IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com
URL
initial url
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 58596 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0869d031-5cb1-4aa4-82f8-d9dea2ef6fa2.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3131b0ff-c790-4d91-b772-b2d4467228f9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\6380d18b-7640-4e6a-9d86-f1cc0c30b22e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\68ece7bf-824a-44e5-a2cc-99f6b611d946.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1574577d-1303-4360-b2d2-7a001c227c51.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2c564247-f5bc-4b16-a954-c6f32975d65b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\300c7021-d8b9-48a6-a74b-12782db4358e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\39ca5eea-0084-47b0-a549-5f4c8acb9dde.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\43d3f142-9db5-407e-9615-b4eab73bf2c0.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ff5ae1b-f9b3-4e3f-a917-fd60ed51fb99.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e29eaa8f606a452_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\56aefa09742044bf_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75ea7cb2dc185fee_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc5a8aa50bf25355_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e47a33ac8e679b3a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f8d798d069065fcb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\268198b6-5f46-4002-a89a-35bece8dc8ab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\191ba0ee-a227-4778-aa0f-376ebe1a9c61.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a71e61e4-40a1-4c22-b65a-23f6de49f0b7.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b1db336d-b13d-4990-9faf-16fb50bd979b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\00ba8e9f-836b-45f0-b357-7605248f5c36.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\5fa42d40-5425-4bd5-913c-900563c92636.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\a6e301e5-1c0a-4f9d-a5f8-af8c8687511c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\ee97ac8e-f3b7-4694-ad38-27cac3985026.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1324291470\a6e301e5-1c0a-4f9d-a5f8-af8c8687511c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\00ba8e9f-836b-45f0-b357-7605248f5c36.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5636_1333954294\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
There are 162 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1616,10129630995323838965,6101514469676002512,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1680 /prefetch:8
clean

URLs

Name
IP
Malicious
https://dns.google
unknown
 clean
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://a.nel.cloudflare.com/report?s=xkpt82MHHMv3muDjCOwvAAgdJpt8uB5ERV7nx2Iz%2BKCgOGTBJFWZlxkLW2eh
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://cdn.jsdelivr.net/npm/jquery.session
unknown
 clean

Domains

Name
IP
Malicious
stackpath.bootstrapcdn.com
104.18.10.207
 clean
s3.amazonaws.com
52.217.76.78
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
maxcdn.bootstrapcdn.com
104.18.10.207
 clean
googlehosted.l.googleusercontent.com
172.217.168.33
 clean
clients2.googleusercontent.com
unknown
 clean
code.jquery.com
unknown
 clean
cdn.jsdelivr.net
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
104.18.10.207
stackpath.bootstrapcdn.com
United States
clean
239.255.255.250
unknown
Reserved
clean
172.217.168.33
googlehosted.l.googleusercontent.com
United States
clean
52.217.76.78
s3.amazonaws.com
United States
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
127.0.0.1
unknown
unknown
clean

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF5321B7000
unkown
page readonly
 clean
2274AA00000
unkown
page read and write
 clean
20DD6420000
unkown
page readonly
 clean
20DD6256000
unkown
page read and write
 clean
25B1DE79000
unkown
page read and write
 clean
164FA602000
unkown
page read and write
 clean
7FF5D693D000
unkown
page readonly
 clean
7FF5E05C2000
unkown
page readonly
 clean
20DD1060000
unkown
page readonly
 clean
25B1DE42000
unkown
page read and write
 clean
691ED7E000
unkown
page read and write
 clean
7FF58783B000
unkown
page readonly
 clean
20DD6440000
unkown
page readonly
 clean
18C16665000
unkown
page read and write
 clean
7FF5D6584000
unkown
page readonly
 clean
7FF522A0C000
unkown
page readonly
 clean
7FF5D6575000
unkown
page readonly
 clean
7FF5D2AF7000
unkown
page readonly
 clean
7FF522936000
unkown
