Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Convert HEX uit phishing mail.htm
|
HTML document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\22a972eb-d9e4-45de-82c6-1bb701bf0051.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\264ead9f-6097-4a7e-8ca4-f709d0d0fd98.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\38c9683a-e416-486e-b057-a6e67a02992f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\409d4fe4-6a5f-424a-a2c5-47a12f644b13.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\464516d9-00fc-45ec-a739-f82b3f146da2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\70fa48f6-5a32-43ff-ab3c-eb857debf6ca.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\98fbf5ab-09cd-4555-a8c8-2b07d3aaa1fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9d8edceb-84f7-4f48-9684-2ffcb5ea27c1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0accabc9-fa60-4f65-a7ea-7d9b5d1c5d84.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\65e5e673-e0b6-42f0-9fae-90f9fde41682.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7e1ea8e6-047d-4d44-ae73-a07efc9b2feb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\941d0dfd-3fac-4374-912f-e90d6b0483de.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9dfe1fee-4a66-4581-83f1-c3e0e326be03.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\da36ed04-88c5-40a4-b059-eb9836bd7189.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\d4ab6060-f37d-4ea2-905c-eec3c17613f6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bf224988-4cd5-46fb-8249-c6138b8a037d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bffa793b-8dbe-405c-a4b4-dd7f82599cb4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c318a30d-36fe-4354-b4ee-4378f131e789.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e1af0235-8458-479f-ab1c-98a50fe17144.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.28.0\Indexing in Progress
|
empty
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir3520_2140828001\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a43b77ed-0b77-4cb4-a694-e0cc5571ec94.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ab94c602-583b-4ea3-84e8-bf77c1d9965c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d6bf2ebe-3934-457d-8dc9-da5a4eda7bcb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ee2ee447-5780-4abe-9e57-20af04770158.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1d4aece2-b9aa-43b7-85f1-c53daee2ae69.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3520_1374344680\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3520_1754930635\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3520_43638511\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3520_482233905\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3520_663501212\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3f04c794-8089-432e-947c-00aced599f90.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\50ad4809-31c0-4a3c-9c8b-469f5d2620b1.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7eca31ac-bd15-435d-ad41-c55750ca56de.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\1d4aece2-b9aa-43b7-85f1-c53daee2ae69.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1534545062\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\7eca31ac-bd15-435d-ad41-c55750ca56de.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3520_1833316042\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 169 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\Convert
HEX uit phishing mail.htm'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1632,14357687303338385437,9119543046795049864,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Convert%20HEX%20uit%20phishing%20mail.htm
|
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://i.stack.imgur.com/vzbuQ.jpg);
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
|
unknown
|
|
|
|
https://i.stack.imgur.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://divisaoeletrica.com.br/sn/fresd.php
|
unknown
|
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.168.65
|
|
|
|
ipv4.imgur.map.fastly.net
|
151.101.12.193
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
i.stack.imgur.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
aadcdn.msftauth.net
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
151.101.12.193
|
ipv4.imgur.map.fastly.net
|
United States
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
172.217.168.65
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
152.199.23.37
|
cs1100.wpc.omegacdn.net
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
17E7FD64000
|
unkown
|
page read and write
|
|
|
|
7FF5F28BE000
|
unkown
|
page readonly
|
|
|
|
1289D1E0000
|
unkown
|
page readonly
|
|
|
|
7FF5860A0000
|
unkown
|
page readonly
|
|
|
|
7FF54F853000
|
unkown
|
page readonly
|
|
|
|
17E7FD54000
|
unkown
|
page read and write
|
|
|
|
585CBFB000
|
unkown
|
page read and write
|
|
|
|
7FF54F91A000
|
unkown
|
page readonly
|
|
|
|
1F3347F0000
|
unkown
|
page readonly
|
|
|
|
7FF5AA277000
|
unkown
|
page readonly
|
|
|
|
1289DB9A000
|
unkown
|
page read and write
|
|
|
|
128A2C80000
|
unkown
|
page read and write
|
|
|
|
23966F8E000
|
unkown
|
page read and write
|
|
|
|
7FF54F886000
|
unkown
|
page readonly
|
|
|
|
7FF586137000
|
unkown
|
page readonly
|
|
|
|
17E7FD63000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
128A2AA9000
|
unkown
|
page read and write
|
|
|
|
1D632D20000
|
heap default
|
page read and write
|
|
|
|
7FF586240000
|
unkown
|
page readonly
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
17E7F471000
|
unkown
|
page read and write
|
|
|
|
6DA779000
|
unkown
|
page read and write
|
