrome.exe (PID: 3804)
      • chrome.exe (PID: 2892)
      • chrome.exe (PID: 3092)
      • chrome.exe (PID: 3052)
      • chrome.exe (PID: 3732)
      • chrome.exe (PID: 1164)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 376)
      • chrome.exe (PID: 1596)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 2172)
      • chrome.exe (PID: 3044)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 2092)
      • chrome.exe (PID: 1408)
      • chrome.exe (PID: 2312)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 2088)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 2664)
      • chrome.exe (PID: 2952)
      • chrome.exe (PID: 1760)
      • chrome.exe (PID: 1444)
      • chrome.exe (PID: 3616)
      • chrome.exe (PID: 2680)
      • chrome.exe (PID: 832)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 3536)
      • chrome.exe (PID: 3876)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 3644)
      • chrome.exe (PID: 3240)
      • chrome.exe (PID: 1592)
      • chrome.exe (PID: 3156)
      • chrome.exe (PID: 2392)
      • chrome.exe (PID: 2564)
      • chrome.exe (PID: 652)
      • chrome.exe (PID: 2732)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 2320)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 2960)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 2452)
      • chrome.exe (PID: 1544)
      • chrome.exe (PID: 1512)
      • chrome.exe (PID: 3504)
      • chrome.exe (PID: 2828)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 1652)
      • chrome.exe (PID: 672)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 612)
      • chrome.exe (PID: 3108)
      • chrome.exe (PID: 2248)
      • chrome.exe (PID: 2680)
      • chrome.exe (PID: 1968)
      • chrome.exe (PID: 3412)
      • chrome.exe (PID: 4056)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 3220)
      • chrome.exe (PID: 3052)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 2920)
      • chrome.exe (PID: 1324)
      • chrome.exe (PID: 828)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 2412)
      • chrome.exe (PID: 2220)
      • chrome.exe (PID: 2052)
      • chrome.exe (PID: 984)
      • chrome.exe (PID: 968)
      • chrome.exe (PID: 2508)
      • chrome.exe (PID: 3204)
      • chrome.exe (PID: 3316)
      • chrome.exe (PID: 3804)
      • chrome.exe (PID: 2240)
      • chrome.exe (PID: 3212)
      • chrome.exe (PID: 3100)
      • chrome.exe (PID: 376)
      • chrome.exe (PID: 3364)
      • chrome.exe (PID: 2740)
      • chrome.exe (PID: 2688)
      • chrome.exe (PID: 2724)
      • chrome.exe (PID: 2840)
      • chrome.exe (PID: 3096)
      • chrome.exe (PID: 4016)
      • chrome.exe (PID: 2100)
      • chrome.exe (PID: 3028)
      • chrome.exe (PID: 1876)
      • chrome.exe (PID: 272)
      • chrome.exe (PID: 2544)
      • chrome.exe (PID: 3228)
      • chrome.exe (PID: 2092)
      • chrome.exe (PID: 2844)
      • chrome.exe (PID: 3204)
      • chrome.exe (PID: 3196)
      • chrome.exe (PID: 2420)
      • chrome.exe (PID: 2524)
      • chrome.exe (PID: 3336)
      • chrome.exe (PID: 2628)
      • chrome.exe (PID: 3176)
      • chrome.exe (PID: 2972)
      • chrome.exe (PID: 3592)
      • chrome.exe (PID: 2792)
      • chrome.exe (PID: 1876)
      • chrome.exe (PID: 1004)
      • chrome.exe (PID: 3032)
      • chrome.exe (PID: 2468)
      • chrome.exe (PID: 3544)
      • chrome.exe (PID: 4072)
      • chrome.exe (PID: 3024)
      • chrome.exe (PID: 1632)
      • chrome.exe (PID: 2440)
      • chrome.exe (PID: 2280)
      • chrome.exe (PID: 2088)
      • chrome.exe (PID: 2528)
      • chrome.exe (PID: 2664)
      • chrome.exe (PID: 3324)
      • chrome.exe (PID: 2768)
      • chrome.exe (PID: 3816)
      • chrome.exe (PID: 700)
      • chrome.exe (PID: 2732)
      • chrome.exe (PID: 3196)
      • chrome.exe (PID: 3504)
      • chrome.exe (PID: 2972)
      • chrome.exe (PID: 2320)
      • chrome.exe (PID: 2252)
      • chrome.exe (PID: 508)
      • chrome.exe (PID: 1296)
      • NOTEPAD.EXE (PID: 2860)
      • chrome.exe (PID: 1988)
      • chrome.exe (PID: 3580)

