IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.html
URL
initial url
 malicious
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 58596 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0c5f5359-db85-4fe4-8be5-a2341b18c7a9.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0d03f8bc-70af-402b-86c3-189591354029.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\2d077e22-0314-4bbf-bfae-94d186f3c374.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4926e72d-f26e-4acc-b759-e1f223f1e1b2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4de28014-ce33-459f-a49b-e026f0f1eaa6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\51028807-4ec8-4b30-ba48-dade0116492a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\651dec66-fb79-4e15-be02-6dd391d53700.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7b12c750-f5d7-414a-a560-c243698c2f7f.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\9f1cf166-1e1d-4f33-97f0-c719fb9a2599.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\481ccd09-a39c-47ac-8136-3ecc4fa87294.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\54023f61-32c1-45a6-9353-17117b236f80.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d1e220a-e8cb-4e7b-ae4a-92a242b3936a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\67a0f943-0454-45f2-87d6-d0c144505f3a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6901f892-f4be-46b6-bb89-9ea17e14508f.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6b1cec1a-de8e-4fd0-bfff-49b83d1ffd96.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6e2aac61-3a70-4c70-8d35-a053fc4e09cf.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\79022551-430d-460d-97c9-0f669ce018c5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\00e9eabc0bc6d2eb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0481116f3cd8293f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\094e2d6bf2abec98_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1f5bc7e33396c524_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22fb0e1969c285c1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2b178dc788abedc5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2ddbbf2cacbc4261_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\328b75cf02d95d5e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3302a32a41c40742_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b99dc3d3bc104fb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4278acc4333443e6_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\43fb384703621b6c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4f3329f3f8204488_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\53f3e8d7e98883b8_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\547db41b413d52f1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54f9d5181c9e5945_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\59f8bbf14d4853fd_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5fac85bbf020f3c0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6686b0c92e7fc912_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6b848a87f40dd230_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e2aa2cbfc56c1a0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\72090e93af2b3d0c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\781980b07f1bb38f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e4cea594f77c74d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83b9c3db1088f864_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f3c2e2c260a7099_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8fdad95f34dd1d59_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9a5575bef7c495dc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a20f3426f1f7ca2e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b41d13ea9415b75f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c77da56bd9ecc69a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ccadee8b0401689c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cfb5709fe74e1e20_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d87d9f144fbdb8cc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dbd8c12c40a4d9e0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e13566fd1f837090_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4b9b26cef092fbf_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f31034cd60667b7f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f46ad1d2652b0b43_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f583bfa92cce0c9b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3254c380ce1732_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_lpcdn.lpsnmedia.net_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
DOS executable (COM, 0x8C-variant)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\633155bf-940b-45ff-b86c-53ea2b04e0df.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\50d3e200-b604-43d5-b8f5-dfe059517f8d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\216ec966-ca11-405f-8b3d-abd672be2d44.tmp
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a2004511-ccec-4e0f-9ea0-9280329f9607.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a3ee049d-0cf5-4db6-8c1b-d4ba2e0c0be5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a7dae17e-5c2a-4dfd-ac7a-9f814fba554d.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ac66830e-7a76-4e60-8b6c-eb1e01fa5fbe.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b62f994b-8564-4da2-afcb-ce5816b3ed66.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bc4f38c8-d172-4e18-af04-b849e3a2f9ed.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bdefbf99-1e3a-41e6-9988-44a635e30a57.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c982e176-4924-4b39-aef5-20f21826fab3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d45de8f4-2708-4a43-9e38-7ab8f78f4436.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dbda7698-b7fc-4cb5-8d1d-8f310bd5b340.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\de38717f-78b4-478c-a622-bc7988707e97.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ec775d45-71ac-448d-8bab-9095e603e59f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\eee99060-139d-4014-87c5-68af63a8a556.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc36c48f-1ef9-426d-b238-272b2ea8c923.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc5d824b-f561-4957-96a8-403adf5e6030.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\f4ffdfa9-e71c-4fa0-90de-c78ce242a787.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\fd2e1cf0-7907-4e2e-83ae-1d85b578090c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\fd5fe9b3-6fd3-40b9-9362-9c8d3f117ee7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6eb7c7fe-3444-4a97-9ce2-60223e3ab5ef.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\7144_438755948\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\785dc6d3-798b-46b2-bcdf-ce23918415cf.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\86e45fe0-3b34-45d0-911f-e202817f047c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\8d6e8178-3a2a-4585-81a4-89c6fa9b453f.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\c3539119-3303-4e2d-bc69-a55383791cff.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\c6a716e5-4cbc-4016-bc5a-1b459f8a610b.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\86e45fe0-3b34-45d0-911f-e202817f047c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_135207529\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\785dc6d3-798b-46b2-bcdf-ce23918415cf.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_1998865095\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\8d6e8178-3a2a-4585-81a4-89c6fa9b453f.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7144_91421081\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
There are 281 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized 'https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.html'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,17651261746283096330,4109310344686773889,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1736 /prefetch:8
clean

URLs

Name
IP
Malicious
https://assets.onestore.ms/
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.htmljdMyW82C01JbUosSQzP-8
unknown
 clean
https://acctcdn.msauth.net/oneds_Xr2D7Nex80v7A-8bxF8jgQ2.js?v=1
unknown
 clean
https://login.microsoftonline.com/
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/setting/accountproperties/?cb=lpCb221
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.html253d2057%2526response
unknown
 clean
https://portal.microsoftonline.com.orgid.com
unknown
 clean
https://publisher.liveperson.net-_https://publisher.liveperson.net
unknown
 clean
https://signup.live.com
unknown
 clean
https://acctcdn.msauth.net/lightweightsignuppackage_HD5u0AbLsH5K38avjB7xTA2.js?v=1aD
unknown
 clean
https://acctcdn.msauth.net
unknown
 clean
https://lpcdn.lpsnmedia.net(_https://lpcdn.lpsnmedia.net
unknown
 clean
https://lpcdn.lpsnmedia.net//
unknown
 clean
https://publisher.liveperson.net/
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.htmlSign
unknown
 clean
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1aD
unknown
 clean
https://fpt.live.com/?session_id=0656ef1f3f31449c938682f87c100e08&CustomerId=33e01921-4d64-4f8c-a055
unknown
 clean
https://consentreceiverfd-prod.azurefd.net/v1
unknown
 clean
https://liveperson.net/P?
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.jsaD
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meBoot.min.js
