Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Payment Copy for Inv ps-7 -USD 24,806.PDF.htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0768db86-36ba-4991-8d3b-54d53143fc73.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\27ca25fd-a596-4fde-bb03-bce2c5baf858.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3100b87c-c6c1-44b4-88aa-2603b8e5487f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4a508aa4-a246-4e2d-88b3-0b5f7c1356fb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\53963be9-2789-4f9a-93b0-dc9338857ce8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\609af24a-6e8d-4152-ab17-9ebc8259ecc9.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\86a38742-6bdc-4202-93a2-9407ddf9034f.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ce4c3f7-b691-4228-b575-f5998eda2cea.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3605cfde-f1d0-441c-95dd-901d085239dc.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ae11929-9a83-46c4-95cc-340980071b9f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4b52a989-4339-4a29-af16-872aba1db11d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\54874e1c-cb5f-407d-9af9-e7eb805591f8.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6b6894c5-25ba-4a10-99c1-e53a5fbc0a1e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\82436d81-54a7-42df-8b43-1577f2b8998f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\841ae51d-8533-4c0b-9724-3c789d6eb6cf.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\27285b39-9e5d-48ad-9660-5276ab5edac0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\4cc3ab68-1515-4b7f-a2ca-0e9c6357d1ef.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\abd7c84c-14a4-49a7-b36b-3ddc54235023.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1ca51df-e0a0-40de-b734-b9fe37c3d30f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.28.0\Indexing in Progress
|
empty
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6740_1124400641\Ruleset
Data
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bd27ee45-d995-46cf-9fbf-906ed2f792be.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d7b646e6-4434-44e3-b27a-5ea06687243e.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fab0d7d5-c928-402d-abb6-49c3713a1906.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\155401cc-1527-4167-ae2f-854ceb384b41.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2b4b705b-ea9a-4cdd-ab00-489e03618442.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6740_1921723831\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6740_1993787692\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7b033155-332a-4c05-b8c2-d0fc46f8a7de.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\a460fe93-30f9-4ce1-8c73-bf25845e6b1e.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\155401cc-1527-4167-ae2f-854ceb384b41.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_1168751802\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\7b033155-332a-4c05-b8c2-d0fc46f8a7de.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6740_332590602\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
There are 166 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\Payment
Copy for Inv ps-7 -USD 24,806.PDF.htm'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,11699132993908980424,10170989427665474543,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1696 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://erandibermudez.com/wp-content/themes/opo.php
|
unknown
|
|
|
|
file:///C:/Users/user/Desktop/Payment%20Copy%20for%20Inv%20ps-7%20-USD%2024,806.PDF.htm
|
|
||
|
https://www.google.com
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
192.168.2.22
|
unknown
|
unknown
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
dr
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
There are 33 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5504A8000
|
unkown
|
page readonly
|
|
|
|
7FF504C46000
|
unkown
|
page readonly
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
7FF504B23000
|
unkown
|
page readonly
|
|
|
|
7FF550055000
|
unkown
|
page readonly
|
|
|
|
13758E86000
|
unkown
|
page read and write
|
|
|
|
13754201000
|
unkown
|
page read and write
