IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%3a443%2fo%2fs%21BKZQjSsteGBggQGWxWGDijKXGIKI%3fe%3dYSYU1OrRbk-OgIBVwfjzEw%26at%3d9&c=E,1,kIuIGEH799izsJ8ZzgEzo4vQsPME7QtXgthIwQx0qxxoPwhTl2ujgDMlbeQxn4ZdZQB-OFmNbdIvk9f4X00Afp0hXBwXDa-unMy-xntb&typo=1
URL
initial url
 malicious
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 61020 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\20bcb68b-3340-487f-a994-6e6013be61e8.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5da72804-b830-4f10-ba4e-c2ca5b197a45.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\6811ed3f-5d46-464a-8a78-76faacf528bd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\6d075f6d-1af8-4feb-89b6-470ecb72ceee.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7702be74-bba3-48e6-8a44-8faf509af6fb.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\77c8dfa8-68fb-4118-ac78-3e75947a034b.tmp
data
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\89aa96a9-db20-48aa-9f45-a39e4c428029.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0d3a3581-d5ef-44b4-8919-d3347e9209a7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1cf82c7a-aa3f-4088-a7d0-3c4a63f4be82.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2f9c4a1d-fd8d-4632-82d8-6476bc2a37b3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\344f6f6c-7377-4fd2-b848-6fcd12d16364.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\369afe18-7081-438f-a949-13fa88a89e46.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\479f65b0-35c4-43e7-8318-677ae5b8f6c3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ffd6cb0-83ee-4e3c-ac4e-e22d8f244003.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6626180b-7833-4d04-b249-920feee1c2eb.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c00b008-59f7-4fd7-b768-8e3c8817d41d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c732de1-07e4-4854-b33e-45925f7fd22d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\87973641-dfe5-478e-89b4-a47e807cb30c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9481541f-99ba-4ae2-aa24-b0f51ab7a260.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldNT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.e (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\037a117947eadf82_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\04ffe34ebd2761c7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0bb91d310fc8f48c_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e92be4d4afa6709_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ed937f35102492d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\12be61d7f6fe1090_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\161fd244fa689573_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1a049a383c9f2c9a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1a7750ff440fe8cc_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b3e5202d92bd1be_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\205ef0c584d89ac9_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\30df1dad39595b20_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37c3c5f79988b064_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e2045da28285ce5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\45de7baa1e70f6fd_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4c768a03884be887_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\509916821a0fc2da_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\52f8f953e4a5a9ab_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6127d4bd9cdcd01a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\617f78aaa544a720_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\69d491139461ce46_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6ce673d9d43c7a3d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6d6a4f3b7a75956a_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6daa52f36522edb6_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6fe11d08e6f3391d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7444ea2da1317cfb_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7531fee981b72877_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\78bedd258028e0c4_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7972073d97ac6a72_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ec4cb91ffcb0ae0_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8fb80b44416c605e_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\936ea5f25b0204ed_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9895df97930d526d_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\99840c9a9136abf6_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b24c7ce889c44bd7_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2b369b661608142_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b63c1cd7c7087090_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bf789c709f3fbb5b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c28cce5b128f8326_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c3c2b2f548f3ba44_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c578d2a2ae09a113_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cae36ae7fa4d6ce2_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cff45f8378caad97_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d1b76a59a9e3f660_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d598c76bdc491128_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d5b6ea09967e5c42_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d6c9ff9f20c21023_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de272f24ef9bbe31_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df616072ed05fe37_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e0ac675daa08938b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e1f7ecb6fc0a528f_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee2d74af9fde7e01_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f1c8f28f7b9cefec_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f251984d116eca5b_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3b70381e0b52174_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbfdce35af9204d9_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
data
