Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://www.ofnnhc.hmd.co.in/#alpine-blossom-bus.glitch.me#wayne.mcbean@synchronoss.com
|
URL
|
initial url
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\2OEZLTHY.htm
|
HTML document, UTF-8 Unicode text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FAC4537A-98AC-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{012F65F1-98AD-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FAC4537C-98AC-11EB-90E5-ECF4BB570DC9}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\53_8b36337037cff88c3df203bb73d58e41[1].png
|
PNG image data, 342 x 72, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\AppCentipede_Microsoft_HFeToeM4u6fzMQF_f_rQ5Q2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\RE1Mu3b[1].png
|
PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\accountcorepackage_3Jeup4aMFjR_22jqClMyIw2[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\converged.v2.login.min_xu7km3oxm4bwp2b-mqyozg2[1].css
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[1].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\favicon[2].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\latest[1].eot
|
Embedded OpenType (EOT), Segoe UI Semibold family
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\latest[2].eot
|
Embedded OpenType (EOT), Segoe UI family
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\latest[3].eot
|
Embedded OpenType (EOT), Segoe UI Light family
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\mwfmdl2-v3.54[1].woff
|
Web Open Font Format, TrueType, length 26288, version 0.0
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\print[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\resetpasswordpackage_dUpGrl391ViL8AWRQC80dw2[1].js
|
UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\AppCentipede_Microsoft_white_ufRYlllWOw4YyDRiKcBvxQ2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\Clear[1].htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\L9M75F99.htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\d7-808fb1[1].css
|
UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicon[1].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\favicon_a_eupayfgghqiai7k9sol6lg2[1].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\icons[1].eot
|
Embedded OpenType (EOT), icons family
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\jquery-1.11.2.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2[2].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2[3].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\oneds_Xr2D7Nex80v7A-8bxF8jgQ2[1].js
|
ASCII text, with very long lines, with CRLF, LF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\override[1].css
|
ASCII text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\privacystatement[1].htm
|
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\script[1].js
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\servicesagreement[1].htm
|
HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\17-f90ef1[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\2_vD0yppaJX3jBnfbHF1hqXQ2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\EYOJXMZJ.htm
|
HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Microsoft_Logotype_Gray_X-qkgtg8KmnQEvm_9mDTcw2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\Microsoft_Logotype_White_4MYDQRab31HKDWWN-1HafA2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\app[1].css
|
ASCII text, with very long lines, with CRLF, LF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\favicon[1].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\jquery-3.3.1.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2[1].js
|
ASCII text, with very long lines, with CRLF, LF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\lightweightsignuppackage_HD5u0AbLsH5K38avjB7xTA2[1].js
|
UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\lwsignupstringscountrybirthdate_en-us_Hu9XQvsxbdtI5Cn8ywiXCA2[1].js
|
HTML document, UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\shell.min[1].css
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\style[1].css
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\2_vD0yppaJX3jBnfbHF1hqXQ2[1].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\2_vD0yppaJX3jBnfbHF1hqXQ2[2].svg
|
SVG Scalable Vector Graphics image
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\Print[1].png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\ResetPassword[1].htm
|
HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\arrow_px_up[1].gif
|
GIF image data, version 89a, 7 x 9
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\converged_ux_v2_MdTi0w7tc4Fe6X-h3SAs2Q2[1].css
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\favicon[1].ico
|
MS Windows icon resource - 6 icons, 128x128, 16 colors, 72x72, 16 colors
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquery-1.7.2.min[1].js
|
HTML document, UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2[1].js
|
UTF-8 Unicode text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\knockout_old_GJ62c6D9R5HuKFdkoO8XYw2[1].js
|
ASCII text, with very long lines, with CRLF, LF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\script[1].js
|
ASCII text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\script[2].js
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\signup[1].htm
|
HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\style[1].css
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\wcp-consent[1].js
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\wlivepackagefull_BWVcpM3ZvobDGQWPo5hgew2[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF17DB6306896541D1.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFB272888FA0F7345F.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DFB33C265A77842A0E.TMP
|
data
|
dropped
|
|
There are 63 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4940 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aka.ms/useterms
|
unknown
|
|
|
|
https://www.acuityads.com/opt-out/
|
unknown
|
|
|
|
https://alpine-blossom-bus.glitch.me/#acystatement
|
unknown
|
|
|
|
https://www.youradchoices.ca/fr
|
unknown
|
|
|
|
https://www.adr.org
|
unknown
|
|
|
|
https://www.xbox.com/en-US/Legal/CodeOfConduct)
|
unknown
|
|
|
|
http://www.asp.net/ajaxlibrary/CDN.ashx.
|
unknown
|
|
|
|
https://fpt.live.com/
|
unknown
|
|
|
|
https://fpt.live.com/?session_id=0656ef1f3f31449c938682f87c100e08&CustomerId=33e01921-4d64-4f8c-a055
|
unknown
|
|
|
|
https://www.xbox.com/en-US/Legal/CodeOfConduct
|
unknown
|
|
|
|
http://opensource.org/licenses/mit-license.php)
|
unknown
|
|
|
|
http://www.json.org/json2.js
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/ellipsis_grey_2b5d393db0
|
unknown
|
|
|
|
https://aka.ms/taxservice
|
unknown
|
|
|
|
https://skype.com/go/myaccount
|
unknown
|
|
|
|
https://www.skype.com
|
unknown
|
|
|
|
https://www.appnexus.com/
|
unknown
|
|
|
|
https://acctcdn.msauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1
|
unknown
|
|
|
|
https://aka.ms/ccpa
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/ellipsis_grey_5bc252567e
|
unknown
|
|
|
|
https://www.oddstips.co.uk/wp-content/themes/focusblog/bg2.jpg");
|
unknown
|
|
|
|
https://acctcdn.msauth.net/accountcorepackage_3Jeup4aMFjR_22jqClMyIw2.js?v=1
|
unknown
|
|
|
|
https://priv-policy.imrworldwide.com/priv/browser/us/en/optout.html
|
unknown
|
|
|
|
http://www.ofnnhc.hmd.co.in/
|
216.10.245.200
|
|
|
|
https://www.youronlinechoices.com/
|
unknown
|
|
|
|
https://mixer.com/contact
|
unknown
|
|
|
|
https://www.adjust.com/opt-out/
|
unknown
|
|
|
|
https://www.xbox.com/managedatacollection
|
unknown
|
|
|
|
https://www.xbox.com/legal/codeofconduct
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/Microsoft_Logotype_Gray_X-qkgtg8KmnQEvm_9mDTcw2.svg
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg
|
unknown
|
|
|
|
https://acctcdn.msauth.net/wlivepackagefull_BWVcpM3ZvobDGQWPo5hgew2.js?v=1
|
unknown
|
|
|
|
http://www.mpegla.com).
|
unknown
|
|
|
|
https://account.lom%252fcommon%252ffederation%252foauth2%26state%3drQIIAeNisNLJKCkpKLbS1y_ILypJzNHLz
|
unknown
|
|
|
|
https://acctcdn.msauth.net/lightweightsignuppackage_HD5u0AbLsH5K38avjB7xTA2.js?v=1
|
unknown
|
|
|
|
https://aka.ms/kinectprivacy/
|
unknown
|
|
|
|
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
|
unknown
|
|
|
|
https://alpine-blossom-bus.glitch.me/#wayne.mcbean@synchronoss.com
|
|
||
|
https://www.skype.com).
|
unknown
|
|
|
|
https://www.xbox.com
|
unknown
|
|
|
|
https://acctcdn.msauth.net/bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js?v=1
|
unknown
|
|
|
|
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protectio
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/cdnbundles/converged.v2.login.m
|
unknown
|
|
|
|
https://github.com/douglascrockford/JSON-js
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/favicon.ico?v=2~(
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/ellipsis_white_0ad430848
|
unknown
|
|
|
|
https://acctcdn.msauth.net/resetpasswordpackage_dUpGrl391ViL8AWRQC80dw2.js?v=1
|
unknown
|
|
|
|
https://privacy.microsoft
|
unknown
|
|
|
|
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
|
unknown
|
|
|
|
https://account.live.com/query.aspx
|
unknown
|
|
|
|
https://signup.live.co-bus.glitch.me/#wayne.mcbean
|
unknown
|
|
|
|
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
|
|
|
http://fontello.comiconsRegulariconsiconsVersion
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/AppCentipede/AppCentipede_Microsoft_white_ufRYlllWOw4YyDRiKcBvxQ2.