|
|
|
|
7FF58CFB5000
|
unkown
|
page readonly
|
|
|
|
1F400C61000
|
unkown
|
page read and write
|
|
|
|
13759020000
|
unkown
|
page read and write
|
|
|
|
7FF4FFEFD000
|
unkown
|
page readonly
|
|
|
|
7FF58D6D0000
|
unkown
|
page readonly
|
|
|
|
13753670000
|
heap private
|
page read and write
|
|
|
|
1F400800000
|
unkown
|
page readonly
|
|
|
|
137547F0000
|
unkown
|
page readonly
|
|
|
|
1F400000000
|
unkown
|
page readonly
|
|
|
|
7FF4FFF9C000
|
unkown
|
page readonly
|
|
|
|
7FF58D52D000
|
unkown
|
page readonly
|
|
|
|
1F400781000
|
unkown
|
page read and write
|
|
|
|
7FF550348000
|
unkown
|
page readonly
|
|
|
|
2894426F000
|
unkown
|
page read and write
|
|
|
|
7FF55043E000
|
unkown
|
page readonly
|
|
|
|
137591B0000
|
unkown
|
page read and write
|
|
|
|
13758E98000
|
unkown
|
page read and write
|
|
|
|
1EE4F64C000
|
unkown
|
page read and write
|
|
|
|
1F47FED4000
|
unkown
|
page read and write
|
|
|
|
7FF4FF806000
|
unkown
|
page readonly
|
|
|
|
1F400D00000
|
unkown
|
page read and write
|
|
|
|
137537D0000
|
unkown
|
page read and write
|
|
|
|
13758E87000
|
unkown
|
page read and write
|
|
|
|
7FF58D345000
|
unkown
|
page readonly
|
|
|
|
7FF55038D000
|
unkown
|
page readonly
|
|
|
|
1F400713000
|
unkown
|
page read and write
|
|
|
|
27E0BFE000
|
unkown
|
page read and write
|
|
|
|
7FF58D676000
|
unkown
|
page readonly
|
|
|
|
1EE4F670000
|
unkown
|
page read and write
|
|
|
|
1F400723000
|
unkown
|
page read and write
|
|
|
|
28944313000
|
unkown
|
page read and write
|
|
|
|
13759050000
|
unkown
|
page read and write
|
|
|
|
B51316E000
|
unkown
|
page read and write
|
|
|
|
7FF58D292000
|
unkown
|
page readonly
|
|
|
|
1EE4F420000
|
heap default
|
page read and write
|
|
|
|
1F400785000
|
unkown
|
page read and write
|
|
|
|
7FF550494000
|
unkown
|
page readonly
|
|
|
|
7FF5047A5000
|
unkown
|
page readonly
|
|
|
|
1F47FE4B000
|
unkown
|
page read and write
|
|
|
|
7FF550276000
|
unkown
|
page readonly
|
|
|
|
13758D38000
|
unkown
|
page read and write
|
|
|
|
7FF550291000
|
unkown
|
page readonly
|
|
|
|
7FF58D67D000
|
unkown
|
page readonly
|
|
|
|
7FF58D79E000
|
unkown
|
page readonly
|
|
|
|
7FF58D704000
|
unkown
|
page readonly
|
|
|
|
28944283000
|
unkown
|
page read and write
|
|
|
|
7FF4FFEAB000
|
unkown
|
page readonly
|
|
|
|
B5135FB000
|
unkown
|
page read and write
|
|
|
|
8451D7A000
|
unkown
|
page read and write
|
|
|
|
13758D70000
|
unkown
|
page read and write
|
|
|
|
2894424D000
|
unkown
|
page read and write
|
|
|
|
7FF58D4B0000
|
unkown
|
page readonly
|
|
|
|
7FF504BCE000
|
unkown
|
page readonly
|
|
|
|
7FF504ACE000
|
unkown
|
page readonly
|
|
|
|
1F400777000
|
unkown
|
page read and write
|
|
|
|
1F47FF13000
|
unkown
|
page read and write
|
|
|
|
8451C7E000
|
unkown
|
page read and write
|
|
|
|
7FF54FC90000
|
unkown
|
page readonly
|
|
|
|
1F400790000
|
unkown
|
page read and write
|
|
|
|
1F47FE4D000
|
unkown
|
page read and write
|
|
|
|
7FF5366A0000
|
unkown
|
page readonly
|
|
|
|
7FF58D4F6000
|
unkown
|
page readonly
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
7FF58D420000
|
unkown
|
page readonly
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
7FF500004000
|
unkown
|
page readonly
|
|
|
|
7FF4FFFBB000
|
unkown
|
page readonly
|
|
|
|
27E0CFF000
|
unkown
|
page read and write
|
|
|
|
28944200000
|
unkown
|
page read and write
|
|
|
|
13758D36000
|
unkown
|
page read and write
|
|
|
|
1F400B60000
|
unkown
|
page read and write
|
|
|
|
7FF5503AC000
|
unkown
|
page readonly
|
|
|
|
7FF504BE7000
|
unkown
|
page readonly
|
|
|
|
7FF4FFEAE000
|
unkown
|
page readonly
|
|
|
|
7FF4FFF03000
|
unkown
|
page readonly
|
|
|
|
7FF58D70F000
|
unkown
|
page readonly
|
|
|
|
13758E10000
|
unkown
|
page read and write
|
|
|
|
7FF5504AE000
|
unkown
|
page readonly
|
|
|
|
7FF500018000
|
unkown
|
page readonly
|
|
|
|
28944227000
|
unkown
|
page read and write
|
|
|
|
7FF536DD4000
|
unkown
|
page readonly
|
|
|
|
1F4000E0000
|
unkown
|
page readonly
|
|
|
|
13758D74000
|
unkown
|
page read and write
|
|
|
|
1F4002E0000
|
unkown
|
page readonly
|
|
|
|
137591F7000
|
unkown
|
page read and write
|
|
|
|
48B267F000
|
unkown
|
page read and write
|
|
|
|
1F47FE81000
|
unkown
|
