Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com/e/am9hbm5hLmthaW0ta2VydGhAaWcuY29t
|
URL
|
initial url
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\10BDC45B4A27319429BBC4F08A4E8A10
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\10BDC45B4A27319429BBC4F08A4E8A10
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6974601f-1ef4-4c82-b000-f276cacc3c43.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7f45b162-b131-484a-bc0f-70074afcfcc7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f290be4-cb6e-4cc9-8582-321788e92cd7.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1a523365-b044-44ca-8325-21d5072656cf.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ad3a9d3-b54a-4fe4-a11a-dd26144d8360.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2ef254dd-bbd0-4703-9172-fb11790ea0f0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4801c30c-0a4e-4686-a8d2-9cd9a564b936.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4d17712d-d8aa-4e1c-accd-8c3693b5068c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\603a971c-cba7-4424-86e0-a9f2fcea195e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\5920a891-a4d7-4969-ac23-7026941eaf9f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\71a93ce5-c5db-43e1-9b45-27c90a52ea2b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f9b9ae81-c85c-4916-8e56-5dc5afc3e42f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b4fcaf44-6683-4ee3-a654-1f81e2525e5a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d1b9b9b1-bc9b-4e8e-8a4b-ffaf9f413a3e.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0da42cc6-128b-4ba3-9e1e-04c3e2e639d8.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\59e48edb-4a38-4908-bb87-233755c51147.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7d28b7c8-f361-4c2a-88be-b95ba2757ac5.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ef369371-97ee-430a-90eb-cba128e4b063.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\59e48edb-4a38-4908-bb87-233755c51147.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1870413338\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5752_1903683687\ef369371-97ee-430a-90eb-cba128e4b063.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 155 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com/e/am9hbm5hLmthaW0ta2VydGhAaWcuY29t'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,15419587561947641969,2247414398812328316,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1724 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com/e/am9hbm5hLmthaW0ta2VydGhAaWcuY29t23S
|
unknown
|
|
|
|
http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com/e/am9hbm5hLmthaW0ta2VydGhAaWcuY29t
|
40.76.49.205
|
|
|
|
https://mydocushare.docushareportal657.xyz/O365/home?MTYxMTc0MTcyMTc4MmI1OWM1YjgzM2ZhNDhjMWY4YjI4MGRhYzk4YmEwZWE4MmU5N2I5MGQzNDMwNDIxNjdlMzM5MzkwZDczMmMwZDBiYzkyMg==&data=am9hbm5hLmthaW0ta2VydGhAaWcuY29t&email=joanna.kaim-kerth@ig.com&MTYxMTc0MTcyMWExZTE4OGY1ZTFlNTA0ZjViN2NkMDRhNzdhODlhMWY1NzRkZDE3OGE5OGUyZGZhMTFlMDgzZTJjYmFjMzYzMjM3NjNhOTc5MA==%3D
|
|
||
|
http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com/e/am9hbm5hLmthaW0ta2VydGhAaWcuY29tS
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
http://bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com
|
unknown
|
|
|
|
https://mydocushare.docushareportal657.xyz/O365/home?MTYxMTc0MTcyMTc4MmI1OWM1YjgzM2ZhNDhjMWY4YjI4MGR
|
unknown
|
|
|
|
https://mydocushare.docushareportal657.xyz/O365/?joanna.kaim-kerth
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://mydocushare.docushareportal657.xyz/O365/proceed?email=joanna.kaim-kerth
|
unknown
|
|
|
|
https://mydocushare.docushareportal657.xyz/O365/lib/img/favicon.ico
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
http://zerossl.crt.sectigo.com/ZeroSSLRSADomainSecureSiteCA.crt
|
91.199.212.52
|
|
There are 3 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bkbizwwqfqstgcsbkbizwwqfqstgcs.lk8ftr.com
|
40.76.49.205
|
|
|
|
mydocushare.docushareportal657.xyz
|
52.188.166.242
|
|
|
|
crt.sectigo.com
|
91.199.212.52
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.22.225
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
zerossl.crt.sectigo.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Active
|
Malicious
|
|
|---|---|---|---|---|---|
|
172.217.22.225
|
unknown
|
United States
|
unknown
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
unknown
|
|
|
|
91.199.212.52
|
unknown
|
United Kingdom
|
unknown
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
unknown
|
|
|
|
40.76.49.205
|
unknown
|
United States
|
unknown
|
|
|
|
52.188.166.242
|
unknown
|
United States
|
unknown
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
Blob
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5A9E5C000
|
unkown
|
page readonly
|
|
|
|
E1FDEFF000
|
unkown
|
page read and write
|
|
|
|
7FF59CF16000
|
unkown
|
page readonly
|
|
|
|
253F4330000
|
unkown
|
page readonly
|
|
|
|
7FF53218B000
|
unkown
|
page readonly
|
|
|
|
7FF5E834E000
|
unkown
|
page readonly
|
|
|
|
257F7C59000
|
unkown
|
page read and write
|
|
|
|
253F9A8A000
|
unkown
|
page read and write
|
|
|
|
91AA97E000
|
unkown
|
page read and write
|
|
|
|
257F96D0000
|
unkown
|
page read and write
|
|
|
|
61FFC7B000
|
unkown
|
page read and write
|
|
|
|
7FF5E835F000
|
unkown
|
page readonly
|
|
|
|
7FF532C17000
|
unkown
|
page readonly
|
|
|
|
257F7C5A000
|
unkown
|
page read and write
|
|
|
|
7FF5666E2000
|
unkown
|
page readonly
|
|
|
|
3ADBFFE000
|
unkown
|
page read and write
|
|
|
|
AFF58F8000
|
unkown
|
page read and write
|
|
|
|
2133AE29000
|
unkown
|
page read and write
|
|
|
|
7FF50ECDE000
|
unkown
|
page readonly
|
|
|
|
7FF5A9D8E000
|
unkown
|