|
unknown
|
|
|
|
https://alpine-blossom-bus.glitch.me/H
|
unknown
|
|
|
|
https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
|
unknown
|
|
|
|
https://www.skype.com/go/legal
|
unknown
|
|
|
|
https://mixer.com/about/tos
|
unknown
|
|
|
|
https://www.microsoft.
|
unknown
|
|
|
|
https://www.linkedin.com/legal/privacy-policy
|
unknown
|
|
|
|
https://aka.ms/DPA
|
unknown
|
|
|
|
https://support.xbox.com/help/friends-social-activity/community/use-safety-settings
|
unknown
|
|
|
|
https://www.xbox.com/Legal/ThirdPartyDataSharing
|
unknown
|
|
|
|
https://aka.ms/redeemrewards
|
unknown
|
|
|
|
https://signin.kissmetrics.com/privacy/#controls
|
unknown
|
|
|
|
https://account.live.c
|
unknown
|
|
|
|
https://login.skype.com/login
|
unknown
|
|
|
|
https://outlook.office.com?response_type=code&fatpt=
|
unknown
|
|
|
|
https://www.skype.com/go/ustax
|
unknown
|
|
|
|
http://jquery.org/license
|
unknown
|
|
|
|
https://acctcdn.msauth.net
|
unknown
|
|
|
|
https://www.optimizely.com/legal/opt-out/
|
unknown
|
|
|
|
http://sizzlejs.com/
|
unknown
|
|
|
|
http://www.ofnnhc.hmd.co.in/#alpine-blossom-bus.glitch.me#wayne.mcbean
|
unknown
|
|
|
|
https://zxccxv.club/noncsrv/finish.php
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/AppCentipede/AppCentipede_Microsoft_HFeToeM4u6fzMQF_f_rQ5Q2.svg
|
unknown
|
|
|
|
https://alpine-blossom-bus.glitch.me/#wayne.mcbean
|
unknown
|
|
|
|
https://disbydawn.com/finishlove.php
|
unknown
|
|
|
|
https://signup.live.com/error.aspx?errcode=1045&mkt=en-US
|
unknown
|
|
|
|
http://portal.office.com
|
unknown
|
|
|
|
https://www.privacyshield.gov/welcome
|
unknown
|
|
|
|
https://ondemand.webtrends.com/support/optout.asp
|
unknown
|
|
|
|
https://www.skype.com/go/legal.broadcast
|
unknown
|
|
|
|
https://aadcdn.msauth.net/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
|
unknown
|
|
|
|
https://www.appsflyer.com/optout
|
unknown
|
|
|
|
https://privacy.micros
|
unknown
|
|
|
|
https://alpine-blossomco.in/#alpine-blossom-bus.glitch.me#wayne.mcbean
|
unknown
|
|
|
|
https://acctcdn.msauth.net/images/Microsoft_Logotype_White_4MYDQRab31HKDWWN-1HafA2.svg
|
unknown
|
|
|
|
https://aka.ms/redeemrewards).
|
unknown
|
|
|
|
https://login.microsoftonline.com/jsdisabled
|
unknown
|
|
|
|
https://playfab.com/terms/
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/microsoft_logo_ed9c9eb0d
|
unknown
|
|
|
|
http://www.mpegla.com
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/favicon_a_eupayfgghqiai7
|
unknown
|
|
|
|
https://www.youradchoices.ca
|
unknown
|
|
|
|
http://github.com/requirejs/almond/LICENSE
|
unknown
|
|
|
|
https://account.live.com/error.aspx?errcode=1045&mkt=en-US
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/cdnbundles/convergedloginpagina
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/cdnbundles/oldconvergedlogin_pc
|
unknown
|
|
|
|
https://www.here.com/)
|
unknown
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
sni1gl.wpc.alphacdn.net
|
152.199.21.175
|
|
|
|
alpine-blossom-bus.glitch.me
|
18.215.65.232
|
|
|
|
www.ofnnhc.hmd.co.in
|
216.10.245.200
|
|
|
|
oddstips.co.uk
|
87.117.239.10
|
|
|
|
signup.live.com
|
unknown
|
|
|
|
secure.aadcdn.microsoftonline-p.com
|
unknown
|
|
|
|
www.oddstips.co.uk
|
unknown
|
|
|
|
aadcdn.msauth.net
|
unknown
|
|
|
|
assets.onestore.ms
|
unknown
|
|
|
|
fpt.live.com
|
unknown
|
|
|
|
account.live.com
|
unknown
|
|
|
|
ajax.aspnetcdn.com
|
unknown
|
|
|
|
acctcdn.msauth.net
|
unknown
|
|
There are 3 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
87.117.239.10
|
oddstips.co.uk
|
United Kingdom
|
|
|
|
152.199.21.175
|
sni1gl.wpc.alphacdn.net
|
United States
|
|
|
|
216.10.245.200
|
www.ofnnhc.hmd.co.in
|
India
|
|
|
|
18.215.65.232
|
alpine-blossom-bus.glitch.me
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{FAC4537A-98AC-11EB-90E5-ECF4BB570DC9}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
CVListPingLastYMD
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
DecayDateQueue
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LastProcessed
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-912
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-904
|
|
There are 22 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C9B78C0000
|
unkown
|
page read and write
|
|
|
|
7FF51B67D000
|
unkown
|
page readonly
|
|
|
|
26386DC0000
|
unkown
|
page readonly
|
|
|
|
7FF51B605000
|
unkown
|
page readonly
|
|
|
|
26387800000
|
unkown
|
page readonly
|
|
|
|
7FF55EB3C000
|
unkown
|
page readonly
|
|
|
|
7FF51B69F000
|
unkown
|
page readonly
|
|
|
|
7FF4F70AC000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FDD000
|
unkown
|
page readonly
|
|
|
|
7FF4F6E60000
|
unkown
|
page readonly
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
1A25AF50000
|
unkown
|
page readonly
|
|
|
|
7FF51B432000
|
unkown
|
page readonly
|
|
|
|
1C9B7A1B000
|
unkown
|
page read and write
|
|
|
|
7FF4F6D8F000
|
unkown
|
page readonly
|
|
|
|
1AD40112000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BC5000
|
unkown
|
page readonly
|
|
|
|
7FF4F9ED6000
|
unkown
|
page readonly
|
|
|
|
7FF53772F000
|
unkown
|
page readonly
|
|
|
|
7FF4EB946000
|
unkown
|
page readonly
|
|
|
|
EB93C7F000
|
unkown
|
page read and write
|
|
|
|
7FF55E795000
|
unkown
|
page readonly
|
|
|
|
7FF5A7624000
|
unkown
|
page readonly
|
|
|
|
1D4AF813000
|
unkown
|
page read and write
|
|
|
|
9798D7B000
|
unkown
|
page read and write
|
|
|
|
7FF4F6E6F000
|
unkown
|
page readonly
|
|
|
|
1AD3FF50000
|
unkown
|
page write copy
|
|
|
|
337307B000
|
unkown
|
page read and write
|
|
|
|
7FF4EB88D000
|
unkown
|
page readonly
|
|
|
|
2BB07FF000
|
unkown
|
page read and write
|
|
|
|
1C9B29E0000
|
unkown
|
page readonly
|
|
|
|
7FF5A79BD000
|
unkown
|
page readonly
|
|
|
|
1A06DE38000
|
unkown
|
page read and write
|
|
|
|
28FFB502000
|
unkown
|
page read and write
|
|
|
|
1C9B7AB4000
|
unkown
|
page read and write
|
|
|
|
1C9B7970000
|
unkown
|
page readonly
|
|
|
|
1A06DE02000