page read and write
|
|
|
|
7FF5000A1000
|
unkown
|
page readonly
|
|
|
|
1F400B60000
|
unkown
|
page read and write
|
|
|
|
1F47FF02000
|
unkown
|
page read and write
|
|
|
|
13759060000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFFA000
|
unkown
|
page readonly
|
|
|
|
1F47FE3C000
|
unkown
|
page read and write
|
|
|
|
7FF504B34000
|
unkown
|
page readonly
|
|
|
|
B513777000
|
unkown
|
page read and write
|
|
|
|
13759170000
|
unkown
|
page readonly
|
|
|
|
1375383F000
|
unkown
|
page read and write
|
|
|
|
1F47FEAC000
|
unkown
|
page read and write
|
|
|
|
7FF55040F000
|
unkown
|
page readonly
|
|
|
|
1EE4F64E000
|
unkown
|
page read and write
|
|
|
|
1EE4F702000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFF4000
|
unkown
|
page readonly
|
|
|
|
13758BA0000
|
unkown
|
page read and write
|
|
|
|
7FF55048A000
|
unkown
|
page readonly
|
|
|
|
13754820000
|
unkown
|
page readonly
|
|
|
|
13754B90000
|
unkown
|
page read and write
|
|
|
|
7FF55043A000
|
unkown
|
page readonly
|
|
|
|
7FF4FFB70000
|
unkown
|
page readonly
|
|
|
|
7FF504796000
|
unkown
|
page readonly
|
|
|
|
7FF536E71000
|
unkown
|
page readonly
|
|
|
|
13753913000
|
unkown
|
page read and write
|
|
|
|
8451E7A000
|
unkown
|
page read and write
|
|
|
|
1F400757000
|
unkown
|
page read and write
|
|
|
|
7FF536DF9000
|
unkown
|
page readonly
|
|
|
|
2894427B000
|
unkown
|
page read and write
|
|
|
|
1F47FEFA000
|
unkown
|
page read and write
|
|
|
|
13758D31000
|
unkown
|
page read and write
|
|
|
|
13758D60000
|
unkown
|
page read and write
|
|
|
|
7FF58D81A000
|
unkown
|
page readonly
|
|
|
|
1F400779000
|
unkown
|
page read and write
|
|
|
|
1F400D02000
|
unkown
|
page read and write
|
|
|
|
1F47FEC0000
|
unkown
|
page read and write
|
|
|
|
1F40078F000
|
unkown
|
page read and write
|
|
|
|
7FF504ACB000
|
unkown
|
page readonly
|
|
|
|
289440E0000
|
unkown
|
page readonly
|
|
|
|
7FF536DC4000
|
unkown
|
page readonly
|
|
|
|
1F400779000
|
unkown
|
page read and write
|
|
|
|
218F341E000
|
unkown
|
page read and write
|
|
|
|
1F400C61000
|
unkown
|
page read and write
|
|
|
|
7FF550477000
|
unkown
|
page readonly
|
|
|
|
1F400766000
|
unkown
|
page read and write
|
|
|
|
7FF550457000
|
unkown
|
page readonly
|
|
|
|
7FF54FF76000
|
unkown
|
page readonly
|
|
|
|
137547E0000
|
unkown
|
page readonly
|
|
|
|
13758D51000
|
unkown
|
page read and write
|
|
|
|
8DBF10B000
|
unkown
|
page read and write
|
|
|
|
8DBFAFF000
|
unkown
|
page read and write
|
|
|
|
1F40077A000
|
unkown
|
page read and write
|
|
|
|
1375386F000
|
unkown
|
page read and write
|
|
|
|
1F400783000
|
unkown
|
page read and write
|
|
|
|
7FF58D41A000
|
unkown
|
page readonly
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
7FF504A73000
|
unkown
|
page readonly
|
|
|
|
13758BD3000
|
unkown
|
page read and write
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
1F47FEDB000
|
unkown
|
page read and write
|
|
|
|
1EE4F713000
|
unkown
|
page read and write
|
|
|
|
28944302000
|
unkown
|
page read and write
|
|
|
|
7FF5366D7000
|
unkown
|
page readonly
|
|
|
|
7FF536D85000
|
unkown
|
page readonly
|
|
|
|
7FF504C24000
|
unkown
|
page readonly
|
|
|
|
1F400783000
|
unkown
|
page read and write
|
|
|
|
1F400C02000
|
unkown
|
page read and write
|
|
|
|
7FF536DDE000
|
unkown
|
page readonly
|
|
|
|
28944229000
|
unkown
|
page read and write
|
|
|
|
7FF55044B000
|
unkown
|
page readonly
|
|
|
|
1EE4F800000
|
unkown
|
page readonly
|
|
|
|
27E0EFE000
|
unkown
|
page read and write
|
|
|
|
7FF58D564000
|
unkown
|
page readonly
|
|
|
|
7FF4FFE53000
|
unkown
|
page readonly
|
|
|
|
7FF550414000
|
unkown
|
page readonly
|
|
|
|
8DBF67B000
|
unkown
|
page read and write
|
|
|
|
7FF550240000
|
unkown
|
page readonly
|
|
|
|
845197F000
|
unkown
|
page read and write
|
|
|
|
27E0AFB000
|
unkown
|
page read and write
|
|
|
|
27E0B7F000
|
unkown
|
page read and write
|
|
|
|
7FF58D566000
|
unkown
|
page readonly
|
|
|
|
7FF536DCA000
|
unkown
|
page readonly
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
7FF4FFF1C000
|
unkown
|
page readonly
|
|
|
|
7FF504C4D000
|
unkown
|
page readonly
|
|
|
|
8451A77000
|
unkown
|
page read and write
|
|
|
|
218F33F0000
|
heap default
|
page read and write