|
|
|
128A2940000
|
unkown
|
page read and write
|
|
|
|
7FF5F28C6000
|
unkown
|
page readonly
|
|
|
|
7FF55CDD8000
|
unkown
|
page readonly
|
|
|
|
1F3347A0000
|
unkown
|
page read and write
|
|
|
|
17E7FB80000
|
unkown
|
page readonly
|
|
|
|
128A2AE4000
|
unkown
|
page read and write
|
|
|
|
7FF54F85D000
|
unkown
|
page readonly
|
|
|
|
128A2830000
|
unkown
|
page read and write
|
|
|
|
73AF67A000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
7FF586327000
|
unkown
|
page readonly
|
|
|
|
1C48FA00000
|
unkown
|
page readonly
|
|
|
|
128A2AEA000
|
unkown
|
page read and write
|
|
|
|
7FF588D1C000
|
unkown
|
page readonly
|
|
|
|
1F3347E0000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F74000
|
unkown
|
page readonly
|
|
|
|
1F334840000
|
unkown
|
page read and write
|
|
|
|
17E7F360000
|
unkown
|
page readonly
|
|
|
|
128A2980000
|
unkown
|
page read and write
|
|
|
|
128A2904000
|
unkown
|
page read and write
|
|
|
|
1F334B35000
|
heap private
|
page read and write
|
|
|
|
1AC3B86D000
|
unkown
|
page read and write
|
|
|
|
1289D23D000
|
unkown
|
page read and write
|
|
|
|
7FF5E9C1D000
|
unkown
|
page readonly
|
|
|
|
17E7F3C0000
|
unkown
|
page readonly
|
|
|
|
7FF55CEE6000
|
unkown
|
page readonly
|
|
|
|
7FF54F750000
|
unkown
|
page readonly
|
|
|
|
7FF54F942000
|
unkown
|
page readonly
|
|
|
|
128A2A2D000
|
unkown
|
page read and write
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
7FF54F936000
|
unkown
|
page readonly
|
|
|
|
17E00000000
|
unkown
|
page readonly
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
7FF5AA5D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA05A000
|
unkown
|
page readonly
|
|
|
|
1289D1F0000
|
unkown
|
page readonly
|
|
|
|
7FF5AA79A000
|
unkown
|
page readonly
|
|
|
|
7FF5E9DE4000
|
unkown
|
page readonly
|
|
|
|
1289E110000
|
unkown
|
page read and write
|
|
|
|
1289D940000
|
unkown
|
page read and write
|
|
|
|
17E7FD5E000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
1D632F02000
|
unkown
|
page read and write
|
|
|
|
17E7FD4B000
|
unkown
|
page read and write
|
|
|
|
17E7FDBD000
|
unkown
|
page read and write
|
|
|
|
17E7F429000
|
unkown
|
page read and write
|
|
|
|
1C48F03C000
|
unkown
|
page read and write
|
|
|
|
17E7F4D2000
|
unkown
|
page read and write
|
|
|
|
17E7FD53000
|
unkown
|
page read and write
|
|
|
|
4F13CFF000
|
unkown
|
page read and write
|
|
|
|
17E7F6D0000
|
unkown
|
page readonly
|
|
|
|
7FF586273000
|
unkown
|
page readonly
|
|
|
|
7FF55CF19000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BE1000
|
unkown
|
page readonly
|
|
|
|
7FF5AA7B3000
|
unkown
|
page readonly
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
7FF588F44000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FD9000
|
unkown
|
page readonly
|
|
|
|
7FF5AA587000
|
unkown
|
page readonly
|
|
|
|
7FF54F8F4000
|
unkown
|
page readonly
|
|
|
|
7FF5860C4000
|
unkown
|
page readonly
|
|
|
|
128A2990000
|
unkown
|
page readonly
|
|
|
|
17E7FE61000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E95000
|
unkown
|
page readonly
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
7FF5F295D000
|
unkown
|
page readonly
|
|
|
|
7FF55CF17000
|
unkown
|
page readonly
|
|
|
|
1AC3BE70000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
4F133BB000
|
unkown
|
page read and write
|
|
|
|
7FF588F86000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
128A2AF7000
|
unkown
|
page read and write
|
|
|
|
7FF5E9DBE000
|
unkown
|
page readonly
|
|
|
|
7FF55CF8B000
|
unkown
|
page readonly
|
|
|
|
17E7FD51000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
17E7F4FB000
|
unkown
|
page read and write
|
|
|
|
1F3355E0000
|
unkown
|
page read and write
|
|
|
|
7FF54F5B1000
|
unkown
|
page readonly
|
|
|
|
17E7F4EA000
|
unkown
|
page read and write
|
|
|
|
17E7FD38000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
1F3348F9000
|
heap default
|
page read and write
|
|
|
|
7FF5E9D90000
|
unkown
|
page readonly
|
|
|
|
7FF54F84F000
|
unkown
|
page readonly
|
|
|
|
7FF5AA385000
|
unkown
|
page readonly
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF588EA4000
|
unkown
|
page readonly
|
|
|
|
1F3346D0000
|
unkown
|
page readonly
|
|
|
|
585C6FB000
|
unkown
|
page read and write
|
|
|
|
7FF54F788000
|
unkown
|
page readonly
|
|
|
|
1D633800000
|
unkown
|
page readonly
|
|
|
|
1289D2AB000
|
unkown
|
page read and write
|
|
|
|
7FF5F2996000
|
unkown
|
page readonly
|
|
|
|
1F334F50000
|
unkown
|
page readonly
|
|
|
|
1289D400000
|
unkown
|
page readonly
|
|
|
|
7FF58610A000
|
unkown
|
page readonly
|
|
|
|
7FF54F933000
|
unkown
|
page readonly
|
|
|
|
7FF5862A6000
|
unkown
|
page readonly
|
|
|
|
1AC3B856000
|
unkown
|
page read and write
|
|
|
|
48FAFFA000
|
unkown
|
page read and write
|
|
|
|
7FF58606A000
|
unkown
|
page readonly
|
|
|
|
7FF58610F000
|
unkown
|
page readonly
|
|
|
|
23966F85000
|
unkown
|
page read and write
|
|
|
|
1C48F113000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F64000
|
unkown
|
page readonly
|
|
|
|
1289D930000
|
unkown
|
page read and write
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
7FF5AA431000
|
unkown
|
page readonly
|
|
|
|
128A26D0000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF5AA6F2000
|
unkown
|
page readonly
|
|
|
|
1F3348DC000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
1289E310000
|
unkown
|
page readonly
|
|
|
|
7FF586261000
|
unkown
|
page readonly
|
|
|
|
128A2839000
|
unkown
|
page read and write
|
|
|
|
75388AB000
|
unkown
|
page read and write
|
|
|
|
1D633B40000
|
unkown
|
page readonly
|
|
|
|
17E7F4ED000
|
unkown
|
page read and write
|
|
|
|
128A283D000
|
unkown
|
page read and write