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
unknown
 clean
https://login.microsoftonline.com
unknown
 clean
https://accdn.lpsnmedia.net/api/account/60270350/configuration/le-campaigns/zones?fields=id&fields=z
unknown
 clean
https://lpcdn.lpsnmedia.net/
unknown
 clean
https://acctcdn.msauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1
unknown
 clean
https://live.com/
unknown
 clean
https://signup.live.com/signup#
unknown
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-
unknown
 clean
https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=http
unknown
 clean
https://publisher.liveperson.net
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.html2
unknown
 clean
https://mem.gfx.ms/meversion?partner=MSHomePage&market=de-ch&uhf=1
unknown
 clean
https://dns.google
unknown
 clean
https://acctcdn.msauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js
unknown
 clean
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1a
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/
unknown
 clean
https://signup.live.com/
unknown
 clean
https://lpcdn.lpsnmedia.net
unknown
 clean
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
unknown
 clean
https://liveperson.net/
unknown
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
clean
https://acctcdn.msauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1aD
unknown
 clean
https://acctcdn.msauth.net/lightweightsignuppackage_HD5u0AbLsH5K38avjB7xTA2.js?v=1
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.11.2.min.js
unknown
 clean
https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.html
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/login.html?swgrpacvwo=tCY3gtxz3
unknown
 clean
https://liveperson.net/$Q
unknown
 clean
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/index.htmlSQLite
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.jsaD
unknown
 clean
https://acctcdn.msauth.net/oneds_Xr2D7Nex80v7A-8bxF8jgQ2.js?v=1aD
unknown
 clean
https://acctcdn.msauth.net/
unknown
 clean
https://ajax.aspnetcdn.com/
unknown
 clean
https://fpt.live.com
unknown
 clean
https://acctcdn.msauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.jsa
unknown
 clean
https://acctcdn.msauth.net/lwsignupstringscountrybirthdate_en-gb_piBRJsXgxy0DAocfwbyzaQ2.js?v=1
unknown
 clean
https://mem.gfx.ms/scripts/me/MeControl/10.21035.1/de-DE/meCore.min.js
unknown
 clean
https://live.com/r0
unknown
 clean
https://logincdn.msauth.net/16.000/content/js/MeControl_8fmFau_zfDGioPAajB3ICg2.js
unknown
 clean
https://acctcdn.msauth.net/lwsignupstringscountrybirthdate_en-us_Hu9XQvsxbdtI5Cn8ywiXCA2.js?v=1
unknown
 clean
https://acctcdn.msauth.net/images/favicon.ico?v=2
unknown
 clean
https://acctcdn.msauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.jsaD
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://fpt.live.com/?session_id=b58882512b7c40d78c42f4d88f1affac&CustomerId=33e01921-4d64-4f8c-a055
unknown
 clean
https://live.com/ko
unknown
 clean
https://acctcdn.msauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1a
unknown
 clean
https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.js
unknown
 clean
https://aadcdn.msauth.net
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://lptag.liveperson.net/lptag/api/account/60270350/configuration/applications/taglets/.jsonp?v=
unknown
 clean
https://live.com/p
unknown
 clean
https://lptag.liveperson.net/tag/tag.js?site=60270350
unknown
 clean
https://live.com/m
unknown
 clean
There are 65 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
microsoftwindows.112.2o7.net
15.237.76.117
 clean
sni1gl.wpc.alphacdn.net
152.199.21.175
 clean
dh1y47vf5ttia.cloudfront.net
13.32.25.92
 clean
cs1227.wpc.alphacdn.net
192.229.221.185
 clean
liveperson.map.fastly.net
151.101.1.192
 clean
s3-r-w.us-east-2.amazonaws.com
52.219.101.106
 clean
googlehosted.l.googleusercontent.com
172.217.168.33
 clean
logincdn.msauth.net
unknown
 clean
lpcdn.lpsnmedia.net
unknown
 clean
consentreceiverfd-prod.azurefd.net
unknown
 clean
signup.live.com
unknown
 clean
accdn.lpsnmedia.net
unknown
 clean
aadcdn.msauth.net
unknown
 clean
assets.onestore.ms
unknown
 clean
acctcdn.msauth.net
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
static-assets.fs.liveperson.com
unknown
 clean
mem.gfx.ms
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
publisher.liveperson.net
unknown
 clean
login.microsoftonline.com
unknown
 clean
fpt.live.com
unknown
 clean
lptag.liveperson.net
unknown
 clean
sandpapery-unsacredness.s3.us-east-2.amazonaws.com
unknown
 clean
acctcdn.msftauth.net
unknown
 clean
There are 15 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
52.219.101.106
s3-r-w.us-east-2.amazonaws.com
United States
clean
192.168.2.4
unknown
unknown
clean
151.101.1.192
liveperson.map.fastly.net
United States
clean
239.255.255.250
unknown
Reserved
clean
192.229.221.185
cs1227.wpc.alphacdn.net
United States
clean
172.217.168.33
googlehosted.l.googleusercontent.com
United States
clean
152.199.21.175
sni1gl.wpc.alphacdn.net
United States
clean
15.237.76.117
microsoftwindows.112.2o7.net
United States
clean
127.0.0.1
unknown
unknown
clean
13.32.25.92
dh1y47vf5ttia.cloudfront.net
United States
clean
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
dr
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
GlobalAssocChangedCounter
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
There are 40 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
BC3F1AE000
unkown
page read and write
 clean
7FF50F4F7000
unkown
page readonly
 clean
7FF4FDFCE000
unkown
page readonly
 clean
182AF39E000
unkown
page read and write
 clean
70ADF7A000
unkown
page read and write
 clean
7FF4FDC37000
unkown
page readonly
 clean
7FF5CA7AA000
unkown
page readonly
 clean
22140140000
unkown
page readonly
 clean
2120DE6D000
unkown
page read and write
 clean
7FF4FDFC8000
unkown
page readonly
 clean
1FB7423E000
unkown
page read and write
 clean
7FF5A737D000
unkown
page readonly
 clean
7FF53F126000
unkown
page readonly
 clean
7FF4F2741000
unkown
page readonly
 clean
7FF4F26BB000
unkown
page readonly
 clean
22144570000
unkown
page read and write
 clean
1FB74542000
unkown
page read and write
 clean
7FF4FDFDD000
unkown
page readonly
 clean
EE0787E000
unkown
page read and write
 clean
22144900000
unkown
page read and write
 clean
7FF5A3991000
unkown
page readonly
 clean
7FF50F896000
unkown
page readonly
 clean
7FF5CA7AE000
unkown
page readonly
 clean
E04947E000
unkown
page read and write
 clean
7FF53F45B000
unkown
page readonly
 clean
7FF5402CE000
unkown
page readonly
 clean
221449B0000
unkown
page read and write
 clean
7FF5CA7E7000
unkown
page readonly
 clean
7FF5B162B000
unkown
page readonly
 clean
221449A0000
unkown
page read and write
 clean
221449C0000
unkown
page read and write
 clean
1DA0E070000
heap private
page read and write
 clean
7FF5B1887000
unkown
page readonly
 clean
22144661000
unkown
page read and write
 clean
70ADD7A000
unkown
page read and write
 clean
7FF54002B000
unkown
page readonly
 clean
241A3D20000
unkown
page readonly
 clean
182AF36E000
unkown
page read and write
 clean
70ADEFB000
unkown
page read and write
 clean
7FF5B18A7000
unkown
page readonly
 clean
182AF325000
unkown
page read and write
 clean
1FB75010000
unkown
page read and write
 clean
221445A0000
unkown
page read and write
 clean
8FB88FB000
unkown
page read and write
 clean
853CFE000
unkown
page read and write
 clean
7FF4F2944000
unkown
page readonly
 clean
7FF504749000
unkown
page readonly
 clean
1553A200000
unkown
page readonly
 clean
1DA0FBC0000
unkown
page read and write
 clean
A679778000
unkown
page read and write
 clean
182AF385000
unkown
page read and write
 clean
182AED02000
unkown
page read and write
 clean
7FF4F292C000
unkown
page readonly
 clean
19706CD0000
unkown
page readonly
 clean
D36DB7A000
unkown
page read and write
 clean
1FB7203F000
unkown
page read and write
 clean
221449D0000
unkown
page read and write
 clean
2213F292000
unkown
page read and write
 clean
7FF53F4C4000
unkown
page readonly
 clean
7FF4F2195000
unkown
page readonly
 clean
1FB74502000
unkown
page read and write
 clean
15539855000
unkown
page read and write
 clean
7FF53F5CE000
unkown
page readonly
 clean
2120DD30000
unkown
page readonly
 clean
7FF53F565000
unkown
page readonly
 clean
1FB75410000
unkown
page read and write
 clean
22144A10000
unkown
page readonly
 clean
1E187B000
unkown
page read and write
 clean
241A1EE6000
unkown
page read and write
 clean
1FB74050000
unkown
page readonly
 clean
70ADAFD000
unkown
page read and write
 clean
7FF5CA71C000
unkown
page readonly
 clean
1FB73FC2000
unkown
page read and write
 clean
7FF5B17BD000
unkown
page readonly
 clean
7FF5CA385000
unkown
page readonly
 clean
7FF5A38A0000
unkown
page readonly
 clean
1FB74050000
unkown
page read and write
 clean
EE07975000
unkown
page read and write
 clean
7FF5CA7B5000
unkown
page readonly
 clean
27F96000000
unkown
page readonly
 clean
7FF4F26DF000
unkown
page readonly
 clean
28353E00000
unkown
page read and write
 clean
70AD97A000
unkown
page read and write
 clean
241A1F14000
unkown
page read and write
 clean
7FF50F701000
unkown
page readonly
 clean
182AF35F000
unkown
page read and write
 clean
7FF5049E1000
unkown
page readonly
 clean
1FB75310000
unkown
page read and write
 clean
7FF4F2581000
unkown
page readonly
 clean
1FB75210000
unkown
page read and write
 clean
7FF5873E0000
unkown
page readonly
 clean