|
|
|
|
7FF5366D3000
|
unkown
|
page readonly
|
|
|
|
7FF5501FB000
|
unkown
|
page readonly
|
|
|
|
13758E00000
|
unkown
|
page read and write
|
|
|
|
1F40072C000
|
unkown
|
page read and write
|
|
|
|
28944000000
|
heap default
|
page read and write
|
|
|
|
218F3360000
|
unkown
|
page readonly
|
|
|
|
1F47FEA9000
|
unkown
|
page read and write
|
|
|
|
7FF550343000
|
unkown
|
page readonly
|
|
|
|
1F40079E000
|
unkown
|
page read and write
|
|
|
|
13754100000
|
unkown
|
page read and write
|
|
|
|
1F400755000
|
unkown
|
page read and write
|
|
|
|
218F341E000
|
unkown
|
page read and write
|
|
|
|
7FF4FFF14000
|
unkown
|
page readonly
|
|
|
|
1375919C000
|
unkown
|
page readonly
|
|
|
|
7FF4FFFE7000
|
unkown
|
page readonly
|
|
|
|
218F3416000
|
unkown
|
page read and write
|
|
|
|
7FF58CFC9000
|
unkown
|
page readonly
|
|
|
|
13753A00000
|
unkown
|
page readonly
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
13759190000
|
unkown
|
page read and write
|
|
|
|
1F4000D0000
|
heap private
|
page read and write
|
|
|
|
7FF4FFD27000
|
unkown
|
page readonly
|
|
|
|
7FF58D409000
|
unkown
|
page readonly
|
|
|
|
28944010000
|
unkown
|
page readonly
|
|
|
|
137591B4000
|
unkown
|
page readonly
|
|
|
|
7FF58D71C000
|
unkown
|
page readonly
|
|
|
|
48B297F000
|
unkown
|
page read and write
|
|
|
|
7FF58D71A000
|
unkown
|
page readonly
|
|
|
|
28944249000
|
unkown
|
page read and write
|
|
|
|
7FF58D5C2000
|
unkown
|
page readonly
|
|
|
|
13753800000
|
unkown
|
page read and write
|
|
|
|
13758D3E000
|
unkown
|
page read and write
|
|
|
|
7FF58D508000
|
unkown
|
page readonly
|
|
|
|
13759080000
|
unkown
|
page read and write
|
|
|
|
1F400736000
|
unkown
|
page read and write
|
|
|
|
1F4007A2000
|
unkown
|
page read and write
|
|
|
|
7FF536D8B000
|
unkown
|
page readonly
|
|
|
|
1F47FEC7000
|
unkown
|
page read and write
|
|
|
|
1EE4FC02000
|
unkown
|
page read and write
|
|
|
|
7FF550531000
|
unkown
|
page readonly
|
|
|
|
1F47FEE4000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFAE000
|
unkown
|
page readonly
|
|
|
|
7FF58D5F1000
|
unkown
|
page readonly
|
|
|
|
27E0DFF000
|
unkown
|
page read and write
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
13754281000
|
unkown
|
page read and write
|
|
|
|
218F3430000
|
unkown
|
page read and write
|
|
|
|
7FF536DE8000
|
unkown
|
page readonly
|
|
|
|
7FF58D6EF000
|
unkown
|
page readonly
|
|
|
|
1F400B60000
|
unkown
|
page readonly
|
|
|
|
1EE4F708000
|
unkown
|
page read and write
|
|
|
|
1F400779000
|
unkown
|
page read and write
|
|
|
|
13754002000
|
unkown
|
page read and write
|
|
|
|
7FF58D767000
|
unkown
|
page readonly
|
|
|
|
1F400602000
|
unkown
|
page read and write
|
|
|
|
7FF536DAF000
|
unkown
|
page readonly
|
|
|
|
7FF58D5D5000
|
unkown
|
page readonly
|
|
|
|
13753829000
|
unkown
|
page read and write
|
|
|
|
7FF50009A000
|
unkown
|
page readonly
|
|
|
|
7FF58D417000
|
unkown
|
page readonly
|
|
|
|
7FF550524000
|
unkown
|
page readonly
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
7FF58D4DA000
|
unkown
|
page readonly
|
|
|
|
13758E85000
|
unkown
|
page read and write
|
|
|
|
7FF504C38000
|
unkown
|
page readonly
|
|
|
|
137546E0000
|
unkown
|
page read and write
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
1F4007D1000
|
unkown
|
page read and write
|
|
|
|
7FF504BFC000
|
unkown
|
page readonly
|
|
|
|
218F341E000
|
unkown
|
page read and write
|
|
|
|
7FF536E6A000
|
unkown
|
page readonly
|
|
|
|
48B287E000
|
unkown
|
page read and write
|
|
|
|
7FF550057000
|
unkown
|
page readonly
|
|
|
|
7FF504950000
|
unkown
|
page readonly
|
|
|
|
48B27F9000
|
unkown
|
page read and write
|
|
|
|
13759038000
|
unkown
|
page read and write
|
|
|
|
28944300000
|
unkown
|
page read and write
|
|
|
|
28944400000
|
unkown
|
page readonly
|
|
|
|
7FF4FFFAA000
|
unkown
|
page readonly
|
|
|
|
1F400C00000
|
unkown
|
page read and write
|
|
|
|
137590A0000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFB5000
|
unkown
|
page readonly
|
|
|
|
7FF55046C000
|
unkown
|
page readonly
|
|
|
|
7FF58D814000
|
unkown
|
page readonly
|
|
|
|
7FF550281000
|
unkown
|
page readonly
|
|
|
|
137590E0000
|
unkown
|
page readonly
|
|
|
|
845149B000
|
unkown
|