|
|
|
|
1D632E3A000
|
unkown
|
page read and write
|
|
|
|
17E7FD2F000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
1C48EF90000
|
unkown
|
page readonly
|
|
|
|
1289D302000
|
unkown
|
page read and write
|
|
|
|
1C48F200000
|
unkown
|
page readonly
|
|
|
|
17E7FD41000
|
unkown
|
page read and write
|
|
|
|
6DB07A000
|
unkown
|
page read and write
|
|
|
|
17E7FE54000
|
unkown
|
page read and write
|
|
|
|
128A2990000
|
unkown
|
page read and write
|
|
|
|
128A2D60000
|
unkown
|
page readonly
|
|
|
|
23967160000
|
unkown
|
page readonly
|
|
|
|
17E7FB30000
|
unkown
|
page write copy
|
|
|
|
128A2970000
|
unkown
|
page read and write
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
1F334B39000
|
heap private
|
page read and write
|
|
|
|
17E7F46D000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF5EA044000
|
unkown
|
page readonly
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
1AC3B913000
|
unkown
|
page read and write
|
|
|
|
7FF586367000
|
unkown
|
page readonly
|
|
|
|
7FF55CFB3000
|
unkown
|
page readonly
|
|
|
|
1AC3B800000
|
unkown
|
page read and write
|
|
|
|
1C48F2D0000
|
unkown
|
page readonly
|
|
|
|
7FF5E9CF1000
|
unkown
|
page readonly
|
|
|
|
7FF586035000
|
unkown
|
page readonly
|
|
|
|
7FF5F28E6000
|
unkown
|
page readonly
|
|
|
|
17E7FD4D000
|
unkown
|
page read and write
|
|
|
|
17E7F400000
|
unkown
|
page read and write
|
|
|
|
7FF586070000
|
unkown
|
page readonly
|
|
|
|
128A2710000
|
unkown
|
page read and write
|
|
|
|
1C48F102000
|
unkown
|
page read and write
|
|
|
|
1289D213000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF5E9B06000
|
unkown
|
page readonly
|
|
|
|
128A2950000
|
unkown
|
page read and write
|
|
|
|
73AF57E000
|
unkown
|
page read and write
|
|
|
|
1289DB9A000
|
unkown
|
page read and write
|
|
|
|
7FF58627D000
|
unkown
|
page readonly
|
|
|
|
17E7FD55000
|
unkown
|
page read and write
|
|
|
|
7FF58628A000
|
unkown
|
page readonly
|
|
|
|
1AC3C002000
|
unkown
|
page read and write
|
|
|
|
128A26B0000
|
unkown
|
page read and write
|
|
|
|
128A2C70000
|
unkown
|
page readonly
|
|
|
|
7FF55CED3000
|
unkown
|
page readonly
|
|
|
|
1D632E4F000
|
unkown
|
page read and write
|
|
|
|
17E7FD64000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF54F8F7000
|
unkown
|
page readonly
|
|
|
|
7FF586107000
|
unkown
|
page readonly
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
17E7F4BE000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
7FF5E9D5F000
|
unkown
|
page readonly
|
|
|
|
7FF55CFC7000
|
unkown
|
page readonly
|
|
|
|
128A2AEB000
|
unkown
|
page read and write
|
|
|
|
128A2720000
|
unkown
|
page read and write
|
|
|
|
17E7F46D000
|
unkown
|
page read and write
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
1AC3B802000
|
unkown
|
page read and write
|
|
|
|
128A2ACF000
|
unkown
|
page read and write
|
|
|
|
1F335020000
|
unkown
|
page readonly
|
|
|
|
17E7FD00000
|
unkown
|
page read and write
|
|
|
|
48FAF79000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
7FF5AA271000
|
unkown
|
page readonly
|
|
|
|
585C77E000
|
unkown
|
page read and write
|
|
|
|
7FF58601A000
|
unkown
|
page readonly
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1289D271000
|
unkown
|
page read and write
|
|
|
|
1F3353B0000
|
unkown
|
page read and write
|
|
|
|
7FF55CDD5000
|
unkown
|
page readonly
|
|
|
|
1289E330000
|
unkown
|
page readonly
|
|
|
|
7FF55CEC1000
|
unkown
|
page readonly
|
|
|
|
1F3348D4000
|
unkown
|
page read and write
|
|
|
|
7FF5AA55A000
|
unkown
|
page readonly
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
128A2854000
|
unkown
|
page read and write
|
|
|
|
17E7F4C5000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
1D632E00000
|
unkown
|
page read and write
|
|
|
|
128A2AF6000
|
unkown
|
page read and write
|
|
|
|
17E7FD5A000
|
unkown
|
page read and write
|
|
|
|
1289DA15000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
753917F000
|
unkown
|
page read and write
|
|
|
|
7FF54F758000
|
unkown
|
page readonly
|
|
|
|
17E7F43C000
|
unkown
|
page read and write
|
|
|
|
17E7FD26000
|
unkown
|
page read and write
|
|
|
|
23966F8E000
|
unkown
|
page read and write
|
|
|
|
128A2D50000
|
unkown
|
page read and write
|
|
|
|
7FF54F7C5000
|
unkown
|
page readonly
|
|
|
|
7FF54F8F1000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
1289D313000
|
unkown
|
page read and write
|
|
|
|
6DAE7E000
|
unkown
|
page read and write
|
|
|
|
7FF586052000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
17E7FD7D000
|
unkown
|
page read and write
|
|
|
|
585CE7E000
|
unkown
|
page read and write
|
|
|
|
7FF54F904000
|
unkown
|
page readonly
|
|
|
|
17E7FD4F000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F69000
|
unkown
|
page readonly
|
|
|
|
7538CF5000
|
unkown
|
page read and write
|
|
|
|
7FF5AA7C7000
|
unkown
|
page readonly
|
|
|
|
128A2C90000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
1D632E3C000
|
unkown
|
page read and write
|
|
|
|
7FF55CEEA000
|
unkown
|
page readonly
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
7FF5AA6BF000
|
unkown
|
page readonly
|
|
|
|
5B3EFFE000
|
unkown
|
page read and write
|
|
|
|
7FF585B76000
|
unkown
|
page readonly
|
|
|
|
128A2990000
|
unkown
|
page read and write
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
1D632E4C000
|
unkown
|
page read and write
|
|
|
|
7FF54F6DA000
|
unkown
|
page readonly
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
7FF54F88D000
|
unkown
|
page readonly
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1289E2F0000
|
unkown
|
page readonly
|
|
|
|
17E7FD5C000
|
unkown
|
page read and write
|
|
|
|
7FF55CF71000
|