page readonly
 clean
7FF540177000
unkown
page readonly
 clean
20011000000
unkown
page readonly
 clean
7FF532286000
unkown
page readonly
 clean
1F5BF4D0000
unkown
page readonly
 clean
7FF5227E6000
unkown
page readonly
 clean
25B1DE69000
unkown
page read and write
 clean
20DD62AF000
unkown
page read and write
 clean
20DD60D7000
unkown
page readonly
 clean
BBD2FF000
unkown
page read and write
 clean
7FF52026B000
unkown
page readonly
 clean
164FC070000
unkown
page read and write
 clean
AE0C9FE000
unkown
page read and write
 clean
7FF5D6847000
unkown
page readonly
 clean
1E018390000
unkown
page readonly
 clean
7FF5D2B35000
unkown
page readonly
 clean
20DD6010000
unkown
page read and write
 clean
20DD60E8000
unkown
page write copy
 clean
5D9247E000
unkown
page read and write
 clean
1E018410000
unkown
page readonly
 clean
38EDF7D000
unkown
page read and write
 clean
7FF5E06E7000
unkown
page readonly
 clean
7FF5D67A4000
unkown
page readonly
 clean
1F5BF213000
unkown
page read and write
 clean
691EC7C000
unkown
page read and write
 clean
20DD60B4000
unkown
page readonly
 clean
20010E13000
unkown
page read and write
 clean
7FF522A4D000
unkown
page readonly
 clean
691EDFE000
unkown
page read and write
 clean
7FF5D66FC000
unkown
page readonly
 clean
7FF52267A000
unkown
page readonly
 clean
25B1DE2A000
unkown
page read and write
 clean
1F5BF229000
unkown
page read and write
 clean
20010DF0000
heap default
page read and write
 clean
7FF5E0897000
unkown
page readonly
 clean
BBD47A000
unkown
page read and write
 clean
25B1DE5F000
unkown
page read and write
 clean
AD37B7E000
unkown
page read and write
 clean
164FA530000
heap default
page read and write
 clean
1F5BFA02000
unkown
page read and write
 clean
7FF5D69DB000
unkown
page readonly
 clean
7FF54026D000
unkown
page readonly
 clean
7FF5322AB000
unkown
page readonly
 clean
7FF5D2BBF000
unkown
page readonly
 clean
2274AB13000
unkown
page read and write
 clean
5D9287F000
unkown
page read and write
 clean
20DD1358000
unkown
page read and write
 clean
AD3827E000
unkown
page read and write
 clean
7FF540228000
unkown
page readonly
 clean
7FF587834000
unkown
page readonly
 clean
2274B400000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
7FF520177000
unkown
page readonly
 clean
20DD0B13000
unkown
page read and write
 clean
7FF587768000
unkown
page readonly
 clean
BBCF1B000
unkown
page read and write
 clean
9A2D67E000
unkown
page read and write
 clean
20010E3D000
unkown
page read and write
 clean
7FF5D2BCB000
unkown
page readonly
 clean
164FA656000
unkown
page read and write
 clean
25B1DE4B000
unkown
page read and write
 clean
25B1DE31000
unkown
page read and write
 clean
7FF5D5E1A000
unkown
page readonly
 clean
7FF5201A5000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
7FF5D2BE4000
unkown
page readonly
 clean
25B1DE64000
unkown
page read and write
 clean
1E018370000
unkown
page read and write
 clean
7FF52267E000
unkown
page readonly
 clean
7FF5E09CE000
unkown
page readonly
 clean
21789F9000
unkown
page read and write
 clean
20DD1359000
unkown
page read and write
 clean
AD37D7E000
unkown
page read and write
 clean
25B1DE44000
unkown
page read and write
 clean
691EF7E000
unkown
page read and write
 clean
164FA66B000
unkown
page read and write
 clean
7FF5321C8000
unkown
page readonly
 clean
7FF532086000
unkown
page readonly
 clean
25EA8E00000
unkown
page readonly
 clean
7FF5BAE3D000
unkown
page readonly
 clean
20DD6024000
unkown
page read and write
 clean
7FF51FF77000
unkown
page readonly
 clean
20DD6110000
unkown
page read and write
 clean
7FF520144000
unkown
page readonly
 clean
7FF5D6731000
unkown
page readonly
 clean
7FF522A13000
unkown
page readonly
 clean
164FA63F000
unkown
page read and write
 clean
20010E6F000
unkown
page read and write
 clean
2274AA76000
unkown
page read and write
 clean
7FF52005E000
unkown
page readonly
 clean
7FF5E08F0000
unkown
page readonly
 clean
7FF5E07ED000
unkown
page readonly
 clean
7FF5BA2E9000
unkown
page readonly
 clean
7FF522B0E000
unkown
page readonly
 clean
7FF5D67AD000
unkown
page readonly
 clean
7FF54026F000
unkown
page readonly
 clean
7FF5D659F000
unkown
page readonly
 clean
20DD61A0000
unkown
page readonly
 clean
7FF58743D000
unkown
page readonly
 clean
38EE67D000
unkown
page read and write
 clean
B11397B000
unkown
page read and write
 clean
18C16613000
unkown
page read and write
 clean
7FF5D2765000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
7FF5D2BC6000
unkown
page readonly
 clean
7FF54023B000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
5D92C7E000
unkown
page read and write