page read and write
|
|
|
|
7FF504CC2000
|
unkown
|
page readonly
|
|
|
|
7FF5503A4000
|
unkown
|
page readonly
|
|
|
|
1F400783000
|
unkown
|
page read and write
|
|
|
|
1F400C02000
|
unkown
|
page read and write
|
|
|
|
1F4005B0000
|
unkown
|
page write copy
|
|
|
|
1EE4F651000
|
unkown
|
page read and write
|
|
|
|
13754113000
|
unkown
|
page read and write
|
|
|
|
1F47FE29000
|
unkown
|
page read and write
|
|
|
|
13758D30000
|
unkown
|
page read and write
|
|
|
|
137537B0000
|
unkown
|
page readonly
|
|
|
|
B5130EC000
|
unkown
|
page read and write
|
|
|
|
1F400560000
|
unkown
|
page read and write
|
|
|
|
7FF54FFB2000
|
unkown
|
page readonly
|
|
|
|
7FF58D525000
|
unkown
|
page readonly
|
|
|
|
13754B83000
|
unkown
|
page read and write
|
|
|
|
1EE4F3C0000
|
heap private
|
page read and write
|
|
|
|
13758D37000
|
unkown
|
page read and write
|
|
|
|
27E0D7F000
|
unkown
|
page read and write
|
|
|
|
8451EFE000
|
unkown
|
page read and write
|
|
|
|
8DBF6FE000
|
unkown
|
page read and write
|
|
|
|
13758E90000
|
unkown
|
page read and write
|
|
|
|
28944250000
|
unkown
|
page read and write
|
|
|
|
7FF58D50F000
|
unkown
|
page readonly
|
|
|
|
7FF58D774000
|
unkown
|
page readonly
|
|
|
|
1EE4F656000
|
unkown
|
page read and write
|
|
|
|
13758E3D000
|
unkown
|
page read and write
|
|
|
|
137591B0000
|
unkown
|
page read and write
|
|
|
|
28944308000
|
unkown
|
page read and write
|
|
|
|
27E06FA000
|
unkown
|
page read and write
|
|
|
|
27E09FA000
|
unkown
|
page read and write
|
|
|
|
7FF536E64000
|
unkown
|
page readonly
|
|
|
|
B5131EE000
|
unkown
|
page read and write
|
|
|
|
B5134F5000
|
unkown
|
page read and write
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
218F3330000
|
unkown
|
page read and write
|
|
|
|
1F40078B000
|
unkown
|
page read and write
|
|
|
|
1375389C000
|
unkown
|
page read and write
|
|
|
|
218F3370000
|
unkown
|
page readonly
|
|
|
|
48B26FF000
|
unkown
|
page read and write
|
|
|
|
7FF536D80000
|
unkown
|
page readonly
|
|
|
|
13753813000
|
unkown
|
page read and write
|
|
|
|
218F3240000
|
unkown
|
page readonly
|
|
|
|
1F40078D000
|
unkown
|
page read and write
|
|
|
|
13758E2C000
|
unkown
|
page read and write
|
|
|
|
7FF504AB1000
|
unkown
|
page readonly
|
|
|
|
1EE4F500000
|
unkown
|
page readonly
|
|
|
|
13758C30000
|
unkown
|
page read and write
|
|
|
|
7FF504BBC000
|
unkown
|
page readonly
|
|
|
|
1F400720000
|
unkown
|
page read and write
|
|
|
|
13759180000
|
unkown
|
page read and write
|
|
|
|
13754B61000
|
unkown
|
page read and write
|
|
|
|
7FF536DAC000
|
unkown
|
page readonly
|
|
|
|
1F47FE00000
|
unkown
|
page read and write
|
|
|
|
13758C10000
|
unkown
|
page read and write
|
|
|
|
1F400C02000
|
unkown
|
page read and write
|
|
|
|
289441C0000
|
unkown
|
page readonly
|
|
|
|
7FF504C14000
|
unkown
|
page readonly
|
|
|
|
8DBF7F7000
|
unkown
|
page read and write
|
|
|
|
13758BD0000
|
unkown
|
page read and write
|
|
|
|
13758BE0000
|
unkown
|
page readonly
|
|
|
|
7FF58CFBA000
|
unkown
|
page readonly
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
13758E61000
|
unkown
|
page read and write
|
|
|
|
1F400580000
|
unkown
|
page readonly
|
|
|
|
7FF58D3C1000
|
unkown
|
page readonly
|
|
|
|
7FF4FFB85000
|
unkown
|
page readonly
|
|
|
|
7FF5502EA000
|
unkown
|
page readonly
|
|
|
|
1EE50140000
|
unkown
|
page readonly
|
|
|
|
7FF504C49000
|
unkown
|
page readonly
|
|
|
|
1EE4F69B000
|
unkown
|
page read and write
|
|
|
|
7FF58D822000
|
unkown
|
page readonly
|
|
|
|
7FF550274000
|
unkown
|
page readonly
|
|
|
|
7FF58D347000
|
unkown
|
page readonly
|
|
|
|
7FF58D73B000
|
unkown
|
page readonly
|
|
|
|
7FF50001E000
|
unkown
|
page readonly
|
|
|
|
7FF58D784000
|
unkown
|
page readonly
|
|
|
|
1F47FE50000
|
unkown
|
page read and write
|
|
|
|
7FF58D4EB000
|
unkown
|
page readonly
|
|
|
|
7FF504C3E000
|
unkown
|
page readonly
|
|
|
|
7FF58D52F000
|
unkown
|
page readonly
|
|
|
|
7FF58D72E000
|
unkown
|
page readonly
|
|
|
|
7FF504BCA000
|
unkown
|
page readonly
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
7FF504947000
|
unkown
|
page readonly
|
|
|
|
84520F8000
|
unkown
|
page read and write
|
|
|
|
13758D50000
|
unkown
|
page read and write
|
|
|
|
1EE4F63C000
|
