IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://pbox.photobox.co.uk/dynclick/photobox-uk/?eml-publisher=photobox-uk&eml-name=phx_t_uk_new_crn_e2_bau_all&uid=67912768&eurl=http://photobox-mkt-prod1-t.campaign.adobe.com/r/?id=h4e5ec0b9,69a17086,5eb6e68f&utm_source=photobox&utm_medium=email&utm_campaign=t_all_w26_20200623_uk_crn_tips-and-trading-plan_2_bau_ac1982206_web_1772187782&_c1v=crm&_c2v=trigger&_c3v=creation&_c4id=1982206&_c5id=1772187782&_c6id=all&_c7id=acc&_cdt=2020-06-23&_ceh=b79bed2958568ab17f18979440690c16a1c6f09f5afc870aacd7ecb1e408488c&_cleh=b79bed2958568ab17f18979440690c16a1c6f09f5afc870aacd7ecb1e408488c&p1=direcionarcontabilidade.com.br/fs/tm/?email=YWNjb3VudHNAc3RhbmRyZXcuY28udWs=
URL
initial url
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\2ee06de9-d779-4b26-afc4-5ad961d2cce1.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5a88546b-d6db-4f6c-93bb-88a22ff96173.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\95f66b07-734d-4da2-856b-2ff6f004284a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0b2cd3c0-169f-40df-924c-916765608447.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\355af998-f745-456d-8e22-7628dcfaefb2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\55f859b1-f9e5-4579-92a4-8ae57930d6dc.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ad032af-39f9-4f27-a512-899016544d88.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\99ef0c3c-2cbd-4cba-8488-636b95164b6e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\1cf3a28d-ccca-4a09-a2ba-4a88eb543005.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\8c591ad7-c12e-4405-8317-1c5b4525818b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\Chrome Web Store Payments.ico.md5
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nmmhkkegccagdldgiimedpiccmgmieda\af67d7f8-6353-42df-b607-a187e641d822.tmp
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a0c4e483-0a17-436f-96e7-67c40907d63c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce76418a-d515-451a-9160-edaf8a0cb7e9.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dbffaa0b-102c-4946-adb0-ed7dfac53cb0.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b1e6142e-57c4-49b3-bcb5-3f8e17742bc5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\13489708-e2f3-4135-99f7-05f15f20db00.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\143f4401-6c2b-4ac6-b5f4-84721c765b82.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\4c88130a-8823-4f7a-8187-d38148913625.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\79042fa7-9d59-4e4f-b51e-9b8991eaf17d.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\a5d96ea2-d2bd-45c2-bc9a-8b0c804ba2f3.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\f83e1990-c308-4668-bac7-12a3015f2367.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\13489708-e2f3-4135-99f7-05f15f20db00.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_1967848061\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\4c88130a-8823-4f7a-8187-d38148913625.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_790041466\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\143f4401-6c2b-4ac6-b5f4-84721c765b82.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5508_930692864\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
There are 203 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://pbox.photobox.co.uk/dynclick/photobox-uk/?eml-publisher=photobox-uk&eml-name=phx_t_uk_new_crn_e2_bau_all&uid=67912768&eurl=http://photobox-mkt-prod1-t.campaign.adobe.com/r/?id=h4e5ec0b9,69a17086,5eb6e68f&utm_source=photobox&utm_medium=email&utm_campaign=t_all_w26_20200623_uk_crn_tips-and-trading-plan_2_bau_ac1982206_web_1772187782&_c1v=crm&_c2v=trigger&_c3v=creation&_c4id=1982206&_c5id=1772187782&_c6id=all&_c7id=acc&_cdt=2020-06-23&_ceh=b79bed2958568ab17f18979440690c16a1c6f09f5afc870aacd7ecb1e408488c&_cleh=b79bed2958568ab17f18979440690c16a1c6f09f5afc870aacd7ecb1e408488c&p1=direcionarcontabilidade.com.br/fs/tm/?email=YWNjb3VudHNAc3RhbmRyZXcuY28udWs='
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,5330392758278265500,18383578165368118498,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1860 /prefetch:8
clean

URLs

Name
IP
Malicious
https://direcionarcontabilidade.com.br/fs/tm/authorize_client_id:6vgoqimf-07f1-3hk9-0mfl-t0kgpl5qbirs_ro7dy36vq4pnjkxst8licwg0ab1h9feuzm259rois3ajq0xutm6blckyzh8pevn7wfdg2451kdr3o4wy1a7zhj5ugpcxn0t6l8siqmf29bve?data=YWNjb3VudHNAc3RhbmRyZXcuY28udWs=
malicious
https://dns.google
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://direcionarcontabilidade.com.br/fs/tm/authorize_client_id:6vgoqimf-07f1-3hk9-0mfl-t0kgpl5qbir
unknown
 clean
https://pbox.photobox.co.uk/dynclick/photobox-uk/?eml-publisher=photobox-uk&eml-name=phx_t_uk_new_cr
unknown
 clean
https://direcionarcontabilidade.com.br/fs/tm/images/favicon.ico
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://direcionarcontabilidade.com.br/fs/tm/?email=YWNjb3VudHNAc3RhbmRyZXcuY28udWs=&ectrans=1&utm_c
unknown
 clean

Domains

Name
IP
Malicious
direcionarcontabilidade.com.br
192.185.211.155
 clean
googlehosted.l.googleusercontent.com
142.250.180.225
 clean
pb.eulerian.net
109.232.195.140
 clean
clients2.googleusercontent.com
unknown
 clean
pbox.photobox.co.uk
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
142.250.180.225
googlehosted.l.googleusercontent.com
United States
clean
192.185.211.155
direcionarcontabilidade.com.br
United States
clean
239.255.255.250
unknown
Reserved
clean
109.232.195.140
pb.eulerian.net
France
clean
127.0.0.1
unknown
unknown
clean

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
GlobalAssocChangedCounter
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
There are 36 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
A6E9677000
unkown
page read and write
 clean
7FF593EBE000
unkown
page readonly
 clean
1FC52246000
unkown
page read and write
 clean
7FF571B5D000
unkown
page readonly
 clean
2B03E113000
unkown
page read and write
 clean
7FF5CFA2C000
unkown
page readonly
 clean
7FF59BD10000
unkown