unkown
|
page readonly
|
|
|
|
17E7FD4B000
|
unkown
|
page read and write
|
|
|
|
6DB17C000
|
unkown
|
page read and write
|
|
|
|
128A2AED000
|
unkown
|
page read and write
|
|
|
|
7FF55CEDD000
|
unkown
|
page readonly
|
|
|
|
48FB0FE000
|
unkown
|
page read and write
|
|
|
|
17E7F4A7000
|
unkown
|
page read and write
|
|
|
|
1F334850000
|
unkown
|
page read and write
|
|
|
|
1F334B30000
|
heap private
|
page read and write
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1289D276000
|
unkown
|
page read and write
|
|
|
|
7FF588E8F000
|
unkown
|
page readonly
|
|
|
|
6DADFF000
|
unkown
|
page read and write
|
|
|
|
128A2AF6000
|
unkown
|
page read and write
|
|
|
|
1C48F055000
|
unkown
|
page read and write
|
|
|
|
7FF5F2951000
|
unkown
|
page readonly
|
|
|
|
128A2990000
|
unkown
|
page read and write
|
|
|
|
7FF586362000
|
unkown
|
page readonly
|
|
|
|
7FF586314000
|
unkown
|
page readonly
|
|
|
|
7FF585EE9000
|
unkown
|
page readonly
|
|
|
|
1D632F13000
|
unkown
|
page read and write
|
|
|
|
7FF5AA5D8000
|
unkown
|
page readonly
|
|
|
|
7FF5F29A7000
|
unkown
|
page readonly
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
1289D170000
|
heap private
|
page read and write
|
|
|
|
128A2CE0000
|
unkown
|
page read and write
|
|
|
|
1C48F108000
|
unkown
|
page read and write
|
|
|
|
7FF54F872000
|
unkown
|
page readonly
|
|
|
|
7FF5862AD000
|
unkown
|
page readonly
|
|
|
|
6DABFE000
|
unkown
|
page read and write
|
|
|
|
48FB07F000
|
unkown
|
page read and write
|
|
|
|
128A2900000
|
unkown
|
page readonly
|
|
|
|
7FF585B10000
|
unkown
|
page readonly
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
7FF5AA5B6000
|
unkown
|
page readonly
|
|
|
|
128A2A4B000
|
unkown
|
page read and write
|
|
|
|
1289DB9A000
|
unkown
|
page read and write
|
|
|
|
17E7FD2B000
|
unkown
|
page read and write
|
|
|
|
1C48EF80000
|
heap default
|
page read and write
|
|
|
|
23966F77000
|
heap default
|
page read and write
|
|
|
|
17E7FD5C000
|
unkown
|
page read and write
|
|
|
|
128A2A1F000
|
unkown
|
page read and write
|
|
|
|
23967130000
|
unkown
|
page read and write
|
|
|
|
6DAD7A000
|
unkown
|
page read and write
|
|
|
|
7FF58626F000
|
unkown
|
page readonly
|
|
|
|
7538DFB000
|
unkown
|
page read and write
|
|
|
|
7FF588ED6000
|
unkown
|
page readonly
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
128A2AE6000
|
unkown
|
page read and write
|
|
|
|
1289E103000
|
unkown
|
page read and write
|
|
|
|
7FF54F90B000
|
unkown
|
page readonly
|
|
|
|
128A29E0000
|
unkown
|
page readonly
|
|
|
|
7FF5AA7C7000
|
unkown
|
page readonly
|
|
|
|
1AC3B902000
|
unkown
|
page read and write
|
|
|
|
7FF55CF87000
|
unkown
|
page readonly
|
|
|
|
7FF588F47000
|
unkown
|
page readonly
|
|
|
|
1C48F070000
|
unkown
|
page read and write
|
|
|
|
7FF5861D1000
|
unkown
|
page readonly
|
|
|
|
17E7FDBD000
|
unkown
|
page read and write
|
|
|
|
128A2D30000
|
unkown
|
page read and write
|
|
|
|
7FF586028000
|
unkown
|
page readonly
|
|
|
|
4F136FF000
|
unkown
|
page read and write
|
|
|
|
17E7F3D0000
|
unkown
|
page readonly
|
|
|
|
7FF54F947000
|
unkown
|
page readonly
|
|
|
|
7FF5E9DCB000
|
unkown
|
page readonly
|
|
|
|
7FF55CF0D000
|
unkown
|
page readonly
|
|
|
|
7FF588F5B000
|
unkown
|
page readonly
|
|
|
|
7538E7E000
|
unkown
|
page read and write
|
|
|
|
7FF54F755000
|
unkown
|
page readonly
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
128A2833000
|
unkown
|
page read and write
|
|
|
|
1289E2D0000
|
unkown
|
page readonly
|
|
|
|
6DAC7E000
|
unkown
|
page read and write
|
|
|
|
128A2CF7000
|
unkown
|
page readonly
|
|
|
|
7FF54ED67000
|
unkown
|
page readonly
|
|
|
|
1C48F04F000
|
unkown
|
page read and write
|
|
|
|
1C48F02A000
|
unkown
|
page read and write
|
|
|
|
7FF585F25000
|
unkown
|
page readonly
|
|
|
|
17E7F3E0000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
1F334830000
|
unkown
|
page read and write
|
|
|
|
7FF5F2993000
|
unkown
|
page readonly
|
|
|
|
1F3348DC000
|
unkown
|
page read and write
|
|
|
|
7FF5E94A1000
|
unkown
|
page readonly
|
|
|
|
7FF588DA8000
|
unkown
|
page readonly
|
|
|
|
17E7FD0F000
|
unkown
|
page read and write
|
|
|
|
7FF588DD1000
|
unkown
|
page readonly
|
|
|
|
1D632E4A000
|
unkown
|
page read and write
|
|
|
|
17E7F44D000
|
unkown
|
page read and write
|
|
|
|
7FF5E9DC0000
|
unkown
|
page readonly
|
|
|
|
7FF588EB6000
|
unkown
|
page readonly
|
|
|
|
128A2A89000
|
unkown
|
page read and write
|
|
|
|
128A2960000
|
unkown
|
page read and write
|
|
|
|
4F139F7000
|
unkown
|
page read and write
|
|
|
|
7FF5AA5D5000
|
unkown
|
page readonly
|
|
|
|
7FF586292000
|
unkown
|
page readonly
|
|
|
|
7FF5E9E2F000
|
unkown
|
page readonly
|
|
|
|
7FF586059000
|
unkown
|
page readonly
|
|
|
|
1289D26C000
|
unkown
|
page read and write
|
|
|
|
7FF55CA77000
|
unkown
|
page readonly
|
|
|
|
1D632F08000
|
unkown
|
page read and write
|
|
|
|
1AC3B83C000
|
unkown
|
page read and write
|
|
|
|
128A2990000
|
unkown
|
page read and write
|
|
|
|
5B3EB0C000
|
unkown
|
page read and write
|
|
|
|
73AF377000
|
unkown
|
page read and write
|
|
|
|
17E7FD87000
|
unkown
|
page read and write
|
|
|
|
17E7F413000
|
unkown
|
page read and write
|
|
|
|
7FF5E9B03000
|
unkown
|
page readonly
|
|
|
|
17E7FD60000
|
unkown
|
page read and write
|
|
|
|
128A2D64000
|
unkown
|
page readonly
|
|
|
|
128A29D0000
|
unkown
|
page readonly
|
|
|
|
17E7FD41000
|
unkown
|
page read and write
|
|
|
|
7FF5EA087000
|
unkown
|
page readonly
|
|
|
|
1AC3B7C0000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F7F000
|
unkown
|
page readonly
|
|
|
|
128A2934000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FC6000
|
unkown
|