unkown
|
page read and write
|
|
|
|
7FF58D07E000
|
unkown
|
page readonly
|
|
|
|
13759040000
|
unkown
|
page read and write
|
|
|
|
13754102000
|
unkown
|
page read and write
|
|
|
|
7FF55033B000
|
unkown
|
page readonly
|
|
|
|
1EE4F5E0000
|
unkown
|
page readonly
|
|
|
|
1F400778000
|
unkown
|
page read and write
|
|
|
|
1F47FEDB000
|
unkown
|
page read and write
|
|
|
|
1F400B80000
|
unkown
|
page readonly
|
|
|
|
137591E4000
|
unkown
|
page read and write
|
|
|
|
1F400C02000
|
unkown
|
page read and write
|
|
|
|
7FF55042A000
|
unkown
|
page readonly
|
|
|
|
1F400779000
|
unkown
|
page read and write
|
|
|
|
137536E0000
|
unkown
|
page readonly
|
|
|
|
7FF550000000
|
unkown
|
page readonly
|
|
|
|
7FF58D3B1000
|
unkown
|
page readonly
|
|
|
|
7FF55042C000
|
unkown
|
page readonly
|
|
|
|
1F400781000
|
unkown
|
page read and write
|
|
|
|
7FF500094000
|
unkown
|
page readonly
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
137537C0000
|
unkown
|
page readonly
|
|
|
|
845151E000
|
unkown
|
page read and write
|
|
|
|
137538B2000
|
unkown
|
page read and write
|
|
|
|
1EE4FE00000
|
unkown
|
page readonly
|
|
|
|
7FF504B1D000
|
unkown
|
page readonly
|
|
|
|
1F40077B000
|
unkown
|
page read and write
|
|
|
|
7FF5501B7000
|
unkown
|
page readonly
|
|
|
|
13759090000
|
unkown
|
page readonly
|
|
|
|
13759193000
|
unkown
|
page read and write
|
|
|
|
7FF504B3C000
|
unkown
|
page readonly
|
|
|
|
289441D0000
|
unkown
|
page read and write
|
|
|
|
218F35E0000
|
heap private
|
page read and write
|
|
|
|
7FF5503E2000
|
unkown
|
page readonly
|
|
|
|
B51387F000
|
unkown
|
page read and write
|
|
|
|
13754000000
|
unkown
|
page read and write
|
|
|
|
8DBF8FE000
|
unkown
|
page read and write
|
|
|
|
1F400B70000
|
unkown
|
page read and write
|
|
|
|
B51367E000
|
unkown
|
page read and write
|
|
|
|
8DBF9FD000
|
unkown
|
page read and write
|
|
|
|
8451FF9000
|
unkown
|
page read and write
|
|
|
|
13759007000
|
unkown
|
page readonly
|
|
|
|
7FF504BD5000
|
unkown
|
page readonly
|
|
|
|
218F342F000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFDF000
|
unkown
|
page readonly
|
|
|
|
13753877000
|
unkown
|
page read and write
|
|
|
|
137547C0000
|
unkown
|
page readonly
|
|
|
|
27E01FF000
|
unkown
|
page read and write
|
|
|
|
28944213000
|
unkown
|
page read and write
|
|
|
|
7FF54FC96000
|
unkown
|
page readonly
|
|
|
|
13758D34000
|
unkown
|
page read and write
|
|
|
|
2894424B000
|
unkown
|
page read and write
|
|
|
|
7FF4FFE01000
|
unkown
|
page readonly
|
|
|
|
13753879000
|
unkown
|
page read and write
|
|
|
|
1F4007A2000
|
unkown
|
page read and write
|
|
|
|
7FF550445000
|
unkown
|
page readonly
|
|
|
|
13758D30000
|
unkown
|
page read and write
|
|
|
|
7FF4FFE91000
|
unkown
|
page readonly
|
|
|
|
7FF58CF9D000
|
unkown
|
page readonly
|
|
|
|
13758E80000
|
unkown
|
page read and write
|
|
|
|
137590D0000
|
unkown
|
page readonly
|
|
|
|
7FF4FFF9A000
|
unkown
|
page readonly
|
|
|
|
1F400B50000
|
unkown
|
page readonly
|
|
|
|
1F47FE13000
|
unkown
|
page read and write
|
|
|
|
7FF54FFAE000
|
unkown
|
page readonly
|
|
|
|
2894423C000
|
unkown
|
page read and write
|
|
|
|
1F47FE88000
|
unkown
|
page read and write
|
|
|
|
1F400755000
|
unkown
|
page read and write
|
|
|
|
7FF54FD97000
|
unkown
|
page readonly
|
|
|
|
1375903C000
|
unkown
|
page readonly
|
|
|
|
7FF4FFAE6000
|
unkown
|
page readonly
|
|
|
|
13759004000
|
unkown
|
page readonly
|
|
|
|
1F47FEC4000
|
unkown
|
page read and write
|
|
|
|
1F47FEA2000
|
unkown
|
page read and write
|
|
|
|
7FF58D581000
|
unkown
|
page readonly
|
|
|
|
7FF536E72000
|
unkown
|
page readonly
|
|
|
|
28944A00000
|
unkown
|
page readonly
|
|
|
|
27E08FF000
|
unkown
|
page read and write
|
|
|
|
27E07FA000
|
unkown
|
page read and write
|
|
|
|
7FF58D747000
|
unkown
|
page readonly
|
|
|
|
7FF58D735000
|
unkown
|
page readonly
|
|
|
|
137591E7000
|
unkown
|
page read and write
|
|
|
|
218F35E5000
|
heap private
|
page read and write
|
|
|
|
7FF550321000
|
unkown
|
page readonly
|
|
|
|
1F400C02000
|
unkown
|
page read and write
|
|
|
|
7FF550015000
|
unkown
|
page readonly
|
|
|
|
7FF500029000
|
unkown
|
page readonly
|
|
|
|
7FF504CB4000
|
unkown
|
page readonly
|
|
|
|