 clean
20DD0A76000
unkown
page read and write
 clean
20DD623F000
unkown
page read and write
 clean
7FF5D66CF000
unkown
page readonly
 clean
20DD62A9000
unkown
page read and write
 clean
7FF5877BD000
unkown
page readonly
 clean
7FF5BAE49000
unkown
page readonly
 clean
25B1DE3A000
unkown
page read and write
 clean
20DD5FE8000
unkown
page read and write
 clean
7FF5316A1000
unkown
page readonly
 clean
7FF5E05CA000
unkown
page readonly
 clean
7FF51FF95000
unkown
page readonly
 clean
7FF5E0890000
unkown
page readonly
 clean
25B1DE76000
unkown
page read and write
 clean
7FF5E088D000
unkown
page readonly
 clean
25B1DE32000
unkown
page read and write
 clean
38EDEFE000
unkown
page read and write
 clean
7FF5E09DF000
unkown
page readonly
 clean
7FF522B1F000
unkown
page readonly
 clean
7FF5201A9000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
7FF5E0915000
unkown
page readonly
 clean
7FF587747000
unkown
page readonly
 clean
7FF5BAEFE000
unkown
page readonly
 clean
20DD6212000
unkown
page read and write
 clean
38EE0FF000
unkown
page read and write
 clean
7FF5D2BCE000
unkown
page readonly
 clean
7FF5D2B0C000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
7FF53208F000
unkown
page readonly
 clean
25B1DE02000
unkown
page read and write
 clean
25B1DE52000
unkown
page read and write
 clean
7FF5322A4000
unkown
page readonly
 clean
20DD6100000
unkown
page read and write
 clean
18C16600000
unkown
page read and write
 clean
2274B070000
unkown
page readonly
 clean
1E018430000
heap default
page read and write
 clean
7FF5D69D6000
unkown
page readonly
 clean
7FF51FF6D000
unkown
page readonly
 clean
691ECFE000
unkown
page read and write
 clean
25B1DC60000
heap default
page read and write
 clean
7FF522AE6000
unkown
page readonly
 clean
217897F000
unkown
page read and write
 clean
20DD1318000
unkown
page read and write
 clean
18C16420000
heap private
page read and write
 clean
7FF522A6A000
unkown
page readonly
 clean
7FF5876F3000
unkown
page readonly
 clean
7FF5D68E8000
unkown
page readonly
 clean
18C16C60000
unkown
page write copy
 clean
20DD6263000
unkown
page read and write
 clean
AE0BB2C000
unkown
page read and write
 clean
5D9257D000
unkown
page read and write
 clean
691EEFF000
unkown
page read and write
 clean
7FF52019D000
unkown
page readonly
 clean
7FF5D6516000
unkown
page readonly
 clean
25EA8390000
heap private
page read and write
 clean
7FF5D69DE000
unkown
page readonly
 clean
7FF5D2444000
unkown
page readonly
 clean
7FF540140000
unkown
page readonly
 clean
7FF5BAEE0000
unkown
page readonly
 clean
5D9267E000
unkown
page read and write
 clean
7FF5D5E14000
unkown
page readonly
 clean
7FF5BAED6000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
7FF5D2706000
unkown
page readonly
 clean
25EA86D0000
unkown
page readonly
 clean
20DD6200000
unkown
page read and write
 clean
AE0C77F000
unkown
page read and write
 clean
7FF540130000
unkown
page readonly
 clean
7DFF3CFC1000
unkown
page readonly
 clean
7FF5201BA000
unkown
page readonly
 clean
7FF53229D000
unkown
page readonly
 clean
7FF5D67DC000
unkown
page readonly
 clean
2274B140000
unkown
page readonly
 clean
20DD5FE0000
unkown
page read and write
 clean
7FF587533000
unkown
page readonly
 clean
1F5BF160000
unkown
page readonly
 clean
7FF5D294A000
unkown
page readonly
 clean
25B1E602000
unkown
page read and write
 clean
20DD60F0000
unkown
page read and write
 clean
20010E02000
unkown
page read and write
 clean
7FF52299E000
unkown
page readonly
 clean
20DD5E90000
unkown
page readonly
 clean
7FF5229F4000
unkown
page readonly
 clean
18C166E1000
unkown
page read and write
 clean
7FF540236000
unkown
page readonly
 clean
7FF5D2977000
unkown
page readonly
 clean
20DD5FEE000
unkown
page read and write
 clean
7FF53F646000
unkown
page readonly
 clean
1E0183F0000
unkown
page readonly
 clean
7FF5201B3000
unkown
page readonly
 clean
B113A7B000
unkown
page read and write
 clean
25EA8C02000
unkown
page read and write
 clean
7FF58783E000
unkown
page readonly
 clean
1F5BF180000
unkown
page read and write
 clean
7FF5BAE75000
unkown
page readonly
 clean
1F5BF170000
unkown
page readonly
 clean
7FF5D2AAD000
unkown
page readonly
 clean
7FF5D69ED000
unkown
page readonly
 clean
20DD1900000
unkown
page readonly
 clean
20DD1960000
unkown
page read and write
 clean
20DD6130000
unkown
page read and write
 clean
25B1DE4D000
unkown
page read and write
 clean
25B1DE83000
unkown
page read and write
 clean
1E01A280000
heap private
page read and write
 clean
7FF5D6541000
unkown
page readonly
 clean
7FF5401A9000
unkown
page readonly
 clean
7FF58775C000