page readonly
|
|
|
|
1AC3B88E000
|
unkown
|
page read and write
|
|
|
|
17E7F516000
|
unkown
|
page read and write
|
|
|
|
1D633602000
|
unkown
|
page read and write
|
|
|
|
7FF5AA6DD000
|
unkown
|
page readonly
|
|
|
|
1289D4D0000
|
unkown
|
page readonly
|
|
|
|
7FF55CFC7000
|
unkown
|
page readonly
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
1D632D30000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F9D000
|
unkown
|
page readonly
|
|
|
|
128A2870000
|
unkown
|
page read and write
|
|
|
|
17E7FD61000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F35000
|
unkown
|
page readonly
|
|
|
|
17E7FD4F000
|
unkown
|
page read and write
|
|
|
|
128A2834000
|
unkown
|
page read and write
|
|
|
|
7FF58600D000
|
unkown
|
page readonly
|
|
|
|
7FF5F28F9000
|
unkown
|
page readonly
|
|
|
|
23967060000
|
unkown
|
page readonly
|
|
|
|
7FF55CF9A000
|
unkown
|
page readonly
|
|
|
|
128A2930000
|
unkown
|
page read and write
|
|
|
|
17E7F3E0000
|
unkown
|
page readonly
|
|
|
|
128A2838000
|
unkown
|
page read and write
|
|
|
|
1F334D50000
|
unkown
|
page readonly
|
|
|
|
7FF5AA7C2000
|
unkown
|
page readonly
|
|
|
|
7FF585EDC000
|
unkown
|
page readonly
|
|
|
|
17E7FDC2000
|
unkown
|
page read and write
|
|
|
|
17E7F370000
|
unkown
|
page read and write
|
|
|
|
17E7FD86000
|
unkown
|
page read and write
|
|
|
|
6DA5F7000
|
unkown
|
page read and write
|
|
|
|
1AC3B7A0000
|
unkown
|
page readonly
|
|
|
|
6DA4FE000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
7FF588F83000
|
unkown
|
page readonly
|
|
|
|
73AF7F8000
|
unkown
|
page read and write
|
|
|
|
73AF6FE000
|
unkown
|
page read and write
|
|
|
|
128A2AF5000
|
unkown
|
page read and write
|
|
|
|
128A2AEA000
|
unkown
|
page read and write
|
|
|
|
7FF586356000
|
unkown
|
page readonly
|
|
|
|
128A2874000
|
unkown
|
page read and write
|
|
|
|
7FF5EA076000
|
unkown
|
page readonly
|
|
|
|
17E7FD51000
|
unkown
|
page read and write
|
|
|
|
7FF5E9FB2000
|
unkown
|
page readonly
|
|
|
|
73AED2B000
|
unkown
|
page read and write
|
|
|
|
7FF5861A1000
|
unkown
|
page readonly
|
|
|
|
17E7FD41000
|
unkown
|
page read and write
|
|
|
|
7FF5F28ED000
|
unkown
|
page readonly
|
|
|
|
7FF5F2957000
|
unkown
|
page readonly
|
|
|
|
17E7FD3E000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF5EA082000
|
unkown
|
page readonly
|
|
|
|
1289DA02000
|
unkown
|
page read and write
|
|
|
|
17E7F508000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF588EE9000
|
unkown
|
page readonly
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
7FF585BEA000
|
unkown
|
page readonly
|
|
|
|
23966F8E000
|
unkown
|
page read and write
|
|
|
|
128A2A3E000
|
unkown
|
page read and write
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
128A2CA0000
|
unkown
|
page readonly
|
|
|
|
17E7FC02000
|
unkown
|
page read and write
|
|
|
|
7FF5F217B000
|
unkown
|
page readonly
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
1AC3B813000
|
unkown
|
page read and write
|
|
|
|
1289DBDC000
|
unkown
|
page read and write
|
|
|
|
1F335630000
|
unkown
|
page read and write
|
|
|
|
1D633200000
|
unkown
|
page readonly
|
|
|
|
1AC3C200000
|
unkown
|
page readonly
|
|
|
|
1289DBDB000
|
unkown
|
page read and write
|
|
|
|
1AC3B829000
|
unkown
|
page read and write
|
|
|
|
128A2D70000
|
unkown
|
page readonly
|
|
|
|
128A2AED000
|
unkown
|
page read and write
|
|
|
|
17E00340000
|
unkown
|
page readonly
|
|
|
|
7FF55CDB6000
|
unkown
|
page readonly
|
|
|
|
7FF588715000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FD7000
|
unkown
|
page readonly
|
|
|
|
1D633470000
|
unkown
|
page readonly
|
|
|
|
7FF55CFB6000
|
unkown
|
page readonly
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
7538F77000
|
unkown
|
page read and write
|
|
|
|
7FF586311000
|
unkown
|
page readonly
|
|
|
|
753892E000
|
unkown
|
page read and write
|
|
|
|
7FF5AA6CF000
|
unkown
|
page readonly
|
|
|
|
128A283C000
|
unkown
|
page read and write
|
|
|
|
7FF588774000
|
unkown
|
page readonly
|
|
|
|
48FAE7E000
|
unkown
|
page read and write
|
|
|
|
128A283E000
|
unkown
|
page read and write
|
|
|
|
7FF585F27000
|
unkown
|
page readonly
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1289DB99000
|
unkown
|
page read and write
|
|
|
|
7FF55CC31000
|
unkown
|
page readonly
|
|
|
|
7FF585EFB000
|
unkown
|
page readonly
|
|
|
|
23966F40000
|
unkown
|
page read and write
|
|
|
|
7FF586324000
|
unkown
|
page readonly
|
|
|
|
128A2AED000
|
unkown
|
page read and write
|
|
|
|
7FF586234000
|
unkown
|
page readonly
|
|
|
|
7FF586286000
|
unkown
|
page readonly
|
|
|
|
7FF5E9E47000
|
unkown
|
page readonly
|
|
|
|
7FF586244000
|
unkown
|
page readonly
|
|
|
|
7FF55CF06000
|
unkown
|
page readonly
|
|
|
|
128A2AA0000
|
unkown
|
page read and write
|
|
|
|
17E7FD91000
|
unkown
|
page read and write
|
|
|
|
17E7FD27000
|
unkown
|
page read and write
|
|
|
|
7FF5E9919000
|
unkown
|
page readonly
|
|
|
|
1289D256000
|
unkown
|
page read and write
|
|
|
|
17E7FE61000
|
unkown
|
page read and write
|
|
|
|
753907F000
|
unkown
|
page read and write
|
|
|
|
7FF55CF74000
|
unkown
|
page readonly
|
|
|
|
1289E690000
|
unkown
|
page read and write
|
|
|
|
1AC3B900000
|
unkown
|
page read and write
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
1D632F00000
|
unkown
|
page read and write
|
|
|
|
7FF586317000
|
unkown
|
page readonly
|
|
|
|
7FF5862BE000
|
unkown
|
page readonly
|
|
|
|
128A283F000
|
unkown
|
page read and write
|
|
|
|
17E7FDCB000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EC8000
|
unkown
|
page readonly
|
|
|
|
128A2851000
|
unkown
|
page read and write
|
|
|
|
7FF586013000
|
unkown
|
page readonly
|
|
|
|