7FF50F71B000
unkown
page readonly
 clean
7FF53F55E000
unkown
page readonly
 clean
1DA0FCC0000
unkown
page readonly
 clean
7FF4FDF02000
unkown
page readonly
 clean
7FF587BB4000
unkown
page readonly
 clean
7FF4F26FD000
unkown
page readonly
 clean
7FF4F295F000
unkown
page readonly
 clean
1FB73F4F000
unkown
page read and write
 clean
22144969000
unkown
page write copy
 clean
7FF5877A6000
unkown
page readonly
 clean
1553A002000
unkown
page read and write
 clean
19706A4B000
unkown
page read and write
 clean
7FF53F5AA000
unkown
page readonly
 clean
2213F400000
unkown
page readonly
 clean
70AD77B000
unkown
page read and write
 clean
7FF53F54C000
unkown
page readonly
 clean
22140150000
unkown
page readonly
 clean
182AEC50000
unkown
page read and write
 clean
7FF5CA79A000
unkown
page readonly
 clean
7FF587C3F000
unkown
page readonly
 clean
7FF587752000
unkown
page readonly
 clean
7FF5048F0000
unkown
page readonly
 clean
182AF343000
unkown
page read and write
 clean
1FB75110000
unkown
page read and write
 clean
19706A29000
unkown
page read and write
 clean
7FF4F26D8000
unkown
page readonly
 clean
1FB742C7000
unkown
page read and write
 clean
7FF5B16A6000
unkown
page readonly
 clean
182AEC00000
unkown
page read and write
 clean
182AF35F000
unkown
page read and write
 clean
28619602000
unkown
page read and write
 clean
28619629000
unkown
page read and write
 clean
EE07A7A000
unkown
page read and write
 clean
7FF5C015D000
unkown
page readonly
 clean
1FB72102000
unkown
page read and write
 clean
7FF4F2591000
unkown
page readonly
 clean
7FF50F82B000
unkown
page readonly
 clean
7FF4F221C000
unkown
page readonly
 clean
7FF5C00E5000
unkown
page readonly
 clean
7FF5B16C1000
unkown
page readonly
 clean
7FF5A38CF000
unkown
page readonly
 clean
7FF5A379B000
unkown
page readonly
 clean
70AD67A000
unkown
page read and write
 clean
22144560000
unkown
page read and write
 clean
EE0751B000
unkown
page read and write
 clean
7FF5A78DB000
unkown
page readonly
 clean
2214461C000
unkown
page read and write
 clean
48F54F9000
unkown
page read and write
 clean
7FF5046C8000
unkown
page readonly
 clean
70ADC7A000
unkown
page read and write
 clean
7FF587A21000
unkown
page readonly
 clean
182AEAE0000
unkown
page readonly
 clean
7FF5A3992000
unkown
page readonly
 clean
1FB74263000
unkown
page read and write
 clean
7FF5877F5000
unkown
page readonly
 clean
854478000
unkown
page read and write
 clean
241A3E02000
unkown
page read and write
 clean
7FF5CA829000
unkown
page readonly
 clean
7FF5CA80F000
unkown
page readonly
 clean
7FF5B18E1000
unkown
page readonly
 clean
7FF5045BA000
unkown
page readonly
 clean
7FF4F2976000
unkown
page readonly
 clean
19706B08000
unkown
page read and write
 clean
241A1E53000
unkown
page read and write
 clean
7FF4F2198000
unkown
page readonly
 clean
7FF5A3908000
unkown
page readonly
 clean
182AF365000
unkown
page read and write
 clean
7FF4F27A5000
unkown
page readonly
 clean
27F95AE0000
unkown
page readonly
 clean
182AECA7000
unkown
page read and write
 clean
7FF5CA6FD000
unkown
page readonly
 clean
7FF53F56B000
unkown
page readonly
 clean
2861966C000
unkown
page read and write
 clean
7FF5B1875000
unkown
page readonly
 clean
221444E0000
unkown
page read and write
 clean
7FF5A389A000
unkown
page readonly
 clean
853C7E000
unkown
page read and write
 clean
2213F900000
unkown
page read and write
 clean
7FF5B183F000
unkown
page readonly
 clean
50BFE7B000
unkown
page read and write
 clean
7FF50F723000
unkown
page readonly
 clean
182AEBD0000
unkown
page read and write
 clean
7FF50493A000
unkown
page readonly
 clean
7FF4F29E4000
unkown
page readonly
 clean
22144968000
unkown
page read and write
 clean
7FF4F284D000
unkown
page readonly
 clean
7FF587BCC000
unkown
page readonly
 clean
8FB8B7E000
unkown
page read and write
 clean
241A1EFF000
unkown
page read and write
 clean
7FF53F644000
unkown
page readonly
 clean
7FF5402D8000
unkown
page readonly
 clean
241A1EFB000
unkown
page read and write
 clean
7FF5BFDBA000
unkown
page readonly
 clean
7FF5B176B000
unkown
page readonly
 clean
7FF4FDE63000
unkown
page readonly
 clean
7FF5CA89A000
unkown
page readonly
 clean
7FF53F4CC000
unkown
page readonly
 clean
7FF53F651000
unkown
page readonly
 clean
22144A20000
unkown
page readonly
 clean
7FF504882000
unkown
page readonly
 clean
182AF37F000
unkown
page read and write
 clean
22144908000
unkown
page read and write
 clean
7FF5879A6000
unkown
page readonly
 clean
7FF50F912000
unkown
page readonly
 clean
2213F1C0000
unkown
page readonly
 clean
2120DE29000
unkown
page read and write
 clean
241A1E13000
unkown
page read and write
 clean
1FB74243000
unkown
page read and write
 clean
1FB75010000
unkown
page read and write
 clean
241A3F83000
unkown
page read and write
 clean
182AF387000
unkown
page read and write
 clean
241A3D30000
unkown
page read and write
 clean
1FB720A1000
unkown
page read and write
 clean
182AF369000
unkown
page read and write
 clean
19706B00000
unkown
page read and write
 clean
7FF5C01D2000
unkown
page readonly
 clean
27F95A70000
heap private
page read and write
 clean
7FF5A3617000
unkown
page readonly
 clean
70AD5FA000
unkown
page read and write
 clean
7FF587537000
unkown
page readonly
 clean
7FF53ED60000
unkown
page readonly
 clean
182AF802000
unkown
page read and write
 clean
70ADB7A000
unkown
page read and write
 clean
182AF362000
unkown
page read and write
 clean
7FF5048B3000
unkown
page readonly
 clean
27F975C0000
unkown
page read and write
 clean
28354602000
unkown
page read and write
 clean
182AF386000
unkown
page read and write
 clean
7FF587BE5000
unkown
page readonly
 clean
155396F0000
unkown
page readonly
 clean
1FB720A7000
unkown
page read and write
 clean
7FF587BCA000
unkown
page readonly
 clean
7FF50F84C000
unkown
page readonly
 clean
7FF4FD7BD000
unkown
page readonly
 clean
7FF504969000
unkown
page readonly
 clean
2213F7F0000
unkown
page read and write
 clean
E4D738E000
unkown
page read and write
 clean
1FB71FE0000
unkown
page readonly
 clean
182AEC3C000
unkown
page read and write
 clean
1FB73AA0000
unkown
page readonly
 clean
7FF587C4E000
unkown
page readonly
 clean
2213F213000
unkown
page read and write
 clean
1FB73F9F000
unkown
page read and write
 clean
2417B0B0000
unkown
page read and write
 clean
2213F276000
unkown
page read and write
 clean
2214465B000
unkown
page read and write
 clean
7FF5045AC000
unkown
page readonly
 clean
7FF50F4EA000
unkown
page readonly
 clean
7FF5A7B20000
unkown
page readonly
 clean
7FF50F81E000
unkown
page readonly
 clean
D36D79E000
unkown
page read and write
 clean
7FF5B1636000
unkown
page readonly
 clean
7FF4FDC2A000
unkown
page readonly
 clean
7FF50494E000
unkown
page readonly
 clean
182AF802000
unkown
page read and write
 clean
7FF4FDF5E000
unkown
page readonly
 clean
1FB73F00000
unkown
page read and write
 clean
1DA0E200000
unkown
page read and write
 clean
7FF4F28A0000
unkown
page readonly
 clean
1FB72000000
unkown
page read and write
 clean
E0492FE000
unkown
page read and write
 clean
7FF5046CF000
unkown
page readonly
 clean
1E18FE000
unkown
page read and write
 clean
22144613000
unkown
page read and write
 clean
7FF4F28C3000
unkown
page readonly
 clean
1FB742CA000
unkown
page read and write
 clean
A679CFF000
unkown
page read and write
 clean
7FF587BDE000
unkown
page readonly
 clean
7FF4F2792000
unkown
page readonly
 clean
7FF5B183B000
unkown
page readonly
 clean
7FF50F86A000
unkown
page readonly
 clean
2417B12D000
unkown
page read and write
 clean
7FF5047F3000
unkown
page readonly
 clean
7FF4FDD1B000
unkown
page readonly
 clean
7FF50F81A000
unkown
page readonly
 clean
50BFEFE000
unkown
page read and write
 clean
7FF4FE044000
unkown
page readonly
 clean
7FF53F45E000
unkown
page readonly
 clean
7FF5A391D000
unkown
page readonly
 clean
2213F27B000
unkown
page read and write
 clean
7FF5A7B91000
unkown
page readonly
 clean
7FF5A7C11000
unkown
page readonly
 clean
1FB75310000
unkown
page read and write
 clean
22144574000
unkown
page read and write
 clean
28353F08000
unkown
page read and write
 clean
7FF5CA527000
unkown
page readonly
 clean
7FF5B186E000
unkown
page readonly
 clean
7FF5B1751000
unkown
page readonly
 clean
182AF400000
unkown
page readonly
 clean
7FF5A7B58000
unkown
page readonly
 clean
7FF4F2846000
unkown
page readonly
 clean
27F95BB0000
unkown
page write copy
 clean
1FB74542000
unkown
page read and write
 clean
7FF5874E1000
unkown
page readonly
 clean
7FF5400C9000
unkown
page readonly
 clean
7FF5877B5000
unkown
page readonly
 clean
2120F800000
unkown
page read and write
 clean
7FF587ADE000
unkown
page readonly
 clean
241A3F02000
unkown
page read and write
 clean
241A1D60000
heap default
page read and write
 clean
7FF5048CF000
unkown
page readonly
 clean
1FB74302000
unkown
page read and write
 clean
1FB742C5000
unkown
page read and write
 clean
1DA0E600000
unkown
page readonly
 clean
22144571000
unkown
page read and write
 clean
D36DA7F000
unkown
page read and write
 clean
2417B117000
unkown
page read and write
 clean
241A3D30000
unkown
page read and write
 clean
7FF50F728000
unkown
page readonly
 clean
7FF5BFA37000
unkown
page readonly
 clean
182AF33E000
unkown
page read and write
 clean
15539802000
unkown
page read and write
 clean
221445D0000
unkown
page readonly
 clean
7FF587533000
unkown
page readonly
 clean
22144570000
unkown
page read and write
 clean
7FF5BFA33000
unkown
page readonly
 clean
7FF587CC4000
unkown
page readonly
 clean
182AF366000
unkown
page read and write
 clean