unkown
page readonly
 clean
7FF532225000
unkown
page readonly
 clean
7FF5BAECF000
unkown
page readonly
 clean
7FF540254000
unkown
page readonly
 clean
25B1DE7D000
unkown
page read and write
 clean
7FF5876EF000
unkown
page readonly
 clean
18C166CF000
unkown
page read and write
 clean
7FF520228000
unkown
page readonly
 clean
20DD6001000
unkown
page read and write
 clean
AD37A7B000
unkown
page read and write
 clean
164FA713000
unkown
page read and write
 clean
AE0C67F000
unkown
page read and write
 clean
7FF520180000
unkown
page readonly
 clean
20DD1E60000
unkown
page read and write
 clean
20DD60D4000
unkown
page readonly
 clean
2274AA69000
unkown
page read and write
 clean
7FF5E0943000
unkown
page readonly
 clean
20010E3F000
unkown
page read and write
 clean
7FF5D68C0000
unkown
page readonly
 clean
2178AFF000
unkown
page read and write
 clean
7FF5401B3000
unkown
page readonly
 clean
7FF522A02000
unkown
page readonly
 clean
7FF5E0091000
unkown
page readonly
 clean
7FF51FE5A000
unkown
page readonly
 clean
1F5BF202000
unkown
page read and write
 clean
7FF5D6917000
unkown
page readonly
 clean
25EA8428000
unkown
page read and write
 clean
7FF5321AC000
unkown
page readonly
 clean
25B1DE60000
unkown
page read and write
 clean
20DD11D3000
unkown
page read and write
 clean
AE0C47B000
unkown
page read and write
 clean
2274AA41000
unkown
page read and write
 clean
38EDE7B000
unkown
page read and write
 clean
2274AA6B000
unkown
page read and write
 clean
20DD0A93000
unkown
page read and write
 clean
18C16702000
unkown
page read and write
 clean
7FF5D6975000
unkown
page readonly
 clean
20DD1920000
unkown
page readonly
 clean
7FF51FE52000
unkown
page readonly
 clean
7FF54024D000
unkown
page readonly
 clean
7FF52022F000
unkown
page readonly
 clean
7FF540240000
unkown
page readonly
 clean
7FF5D695A000
unkown
page readonly
 clean
2274AA5D000
unkown
page read and write
 clean
7FF5BAE1C000
unkown
page readonly
 clean
7FF5D6907000
unkown
page readonly
 clean
7FF522AEE000
unkown
page readonly
 clean
20DD629B000
unkown
page read and write
 clean
7FF5D61E1000
unkown
page readonly
 clean
7FF531FBD000
unkown
page readonly
 clean
20011320000
unkown
page readonly
 clean
2274AED0000
unkown
page readonly
 clean
20010F19000
unkown
page read and write
 clean
7FF5322BD000
unkown
page readonly
 clean
7FF54025E000
unkown
page readonly
 clean
25B1DE5E000
unkown
page read and write
 clean
200129E0000
unkown
page readonly
 clean
1E01846B000
heap default
page read and write
 clean
25B1DE46000
unkown
page read and write
 clean
7FF5321ED000
unkown
page readonly
 clean
7FF5D2AE2000
unkown
page readonly
 clean
1E019CD0000
unkown
page readonly
 clean
7FF5D68E0000
unkown
page readonly
 clean
20DD6140000
unkown
page read and write
 clean
25EA8458000
unkown
page read and write
 clean
20DD1215000
unkown
page read and write
 clean
7FF5BAE5A000
unkown
page readonly
 clean
1E019EF0000
heap private
page read and write
 clean
25B1DD50000
unkown
page readonly
 clean
20DD0A8A000
unkown
page read and write
 clean
B113B7B000
unkown
page read and write
 clean
20DD6020000
unkown
page read and write
 clean
7FF53169C000
unkown
page readonly
 clean
7FF5321B3000
unkown
page readonly
 clean
25B1DE7A000
unkown
page read and write
 clean
21788FF000
unkown
page read and write
 clean
7FF5322BF000
unkown
page readonly
 clean
7FF58780F000
unkown
page readonly
 clean
20010D90000
heap private
page read and write
 clean
20DD6004000
unkown
page read and write
 clean
20DD5EC0000
unkown
page read and write
 clean
25EA8500000
unkown
page read and write
 clean
20DD1B20000
unkown
page readonly
 clean
7FF587789000
unkown
page readonly
 clean
7FF5D670D000
unkown
page readonly
 clean
164FA800000
unkown
page readonly
 clean
20DD1930000
unkown
page readonly
 clean
2274ACD0000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
2274B202000
unkown
page read and write
 clean
7FF522942000
unkown
page readonly
 clean
7FF5876FA000
unkown
page readonly
 clean
20010E00000
unkown
page read and write
 clean
7FF5322AE000
unkown
page readonly
 clean
20DD1300000
unkown
page read and write
 clean
7FF5D6193000
unkown
page readonly
 clean
20DD0A70000
unkown
page read and write
 clean
AE0C7FE000
unkown
page read and write
 clean
AE0C6FF000
unkown
page read and write
 clean
7FF5D2B65000
unkown
page readonly
 clean
7FF5D69C8000
unkown
page readonly
 clean
1E0183E0000
heap private
page read and write
 clean
7FF5322BF000
unkown
page readonly
 clean
5D9277D000
unkown
page read and write
 clean
7FF5E09C4000
unkown
page readonly
 clean
7FF5BAEC8000
unkown
page readonly