7FF54F707000
|
unkown
|
page readonly
|
|
|
|
7FF5F297A000
|
unkown
|
page readonly
|
|
|
|
17E7F4A8000
|
unkown
|
page read and write
|
|
|
|
17E7FDCB000
|
unkown
|
page read and write
|
|
|
|
17E7F3E0000
|
unkown
|
page read and write
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
7FF54F841000
|
unkown
|
page readonly
|
|
|
|
7FF54F83F000
|
unkown
|
page readonly
|
|
|
|
7FF5860AB000
|
unkown
|
page readonly
|
|
|
|
7FF54F8FD000
|
unkown
|
page readonly
|
|
|
|
7FF5A9BE7000
|
unkown
|
page readonly
|
|
|
|
7FF586254000
|
unkown
|
page readonly
|
|
|
|
128A2AC5000
|
unkown
|
page read and write
|
|
|
|
17E7F340000
|
heap default
|
page read and write
|
|
|
|
1D632E4D000
|
unkown
|
page read and write
|
|
|
|
7FF5EA03D000
|
unkown
|
page readonly
|
|
|
|
7FF5F29A7000
|
unkown
|
page readonly
|
|
|
|
23967290000
|
unkown
|
page readonly
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1289D1D0000
|
heap default
|
page read and write
|
|
|
|
7FF5E9915000
|
unkown
|
page readonly
|
|
|
|
6DAA7B000
|
unkown
|
page read and write
|
|
|
|
128A2D48000
|
unkown
|
page readonly
|
|
|
|
17E7FD23000
|
unkown
|
page read and write
|
|
|
|
4F13AFD000
|
unkown
|
page read and write
|
|
|
|
73AF07E000
|
unkown
|
page read and write
|
|
|
|
1C48F100000
|
unkown
|
page read and write
|
|
|
|
128A2AEA000
|
unkown
|
page read and write
|
|
|
|
4F138FB000
|
unkown
|
page read and write
|
|
|
|
7FF586249000
|
unkown
|
page readonly
|
|
|
|
17E7FD91000
|
unkown
|
page read and write
|
|
|
|
17E7F462000
|
unkown
|
page read and write
|
|
|
|
48FABFA000
|
unkown
|
page read and write
|
|
|
|
75389AE000
|
unkown
|
page read and write
|
|
|
|
7FF55CEBF000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FA6000
|
unkown
|
page readonly
|
|
|
|
7FF5AA7B6000
|
unkown
|
page readonly
|
|
|
|
7FF55CD5A000
|
unkown
|
page readonly
|
|
|
|
23966F72000
|
unkown
|
page read and write
|
|
|
|
128A2850000
|
unkown
|
page read and write
|
|
|
|
73AF278000
|
unkown
|
page read and write
|
|
|
|
7FF5AA774000
|
unkown
|
page readonly
|
|
|
|
17E7FD25000
|
unkown
|
page read and write
|
|
|
|
1F334B40000
|
unkown
|
page read and write
|
|
|
|
7FF5EA073000
|
unkown
|
page readonly
|
|
|
|
7FF58603F000
|
unkown
|
page readonly
|
|
|
|
5B3EF79000
|
unkown
|
page read and write
|
|
|
|
1C48F802000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E90000
|
unkown
|
page readonly
|
|
|
|
17E7FD5C000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
7FF54F505000
|
unkown
|
page readonly
|
|
|
|
128A2832000
|
unkown
|
page read and write
|
|
|
|
17E7FD77000
|
unkown
|
page read and write
|
|
|
|
17E7F350000
|
unkown
|
page readonly
|
|
|
|
128A2928000
|
unkown
|
page read and write
|
|
|
|
7FF54F3F1000
|
unkown
|
page readonly
|
|
|
|
17E7F483000
|
unkown
|
page read and write
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
5B3F07B000
|
unkown
|
page read and write
|
|
|
|
1289E000000
|
unkown
|
page read and write
|
|
|
|
7FF5862B9000
|
unkown
|
page readonly
|
|
|
|
4F13BFF000
|
unkown
|
page read and write
|
|
|
|
128A2831000
|
unkown
|
page read and write
|
|
|
|
128A2AD6000
|
unkown
|
page read and write
|
|
|
|
17E7FD0D000
|
unkown
|
page read and write
|
|
|
|
23966F86000
|
unkown
|
page read and write
|
|
|
|
7FF55CE08000
|
unkown
|
page readonly
|
|
|
|
7FF586215000
|
unkown
|
page readonly
|
|
|
|
1289E1F0000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
7FF56DE3B000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FCD000
|
unkown
|
page readonly
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
7FF5F2964000
|
unkown
|
page readonly
|
|
|
|
7FF55CDD0000
|
unkown
|
page readonly
|
|
|
|
7FF5AA608000
|
unkown
|
page readonly
|
|
|
|
73AF477000
|
unkown
|
page read and write
|
|
|
|
1F334890000
|
heap default
|
page read and write
|
|
|
|
7FF5F2954000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F05000
|
unkown
|
page readonly
|
|
|
|
17E7FD5C000
|
unkown
|
page read and write
|
|
|
|
6DA879000
|
unkown
|
page read and write
|
|
|
|
17E7FD07000
|
unkown
|
page read and write
|
|
|
|
7FF58625F000
|
unkown
|
page readonly
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
1C48F000000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
1D632E70000
|
unkown
|
page read and write
|
|
|
|
17E7FD51000
|
unkown
|
page read and write
|
|
|
|
17E7FD26000
|
unkown
|
page read and write
|
|
|
|
128A283E000
|
unkown
|
page read and write
|
|
|
|
1C48EFA0000
|
unkown
|
page readonly
|
|
|
|
128A26E0000
|
unkown
|
page readonly
|
|
|
|
128A2AE0000
|
unkown
|
page read and write
|
|
|
|
7FF5F253D000
|
unkown
|
page readonly
|
|
|
|
1D633000000
|
unkown
|
page readonly
|
|
|
|
7FF5F28B5000
|
unkown
|
page readonly
|
|
|
|
7FF5F28B3000
|
unkown
|
page readonly
|
|
|
|
128A2AE6000
|
unkown
|
page read and write
|
|
|
|
585CC7E000
|
unkown
|
page read and write
|
|
|
|
1F3355C0000
|
unkown
|
page readonly
|
|
|
|
1289DB18000
|
unkown
|
page read and write
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
1C48FD40000
|
unkown
|
page readonly
|
|
|
|
73AEDAE000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E33000
|
unkown
|
page readonly
|
|
|
|
7FF586123000
|
unkown
|
page readonly
|
|
|
|
17E7F3E0000
|
unkown
|
page read and write
|
|
|
|
128A2CF4000
|
unkown
|
page readonly
|
|
|
|
17E7FD27000
|
unkown
|
page read and write
|
|
|
|
7FF5F296B000
|
unkown
|
page readonly
|
|
|
|
7FF5AA6C1000
|
unkown
|
page readonly
|
|
|
|
1AC3BA00000
|
unkown
|
page readonly
|
|
|
|
1AC3B6D0000
|
unkown
|
page readonly
|
|
|
|
7FF5F2967000
|
unkown
|
page readonly
|
|
|
|
17E7FD13000
|
unkown
|
page read and write
|
|
|
|
1D632E86000
|
unkown
|