page readonly
|
|
|
|
7FF5E81D8000
|
unkown
|
page readonly
|
|
|
|
7FF566729000
|
unkown
|
page readonly
|
|
|
|
3ADC6FF000
|
unkown
|
page read and write
|
|
|
|
257F7D18000
|
unkown
|
page read and write
|
|
|
|
253F49A0000
|
unkown
|
page read and write
|
|
|
|
253F9ACA000
|
unkown
|
page read and write
|
|
|
|
7FF5664A0000
|
unkown
|
page readonly
|
|
|
|
2133AE70000
|
unkown
|
page read and write
|
|
|
|
257F7C3D000
|
unkown
|
page read and write
|
|
|
|
7FF5068E9000
|
unkown
|
page readonly
|
|
|
|
175D0051000
|
unkown
|
page read and write
|
|
|
|
257F9790000
|
unkown
|
page read and write
|
|
|
|
E1FDFFE000
|
unkown
|
page read and write
|
|
|
|
7FF532D3E000
|
unkown
|
page readonly
|
|
|
|
7FF59CEB8000
|
unkown
|
page readonly
|
|
|
|
1C1F6F14000
|
unkown
|
page read and write
|
|
|
|
7FF506916000
|
unkown
|
page readonly
|
|
|
|
253F4A15000
|
unkown
|
page read and write
|
|
|
|
7FF59CEAD000
|
unkown
|
page readonly
|
|
|
|
91AAEFD000
|
unkown
|
page read and write
|
|
|
|
7FF59CE1C000
|
unkown
|
page readonly
|
|
|
|
175D0002000
|
unkown
|
page read and write
|
|
|
|
257F7C49000
|
unkown
|
page read and write
|
|
|
|
7FF532BBC000
|
unkown
|
page readonly
|
|
|
|
7FF532CE7000
|
unkown
|
page readonly
|
|
|
|
1C468950000
|
heap private
|
page read and write
|
|
|
|
7FF5A9E1E000
|
unkown
|
page readonly
|
|
|
|
7FF59CF40000
|
unkown
|
page readonly
|
|
|
|
257F7D13000
|
unkown
|
page read and write
|
|
|
|
7FF59CEB6000
|
unkown
|
page readonly
|
|
|
|
253F4A02000
|
unkown
|
page read and write
|
|
|
|
7FF5DF07E000
|
unkown
|
page readonly
|
|
|
|
7FF55D63E000
|
unkown
|
page readonly
|
|
|
|
7FF532195000
|
unkown
|
page readonly
|
|
|
|
147B57E000
|
unkown
|
page read and write
|
|
|
|
175D0660000
|
unkown
|
page read and write
|
|
|
|
7FF5E83A5000
|
unkown
|
page readonly
|
|
|
|
7FF5E839C000
|
unkown
|
page readonly
|
|
|
|
7FF50F016000
|
unkown
|
page readonly
|
|
|
|
AFF556E000
|
unkown
|
page read and write
|
|
|
|
257F9680000
|
unkown
|
page read and write
|
|
|
|
7FF55D5C6000
|
unkown
|
page readonly
|
|
|
|
253F98C1000
|
unkown
|
page read and write
|
|
|
|
1C1F6613000
|
unkown
|
page read and write
|
|
|
|
AFF5B7A000
|
unkown
|
page read and write
|
|
|
|
1EEB7E2A000
|
unkown
|
page read and write
|
|
|
|
7FF56659A000
|
unkown
|
page readonly
|
|
|
|
91AAAFE000
|
unkown
|
page read and write
|
|
|
|
257F7C64000
|
unkown
|
page read and write
|
|
|
|
253F98C4000
|
unkown
|
page read and write
|
|
|
|
7FF56671F000
|
unkown
|
page readonly
|
|
|
|
7FF566756000
|
unkown
|
page readonly
|
|
|
|
175D003E000
|
unkown
|
page read and write
|
|
|
|
AFF5EFF000
|
unkown
|
page read and write
|
|
|
|
7FF5068A6000
|
unkown
|
page readonly
|
|
|
|
253F9710000
|
unkown
|
page read and write
|
|
|
|
61FFCFE000
|
unkown
|
page read and write
|
|
|
|
175CFFE0000
|
unkown
|
page readonly
|
|
|
|
7FF532D49000
|
unkown
|
page readonly
|
|
|
|
7FF532CB6000
|
unkown
|
page readonly
|
|
|
|
61806FF000
|
unkown
|
page read and write
|
|
|
|
7FF532C85000
|
unkown
|
page readonly
|
|
|
|
1C1F6460000
|
heap default
|
page read and write
|
|
|
|
7FF5A9B6C000
|
unkown
|
page readonly
|
|
|
|
175CFFF0000
|
unkown
|
page readonly
|
|
|
|
AFF637C000
|
unkown
|
page read and write
|
|
|
|
7FF566765000
|
unkown
|
page readonly
|
|
|
|
7FF55D36A000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0D5000
|
unkown
|
page readonly
|
|
|
|
253F4502000
|
unkown
|
page read and write
|
|
|
|
147AD7D000
|
unkown
|
page read and write
|
|
|
|
147B37B000
|
unkown
|
page read and write
|
|
|
|
AFF647F000
|
unkown
|
page read and write
|
|
|
|
253F9790000
|
unkown
|
page read and write
|
|
|
|
253F9700000
|
unkown
|
page read and write
|
|
|
|
253F4492000
|
unkown
|
page read and write
|
|
|
|
7FF5A9EDE000
|
unkown
|
page readonly
|
|
|
|
147B47C000
|
unkown
|
page read and write
|
|
|
|
7FF53295C000
|
unkown
|
page readonly
|
|
|
|
2133AE49000
|
unkown
|
page read and write
|
|
|
|
7FF59CD6B000
|
unkown
|
page readonly
|
|
|
|
7FF55D599000
|
unkown
|
page readonly
|
|
|
|
1C1F6560000
|
unkown
|
page read and write
|
|
|
|
9DFC27E000
|
unkown
|
page read and write
|
|
|
|
7FF532C23000
|
unkown
|
page readonly
|
|
|
|
1C1F6B90000
|
unkown
|
page readonly
|
|
|
|
7FF5DEC50000
|
unkown
|
page readonly
|
|
|
|
175D0200000
|
unkown
|
page readonly
|
|
|
|
7FF59A777000
|
unkown
|
page readonly
|
|
|
|
253F4B18000
|
unkown
|
page read and write
|
|
|
|
23E79A6C000
|
unkown
|
page read and write
|
|
|
|
1C466F60000
|
unkown
|
page readonly
|
|
|
|
253F4240000
|
heap default
|
page read and write
|
|
|
|
7FF56637D000
|
unkown
|
page readonly
|
|
|
|
257F7B80000
|
heap private
|
page read and write
|
|
|
|
E0C817F000
|
unkown
|
page read and write
|
|
|
|
253F4513000
|
unkown
|
page read and write
|
|
|
|
1C46701B000
|
heap default
|
page read and write
|
|
|
|
28670A60000
|
heap private
|
page read and write
|
|
|
|
7FF532C38000
|
unkown
|
page readonly
|
|
|
|
7FF5E817E000
|
unkown
|
page readonly
|
|
|
|
61FFEFE000
|
unkown
|
page read and write
|
|
|
|
7FF505D99000
|
unkown
|
page readonly
|
|
|
|
253F4441000
|
unkown
|
page read and write
|
|
|
|
61804FF000
|
unkown
|
page read and write
|
|
|
|
7FF59CF9E000
|
unkown
|
page readonly
|
|
|
|
7FF565BF6000
|
unkown
|
page readonly
|
|
|
|
AFF5D79000
|
unkown
|
page read and write
|
|
|
|
2133AE50000
|
unkown
|
page read and write
|
|
|
|
7FF55D57E000
|
unkown
|
page readonly
|
|
|
|
BA34C7C000
|
unkown
|
page read and write
|
|
|
|
7FF5329FE000
|
unkown
|
page readonly
|
|
|
|
7FF532A6B000
|
unkown
|
page readonly
|
|
|
|
7FF50F01C000
|
unkown
|
page readonly
|
|
|
|
7FF5666D0000
|
unkown
|
page readonly
|
|
|
|
7FF50F035000
|
unkown
|
page readonly
|
|
|
|
1C467021000