page readonly
 clean
7FF5B8AC1000
unkown
page readonly
 clean
139BC7C0000
unkown
page read and write
 clean
7FF5E49B6000
unkown
page readonly
 clean
7FF5B9040000
unkown
page readonly
 clean
1C95B713000
unkown
page read and write
 clean
7FF548680000
unkown
page readonly
 clean
139B7F60000
unkown
page read and write
 clean
74EC77D000
unkown
page read and write
 clean
C7B14F7000
unkown
page read and write
 clean
1EE74E60000
heap default
page read and write
 clean
25A81A4F000
unkown
page read and write
 clean
1C95B600000
unkown
page read and write
 clean
7FF55B4B4000
unkown
page readonly
 clean
7FF593E62000
unkown
page readonly
 clean
148FB590000
unkown
page readonly
 clean
EEAFCFF000
unkown
page read and write
 clean
7FF4F68BC000
unkown
page readonly
 clean
7FF525C64000
unkown
page readonly
 clean
23E1A055000
unkown
page read and write
 clean
7FF55B4B7000
unkown
page readonly
 clean
7FF594107000
unkown
page readonly
 clean
7FF5E4A35000
unkown
page readonly
 clean
25A81A13000
unkown
page read and write
 clean
7FF59BCAE000
unkown
page readonly
 clean
1FC52400000
unkown
page readonly
 clean
7FF52AC2A000
unkown
page readonly
 clean
7FF59BCEC000
unkown
page readonly
 clean
7FF5B9099000
unkown
page readonly
 clean
7FF5E491C000
unkown
page readonly
 clean
7FF5CFD86000
unkown
page readonly
 clean
279CDC00000
unkown
page read and write
 clean
1FC520E0000
unkown
page readonly
 clean
7FF5B9052000
unkown
page readonly
 clean
7FF52ABDF000
unkown
page readonly
 clean
7FF594227000
unkown
page readonly
 clean
7FF5524CC000
unkown
page readonly
 clean
23E1A013000
unkown
page read and write
 clean
7FF5E4898000
unkown
page readonly
 clean
1C95B410000
unkown
page readonly
 clean
1E38B630000
unkown
page read and write
 clean
139BC66E000
unkown
page read and write
 clean
139BC734000
unkown
page readonly
 clean
7FF571EC8000
unkown
page readonly
 clean
7FF548698000
unkown
page readonly
 clean
2B03E802000
unkown
page read and write
 clean
74B86FD000
unkown
page read and write
 clean
1EE75002000
unkown
page read and write
 clean
1E4F9D10000
heap private
page read and write
 clean
139BC8AF000
unkown
page read and write
 clean
1FC541F0000
unkown
page read and write
 clean
9F3E07E000
unkown
page read and write
 clean
139BC7C0000
unkown
page read and write
 clean
7FF571C11000
unkown
page readonly
 clean
7FF5CFD22000
unkown
page readonly
 clean
7FF525CCA000
unkown
page readonly
 clean
C7B15FF000
unkown
page read and write
 clean
2B03E2D0000
unkown
page readonly
 clean
7FF59418D000
unkown
page readonly
 clean
7FF5B9058000
unkown
page readonly
 clean
279CDA10000
unkown
page readonly
 clean
A6E997F000
unkown
page read and write
 clean
7FF5CFBD8000
unkown
page readonly
 clean
7FF59BBB7000
unkown
page readonly
 clean
7FF57179C000
unkown
page readonly
 clean
7FF594192000
unkown
page readonly
 clean
139BC83B000
unkown
page read and write
 clean
2B03E08E000
unkown
page read and write
 clean
25A82002000
unkown
page read and write
 clean
7FF5CF24A000
unkown
page readonly
 clean
7FF59404B000
unkown
page readonly
 clean
7FF59BD79000
unkown
page readonly
 clean
1FC52280000
unkown
page read and write
 clean
7FF5717F5000
unkown
page readonly
 clean
1FC52200000
unkown
page read and write
 clean
7FF4F6899000
unkown
page readonly
 clean
7FF571EA4000
unkown
page readonly
 clean
7FF4F68CC000
unkown
page readonly
 clean
7FF59BC72000
unkown
page readonly
 clean
211D7597000
heap default
page read and write
 clean
1FC52224000
unkown
page read and write
 clean
7FF5CFB7E000
unkown
page readonly
 clean
1FC52302000
unkown
page read and write
 clean
1FC521B0000
unkown
page readonly
 clean
139B726F000
unkown
page read and write
 clean
139B7213000
unkown
page read and write
 clean
359B4FE000
unkown
page read and write
 clean
7FF5486CF000
unkown
page readonly
 clean
E8DD0FB000
unkown
page read and write
 clean
7FF5B90B1000
unkown
page readonly
 clean
211D76E0000
unkown
page readonly
 clean
7FF5484B7000
unkown
page readonly
 clean
74B87FC000
unkown
page read and write
 clean
139B7902000
unkown
page read and write
 clean
7FF5CFE0E000
unkown
page readonly
 clean
139BC540000
unkown
page read and write
 clean
7FF4F5D81000
unkown
page readonly
 clean
279CDD02000
unkown
page read and write
 clean
7FF5486F1000
unkown
page readonly
 clean
279CDC02000
unkown
page read and write
 clean
7FF5941F1000
unkown
page readonly
 clean
7FF4F675D000
unkown
page readonly
 clean
7FF55B455000
unkown
page readonly
 clean
7FF571F2C000
unkown
page readonly
 clean
1FC52213000
unkown
page read and write
 clean
7FF5CFD81000
unkown
page readonly
 clean
211D8FF0000
heap private
page read and write
 clean
25A81A4C000
unkown
page read and write
 clean
7FF548627000
unkown
page readonly
 clean
211D8EA0000
unkown
page readonly
 clean
7FF4F687E000
unkown
page readonly
 clean
2553CFA000
unkown
page read and write
 clean
7FF5B90BC000
unkown
page readonly
 clean
2B03E03C000
unkown
page read and write
 clean
7FF59BC9A000
unkown
page readonly
 clean
7FF59416C000
unkown
page readonly
 clean
7FF4F6787000
unkown
page readonly
 clean
7FF525D3C000
unkown
page readonly
 clean
7FF5524AD000
unkown
page readonly
 clean
139BC8B1000
unkown
page read and write
 clean
7FF54866C000
unkown
page readonly
 clean
25540FB000
unkown
page read and write
 clean
7FF55B50E000
unkown
page readonly
 clean
7FF5B9042000
unkown
page readonly
 clean
7FF5E4A9E000
unkown
page readonly
 clean
7FF5E4A0D000
unkown
page readonly
 clean
7FF594280000
unkown
page readonly
 clean
A6E9475000
unkown
page read and write
 clean
211D75CC000
heap default
page read and write
 clean
279CDC56000
unkown
page read and write
 clean
7DFD757D8000
unkown
page readonly
 clean
7FF571D89000
unkown
page readonly
 clean
359B77E000
unkown
page read and write
 clean
1E4FA800000
unkown
page readonly
 clean
359B97B000
unkown
page read and write
 clean
139B6FA0000
heap private
page read and write
 clean
7FF5486FC000
unkown
page readonly
 clean
EEAFF7D000
unkown
page read and write
 clean
7FF5CFA26000
unkown
page readonly
 clean
7FF594178000
unkown
page readonly
 clean
5DE7DFE000
unkown