|
unkown
|
page read and write
|
|
|
|
7FF4F72DD000
|
unkown
|
page readonly
|
|
|
|
28FFB500000
|
unkown
|
page read and write
|
|
|
|
7FF4EB71D000
|
unkown
|
page readonly
|
|
|
|
7FF537612000
|
unkown
|
page readonly
|
|
|
|
26387460000
|
unkown
|
page readonly
|
|
|
|
1C9B7A2D000
|
unkown
|
page read and write
|
|
|
|
28FFB330000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C7E000
|
unkown
|
page readonly
|
|
|
|
7FF55EB48000
|
unkown
|
page readonly
|
|
|
|
7FF51B5E3000
|
unkown
|
page readonly
|
|
|
|
7FF4F9EFE000
|
unkown
|
page readonly
|
|
|
|
7FF53763C000
|
unkown
|
page readonly
|
|
|
|
7FF4F9EF4000
|
unkown
|
page readonly
|
|
|
|
7FF5376FB000
|
unkown
|
page readonly
|
|
|
|
1C9B2276000
|
unkown
|
page read and write
|
|
|
|
7FF4F71A0000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
1D4AF87F000
|
unkown
|
page read and write
|
|
|
|
7FF4EB8AD000
|
unkown
|
page readonly
|
|
|
|
5D427FF000
|
unkown
|
page read and write
|
|
|
|
7FF51B4B6000
|
unkown
|
page readonly
|
|
|
|
9798F7B000
|
unkown
|
page read and write
|
|
|
|
189F8A00000
|
unkown
|
page read and write
|
|
|
|
7FF4F6E83000
|
unkown
|
page readonly
|
|
|
|
1C9B78D0000
|
unkown
|
page read and write
|
|
|
|
7FF537261000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A73000
|
unkown
|
page readonly
|
|
|
|
1C9B229B000
|
unkown
|
page read and write
|
|
|
|
1A06DE41000
|
unkown
|
page read and write
|
|
|
|
189F8970000
|
heap private
|
page read and write
|
|
|
|
28FFB400000
|
unkown
|
page read and write
|
|
|
|
7FF55EB12000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C48000
|
unkown
|
page readonly
|
|
|
|
1A25CA80000
|
unkown
|
page readonly
|
|
|
|
7FF4F7245000
|
unkown
|
page readonly
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF53772F000
|
unkown
|
page readonly
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF4EB97F000
|
unkown
|
page readonly
|
|
|
|
7FF55EB65000
|
unkown
|
page readonly
|
|
|
|
7FF5A7693000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A28000
|
unkown
|
page readonly
|
|
|
|
7FF55EB1C000
|
unkown
|
page readonly
|
|
|
|
94B287F000
|
unkown
|
page read and write
|
|
|
|
1C9B2A02000
|
unkown
|
page read and write
|
|
|
|
1D4AF800000
|
unkown
|
page read and write
|
|
|
|
1C9B7620000
|
unkown
|
page read and write
|
|
|
|
1AD3F8C4000
|
unkown
|
page read and write
|
|
|
|
7FF4EB628000
|
unkown
|
page readonly
|
|
|
|
1AD3F800000
|
unkown
|
page read and write
|
|
|
|
28FFCDA0000
|
unkown
|
page read and write
|
|
|
|
5D41EF7000
|
unkown
|
page read and write
|
|
|
|
7FF4EB938000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E49000
|
unkown
|
page readonly
|
|
|
|
7FF5A7AD6000
|
unkown
|
page readonly
|
|
|
|
7FF5A7600000
|
unkown
|
page readonly
|
|
|
|
1C9B24D0000
|
unkown
|
page readonly
|
|
|
|
1C9B7A82000
|
unkown
|
page read and write
|
|
|
|
7FF5A71C3000
|
unkown
|
page readonly
|
|
|
|
2BB06FF000
|
unkown
|
page read and write
|
|
|
|
1C9B7950000
|
unkown
|
page readonly
|
|
|
|
7FF537627000
|
unkown
|
page readonly
|
|
|
|
7FF4F698B000
|
unkown
|
page readonly
|
|
|
|
7FF4F9BC3000
|
unkown
|
page readonly
|
|
|
|
1C9B20F0000
|
heap private
|
page read and write
|
|
|
|
7FF51B366000
|
unkown
|
page readonly
|
|
|
|
7FF5A791D000
|
unkown
|
page readonly
|
|
|
|
7FF53767A000
|
unkown
|
page readonly
|
|
|
|
7FF4F71B4000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FD1000
|
unkown
|
page readonly
|
|
|
|
3EFFFFB000
|
unkown
|
page read and write
|
|
|
|
7FF5A7AF4000
|
unkown
|
page readonly
|
|
|
|
26386F13000
|
unkown
|
page read and write
|
|
|
|
7FF51AE79000
|
unkown
|
page readonly
|
|
|
|
28FFB429000
|
unkown
|
page read and write
|
|
|
|
9656D1B000
|
unkown
|
page read and write
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF4F6A70000
|
unkown
|
page readonly
|
|
|
|
7FF51B595000
|
unkown
|
page readonly
|
|
|
|
7FF55EC00000
|
unkown
|
page readonly
|
|
|
|
7FF5A79E4000
|
unkown
|
page readonly
|
|
|
|
7FF5A6E03000
|
unkown
|
page readonly
|
|
|
|
9798E7B000
|
unkown
|
page read and write
|
|
|
|
1AD40100000
|
unkown
|
page read and write
|
|
|
|
7FF55E9FF000
|
unkown
|
page readonly
|
|
|
|
7FF4F71B8000
|
unkown
|
page readonly
|
|
|
|
7FF5A7475000
|
unkown
|
page readonly
|
|
|
|
7FF4F698D000
|
unkown
|
page readonly
|
|
|
|
1A06DE29000
|
unkown
|
page read and write
|
|
|
|
1AD40540000
|
unkown
|
page readonly
|
|
|
|
3EFFAFE000
|
unkown
|
page read and write
|
|
|
|
1C9B7660000
|
unkown
|
page readonly
|
|
|
|
7FF4F7001000
|
unkown
|
page readonly
|
|
|
|
7FF55EBEF000
|
unkown
|
page readonly
|
|
|
|
26386E75000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C8B000
|
unkown
|
page readonly
|
|
|
|
28FFB46C000
|
unkown
|
page read and write
|
|
|
|
28FFB433000
|
unkown
|
page read and write
|
|
|
|
18144030000
|
unkown
|
page readonly
|
|
|
|
1C9B32C0000
|
unkown
|
page readonly
|
|
|
|
263870D0000
|
unkown
|
page readonly
|
|
|
|
96570FF000
|
unkown
|
page read and write
|
|
|
|
1C9B2990000
|
unkown
|
page readonly
|
|
|
|
7FF537669000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FCA000
|
unkown
|
page readonly
|
|
|
|
1D4AF864000
|
unkown
|
page read and write
|
|
|
|
7FF4F9E75000
|
unkown
|
page readonly
|
|
|
|
7FF5A75FD000
|
unkown
|
page readonly
|
|
|
|
28FFB43F000
|
unkown
|
page read and write
|
|
|
|
1C9B2213000
|
unkown
|
page read and write
|
|
|
|
2BB067B000
|
unkown
|
page read and write
|
|
|
|
7FF51B58C000
|
unkown
|
page readonly
|
|
|
|
7FF5A76ED000
|
unkown
|
page readonly
|
|
|
|
1D4AF730000
|
unkown
|
page readonly
|
|
|
|
1C9B3620000
|
unkown
|
page read and write
|
|
|
|
7FF4F72CE000
|
unkown
|
page readonly
|
|
|
|
1C9B76B0000
|
unkown
|
page read and write
|
|
|
|
7FF5A7668000
|
unkown
|
page readonly
|
|
|
|
7FF55EB69000
|
unkown
|
page readonly
|
|
|
|
1C9B2860000
|
unkown
|
page readonly
|
|
|
|
28FFB1A0000
|
heap private
|
page read and write
|
|
|
|
7FF55EBF6000
|
unkown
|
page readonly
|
|
|
|
189F8A02000
|
unkown
|
page read and write