|
unkown
|
page read and write
|
|
|
|
7FF506655000
|
unkown
|
page readonly
|
|
|
|
7FF50EFEF000
|
unkown
|
page readonly
|
|
|
|
7FF5DEF53000
|
unkown
|
page readonly
|
|
|
|
7FF5DE596000
|
unkown
|
page readonly
|
|
|
|
7FF5E82FC000
|
unkown
|
page readonly
|
|
|
|
7FF50EFF9000
|
unkown
|
page readonly
|
|
|
|
1C1F6688000
|
unkown
|
page read and write
|
|
|
|
9DFC2FE000
|
unkown
|
page read and write
|
|
|
|
257F7C4A000
|
unkown
|
page read and write
|
|
|
|
253F9D20000
|
unkown
|
page readonly
|
|
|
|
7FF50EC78000
|
unkown
|
page readonly
|
|
|
|
253F9A63000
|
unkown
|
page read and write
|
|
|
|
7FF566495000
|
unkown
|
page readonly
|
|
|
|
7FF5E83B0000
|
unkown
|
page readonly
|
|
|
|
7FF59CD48000
|
unkown
|
page readonly
|
|
|
|
7FF532C56000
|
unkown
|
page readonly
|
|
|
|
257F7E00000
|
unkown
|
page readonly
|
|
|
|
147AE7B000
|
unkown
|
page read and write
|
|
|
|
7FF5328D7000
|
unkown
|
page readonly
|
|
|
|
253F9D00000
|
unkown
|
page readonly
|
|
|
|
2133AF13000
|
unkown
|
page read and write
|
|
|
|
7FF5E8322000
|
unkown
|
page readonly
|
|
|
|
23E79A55000
|
unkown
|
page read and write
|
|
|
|
7FF50EF61000
|
unkown
|
page readonly
|
|
|
|
253F4990000
|
unkown
|
page readonly
|
|
|
|
7FF566665000
|
unkown
|
page readonly
|
|
|
|
175D007A000
|
unkown
|
page read and write
|
|
|
|
271D27F000
|
unkown
|
page read and write
|
|
|
|
7FF506851000
|
unkown
|
page readonly
|
|
|
|
7FF55D5E0000
|
unkown
|
page readonly
|
|
|
|
253F9CE0000
|
unkown
|
page readonly
|
|
|
|
7FF59CF44000
|
unkown
|
page readonly
|
|
|
|
7FF59CE98000
|
unkown
|
page readonly
|
|
|
|
7FF50EF47000
|
unkown
|
page readonly
|
|
|
|
7FF5667CE000
|
unkown
|
page readonly
|
|
|
|
7FF59CDB7000
|
unkown
|
page readonly
|
|
|
|
7FF50EBE5000
|
unkown
|
page readonly
|
|
|
|
7FF50F0A9000
|
unkown
|
page readonly
|
|
|
|
253F98D0000
|
unkown
|
page read and write
|
|
|
|
7FF532885000
|
unkown
|
page readonly
|
|
|
|
7FF55CD12000
|
unkown
|
page readonly
|
|
|
|
7FF5DF06A000
|
unkown
|
page readonly
|
|
|
|
7FF55D5B6000
|
unkown
|
page readonly
|
|
|
|
7FF5E833A000
|
unkown
|
page readonly
|
|
|
|
7FF56655F000
|
unkown
|
page readonly
|
|
|
|
2133AE7D000
|
unkown
|
page read and write
|
|
|
|
7FF59CF1C000
|
unkown
|
page readonly
|
|
|
|
91AAFFF000
|
unkown
|
page read and write
|
|
|
|
7FF506700000
|
unkown
|
page readonly
|
|
|
|
271CE75000
|
unkown
|
page read and write
|
|
|
|
1EEB8000000
|
unkown
|
page readonly
|
|
|
|
175D0013000
|
unkown
|
page read and write
|
|
|
|
7FF5E83B7000
|
unkown
|
page readonly
|
|
|
|
7FF565BE4000
|
unkown
|
page readonly
|
|
|
|
2133BB40000
|
unkown
|
page readonly
|
|
|
|
28671260000
|
unkown
|
page read and write
|
|
|
|
257F7C4A000
|
unkown
|
page read and write
|
|
|
|
7FF532C7E000
|
unkown
|
page readonly
|
|
|
|
7FF50EF57000
|
unkown
|
page readonly
|
|
|
|
2133B000000
|
unkown
|
page readonly
|
|
|
|
7FF50EFB6000
|
unkown
|
page readonly
|
|
|
|
1C466FEB000
|
heap default
|
page read and write
|
|
|
|
7FF532CAD000
|
unkown
|
page readonly
|
|
|
|
BA346FE000
|
unkown
|
page read and write
|
|
|
|
E0C8279000
|
unkown
|
page read and write
|
|
|
|
147ACFE000
|
unkown
|
page read and write
|
|
|
|
2133AF08000
|
unkown
|
page read and write
|
|
|
|
BA3467E000
|
unkown
|
page read and write
|
|
|
|
7FF59CDC0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9AFC000
|
unkown
|
page readonly
|
|
|
|
61803FD000
|
unkown
|
page read and write
|
|
|
|
7FF5DF0AD000
|
unkown
|
page readonly
|
|
|
|
7FF5A9EE1000
|
unkown
|
page readonly
|
|
|
|
1C1F6400000
|
heap private
|
page read and write
|
|
|
|
91AAD7D000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E8D000
|
unkown
|
page readonly
|
|
|
|
253F49B0000
|
unkown
|
page read and write
|
|
|
|
61800FC000
|
unkown
|
page read and write
|
|
|
|
23E79A13000
|
unkown
|
page read and write
|
|
|
|
7FF59CEA0000
|
unkown
|
page readonly
|
|
|
|
9DFC07C000
|
unkown
|
page read and write
|
|
|
|
7FF532419000
|
unkown
|
page readonly
|
|
|
|
257F8260000
|
unkown
|
page readonly
|
|
|
|
7FF5E7830000
|
unkown
|
page readonly
|
|
|
|
7FF5A9DE0000
|
unkown
|
page readonly
|
|
|
|
7FF5E8355000
|
unkown
|
page readonly
|
|
|
|
253F98D0000
|
unkown
|
page read and write
|
|
|
|
AFF5E7B000
|
unkown
|
page read and write
|
|
|
|
7FF59CB91000
|
unkown
|
page readonly
|
|
|
|
175D0113000
|
unkown
|
page read and write
|
|
|
|
7FF565EA9000
|
unkown
|
page readonly
|
|
|
|
253F5330000
|
unkown
|
page readonly
|
|
|
|
23E79A29000
|
unkown
|
page read and write
|
|
|
|
AFF54EB000
|
unkown
|
page read and write
|
|
|
|
253F9A00000
|
unkown
|
page read and write
|
|
|
|
175D0028000
|
unkown
|
page read and write
|
|
|
|
7FF5DEF81000
|
unkown
|
page readonly
|
|
|
|
7FF56670E000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0B6000
|
unkown
|
page readonly
|
|
|
|
7FF59CE35000
|
unkown
|
page readonly
|
|
|
|
7FF5E8419000
|
unkown
|
page readonly
|
|
|
|
2133AE8A000
|
unkown
|
page read and write
|
|
|
|
7FF5068A8000
|
unkown
|
page readonly
|
|
|
|
3ADC57F000
|
unkown
|
page read and write
|
|
|
|
91AAB7E000
|
unkown
|
page read and write
|
|
|
|
7FF59B2EC000
|
unkown
|
page readonly
|
|
|
|
7FF59B288000
|
unkown
|
page readonly
|
|
|
|
91AADFE000
|
unkown
|
page read and write
|
|
|
|
E1FE1FF000
|
unkown
|
page read and write
|
|
|
|
7FF50EE7A000
|
unkown
|
page readonly
|
|
|
|
253F5340000
|
unkown
|
page readonly
|
|
|
|
28670C24000
|
unkown
|
page read and write
|
|
|
|
61805FF000
|
unkown
|
page read and write
|
|
|
|
7FF5E80CE000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0C6000
|
unkown
|
page readonly
|
|
|
|
7FF566525000
|
unkown
|
page readonly
|
|
|
|
7FF59B272000
|
unkown
|
page readonly
|
|
|
|
3ADC5FF000
|
unkown
|
