Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
msedge.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4108d847-4124-4719-8199-7af90c61578f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\9f4a73b0-02d3-4f58-a8f6-06943b1004cd.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67224C7D-1850.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\337fe747-bd3e-4c1a-a3bd-fe989aa06a44.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\614dae87-3f8d-4db6-bce2-f4571cfd33a4.tmp
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\81748485-c38e-49c0-a931-aa61634ee627.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\82941a74-c9f7-4ade-a82a-516d8ebc0439.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 16, cookie
0x8, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\12c48195-e3de-4962-9aa2-3f5170a1a912.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7d6f6221-c5d4-4522-bde9-d36ea1b37e38.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF34f1b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF37aee.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PriceComparison\PriceComparisonAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF34f2b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374774659410947
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 91, cookie
0x36, schema 4, UTF-8, version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 11, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 11
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\aafc88c7-18c3-4def-a99c-d71de6fdb132.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\da96d03b-87a2-4c3a-b2a9-f38cea91d4bc.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 15, database
pages 21, cookie 0x7, schema 4, UTF-8, version-valid-for 15
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32319.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF372b0.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ab7b3ab3-0461-404d-9261-5633b1f9cfc7.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d0375e67-a635-484c-af41-a90fe28579cc.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2d5dc56a-23c7-488c-b9e8-5848354e2edb.tmp
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\619162a8-2d33-437f-a7bd-481dfea9510d.tmp
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3412x1357, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\693636b3-3722-441d-a104-0ab0346dfbef.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\af\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\am\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ar\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\az\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\be\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\bg\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\bn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ca\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\cs\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\cy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\da\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\de\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\el\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\en\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\en_GB\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\en_US\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\es\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\es_419\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\et\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\eu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\fa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\fi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\fil\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\fr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\fr_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\gl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\gu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\hi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\hr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\hu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\hy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\id\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\is\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\it\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\iw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ja\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ka\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\kk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\km\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\kn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ko\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\lo\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\lt\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\lv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ml\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\mn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\mr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ms\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\my\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ne\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\nl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\no\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\pa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\pl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\pt_BR\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\pt_PT\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ro\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ru\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\si\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\sk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\sl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\sr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\sv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\sw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ta\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\te\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\th\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\tr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\uk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\ur\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\vi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\zh_CN\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\zh_HK\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\zh_TW\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_locales\zu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\dasherSettingSchema.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\offscreendocument.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\offscreendocument_main.js
|
ASCII text, with very long lines (3700)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\page_embed_script.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_1856030968\CRX_INSTALL\service_worker_bin_prod.js
|
ASCII text, with very long lines (3705)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_363165424\73029d76-8193-46fa-bf87-9d6c752b4c4b.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_363165424\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_363165424\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_363165424\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6224_363165424\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 14:10:06 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 14:10:06 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 14:10:06 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 14:10:06 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 14:10:06 2024, atime=Mon Oct 2 20:46:57
2023, length=1210144, window=hide
|
dropped
|
There are 180 hidden files, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
|
plus.l.google.com
|
142.250.74.206
|
||
|
play.google.com
|
142.250.186.142
|
||
|
dns-tunnel-check.googlezip.net
|
216.239.34.159
|
||
|
tunnel.googlezip.net
|
216.239.34.157
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
|
94.245.104.56
|
||
|
www.google.com
|
142.250.186.68
|
||
|
s-part-0039.t-0009.t-msedge.net
|
13.107.246.67
|
||
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.185.97
|
||
|
js.monitor.azure.com
|
unknown
|
||
|
www.clarity.ms
|
unknown
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
s.clarity.ms
|
unknown
|
||
|
bzib.nelreports.net
|
unknown
|
||
|
c.s-microsoft.com
|
unknown
|
||
|
c.clarity.ms
|
unknown
|
||
|
apis.google.com
|
unknown
|
There are 9 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.68
|
www.google.com
|
United States
|
||
|
13.107.6.158
|
unknown
|
United States
|
||
|
142.250.74.206
|
plus.l.google.com
|
United States
|
||
|
13.107.246.45
|
s-part-0017.t-0009.t-msedge.net
|
United States
|
||
|
2.22.242.11
|
unknown
|
European Union
|
||
|
13.107.253.57
|
unknown
|
United States
|
||
|
20.125.209.212
|
unknown
|
United States
|
||
|
162.159.61.3
|
unknown
|
United States
|
||
|
204.79.197.239
|
unknown
|
United States
|
||
|
142.250.184.227
|
unknown
|
United States
|
||
|
204.79.197.237
|
unknown
|
United States
|
||
|
142.250.184.195
|
unknown
|
United States
|
||
|
142.250.186.35
|
unknown
|
United States
|
||
|
13.107.5.80
|
unknown
|
United States
|
||
|
142.250.185.67
|
unknown
|
United States
|
||
|
104.254.150.241
|
unknown
|
United States
|
||
|
23.32.185.131
|
unknown
|
United States
|
||
|
13.107.21.237
|
unknown
|
United States
|
||
|
13.107.21.239
|
unknown
|
United States
|
||
|
13.107.42.16
|
unknown
|
United States
|
||
|
13.107.246.70
|
unknown
|
United States
|
||
|
142.251.173.84
|
unknown
|
United States
|
||
|
216.58.206.46
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.142
|
play.google.com
|
United States
|
||
|
216.58.212.162
|
unknown
|
United States
|
||
|
142.250.186.170
|
unknown
|
United States
|
||
|
13.107.246.67
|
s-part-0039.t-0009.t-msedge.net
|
United States
|
||
|
151.101.129.108
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
152.195.19.97
|
unknown
|
United States
|
||
|
216.58.206.78
|
unknown
|
United States
|
||
|
13.74.129.1
|
unknown
|
United States
|
||
|
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
142.250.74.195
|
unknown
|
United States
|
||
|
142.250.184.202
|
unknown
|
United States
|
||
|
216.58.212.170
|
unknown
|
United States
|
||
|
172.217.16.202
|
unknown
|
United States
|
||
|
23.96.124.68
|
unknown
|
United States
|
||
|
23.198.7.175
|
unknown
|
United States
|
||
|
13.107.246.57
|
unknown
|
United States
|
||
|
94.245.104.56
|
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
|
United Kingdom
|
||
|
150.171.27.10
|
ax-0001.ax-msedge.net
|
United States
|
||
|
173.223.110.175
|
unknown
|
United States
|
||
|
2.23.209.135
|
unknown
|
European Union
|
||
|
96.7.169.183
|
unknown
|
United States
|
||
|
142.250.185.97
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
216.239.34.157
|
tunnel.googlezip.net
|
United States
|
||
|
20.44.10.122
|
unknown
|
United States
|
There are 39 hidden IPs, click here to show them.