page read and write
 clean
139B7918000
unkown
page read and write
 clean
7FF5CFBCC000
unkown
page readonly
 clean
7FF5CFD5F000
unkown
page readonly
 clean
1E38B613000
unkown
page read and write
 clean
7FF551EDA000
unkown
page readonly
 clean
7FF525CDA000
unkown
page readonly
 clean
23E19E60000
unkown
page readonly
 clean
279CDAF0000
unkown
page readonly
 clean
7FF5CF5B4000
unkown
page readonly
 clean
7FF52A960000
unkown
page readonly
 clean
1FC53BC0000
unkown
page read and write
 clean
1E38B4E0000
heap default
page read and write
 clean
A6E92FE000
unkown
page read and write
 clean
148FAF80000
unkown
page read and write
 clean
7FF525D5D000
unkown
page readonly
 clean
139B77F0000
unkown
page read and write
 clean
359BA7D000
unkown
page read and write
 clean
139BC730000
unkown
page read and write
 clean
1C95B6E1000
unkown
page read and write
 clean
139B7900000
unkown
page read and write
 clean
7FF5E4A44000
unkown
page readonly
 clean
7FF548358000
unkown
page readonly
 clean
25A81910000
unkown
page readonly
 clean
7FF55B4B0000
unkown
page readonly
 clean
5DE7AFE000
unkown
page read and write
 clean
9F3DB7F000
unkown
page read and write
 clean
7FF571EFF000
unkown
page readonly
 clean
74B7E8C000
unkown
page read and write
 clean
7FF4F688F000
unkown
page readonly
 clean
7FF55B519000
unkown
page readonly
 clean
7FF5482C1000
unkown
page readonly
 clean
74B83FF000
unkown
page read and write
 clean
E8DCFFC000
unkown
page read and write
 clean
7FF525D1D000
unkown
page readonly
 clean
139B7F70000
unkown
page read and write
 clean
1E4FA000000
unkown
page readonly
 clean
139BC85D000
unkown
page read and write
 clean
7FF5CFD96000
unkown
page readonly
 clean
211D7700000
unkown
page readonly
 clean
7FF5CFCC7000
unkown
page readonly
 clean
7FF52AD8E000
unkown
page readonly
 clean
139BC888000
unkown
page read and write
 clean
1E38B65F000
unkown
page read and write
 clean
25A81A70000
unkown
page read and write
 clean
23E19E50000
heap default
page read and write
 clean
7FF5B8D65000
unkown
page readonly
 clean
279CDC40000
unkown
page read and write
 clean
7FF548706000
unkown
page readonly
 clean
23E1A113000
unkown
page read and write
 clean
7FF571D20000
unkown
page readonly
 clean
1E4F9E02000
unkown
page read and write
 clean
7FF571C1D000
unkown
page readonly
 clean
7FF552549000
unkown
page readonly
 clean
7FF5E49E5000
unkown
page readonly
 clean
1E4F9E13000
unkown
page read and write
 clean
EEAFB7E000
unkown
page read and write
 clean
7FF4F6856000
unkown
page readonly
 clean
7FF5CFD10000
unkown
page readonly
 clean
2B03E200000
unkown
page readonly
 clean
7FF5CFD26000
unkown
page readonly
 clean
7FF4F670E000
unkown
page readonly
 clean
1FC541C0000
unkown
page read and write
 clean
326C7E000
unkown
page read and write
 clean
7FF59BD6E000
unkown
page readonly
 clean
1E4F9F02000
unkown
page read and write
 clean
E8DD17E000
unkown
page read and write
 clean
C7B16FF000
unkown
page read and write
 clean
1FC541C0000
unkown
page read and write
 clean
7FF52ADF0000
unkown
page readonly
 clean
7FF5CFDB0000
unkown
page readonly
 clean
1E38B5C0000
unkown
page readonly
 clean
279CE202000
unkown
page read and write
 clean
E8DCB8C000
unkown
page read and write
 clean
148FAF70000
unkown
page readonly
 clean
25541FE000
unkown
page read and write
 clean
7FF59BB68000
unkown
page readonly
 clean
7FF5940A0000
unkown
page readonly
 clean
139BC885000
unkown
page read and write
 clean
7FF4F66CF000
unkown
page readonly
 clean
7FF5CFD28000
unkown
page readonly
 clean
7FF5CF23F000
unkown
page readonly
 clean
7FF5B900B000
unkown
page readonly
 clean
7FF525D09000
unkown
page readonly
 clean
7FF55242C000
unkown
page readonly
 clean
1E38B800000
unkown
page readonly
 clean
7FF548715000
unkown
page readonly
 clean
25A81830000
heap default
page read and write
 clean
1FC52247000
unkown
page read and write
 clean
1E38B4F0000
unkown
page readonly
 clean
139BC80E000
unkown
page read and write
 clean
7FF571F57000
unkown
page readonly
 clean
7FF571F45000
unkown
page readonly
 clean
139BC668000
unkown
page read and write
 clean
A6E927B000
unkown
page read and write
 clean
139B71D0000
unkown
page read and write
 clean
1C95B613000
unkown
page read and write
 clean
23E1A04A000
unkown
page read and write
 clean
7FF5CFD55000
unkown
page readonly
 clean
1FC52313000
unkown
page read and write
 clean
1FC5223F000
unkown
page read and write
 clean
139B728D000
unkown
page read and write
 clean
7FF571EC6000
unkown
page readonly
 clean
7FF5941ED000
unkown
page readonly
 clean
25A81A57000
unkown
page read and write
 clean
211D9080000
heap private
page read and write
 clean
7FF525C52000
unkown
page readonly
 clean
7FF4F6842000
unkown
page readonly
 clean
139BCA10000
unkown
page readonly
 clean
7FF552442000
unkown
page readonly
 clean
1E38B702000
unkown
page read and write
 clean
7FF5CF251000
unkown
page readonly
 clean
7FF52A950000
unkown
page readonly
 clean
7FF55B23A000
unkown
page readonly
 clean
7FF5CFD3A000
unkown
page readonly
 clean
7FF5E487A000
unkown
page readonly
 clean
7FF5CFDA5000
unkown
page readonly
 clean
7FF571C07000
unkown
page readonly
 clean
1FC5222A000
unkown
page read and write
 clean
211D7690000
unkown
page readonly
 clean
9F3DF7F000
unkown
page read and write
 clean
7FF52ADA9000
unkown
page readonly
 clean
7FF52AC91000
unkown
page readonly
 clean
1C95B702000
unkown
page read and write
 clean
359B27B000
unkown
page read and write
 clean
7FF5524B6000
unkown
page readonly
 clean
139BC757000
unkown
page readonly
 clean
7FF5B913E000
unkown
page readonly
 clean
7FF593FB4000
unkown
page readonly
 clean
7FF59BC82000
unkown
page readonly
 clean
7FF4F68D5000
unkown
page readonly
 clean
139BC7B0000
unkown
page read and write
 clean
7FF5CFA1D000
unkown
page readonly
 clean
7FF5CFA2F000
unkown
page readonly
 clean
139B7959000
unkown
page read and write
 clean
25545FB000
unkown
page read and write
 clean
7FF55B426000
unkown
page readonly
 clean
7FF548727000
unkown
page readonly
 clean
1EE75102000
unkown
page read and write
 clean
139B7277000
unkown
page read and write
 clean
211D7580000