page read and write
|
|
|
|
1C1F6E02000
|
unkown
|
page read and write
|
|
|
|
7FF506788000
|
unkown
|
page readonly
|
|
|
|
28670C13000
|
unkown
|
page read and write
|
|
|
|
253F9C50000
|
unkown
|
page readonly
|
|
|
|
7FF532C52000
|
unkown
|
page readonly
|
|
|
|
7FF5665E7000
|
unkown
|
page readonly
|
|
|
|
253F9AB8000
|
unkown
|
page read and write
|
|
|
|
7FF5E7836000
|
unkown
|
page readonly
|
|
|
|
253F99A8000
|
unkown
|
page write copy
|
|
|
|
BA34F7C000
|
unkown
|
page read and write
|
|
|
|
147B1FC000
|
unkown
|
page read and write
|
|
|
|
271CC7B000
|
unkown
|
page read and write
|
|
|
|
7FF56643D000
|
unkown
|
page readonly
|
|
|
|
1EEB8602000
|
unkown
|
page read and write
|
|
|
|
7FF55CA4D000
|
unkown
|
page readonly
|
|
|
|
7FF5A9D94000
|
unkown
|
page readonly
|
|
|
|
1EEB7E13000
|
unkown
|
page read and write
|
|
|
|
7FF5DF08F000
|
unkown
|
page readonly
|
|
|
|
7FF55D56A000
|
unkown
|
page readonly
|
|
|
|
1C1F666C000
|
unkown
|
page read and write
|
|
|
|
253F4470000
|
unkown
|
page read and write
|
|
|
|
257F7C00000
|
unkown
|
page read and write
|
|
|
|
61FFE7B000
|
unkown
|
page read and write
|
|
|
|
253F56D1000
|
unkown
|
page read and write
|
|
|
|
253F99F0000
|
unkown
|
page read and write
|
|
|
|
BA34A7E000
|
unkown
|
page read and write
|
|
|
|
7FF506847000
|
unkown
|
page readonly
|
|
|
|
7FF55D540000
|
unkown
|
page readonly
|
|
|
|
7FF50F044000
|
unkown
|
page readonly
|
|
|
|
7FF506999000
|
unkown
|
page readonly
|
|
|
|
3ADC27E000
|
unkown
|
page read and write
|
|
|
|
253F4475000
|
unkown
|
page read and write
|
|
|
|
257F97A0000
|
unkown
|
page readonly
|
|
|
|
253F56F3000
|
unkown
|
page read and write
|
|
|
|
253F5700000
|
unkown
|
page read and write
|
|
|
|
7FF50691C000
|
unkown
|
page readonly
|
|
|
|
1C466FE0000
|
heap default
|
page read and write
|
|
|
|
7FF59B2E1000
|
unkown
|
page readonly
|
|
|
|
1C466E00000
|
unkown
|
page readonly
|
|
|
|
7FF50EF5A000
|
unkown
|
page readonly
|
|
|
|
147B17F000
|
unkown
|
page read and write
|
|
|
|
7FF5DF042000
|
unkown
|
page readonly
|
|
|
|
1EEB7E02000
|
unkown
|
page read and write
|
|
|
|
257F9790000
|
unkown
|
page read and write
|
|
|
|
AFF627D000
|
unkown
|
page read and write
|
|
|
|
1C1F6629000
|
unkown
|
page read and write
|
|
|
|
253F9CF0000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E51000
|
unkown
|
page readonly
|
|
|
|
7FF5068CE000
|
unkown
|
page readonly
|
|
|
|
1C1F6713000
|
unkown
|
page read and write
|
|
|
|
222F4A50000
|
unkown
|
page readonly
|
|
|
|
257F9A00000
|
unkown
|
page readonly
|
|
|
|
7FF532C0B000
|
unkown
|
page readonly
|
|
|
|
AFF60FE000
|
unkown
|
page read and write
|
|
|
|
222F4C2C000
|
unkown
|
page read and write
|
|
|
|
7FF59B2AE000
|
unkown
|
page readonly
|
|
|
|
7FF59CFA9000
|
unkown
|
page readonly
|
|
|
|
1EEB7E77000
|
unkown
|
page read and write
|
|
|
|
222F4C13000
|
unkown
|
page read and write
|
|
|
|
253F9C00000
|
unkown
|
page read and write
|
|
|
|
7FF55D5CC000
|
unkown
|
page readonly
|
|
|
|
28670C5C000
|
unkown
|
page read and write
|
|
|
|
7FF5A9DFA000
|
unkown
|
page readonly
|
|
|
|
1C1F6F00000
|
unkown
|
page read and write
|
|
|
|
253F5360000
|
unkown
|
page readonly
|
|
|
|
7FF59B282000
|
unkown
|
page readonly
|
|
|
|
7FF532D40000
|
unkown
|
page readonly
|
|
|
|
E0C81FA000
|
unkown
|
page read and write
|
|
|
|
222F4C3A000
|
unkown
|
page read and write
|
|
|
|
7FF532C2C000
|
unkown
|
page readonly
|
|
|
|
7FF50686C000
|
unkown
|
page readonly
|
|
|
|
7DFDB5555000
|
unkown
|
page readonly
|
|
|
|
23E79CD0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9DE2000
|
unkown
|
page readonly
|
|
|
|
3ADBF7B000
|
unkown
|
page read and write
|
|
|
|
7FF59CBF6000
|
unkown
|
page readonly
|
|
|
|
1EEB7D10000
|
heap private
|
page read and write
|
|
|
|
7FF59B2E6000
|
unkown
|
page readonly
|
|
|
|
253F5380000
|
unkown
|
page readonly
|
|
|
|
222F4C29000
|
unkown
|
page read and write
|
|
|
|
7FF532BF7000
|
unkown
|
page readonly
|
|
|
|
1EEB7E89000
|
unkown
|
page read and write
|
|
|
|
7FF506930000
|
unkown
|
page readonly
|
|
|
|
7FF566772000
|
unkown
|
page readonly
|
|
|
|
7FF50EFB2000
|
unkown
|
page readonly
|
|
|
|
175D0802000
|
unkown
|
page read and write
|
|
|
|
7FF59B305000
|
unkown
|
page readonly
|
|
|
|
1C4689E0000
|
heap private
|
page read and write
|
|
|
|
7FF5A9E75000
|
unkown
|
page readonly
|
|
|
|
7FF5E8310000
|
unkown
|
page readonly
|
|
|
|
7FF5E80C7000
|
unkown
|
page readonly
|
|
|
|
7FF50EDD7000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E87000
|
unkown
|
page readonly
|
|
|
|
7FF566015000
|
unkown
|
page readonly
|
|
|
|
23E79A00000
|
unkown
|
page read and write
|
|
|
|
1C1F6470000
|
unkown
|
page readonly
|
|
|
|
253F5390000
|
unkown
|
page readonly
|
|
|
|
253F99E0000
|
unkown
|
page read and write
|
|
|
|
7FF50EBE1000
|
unkown
|
page readonly
|
|
|
|
91AA9FE000
|
unkown
|
page read and write
|
|
|
|
253F4B18000
|
unkown
|
page read and write
|
|
|
|
7FF566774000
|
unkown
|
page readonly
|
|
|
|
7FF59AF30000
|
unkown
|
page readonly
|
|
|
|
253F4600000
|
unkown
|
page readonly
|
|
|
|
23E79990000
|
unkown
|
page readonly
|
|
|
|
7FF5DF149000
|
unkown
|
page readonly
|
|
|
|
7FF50686A000
|
unkown
|
page readonly
|
|
|
|
257F9802000
|
unkown
|
page read and write
|
|
|
|
1C1F6F3A000
|
unkown
|
page read and write
|
|
|
|
7FF506660000
|
unkown
|
page readonly
|
|
|
|
7FF5E8326000
|
unkown
|
page readonly
|
|
|
|
7FF55D5D5000
|
unkown
|
page readonly
|
|
|
|
7FF5665A9000
|
unkown
|
page readonly
|
|
|
|
7FF5DEC3A000
|
unkown
|
page readonly
|
|
|
|
1EEB7D70000
|
heap default
|
page read and write
|
|
|
|
7FF532A7C000
|
unkown
|
page readonly
|
|
|
|
7DFED895A000
|
unkown
|
page readonly
|
|
|
|
7FF532ACF000