|
|
|
|
3E804FE000
|
unkown
|
page read and write
|
|
|
|
1A25B0DB000
|
heap default
|
page read and write
|
|
|
|
5D4237F000
|
unkown
|
page read and write
|
|
|
|
7FF5A987D000
|
unkown
|
page readonly
|
|
|
|
7FF4EB8C3000
|
unkown
|
page readonly
|
|
|
|
7FF5375E7000
|
unkown
|
page readonly
|
|
|
|
26386D80000
|
unkown
|
page readonly
|
|
|
|
1C9B7690000
|
unkown
|
page read and write
|
|
|
|
EB9387F000
|
unkown
|
page read and write
|
|
|
|
1D4AF720000
|
unkown
|
page readonly
|
|
|
|
337347F000
|
unkown
|
page read and write
|
|
|
|
7FF5A7AE0000
|
unkown
|
page readonly
|
|
|
|
9656D9E000
|
unkown
|
page read and write
|
|
|
|
189F8A29000
|
unkown
|
page read and write
|
|
|
|
7FF5A774B000
|
unkown
|
page readonly
|
|
|
|
18143FC0000
|
heap private
|
page read and write
|
|
|
|
7FF5A7B0F000
|
unkown
|
page readonly
|
|
|
|
7FF55EB7A000
|
unkown
|
page readonly
|
|
|
|
1A06DDD0000
|
unkown
|
page read and write
|
|
|
|
7FF4F9E45000
|
unkown
|
page readonly
|
|
|
|
1AD3F86E000
|
unkown
|
page read and write
|
|
|
|
3EFFDFF000
|
unkown
|
page read and write
|
|
|
|
7FF51B69D000
|
unkown
|
page readonly
|
|
|
|
1C9B77F4000
|
unkown
|
page read and write
|
|
|
|
7FF5A7A20000
|
unkown
|
page readonly
|
|
|
|
7FF4F718D000
|
unkown
|
page readonly
|
|
|
|
7FF51B593000
|
unkown
|
page readonly
|
|
|
|
7FF4EB96B000
|
unkown
|
page readonly
|
|
|
|
7FF537695000
|
unkown
|
page readonly
|
|
|
|
1A06DDB0000
|
unkown
|
page readonly
|
|
|
|
7FF55EC2D000
|
unkown
|
page readonly
|
|
|
|
7FF55E9CD000
|
unkown
|
page readonly
|
|
|
|
EB931CD000
|
unkown
|
page read and write
|
|
|
|
7FF5375CD000
|
unkown
|
page readonly
|
|
|
|
1C9B7884000
|
unkown
|
page readonly
|
|
|
|
5D41BDE000
|
unkown
|
page read and write
|
|
|
|
7FF5A7AC8000
|
unkown
|
page readonly
|
|
|
|
189F8A5C000
|
unkown
|
page read and write
|
|
|
|
18145CA0000
|
unkown
|
page readonly
|
|
|
|
96571FE000
|
unkown
|
page read and write
|
|
|
|
5D4277F000
|
unkown
|
page read and write
|
|
|
|
1D4AF902000
|
unkown
|
page read and write
|
|
|
|
26387000000
|
unkown
|
page readonly
|
|
|
|
7FF536F74000
|
unkown
|
page readonly
|
|
|
|
7FF4F71C2000
|
unkown
|
page readonly
|
|
|
|
7FF4F9EC8000
|
unkown
|
page readonly
|
|
|
|
1A06DDA0000
|
heap default
|
page read and write
|
|
|
|
7FF5A774F000
|
unkown
|
page readonly
|
|
|
|
1C9B31E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A7AFB000
|
unkown
|
page readonly
|
|
|
|
7FF55E9EC000
|
unkown
|
page readonly
|
|
|
|
1C9B78BC000
|
unkown
|
page readonly
|
|
|
|
1C9B7A00000
|
unkown
|
page read and write
|
|
|
|
7FF5A755D000
|
unkown
|
page readonly
|
|
|
|
7FF4F7074000
|
unkown
|
page readonly
|
|
|
|
1C9B7A3D000
|
unkown
|
page read and write
|
|
|
|
1A06DF02000
|
unkown
|
page read and write
|
|
|
|
7FF5A769A000
|
unkown
|
page readonly
|
|
|
|
7FF5A7ACF000
|
unkown
|
page readonly
|
|
|
|
1A06DE36000
|
unkown
|
page read and write
|
|
|
|
337337E000
|
unkown
|
page read and write
|
|
|
|
1A06E530000
|
unkown
|
page read and write
|
|
|
|
7FF537714000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E1C000
|
unkown
|
page readonly
|
|
|
|
7FF51B5D9000
|
unkown
|
page readonly
|
|
|
|
1C9B7910000
|
unkown
|
page read and write
|
|
|
|
1D4AFA00000
|
unkown
|
page readonly
|
|
|
|
7FF55E9C2000
|
unkown
|
page readonly
|
|
|
|
7FF5A767D000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
1C9B7C00000
|
unkown
|
page read and write
|
|
|
|
1A06E530000
|
unkown
|
page read and write
|
|
|
|
7FF4F7098000
|
unkown
|
page readonly
|
|
|
|
7FF51B43D000
|
unkown
|
page readonly
|
|
|
|
7FF4F6F6A000
|
unkown
|
page readonly
|
|
|
|
7FF51B5AC000
|
unkown
|
page readonly
|
|
|
|
1A25CE00000
|
heap private
|
page read and write
|
|
|
|
7FF53761C000
|
unkown
|
page readonly
|
|
|
|
7FF4F72DF000
|
unkown
|
page readonly
|
|
|
|
1D4AF879000
|
unkown
|
page read and write
|
|
|
|
1D4AF858000
|
unkown
|
page read and write
|
|
|
|
7FF4F71E7000
|
unkown
|
page readonly
|
|
|
|
1A25B1A0000
|
unkown
|
page read and write
|
|
|
|
5D41B5D000
|
unkown
|
page read and write
|
|
|
|
1A06E800000
|
unkown
|
page read and write
|
|
|
|
EB9347E000
|
unkown
|
page read and write
|
|
|
|
7FF51B69B000
|
unkown
|
page readonly
|
|
|
|
7FF5A773E000
|
unkown
|
page readonly
|
|
|
|
3E802FF000
|
unkown
|
page read and write
|
|
|
|
7FF53765D000
|
unkown
|
page readonly
|
|
|
|
7FF51B514000
|
unkown
|
page readonly
|
|
|
|
1D4AF913000
|
unkown
|
page read and write
|
|
|
|
33730FE000
|
unkown
|
page read and write
|
|
|
|
94B2CFF000
|
unkown
|
page read and write
|
|
|
|
7FF4F9F0F000
|
unkown
|
page readonly
|
|
|
|
7FF4F72BD000
|
unkown
|
page readonly
|
|
|
|
1A25CC00000
|
heap private
|
page read and write
|
|
|
|
1C9B7C30000
|
unkown
|
page readonly
|
|
|
|
7FF4EB950000
|
unkown
|
page readonly
|
|
|
|
1C9B223F000
|
unkown
|
page read and write
|
|
|
|
1814426A000
|
unkown
|
page read and write
|
|
|
|
94B27FE000
|
unkown
|
page read and write
|
|
|
|
1A06E000000
|
unkown
|
page readonly
|
|
|
|
7FF5376FE000
|
unkown
|
page readonly
|
|
|
|
1D4AFD90000
|
unkown
|
page readonly
|
|
|
|
1A06DE13000
|
unkown
|
page read and write
|
|
|
|
3EFFA7B000
|
unkown
|
page read and write
|
|
|
|
26386E00000
|
unkown
|
page read and write
|
|
|
|
7FF5A732D000
|
unkown
|
page readonly
|
|
|
|
7FF4F6E80000
|
unkown
|
page readonly
|
|
|
|
7FF4F9EE0000
|
unkown
|
page readonly
|
|
|
|
7FF4EB97D000
|
unkown
|
page readonly
|
|
|
|
68F87FC000
|
unkown
|
page read and write
|
|
|
|
7FF4F9F0B000
|
unkown
|
page readonly
|
|
|
|
7FF4F6E11000
|
unkown
|
page readonly
|
|
|
|
1AD3F829000
|
unkown
|
page read and write
|
|
|
|
28FFB2E0000
|
unkown
|
page write copy
|
|
|
|
3EFFEFE000
|
unkown
|
page read and write
|
|
|
|
7FF4EB850000
|
unkown
|
page readonly
|
|
|
|
1C9B77B0000
|
unkown
|
page read and write
|
|
|
|
7FF4EB636000
|
unkown
|
page readonly
|
|
|
|
7FF51B66E000
|
unkown
|
page readonly
|
|
|
|
189F8CD0000
|
unkown
|
page readonly
|
|
|
|
7FF4F953F000
|
unkown
|
page readonly
|
|
|
|