unkown
page readonly
 clean
7FF55246A000
unkown
page readonly
 clean
211D7560000
unkown
page read and write
 clean
7FF593E71000
unkown
page readonly
 clean
7FF525CB0000
unkown
page readonly
 clean
7FF52A291000
unkown
page readonly
 clean
3270FF000
unkown
page read and write
 clean
139BC8AC000
unkown
page read and write
 clean
23E1A108000
unkown
page read and write
 clean
23E1A04F000
unkown
page read and write
 clean
148FB029000
unkown
page read and write
 clean
7FF525CC6000
unkown
page readonly
 clean
359BD7E000
unkown
page read and write
 clean
7FF59BC88000
unkown
page readonly
 clean
148FB200000
unkown
page readonly
 clean
1C95BD00000
unkown
page read and write
 clean
139B7913000
unkown
page read and write
 clean
7FF5486BE000
unkown
page readonly
 clean
139B7200000
unkown
page read and write
 clean
7FF552549000
unkown
page readonly
 clean
A6E987F000
unkown
page read and write
 clean
148FB102000
unkown
page read and write
 clean
7FF5522AE000
unkown
page readonly
 clean
211D7410000
unkown
page readonly
 clean
1FC54200000
unkown
page write copy
 clean
7FF548678000
unkown
page readonly
 clean
25A81B08000
unkown
page read and write
 clean
7FF55AEA0000
unkown
page readonly
 clean
7FF5523D5000
unkown
page readonly
 clean
1EE75100000
unkown
page read and write
 clean
7FF5484F0000
unkown
page readonly
 clean
1E38B602000
unkown
page read and write
 clean
7FF5CFC85000
unkown
page readonly
 clean
139B729D000
unkown
page read and write
 clean
7FF5E49A0000
unkown
page readonly
 clean
279CE190000
unkown
page read and write
 clean
7FF548789000
unkown
page readonly
 clean
7FF5522CF000
unkown
page readonly
 clean
1C95B63E000
unkown
page read and write
 clean
148FB065000
unkown
page read and write
 clean
1FC52261000
unkown
page read and write
 clean
7FF5CFB3B000
unkown
page readonly
 clean
139BCAC0000
unkown
page readonly
 clean
1FC521D0000
unkown
page read and write
 clean
279CDAE0000
unkown
page readonly
 clean
7FF548780000
unkown
page readonly
 clean
1EE7508E000
unkown
page read and write
 clean
148FB002000
unkown
page read and write
 clean
7FF571D58000
unkown
page readonly
 clean
1C95B800000
unkown
page readonly
 clean
7FF5B8D03000
unkown
page readonly
 clean
139BC848000
unkown
page read and write
 clean
1C95B3A0000
heap private
page read and write
 clean
1C95B5C0000
unkown
page readonly
 clean
139BCA00000
unkown
page readonly
 clean
7FF525D57000
unkown
page readonly
 clean
1EE75A00000
unkown
page readonly
 clean
139BC764000
unkown
page write copy
 clean
211D921F000
heap private
page read and write
 clean
7FF59BCBF000
unkown
page readonly
 clean
1E38BE02000
unkown
page read and write
 clean
7FF5B9141000
unkown
page readonly
 clean
7FF5524E0000
unkown
page readonly
 clean
7FF59B870000
unkown
page readonly
 clean
7FF4F693E000
unkown
page readonly
 clean
23E1A02A000
unkown
page read and write
 clean
7FF571EC2000
unkown
page readonly
 clean
1EE74E00000
heap private
page read and write
 clean
7FF594215000
unkown
page readonly
 clean
139B7229000
unkown
page read and write
 clean
7FF5E49B8000
unkown
page readonly
 clean
1E38B5D0000
unkown
page readonly
 clean
74B88FF000
unkown
page read and write
 clean
7FF571D3F000
unkown
page readonly
 clean
211D76F0000
heap private
page read and write
 clean
139BCAE0000
unkown
page readonly
 clean
25A81F90000
unkown
page read and write
 clean
2553EFF000
unkown
page read and write
 clean
7FF5B908F000
unkown
page readonly
 clean
7FF5483BE000
unkown
page readonly
 clean
74B85FF000
unkown
page read and write
 clean
518890E000
unkown
page read and write
 clean
7FF55AEF6000
unkown
page readonly
 clean
279CDE00000
unkown
page readonly
 clean
7FF552438000
unkown
page readonly
 clean
25A82200000
unkown
page readonly
 clean
7FF5B9017000
unkown
page readonly
 clean
7FF59B86A000
unkown
page readonly
 clean
25537DB000
unkown
page read and write
 clean
1EE75000000
unkown
page read and write
 clean
23E1A000000
unkown
page read and write
 clean
E8DD277000
unkown
page read and write
 clean
7FF571FB9000
unkown
page readonly
 clean
139B7313000
unkown
page read and write
 clean
139B70F0000
unkown
page readonly
 clean
1EE7503C000
unkown
page read and write
 clean
9F3D57D000
unkown
page read and write
 clean
139BC780000
unkown
page read and write
 clean
7FF59BD14000
unkown
page readonly
 clean
23E19F30000
unkown
page readonly
 clean
7FF551ED4000
unkown
page readonly
 clean
139B7959000
unkown
page read and write
 clean
7FF548696000
unkown
page readonly
 clean
7FF52AD52000
unkown
page readonly
 clean
7FF4F6738000
unkown
page readonly
 clean
7FF52AE51000
unkown
page readonly
 clean
1E4FA602000
unkown
page read and write
 clean
7FF59BB83000
unkown
page readonly
 clean
139B81B0000
unkown
page readonly
 clean
7FF4F6949000
unkown
page readonly
 clean
211D7470000
unkown
page readonly
 clean
7FF525CEE000
unkown
page readonly
 clean
7FF525D26000
unkown
page readonly
 clean
7FF5E4421000
unkown
page readonly
 clean
7FF525CB2000
unkown
page readonly
 clean
A6E937F000
unkown
page read and write
 clean
7FF5CFD4E000
unkown
page readonly
 clean
139BC8A4000
unkown
page read and write
 clean
7FF4F68E7000
unkown
page readonly
 clean
7FF5CF951000
unkown
page readonly
 clean
7FF5E4AA9000
unkown
page readonly
 clean
7FF59B880000
unkown
page readonly
 clean
7FF594115000
unkown
page readonly
 clean
7FF5CFAC7000
unkown
page readonly
 clean
326DFE000
unkown
page read and write
 clean
139BC680000
unkown
page read and write
 clean
148FB05A000
unkown
page read and write
 clean
7FF55B410000
unkown
page readonly
 clean
5DE7FFF000
unkown
page read and write
 clean
9F3D4FE000
unkown
page read and write
 clean
7FF593DF2000
unkown
page readonly
 clean
7FF5CFCE7000
unkown
page readonly
 clean
7FF525D62000
unkown
page readonly
 clean
2B03E085000
unkown
page read and write
 clean
C7B0F4F000
unkown
page read and write
 clean
7FF4F67BC000
unkown
page readonly
 clean
7FF5CF9E8000
unkown
page readonly
 clean
7FF5E4AA1000
unkown
page readonly
 clean
7FF4F60F7000
unkown
page readonly
 clean
A6E957B000
unkown
page read and write
 clean
279CD9A0000
heap private