7FF5A7979000
unkown
page readonly
 clean
7FF4F2905000
unkown
page readonly
 clean
1DA0E229000
unkown
page read and write
 clean
182AF384000
unkown
page read and write
 clean
182AEA00000
heap default
page read and write
 clean
2213F918000
unkown
page read and write
 clean
1FB75000000
unkown
page read and write
 clean
7FF504927000
unkown
page readonly
 clean
27F95C29000
unkown
page read and write
 clean
182AF35C000
unkown
page read and write
 clean
7FF5A7945000
unkown
page readonly
 clean
7FF5878BA000
unkown
page readonly
 clean
7FF5B1954000
unkown
page readonly
 clean
221445A4000
unkown
page read and write
 clean
70ADCFA000
unkown
page read and write
 clean
22144924000
unkown
page read and write
 clean
1FB73F6B000
unkown
page read and write
 clean
241A3CD0000
heap private
page read and write
 clean
70AE27C000
unkown
page read and write
 clean
7FF53F5C8000
unkown
page readonly
 clean
2120DF13000
unkown
page read and write
 clean
7FF5C014E000
unkown
page readonly
 clean
2120DCC0000
heap private
page read and write
 clean
1FB74236000
unkown
page read and write
 clean
7FF4FDF77000
unkown
page readonly
 clean
7FF5A38F4000
unkown
page readonly
 clean
7FF5402C4000
unkown
page readonly
 clean
7FF587742000
unkown
page readonly
 clean
7FF5B1812000
unkown
page readonly
 clean
1FB720FA000
unkown
page read and write
 clean
182AF323000
unkown
page read and write
 clean
7FF5CA6AB000
unkown
page readonly
 clean
28619700000
unkown
page read and write
 clean
7FF4FDF8C000
unkown
page readonly
 clean
7FF5879E0000
unkown
page readonly
 clean
7FF53F55A000
unkown
page readonly
 clean
241A3D30000
unkown
page read and write
 clean
182AF3BA000
unkown
page read and write
 clean
27F95D02000
unkown
page read and write
 clean
28619702000
unkown
page read and write
 clean
EE0759E000
unkown
page read and write
 clean
1FB742CB000
unkown
page read and write
 clean
1FB74502000
unkown
page read and write
 clean
7FF4F224E000
unkown
page readonly
 clean
7FF4F2462000
unkown
page readonly
 clean
7FF4F29EA000
unkown
page readonly
 clean
7FF5A7B8E000
unkown
page readonly
 clean
19706A52000
unkown
page read and write
 clean
7FF504966000
unkown
page readonly
 clean
19706A00000
unkown
page read and write
 clean
2120DE6F000
unkown
page read and write
 clean
E4D7A7F000
unkown
page read and write
 clean
7FF53F58C000
unkown
page readonly
 clean
182AF37F000
unkown
page read and write
 clean
182AF338000
unkown
page read and write
 clean
182AF35A000
unkown
page read and write
 clean
7FF587ADB000
unkown
page readonly
 clean
1FB7207B000
unkown
page read and write
 clean
7FF50F888000
unkown
page readonly
 clean
7FF587BAB000
unkown
page readonly
 clean
2120E250000
unkown
page readonly
 clean
7FF4F267F000
unkown
page readonly
 clean
7FF5402E6000
unkown
page readonly
 clean
22140040000
unkown
page read and write
 clean
7FF54035A000
unkown
page readonly
 clean
7FF5B185C000
unkown
page readonly
 clean
7FF4FDE41000
unkown
page readonly
 clean
182AF35F000
unkown
page read and write
 clean
8FB87F5000
unkown
page read and write
 clean
28619654000
unkown
page read and write
 clean
19707202000
unkown
page read and write
 clean
1FB74212000
unkown
page read and write
 clean
7FF50F891000
unkown
page readonly
 clean
19706A50000
unkown
page read and write
 clean
22140180000
unkown
page readonly
 clean
7FF5A38AB000
unkown
page readonly
 clean
182AF331000
unkown
page read and write
 clean
7FF53F4B3000
unkown
page readonly
 clean
7FF5A7AC0000
unkown
page readonly
 clean
182AF381000
unkown
page read and write
 clean
7FF587957000
unkown
page readonly
 clean
7FF504452000
unkown
page readonly
 clean
182AF37D000
unkown
page read and write
 clean
7FF5B1691000
unkown
page readonly
 clean
7FF4FDD85000
unkown
page readonly
 clean
28353DF0000
unkown
page read and write
 clean
241A3970000
unkown
page readonly
 clean
182AEE00000
unkown
page readonly
 clean
7FF5049DA000
unkown
page readonly
 clean
7FF4F28FA000
unkown
page readonly
 clean
A679EFC000
unkown
page read and write
 clean
7FF5402E1000
unkown
page readonly
 clean
1FB720B5000
unkown
page read and write
 clean
182AECD3000
unkown
page read and write
 clean
7FF5B18D8000
unkown
page readonly
 clean
E4D77FA000
unkown
page read and write
 clean
7FF5B164F000
unkown
page readonly
 clean
BC3F4FA000
unkown
page read and write
 clean
1DA0E400000
unkown
page readonly
 clean
1FB75110000
unkown
page read and write
 clean
1DA0E0D0000
heap default
page read and write
 clean
22144600000
unkown
page read and write
 clean
182AF322000
unkown
page read and write
 clean
7FF587C17000
unkown
page readonly
 clean
7FF50F7C0000
unkown
page readonly
 clean
1553983C000
unkown
page read and write
 clean
182AF354000
unkown
page read and write
 clean
1FB73F49000
unkown
page read and write
 clean
19706C00000
unkown
page readonly
 clean
BC3F67E000
unkown
page read and write
 clean
1FB720BF000
unkown
page read and write
 clean
7FF5A38D7000
unkown
page readonly
 clean
1FB74584000
unkown
page read and write
 clean
1FB74080000
unkown
page readonly
 clean
2213F815000
unkown
page read and write
 clean
2120FC70000
unkown
page read and write
 clean
241A1E29000
unkown
page read and write
 clean
7FF50F90A000
unkown
page readonly
 clean
7FF53F58F000
unkown
page readonly
 clean
7FF5A77EF000
unkown
page readonly
 clean
7FF4FDF6B000
unkown
page readonly
 clean
2120DE73000
unkown
page read and write
 clean
A679B7F000
unkown
page read and write
 clean
22144620000
unkown
page read and write
 clean
28353E13000
unkown
page read and write
 clean
7FF4F29F2000
unkown
page readonly
 clean
182AF760000
unkown
page read and write
 clean
48F547A000
unkown
page read and write
 clean
7FF587BBF000
unkown
page readonly
 clean
7FF5B18E9000
unkown
page readonly
 clean
7FF5048EA000
unkown
page readonly
 clean
1FB72073000
unkown
page read and write
 clean
28353C90000
heap private
page read and write
 clean
2213F2FD000
unkown
page read and write
 clean
2214467B000
unkown
page read and write
 clean
182AF385000
unkown
page read and write
 clean
7FF587A31000
unkown
page readonly
 clean
1FB720A9000
unkown
page read and write
 clean
7FF5049D4000
unkown
page readonly
 clean
1FB73F5D000
unkown
page read and write
 clean
182AEC70000
unkown
page read and write
 clean
1E19F9000
unkown
page read and write
 clean
7FF504934000
unkown
page readonly
 clean
7FF4F2556000
unkown
page readonly
 clean
7FF540361000
unkown
page readonly
 clean
7FF4F2734000
unkown
page readonly
 clean
7FF53F5D9000
unkown
page readonly
 clean
22140130000
unkown
page readonly
 clean
2120DE00000
unkown
page read and write
 clean
A6798FA000
unkown
page read and write
 clean
E4D78FD000
unkown
page read and write
 clean
7FF5CA653000
unkown
page readonly
 clean
7FF5CA804000
unkown
page readonly
 clean
2213FB01000
unkown
page read and write
 clean
2214490E000
unkown
page read and write
 clean
BC3F47E000
unkown
page read and write
 clean
1DA0E0E0000
unkown
page readonly
 clean
182AED13000
unkown
page read and write
 clean
1FB7423E000
unkown
page read and write
 clean
50C00FE000
unkown
page read and write
 clean
70AD1AE000
unkown
page read and write
 clean
7FF5A3475000
unkown
page readonly
 clean
2861967B000
unkown
page read and write
 clean
182AF331000
unkown
page read and write
 clean
7FF5A37F3000
unkown
page readonly
 clean
241A1DC0000
unkown
page readonly
 clean
7FF5A3984000
unkown
page readonly
 clean
7FF5B152C000
unkown
page readonly
 clean
7FF5B18E6000
unkown
page readonly
 clean
7FF5A7C04000
unkown
page readonly
 clean
241A1F02000
unkown
page read and write
 clean
1FB72200000
unkown
page readonly
 clean
8540FE000
unkown
page read and write
 clean
221404C0000
unkown
page read and write
 clean
7FF53FF2C000
unkown
page readonly
 clean
7FF5048C4000
unkown
page readonly
 clean
7FF587C56000
unkown
page readonly
 clean
7FF5B18C4000
unkown
page readonly
 clean
7FF4F2517000
unkown
page readonly
 clean
241A1E87000
unkown
page read and write
 clean
182AF338000
unkown
page read and write
 clean
182AF32D000
unkown
page read and write
 clean
7FF50F825000
unkown
page readonly
 clean
7FF5B18DE000
unkown
page readonly
 clean
221449C0000
unkown
page readonly
 clean
182AF37F000
unkown
page read and write
 clean
7FF587C48000
unkown
page readonly
 clean
7FF5CA6AE000
unkown
page readonly
 clean
28619600000
unkown
page read and write
 clean
182AEC13000
unkown
page read and write
 clean
7FF504731000
unkown
page readonly
 clean
27F95C57000
unkown
page read and write
 clean
182AF36E000
unkown
page read and write
 clean
155397E0000
unkown
page read and write
 clean
182AF3C6000
unkown
page read and write
 clean
1FB74500000
unkown
page read and write
 clean
182AED08000
unkown
page read and write
 clean
70AE07F000
unkown
page read and write
 clean
7FF4FDE5B000
unkown
page readonly
 clean
182AF349000
unkown
page read and write
 clean
7FF5B153A000
unkown
page readonly
 clean
221449C0000
unkown
page read and write
 clean
15539680000
heap private
page read and write
 clean
182AF363000
unkown
page read and write
 clean
1553986F000
unkown
page read and write
 clean
7FF53FF3F000
unkown
page readonly
 clean
22144647000
unkown
page read and write
 clean
7FF5CA376000
unkown
page readonly
 clean
7FF5A3460000
unkown
page readonly
 clean
7FF53F597000
unkown
page readonly
 clean
7FF54029F000
unkown
page readonly
 clean
19706A02000
unkown
page read and write
 clean
7FF4FDFAA000
unkown
page readonly
 clean
2120DE02000
unkown
page read and write
 clean
1DA0E1B0000
unkown
page write copy
 clean
7FF587AC1000