    • Manual execution by user

      • WINWORD.EXE (PID: 3668)
      • chrome.exe (PID: 1236)
      • chrome.exe (PID: 3848)
      • chrome.exe (PID: 3808)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 3140)
      • chrome.exe (PID: 3852)
      • chrome.exe (PID: 2148)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 2968)
      • chrome.exe (PID: 3120)
      • chrome.exe (PID: 1240)
      • chrome.exe (PID: 2376)
      • chrome.exe (PID: 4052)
      • chrome.exe (PID: 2580)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3904)
      • chrome.exe (PID: 3108)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 1164)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 1596)
      • chrome.exe (PID: 1408)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 1760)
      • chrome.exe (PID: 3240)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 2960)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 1544)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 3220)
      • chrome.exe (PID: 3412)
      • chrome.exe (PID: 828)
      • chrome.exe (PID: 3052)
      • chrome.exe (PID: 3804)
      • chrome.exe (PID: 376)
      • chrome.exe (PID: 3364)
      • chrome.exe (PID: 2688)
      • chrome.exe (PID: 3028)
      • chrome.exe (PID: 3176)
      • chrome.exe (PID: 3204)
      • chrome.exe (PID: 2844)
      • chrome.exe (PID: 2792)
      • chrome.exe (PID: 4072)
      • chrome.exe (PID: 2468)
      • chrome.exe (PID: 1632)
      • chrome.exe (PID: 2088)
      • chrome.exe (PID: 2768)
      • chrome.exe (PID: 3580)
      • chrome.exe (PID: 2252)
      • NOTEPAD.EXE (PID: 2860)
      • cmd.exe (PID: 1500)

    • Reads the hosts file

      • chrome.exe (PID: 3848)
      • chrome.exe (PID: 1236)
      • chrome.exe (PID: 1828)
      • chrome.exe (PID: 1128)

    • Reads the computer name

      • WINWORD.EXE (PID: 3668)
      • chrome.exe (PID: 1236)
      • chrome.exe (PID: 3848)
      • chrome.exe (PID: 1828)
      • chrome.exe (PID: 3808)
      • chrome.exe (PID: 3932)
      • chrome.exe (PID: 3032)
      • chrome.exe (PID: 3140)
      • chrome.exe (PID: 2148)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 1128)
      • chrome.exe (PID: 2948)
      • chrome.exe (PID: 2968)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 2376)
      • chrome.exe (PID: 3120)
      • chrome.exe (PID: 1240)
      • chrome.exe (PID: 2580)
      • chrome.exe (PID: 3852)
      • chrome.exe (PID: 4052)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3904)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3108)
      • chrome.exe (PID: 1164)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 1408)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 1760)
      • chrome.exe (PID: 1596)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 3240)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 2960)
      • chrome.exe (PID: 1544)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 3220)
      • chrome.exe (PID: 3412)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 3052)
      • chrome.exe (PID: 968)
      • chrome.exe (PID: 828)
      • chrome.exe (PID: 3804)
      • chrome.exe (PID: 376)
      • chrome.exe (PID: 3364)
      • chrome.exe (PID: 2688)
      • chrome.exe (PID: 3028)
      • chrome.exe (PID: 3204)
      • chrome.exe (PID: 3176)
      • chrome.exe (PID: 2844)
      • chrome.exe (PID: 2792)
      • chrome.exe (PID: 4072)
      • chrome.exe (PID: 2468)
      • chrome.exe (PID: 1632)
      • chrome.exe (PID: 2088)
      • chrome.exe (PID: 2768)
      • chrome.exe (PID: 2252)
      • chrome.exe (PID: 3580)

    • Creates files in the user directory

      • WINWORD.EXE (PID: 3668)

    • Application launched itself

      • chrome.exe (PID: 3848)
      • chrome.exe (PID: 1236)
      • chrome.exe (PID: 3808)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 3140)
      • chrome.exe (PID: 2148)
      • chrome.exe (PID: 3852)
      • chrome.exe (PID: 2968)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 3120)
      • chrome.exe (PID: 1240)
      • chrome.exe (PID: 2580)
      • chrome.exe (PID: 2376)
      • chrome.exe (PID: 4052)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3904)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 3108)
      • chrome.exe (PID: 2940)
      • chrome.exe (PID: 1164)
      • chrome.exe (PID: 2568)
      • chrome.exe (PID: 1600)
      • chrome.exe (PID: 1408)
      • chrome.exe (PID: 2816)
      • chrome.exe (PID: 1760)
      • chrome.exe (PID: 1596)
      • chrome.exe (PID: 3332)
      • chrome.exe (PID: 3360)
      • chrome.exe (PID: 3240)
      • chrome.exe (PID: 2960)
      • chrome.exe (PID: 2456)
      • chrome.exe (PID: 572)
      • chrome.exe (PID: 1544)
      • chrome.exe (PID: 3352)
      • chrome.exe (PID: 3268)
      • chrome.exe (PID: 3220)
      • chrome.exe (PID: 3412)
      • chrome.exe (PID: 3052)
      • chrome.exe (PID: 828)
      • chrome.exe (PID: 3364)
      • chrome.exe (PID: 3804)
      • chrome.exe (PID: 2688)
      • chrome.exe (PID: 3028)
      • chrome.exe (PID: 376)
      • chrome.exe (PID: 3176)
      • chrome.exe (PID: 2844)
      • chrome.exe (PID: 3204)
      • chrome.exe (PID: 2468)
      • chrome.exe (PID: 2792)
      • chrome.exe (PID: 1632)
      • chrome.exe (PID: 2088)
      • chrome.exe (PID: 4072)
      • chrome.exe (PID: 3580)
      • chrome.exe (PID: 2768)
      • chrome.exe (PID: 2252)