|
unkown
|
page readonly
|
|
|
|
7FF5E81B8000
|
unkown
|
page readonly
|
|
|
|
28671402000
|
unkown
|
page read and write
|
|
|
|
1C1F7000000
|
unkown
|
page readonly
|
|
|
|
253F9A13000
|
unkown
|
page read and write
|
|
|
|
3ADC47B000
|
unkown
|
page read and write
|
|
|
|
147AFFE000
|
unkown
|
page read and write
|
|
|
|
7FF59B0FF000
|
unkown
|
page readonly
|
|
|
|
253F9A00000
|
unkown
|
page read and write
|
|
|
|
253F9A2F000
|
unkown
|
page read and write
|
|
|
|
7FF532A10000
|
unkown
|
page readonly
|
|
|
|
253F44BA000
|
unkown
|
page read and write
|
|
|
|
257F9902000
|
unkown
|
page read and write
|
|
|
|
7FF5E82A5000
|
unkown
|
page readonly
|
|
|
|
7FF59CEDE000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0CC000
|
unkown
|
page readonly
|
|
|
|
7FF5E80D5000
|
unkown
|
page readonly
|
|
|
|
7FF59B2FC000
|
unkown
|
page readonly
|
|
|
|
23E79B13000
|
unkown
|
page read and write
|
|
|
|
1C466DA0000
|
unkown
|
page readonly
|
|
|
|
253F4B00000
|
unkown
|
page read and write
|
|
|
|
61807FF000
|
unkown
|
page read and write
|
|
|
|
BA3497F000
|
unkown
|
page read and write
|
|
|
|
28670BA0000
|
unkown
|
page readonly
|
|
|
|
7FF532C8F000
|
unkown
|
page readonly
|
|
|
|
222F5202000
|
unkown
|
page read and write
|
|
|
|
7FF532918000
|
unkown
|
page readonly
|
|
|
|
175D006C000
|
unkown
|
page read and write
|
|
|
|
7FF59CB7F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9B63000
|
unkown
|
page readonly
|
|
|
|
7FF532C99000
|
unkown
|
page readonly
|
|
|
|
1C1F6600000
|
unkown
|
page read and write
|
|
|
|
257F97B0000
|
unkown
|
page readonly
|
|
|
|
7FF50690C000
|
unkown
|
page readonly
|
|
|
|
7FF55D5E4000
|
unkown
|
page readonly
|
|
|
|
7FF56675C000
|
unkown
|
page readonly
|
|
|
|
7FF5A9DF6000
|
unkown
|
page readonly
|
|
|
|
253F4A00000
|
unkown
|
page read and write
|
|
|
|
7FF532A05000
|
unkown
|
page readonly
|
|
|
|
7FF532CE0000
|
unkown
|
page readonly
|
|
|
|
7FF59B36E000
|
unkown
|
page readonly
|
|
|
|
7FF5067A7000
|
unkown
|
page readonly
|
|
|
|
257F9D40000
|
unkown
|
page write copy
|
|
|
|
BA34D7D000
|
unkown
|
page read and write
|
|
|
|
222F4B30000
|
unkown
|
page readonly
|
|
|
|
253F9C00000
|
unkown
|
page read and write
|
|
|
|
7FF506927000
|
unkown
|
page readonly
|
|
|
|
7FF59AF44000
|
unkown
|
page readonly
|
|
|
|
7FF59CFA0000
|
unkown
|
page readonly
|
|
|
|
271CF7B000
|
unkown
|
page read and write
|
|
|
|
61802FF000
|
unkown
|
page read and write
|
|
|
|
7FF59CEE5000
|
unkown
|
page readonly
|
|
|
|
2133AE53000
|
unkown
|
page read and write
|
|
|
|
253F9750000
|
unkown
|
page readonly
|
|
|
|
7FF55D58F000
|
unkown
|
page readonly
|
|
|
|
BA343DB000
|
unkown
|
page read and write
|
|
|
|
7FF5DF13E000
|
unkown
|
page readonly
|
|
|
|
7FF5DEF0E000
|
unkown
|
page readonly
|
|
|
|
7FF55CA4F000
|
unkown
|
page readonly
|
|
|
|
7FF5DF141000
|
unkown
|
page readonly
|
|
|
|
7FF5DF040000
|
unkown
|
page readonly
|
|
|
|
1EEB7DA0000
|
unkown
|
page read and write
|
|
|
|
253F9780000
|
unkown
|
page read and write
|
|
|
|
23E79940000
|
unkown
|
page write copy
|
|
|
|
7FF59B2BF000
|
unkown
|
page readonly
|
|
|
|
7FF532CB1000
|
unkown
|
page readonly
|
|
|
|
2133B602000
|
unkown
|
page read and write
|
|
|
|
257F7C26000
|
unkown
|
page read and write
|
|
|
|
7FF59CF47000
|
unkown
|
page readonly
|
|
|
|
7FF5068DF000
|
unkown
|
page readonly
|
|
|
|
7FF5E8308000
|
unkown
|
page readonly
|
|
|
|
2133B800000
|
unkown
|
page readonly
|
|
|
|
7FF56674C000
|
unkown
|
page readonly
|
|
|
|
7FF55D649000
|
unkown
|
page readonly
|
|
|
|
7FF532AEE000
|
unkown
|
page readonly
|
|
|
|
7FF566578000
|
unkown
|
page readonly
|
|
|
|
7FF532C40000
|
unkown
|
page readonly
|
|
|
|
1C466F70000
|
unkown
|
page readonly
|
|
|
|
7FF59CECA000
|
unkown
|
page readonly
|
|
|
|
7FF5E819F000
|
unkown
|
page readonly
|
|
|
|
7FF506603000
|
unkown
|
page readonly
|
|
|
|
7FF5E8328000
|
unkown
|
page readonly
|
|
|
|
61FFD7D000
|
unkown
|
page read and write
|
|
|
|
253F9A57000
|
unkown
|
page read and write
|
|
|
|
61808FE000
|
unkown
|
page read and write
|
|
|
|
253F4B02000
|
unkown
|
page read and write
|
|
|
|
7FF565BEE000
|
unkown
|
page readonly
|
|
|
|
7FF5067A3000
|
unkown
|
page readonly
|
|
|
|
253F4250000
|
unkown
|
page readonly
|
|
|
|
7FF532CE4000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E25000
|
unkown
|
page readonly
|
|
|
|
257F9710000
|
unkown
|
page read and write
|
|
|
|
7FF50EFA0000
|
unkown
|
page readonly
|
|
|
|
1C1F66C7000
|
unkown
|
page read and write
|
|
|
|
2133AF02000
|
unkown
|
page read and write
|
|
|
|
7FF566777000
|
unkown
|
page readonly
|
|
|
|
7FF59CEF9000
|
unkown
|
page readonly
|
|
|
|
7FF532CD5000
|
unkown
|
page readonly
|
|
|
|
253F4320000
|
unkown
|
page readonly
|
|
|
|
147B2FD000
|
unkown
|
page read and write
|
|
|
|
147B77F000
|
unkown
|
page read and write
|
|
|
|
2133ADE0000
|
unkown
|
page read and write
|
|
|
|
175CFF10000
|
unkown
|
page readonly
|
|
|
|
9DFC37C000
|
unkown
|
page read and write
|
|
|
|
1C1F663E000
|
unkown
|
page read and write
|
|
|
|
257F9790000
|
unkown
|
page read and write
|
|
|
|
175D0100000
|
unkown
|
page read and write
|
|
|
|
1C466FC0000
|
heap private
|
page read and write
|
|
|
|
AFF597E000
|
unkown
|
page read and write
|
|
|
|
147B07E000
|
unkown
|
page read and write
|
|
|
|
1C468880000
|
unkown
|
page readonly
|
|
|
|
253F99D0000
|
unkown
|
page read and write
|
|
|
|
175D0A00000
|
unkown
|
page readonly
|
|
|
|
253F5350000
|
unkown
|
page readonly
|
|
|
|
7FF506937000
|
unkown
|
page readonly
|
|
|
|
253F98C0000
|
unkown
|
page read and write
|
|
|
|
7FF59CB82000
|
unkown
|
page readonly
|
|
|
|
1C466ED0000
|
unkown
|
page read and write
|
|
|
|
253F448B000
|
unkown
|