unkown
page readonly
 clean
7FF5A3743000
unkown
page readonly
 clean
7FF587C59000
unkown
page readonly
 clean
2417B12C000
unkown
page read and write
 clean
1FB73E02000
unkown
page read and write
 clean
22144560000
unkown
page read and write
 clean
182AF325000
unkown
page read and write
 clean
2120DE42000
unkown
page read and write
 clean
1FB739A0000
unkown
page read and write
 clean
1DA0E213000
unkown
page read and write
 clean
7FF5CA79C000
unkown
page readonly
 clean
7FF587B44000
unkown
page readonly
 clean
7FF50491F000
unkown
page readonly
 clean
1FB75110000
unkown
page read and write
 clean
7FF53FF3A000
unkown
page readonly
 clean
7FF5A77F7000
unkown
page readonly
 clean
182AF35E000
unkown
page read and write
 clean
1FB74300000
unkown
page read and write
 clean
7FF587AE8000
unkown
page readonly
 clean
2120DE73000
unkown
page read and write
 clean
7FF5B189C000
unkown
page readonly
 clean
7FF5A77EA000
unkown
page readonly
 clean
7FF5CA601000
unkown
page readonly
 clean
1DA0E259000
unkown
page read and write
 clean
853DF5000
unkown
page read and write
 clean
241A1E00000
unkown
page read and write
 clean
7FF504892000
unkown
page readonly
 clean
7FF5B195A000
unkown
page readonly
 clean
182AF35A000
unkown
page read and write
 clean
7FF5CA703000
unkown
page readonly
 clean
1FB73F3E000
unkown
page read and write
 clean
50BF97B000
unkown
page read and write
 clean
7FF4FE052000
unkown
page readonly
 clean
48F513E000
unkown
page read and write
 clean
7FF504961000
unkown
page readonly
 clean
7FF504890000
unkown
page readonly
 clean
19706A63000
unkown
page read and write
 clean
70AD0AB000
unkown
page read and write
 clean
2213F0E0000
unkown
page readonly
 clean
2120F900000
unkown
page readonly
 clean
182AF3C2000
unkown
page read and write
 clean
7FF50488C000
unkown
page readonly
 clean
7FF4F2968000
unkown
page readonly
 clean
241A5000000
unkown
page readonly
 clean
8FB867E000
unkown
page read and write
 clean
7FF5B1870000
unkown
page readonly
 clean
2417B0D0000
unkown
page read and write
 clean
7FF5A7B25000
unkown
page readonly
 clean
241A1D70000
unkown
page write copy
 clean
7FF4F25E7000
unkown
page readonly
 clean
2417B2F0000
heap private
page read and write
 clean
241A1D00000
heap private
page read and write
 clean
853FF7000
unkown
page read and write
 clean
7FF4F25EA000
unkown
page readonly
 clean
7FF504741000
unkown
page readonly
 clean
7FF540354000
unkown
page readonly
 clean
7FF5876BE000
unkown
page readonly
 clean
182AF321000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
7FF540178000
unkown
page readonly
 clean
2417B116000
unkown
page read and write
 clean
28353E8F000
unkown
page read and write
 clean
28354800000
unkown
page readonly
 clean
7FF587C34000
unkown
page readonly
 clean
7FF504711000
unkown
page readonly
 clean
7FF5CA7B0000
unkown
page readonly
 clean
7FF540212000
unkown
page readonly
 clean
D36DC7F000
unkown
page read and write
 clean
28353E8B000
unkown
page read and write
 clean
182AF35C000
unkown
page read and write
 clean
7FF4F26AA000
unkown
page readonly
 clean
22144684000
unkown
page read and write
 clean
7FF5C0124000
unkown
page readonly
 clean
7FF5B16B1000
unkown
page readonly
 clean
2213F010000
unkown
page readonly
 clean
7FF53F5DD000
unkown
page readonly
 clean
1DA0E254000
unkown
page read and write
 clean
E4D79FE000
unkown
page read and write
 clean
7FF50F88E000
unkown
page readonly
 clean
1553988B000
unkown
page read and write
 clean
8539EB000
unkown
page read and write
 clean
7FF587C2A000
unkown
page readonly
 clean
7FF587CCA000
unkown
page readonly
 clean
241A3D30000
unkown
page read and write
 clean
1FB73FC0000
unkown
page read and write
 clean
8FB8A77000
unkown
page read and write
 clean
853EF8000
unkown
page read and write
 clean
7FF5CA81E000
unkown
page readonly
 clean
1FB71E90000
unkown
page readonly
 clean
A6799FF000
unkown
page read and write
 clean
19707740000
unkown
page readonly
 clean
7FF53F577000
unkown
page readonly
 clean
2417AFE0000
unkown
page readonly
 clean
27F95C13000
unkown
page read and write
 clean
7FF5B10CD000
unkown
page readonly
 clean
7FF4F2900000
unkown
page readonly
 clean
7FF587B2D000
unkown
page readonly
 clean
7FF587BE0000
unkown
page readonly
 clean
22144550000
unkown
page read and write
 clean
7FF53F4AD000
unkown
page readonly
 clean
22144800000
unkown
page read and write
 clean
A679AFB000
unkown
page read and write
 clean
241A4010000
unkown
page read and write
 clean
182AF3C0000
unkown
page read and write
 clean
7FF504724000
unkown
page readonly
 clean
7FF5CA8A1000
unkown
page readonly
 clean
1FB73F6C000
unkown
page read and write
 clean
7FF5C012A000
unkown
page readonly
 clean
7FF50F87E000
unkown
page readonly
 clean
7FF587A14000
unkown
page readonly
 clean
7FF5C010C000
unkown
page readonly
 clean
7FF5C00EB000
unkown
page readonly
 clean
7FF4FDFB4000
unkown
page readonly
 clean
27F976C0000
unkown
page readonly
 clean
70ADE7B000
unkown
page read and write
 clean
2120E000000
unkown
page write copy
 clean
7FF5A3804000
unkown
page readonly
 clean
182AF760000
unkown
page read and write
 clean
7FF4F28EA000
unkown
page readonly
 clean
19706B13000
unkown
page read and write
 clean
7FF5048F5000
unkown
page readonly
 clean
182AF316000
unkown
page read and write
 clean
2417B0F0000
heap default
page read and write
 clean
182AF342000
unkown
page read and write
 clean
7FF5A7B74000
unkown
page readonly
 clean
182AECD6000
unkown
page read and write
 clean
182AF760000
unkown
page read and write
 clean
7FF5A7B1E000
unkown
page readonly
 clean
7FF4FE051000
unkown
page readonly
 clean
7FF4F28D4000
unkown
page readonly
 clean
70AD8FB000
unkown
page read and write
 clean
7FF4F215D000
unkown
page readonly
 clean
7FF5A7B2B000
unkown
page readonly
 clean
BC3F579000
unkown
page read and write
 clean
182AF366000
unkown
page read and write
 clean
197069B0000
unkown
page readonly
 clean
7FF5C01C4000
unkown
page readonly
 clean
7FF5048DC000
unkown
page readonly
 clean
7FF5CA82D000
unkown
page readonly
 clean
1FB74294000
unkown
page read and write
 clean
2417B101000
unkown
page read and write
 clean
D36DBFE000
unkown
page read and write
 clean
1FB7208E000
unkown
page read and write
 clean
7FF53F3B1000
unkown
page readonly
 clean
1FB73F18000
unkown
page read and write
 clean
1DA0E302000
unkown
page read and write
 clean
241A3F00000
unkown
page read and write
 clean
1FB75410000
unkown
page read and write
 clean
7FF5A38CC000
unkown
page readonly
 clean
15539913000
unkown
page read and write
 clean
7FF540091000
unkown
page readonly
 clean
182AF381000
unkown
page read and write
 clean
7FF4FDE68000
unkown
page readonly
 clean
BC3F5FE000
unkown
page read and write
 clean
182AECD0000
unkown
page read and write
 clean
1FB74200000
unkown
page read and write
 clean
1FB72133000
unkown
page read and write
 clean
7FF50F874000
unkown
page readonly
 clean
182AF3BA000
unkown
page read and write
 clean
2861B170000
unkown
page readonly
 clean
182AEC29000
unkown
page read and write
 clean
7FF4F292F000
unkown
page readonly
 clean
7FF58774E000
unkown
page readonly
 clean
182AF320000
unkown
page read and write
 clean
182AF331000
unkown
page read and write
 clean
182AF343000
unkown
page read and write
 clean
221445F0000
unkown
page read and write
 clean
182AF327000
unkown
page read and write
 clean
2213FB81000
unkown
page read and write
 clean
1FB72072000
unkown
page read and write
 clean
7FF5047D1000
unkown
page readonly
 clean
2213F913000
unkown
page read and write
 clean
7FF5A7B4F000
unkown
page readonly
 clean
221445D4000
unkown
page read and write
 clean
7FF50F904000
unkown
page readonly
 clean
7FF53F560000
unkown
page readonly
 clean
2214462E000
unkown
page read and write
 clean
7FF4F2979000
unkown
page readonly
 clean
7FF50F911000
unkown
page readonly
 clean
7FF4F290B000
unkown
page readonly
 clean
7FF50483D000
unkown
page readonly
 clean
1FB74050000
unkown
page read and write
 clean
7FF53F403000
unkown
page readonly
 clean
22140170000
unkown
page readonly
 clean
2861B070000
unkown
page read and write
 clean
48F50BB000
unkown
page read and write
 clean
182AF800000
unkown
page read and write
 clean
1FB72187000
unkown
page read and write
 clean
7FF540287000
unkown
page readonly
 clean
7FF4F286C000
unkown
page readonly
 clean
182AF35B000
unkown
page read and write
 clean
7FF4FDF23000
unkown
page readonly
 clean
182AEBC0000
unkown
page readonly
 clean
182AF360000
unkown
page read and write
 clean
182AF802000
unkown
page read and write
 clean
7FF53F652000
unkown
page readonly
 clean
7FF5A38E4000
unkown
page readonly
 clean
182AF384000
unkown
page read and write
 clean
7FF5C013E000
unkown
page readonly
 clean
182AF331000
unkown
page read and write
 clean
22144602000
unkown
page read and write
 clean
70ADBFB000
unkown
page read and write
 clean
2214463A000
unkown
page read and write
 clean
241A1EC4000
unkown
page read and write
 clean
22144990000
unkown
page read and write
 clean
7FF5A7A01000
unkown
page readonly
 clean
7FF5C01CA000
unkown
page readonly
 clean
50BFFF7000
unkown
page read and write
 clean
1FB74070000
unkown
page readonly
 clean
7FF587CD2000
unkown
page readonly
 clean
7FF5A37ED000
unkown
page readonly
 clean
7FF5048FB000
unkown
page readonly
 clean
48F51BF000
unkown
page read and write
 clean
1FB73F71000
unkown
page read and write
 clean
7FF5B18CE000
unkown
page readonly
 clean
7FF53F54A000
unkown
page readonly
 clean
7FF540151000
unkown
page readonly
 clean
7FF5B185A000
unkown
page readonly
 clean