 clean
7FF5D685F000
unkown
page readonly
 clean
7FF5D29CE000
unkown
page readonly
 clean
7FF58777D000
unkown
page readonly
 clean
9A2D87E000
unkown
page read and write
 clean
164FA702000
unkown
page read and write
 clean
2178A79000
unkown
page read and write
 clean
7FF52017C000
unkown
page readonly
 clean
7FF53228B000
unkown
page readonly
 clean
7FF58784B000
unkown
page readonly
 clean
AE0BF77000
unkown
page read and write
 clean
25B1DE49000
unkown
page read and write
 clean
7FF5D658A000
unkown
page readonly
 clean
1F5BF400000
unkown
page readonly
 clean
164FA4D0000
heap private
page read and write
 clean
7FF5D2BB8000
unkown
page readonly
 clean
20DD5ED0000
unkown
page read and write
 clean
7FF5D69F4000
unkown
page readonly
 clean
7FF5D6590000
unkown
page readonly
 clean
20DD62AD000
unkown
page read and write
 clean
18C16667000
unkown
page read and write
 clean
164FA66B000
unkown
page read and write
 clean
7FF520236000
unkown
page readonly
 clean
20011120000
unkown
page readonly
 clean
7FF5D67C3000
unkown
page readonly
 clean
1E01843B000
heap default
page read and write
 clean
20DD6120000
unkown
page read and write
 clean
1E0183A0000
unkown
page readonly
 clean
7FF52007D000
unkown
page readonly
 clean
7FF5D6703000
unkown
page readonly
 clean
1E019DA0000
heap private
page read and write
 clean
20DD0A58000
unkown
page read and write
 clean
9A2D97E000
unkown
page read and write
 clean
25EA8502000
unkown
page read and write
 clean
20DD6010000
unkown
page read and write
 clean
AE0BBAE000
unkown
page read and write
 clean
7FF587446000
unkown
page readonly
 clean
7FF5E09DF000
unkown
page readonly
 clean
2274AC00000
unkown
page readonly
 clean
7FF5D6903000
unkown
page readonly
 clean
7FF520254000
unkown
page readonly
 clean
7FF520120000
unkown
page readonly
 clean
7FF5228B2000
unkown
page readonly
 clean
20DD09A0000
unkown
page readonly
 clean
7FF587820000
unkown
page readonly
 clean
18C16F36000
unkown
page read and write
 clean
7FF522B1B000
unkown
page readonly
 clean
7FF5E06DD000
unkown
page readonly
 clean
25EA8440000
unkown
page read and write
 clean
18C16580000
unkown
page read and write
 clean
7FF54017D000
unkown
page readonly
 clean
7FF54000D000
unkown
page readonly
 clean
7FF531F4A000
unkown
page readonly
 clean
7FF5D691C000
unkown
page readonly
 clean
5D9237B000
unkown
page read and write
 clean
7FF5BA2EB000
unkown
page readonly
 clean
18C16670000
unkown
page read and write
 clean
BBD3FF000
unkown
page read and write
 clean
18C166C9000
unkown
page read and write
 clean
25EA8513000
unkown
page read and write
 clean
7FF5D6928000
unkown
page readonly
 clean
20DD1950000
unkown
page readonly
 clean
7FF5D2B4A000
unkown
page readonly
 clean
7FF5E0705000
unkown
page readonly
 clean
7FF5BABC3000
unkown
page readonly
 clean
7FF586FBD000
unkown
page readonly
 clean
18C17000000
unkown
page readonly
 clean
20DD11F0000
unkown
page read and write
 clean
7FF52024D000
unkown
page readonly
 clean
7FF5D6953000
unkown
page readonly
 clean
7FF522A2C000
unkown
page readonly
 clean
20DD0920000
heap private
page read and write
 clean
38EE3FE000
unkown
page read and write
 clean
18C16E02000
unkown
page read and write
 clean
7FF5D5E09000
unkown
page readonly
 clean
20DD5FE0000
unkown
page read and write
 clean
7FF53227F000
unkown
page readonly
 clean
7FF587793000
unkown
page readonly
 clean
5D91F4B000
unkown
page read and write
 clean
18C1668B000
unkown
page read and write
 clean
7FF531FC7000
unkown
page readonly
 clean
7FF5D6A0F000
unkown
page readonly
 clean
AE0C37C000
unkown
page read and write
 clean
20DD6140000
unkown
page read and write
 clean
691EE7D000
unkown
page read and write
 clean
2274A990000
heap private
page read and write
 clean
1E018350000
unkown
page read and write
 clean
7FF52026F000
unkown
page readonly
 clean
7FF5BAEF4000
unkown
page readonly
 clean
7FF5228BD000
unkown
page readonly
 clean
AE0C8FC000
unkown
page read and write
 clean
7FF522A15000
unkown
page readonly
 clean
20DD1302000
unkown
page read and write
 clean
7FF53205D000
unkown
page readonly
 clean
7FF5E09BD000
unkown
page readonly
 clean
7FF5401D5000
unkown
page readonly
 clean
25B1DE25000
unkown
page read and write
 clean
20DD6140000
unkown
page read and write
 clean
7FF5321D8000
unkown
page readonly
 clean
25EA8465000
unkown
page read and write
 clean
7FF5D2B07000
unkown
page readonly
 clean
691EFFC000
unkown
page read and write
 clean
7FF5E08B4000
unkown
page readonly
 clean
B11387E000
unkown
page read and write
 clean
7FF53213E000
unkown
page readonly
 clean
7FF52025B000
unkown
page readonly
 clean