1F47FDF0000
|
heap default
|
page read and write
|
|
|
|
7FF54FD41000
|
unkown
|
page readonly
|
|
|
|
48B23BA000
|
unkown
|
page read and write
|
|
|
|
8DBF18E000
|
unkown
|
page read and write
|
|
|
|
1F47FE52000
|
unkown
|
page read and write
|
|
|
|
7FF50002D000
|
unkown
|
page readonly
|
|
|
|
28944255000
|
unkown
|
page read and write
|
|
|
|
7FF58D78F000
|
unkown
|
page readonly
|
|
|
|
7FF536DFD000
|
unkown
|
page readonly
|
|
|
|
1F47FEC4000
|
unkown
|
page read and write
|
|
|
|
13753902000
|
unkown
|
page read and write
|
|
|
|
7FF50000F000
|
unkown
|
page readonly
|
|
|
|
7FF58D72A000
|
unkown
|
page readonly
|
|
|
|
7FF5502E3000
|
unkown
|
page readonly
|
|
|
|
13753D90000
|
unkown
|
page readonly
|
|
|
|
28943FA0000
|
heap private
|
page read and write
|
|
|
|
1F47FEEF000
|
unkown
|
page read and write
|
|
|
|
218F3310000
|
unkown
|
page read and write
|
|
|
|
7FF55041F000
|
unkown
|
page readonly
|
|
|
|
1F47FEA8000
|
unkown
|
page read and write
|
|
|
|
8DBF47D000
|
unkown
|
page read and write
|
|
|
|
7FF4FFB76000
|
unkown
|
page readonly
|
|
|
|
7FF504BDB000
|
unkown
|
page readonly
|
|
|
|
7FF5504B9000
|
unkown
|
page readonly
|
|
|
|
7FF550006000
|
unkown
|
page readonly
|
|
|
|
7FF58D821000
|
unkown
|
page readonly
|
|
|
|
1F400776000
|
unkown
|
page read and write
|
|
|
|
7FF58D798000
|
unkown
|
page readonly
|
|
|
|
1F47FE70000
|
unkown
|
page read and write
|
|
|
|
1F400781000
|
unkown
|
page read and write
|
|
|
|
7FF504C1A000
|
unkown
|
page readonly
|
|
|
|
1F400789000
|
unkown
|
page read and write
|
|
|
|
13758E4A000
|
unkown
|
page read and write
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
7FF58D5DF000
|
unkown
|
page readonly
|
|
|
|
845159E000
|
unkown
|
page read and write
|
|
|
|
7FF54FD93000
|
unkown
|
page readonly
|
|
|
|
1F400783000
|
unkown
|
page read and write
|
|
|
|
1F47FF08000
|
unkown
|
page read and write
|
|
|
|
7FF536DEE000
|
unkown
|
page readonly
|
|
|
|
7FF55046F000
|
unkown
|
page readonly
|
|
|
|
13758D54000
|
unkown
|
page read and write
|
|
|
|
1F400B60000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFDC000
|
unkown
|
page readonly
|
|
|
|
7FF504BBA000
|
unkown
|
page readonly
|
|
|
|
7FF58D6E3000
|
unkown
|
page readonly
|
|
|
|
13753891000
|
unkown
|
page read and write
|
|
|
|
137591F4000
|
unkown
|
page read and write
|
|
|
|
1F400790000
|
unkown
|
page read and write
|
|
|
|
28944D40000
|
unkown
|
page readonly
|
|
|
|
1F47FEB3000
|
unkown
|
page read and write
|
|
|
|
1F40077A000
|
unkown
|
page read and write
|
|
|
|
1F400783000
|
unkown
|
page read and write
|
|
|
|
13758BB0000
|
unkown
|
page read and write
|
|
|
|
1F400766000
|
unkown
|
page read and write
|
|
|
|
7FF504BD0000
|
unkown
|
page readonly
|
|
|
|
48B28FE000
|
unkown
|
page read and write
|
|
|
|
7FF5503E0000
|
unkown
|
page readonly
|
|
|
|
13754800000
|
unkown
|
page readonly
|
|
|
|
7FF58D778000
|
unkown
|
page readonly
|
|
|
|
7FF504CBA000
|
unkown
|
page readonly
|
|
|
|
13754159000
|
unkown
|
page read and write
|
|
|
|
1375388A000
|
unkown
|
page read and write
|
|
|
|
7FF550393000
|
unkown
|
page readonly
|
|
|
|
84521FF000
|
unkown
|
page read and write
|
|
|
|
1EE4F700000
|
unkown
|
page read and write
|
|
|
|
7FF536DB8000
|
unkown
|
page readonly
|
|
|
|
137547D0000
|
unkown
|
page readonly
|
|
|
|
13758E1A000
|
unkown
|
page read and write
|
|
|
|
218F35F0000
|
unkown
|
page readonly
|
|
|
|
7FF58D414000
|
unkown
|
page readonly
|
|
|
|
1EE4F613000
|
unkown
|
page read and write
|
|
|
|
7FF500026000
|
unkown
|
page readonly
|
|
|
|
13754015000
|
unkown
|
page read and write
|
|
|
|
7FF504BFF000
|
unkown
|
page readonly
|
|
|
|
1F400727000
|
unkown
|
page read and write
|
|
|
|
1F400720000
|
unkown
|
page read and write
|
|
|
|
137590F0000
|
unkown
|
page readonly
|
|
|
|
7FF4FF800000
|
unkown
|
page readonly
|
|
|
|
13759208000
|
unkown
|
page read and write
|
|
|
|
7FF58D386000
|
unkown
|
page readonly
|
|
|
|
13758E7A000
|
unkown
|
page read and write
|
|
|
|
13758D3D000
|
unkown
|
page read and write
|
|
|
|
7FF4FFFC7000
|
unkown
|
page readonly
|
|
|
|
137538FD000
|
unkown
|
page read and write
|
|
|
|
27E0C7F000
|
unkown
|
page read and write
|
|
|
|
7FF58D7A9000
|
unkown