2417B2F5000
heap private
page read and write
 clean
7FF4F2201000
unkown
page readonly
 clean
27F95E00000
unkown
page readonly
 clean
2213F278000
unkown
page read and write
 clean
7FF4FDF8F000
unkown
page readonly
 clean
7FF5A7A28000
unkown
page readonly
 clean
7FF5B1171000
unkown
page readonly
 clean
22144921000
unkown
page read and write
 clean
7FF5B13D2000
unkown
page readonly
 clean
E0493FA000
unkown
page read and write
 clean
1FB75210000
unkown
page read and write
 clean
182AF364000
unkown
page read and write
 clean
7FF50F679000
unkown
page readonly
 clean
182AF35C000
unkown
page read and write
 clean
19706A3C000
unkown
page read and write
 clean
7FF5CA894000
unkown
page readonly
 clean
7FF5B186A000
unkown
page readonly
 clean
7FF4F28DF000
unkown
page readonly
 clean
182AF740000
unkown
page readonly
 clean
1FB73F88000
unkown
page read and write
 clean
7FF540275000
unkown
page readonly
 clean
1FB74482000
unkown
page read and write
 clean
283544A0000
unkown
page readonly
 clean
E4D7879000
unkown
page read and write
 clean
182AF341000
unkown
page read and write
 clean
182AF327000
unkown
page read and write
 clean
2213FF60000
unkown
page read and write
 clean
7FF5402ED000
unkown
page readonly
 clean
7FF54026E000
unkown
page readonly
 clean
1FB72148000
unkown
page read and write
 clean
1FB71F60000
unkown
page write copy
 clean
1FB73F1E000
unkown
page read and write
 clean
28353DD0000
unkown
page readonly
 clean
7FF5A3916000
unkown
page readonly
 clean
15539902000
unkown
page read and write
 clean
7FF5CA691000
unkown
page readonly
 clean
7FF50F07D000
unkown
page readonly
 clean
7FF58799B000
unkown
page readonly
 clean
27F95C02000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
7FF50F89D000
unkown
page readonly
 clean
2213F1E0000
unkown
page read and write
 clean
7FF5C0118000
unkown
page readonly
 clean
2213F958000
unkown
page read and write
 clean
7FF5A38B7000
unkown
page readonly
 clean
7FF5A7A1B000
unkown
page readonly
 clean
7FF4FDF65000
unkown
page readonly
 clean
7FF5CA01D000
unkown
page readonly
 clean
2213F7D1000
unkown
page read and write
 clean
7FF5B1449000
unkown
page readonly
 clean
7FF5CA7C7000
unkown
page readonly
 clean
7FF4FE04A000
unkown
page readonly
 clean
50C01FF000
unkown
page read and write
 clean
7FF5048EE000
unkown
page readonly
 clean
182AF802000
unkown
page read and write
 clean
182AF33F000
unkown
page read and write
 clean
7FF540036000
unkown
page readonly
 clean
28353DE0000
unkown
page readonly
 clean
BC3F12B000
unkown
page read and write
 clean
A679D7F000
unkown
page read and write
 clean
7FF5A36F1000
unkown
page readonly
 clean
197069C0000
unkown
page read and write
 clean
182AECC5000
unkown
page read and write
 clean
854379000
unkown
page read and write
 clean
7FF5A3466000
unkown
page readonly
 clean
1FB75210000
unkown
page read and write
 clean
182AF342000
unkown
page read and write
 clean
7FF5A7B6A000
unkown
page readonly
 clean
7FF5048BF000
unkown
page readonly
 clean
2417B106000
heap default
page read and write
 clean
7FF5045C7000
unkown
page readonly
 clean
7FF5B16C9000
unkown
page readonly
 clean
7FF4F2751000
unkown
page readonly
 clean
8FB8C7E000
unkown
page read and write
 clean
1FB742CA000
unkown
page read and write
 clean
28353E3C000
unkown
page read and write
 clean
7FF4F2948000
unkown
page readonly
 clean
7FF5047F8000
unkown
page readonly
 clean
1DA0E240000
unkown
page read and write
 clean
7FF5CA714000
unkown
page readonly
 clean
7FF5C0134000
unkown
page readonly
 clean
8FB897F000
unkown
page read and write
 clean
7FF5B153F000
unkown
page readonly
 clean
7FF5CA8A2000
unkown
page readonly
 clean
7FF4F2220000
unkown
page readonly
 clean
7FF5402E9000
unkown
page readonly
 clean
A6793FE000
unkown
page read and write
 clean
1FB74400000
unkown
page read and write
 clean
7FF5B1773000
unkown
page readonly
 clean
E04937A000
unkown
page read and write
 clean
7FF5B16A4000
unkown
page readonly
 clean
28619580000
heap default
page read and write
 clean
182AF202000
unkown
page read and write
 clean
182AF325000
unkown
page read and write
 clean
E4D767A000
unkown
page read and write
 clean
7FF587A8A000
unkown
page readonly
 clean
1FB72155000
unkown
page read and write
 clean
7FF50F4EF000
unkown
page readonly
 clean
7FF4F27AA000
unkown
page readonly
 clean
7FF5CA826000
unkown
page readonly
 clean
182AF366000
unkown
page read and write
 clean
7FF5B1961000
unkown
page readonly
 clean
1FB720BF000
unkown
page read and write
 clean
7FF5CA7DF000
unkown
page readonly
 clean
1FB74342000
unkown
page read and write
 clean
182AF363000
unkown
page read and write
 clean
182AF36B000
unkown
page read and write
 clean
2213F29D000
unkown
page read and write
 clean
155397C0000
unkown
page readonly
 clean
1FB720E3000
unkown
page read and write
 clean
8FB86FF000
unkown
page read and write
 clean
1FB742CB000
unkown
page read and write
 clean
50BFC7E000
unkown
page read and write
 clean
28353F00000
unkown
page read and write
 clean
22144590000
unkown
page read and write
 clean
7FF5A388C000
unkown
page readonly
 clean
241A3D40000
unkown
page readonly
 clean
7FF587AE3000
unkown
page readonly
 clean
50BF9FE000
unkown
page read and write
 clean
241A3F83000
unkown
page read and write
 clean
D36D71A000
unkown
page read and write
 clean
22140120000
unkown
page readonly
 clean
182AF1B0000
unkown
page write copy
 clean
7FF4F20AC000
unkown
page readonly
 clean
1FB74205000
unkown
page read and write
 clean
70AD6FB000
unkown
page read and write
 clean
E4D730E000
unkown
page read and write
 clean
221444C0000
unkown
page read and write
 clean
15539A00000
unkown
page readonly
 clean
7FF540362000
unkown
page readonly
 clean
7FF5B18B4000
unkown
page readonly
 clean
182AF36D000
unkown
page read and write
 clean
19706A63000
unkown
page read and write
 clean
15539822000
unkown
page read and write
 clean
2120DF02000
unkown
page read and write
 clean
1FB73FB8000
unkown
page read and write
 clean
7FF50F899000
unkown
page readonly
 clean
221445F4000
unkown
page readonly
 clean
7FF5A38A5000
unkown
page readonly
 clean
27F95C00000
unkown
page read and write
 clean
7FF587A83000
unkown
page readonly
 clean
155397D0000
unkown
page readonly
 clean
182AECE5000
unkown
page read and write
 clean
182AF338000
unkown
page read and write
 clean
7FF5CA7F4000
unkown
page readonly
 clean
286195E0000
unkown
page readonly
 clean
182AEBF0000
unkown
page readonly
 clean
15539E90000
unkown
page readonly
 clean
241A3F12000
unkown
page read and write
 clean
7FF5048BB000
unkown
page readonly
 clean
1FB73F6B000
unkown
page read and write
 clean
2213F802000
unkown
page read and write
 clean
22144970000
unkown
page read and write
 clean
2213F302000
unkown
page read and write
 clean
7FF4F25E4000
unkown
page readonly
 clean
E4D777F000
unkown
page read and write
 clean
7FF4FDFBE000
unkown
page readonly
 clean
1553982A000
unkown
page read and write
 clean
1FB72145000
unkown
page read and write
 clean
182AEC4D000
unkown
page read and write
 clean
A6792FB000
unkown
page read and write
 clean
182AF387000
unkown
page read and write
 clean
7FF5402B4000
unkown
page readonly
 clean
7FF50F858000
unkown
page readonly
 clean
22144510000
unkown
page readonly
 clean
7FF587B80000
unkown
page readonly
 clean
7FF4FDF60000
unkown
page readonly
 clean
182AF36F000
unkown
page read and write
 clean
7FF587BEB000
unkown
page readonly
 clean
241A2000000
unkown
page readonly
 clean
1FB72135000
unkown
page read and write
 clean
182AF360000
unkown
page read and write
 clean
7FF53F120000
unkown
page readonly
 clean
182AF381000
unkown
page read and write
 clean
7FF5A77DC000
unkown
page readonly
 clean
7FF4F26C6000
unkown
page readonly
 clean
1FB72055000
unkown
page read and write
 clean
7FF4FDF00000
unkown
page readonly
 clean
7FF53F5A4000
unkown
page readonly
 clean
19706990000
heap default
page read and write
 clean
2417B300000
unkown
page readonly
 clean
1FB73F30000
unkown
page read and write
 clean
7FF587C24000
unkown
page readonly
 clean
1FB75010000
unkown
page read and write
 clean
7FF5B1648000
unkown
page readonly
 clean
182AF326000
unkown
page read and write
 clean
7FF504907000
unkown
page readonly
 clean
182AF385000
unkown
page read and write
 clean
182AF36E000
unkown
page read and write
 clean
7FF4FDFD1000
unkown
page readonly
 clean
28353E62000
unkown
page read and write
 clean
7FF5A389E000
unkown
page readonly
 clean
7FF4FDDB9000
unkown
page readonly
 clean
182AECA0000
unkown
page read and write
 clean
7FF53ED66000
unkown
page readonly
 clean
7FF4F2736000
unkown
page readonly
 clean
182AF310000
unkown
page read and write
 clean
28353F13000
unkown
page read and write
 clean
7FF5A7C12000
unkown
page readonly
 clean
2120DD20000
heap default
page read and write
 clean
182AEC8A000
unkown
page read and write
 clean
182AF300000
unkown
page read and write
 clean
7FF4F2158000
unkown
page readonly
 clean
241A3F43000
unkown
page read and write
 clean
7FF5B1547000
unkown
page readonly
 clean
7FF5B1844000
unkown
page readonly
 clean
7FF5A3620000
unkown
page readonly
 clean
2213F0F0000
unkown
page readonly
 clean
7FF587C0C000
unkown
page readonly
 clean
7FF5A38EA000
unkown
page readonly
 clean
7FF5A7C0A000
unkown
page readonly
 clean
7FF50414D000
unkown
page readonly
 clean
1FB73DE0000
unkown
page read and write
 clean
182AF35E000
unkown
page read and write
 clean
7FF5B180C000
unkown
page readonly
 clean
70AD9FB000
unkown
page read and write
 clean
1E1B7F000
unkown
page read and write
 clean