page read and write
|
|
|
|
7FF53295F000
|
unkown
|
page readonly
|
|
|
|
BA34E7E000
|
unkown
|
page read and write
|
|
|
|
7FF59B314000
|
unkown
|
page readonly
|
|
|
|
E1FDC7C000
|
unkown
|
page read and write
|
|
|
|
7FF532B10000
|
unkown
|
page readonly
|
|
|
|
23E7B470000
|
unkown
|
page read and write
|
|
|
|
7FF5DEF87000
|
unkown
|
page readonly
|
|
|
|
1C1F6C60000
|
unkown
|
page readonly
|
|
|
|
2133AF00000
|
unkown
|
page read and write
|
|
|
|
7FF5DF0E7000
|
unkown
|
page readonly
|
|
|
|
7FF532B19000
|
unkown
|
page readonly
|
|
|
|
1C466FC5000
|
heap private
|
page read and write
|
|
|
|
AFF5FFF000
|
unkown
|
page read and write
|
|
|
|
222F4C3C000
|
unkown
|
page read and write
|
|
|
|
7FF50EFB8000
|
unkown
|
page readonly
|
|
|
|
28670C02000
|
unkown
|
page read and write
|
|
|
|
7FF59CE27000
|
unkown
|
page readonly
|
|
|
|
2133AE48000
|
unkown
|
page read and write
|
|
|
|
7FF50F09E000
|
unkown
|
page readonly
|
|
|
|
7FF505D9D000
|
unkown
|
page readonly
|
|
|
|
7FF532CC6000
|
unkown
|
page readonly
|
|
|
|
253F98AE000
|
unkown
|
page read and write
|
|
|
|
7FF5068A2000
|
unkown
|
page readonly
|
|
|
|
7FF5DE56B000
|
unkown
|
page readonly
|
|
|
|
7FF532C01000
|
unkown
|
page readonly
|
|
|
|
222F4C31000
|
unkown
|
page read and write
|
|
|
|
7FF59CB0E000
|
unkown
|
page readonly
|
|
|
|
7FF5329CC000
|
unkown
|
page readonly
|
|
|
|
7FF5E8419000
|
unkown
|
page readonly
|
|
|
|
253F9A49000
|
unkown
|
page read and write
|
|
|
|
7FF532AFC000
|
unkown
|
page readonly
|
|
|
|
1C1F6702000
|
unkown
|
page read and write
|
|
|
|
253F56F0000
|
unkown
|
page read and write
|
|
|
|
7FF5E837D000
|
unkown
|
page readonly
|
|
|
|
28670C3D000
|
unkown
|
page read and write
|
|
|
|
23E79B00000
|
unkown
|
page read and write
|
|
|
|
253F9AB5000
|
unkown
|
page read and write
|
|
|
|
7FF59CEEF000
|
unkown
|
page readonly
|
|
|
|
61FFFFF000
|
unkown
|
page read and write
|
|
|
|
175D0590000
|
unkown
|
page readonly
|
|
|
|
7FF5DF052000
|
unkown
|
page readonly
|
|
|
|
1C1F6540000
|
unkown
|
page readonly
|
|
|
|
1C1F65A0000
|
unkown
|
page write copy
|
|
|
|
253F98E0000
|
unkown
|
page read and write
|
|
|
|
7FF56673D000
|
unkown
|
page readonly
|
|
|
|
7FF59CF11000
|
unkown
|
page readonly
|
|
|
|
7FF59CF0D000
|
unkown
|
page readonly
|
|
|
|
253F4B58000
|
unkown
|
page read and write
|
|
|
|
253F98A8000
|
unkown
|
page read and write
|
|
|
|
253F9974000
|
unkown
|
page readonly
|
|
|
|
271D17F000
|
unkown
|
page read and write
|
|
|
|
7FF566540000
|
unkown
|
page readonly
|
|
|
|
7FF59B371000
|
unkown
|
page readonly
|
|
|
|
222F4C83000
|
unkown
|
page read and write
|
|
|
|
253F44AC000
|
unkown
|
page read and write
|
|
|
|
2133ADD0000
|
unkown
|
page readonly
|
|
|
|
7FF506906000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0BC000
|
unkown
|
page readonly
|
|
|
|
7FF5E8386000
|
unkown
|
page readonly
|
|
|
|
7FF50EFDE000
|
unkown
|
page readonly
|
|
|
|
7FF5E83B4000
|
unkown
|
page readonly
|
|
|
|
7FF5A9DF8000
|
unkown
|
page readonly
|
|
|
|
257F7C5A000
|
unkown
|
page read and write
|
|
|
|
253F9997000
|
unkown
|
page readonly
|
|
|
|
7FF566746000
|
unkown
|
page readonly
|
|
|
|
7FF53294D000
|
unkown
|
page readonly
|
|
|
|
7FF55D585000
|
unkown
|
page readonly
|
|
|
|
7FF50698E000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E66000
|
unkown
|
page readonly
|
|
|
|
7FF59CF2C000
|
unkown
|
page readonly
|
|
|
|
28670C00000
|
unkown
|
page read and write
|
|
|
|
1C4670E0000
|
unkown
|
page readonly
|
|
|
|
7FF55D5BC000
|
unkown
|
page readonly
|
|
|
|
7FF59CBDE000
|
unkown
|
page readonly
|
|
|
|
253F98E4000
|
unkown
|
page read and write
|
|
|
|
28670E00000
|
unkown
|
page readonly
|
|
|
|
7FF532BB5000
|
unkown
|
page readonly
|
|
|
|
23E79A6E000
|
unkown
|
page read and write
|
|
|
|
253F442A000
|
unkown
|
page read and write
|
|
|
|
7FF532BE1000
|
unkown
|
page readonly
|
|
|
|
7FF59CEB2000
|
unkown
|
page readonly
|
|
|
|
253F9AAD000
|
unkown
|
page read and write
|
|
|
|
253F9C00000
|
unkown
|
page readonly
|
|
|
|
2133AE3C000
|
unkown
|
page read and write
|
|
|
|
222F4B20000
|
unkown
|
page readonly
|
|
|
|
61809FF000
|
unkown
|
page read and write
|
|
|
|
271D077000
|
unkown
|
page read and write
|
|
|
|
7FF59CCD4000
|
unkown
|
page readonly
|
|
|
|
253F97A0000
|
unkown
|
page read and write
|
|
|
|
257F7BE0000
|
heap default
|
page read and write
|
|
|
|
253F44A5000
|
unkown
|
page read and write
|
|
|
|
28670C2A000
|
unkown
|
page read and write
|
|
|
|
7FF532D49000
|
unkown
|
page readonly
|
|
|
|
28670BC0000
|
unkown
|
page read and write
|
|
|
|
7FF532C58000
|
unkown
|
page readonly
|
|
|
|
1C467470000
|
unkown
|
page readonly
|
|
|
|
1EEB8460000
|
unkown
|
page readonly
|
|
|
|
253F99C0000
|
unkown
|
page read and write
|
|
|
|
7FF5DF056000
|
unkown
|
page readonly
|
|
|
|
1EEB7E5A000
|
unkown
|
page read and write
|
|
|
|
1EEB7E00000
|
unkown
|
page read and write
|
|
|
|
147AC7C000
|
unkown
|
page read and write
|
|
|
|
E1FDD7E000
|
unkown
|
page read and write
|
|
|
|
222F51A0000
|
unkown
|
page read and write
|
|
|
|
7FF59B23B000
|
unkown
|
page readonly
|
|
|
|
7FF55D5AD000
|
unkown
|
page readonly
|
|
|
|
253F4489000
|
unkown
|
page read and write
|
|
|
|
1C1F6800000
|
unkown
|
page readonly
|
|
|
|
1EEB7DC0000
|
unkown
|
page readonly
|
|
|
|
253F5170000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E80000
|
unkown
|
page readonly
|
|
|
|
1EEB7F02000
|
unkown
|
page read and write
|
|
|
|
257F7BF0000
|
unkown
|
page readonly
|
|
|
|
28671190000
|
unkown
|
page readonly
|
|
|
|
2133ADC0000
|
unkown
|
page readonly
|
|
|
|
9DFC17E000
|
unkown
|
page read and write
|
|
|
|
2133AD50000
|
heap private
|
page read and write
|
|
|
|
7FF59CE7A000