    • Reads Microsoft Office registry keys

      • WINWORD.EXE (PID: 3668)

    • Reads settings of System Certificates

      • chrome.exe (PID: 1828)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
2 413
Monitored processes
1 302
Malicious processes
87
Suspicious processes
20

Behavior graph

Click at the process to see the details
start notepad.exe no specs winword.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs notepad.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
272"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=86.0.4240.198 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x71abd988,0x71abd998,0x71abd9a4C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\windows\system32\ntdll.dll
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
272C:\Windows\system32\cmd.exe /K start.batC:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Images
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
344C:\Windows\system32\cmd.exe /K start.batC:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Images
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
356"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1052,11649160545672780859,8257128829790975961,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3176 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
356C:\Windows\system32\cmd.exe /K start.batC:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Images
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
376"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=86.0.4240.198 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x71abd988,0x71abd998,0x71abd9a4C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\windows\system32\ntdll.dll
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
376"C:\Program Files\Google\Chrome\Application\chrome.exe" C:\Program Files\Google\Chrome\Application\chrome.exeExplorer.EXE
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
472C:\Windows\system32\cmd.exe /K start.batC:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
Modules
Images
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\cmd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winbrand.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
496"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=86.0.4240.198 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x71abd988,0x71abd998,0x71abd9a4C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\shell32.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
508"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=86.0.4240.198 --initial-client-data=0xc8,0xcc,0xd0,0x9c,0xd4,0x71abd988,0x71abd998,0x71abd9a4C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
86.0.4240.198
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\86.0.4240.198\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
c:\windows\system32\shell32.dll
Total events
20 426
Read events
19 228
Write events
1 051
Delete events
147

Modification events

(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
Operation:writeName:a><
Value:
613E3C00540E0000010000000000000000000000
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1033
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1041
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1046
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1036
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1031
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1040
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1049
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:3082
Value:
Off
(PID) Process:(3668) WINWORD.EXEKey:HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
Operation:writeName:1042
Value:
Off
Executable files
0
Suspicious files
272
Text files
125
Unknown types
14

Dropped files

PID
Process
Filename
Type
3668WINWORD.EXEC:\Users\admin\AppData\Local\Temp\CVR1EB2.tmp.cvr
MD5:
SHA256:
636chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
MD5:
SHA256:
1236chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61EEEFC0-4D4.pma
MD5:
SHA256:
3848chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\old_GPUCache_000
MD5:
SHA256:
3668WINWORD.EXEC:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\index.datini
MD5:
SHA256:
3668WINWORD.EXEC:\Users\admin\AppData\Roaming\Microsoft\Templates\~$Normal.dotmpgc
MD5:
SHA256:
3668WINWORD.EXEC:\Users\admin\AppData\Roaming\Microsoft\Office\Recent\tradehighest.rtf.LNKlnk
MD5:
SHA256:
3668WINWORD.EXEC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{A7928225-CF57-41EF-BFCE-94E1B2871954}.tmpbinary
MD5:
SHA256:
2504chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
MD5:
SHA256:
3668WINWORD.EXEC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{A1AA8CD0-7B1F-4B6F-8D45-907D4E9B299C}.tmpdbf
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
19
DNS requests
11
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1828
chrome.exe
GET
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx
US
crx
242 Kb
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
1828
chrome.exe
142.250.74.196:443
www.google.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.186.131:443
www.gstatic.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.185.195:443
ssl.gstatic.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.186.35:443
update.googleapis.com
Google Inc.
US
whitelisted
1828
chrome.exe
34.104.35.123:80
edgedl.me.gvt1.com
US
whitelisted
1828
chrome.exe
142.250.185.202:443
fonts.googleapis.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.185.110:443
apis.google.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.186.110:443
clients2.google.com
Google Inc.
US
whitelisted
1828
chrome.exe
142.250.185.173:443
accounts.google.com
Google Inc.
US
suspicious
1828
chrome.exe
142.250.185.227:443
clientservices.googleapis.com
Google Inc.
US
whitelisted

DNS requests

Domain
IP
Reputation
accounts.google.com
  • 142.250.185.173
shared
clientservices.googleapis.com
  • 142.250.185.227
whitelisted
www.google.com
  • 142.250.74.196
malicious
clients2.google.com
  • 142.250.186.110
whitelisted
fonts.googleapis.com
  • 142.250.185.202
whitelisted
www.gstatic.com
  • 142.250.186.131
whitelisted
fonts.gstatic.com
  • 142.250.185.227
whitelisted
apis.google.com
  • 142.250.185.110
whitelisted
ssl.gstatic.com
  • 142.250.185.195
whitelisted
update.googleapis.com
  • 142.250.186.35
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
data.txt