182AECBD000
unkown
page read and write
 clean
241A1F15000
unkown
page read and write
 clean
7FF4F26F1000
unkown
page readonly
 clean
182AEA10000
unkown
page readonly
 clean
182AF750000
unkown
page readonly
 clean
7FF50491C000
unkown
page readonly
 clean
1FB71E20000
heap private
page read and write
 clean
7FF5046B6000
unkown
page readonly
 clean
7FF5B184F000
unkown
page readonly
 clean
2861967B000
unkown
page read and write
 clean
182AF385000
unkown
page read and write
 clean
48F557E000
unkown
page read and write
 clean
7FF5B1695000
unkown
page readonly
 clean
1FB74442000
unkown
page read and write
 clean
7FF4F27C1000
unkown
page readonly
 clean
1FB73FF2000
unkown
page read and write
 clean
7FF4F2515000
unkown
page readonly
 clean
7FF50F645000
unkown
page readonly
 clean
E0494FF000
unkown
page read and write
 clean
7FF54016B000
unkown
page readonly
 clean
241A3870000
unkown
page read and write
 clean
1E1AFF000
unkown
page read and write
 clean
22144980000
unkown
page read and write
 clean
1FB72013000
unkown
page read and write
 clean
1FB74232000
unkown
page read and write
 clean
7FF4FDD26000
unkown
page readonly
 clean
7FF5A7B96000
unkown
page readonly
 clean
28353CF0000
heap default
page read and write
 clean
2417B200000
unkown
page readonly
 clean
7FF50F641000
unkown
page readonly
 clean
7FF5402DE000
unkown
page readonly
 clean
1DA0E202000
unkown
page read and write
 clean
182AF780000
unkown
page readonly
 clean
22144590000
unkown
page read and write
 clean
7FF4FDF5A000
unkown
page readonly
 clean
7FF5CA7DC000
unkown
page readonly
 clean
1FB71FB0000
unkown
page readonly
 clean
28619613000
unkown
page read and write
 clean
7FF5049E2000
unkown
page readonly
 clean
7FF4F296E000
unkown
page readonly
 clean
1FB720BA000
unkown
page read and write
 clean
28619713000
unkown
page read and write
 clean
28619640000
unkown
page read and write
 clean
7FF5047EB000
unkown
page readonly
 clean
70AD7FA000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
1FB720A1000
unkown
page read and write
 clean
15539800000
unkown
page read and write
 clean
182AF35B000
unkown
page read and write
 clean
1FB7423A000
unkown
page read and write
 clean
19706A13000
unkown
page read and write
 clean
7FF5B1833000
unkown
page readonly
 clean
7FF4FDFA4000
unkown
page readonly
 clean
2213EFA0000
heap private
page read and write
 clean
182AF33F000
unkown
page read and write
 clean
8FB83FB000
unkown
page read and write
 clean
1FB72176000
unkown
page read and write
 clean
19706930000
heap private
page read and write
 clean
7FF5A388A000
unkown
page readonly
 clean
7FF4FDC2F000
unkown
page readonly
 clean
7FF5A3919000
unkown
page readonly
 clean
D36DAF9000
unkown
page read and write
 clean
1FB74050000
unkown
page read and write
 clean
182AF396000
unkown
page read and write
 clean
28619520000
heap private
page read and write
 clean
7FF5A3781000
unkown
page readonly
 clean
182AF350000
unkown
page read and write
 clean
2213F1D0000
unkown
page read and write
 clean
7FF5CA7FA000
unkown
page readonly
 clean
7FF50F837000
unkown
page readonly
 clean
182AF861000
unkown
page read and write
 clean
1FB73F4C000
unkown
page read and write
 clean
28353E64000
unkown
page read and write
 clean
1FB72155000
unkown
page read and write
 clean
A679C7F000
unkown
page read and write
 clean
7FF5B1802000
unkown
page readonly
 clean
7FF5C0159000
unkown
page readonly
 clean
2120DF00000
unkown
page read and write
 clean
1E197F000
unkown
page read and write
 clean
7FF540270000
unkown
page readonly
 clean
7FF540210000
unkown
page readonly
 clean
1FB72029000
unkown
page read and write
 clean
7FF53F2E0000
unkown
page readonly
 clean
7FF5045BF000
unkown
page readonly
 clean
7FF587BAF000
unkown
page readonly
 clean
1FB74502000
unkown
page read and write
 clean
7FF4FDFD9000
unkown
page readonly
 clean
1FB72149000
unkown
page read and write
 clean
182AF760000
unkown
page readonly
 clean
1FB73F4F000
unkown
page read and write
 clean
1FB742C6000
unkown
page read and write
 clean
70ADDFB000
unkown
page read and write
 clean
7FF53FACD000
unkown
page readonly
 clean
7FF5B1810000
unkown
page readonly
 clean
2213F271000
unkown
page read and write
 clean
7FF4FDFD6000
unkown
page readonly
 clean
7FF5A380C000
unkown
page readonly
 clean
7FF4F29F1000
unkown
page readonly
 clean
70AD4FA000
unkown
page read and write
 clean
7FF4F2917000
unkown
page readonly
 clean
7FF5B17B6000
unkown
page readonly
 clean
E04957D000
unkown
page read and write
 clean
7FF5A7B4C000
unkown
page readonly
 clean
7FF5A30A6000
unkown
page readonly
 clean
2417B120000
unkown
page read and write
 clean
182AEC4F000
unkown
page read and write
 clean
182AF331000
unkown
page read and write
 clean
E04927F000
unkown
page read and write
 clean
22144687000
unkown
page read and write
 clean
1FB74582000
unkown
page read and write
 clean
241A20D0000
unkown
page readonly
 clean
2120E050000
unkown
page readonly
 clean
182AECFA000
unkown
page read and write
 clean
85427F000
unkown
page read and write
 clean
1FB73F45000
unkown
page read and write
 clean
70AE17D000
unkown
page read and write
 clean
28353E5D000
unkown
page read and write
 clean
7FF5A7B88000
unkown
page readonly
 clean
22144AA0000
unkown
page readonly
 clean
182AF320000
unkown
page read and write
 clean
286198D0000
unkown
page readonly
 clean
7FF5A379E000
unkown
page readonly
 clean
182AF35B000
unkown
page read and write
 clean
7FF4F26EB000
unkown
page readonly
 clean
A679FFC000
unkown
page read and write
 clean
1FB74382000
unkown
page read and write
 clean
1FB75310000
unkown
page read and write
 clean
7FF50F84F000
unkown
page readonly
 clean
7FF587BDA000
unkown
page readonly
 clean
7FF5877A0000
unkown
page readonly
 clean
1FB74040000
unkown
page readonly
 clean
7FF53F64A000
unkown
page readonly
 clean
22144AB0000
unkown
page read and write
 clean
22140160000
unkown
page readonly
 clean
7FF53F5BF000
unkown
page readonly
 clean
2213F800000
unkown
page read and write
 clean
7FF5A78E6000
unkown
page readonly
 clean
182AF380000
unkown
page read and write
 clean
70AD12E000
unkown
page read and write
 clean
7FF5CA7BB000
unkown
page readonly
 clean
1E1A79000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
70ADFFC000
unkown
page read and write
 clean
7FF5B18BA000
unkown
page readonly
 clean
182AF338000
unkown
page read and write
 clean
221444D0000
unkown
page read and write
 clean
182AED16000
unkown
page read and write
 clean
2213F22A000
unkown
page read and write
 clean
7FF504958000
unkown
page readonly
 clean
7FF587A16000
unkown
page readonly
 clean
28353F02000
unkown
page read and write
 clean
7FF5A7A23000
unkown
page readonly
 clean
1FB74402000
unkown
page read and write
 clean
7FF5048DA000
unkown
page readonly
 clean
7FF5A38FF000
unkown
page readonly
 clean
7FF587B4C000
unkown
page readonly
 clean
1FB75210000
unkown
page read and write
 clean
70AD47A000
unkown
page read and write
 clean
1FB73DF0000
heap private
page read and write
 clean
2417B210000
unkown
page readonly
 clean
7FF5A7B1A000
unkown
page readonly
 clean
15539813000
unkown
page read and write
 clean
7FF5877F7000
unkown
page readonly
 clean
182AEC4C000
unkown
page read and write
 clean
155396E0000
heap default
page read and write
 clean
28354000000
unkown
page readonly
 clean
7FF54029C000
unkown
page readonly
 clean
1FB742CA000
unkown
page read and write
 clean
7FF5B189F000
unkown
page readonly
 clean
1FB72136000
unkown
page read and write
 clean
19707400000
unkown
page readonly
 clean
1FB73F25000
unkown
page read and write
 clean
28353E5F000
unkown
page read and write
 clean
7FF53F5D6000
unkown
page readonly
 clean
1FB72137000
unkown
page read and write
 clean
EE07B77000
unkown
page read and write
 clean
2120DE13000
unkown
page read and write
 clean
7FF53F5B4000
unkown
page readonly
 clean
1FB73F56000
unkown
page read and write
 clean
7FF50F4DC000
unkown
page readonly
 clean
7FF50F864000
unkown
page readonly
 clean
27F95C3F000
unkown
page read and write
 clean
1FB7207D000
unkown
page read and write
 clean
1553984D000
unkown
page read and write
 clean
70AE1FA000
unkown
page read and write
 clean
7FF5A7941000
unkown
page readonly
 clean
7FF5CA818000
unkown
page readonly
 clean
EE07D7D000
unkown
page read and write
 clean
7FF4F26FF000
unkown
page readonly
 clean
28619800000
unkown
page readonly
 clean
1FB75410000
unkown
page read and write
 clean
1FB75013000
unkown
page read and write
 clean
221445D0000
unkown
page read and write
 clean
241A3CB0000
unkown
page readonly
 clean
7FF5C00E0000
unkown
page readonly
 clean
7FF504836000
unkown
page readonly
 clean
182AF390000
unkown
page read and write
 clean
7FF5044C9000
unkown
page readonly
 clean
7FF587C0F000
unkown
page readonly
 clean
2213F313000
unkown
page read and write
 clean
7FF4F28EC000
unkown
page readonly
 clean
1FB71E80000
heap default
page read and write
 clean
15539849000
unkown
page read and write
 clean
70AD87B000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
2861967B000
unkown
page read and write
 clean
182AF381000
unkown
page read and write
 clean
7FF5A7AC2000
unkown
page readonly
 clean
7FF540173000
unkown
page readonly
 clean
241A1E3F000
unkown
page read and write
 clean
1FB75110000
unkown
page read and write
 clean
2213F959000
unkown
page read and write
 clean
7FF5CA370000
unkown
page readonly
 clean
182AF854000
unkown
page read and write
 clean
182AF385000
unkown
page read and write
 clean
19706A8A000
unkown
page read and write
 clean
7FF5B187B000
unkown
page readonly