1A25B080000
|
unkown
|
page read and write
|
|
|
|
1D4AF802000
|
unkown
|
page read and write
|
|
|
|
7FF4EB95D000
|
unkown
|
page readonly
|
|
|
|
7FF55EC2B000
|
unkown
|
page readonly
|
|
|
|
1C9B7AAF000
|
unkown
|
page read and write
|
|
|
|
7FF5A9886000
|
unkown
|
page readonly
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
28FFB46A000
|
unkown
|
page read and write
|
|
|
|
189F8A33000
|
unkown
|
page read and write
|
|
|
|
7FF53771E000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FCC000
|
unkown
|
page readonly
|
|
|
|
28FFB200000
|
heap default
|
page read and write
|
|
|
|
7FF4F72AB000
|
unkown
|
page readonly
|
|
|
|
68F833E000
|
unkown
|
page read and write
|
|
|
|
189F89F0000
|
unkown
|
page readonly
|
|
|
|
18145BA0000
|
unkown
|
page read and write
|
|
|
|
5D429FC000
|
unkown
|
page read and write
|
|
|
|
7FF55EB5D000
|
unkown
|
page readonly
|
|
|
|
189F8A3D000
|
unkown
|
page read and write
|
|
|
|
2BB097E000
|
unkown
|
page read and write
|
|
|
|
1A25B1D0000
|
unkown
|
page readonly
|
|
|
|
7FF4F72DB000
|
unkown
|
page readonly
|
|
|
|
2BB08FF000
|
unkown
|
page read and write
|
|
|
|
3EFFC7C000
|
unkown
|
page read and write
|
|
|
|
7FF537637000
|
unkown
|
page readonly
|
|
|
|
68F83BE000
|
unkown
|
page read and write
|
|
|
|
7FF51B14F000
|
unkown
|
page readonly
|
|
|
|
7FF4F7197000
|
unkown
|
page readonly
|
|
|
|
7FF4EB863000
|
unkown
|
page readonly
|
|
|
|
7FF5A7607000
|
unkown
|
page readonly
|
|
|
|
1D4AF900000
|
unkown
|
page read and write
|
|
|
|
94B2AFF000
|
unkown
|
page read and write
|
|
|
|
7FF5A7689000
|
unkown
|
page readonly
|
|
|
|
1A25B0A0000
|
heap default
|
page read and write
|
|
|
|
28FFB454000
|
unkown
|
page read and write
|
|
|
|
7FF51B68E000
|
unkown
|
page readonly
|
|
|
|
189F8A3A000
|
unkown
|
page read and write
|
|
|
|
7FF5A7B0B000
|
unkown
|
page readonly
|
|
|
|
7FF51B68B000
|
unkown
|
page readonly
|
|
|
|
7FF55EC0D000
|
unkown
|
page readonly
|
|
|
|
7FF51ACD6000
|
unkown
|
page readonly
|
|
|
|
1C9B2302000
|
unkown
|
page read and write
|
|
|
|
7FF4F6993000
|
unkown
|
page readonly
|
|
|
|
18144302000
|
unkown
|
page read and write
|
|
|
|
1C9B7910000
|
unkown
|
page readonly
|
|
|
|
189F8C00000
|
unkown
|
page readonly
|
|
|
|
7FF4F71EC000
|
unkown
|
page readonly
|
|
|
|
7FF5A7AED000
|
unkown
|
page readonly
|
|
|
|
7FF4EB8CA000
|
unkown
|
page readonly
|
|
|
|
9798AFE000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C8F000
|
unkown
|
page readonly
|
|
|
|
1A25B650000
|
unkown
|
page readonly
|
|
|
|
7FF5A7AFE000
|
unkown
|
page readonly
|
|
|
|
7FF5A770F000
|
unkown
|
page readonly
|
|
|
|
1C9B2B59000
|
unkown
|
page read and write
|
|
|
|
7FF55EB73000
|
unkown
|
page readonly
|
|
|
|
94B2A7D000
|
unkown
|
page read and write
|
|
|
|
7FF5A7685000
|
unkown
|
page readonly
|
|
|
|
1D4AF5E0000
|
heap private
|
page read and write
|
|
|
|
1A06E460000
|
unkown
|
page readonly
|
|
|
|
1C9B2B02000
|
unkown
|
page read and write
|
|
|
|
7FF51B5EA000
|
unkown
|
page readonly
|
|
|
|
7FF55EB27000
|
unkown
|
page readonly
|
|
|
|
1A25CA90000
|
unkown
|
page readonly
|
|
|
|
94B232B000
|
unkown
|
page read and write
|
|
|
|
1D4AF640000
|
heap default
|
page read and write
|
|
|
|
28FFB413000
|
unkown
|
page read and write
|
|
|
|
1AD4013B000
|
unkown
|
page read and write
|
|
|
|
1C9B7900000
|
unkown
|
page read and write
|
|
|
|
189F9060000
|
unkown
|
page readonly
|
|
|
|
2BB087A000
|
unkown
|
page read and write
|
|
|
|
26386E13000
|
unkown
|
page read and write
|
|
|
|
1814423F000
|
unkown
|
page read and write
|
|
|
|
1D4B0000000
|
unkown
|
page readonly
|
|
|
|
189F8A31000
|
unkown
|
page read and write
|
|
|
|
7FF4F707D000
|
unkown
|
page readonly
|
|
|
|
7FF4F72AE000
|
unkown
|
page readonly
|
|
|
|
7FF4EAFA9000
|
unkown
|
page readonly
|
|
|
|
9798A7C000
|
unkown
|
page read and write
|
|
|
|
1C9B7960000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E28000
|
unkown
|
page readonly
|
|
|
|
18144100000
|
unkown
|
page write copy
|
|
|
|
7FF55EC14000
|
unkown
|
page readonly
|
|
|
|
1C9B2287000
|
unkown
|
page read and write
|
|
|
|
1AD3F750000
|
heap private
|
page read and write
|
|
|
|
7FF55E9F6000
|
unkown
|
page readonly
|
|
|
|
3E800FD000
|
unkown
|
page read and write
|
|
|
|
7FF5376E8000
|
unkown
|
page readonly
|
|
|
|
5D4247F000
|
unkown
|
page read and write
|
|
|
|
1C9B77D4000
|
unkown
|
page read and write
|
|
|
|
26386E5B000
|
unkown
|
page read and write
|
|
|
|
7FF5376EF000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C60000
|
unkown
|
page readonly
|
|
|
|
26386D70000
|
heap default
|
page read and write
|
|
|
|
18144020000
|
heap default
|
page read and write
|
|
|
|
1C9B226C000
|
unkown
|
page read and write
|
|
|
|
1C9B7C10000
|
unkown
|
page readonly
|
|
|
|
7FF55EC2F000
|
unkown
|
page readonly
|
|
|
|
18144150000
|
unkown
|
page readonly
|
|
|
|
7FF4F6946000
|
unkown
|
page readonly
|
|
|
|
7FF5A7ADB000
|
unkown
|
page readonly
|
|
|
|
68F867D000
|
unkown
|
page read and write
|
|
|
|
1814424B000
|
unkown
|
page read and write
|
|
|
|
7FF5A74C7000
|
unkown
|
page readonly
|
|
|
|
1A25D000000
|
heap private
|
page read and write
|
|
|
|
7FF4F71B0000
|
unkown
|
page readonly
|
|
|
|
EB93A7E000
|
unkown
|
page read and write
|
|
|
|
1D4AF840000
|
unkown
|
page read and write
|
|
|
|
7FF4F71D7000
|
unkown
|
page readonly
|
|
|
|
7FF5A9B9C000
|
unkown
|
page readonly
|
|
|
|
7FF5375E0000
|
unkown
|
page readonly
|
|
|
|
1A25D2E0000
|
heap private
|
page read and write
|
|
|
|
7FF55EC1E000
|
unkown
|
page readonly
|
|
|
|
7FF4EB964000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A5A000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
7FF5A733A000
|
unkown
|
page readonly
|
|
|
|
3EFFF7B000
|
unkown
|
page read and write
|
|
|
|
1C9B2B59000
|
unkown
|
page read and write
|
|
|
|
337357E000
|
unkown
|
page read and write
|
|
|
|
7FF55E266000
|
unkown
|
page readonly
|
|
|
|
7FF4F6E54000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FE7000