7FF54026F000
unkown
page readonly
 clean
20010E6F000
unkown
page read and write
 clean
25B1DE45000
unkown
page read and write
 clean
7FF522B0B000
unkown
page readonly
 clean
7FF5D6717000
unkown
page readonly
 clean
AE0C4FF000
unkown
page read and write
 clean
5D9227D000
unkown
page read and write
 clean
25B1DE40000
unkown
page read and write
 clean
20DD1910000
unkown
page readonly
 clean
5D9297E000
unkown
page read and write
 clean
7FF5BAE28000
unkown
page readonly
 clean
20DD1318000
unkown
page read and write
 clean
7FF5E092A000
unkown
page readonly
 clean
18C16713000
unkown
page read and write
 clean
7FF520240000
unkown
page readonly
 clean
7FF52292D000
unkown
page readonly
 clean
7FF5D6701000
unkown
page readonly
 clean
9A2DB7E000
unkown
page read and write
 clean
7FF522A55000
unkown
page readonly
 clean
7FF51FE3F000
unkown
page readonly
 clean
7FF521F0E000
unkown
page readonly
 clean
2274AA02000
unkown
page read and write
 clean
7FF58782D000
unkown
page readonly
 clean
7FF53207C000
unkown
page readonly
 clean
7FF5D2BFF000
unkown
page readonly
 clean
AE0C27F000
unkown
page read and write
 clean
7FF522ADF000
unkown
page readonly
 clean
7FF5D2AB0000
unkown
page readonly
 clean
20DD1202000
unkown
page read and write
 clean
7FF5E08EC000
unkown
page readonly
 clean
B1136FE000
unkown
page read and write
 clean
7FF54025B000
unkown
page readonly
 clean
25B1DE66000
unkown
page read and write
 clean
25B1DC70000
unkown
page readonly
 clean
9A2DA7E000
unkown
page read and write
 clean
18C16490000
unkown
page readonly
 clean
BBD27B000
unkown
page read and write
 clean
AD37AFE000
unkown
page read and write
 clean
7FF53FF68000
unkown
page readonly
 clean
7FF522A63000
unkown
page readonly
 clean
1F5BF1B0000
unkown
page read and write
 clean
20DD0A29000
unkown
page read and write
 clean
25B1DE62000
unkown
page read and write
 clean
7FF5D6945000
unkown
page readonly
 clean
AE0C5FE000
unkown
page read and write
 clean
164FA600000
unkown
page read and write
 clean
7FF540167000
unkown
page readonly
 clean
AD381FF000
unkown
page read and write
 clean
20DD0980000
heap default
page read and write
 clean
7FF5D67C8000
unkown
page readonly
 clean
AE0C17A000
unkown
page read and write
 clean
20DD6460000
unkown
page readonly
 clean
7FF5877B5000
unkown
page readonly
 clean
25B1DD40000
unkown
page readonly
 clean
7FF5D6A0B000
unkown
page readonly
 clean
18C165B0000
unkown
page readonly
 clean
1E018220000
unkown
page readonly
 clean
38EE77F000
unkown
page read and write
 clean
7FF586FD3000
unkown
page readonly
 clean
7FF520188000
unkown
page readonly
 clean
7FF5BAF0F000
unkown
page readonly
 clean
25EA8B40000
unkown
page readonly
 clean
7FF5BAEDB000
unkown
page readonly
 clean
7FF522994000
unkown
page readonly
 clean
1F5BF1B0000
unkown
page read and write
 clean
5D92B7F000
unkown
page read and write
 clean
7FF540153000
unkown
page readonly
 clean
7FF5D2AB7000
unkown
page readonly
 clean
BBD37A000
unkown
page read and write
 clean
38EE57B000
unkown
page read and write
 clean
7FF587785000
unkown
page readonly
 clean
200110D0000
unkown
page write copy
 clean
25EA8B50000
unkown
page read and write
 clean
7FF5D68F2000
unkown
page readonly
 clean
7FF53220A000
unkown
page readonly
 clean
7FF5D69FE000
unkown
page readonly
 clean
7FF5E09CB000
unkown
page readonly
 clean
20DD1940000
unkown
page readonly
 clean
18C16CB0000
unkown
page readonly
 clean
7FF5322BB000
unkown
page readonly
 clean
20DD0A00000
unkown
page read and write
 clean
7FF52025E000
unkown
page readonly
 clean
B11367B000
unkown
page read and write
 clean
38EE2FC000
unkown
page read and write
 clean
7FF522A85000
unkown
page readonly
 clean
20DD62AD000
unkown
page read and write
 clean
7FF5D2BDD000
unkown
page readonly
 clean
7FF532052000
unkown
page readonly
 clean
20010E6D000
unkown
page read and write
 clean
20DD11E0000
unkown
page read and write
 clean
7FF5877B3000
unkown
page readonly
 clean
7FF5E099F000
unkown
page readonly
 clean
7FF5E0923000
unkown
page readonly
 clean
18C166BE000
unkown
page read and write
 clean
7FF532290000
unkown
page readonly
 clean
18C16800000
unkown
page readonly
 clean
25B1DE13000
unkown
page read and write
 clean
7FF5BAE07000
unkown
page readonly
 clean
7FF5E09A6000
unkown
page readonly
 clean
2274A9F0000
heap default
page read and write
 clean
7FF5401A5000
unkown
page readonly
 clean
20DD0A13000
unkown
page read and write
 clean
7FF5D68BD000
unkown
page readonly
 clean
7FF5D66FA000
unkown
page readonly
 clean
7FF5D6884000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
2274AA29000
unkown
page read and write