|
unkown
|
page readonly
|
|
|
|
7FF5666E8000
|
unkown
|
page readonly
|
|
|
|
E1FE0FF000
|
unkown
|
page read and write
|
|
|
|
7FF5E8369000
|
unkown
|
page readonly
|
|
|
|
1C466F10000
|
unkown
|
page readonly
|
|
|
|
AFF55EE000
|
unkown
|
page read and write
|
|
|
|
E0C807B000
|
unkown
|
page read and write
|
|
|
|
E0C837E000
|
unkown
|
page read and write
|
|
|
|
AFF607E000
|
unkown
|
page read and write
|
|
|
|
7FF532CBC000
|
unkown
|
page readonly
|
|
|
|
7FF5DEF1A000
|
unkown
|
page readonly
|
|
|
|
7FF506999000
|
unkown
|
page readonly
|
|
|
|
257F7C13000
|
unkown
|
page read and write
|
|
|
|
7FF59CDCC000
|
unkown
|
page readonly
|
|
|
|
28670AD0000
|
unkown
|
page readonly
|
|
|
|
AFF5F7E000
|
unkown
|
page read and write
|
|
|
|
7FF566311000
|
unkown
|
page readonly
|
|
|
|
253F4413000
|
unkown
|
page read and write
|
|
|
|
7FF5E7FE8000
|
unkown
|
page readonly
|
|
|
|
7FF50F047000
|
unkown
|
page readonly
|
|
|
|
7FF59B2DD000
|
unkown
|
page readonly
|
|
|
|
7FF59B247000
|
unkown
|
page readonly
|
|
|
|
257F7ED0000
|
unkown
|
page readonly
|
|
|
|
7FF532B01000
|
unkown
|
page readonly
|
|
|
|
E0C82FF000
|
unkown
|
page read and write
|
|
|
|
175D0102000
|
unkown
|
page read and write
|
|
|
|
253F9A81000
|
unkown
|
page read and write
|
|
|
|
7FF5328C0000
|
unkown
|
page readonly
|
|
|
|
253F44FC000
|
unkown
|
page read and write
|
|
|
|
28670D02000
|
unkown
|
page read and write
|
|
|
|
7FF532BC7000
|
unkown
|
page readonly
|
|
|
|
1EEB7F13000
|
unkown
|
page read and write
|
|
|
|
1EEB80D0000
|
unkown
|
page readonly
|
|
|
|
7FF55D649000
|
unkown
|
page readonly
|
|
|
|
7FF50F011000
|
unkown
|
page readonly
|
|
|
|
7FF50F026000
|
unkown
|
page readonly
|
|
|
|
253F9994000
|
unkown
|
page readonly
|
|
|
|
7FF5E840E000
|
unkown
|
page readonly
|
|
|
|
7FF5DF0E4000
|
unkown
|
page readonly
|
|
|
|
7FF532956000
|
unkown
|
page readonly
|
|
|
|
253F9A3C000
|
unkown
|
page read and write
|
|
|
|
7FF5E81E9000
|
unkown
|
page readonly
|
|
|
|
257F7C02000
|
unkown
|
page read and write
|
|
|
|
7FF59B2C9000
|
unkown
|
page readonly
|
|
|
|
222F4A40000
|
heap default
|
page read and write
|
|
|
|
7FF5A9D8A000
|
unkown
|
page readonly
|
|
|
|
91AA87C000
|
unkown
|
page read and write
|
|
|
|
2133AE00000
|
unkown
|
page read and write
|
|
|
|
23E79A3F000
|
unkown
|
page read and write
|
|
|
|
1C468B60000
|
heap private
|
page read and write
|
|
|
|
23E79C00000
|
unkown
|
page readonly
|
|
|
|
7FF566503000
|
unkown
|
page readonly
|
|
|
|
7FF5066EA000
|
unkown
|
page readonly
|
|
|
|
7FF5068BA000
|
unkown
|
page readonly
|
|
|
|
7FF50F0A0000
|
unkown
|
page readonly
|
|
|
|
7FF5329F7000
|
unkown
|
page readonly
|
|
|
|
257F9790000
|
unkown
|
page read and write
|
|
|
|
222F4E00000
|
unkown
|
page readonly
|
|
|
|
7FF5DEF38000
|
unkown
|
page readonly
|
|
|
|
7FF5DEFBC000
|
unkown
|
page readonly
|
|
|
|
91AA8FE000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E84000
|
unkown
|
page readonly
|
|
|
|
253F9A22000
|
unkown
|
page read and write
|
|
|
|
2133B0D0000
|
unkown
|
page readonly
|
|
|
|
7FF506991000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E56000
|
unkown
|
page readonly
|
|
|
|
7FF59CF35000
|
unkown
|
page readonly
|
|
|
|
7FF50684A000
|
unkown
|
page readonly
|
|
|
|
AFF617F000
|
unkown
|
page read and write
|
|
|
|
7FF5DEC40000
|
unkown
|
page readonly
|
|
|
|
253F9970000
|
unkown
|
page write copy
|
|
|
|
7FF5667D1000
|
unkown
|
page readonly
|
|
|
|
9DFC1FD000
|
unkown
|
page read and write
|
|
|
|
23E798D0000
|
heap private
|
page read and write
|
|
|
|
271CCFF000
|
unkown
|
page read and write
|
|
|
|
222F4C00000
|
unkown
|
page read and write
|
|
|
|
253F9AB8000
|
unkown
|
page read and write
|
|
|
|
7FF5666C4000
|
unkown
|
page readonly
|
|
|
|
257F9670000
|
unkown
|
page readonly
|
|
|
|
7FF50EFE5000
|
unkown
|
page readonly
|
|
|
|
7FF5068D5000
|
unkown
|
page readonly
|
|
|
|
253F99AC000
|
unkown
|
page readonly
|
|
|
|
253F9C00000
|
unkown
|
page read and write
|
|
|
|
253F9A9D000
|
unkown
|
page read and write
|
|
|
|
7FF59B317000
|
unkown
|
page readonly
|
|
|
|
7FF5666C8000
|
unkown
|
page readonly
|
|
|
|
7FF55CA52000
|
unkown
|
page readonly
|
|
|
|
7FF5667D9000
|
unkown
|
page readonly
|
|
|
|
7FF532B08000
|
unkown
|
page readonly
|
|
|
|
E1FDCFE000
|
unkown
|
page read and write
|
|
|
|
1EEB8800000
|
unkown
|
page readonly
|
|
|
|
7FF566715000
|
unkown
|
page readonly
|
|
|
|
7FF5666E6000
|
unkown
|
page readonly
|
|
|
|
7FF50EF8C000
|
unkown
|
page readonly
|
|
|
|
7FF5068AA000
|
unkown
|
page readonly
|
|
|
|
7FF50EF98000
|
unkown
|
page readonly
|
|
|
|
7FF50F00D000
|
unkown
|
page readonly
|
|
|
|
1C1F6550000
|
unkown
|
page readonly
|
|
|
|
1EEB7E6C000
|
unkown
|
page read and write
|
|
|
|
7FF532AAE000
|
unkown
|
page readonly
|
|
|
|
7FF59AF33000
|
unkown
|
page readonly
|
|
|
|
7FF5A9EE9000
|
unkown
|
page readonly
|
|
|
|
7FF5068FD000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E39000
|
unkown
|
page readonly
|
|
|
|
253F4B59000
|
unkown
|
page read and write
|
|
|
|
7FF5DEF5D000
|
unkown
|
page readonly
|
|
|
|
253F4400000
|
unkown
|
page read and write
|
|
|
|
1C468ADF000
|
heap private
|
page read and write
|
|
|
|
1C467020000
|
unkown
|
page read and write
|
|
|
|
7FF59AF37000
|
unkown
|
page readonly
|
|
|
|
222F4C02000
|
unkown
|
page read and write
|
|
|
|
7FF55D556000
|
unkown
|
page readonly
|
|
|
|
1C466F20000
|
unkown
|
page readonly
|
|
|
|
7FF50EE10000
|
unkown
|
page readonly
|
|
|
|
253F9AB5000
|
unkown
|
page read and write
|
|
|
|
7FF55D641000
|
unkown
|
page readonly
|
|
|
|
7FF5DF058000
|
unkown
|
page readonly
|
|
|
|
7FF59B379000
|
unkown
|
page readonly
|
|
|
|
28670BF0000
|
unkown
|
page read and write