|
unkown
|
page readonly
|
|
|
|
7FF53747A000
|
unkown
|
page readonly
|
|
|
|
7FF4F6DE6000
|
unkown
|
page readonly
|
|
|
|
28FFCEA0000
|
unkown
|
page readonly
|
|
|
|
7FF51B5CD000
|
unkown
|
page readonly
|
|
|
|
7FF51B51E000
|
unkown
|
page readonly
|
|
|
|
7FF5A6E07000
|
unkown
|
page readonly
|
|
|
|
1A25B2B5000
|
heap private
|
page read and write
|
|
|
|
7FF55EB23000
|
unkown
|
page readonly
|
|
|
|
EB9377C000
|
unkown
|
page read and write
|
|
|
|
7FF5A71C7000
|
unkown
|
page readonly
|
|
|
|
1A25B2B0000
|
heap private
|
page read and write
|
|
|
|
7FF5A7332000
|
unkown
|
page readonly
|
|
|
|
7FF4EB96E000
|
unkown
|
page readonly
|
|
|
|
7FF5A7660000
|
unkown
|
page readonly
|
|
|
|
1C9B7910000
|
unkown
|
page read and write
|
|
|
|
1AD3F8E4000
|
unkown
|
page read and write
|
|
|
|
18144200000
|
unkown
|
page read and write
|
|
|
|
1C9B77D0000
|
unkown
|
page read and write
|
|
|
|
7FF55E8BA000
|
unkown
|
page readonly
|
|
|
|
7FF51B1FA000
|
unkown
|
page readonly
|
|
|
|
1D4AFDA0000
|
unkown
|
page read and write
|
|
|
|
1C9B2A00000
|
unkown
|
page read and write
|
|
|
|
1C9B2400000
|
unkown
|
page readonly
|
|
|
|
9798B7E000
|
unkown
|
page read and write
|
|
|
|
7FF51B5B8000
|
unkown
|
page readonly
|
|
|
|
EB93D7F000
|
unkown
|
page read and write
|
|
|
|
7FF5A7716000
|
unkown
|
page readonly
|
|
|
|
26386E02000
|
unkown
|
page read and write
|
|
|
|
1C9B78E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A7A49000
|
unkown
|
page readonly
|
|
|
|
EB93E7E000
|
unkown
|
page read and write
|
|
|
|
7FF5A79C0000
|
unkown
|
page readonly
|
|
|
|
7FF4EB840000
|
unkown
|
page readonly
|
|
|
|
7FF55EB38000
|
unkown
|
page readonly
|
|
|
|
7FF4F7215000
|
unkown
|
page readonly
|
|
|
|
7FF55EBFB000
|
unkown
|
page readonly
|
|
|
|
1AD3F825000
|
unkown
|
page read and write
|
|
|
|
7FF5A78FE000
|
unkown
|
page readonly
|
|
|
|
7FF4F9ECF000
|
unkown
|
page readonly
|
|
|
|
7FF5374FE000
|
unkown
|
page readonly
|
|
|
|
28FFB513000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C6D000
|
unkown
|
page readonly
|
|
|
|
7FF5A76B3000
|
unkown
|
page readonly
|
|
|
|
7FF4F6FD3000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E3D000
|
unkown
|
page readonly
|
|
|
|
3E801FF000
|
unkown
|
page read and write
|
|
|
|
1C9B2229000
|
unkown
|
page read and write
|
|
|
|
1C9B2313000
|
unkown
|
page read and write
|
|
|
|
7FF537295000
|
unkown
|
page readonly
|
|
|
|
EB93B7F000
|
unkown
|
page read and write
|
|
|
|
1C9B79F0000
|
unkown
|
page readonly
|
|
|
|
1AD3F8BA000
|
unkown
|
page read and write
|
|
|
|
1C9B78F0000
|
unkown
|
page read and write
|
|
|
|
7FF51B1FE000
|
unkown
|
page readonly
|
|
|
|
189F89D0000
|
heap default
|
page read and write
|
|
|
|
28FFB210000
|
unkown
|
page readonly
|
|
|
|
1C9B2B18000
|
unkown
|
page read and write
|
|
|
|
7FF51B4AD000
|
unkown
|
page readonly
|
|
|
|
1C9B7A86000
|
unkown
|
page read and write
|
|
|
|
7FF5A765C000
|
unkown
|
page readonly
|
|
|
|
7FF5A7457000
|
unkown
|
page readonly
|
|
|
|
26386E6B000
|
unkown
|
page read and write
|
|
|
|
18144202000
|
unkown
|
page read and write
|
|
|
|
68F877E000
|
unkown
|
page read and write
|
|
|
|
7FF4F6950000
|
unkown
|
page readonly
|
|
|
|
1AD3F902000
|
unkown
|
page read and write
|
|
|
|
94B297E000
|
unkown
|
page read and write
|
|
|
|
5D421FF000
|
unkown
|
page read and write
|
|
|
|
7FF4F9E07000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E53000
|
unkown
|
page readonly
|
|
|
|
1C9B7894000
|
unkown
|
page readonly
|
|
|
|
5D428FA000
|
unkown
|
page read and write
|
|
|
|
7FF5A9B87000
|
unkown
|
page readonly
|
|
|
|
1AD3F7B0000
|
heap default
|
page read and write
|
|
|
|
26386E41000
|
unkown
|
page read and write
|
|
|
|
7FF5A773B000
|
unkown
|
page readonly
|
|
|
|
94B2D7F000
|
unkown
|
page read and write
|
|
|
|
1C9B7A4A000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BA8000
|
unkown
|
page readonly
|
|
|
|
7FF4F9CAD000
|
unkown
|
page readonly
|
|
|
|
1C9B29A0000
|
unkown
|
page readonly
|
|
|
|
1C9B77B0000
|
unkown
|
page read and write
|
|
|
|
1C9B2190000
|
unkown
|
page read and write
|
|
|
|
7FF53770D000
|
unkown
|
page readonly
|
|
|
|
1C9B2256000
|
unkown
|
page read and write
|
|
|
|
1C9B77E0000
|
unkown
|
page read and write
|
|
|
|
7FF4F7298000
|
unkown
|
page readonly
|
|
|
|
1C9B228E000
|
unkown
|
page read and write
|
|
|
|
189F8B02000
|
unkown
|
page read and write
|
|
|
|
7FF5A7A3D000
|
unkown
|
page readonly
|
|
|
|
1AD3FE60000
|
unkown
|
page readonly
|
|
|
|
1C9B77B8000
|
unkown
|
page read and write
|
|
|
|
189F8A83000
|
unkown
|
page read and write
|
|
|
|
1AD40200000
|
unkown
|
page readonly
|
|
|
|
1D4AF828000
|
unkown
|
page read and write
|
|
|
|
7FF5A7657000
|
unkown
|
page readonly
|
|
|
|
3EFFB7D000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BA0000
|
unkown
|
page readonly
|
|
|
|
18144213000
|
unkown
|
page read and write
|
|
|
|
189F9202000
|
unkown
|
page read and write
|
|
|
|
1A25B1C0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C56000
|
unkown
|
page readonly
|
|
|
|
1A25B290000
|
unkown
|
page readonly
|
|
|
|
1C9B3100000
|
unkown
|
page read and write
|
|
|
|
7FF4F72DF000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A45000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BBD000
|
unkown
|
page readonly
|
|
|
|
7FF4F71CC000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
7FF4F9F0F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BF5000
|
unkown
|
page readonly
|
|
|
|
1C9B2170000
|
unkown
|
page readonly
|
|
|
|
1C9B2B13000
|
unkown
|
page read and write
|
|
|
|
5D41ADC000
|
unkown
|
page read and write
|
|
|
|
7FF53771B000
|
unkown
|
page readonly
|
|
|
|
189F9130000
|
unkown
|
page read and write
|
|
|
|
7FF4F71D3000
|
unkown
|
page readonly
|
|
|
|
7FF55EB04000
|
unkown
|
page readonly
|
|
|
|
7FF5A753E000
|
unkown
|
page readonly
|
|
|
|
7FF537446000
|
unkown
|
page readonly
|
|
|
|
7FF4EB678000
|
unkown
|
page readonly
|
|
|
|
3E803FD000
|
unkown
|