page read and write
|
|
|
|
1C48EFB0000
|
unkown
|
page read and write
|
|
|
|
17E7F3F0000
|
unkown
|
page read and write
|
|
|
|
585CF7E000
|
unkown
|
page read and write
|
|
|
|
4F1367F000
|
unkown
|
page read and write
|
|
|
|
7FF5F28F7000
|
unkown
|
page readonly
|
|
|
|
7FF5E9B31000
|
unkown
|
page readonly
|
|
|
|
7FF5EA037000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F93000
|
unkown
|
page readonly
|
|
|
|
1289D298000
|
unkown
|
page read and write
|
|
|
|
7FF5E9B37000
|
unkown
|
page readonly
|
|
|
|
128A2AF7000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E2D000
|
unkown
|
page readonly
|
|
|
|
7FF588F97000
|
unkown
|
page readonly
|
|
|
|
7FF5AA6EA000
|
unkown
|
page readonly
|
|
|
|
7FF58633A000
|
unkown
|
page readonly
|
|
|
|
17E7FD92000
|
unkown
|
page read and write
|
|
|
|
7FF54F897000
|
unkown
|
page readonly
|
|
|
|
73AF175000
|
unkown
|
page read and write
|
|
|
|
23967285000
|
heap private
|
page read and write
|
|
|
|
128A2D50000
|
unkown
|
page read and write
|
|
|
|
6DB2FF000
|
unkown
|
page read and write
|
|
|
|
1AC3B660000
|
heap private
|
page read and write
|
|
|
|
1AC3B850000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
7FF55CD87000
|
unkown
|
page readonly
|
|
|
|
7FF5E9BE2000
|
unkown
|
page readonly
|
|
|
|
128A2D80000
|
unkown
|
page readonly
|
|
|
|
17E7FD4F000
|
unkown
|
page read and write
|
|
|
|
128A2830000
|
unkown
|
page read and write
|
|
|
|
17E7F4E2000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
7FF5AA717000
|
unkown
|
page readonly
|
|
|
|
7FF55CB85000
|
unkown
|
page readonly
|
|
|
|
23967170000
|
unkown
|
page readonly
|
|
|
|
128A2AE4000
|
unkown
|
page read and write
|
|
|
|
17E7FD3B000
|
unkown
|
page read and write
|
|
|
|
128A2AE6000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
17E7FD7D000
|
unkown
|
page read and write
|
|
|
|
128A2C00000
|
unkown
|
page readonly
|
|
|
|
7FF55CEF2000
|
unkown
|
page readonly
|
|
|
|
7FF5E985B000
|
unkown
|
page readonly
|
|
|
|
17E7FE00000
|
unkown
|
page read and write
|
|
|
|
7FF588DD8000
|
unkown
|
page readonly
|
|
|
|
1AC3B88B000
|
unkown
|
page read and write
|
|
|
|
48FAEFF000
|
unkown
|
page read and write
|
|
|
|
585C7FE000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E76000
|
unkown
|
page readonly
|
|
|
|
7FF54F3F7000
|
unkown
|
page readonly
|
|
|
|
7FF5861E5000
|
unkown
|
page readonly
|
|
|
|
7FF588811000
|
unkown
|
page readonly
|
|
|
|
17E7F4B2000
|
unkown
|
page read and write
|
|
|
|
1D632E4B000
|
unkown
|
page read and write
|
|
|
|
1289DA00000
|
unkown
|
page read and write
|
|
|
|
128A2B00000
|
unkown
|
page read and write
|
|
|
|
128A2730000
|
unkown
|
page read and write
|
|
|
|
128A2A00000
|
unkown
|
page read and write
|
|
|
|
1D632E78000
|
unkown
|
page read and write
|
|
|
|
7FF588772000
|
unkown
|
page readonly
|
|
|
|
7FF55CE45000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F60000
|
unkown
|
page readonly
|
|
|
|
17E7F4A3000
|
unkown
|
page read and write
|
|
|
|
17E7FF02000
|
unkown
|
page read and write
|
|
|
|
7FF55CF7D000
|
unkown
|
page readonly
|
|
|
|
7FF588F57000
|
unkown
|
page readonly
|
|
|
|
128A2D20000
|
unkown
|
page read and write
|
|
|
|
7FF5AA6D3000
|
unkown
|
page readonly
|
|
|
|
7FF5AA787000
|
unkown
|
page readonly
|
|
|
|
7FF5EA087000
|
unkown
|
page readonly
|
|
|
|
128A2AED000
|
unkown
|
page read and write
|
|
|
|
17E7FD11000
|
unkown
|
page read and write
|
|
|
|
1289D200000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
128A26A0000
|
unkown
|
page read and write
|
|
|
|
17E7FD4C000
|
unkown
|
page read and write
|
|
|
|
128A29A0000
|
unkown
|
page read and write
|
|
|
|
1289D22A000
|
unkown
|
page read and write
|
|
|
|
7FF55CFC2000
|
unkown
|
page readonly
|
|
|
|
7FF54F899000
|
unkown
|
page readonly
|
|
|
|
7FF5886D2000
|
unkown
|
page readonly
|
|
|
|
1C48F081000
|
unkown
|
page read and write
|
|
|
|
7FF55CF84000
|
unkown
|
page readonly
|
|
|
|
1F3355D0000
|
unkown
|
page read and write
|
|
|
|
17E7FDCB000
|
unkown
|
page read and write
|
|
|
|
23966F60000
|
heap default
|
page read and write
|
|
|
|
128A2AED000
|
unkown
|
page read and write
|
|
|
|
1F334670000
|
unkown
|
page read and write
|
|
|
|
1289D860000
|
unkown
|
page readonly
|
|
|
|
1289E671000
|
unkown
|
page read and write
|
|
|
|
7FF54F947000
|
unkown
|
page readonly
|
|
|
|
7FF5AA706000
|
unkown
|
page readonly
|
|
|
|
128A2B02000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E98000
|
unkown
|
page readonly
|
|
|
|
1D632E29000
|
unkown
|
page read and write
|
|
|
|
17E7F47A000
|
unkown
|
page read and write
|
|
|
|
7FF54F736000
|
unkown
|
page readonly
|
|
|
|
17E7FDA8000
|
unkown
|
page read and write
|
|
|
|
128A2980000
|
unkown
|
page read and write
|
|
|
|
17E7FD0D000
|
unkown
|
page read and write
|
|
|
|
1D632CC0000
|
heap private
|
page read and write
|
|
|
|
128A2900000
|
unkown
|
page read and write
|
|
|
|
7FF586064000
|
unkown
|
page readonly
|
|
|
|
6DAAFF000
|
unkown
|
page read and write
|
|
|
|
6DAF7A000
|
unkown
|
page read and write
|
|
|
|
7FF5E9D55000
|
unkown
|
page readonly
|
|
|
|
7FF588F4D000
|
unkown
|
page readonly
|
|
|
|
7FF5EA047000
|
unkown
|
page readonly
|
|
|
|
128A2CC0000
|
unkown
|
page readonly
|
|
|
|
1289D273000
|
unkown
|
page read and write
|
|
|
|
7FF54F907000
|
unkown
|
page readonly
|
|
|
|
17E7FD66000
|
unkown
|
page read and write
|
|
|
|
7FF588F97000
|
unkown
|
page readonly
|
|
|
|
7FF588F41000
|
unkown
|
page readonly
|
|
|
|
1D632E13000
|
unkown
|
page read and write
|
|
|
|
17E7F513000
|
unkown
|
page read and write
|
|
|
|
7FF5AA784000
|
unkown
|
page readonly
|
|
|
|
1289D2F8000
|
unkown
|
page read and write