 clean
25B1DE5C000
unkown
page read and write
 clean
7FF522A17000
unkown
page readonly
 clean
20DD0A7A000
unkown
page read and write
 clean
7FF5D2B39000
unkown
page readonly
 clean
1F5BF1B0000
unkown
page read and write
 clean
20DD6000000
unkown
page read and write
 clean
25EA8600000
unkown
page readonly
 clean
7FF5E09DB000
unkown
page readonly
 clean
20DD0B02000
unkown
page read and write
 clean
1E0183E5000
heap private
page read and write
 clean
7FF5225CF000
unkown
page readonly
 clean
7FF58784F000
unkown
page readonly
 clean
20DD62AB000
unkown
page read and write
 clean
25B1DC00000
heap private
page read and write
 clean
20DD6190000
unkown
page readonly
 clean
20DD0AFC000
unkown
page read and write
 clean
18C16480000
heap default
page read and write
 clean
1F5BF25E000
unkown
page read and write
 clean
164FA700000
unkown
page read and write
 clean
7FF5D2A9D000
unkown
page readonly
 clean
2274B170000
unkown
page readonly
 clean
7FF5201D3000
unkown
page readonly
 clean
7FF5D6760000
unkown
page readonly
 clean
7FF5D2731000
unkown
page readonly
 clean
20DD1200000
unkown
page read and write
 clean
1F5BF240000
unkown
page read and write
 clean
18C16629000
unkown
page read and write
 clean
20010F00000
unkown
page read and write
 clean
7FF51F921000
unkown
page readonly
 clean
7FF51FFE7000
unkown
page readonly
 clean
7FF5D64BF000
unkown
page readonly
 clean
18C16570000
unkown
page readonly
 clean
7FF531E25000
unkown
page readonly
 clean
7FF52023B000
unkown
page readonly
 clean
20DD62AF000
unkown
page read and write
 clean
7FF5321F9000
unkown
page readonly
 clean
18C16B90000
unkown
page readonly
 clean
7FF5BAF0F000
unkown
page readonly
 clean
7FF587808000
unkown
page readonly
 clean
AE0BE7E000
unkown
page read and write
 clean
7FF5D2BEB000
unkown
page readonly
 clean
25EA8413000
unkown
page read and write
 clean
164FA540000
unkown
page write copy
 clean
20DD5EE0000
unkown
page read and write
 clean
7FF5321F5000
unkown
page readonly
 clean
7FF5D669A000
unkown
page readonly
 clean
20DD0A3D000
unkown
page read and write
 clean
7FF5D6733000
unkown
page readonly
 clean
7FF587760000
unkown
page readonly
 clean
7FF522A38000
unkown
page readonly
 clean
7FF5D2916000
unkown
page readonly
 clean
7FF5D2AEC000
unkown
page readonly
 clean
164FC170000
unkown
page readonly
 clean
20DD1A40000
unkown
page read and write
 clean
20010F02000
unkown
page read and write
 clean
20DD60B0000
unkown
page write copy
 clean
20DD0A25000
unkown
page read and write
 clean
7FF5BAF0B000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
7FF5D2B43000
unkown
page readonly
 clean
BBCF9F000
unkown
page read and write
 clean
25B1DD60000
unkown
page read and write
 clean
20DD6140000
unkown
page read and write
 clean
7FF5D68FC000
unkown
page readonly
 clean
7FF5321CC000
unkown
page readonly
 clean
7FF58784F000
unkown
page readonly
 clean
1F5BFC00000
unkown
page read and write
 clean
20DD60EC000
unkown
page readonly
 clean
200128E0000
unkown
page read and write
 clean
7FF522B04000
unkown
page readonly
 clean
7FF5E0757000
unkown
page readonly
 clean
18C16F13000
unkown
page read and write
 clean
20DD11D0000
unkown
page read and write
 clean
164FA8D0000
unkown
page readonly
 clean
25B1DE6C000
unkown
page read and write
 clean
7FF52011D000
unkown
page readonly
 clean
AD37CFF000
unkown
page read and write
 clean
25EA83F0000
heap default
page read and write
 clean
7FF5BAE53000
unkown
page readonly
 clean
20DD11B1000
unkown
page read and write
 clean
7FF53FF18000
unkown
page readonly
 clean
20DD0A9F000
unkown
page read and write
 clean
1F5BF150000
heap default
page read and write
 clean
20DD09C0000
unkown
page read and write
 clean
1F5BF302000
unkown
page read and write
 clean
20DD0AAE000
unkown
page read and write
 clean
20010F13000
unkown
page read and write
 clean
7FF5D68E4000
unkown
page readonly
 clean
20DD6430000
unkown
page read and write
 clean
1E0188C0000
unkown
page readonly
 clean
20DD09B0000
unkown
page read and write
 clean
18C16560000
unkown
page readonly
 clean
164FA613000
unkown
page read and write
 clean
7FF5401BA000
unkown
page readonly
 clean
7FF5BA71F000
unkown
page readonly
 clean
25EA8400000
unkown
page read and write
 clean
1F5BF200000
unkown
page read and write
 clean
7FF5E0998000
unkown
page readonly
 clean
2274AB02000
unkown
page read and write
 clean
20010E29000
unkown
page read and write
 clean
38EDFFE000
unkown
page read and write
 clean
1E01A060000
heap private
page read and write
 clean
7FF5E08F8000
unkown
page readonly
 clean
5D91FCE000
unkown
page read and write
 clean
164FA590000