page read and write
 clean
7FF52AE4E000
unkown
page readonly
 clean
139BC770000
unkown
page read and write
 clean
1EE7502A000
unkown
page read and write
 clean
7FF52ACCC000
unkown
page readonly
 clean
7FF552210000
unkown
page readonly
 clean
EEAFBFE000
unkown
page read and write
 clean
7FF59BB3E000
unkown
page readonly
 clean
326FFF000
unkown
page read and write
 clean
7FF571F26000
unkown
page readonly
 clean
7FF5521FE000
unkown
page readonly
 clean
279CE190000
unkown
page read and write
 clean
7FF571EB0000
unkown
page readonly
 clean
25A81A54000
unkown
page read and write
 clean
7FF52AC63000
unkown
page readonly
 clean
7FF59BA9A000
unkown
page readonly
 clean
139B8180000
unkown
page readonly
 clean
139BC790000
unkown
page read and write
 clean
7FF52A94A000
unkown
page readonly
 clean
7FF52ADF4000
unkown
page readonly
 clean
7FF594224000
unkown
page readonly
 clean
139B7918000
unkown
page read and write
 clean
7FF5CFC97000
unkown
page readonly
 clean
74EC8FC000
unkown
page read and write
 clean
7FF552485000
unkown
page readonly
 clean
7FF5524D5000
unkown
page readonly
 clean
25A81A4B000
unkown
page read and write
 clean
7FF571CD7000
unkown
page readonly
 clean
74EC67E000
unkown
page read and write
 clean
7FF4F68AD000
unkown
page readonly
 clean
1EE75200000
unkown
page readonly
 clean
7FF5524BC000
unkown
page readonly
 clean
7FF59BC86000
unkown
page readonly
 clean
148FAE80000
heap default
page read and write
 clean
25A81C00000
unkown
page readonly
 clean
7FF4F68C6000
unkown
page readonly
 clean
139BC6A0000
unkown
page read and write
 clean
23E1A067000
unkown
page read and write
 clean
139BC730000
unkown
page write copy
 clean
2B03EA00000
unkown
page readonly
 clean
7FF52ADDC000
unkown
page readonly
 clean
1E4F9E3A000
unkown
page read and write
 clean
139B728B000
unkown
page read and write
 clean
279CDBC0000
unkown
page readonly
 clean
74B82FC000
unkown
page read and write
 clean
139B7800000
unkown
page read and write
 clean
7FF5B9149000
unkown
page readonly
 clean
25A819F0000
unkown
page readonly
 clean
23E1A070000
unkown
page read and write
 clean
7FF59400F000
unkown
page readonly
 clean
7FF5CFB9F000
unkown
page readonly
 clean
9F3D47C000
unkown
page read and write
 clean
7FF4F6753000
unkown
page readonly
 clean
1C95B5D0000
unkown
page read and write
 clean
139BC690000
unkown
page read and write
 clean
1E38B5E0000
unkown
page read and write
 clean
139B7010000
unkown
page readonly
 clean
7FF5B90CC000
unkown
page readonly
 clean
2553DFB000
unkown
page read and write
 clean
7FF55253E000
unkown
page readonly
 clean
7FF5CFCF3000
unkown
page readonly
 clean
139BC800000
unkown
page read and write
 clean
7FF571BF4000
unkown
page readonly
 clean
7FF548682000
unkown
page readonly
 clean
139BCAA0000
unkown
page readonly
 clean
139B72FB000
unkown
page read and write
 clean
7FF5E4AA9000
unkown
page readonly
 clean
7FF525C5A000
unkown
page readonly
 clean
7FF55B428000
unkown
page readonly
 clean
139B7400000
unkown
page readonly
 clean
7FF594196000
unkown
page readonly
 clean
7FF571F52000
unkown
page readonly
 clean
1C95B400000
heap default
page read and write
 clean
7FF594206000
unkown
page readonly
 clean
1E4F9DC0000
unkown
page readonly
 clean
139BC82D000
unkown
page read and write
 clean
1E38B629000
unkown
page read and write
 clean
139BCAB0000
unkown
page read and write
 clean
279CDA00000
heap default
page read and write
 clean
74EC87E000
unkown
page read and write
 clean
1FC52257000
unkown
page read and write
 clean
1EE74F40000
unkown
page readonly
 clean
1FC52790000
unkown
page readonly
 clean
32695C000
unkown
page read and write
 clean
279CDC5C000
unkown
page read and write
 clean
7FF55B519000
unkown
page readonly
 clean
5188DFF000
unkown
page read and write
 clean
139B7302000
unkown
page read and write
 clean
7FF52AC6D000
unkown
page readonly
 clean
7FF5CFCF7000
unkown
page readonly
 clean
7FF5CFBD1000
unkown
page readonly
 clean
7FF5524E4000
unkown
page readonly
 clean
1EE7508A000
unkown
page read and write
 clean
1FC52318000
unkown
page read and write
 clean
23E1A08F000
unkown
page read and write
 clean
7DFCF8705000
unkown
page readonly
 clean
7FF5B9149000
unkown
page readonly
 clean
1C95B66E000
unkown
page read and write
 clean
25542FE000
unkown
page read and write
 clean
7FF5CFDB4000
unkown
page readonly
 clean
1FC52202000
unkown
page read and write
 clean
518898E000
unkown
page read and write
 clean
7FF4F68B6000
unkown
page readonly
 clean
7FF52AD50000
unkown
page readonly
 clean
7FF548641000
unkown
page readonly
 clean
7FF5CFD7D000
unkown
page readonly
 clean
1EE75113000
unkown
page read and write
 clean
7FF5259CC000
unkown
page readonly
 clean
139B7802000
unkown
page read and write
 clean
279CDC13000
unkown
page read and write
 clean
25547FE000
unkown
page read and write
 clean
2553AFE000
unkown
page read and write
 clean
7FF594289000
unkown
page readonly
 clean
7FF52AD66000
unkown
page readonly
 clean
7FF52AC97000
unkown
page readonly
 clean
7FF54877E000
unkown
page readonly
 clean
E8DCEFE000
unkown
page read and write
 clean
23E1A200000
unkown
page readonly
 clean
7FF52AD9F000
unkown
page readonly
 clean
7FF52ADF7000
unkown
page readonly
 clean
7FF5CF655000
unkown
page readonly
 clean
2B03E000000
unkown
page read and write
 clean
518888C000
unkown
page read and write
 clean
25A81A8A000
unkown
page read and write
 clean
7FF5486F6000
unkown
page readonly
 clean
1FC541D0000
unkown
page readonly
 clean
7FF5CF9A7000
unkown
page readonly
 clean
7FF525D54000
unkown
page readonly
 clean
7FF5B90AD000
unkown
page readonly
 clean
1C95B6C5000
unkown
page read and write
 clean
7FF5CFD8C000
unkown
page readonly
 clean
139B8070000
unkown
page read and write
 clean
7FF5CFD12000
unkown
page readonly
 clean
139B8160000
unkown
page readonly
 clean
C7B13FB000
unkown
page read and write
 clean
1EE75053000
unkown
page read and write
 clean
1FC53E80000
unkown
page readonly
 clean
7FF5E4A40000
unkown
page readonly
 clean
2B03E06F000
unkown
page read and write
 clean
139B8170000
unkown
page readonly
 clean
2553FFD000
unkown