|
|
|
|
7FF5DEE6A000
|
unkown
|
page readonly
|
|
|
|
BA34B7F000
|
unkown
|
page read and write
|
|
|
|
1C468AF0000
|
heap private
|
page read and write
|
|
|
|
7FF532A88000
|
unkown
|
page readonly
|
|
|
|
E0C80FF000
|
unkown
|
page read and write
|
|
|
|
23E79930000
|
heap default
|
page read and write
|
|
|
|
7FF532C6A000
|
unkown
|
page readonly
|
|
|
|
7FF532585000
|
unkown
|
page readonly
|
|
|
|
253F99B0000
|
unkown
|
page read and write
|
|
|
|
7FF59B2F6000
|
unkown
|
page readonly
|
|
|
|
257F7C2A000
|
unkown
|
page read and write
|
|
|
|
7FF5DF085000
|
unkown
|
page readonly
|
|
|
|
1EEB7E3F000
|
unkown
|
page read and write
|
|
|
|
175CFEA0000
|
heap private
|
page read and write
|
|
|
|
7FF532C27000
|
unkown
|
page readonly
|
|
|
|
1C1F6590000
|
unkown
|
page readonly
|
|
|
|
7FF5E838C000
|
unkown
|
page readonly
|
|
|
|
7FF506607000
|
unkown
|
page readonly
|
|
|
|
7FF55D3CF000
|
unkown
|
page readonly
|
|
|
|
1C1F66B9000
|
unkown
|
page read and write
|
|
|
|
28670AC0000
|
heap default
|
page read and write
|
|
|
|
AFF5C7F000
|
unkown
|
page read and write
|
|
|
|
253F9C40000
|
unkown
|
page readonly
|
|
|
|
7FF532881000
|
unkown
|
page readonly
|
|
|
|
7FF50EFA2000
|
unkown
|
page readonly
|
|
|
|
7FF50F02C000
|
unkown
|
page readonly
|
|
|
|
222F4D02000
|
unkown
|
page read and write
|
|
|
|
253F4B13000
|
unkown
|
page read and write
|
|
|
|
7FF59AF95000
|
unkown
|
page readonly
|
|
|
|
253F4457000
|
unkown
|
page read and write
|
|
|
|
1C466EF0000
|
unkown
|
page read and write
|
|
|
|
7FF59CF26000
|
unkown
|
page readonly
|
|
|
|
2133AE13000
|
unkown
|
page read and write
|
|
|
|
23E79A02000
|
unkown
|
page read and write
|
|
|
|
253F5250000
|
unkown
|
page read and write
|
|
|
|
7FF59B2B5000
|
unkown
|
page readonly
|
|
|
|
7FF59B270000
|
unkown
|
page readonly
|
|
|
|
7FF59CEA2000
|
unkown
|
page readonly
|
|
|
|
7FF5065F4000
|
unkown
|
page readonly
|
|
|
|
7FF5DF149000
|
unkown
|
page readonly
|
|
|
|
222F5190000
|
unkown
|
page readonly
|
|
|
|
222F49E0000
|
heap private
|
page read and write
|
|
|
|
2133ADB0000
|
heap default
|
page read and write
|
|
|
|
61801FE000
|
unkown
|
page read and write
|
|
|
|
BA3487D000
|
unkown
|
page read and write
|
|
|
|
1C1F66CA000
|
unkown
|
page read and write
|
|
|
|
7FF59CD0E000
|
unkown
|
page readonly
|
|
|
|
23E799D0000
|
unkown
|
page read and write
|
|
|
|
253F9970000
|
unkown
|
page read and write
|
|
|
|
7FF532C42000
|
unkown
|
page readonly
|
|
|
|
28670BF0000
|
unkown
|
page read and write
|
|
|
|
253F9C60000
|
unkown
|
page readonly
|
|
|
|
7FF5328DE000
|
unkown
|
page readonly
|
|
|
|
253F41E0000
|
heap private
|
page read and write
|
|
|
|
28670BB0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E4D000
|
unkown
|
page readonly
|
|
|
|
1EEB7D90000
|
unkown
|
page readonly
|
|
|
|
257F96A0000
|
unkown
|
page read and write
|
|
|
|
28670BF0000
|
unkown
|
page read and write
|
|
|
|
7FF55D5E7000
|
unkown
|
page readonly
|
|
|
|
253F9AB3000
|
unkown
|
page read and write
|
|
|
|
7FF5E8396000
|
unkown
|
page readonly
|
|
|
|
7FF59B379000
|
unkown
|
page readonly
|
|
|
|
253F98A0000
|
unkown
|
page read and write
|
|
|
|
7FF5E8312000
|
unkown
|
page readonly
|
|
|
|
7FF59CD2F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9EE9000
|
unkown
|
page readonly
|
|
|
|
2133AE4D000
|
unkown
|
page read and write
|
|
|
|
7FF59CE8C000
|
unkown
|
page readonly
|
|
|
|
7FF5E80E0000
|
unkown
|
page readonly
|
|
|
|
7FF59CB12000
|
unkown
|
page readonly
|
|
|
|
257F7D02000
|
unkown
|
page read and write
|
|
|
|
7FF5E8411000
|
unkown
|
page readonly
|
|
|
|
257F7D00000
|
unkown
|
page read and write
|
|
|
|
7FF59CFA9000
|
unkown
|
page readonly
|
|
|
|
7FF53219D000
|
unkown
|
page readonly
|
|
|
|
253F4479000
|
unkown
|
page read and write
|
|
|
|
23E79B02000
|
unkown
|
page read and write
|
|
|
|
7FF5E82EA000
|
unkown
|
page readonly
|
|
|
|
7FF55D558000
|
unkown
|
page readonly
|
|
|
|
7FF566315000
|
unkown
|
page readonly
|
|
|
|
253F98A0000
|
unkown
|
page read and write
|
|
|
|
7FF5666D2000
|
unkown
|
page readonly
|
|
|
|
7FF5DF099000
|
unkown
|
page readonly
|
|
|
|
1EEB7D80000
|
unkown
|
page readonly
|
|
|
|
7FF532CCC000
|
unkown
|
page readonly
|
|
|
|
23E7B570000
|
unkown
|
page readonly
|
|
|
|
9DFC0FE000
|
unkown
|
page read and write
|
|
|
|
253F5370000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E92000
|
unkown
|
page readonly
|
|
|
|
271CD7F000
|
unkown
|
page read and write
|
|
|
|
175D0000000
|
unkown
|
page read and write
|
|
|
|
1C466F80000
|
unkown
|
page readonly
|
|
|
|
7FF5A9E0A000
|
unkown
|
page readonly
|
|
|
|
1EEB7E66000
|
unkown
|
page read and write
|
|
|
|
2133AE02000
|
unkown
|
page read and write
|
|
|
|
7FF5DEECF000
|
unkown
|
page readonly
|
|
|
|
91AAC7F000
|
unkown
|
page read and write
|
|
|
|
222F4C55000
|
unkown
|
page read and write
|
|
|
|
AFF5A7A000
|
unkown
|
page read and write
|
|
|
|
7FF5DF0E0000
|
unkown
|
page readonly
|
|
|
|
7FF5667D9000
|
unkown
|
page readonly
|
|
|
|
147B67D000
|
unkown
|
page read and write
|
|
|
|
7FF50F0A9000
|
unkown
|
page readonly
|
|
|
|
253F449D000
|
unkown
|
page read and write
|
|
|
|
7FF5A9E6C000
|
unkown
|
page readonly
|
|
|
|
175CFF00000
|
heap default
|
page read and write
|
|
|
|
7FF506934000
|
unkown
|
page readonly
|
|
There are 825 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://mydocushare.docushareportal657.xyz/O365/home?MTYxMTc0MTcyMTc4MmI1OWM1YjgzM2ZhNDhjMWY4YjI4MGRhYzk4YmEwZWE4MmU5N2I5MGQzNDMwNDIxNjdlMzM5MzkwZDczMmMwZDBiYzkyMg==&data=am9hbm5hLmthaW0ta2VydGhAaWcuY29t&email=joanna.kaim-kerth@ig.com&MTYxMTc0MTcyMWExZTE4OGY1ZTFlNTA0ZjViN2NkMDRhNzdhODlhMWY1NzRkZDE3OGE5OGUyZGZhMTFlMDgzZTJjYmFjMzYzMjM3NjNhOTc5MA==%3D
|
|