|
page readonly
|
|
|
|
1F400E00000
|
unkown
|
page readonly
|
|
|
|
1F400782000
|
unkown
|
page read and write
|
|
|
|
13759090000
|
unkown
|
page read and write
|
|
|
|
7FF55033E000
|
unkown
|
page readonly
|
|
|
|
1F47FEF0000
|
unkown
|
page read and write
|
|
|
|
1EE4F5F0000
|
unkown
|
page read and write
|
|
|
|
1F400700000
|
unkown
|
page read and write
|
|
|
|
7FF54FD60000
|
unkown
|
page readonly
|
|
|
|
1EE4F430000
|
unkown
|
page readonly
|
|
|
|
7FF58D75C000
|
unkown
|
page readonly
|
|
|
|
1F400B40000
|
unkown
|
page readonly
|
|
|
|
1F400550000
|
unkown
|
page readonly
|
|
|
|
7FF550206000
|
unkown
|
page readonly
|
|
|
|
13758D60000
|
unkown
|
page read and write
|
|
|
|
7FF55049F000
|
unkown
|
page readonly
|
|
|
|
1EE4F629000
|
unkown
|
page read and write
|
|
|
|
7FF550532000
|
unkown
|
page readonly
|
|
|
|
27E017B000
|
unkown
|
page read and write
|
|
|
|
7FF5504B6000
|
unkown
|
page readonly
|
|
|
|
7FF58D51B000
|
unkown
|
page readonly
|
|
|
|
13758E9C000
|
unkown
|
page read and write
|
|
|
|
1F40077A000
|
unkown
|
page read and write
|
|
|
|
1F47FEED000
|
unkown
|
page read and write
|
|
|
|
137536D0000
|
heap default
|
page read and write
|
|
|
|
7FF58D6F3000
|
unkown
|
page readonly
|
|
|
|
13758C20000
|
unkown
|
page read and write
|
|
|
|
7FF504C2F000
|
unkown
|
page readonly
|
|
|
|
48B277A000
|
unkown
|
page read and write
|
|
|
|
1F400777000
|
unkown
|
page read and write
|
|
|
|
7FF550440000
|
unkown
|
page readonly
|
|
|
|
13759090000
|
unkown
|
page read and write
|
|
|
|
1EE4F600000
|
unkown
|
page read and write
|
|
|
|
13758D30000
|
unkown
|
page read and write
|
|
|
|
7FF58CFC7000
|
unkown
|
page readonly
|
|
|
|
7FF504C07000
|
unkown
|
page readonly
|
|
|
|
1F40074E000
|
unkown
|
page read and write
|
|
|
|
7FF58D69C000
|
unkown
|
page readonly
|
|
|
|
137538BA000
|
unkown
|
page read and write
|
|
|
|
13758E1E000
|
unkown
|
page read and write
|
|
|
|
7FF58D75F000
|
unkown
|
page readonly
|
|
|
|
7FF5000A2000
|
unkown
|
page readonly
|
|
|
|
13759070000
|
unkown
|
page read and write
|
|
|
|
7FF504CC1000
|
unkown
|
page readonly
|
|
|
|
13754B80000
|
unkown
|
page read and write
|
|
|
|
7FF55040B000
|
unkown
|
page readonly
|
|
|
|
218F3415000
|
unkown
|
page read and write
|
|
|
|
28944802000
|
unkown
|
page read and write
|
|
|
|
137537E0000
|
unkown
|
page read and write
|
|
|
|
1F4007A2000
|
unkown
|
page read and write
|
|
|
|
7FF58D7A6000
|
unkown
|
page readonly
|
|
|
|
13758D70000
|
unkown
|
page read and write
|
|
|
|
7FF58D571000
|
unkown
|
page readonly
|
|
|
|
13758E87000
|
unkown
|
page read and write
|
|
|
|
13753874000
|
unkown
|
page read and write
|
|
|
|
13753824000
|
unkown
|
page read and write
|
|
|
|
1F400C54000
|
unkown
|
page read and write
|
|
|
|
218F3406000
|
heap default
|
page read and write
|
|
|
|
13754600000
|
unkown
|
page read and write
|
|
|
|
7FF58D5DA000
|
unkown
|
page readonly
|
|
|
|
27E0577000
|
unkown
|
page read and write
|
|
|
|
8451B77000
|
unkown
|
page read and write
|
|
|
|
13758B90000
|
unkown
|
page read and write
|
|
|
|
7FF55052A000
|
unkown
|
page readonly
|
|
|
|
7FF54FF1E000
|
unkown
|
page readonly
|
|
|
|
1F400728000
|
unkown
|
page read and write
|
|
|
|
13753857000
|
unkown
|
page read and write
|
|
|
|
13754118000
|
unkown
|
page read and write
|
|
|
|
7FF58D521000
|
unkown
|
page readonly
|
|
|
|
7FF504790000
|
unkown
|
page readonly
|
|
|
|
7FF4FFFB0000
|
unkown
|
page readonly
|
|
|
|
13754500000
|
unkown
|
page read and write
|
|
|
|
7FF58D3AA000
|
unkown
|
page readonly
|
|
|
|
7FF54FFA2000
|
unkown
|
page readonly
|
|
|
|
13758D3C000
|
unkown
|
page read and write
|
|
|
|
B51397F000
|
unkown
|
page read and write
|
|
|
|
137591A0000
|
unkown
|
page read and write
|
|
|
|
13759000000
|
unkown
|
page read and write
|
|
|
|
13754810000
|
unkown
|
page readonly
|
|
|
|
13759090000
|
unkown
|
page read and write
|
|
|
|
7FF550484000
|
unkown
|
page readonly
|
|
|
|
218F3401000
|
unkown
|
page read and write
|
|
|
|
7FF504A21000
|
unkown
|
page readonly
|
|
|
|
7FF58D730000
|
unkown
|
page readonly
|
|
There are 602 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Payment%20Copy%20for%20Inv%20ps-7%20-USD%2024,806.PDF.htm
|
|