page read and write
 clean
9F3D87D000
unkown
page read and write
 clean
7FF4F666A000
unkown
page readonly
 clean
148FB802000
unkown
page read and write
 clean
7FF525C5E000
unkown
page readonly
 clean
7FF571F54000
unkown
page readonly
 clean
1EE7507E000
unkown
page read and write
 clean
7FF552319000
unkown
page readonly
 clean
25A81B00000
unkown
page read and write
 clean
7FF594180000
unkown
page readonly
 clean
1EE74F60000
unkown
page read and write
 clean
7FF548724000
unkown
page readonly
 clean
7FF5B8D14000
unkown
page readonly
 clean
255427F000
unkown
page read and write
 clean
7FF525D21000
unkown
page readonly
 clean
1EE75108000
unkown
page read and write
 clean
139BCA20000
unkown
page readonly
 clean
7FF552440000
unkown
page readonly
 clean
7FF525A18000
unkown
page readonly
 clean
25A81B13000
unkown
page read and write
 clean
1FC53D02000
unkown
page read and write
 clean
139B723F000
unkown
page read and write
 clean
7FF52AD68000
unkown
page readonly
 clean
7FF4F68E0000
unkown
page readonly
 clean
7FF525D36000
unkown
page readonly
 clean
211D76F5000
heap private
page read and write
 clean
9F3DD7F000
unkown
page read and write
 clean
1E4F9D80000
unkown
page readonly
 clean
7FF525D45000
unkown
page readonly
 clean
5188FFF000
unkown
page read and write
 clean
7FF5E4A47000
unkown
page readonly
 clean
1FC52257000
unkown
page read and write
 clean
359B47C000
unkown
page read and write
 clean
7FF594097000
unkown
page readonly
 clean
7FF5486C5000
unkown
page readonly
 clean
7FF5CFA9C000
unkown
page readonly
 clean
139BC81F000
unkown
page read and write
 clean
7FF552205000
unkown
page readonly
 clean
1E4F9E3D000
unkown
page read and write
 clean
7FF5482C5000
unkown
page readonly
 clean
7FF4F686A000
unkown
page readonly
 clean
1C95C140000
unkown
page readonly
 clean
7FF5CFE10000
unkown
page readonly
 clean
139B77F3000
unkown
page read and write
 clean
7FF525CC8000
unkown
page readonly
 clean
148FAE20000
heap private
page read and write
 clean
7FF5CFCDB000
unkown
page readonly
 clean
C7B0FCF000
unkown
page read and write
 clean
7FF5CF5FC000
unkown
page readonly
 clean
7FF4F6852000
unkown
page readonly
 clean
25A82540000
unkown
page readonly
 clean
7FF5CF9AE000
unkown
page readonly
 clean
7FF4F5D87000
unkown
page readonly
 clean
7FF59BB8D000
unkown
page readonly
 clean
9F3D97F000
unkown
page read and write
 clean
7FF5E48B3000
unkown
page readonly
 clean
7FF5E48E1000
unkown
page readonly
 clean
7FF5CFD08000
unkown
page readonly
 clean
255437E000
unkown
page read and write
 clean
139B81A0000
unkown
page readonly
 clean
7FF571DC7000
unkown
page readonly
 clean
7FF5941FC000
unkown
page readonly
 clean
7FF571F09000
unkown
page readonly
 clean
7FF4F68E4000
unkown
page readonly
 clean
23E1A660000
unkown
page readonly
 clean
326EFB000
unkown
page read and write
 clean
1E4FA0D0000
unkown
page readonly
 clean
139B8150000
unkown
page readonly
 clean
7FF54870C000
unkown
page readonly
 clean
7FF5521F7000
unkown
page readonly
 clean
1E4F9F13000
unkown
page read and write
 clean
25543FE000
unkown
page read and write
 clean
7FF59BBEC000
unkown
page readonly
 clean
7FF5CFD9C000
unkown
page readonly
 clean
7FF5CFE19000
unkown
page readonly
 clean
7FF5CFACE000
unkown
page readonly
 clean
7FF59BBB1000
unkown
page readonly
 clean
1FC52300000
unkown
page read and write
 clean
148FB100000
unkown
page read and write
 clean
7FF52A607000
unkown
page readonly
 clean
1EE75802000
unkown
page read and write
 clean
7FF4F6840000
unkown
page readonly
 clean
7FF5E3EE7000
unkown
page readonly
 clean
1FC521F0000
unkown
page read and write
 clean
7FF5E4A26000
unkown
page readonly
 clean
148FB013000
unkown
page read and write
 clean
5DE7D7B000
unkown
page read and write
 clean
1C95BD32000
unkown
page read and write
 clean
139B8190000
unkown
page readonly
 clean
139BC550000
unkown
page read and write
 clean
7FF59BC70000
unkown
page readonly
 clean
7FF525DAE000
unkown
page readonly
 clean
1EE74E70000
unkown
page readonly
 clean
1C95BE00000
unkown
page readonly
 clean
7FF5941C5000
unkown
page readonly
 clean
7FF525D50000
unkown
page readonly
 clean
23E1A802000
unkown
page read and write
 clean
139B7292000
unkown
page read and write
 clean
1EE75660000
unkown
page readonly
 clean
7FF55B45F000
unkown
page readonly
 clean
7FF571FAE000
unkown
page readonly
 clean
7FF55241A000
unkown
page readonly
 clean
7FF525D2C000
unkown
page readonly
 clean
7FF548637000
unkown
page readonly
 clean
74B84FE000
unkown
page read and write
 clean
7FF571CE3000
unkown
page readonly
 clean
1C95B687000
unkown
page read and write
 clean
279CDC2A000
unkown
page read and write
 clean
7FF55B47D000
unkown
page readonly
 clean
7FF5E45B0000
unkown
page readonly
 clean
7FF5B90E4000
unkown
page readonly
 clean
7FF5B90B6000
unkown
page readonly
 clean
2B03DFD0000
unkown
page readonly
 clean
7FF5255EF000
unkown
page readonly
 clean
359B37E000
unkown
page read and write
 clean
7FF5B8ECF000
unkown
page readonly
 clean
7FF59BD05000
unkown
page readonly
 clean
359BC7C000
unkown
page read and write
 clean
7FF59B456000
unkown
page readonly
 clean
7FF5E49A2000
unkown
page readonly
 clean
7FF55B511000
unkown
page readonly
 clean
7FF571F1D000
unkown
page readonly
 clean
7FF52AC1E000
unkown
page readonly
 clean
139BC690000
unkown
page read and write
 clean
1FC52070000
heap private
page read and write
 clean
7FF594028000
unkown
page readonly
 clean
7FF552452000
unkown
page readonly
 clean
1FC520D0000
heap default
page read and write
 clean
148FBA00000
unkown
page readonly
 clean
7FF5941CF000
unkown
page readonly
 clean
7FF52A297000
unkown
page readonly
 clean
7FF5486D9000
unkown
page readonly
 clean
74B89FC000
unkown
page read and write
 clean
25546FD000
unkown
page read and write
 clean
7FF55B49C000
unkown
page readonly
 clean
7FF59420C000
unkown
page readonly
 clean
7FF52AC48000
unkown
page readonly
 clean
2B03E013000
unkown
page read and write
 clean
7FF571D7A000
unkown
page readonly
 clean
7FF5E49EF000
unkown
page readonly
 clean
7FF5B907E000
unkown
page readonly
 clean
7FF5B8D07000
unkown
page readonly
 clean