|
|
|
|
1F3348DC000
|
unkown
|
page read and write
|
|
|
|
7FF58610D000
|
unkown
|
page readonly
|
|
|
|
17E7FD25000
|
unkown
|
page read and write
|
|
|
|
1289E300000
|
unkown
|
page readonly
|
|
|
|
7FF5AA77D000
|
unkown
|
page readonly
|
|
|
|
6DA97E000
|
unkown
|
page read and write
|
|
|
|
7FF5AA771000
|
unkown
|
page readonly
|
|
|
|
17E7FD39000
|
unkown
|
page read and write
|
|
|
|
128A2A5D000
|
unkown
|
page read and write
|
|
|
|
7FF588F54000
|
unkown
|
page readonly
|
|
|
|
17E7F4EC000
|
unkown
|
page read and write
|
|
|
|
17E7FD91000
|
unkown
|
page read and write
|
|
|
|
1C48F013000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
7FF586228000
|
unkown
|
page readonly
|
|
|
|
1AC3B7B0000
|
unkown
|
page readonly
|
|
|
|
7FF585B2E000
|
unkown
|
page readonly
|
|
|
|
7FF58870D000
|
unkown
|
page readonly
|
|
|
|
1289D28D000
|
unkown
|
page read and write
|
|
|
|
128A2690000
|
unkown
|
page read and write
|
|
|
|
7FF5EA031000
|
unkown
|
page readonly
|
|
|
|
7FF5E9F37000
|
unkown
|
page readonly
|
|
|
|
23967180000
|
unkown
|
page read and write
|
|
|
|
7FF58631D000
|
unkown
|
page readonly
|
|
|
|
128A2AE2000
|
unkown
|
page read and write
|
|
|
|
1289DB00000
|
unkown
|
page read and write
|
|
|
|
17E7F450000
|
unkown
|
page read and write
|
|
|
|
7FF55CF77000
|
unkown
|
page readonly
|
|
|
|
128A2838000
|
unkown
|
page read and write
|
|
|
|
17E7FD89000
|
unkown
|
page read and write
|
|
|
|
17E7F2E0000
|
heap private
|
page read and write
|
|
|
|
1289DB13000
|
unkown
|
page read and write
|
|
|
|
128A2D74000
|
unkown
|
page readonly
|
|
|
|
1AC3B6C0000
|
heap default
|
page read and write
|
|
|
|
7FF5E9F8F000
|
unkown
|
page readonly
|
|
|
|
128A2870000
|
unkown
|
page read and write
|
|
|
|
17E7FF00000
|
unkown
|
page read and write
|
|
|
|
7FF588F6A000
|
unkown
|
page readonly
|
|
|
|
17E7FD4B000
|
unkown
|
page read and write
|
|
|
|
128A2D84000
|
unkown
|
page readonly
|
|
|
|
7FF56DE3B000
|
unkown
|
page readonly
|
|
|
|
17E7FD91000
|
unkown
|
page read and write
|
|
|
|
128A2AC2000
|
unkown
|
page read and write
|
|
|
|
1AC3B908000
|
unkown
|
page read and write
|
|
|
|
7FF58609E000
|
unkown
|
page readonly
|
|
|
|
585CAF5000
|
unkown
|
page read and write
|
|
|
|
17E7FD76000
|
unkown
|
page read and write
|
|
|
|
7FF5E9FAA000
|
unkown
|
page readonly
|
|
|
|
7FF5862B7000
|
unkown
|
page readonly
|
|
|
|
128A2A61000
|
unkown
|
page read and write
|
|
|
|
7FF586066000
|
unkown
|
page readonly
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
23966F6B000
|
heap default
|
page read and write
|
|
|
|
7FF54F866000
|
unkown
|
page readonly
|
|
|
|
7FF55CA71000
|
unkown
|
page readonly
|
|
|
|
17E7FD33000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E1A000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
128A2D10000
|
unkown
|
page read and write
|
|
|
|
1289E320000
|
unkown
|
page readonly
|
|
|
|
7FF5EA034000
|
unkown
|
page readonly
|
|
|
|
7FF54F86A000
|
unkown
|
page readonly
|
|
|
|
7FF5AA6E6000
|
unkown
|
page readonly
|
|
|
|
1F334B20000
|
unkown
|
page read and write
|
|
|
|
128A2860000
|
unkown
|
page read and write
|
|
|
|
7FF585EC2000
|
unkown
|
page readonly
|
|
|
|
7FF586237000
|
unkown
|
page readonly
|
|
|
|
7FF5AA719000
|
unkown
|
page readonly
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
128A283B000
|
unkown
|
page read and write
|
|
|
|
23967280000
|
heap private
|
page read and write
|
|
|
|
7FF585B06000
|
unkown
|
page readonly
|
|
|
|
7FF588DC1000
|
unkown
|
page readonly
|
|
|
|
1289D253000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
1289DB59000
|
unkown
|
page read and write
|
|
|
|
7FF5AA777000
|
unkown
|
page readonly
|
|
|
|
7FF585E92000
|
unkown
|
page readonly
|
|
|
|
1D632E49000
|
unkown
|
page read and write
|
|
|
|
6DA19C000
|
unkown
|
page read and write
|
|
|
|
7FF55CECF000
|
unkown
|
page readonly
|
|
|
|
7FF588EE7000
|
unkown
|
page readonly
|
|
|
|
1D633480000
|
unkown
|
page read and write
|
|
|
|
7FF5861A8000
|
unkown
|
page readonly
|
|
|
|
7FF5AA70D000
|
unkown
|
page readonly
|
|
|
|
128A2860000
|
unkown
|
page read and write
|
|
|
|
1F3347C0000
|
unkown
|
page read and write
|
|
|
|
7FF5AA78B000
|
unkown
|
page readonly
|
|
|
|
17E7F600000
|
unkown
|
page readonly
|
|
|
|
7FF5860FA000
|
unkown
|
page readonly
|
|
|
|
7FF5AA645000
|
unkown
|
page readonly
|
|
|
|
1289D325000
|
unkown
|
page read and write
|
|
|
|
1289D286000
|
unkown
|
page read and write
|
|
|
|
128A2830000
|
unkown
|
page read and write
|
|
|
|
17E7F502000
|
unkown
|
page read and write
|
|
|
|
585CD77000
|
unkown
|
page read and write
|
|
|
|
128A2AC8000
|
unkown
|
page read and write
|
|
|
|
7FF588EDD000
|
unkown
|
page readonly
|
|
|
|
6DAB7E000
|
unkown
|
page read and write
|
|
|
|
17E7FDA7000
|
unkown
|
page read and write
|
|
|
|
7FF586353000
|
unkown
|
page readonly
|
|
|
|
5B3EEFD000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F81000
|
unkown
|
page readonly
|
|
|
|
17E7FD51000
|
unkown
|
page read and write
|
|
|
|
7FF5E9C45000
|
unkown
|
page readonly
|
|
|
|
1289E2E0000
|
unkown
|
page readonly
|
|
|
|
1289DD80000
|
unkown
|
page read and write
|
|
|
|
7FF585B71000
|
unkown
|
page readonly
|
|
|
|
1289E100000
|
unkown
|
page read and write
|
|
|
|
128A283A000
|
unkown
|
page read and write
|
|
|
|
7FF586113000
|
unkown
|
page readonly
|
|
|
|
1C48EF20000
|
heap private
|
page read and write
|
|
|
|
17E7FE02000
|
unkown
|
page read and write
|
|
|
|
17E7F390000
|
unkown
|
page readonly
|
|
|
|
7FF54ED61000
|
unkown
|
page readonly
|
|
There are 850 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Convert%20HEX%20uit%20phishing%20mail.htm
|
|