 clean
19706A4D000
unkown
page read and write
 clean
E4D76FA000
unkown
page read and write
 clean
8541FA000
unkown
page read and write
 clean
7FF4FDD81000
unkown
page readonly
 clean
241A1EBE000
unkown
page read and write
 clean
7FF5C01D1000
unkown
page readonly
 clean
241A3D60000
unkown
page readonly
 clean
7FF4F20A2000
unkown
page readonly
 clean
28353D00000
unkown
page readonly
 clean
2213F7F3000
unkown
page read and write
 clean
182AF360000
unkown
page read and write
 clean
19706B02000
unkown
page read and write
 clean
7FF5A7AE3000
unkown
page readonly
 clean
7FF4F2954000
unkown
page readonly
 clean
182AEC4B000
unkown
page read and write
 clean
7FF4F28BF000
unkown
page readonly
 clean
7FF4F2937000
unkown
page readonly
 clean
182AFA00000
unkown
page readonly
 clean
7FF53F135000
unkown
page readonly
 clean
7FF5C0148000
unkown
page readonly
 clean
7FF4F28FE000
unkown
page readonly
 clean
7FF504715000
unkown
page readonly
 clean
1FB72148000
unkown
page read and write
 clean
182AF351000
unkown
page read and write
 clean
2213F257000
unkown
page read and write
 clean
7FF5A7B64000
unkown
page readonly
 clean
E048FAB000
unkown
page read and write
 clean
2213F28B000
unkown
page read and write
 clean
2417B120000
unkown
page read and write
 clean
7FF50F820000
unkown
page readonly
 clean
2213F29F000
unkown
page read and write
 clean
182AF331000
unkown
page read and write
 clean
241A1E79000
unkown
page read and write
 clean
7FF50F7E3000
unkown
page readonly
 clean
182AECE7000
unkown
page read and write
 clean
70ADA7B000
unkown
page read and write
 clean
241A3CC0000
unkown
page read and write
 clean
19706A70000
unkown
page read and write
 clean
241A1EA2000
unkown
page read and write
 clean
7FF5873E6000
unkown
page readonly
 clean
182AF339000
unkown
page read and write
 clean
7FF5A7B9D000
unkown
page readonly
 clean
2214461A000
unkown
page read and write
 clean
7FF53F441000
unkown
page readonly
 clean
1FB75410000
unkown
page read and write
 clean
A679DFF000
unkown
page read and write
 clean
7FF4FDF98000
unkown
page readonly
 clean
7FF504944000
unkown
page readonly
 clean
197069A0000
unkown
page readonly
 clean
2213F23D000
unkown
page read and write
 clean
2120DE5B000
unkown
page read and write
 clean
2213F902000
unkown
page read and write
 clean
70AD57F000
unkown
page read and write
 clean
1FB75310000
unkown
page read and write
 clean
22144683000
unkown
page read and write
 clean
28353E54000
unkown
page read and write
 clean
15539900000
unkown
page read and write
 clean
27F95AD0000
heap default
page read and write
 clean
7FF587CD1000
unkown
page readonly
 clean
2213F918000
unkown
page read and write
 clean
1FB74582000
unkown
page read and write
 clean
7FF540233000
unkown
page readonly
 clean
7FF5A30A0000
unkown
page readonly
 clean
1FB742C9000
unkown
page read and write
 clean
7FF50F5E6000
unkown
page readonly
 clean
A679BFE000
unkown
page read and write
 clean
2417B120000
unkown
page read and write
 clean
182AF770000
unkown
page read and write
 clean
7FF5A7B37000
unkown
page readonly
 clean
7FF5B1962000
unkown
page readonly
 clean
2213F200000
unkown
page read and write
 clean
1FB7206E000
unkown
page read and write
 clean
7FF5041F1000
unkown
page readonly
 clean
28619590000
unkown
page write copy
 clean
7FF587960000
unkown
page readonly
 clean
1FB72113000
unkown
page read and write
 clean
1FB72155000
unkown
page read and write
 clean
7FF5A398A000
unkown
page readonly
 clean
7FF4F25DA000
unkown
page readonly
 clean
7FF4FDC1C000
unkown
page readonly
 clean
7FF5402A8000
unkown
page readonly
 clean
7FF5046AB000
unkown
page readonly
 clean
2213F000000
heap default
page read and write
 clean
7FF5402BA000
unkown
page readonly
 clean
7FF587B33000
unkown
page readonly
 clean
E4D728B000
unkown
page read and write
 clean
1FB73F24000
unkown
page read and write
 clean
7FF5B1778000
unkown
page readonly
 clean
7FF53F2D7000
unkown
page readonly
 clean
182AF338000
unkown
page read and write
 clean
182AF37F000
unkown
page read and write
 clean
22144A00000
unkown
page readonly
 clean
7FF587BF7000
unkown
page readonly
 clean
7FF53FF47000
unkown
page readonly
 clean
1FB7207E000
unkown
page read and write
 clean
7FF50F7C2000
unkown
page readonly
 clean
2213FE00000
unkown
page read and write
 clean
7FF54026A000
unkown
page readonly
 clean
1FB73F84000
unkown
page read and write
 clean
221449C0000
unkown
page read and write
 clean
7FF5A7B99000
unkown
page readonly
 clean
22144540000
unkown
page read and write
 clean
182AF371000
unkown
page read and write
 clean
15539908000
unkown
page read and write
 clean
7FF4F28B3000
unkown
page readonly
 clean
241A3F43000
unkown
page read and write
 clean
7FF4F27AF000
unkown
page readonly
 clean
28353E29000
unkown
page read and write
 clean
EE07C7F000
unkown
page read and write
 clean
15539850000
unkown
page read and write
 clean
1FB74582000
unkown
page read and write
 clean
1FB73FD9000
unkown
page read and write
 clean
70AE0FC000
unkown
page read and write
 clean
1FB75210000
unkown
page read and write
 clean
7FF540095000
unkown
page readonly
 clean
1FB72136000
unkown
page read and write
 clean
7FF50495E000
unkown
page readonly
 clean
7FF54027B000
unkown
page readonly
 clean
7FF50F5DB000
unkown
page readonly
 clean
1FB73FC2000
unkown
page read and write
 clean
7FF587B82000
unkown
page readonly
 clean
7FF5C010F000
unkown
page readonly
 clean
7FF5A390E000
unkown
page readonly
 clean
182AECCD000
unkown
page read and write
 clean
7FF504726000
unkown
page readonly
 clean
E4D797C000
unkown
page read and write
 clean
182AE9A0000
heap private
page read and write
 clean
7FF5A7B7E000
unkown
page readonly
 clean
A67967B000
unkown
page read and write
 clean
There are 1295 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://sandpapery-unsacredness.s3.us-east-2.amazonaws.com/cradleman/login.html?swgrpacvwo=tCY3gtxz3uimqzYzUEpM9OwyCa&jlkct=tF83ixZD95kcOHCUQcgsDIO&cjvdev=4dFSzlmpgUMjKHtPvAPpDgrz&rznts=7lco6asp947Ut92XpkFnAeub6&xzjgp=DHHrHv9mUzpnEckiAGPnHVoGq&uwc=bER8XxeL1fdOaq8FrNe2YPG3dexZan
 malicious
https://www.microsoft.com/de-ch/
 clean
https://signup.live.com/signup?ru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d2057%26response_type%3dcode%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26scope%3dopenid%2bprofile%2bemail%2boffline_access%26response_mode%3dform_post%26redirect_uri%3dhttps%253a%252f%252flogin.microsoftonline.com%252fcommon%252ffederation%252foauth2%26state%3drQIIAeNisNLJKCkpKLbS1y_ILypJzNHLzUwuyi_OTyvJz8vJzEvVS87P1csvSs9MAbGKhLgE5N-HsRnaz3GZ3Nb0o0aAj2MWI2d8TmYZWOUqRmXCxulfYGR8wch4i0nQvyjdMyW82C01JbUosSQzP-8Ci8ArFh4DZisODi4BBgkGBYYfLIyLWIG2Rik0X16_dbXTrqAUuYQeZ4ZTrPpRVd4W-b7mmV4ppv5hlW6-lqaluRYWHrl5XtppBkXhQUUhmQElZWVGAaGBtqZWhhPYhCawMZ1iY_jAxtjBznCAk_EWl4iRgaGlroGRroGJgoGllZGRlbFRFAA1%26estsfed%3d1%26lw%3d1%26fl%3deasi2%26fci%3dhttps%253a%252f%252fportal.microsoftonline.com.orgid.com%26mkt%3dEN-GB%26uaid%3d0656ef1f3f31449c938682f87c100e08&mkt=EN-GB&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=0656ef1f3f31449c938682f87c100e08&suc=https%3a%2f%2fportal.microsoftonline.com.orgid.com&lic=1
 clean
https://privacy.microsoft.com/en-US/privacystatement
 clean
https://www.microsoft.com/en-us/servicesagreement
 clean
https://www.microsoft.com/en-us/servicesagreement/default.aspx
 clean
https://signup.live.com/signup?ru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26response_type%3dcode%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26scope%3dopenid%2bprofile%2bemail%2boffline_access%26response_mode%3dform_post%26redirect_uri%3dhttps%253a%252f%252flogin.microsoftonline.com%252fcommon%252ffederation%252foauth2%26state%3drQIIAYWSO2_TUABG47QNtOItBsSAOjAgkNPre_2IIyHhxEmTJo7zsOvYi2UnfuVhp44dOxETLAxIMHeDASFgQiAhJuZKSGwgFlbEhBADGxT-AMsZvjN-Z-sEnafzIA-urxF5oniVRCRlMCaLswaNcJIlAG6QkMYRhWgEATGkAAovbJ3r3Ln3-vaNj7ful35-enD594tDbFOfeAsrPwimz7ArbhTN5sWdnSRJ8oFte4N_Ymdi-EPPd95g2AcM-4phh9kNy8fl3rPsnEYMoliaoQjAQAhZAPOaJKQqFBJR4iJ1KhCaB4CqqGlTqRxv9UjY7U4E2IHirjbV-EEiKDJqKfVUU4RIHe176hIAUVGXTclJRd6JBF6AmqQSrdE4EVZ19Dl7VuTiyIV_EYTeyvqR3bSDcKrPgnl0uPY8u-rOO6bqr6yewFMsQxpdvxFynE60XbO7X476HjoQpm7VWUbGEmdDhtGjJVUd9GtKXA_50N3nwiBI-0bS7uEHtNlolFtjRE8WNrk7phdWrU3ynGkoiRn4U9mMyWadcZqGw1eVAy2lR31aTkVN1r1-OeCFg2QRJAnpkIzKOMG8AyaVVVreowg9xR2Zr01hEzfnfBssxwHuV0BvIboDJwVwUGuMQ8ZxZcEsN1m9MEQFX5NGQ6XJeWy1W2qD0mxhU4G9VyposYuq3WTVUHflhSXLZivq-a4y5-KJgNdQFDsMO7SYZm1UsyS0KnE62ZMKtPNyLXf88DTwj9bOBDPL94bbszCwvYn1YR37tn7qZO5c7lJmO3PtIjjzax17vHEc0dP3XzbY5ZPy3UekHcmvMkcbOyq_Qou-VQFSTE3SAjKBMqLL7mxPrcRLUYyHHdZGzn4dAO4mUSQe5rCHudxR7nyd11sVqSdxLZ7r8lAH33PYvROZt5v_SfHz1kUIIMABixPMNgRFgihSQHt3OvMH0%26estsfed%3d1%26lw%3d1%26fl%3deasi2%26fci%3d4345a7b9-9a63-4910-a426-35363201d503%26mkt%3den-US%26uaid%3db58882512b7c40d78c42f4d88f1affac&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=b58882512b7c40d78c42f4d88f1affac&suc=4345a7b9-9a63-4910-a426-35363201d503&lic=1
 clean
https://www.microsoft.com/en-us/servicesagreement/default.aspx
 clean
https://www.microsoft.com/en-us/servicesagreement/faq.aspx
 clean
https://privacy.microsoft.com/en-gb/privacystatement
 clean
https://www.microsoft.com/en-gb/servicesagreement/default.aspx
 clean
https://www.microsoft.com/en-US/servicesagreement/
 clean
https://www.microsoft.com/store/buy/cartcount
 clean
https://publisher.liveperson.net/iframe-le-tag/iframe.html?lpsite=60270350&lpsection=store-sales-de-ch&buttons=lpChatService,lpChatSales
 clean
There are 4 hidden doms, click here to show them.