139B77D1000
unkown
page read and write
 clean
C7B0ECC000
unkown
page read and write
 clean
7FF5524C6000
unkown
page readonly
 clean
7FF4F671A000
unkown
page readonly
 clean
7FF59BB4A000
unkown
page readonly
 clean
359B2FD000
unkown
page read and write
 clean
7FF552458000
unkown
page readonly
 clean
211D76D0000
unkown
page readonly
 clean
359B8FE000
unkown
page read and write
 clean
1E4F9E5C000
unkown
page read and write
 clean
7FF52ADD6000
unkown
page readonly
 clean
7FF5CFCD1000
unkown
page readonly
 clean
7FF5CF4F0000
unkown
page readonly
 clean
7FF52ADE5000
unkown
page readonly
 clean
7FF59BCE6000
unkown
page readonly
 clean
EEAFDFD000
unkown
page read and write
 clean
1EE7504D000
unkown
page read and write
 clean
211D7A90000
unkown
page readonly
 clean
139B84F0000
unkown
page read and write
 clean
211D9090000
heap private
page read and write
 clean
5DE80FF000
unkown
page read and write
 clean
359B67E000
unkown
page read and write
 clean
7FF4F6885000
unkown
page readonly
 clean
7FF52AD7A000
unkown
page readonly
 clean
7FF59BCFC000
unkown
page readonly
 clean
9F3DA7D000
unkown
page read and write
 clean
2B03DFF0000
unkown
page read and write
 clean
1FC541C0000
unkown
page read and write
 clean
74EC3BC000
unkown
page read and write
 clean
25A81A00000
unkown
page read and write
 clean
139B71E0000
unkown
page read and write
 clean
2B03DF60000
heap private
page read and write
 clean
7FF5941F6000
unkown
page readonly
 clean
1E38B684000
unkown
page read and write
 clean
1C95BB90000
unkown
page readonly
 clean
139BC767000
unkown
page write copy
 clean
1E4F9E00000
unkown
page read and write
 clean
139B7279000
unkown
page read and write
 clean
C7B12F5000
unkown
page read and write
 clean
7FF5E45A0000
unkown
page readonly
 clean
7FF4F6949000
unkown
page readonly
 clean
5188EFF000
unkown
page read and write
 clean
148FB000000
unkown
page read and write
 clean
2B03DFC0000
heap default
page read and write
 clean
139BC660000
unkown
page read and write
 clean
1E4F9E6F000
unkown
page read and write
 clean
139BC7A0000
unkown
page read and write
 clean
1FC541E0000
unkown
page readonly
 clean
7FF552541000
unkown
page readonly
 clean
1E38B639000
unkown
page read and write
 clean
7FF594289000
unkown
page readonly
 clean
139BC510000
unkown
page readonly
 clean
1E4F9D90000
unkown
page readonly
 clean
139BC660000
unkown
page read and write
 clean
7FF55B29F000
unkown
page readonly
 clean
1E4F9E77000
unkown
page read and write
 clean
1E38BB90000
unkown
page readonly
 clean
25A81A29000
unkown
page read and write
 clean
7FF5524E7000
unkown
page readonly
 clean
7FF52ADBD000
unkown
page readonly
 clean
7FF571FB9000
unkown
page readonly
 clean
5DE7A7B000
unkown
page read and write
 clean
7FF5CF955000
unkown
page readonly
 clean
7FF4F6941000
unkown
page readonly
 clean
1FC53E00000
unkown
page read and write
 clean
139B7000000
heap default
page read and write
 clean
7FF571AF5000
unkown
page readonly
 clean
7FF5CFBE0000
unkown
page readonly
 clean
139BC8AF000
unkown
page read and write
 clean
7FF5E486E000
unkown
page readonly
 clean
25544FF000
unkown
page read and write
 clean
7FF5B90E7000
unkown
page readonly
 clean
7FF5E49B2000
unkown
page readonly
 clean
1C95B62A000
unkown
page read and write
 clean
7FF5CF990000
unkown
page readonly
 clean
7FF525DB1000
unkown
page readonly
 clean
139BC7C0000
unkown
page read and write
 clean
1E4F9E29000
unkown
page read and write
 clean
23E1A088000
unkown
page read and write
 clean
5DE7C75000
unkown
page read and write
 clean
139B7815000
unkown
page read and write
 clean
7FF571E45000
unkown
page readonly
 clean
A6E977C000
unkown
page read and write
 clean
E8DD47F000
unkown
page read and write
 clean
7FF552118000
unkown
page readonly
 clean
7FF5B9085000
unkown
page readonly
 clean
7FF593DEE000
unkown
page readonly
 clean
9F3D77E000
unkown
page read and write
 clean
7FF52AB7A000
unkown
page readonly
 clean
139BC7C0000
unkown
page read and write
 clean
7FF55B150000
unkown
page readonly
 clean
7FF5E49CA000
unkown
page readonly
 clean
7FF5E49DE000
unkown
page readonly
 clean
25A81A4D000
unkown
page read and write
 clean
7FF5941D9000
unkown
page readonly
 clean
148FAE90000
unkown
page readonly
 clean
23E1A03C000
unkown
page read and write
 clean
279CE190000
unkown
page read and write
 clean
7FF59BCF6000
unkown
page readonly
 clean
7FF571EF5000
unkown
page readonly
 clean
E8DCE7E000
unkown
page read and write
 clean
7FF59BD17000
unkown
page readonly
 clean
148FB113000
unkown
page read and write
 clean
7FF5CFC8C000
unkown
page readonly
 clean
7FF59BD79000
unkown
page readonly
 clean
7FF525DB9000
unkown
page readonly
 clean
7FF52AD62000
unkown
page readonly
 clean
9F3D67B000
unkown
page read and write
 clean
7FF525DB9000
unkown
page readonly
 clean
7FF59BCC9000
unkown
page readonly
 clean
279CDBD0000
unkown
page read and write
 clean
7FF59427E000
unkown
page readonly
 clean
7FF5CF607000
unkown
page readonly
 clean
139BC684000
unkown
page read and write
 clean
1E4F9E65000
unkown
page read and write
 clean
7FF571C80000
unkown
page readonly
 clean
25A81A8D000
unkown
page read and write
 clean
7FF571C75000
unkown
page readonly
 clean
7FF5B8D00000
unkown
page readonly
 clean
EEB00FF000
unkown
page read and write
 clean
7FF552308000
unkown
page readonly
 clean
211D7540000
unkown
page read and write
 clean
1FC53C02000
unkown
page read and write
 clean
148FB03C000
unkown
page read and write
 clean
7FF55B48C000
unkown
page readonly
 clean
1C95BC02000
unkown
page read and write
 clean
7FF55B486000
unkown
page readonly
 clean
74B7F0E000
unkown
page read and write
 clean
1E4F9E75000
unkown
page read and write
 clean
7FF5E4A1C000
unkown
page readonly
 clean
25A81B02000
unkown
page read and write
 clean
2B03E660000
unkown
page readonly
 clean
23E1A102000
unkown
page read and write
 clean
2B03E029000
unkown
page read and write
 clean
1C95B6BD000
unkown
page read and write
 clean
23E1A027000
unkown
page read and write
 clean
7FF5522E8000
unkown
page readonly
 clean
7FF593FEE000
unkown
page readonly
 clean
3269DE000
unkown
page read and write