unkown
page readonly
 clean
7FF5E05AF000
unkown
page readonly
 clean
20DD60B0000
unkown
page read and write
 clean
7FF5D68D0000
unkown
page readonly
 clean
1E01A15F000
heap private
page read and write
 clean
7FF54019D000
unkown
page readonly
 clean
7FF5D2B2D000
unkown
page readonly
 clean
AD37F7D000
unkown
page read and write
 clean
164FA634000
unkown
page read and write
 clean
25EA847A000
unkown
page read and write
 clean
2274B150000
unkown
page read and write
 clean
7FF53FF26000
unkown
page readonly
 clean
20DD6140000
unkown
page readonly
 clean
7FF5227F8000
unkown
page readonly
 clean
AE0C07A000
unkown
page read and write
 clean
5D92D7E000
unkown
page read and write
 clean
25B1DE3D000
unkown
page read and write
 clean
7FF522B1D000
unkown
page readonly
 clean
25EA8A70000
unkown
page readonly
 clean
18C16F00000
unkown
page read and write
 clean
7FF54022F000
unkown
page readonly
 clean
AE0C57F000
unkown
page read and write
 clean
25B1DE00000
unkown
page read and write
 clean
7FF5D68C7000
unkown
page readonly
 clean
20DD0C00000
unkown
page readonly
 clean
7FF5D60BA000
unkown
page readonly
 clean
B113C7F000
unkown
page read and write
 clean
AD37FFF000
unkown
page read and write
 clean
5D92A7F000
unkown
page read and write
 clean
1F5BF0F0000
heap private
page read and write
 clean
7FF5D2BFF000
unkown
page readonly
 clean
7FF532278000
unkown
page readonly
 clean
25EA8469000
unkown
page read and write
 clean
7FF522A27000
unkown
page readonly
 clean
7FF522364000
unkown
page readonly
 clean
25EA88D0000
unkown
page readonly
 clean
7FF532194000
unkown
page readonly
 clean
7FF522B1F000
unkown
page readonly
 clean
7FF5BACAD000
unkown
page readonly
 clean
7FF522A59000
unkown
page readonly
 clean
1E018530000
unkown
page readonly
 clean
25EA8402000
unkown
page read and write
 clean
AD37E7F000
unkown
page read and write
 clean
7FF58781B000
unkown
page readonly
 clean
7FF5E09B0000
unkown
page readonly
 clean
7FF587816000
unkown
page readonly
 clean
2274AA13000
unkown
page read and write
 clean
20010E55000
unkown
page read and write
 clean
7FF51FE4D000
unkown
page readonly
 clean
38EE87F000
unkown
page read and write
 clean
25B1DE6A000
unkown
page read and write
 clean
7FF522AFD000
unkown
page readonly
 clean
20DD622D000
unkown
page read and write
 clean
20DD0A8E000
unkown
page read and write
 clean
20DD6221000
unkown
page read and write
 clean
20DD624C000
unkown
page read and write
 clean
20DD6287000
unkown
page read and write
 clean
7FF5D65B0000
unkown
page readonly
 clean
7FF5D6A0D000
unkown
page readonly
 clean
7FF5D69FB000
unkown
page readonly
 clean
7FF5D6A0F000
unkown
page readonly
 clean
AD380FD000
unkown
page read and write
 clean
9A2D6FE000
unkown
page read and write
 clean
7FF5BAEFB000
unkown
page readonly
 clean
25B1DE47000
unkown
page read and write
 clean
20DD6180000
unkown
page readonly
 clean
25B1E000000
unkown
page readonly
 clean
20DD1313000
unkown
page read and write
 clean
25B1DF02000
unkown
page read and write
 clean
7FF532203000
unkown
page readonly
 clean
7FF5E0919000
unkown
page readonly
 clean
7FF5E07CE000
unkown
page readonly
 clean
38EE4FD000
unkown
page read and write
 clean
7FF52026F000
unkown
page readonly
 clean
7FF5D2BFD000
unkown
page readonly
 clean
7FF522AD8000
unkown
page readonly
 clean
9A2D39C000
unkown
page read and write
 clean
7FF5D69CF000
unkown
page readonly
 clean
164FA66B000
unkown
page read and write
 clean
7FF5321A2000
unkown
page readonly
 clean
7FF5D2BEE000
unkown
page readonly
 clean
7FF5D65B3000
unkown
page readonly
 clean
1E018280000
unkown
page readonly
 clean
20DD0990000
unkown
page readonly
 clean
7FF5E090D000
unkown
page readonly
 clean
38EE07B000
unkown
page read and write
 clean
7FF5E05BD000
unkown
page readonly
 clean
20DD0CD0000
unkown
page readonly
 clean
1E018400000
unkown
page readonly
 clean
7FF5D6949000
unkown
page readonly
 clean
7FF5E08E7000
unkown
page readonly
 clean
7FF522AEB000
unkown
page readonly
 clean
217887B000
unkown
page read and write
 clean
7FF5BAE45000
unkown
page readonly
 clean
7FF5D288A000
unkown
page readonly
 clean
1F5BF860000
unkown
page readonly
 clean
164FA629000
unkown
page read and write
 clean
18C16642000
unkown
page read and write
 clean
7FF520127000
unkown
page readonly
 clean
7FF5E09AB000
unkown
page readonly
 clean
There are 744 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://firebasestorage.googleapis.com/v0/b/kcdvdjv037jcdi0e3767933.appspot.com/o/!%7D%7B%24%23%40%5E%26%20jaf%40!__%7D%20.html?alt=media&token=08503d5e-c8e8-4a7c-b39c-8a3de4c0bf78#jason.maddern@navitas.com
 malicious