page read and write
|
|
|
|
18144400000
|
unkown
|
page readonly
|
|
|
|
1C9B77D1000
|
unkown
|
page read and write
|
|
|
|
965707A000
|
unkown
|
page read and write
|
|
|
|
1C9B78B8000
|
unkown
|
page write copy
|
|
|
|
7FF4F72C4000
|
unkown
|
page readonly
|
|
|
|
68F82BC000
|
unkown
|
page read and write
|
|
|
|
7FF5A9973000
|
unkown
|
page readonly
|
|
|
|
1C9B29C0000
|
unkown
|
page readonly
|
|
|
|
7FF51B684000
|
unkown
|
page readonly
|
|
|
|
2BB0779000
|
unkown
|
page read and write
|
|
|
|
7FF4F6AAE000
|
unkown
|
page readonly
|
|
|
|
EB9314B000
|
unkown
|
page read and write
|
|
|
|
1C9B2180000
|
unkown
|
page read and write
|
|
|
|
7FF4EB94B000
|
unkown
|
page readonly
|
|
|
|
7FF5A7887000
|
unkown
|
page readonly
|
|
|
|
1AD3FAD0000
|
unkown
|
page readonly
|
|
|
|
7FF4F7003000
|
unkown
|
page readonly
|
|
|
|
1A25B2C0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9B2F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9B33000
|
unkown
|
page readonly
|
|
|
|
7FF55EAAE000
|
unkown
|
page readonly
|
|
|
|
7FF55E937000
|
unkown
|
page readonly
|
|
|
|
7FF5A7817000
|
unkown
|
page readonly
|
|
|
|
26386D10000
|
heap private
|
page read and write
|
|
|
|
7FF5A7A1C000
|
unkown
|
page readonly
|
|
|
|
1C9B2271000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C4F000
|
unkown
|
page readonly
|
|
|
|
1A06DDC0000
|
unkown
|
page readonly
|
|
|
|
7FF4F7223000
|
unkown
|
page readonly
|
|
|
|
1AD3F83E000
|
unkown
|
page read and write
|
|
|
|
7FF5373BA000
|
unkown
|
page readonly
|
|
|
|
1D4AF650000
|
unkown
|
page readonly
|
|
|
|
7FF4F72CB000
|
unkown
|
page readonly
|
|
|
|
28FFB402000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C8F000
|
unkown
|
page readonly
|
|
|
|
7FF51B597000
|
unkown
|
page readonly
|
|
|
|
1C9B2160000
|
unkown
|
page readonly
|
|
|
|
9657179000
|
unkown
|
page read and write
|
|
|
|
7FF51B66B000
|
unkown
|
page readonly
|
|
|
|
EB93F7E000
|
unkown
|
page read and write
|
|
|
|
18144313000
|
unkown
|
page read and write
|
|
|
|
7FF4F6F9F000
|
unkown
|
page readonly
|
|
|
|
1814426E000
|
unkown
|
page read and write
|
|
|
|
1C9B77E0000
|
unkown
|
page read and write
|
|
|
|
1A06DE57000
|
unkown
|
page read and write
|
|
|
|
7FF5A7B0F000
|
unkown
|
page readonly
|
|
|
|
7FF4F720D000
|
unkown
|
page readonly
|
|
|
|
5D424FF000
|
unkown
|
page read and write
|
|
|
|
7FF5A76F2000
|
unkown
|
page readonly
|
|
|
|
7FF5A772D000
|
unkown
|
page readonly
|
|
|
|
1AD3FA00000
|
unkown
|
page readonly
|
|
|
|
7FF5A744D000
|
unkown
|
page readonly
|
|
|
|
7FF55E92D000
|
unkown
|
page readonly
|
|
|
|
7FF51B5D5000
|
unkown
|
page readonly
|
|
|
|
7FF51B658000
|
unkown
|
page readonly
|
|
|
|
7FF51B666000
|
unkown
|
page readonly
|
|
|
|
5D426FA000
|
unkown
|
page read and write
|
|
|
|
7FF55EB95000
|
unkown
|
page readonly
|
|
|
|
1814426A000
|
unkown
|
page read and write
|
|
|
|
7FF5A9BD3000
|
unkown
|
page readonly
|
|
|
|
5D423FF000
|
unkown
|
page read and write
|
|
|
|
1C9B7880000
|
unkown
|
page write copy
|
|
|
|
7FF55EC1B000
|
unkown
|
page readonly
|
|
|
|
1C9B29D0000
|
unkown
|
page readonly
|
|
|
|
7FF4F7117000
|
unkown
|
page readonly
|
|
|
|
1AD3F8CB000
|
unkown
|
page read and write
|
|
|
|
1AD3F887000
|
unkown
|
page read and write
|
|
|
|
5D41FFC000
|
unkown
|
page read and write
|
|
|
|
1A25CAA0000
|
unkown
|
page readonly
|
|
|
|
1C9B7910000
|
unkown
|
page read and write
|
|
|
|
7FF4EB8B9000
|
unkown
|
page readonly
|
|
|
|
7FF4F953C000
|
unkown
|
page readonly
|
|
|
|
1C9B7A8A000
|
unkown
|
page read and write
|
|
|
|
7FF51AEE4000
|
unkown
|
page readonly
|
|
|
|
7FF55EBE8000
|
unkown
|
page readonly
|
|
|
|
18144256000
|
unkown
|
page read and write
|
|
|
|
7FF4F7093000
|
unkown
|
page readonly
|
|
|
|
1C9B76A0000
|
unkown
|
page read and write
|
|
|
|
1AD3F7C0000
|
unkown
|
page readonly
|
|
|
|
7FF4EB877000
|
unkown
|
page readonly
|
|
|
|
EB9357B000
|
unkown
|
page read and write
|
|
|
|
7FF4EB93F000
|
unkown
|
page readonly
|
|
|
|
5D425FC000
|
unkown
|
page read and write
|
|
|
|
7FF5374A7000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BC9000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
7FF4EB887000
|
unkown
|
page readonly
|
|
|
|
EB9367F000
|
unkown
|
page read and write
|
|
|
|
1C9B7A1F000
|
unkown
|
page read and write
|
|
|
|
26386E29000
|
unkown
|
page read and write
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF5A9C74000
|
unkown
|
page readonly
|
|
|
|
1A06E602000
|
unkown
|
page read and write
|
|
|
|
28FFB600000
|
unkown
|
page readonly
|
|
|
|
7FF51B378000
|
unkown
|
page readonly
|
|
|
|
1C9B2200000
|
unkown
|
page read and write
|
|
|
|
1AD3FF40000
|
unkown
|
page readonly
|
|
|
|
18144300000
|
unkown
|
page read and write
|
|
|
|
189F89E0000
|
unkown
|
page readonly
|
|
|
|
7FF4F7030000
|
unkown
|
page readonly
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF51B582000
|
unkown
|
page readonly
|
|
|
|
7FF537236000
|
unkown
|
page readonly
|
|
|
|
1A06E0D0000
|
unkown
|
page readonly
|
|
|
|
7FF5A7734000
|
unkown
|
page readonly
|
|
|
|
94B23AE000
|
unkown
|
page read and write
|
|
|
|
7FF4F729F000
|
unkown
|
page readonly
|
|
|
|
979907E000
|
unkown
|
page read and write
|
|
|
|
1AD3F7E0000
|
unkown
|
page read and write
|
|
|
|
28FFB468000
|
unkown
|
page read and write
|
|
|
|
7FF51B5A7000
|
unkown
|
page readonly
|
|
|
|
7FF537665000
|
unkown
|
page readonly
|
|
|
|
7FF5375DD000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C7B000
|
unkown
|
page readonly
|
|
|
|
1C9B2A15000
|
unkown
|
page read and write
|
|
|
|
5D422FB000
|
unkown
|
page read and write
|
|
|
|
94B2BFD000
|
unkown
|
page read and write
|
|
|
|
1D4AF877000
|
unkown
|
page read and write
|
|
|
|
1C9B29B0000
|
unkown
|
page readonly
|
|
|
|
5D420FA000
|
unkown
|
page read and write
|
|
|
|
7FF5A9B3A000
|
unkown
|
page readonly
|
|
|
|
7FF5A79C7000
|
unkown
|
page readonly
|
|
|
|
1C9B7890000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BFD000
|
unkown
|
page readonly
|
|
|
|