 clean
7FF52AE59000
unkown
page readonly
 clean
7FF5B90D5000
unkown
page readonly
 clean
1C95BBA0000
unkown
page write copy
 clean
25A81840000
unkown
page readonly
 clean
7FF55B469000
unkown
page readonly
 clean
7FF59415A000
unkown
page readonly
 clean
139B71C0000
unkown
page readonly
 clean
7FF594198000
unkown
page readonly
 clean
1EE7506A000
unkown
page read and write
 clean
7FF571BF2000
unkown
page readonly
 clean
7FF593ED6000
unkown
page readonly
 clean
139B7275000
unkown
page read and write
 clean
7FF55B43A000
unkown
page readonly
 clean
139B70E0000
unkown
page readonly
 clean
7FF571FB1000
unkown
page readonly
 clean
7FF55B44E000
unkown
page readonly
 clean
7FF5941AA000
unkown
page readonly
 clean
9F3DC7F000
unkown
page read and write
 clean
1E4F9DA0000
unkown
page read and write
 clean
1FC521C0000
unkown
page readonly
 clean
139BC754000
unkown
page readonly
 clean
7FF5940FC000
unkown
page readonly
 clean
7FF593E5F000
unkown
page readonly
 clean
7FF571C16000
unkown
page readonly
 clean
2553BF7000
unkown
page read and write
 clean
148FAF60000
unkown
page readonly
 clean
EEAFE7E000
unkown
page read and write
 clean
7FF525A3C000
unkown
page readonly
 clean
7FF525CF5000
unkown
page readonly
 clean
7FF5941BE000
unkown
page readonly
 clean
139B7F90000
unkown
page read and write
 clean
7FF55247E000
unkown
page readonly
 clean
7FF552499000
unkown
page readonly
 clean
74B7F8D000
unkown
page read and write
 clean
7FF5E48E7000
unkown
page readonly
 clean
7FF5940AC000
unkown
page readonly
 clean
1E38B480000
heap private
page read and write
 clean
1C95B4E0000
unkown
page readonly
 clean
23E19F50000
unkown
page read and write
 clean
1E4FA460000
unkown
page readonly
 clean
EEAF6FC000
unkown
page read and write
 clean
5DE7B7E000
unkown
page read and write
 clean
7FF5E482F000
unkown
page readonly
 clean
7FF59BAFF000
unkown
page readonly
 clean
7FF525A33000
unkown
page readonly
 clean
7FF52AD95000
unkown
page readonly
 clean
7FF54863A000
unkown
page readonly
 clean
25A81A3C000
unkown
page read and write
 clean
74EC6FE000
unkown
page read and write
 clean
359BB7E000
unkown
page read and write
 clean
7FF571F3C000
unkown
page readonly
 clean
7FF571EA8000
unkown
page readonly
 clean
7FF5CFAD5000
unkown
page readonly
 clean
211D9120000
heap private
page read and write
 clean
7FF55B496000
unkown
page readonly
 clean
1FC52247000
unkown
page read and write
 clean
7FF5CFB4C000
unkown
page readonly
 clean
1E38B600000
unkown
page read and write
 clean
211D8F60000
unkown
page readonly
 clean
2B03E102000
unkown
page read and write
 clean
148FB06A000
unkown
page read and write
 clean
7FF4F643A000
unkown
page readonly
 clean
7FF5486ED000
unkown
page readonly
 clean
7FF52AE59000
unkown
page readonly
 clean
211D7590000
heap default
page read and write
 clean
7FF59BD71000
unkown
page readonly
 clean
7FF5E49F9000
unkown
page readonly
 clean
255417F000
unkown
page read and write
 clean
7FF571F36000
unkown
page readonly
 clean
7FF5CFDB7000
unkown
page readonly
 clean
9F3DE7E000
unkown
page read and write
 clean
7FF5E3EE1000
unkown
page readonly
 clean
7FF5CFBE9000
unkown
page readonly
 clean
7FF5E459A000
unkown
page readonly
 clean
139BC7C0000
unkown
page readonly
 clean
7FF571BF8000
unkown
page readonly
 clean
7FF5CFBBE000
unkown
page readonly
 clean
7FF571EB2000
unkown
page readonly
 clean
23E19DF0000
heap private
page read and write
 clean
7FF5E47CA000
unkown
page readonly
 clean
E8DD37F000
unkown
page read and write
 clean
7FF594220000
unkown
page readonly
 clean
EEAF77E000
unkown
page read and write
 clean
7FF571EEE000
unkown
page readonly
 clean
7FF55248F000
unkown
page readonly
 clean
7FF5B90C6000
unkown
page readonly
 clean
23E19F40000
unkown
page readonly
 clean
7FF4F6440000
unkown
page readonly
 clean
7FF5CFB58000
unkown
page readonly
 clean
25A817D0000
heap private
page read and write
 clean
7FF5E4A2C000
unkown
page readonly
 clean
7FF548692000
unkown
page readonly
 clean
7FF4F6450000
unkown
page readonly
 clean
7FF548789000
unkown
page readonly
 clean
7FF55B4A5000
unkown
page readonly
 clean
7FF54855A000
unkown
page readonly
 clean
23E1AA00000
unkown
page readonly
 clean
7FF59BCB5000
unkown
page readonly
 clean
1E4F9D70000
heap default
page read and write
 clean
279CE400000
unkown
page read and write
 clean
139B7258000
unkown
page read and write
 clean
7FF52ADC6000
unkown
page readonly
 clean
7FF5CFCFC000
unkown
page readonly
 clean
23E1A100000
unkown
page read and write
 clean
7FF552456000
unkown
page readonly
 clean
7FF4F6781000
unkown
page readonly
 clean
23E1A002000
unkown
page read and write
 clean
2553A7E000
unkown
page read and write
 clean
7FF5CFAE0000
unkown
page readonly
 clean
7FF571AF1000
unkown
page readonly
 clean
7FF5CFE19000
unkown
page readonly
 clean
1FC52256000
unkown
page read and write
 clean
7FF59BCDD000
unkown
page readonly
 clean
1C95B6CE000
unkown
page read and write
 clean
1E38B63D000
unkown
page read and write
 clean
139BC560000
unkown
page read and write
 clean
23E1A067000
unkown
page read and write
 clean
EEAF7FE000
unkown
page read and write
 clean
139BC681000
unkown
page read and write
 clean
5DE7EF7000
unkown
page read and write
 clean
EEB007E000
unkown
page read and write
 clean
1EE75013000
unkown
page read and write
 clean
1C95B4F0000
unkown
page readonly
 clean
7FF52ADCC000
unkown
page readonly
 clean
7FF4F6858000
unkown
page readonly
 clean
1EE74F50000
unkown
page readonly
 clean
7FF5E4A16000
unkown
page readonly
 clean
7FF594182000
unkown
page readonly
 clean
148FB025000
unkown
page read and write
 clean
2B03DFE0000
unkown
page readonly
 clean
359B7FC000
unkown
page read and write
 clean
7FF5CFD69000
unkown
page readonly
 clean
139BC6A4000
unkown
page read and write
 clean
There are 970 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://direcionarcontabilidade.com.br/fs/tm/authorize_client_id:6vgoqimf-07f1-3hk9-0mfl-t0kgpl5qbirs_ro7dy36vq4pnjkxst8licwg0ab1h9feuzm259rois3ajq0xutm6blckyzh8pevn7wfdg2451kdr3o4wy1a7zhj5ugpcxn0t6l8siqmf29bve?data=YWNjb3VudHNAc3RhbmRyZXcuY28udWs=
 malicious