7FF4F71F8000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A17000
|
unkown
|
page readonly
|
|
|
|
1C9B77F0000
|
unkown
|
page read and write
|
|
|
|
EB9397D000
|
unkown
|
page read and write
|
|
|
|
7FF5A933B000
|
unkown
|
page readonly
|
|
|
|
26386F02000
|
unkown
|
page read and write
|
|
|
|
18144229000
|
unkown
|
page read and write
|
|
|
|
189F8A13000
|
unkown
|
page read and write
|
|
|
|
7FF4F7190000
|
unkown
|
page readonly
|
|
|
|
1A06DE00000
|
unkown
|
page read and write
|
|
|
|
7FF4F712F000
|
unkown
|
page readonly
|
|
|
|
1A25B0A7000
|
heap default
|
page read and write
|
|
|
|
1A25AFB0000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BF3000
|
unkown
|
page readonly
|
|
|
|
7FF4F7154000
|
unkown
|
page readonly
|
|
|
|
1C9B7A99000
|
unkown
|
page read and write
|
|
|
|
7FF4F722A000
|
unkown
|
page readonly
|
|
|
|
7FF4EB8B5000
|
unkown
|
page readonly
|
|
|
|
7FF51B574000
|
unkown
|
page readonly
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
7FF537673000
|
unkown
|
page readonly
|
|
|
|
1A06DD40000
|
heap private
|
page read and write
|
|
|
|
94B267E000
|
unkown
|
page read and write
|
|
|
|
1A06E530000
|
unkown
|
page read and write
|
|
|
|
7FF5A731F000
|
unkown
|
page readonly
|
|
|
|
7FF5A7708000
|
unkown
|
page readonly
|
|
|
|
7FF5376F6000
|
unkown
|
page readonly
|
|
|
|
7FF4F6E45000
|
unkown
|
page readonly
|
|
|
|
1C9B2150000
|
heap default
|
page read and write
|
|
|
|
1AD40002000
|
unkown
|
page read and write
|
|
|
|
26386D90000
|
unkown
|
page readonly
|
|
|
|
7FF5A771B000
|
unkown
|
page readonly
|
|
|
|
7FF5A7A53000
|
unkown
|
page readonly
|
|
|
|
7FF5A76DF000
|
unkown
|
page readonly
|
|
|
|
1A06DE5F000
|
unkown
|
page read and write
|
|
|
|
7FF55E261000
|
unkown
|
page readonly
|
|
|
|
1D4AFE02000
|
unkown
|
page read and write
|
|
|
|
1C9B29F0000
|
unkown
|
page read and write
|
|
|
|
7FF4F6E5A000
|
unkown
|
page readonly
|
|
|
|
7FF4F7219000
|
unkown
|
page readonly
|
|
|
|
1AD3F813000
|
unkown
|
page read and write
|
|
|
|
1C9B77BE000
|
unkown
|
page read and write
|
|
|
|
1AD3F7D0000
|
unkown
|
page readonly
|
|
|
|
1C9B7A62000
|
unkown
|
page read and write
|
|
|
|
7FF53772D000
|
unkown
|
page readonly
|
|
|
|
7FF5A780D000
|
unkown
|
page readonly
|
|
|
|
7FF4F9EFB000
|
unkown
|
page readonly
|
|
|
|
1C9B22FA000
|
unkown
|
page read and write
|
|
|
|
26386DA0000
|
unkown
|
page read and write
|
|
|
|
7FF51B65F000
|
unkown
|
page readonly
|
|
|
|
7FF5A9C5B000
|
unkown
|
page readonly
|
|
|
|
7FF51B69F000
|
unkown
|
page readonly
|
|
|
|
7FF5A76FA000
|
unkown
|
page readonly
|
|
|
|
337317E000
|
unkown
|
page read and write
|
|
|
|
26387602000
|
unkown
|
page read and write
|
|
|
|
1AD3F913000
|
unkown
|
page read and write
|
|
|
|
1C9B2258000
|
unkown
|
page read and write
|
|
|
|
1C9B7880000
|
unkown
|
page read and write
|
|
|
|
1C9B22B7000
|
unkown
|
page read and write
|
|
|
|
18144268000
|
unkown
|
page read and write
|
|
|
|
1C9B7910000
|
unkown
|
page read and write
|
|
|
|
1C9B2B18000
|
unkown
|
page read and write
|
|
|
|
7FF4EB8E5000
|
unkown
|
page readonly
|
|
|
|
7FF5A774F000
|
unkown
|
page readonly
|
|
|
|
7FF4F9E5A000
|
unkown
|
page readonly
|
|
|
|
1C9B2B00000
|
unkown
|
page read and write
|
|
|
|
7FF4EB97F000
|
unkown
|
page readonly
|
|
|
|
7FF5A7835000
|
unkown
|
page readonly
|
|
|
|
5D42AFE000
|
unkown
|
page read and write
|
|
|
|
7FF4F9EDB000
|
unkown
|
page readonly
|
|
|
|
7FF55EC2F000
|
unkown
|
page readonly
|
|
|
|
7FF4F72A6000
|
unkown
|
page readonly
|
|
|
|
1C9B3601000
|
unkown
|
page read and write
|
|
|
|
7FF51B4C2000
|
unkown
|
page readonly
|
|
|
|
1A25D0FF000
|
heap private
|
page read and write
|
|
|
|
7FF5A7720000
|
unkown
|
page readonly
|
|
There are 720 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://alpine-blossom-bus.glitch.me/#
|
|
|
|
https://alpine-blossom-bus.glitch.me/#wayne.mcbean@synchronoss.com
|
|
|
|
https://account.live.com/ResetPassword.aspx?wreply=https://login.live.com/oauth20_authorize.srf%3fresponse_type%3dcode%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26scope%3dopenid%2bprofile%2bemail%2boffline_access%26response_mode%3dform_post%26redirect_uri%3dhttps%253a%252f%252flogin.microsoftonline.com%252fcommon%252ffederation%252foauth2%26state%3drQIIAeNisNLJKCkpKLbS1y_ILypJzNHLzUwuyi_OTyvJz8vJzEvVS87P1csvSs9MAbGKhLgEOhzkFBYXR3m11Zle3FvBmjCLkTM-J7MMrHIVozJh4_QvMDK-YGS8xSToX5TumRJe7JaaklqUWJKZn3eBReAVC48BsxUHB5cAgwSDAsMPFsZFrEBb40pDQg3r0t0nbto2zWOTN8MpVv2oKm-LfF_zTK8UU_-wSjdfS9PSXAsLj9w8L-00g6LwoKKQzICSsjKjgNBAWwsrwwlsQhPYmE6xMXxgY-xgZzjAyXiLS8TIwNBS18BI18BEwcDCysTCytgkCgA1%26estsfed%3d1%26uaid%3d201e408873a34a5a867e35d1bd780560%26fci%3dhttps%253a%252f%252fportal.microsoftonline.com.orgid.com%26username%3d%26contextid%3d34A42CC81359F79A%26bk%3d1549270157&id=293577&uiflavor=web&client_id=1E00004417ACAE&mkt=EN-US&lc=1033&bk=1549270157
|
|
|
|
https://signup.live.com/signup?ru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26response_type%3dcode%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26scope%3dopenid%2bprofile%2bemail%2boffline_access%26response_mode%3dform_post%26redirect_uri%3dhttps%253a%252f%252flogin.microsoftonline.com%252fcommon%252ffederation%252foauth2%26state%3drQIIAeNisNLJKCkpKLbS1y_ILypJzNHLzUwuyi_OTyvJz8vJzEvVS87P1csvSs9MAbGKhLgE5N-HsRnaz3GZ3Nb0o0aAj2MWI2d8TmYZWOUqRmXCxulfYGR8wch4i0nQvyjdMyW82C01JbUosSQzP-8Ci8ArFh4DZisODi4BBgkGBYYfLIyLWIG2Rik0X16_dbXTrqAUuYQeZ4ZTrPpRVd4W-b7mmV4ppv5hlW6-lqaluRYWHrl5XtppBkXhQUUhmQElZWVGAaGBtqZWhhPYhCawMZ1iY_jAxtjBznCAk_EWl4iRgaGlroGRroGJgoGllZGRlbFRFAA1%26estsfed%3d1%26lw%3d1%26fl%3deasi2%26fci%3dhttps%253a%252f%252fportal.microsoftonline.com.orgid.com%26mkt%3dEN-US%26uaid%3d0656ef1f3f31449c938682f87c100e08&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=0656ef1f3f31449c938682f87c100e08&suc=https%3a%2f%2fportal.microsoftonline.com.orgid.com&lic=1
|
|
|
|
https://www.microsoft.com/en-US/servicesagreement/
|
|
|
|
https://privacy.microsoft.com/en-US/privacystatement
|
|