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.olden (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.O (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsnd (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateM (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldrt (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences4 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesTM (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencest (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\07eca047-39bf-46e5-a5e9-7ba29693166e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent Statep. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\13e0462d-ffe1-4465-bb57-4b0e15d6a733.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecuritye (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a63d27e8-6de0-44ac-a6f4-c690074b72d5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\afe41f25-7f26-4736-8874-c06c4503a714.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c7a2eee7-1e0e-4be7-b7d9-f2875f5e33c8.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ff36d52d-fbc8-4904-8d69-ac995211a790.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldd (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\11517872-a506-40a6-acdc-e40a797cec56.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\618e691f-7b99-42c2-bf4d-97e59d7882af.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\7fcb5611-a5f4-4ad9-bd37-d6fe295ec5f9.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\d46c9026-fd6d-4d21-9216-c891673696b6.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\11517872-a506-40a6-acdc-e40a797cec56.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_1472304941\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\618e691f-7b99-42c2-bf4d-97e59d7882af.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4808_221674214\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Windows\Fonts\timesi.ttf
data
dropped
 clean
There are 284 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%3a443%2fo%2fs%21BKZQjSsteGBggQGWxWGDijKXGIKI%3fe%3dYSYU1OrRbk-OgIBVwfjzEw%26at%3d9&c=E,1,kIuIGEH799izsJ8ZzgEzo4vQsPME7QtXgthIwQx0qxxoPwhTl2ujgDMlbeQxn4ZdZQB-OFmNbdIvk9f4X00Afp0hXBwXDa-unMy-xntb&typo=1'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,16837710322178850958,12009668449574082098,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1696 /prefetch:8
clean

URLs

Name
IP
Malicious
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f1drv.ms%3a443%2fo%2fs%21BKZQjSsteGBggQGWxWGDijKX
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://live.com/X1
unknown
 clean
https://play.google.com
unknown
 clean
https://live.com/T/
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=Yqv6eHo7wCDvHDyG%2FIE%2BWWCelrfwfbvN3lN0xql%2FOOrgfI2sRg80w
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
unknown
 clean
https://gabby-gratis-tarascosaurus.glitch.me/wein.html
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://onedrive.live.com/
unknown
 clean
https://onenote.com/w
unknown
 clean
https://onedrive.live.com/redir?resid=6060782D2B8D50A6%21129&authkey=%21ApbFYYOKMpcYgog&page=View&wd=target%28Quick%20Notes.one%7C9d63e26b-8e15-4b90-a730-077581269bde%2FEnvironmental%20Fluids%7C74fd9e3e-3791-42d6-9ff6-6a7ed758b675%2F%29
clean
https://onenote.com/y
unknown
 clean
https://www.google.com
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=GroupFolders&v=19.710.0628.2003&
unknown
 clean
https://p.sfx.ms
unknown
 clean
https://www.onenote.com/officeaddins/learningtools/?et=
unknown
 clean
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
unknown
 clean
https://live.com/p$
unknown
 clean
https://live.com/$WQ8A
unknown
 clean
https://accounts.google.com
unknown
 clean
https://live.com/
unknown
 clean
https://1drv.ms/o/s
unknown
 clean
https://live.com/=
unknown
 clean
https://onedrive.live.com/redir?resid=6060782D2B8D50A6
unknown
 clean
https://apis.google.com
unknown
 clean
https://onenote.com/_
unknown
 clean
https://gabby-gratis-tarascosaurus.glitch.me/P
unknown
 clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
unknown
 clean
https://p.sfx.ms//storage/aria-2.5.0.min.js
unknown
 clean
https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
unknown
 clean
https://clients2.google.com
unknown
 clean
https://onenote.com/x=
unknown
 clean
https://gabby-gratis-tarascosaurus.glitch.me/wein.htmlShare
unknown
 clean
https://dns.google
unknown
 clean
https://live.com/R
unknown
 clean
https://ogs.google.com
unknown
 clean
https://onedrive.live.comh
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://onedrive.live.com
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac0-efa56458
unknown
 clean
https://gabby-gratis-tarascosaurus.glitch.me/
unknown
 clean
https://maxcdn.bootstrapcdn.com/
unknown
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://code.jquery.com/
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac2-bf8b3319
unknown
 clean
https://live.com/E
unknown
 clean
https://kit.fontawesome.com/
unknown
 clean
https://onedrive.live.com/redir?resid=6060782D2B8D50A6%21129&authkey=%21ApbFYYOKMpcYgog&page=View&wd
unknown
 clean
https://1drv.ms
unknown
 clean
https://live.com/J
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac1-cdc297b4
unknown
 clean
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=Office&v=19.710.0628.2003&useReq
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/jquery-1.7.2-
unknown
 clean
https://www.onenote.com
unknown
 clean
https://gabby-gratis-tarascosaurus.glitch.me/wein.html
clean
https://www.onenote.com/
unknown
 clean
https://skyapi.onedrive.live.com/api/proxy?v=3
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
unknown
 clean
https://onenote.com/
unknown
 clean
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-GB&wrapperId=suites
unknown
 clean
https://live.com/H(
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://onedrive.live.com/view.aspx?resid=6060782D2B8D50A6
unknown
 clean
https://www.google.com/
unknown
 clean
https://onedrive.live.com/view.aspx?resid=6060782D2B8D50A6!129&ithint=onenote%2c&authkey=!ApbFYYOKMpcYgog
clean
https://feedback.googleusercontent.com
unknown
 clean
https://live.com/j
unknown
 clean
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210614.002/wac_s_office-
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
There are 64 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.186.163
 clean
gabby-gratis-tarascosaurus.glitch.me
52.5.55.81
 clean
accounts.google.com
216.58.205.77
 clean
i-am3p-cor006.api.p001.1drv.com
13.104.158.180
 clean
cdnjs.cloudflare.com
104.16.18.94
 clean
maxcdn.bootstrapcdn.com
104.18.10.207
 clean
clients.l.google.com
216.58.208.174
 clean
linkprotect.cudasvc.com
18.196.58.60
 clean
googlehosted.l.googleusercontent.com
216.58.208.129
 clean
1drv.ms
13.107.42.12
 clean
i-db3p-cor005.api.p001.1drv.com
13.104.208.160
 clean
i.ibb.co
145.239.131.60
 clean
onenoteonlinesync.onenote.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
messaging.office.com
unknown
 clean
c.live.com
unknown
 clean
ajax.aspnetcdn.com
unknown
 clean
storage.live.com
unknown
 clean
skyapi.onedrive.live.com
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
code.jquery.com
unknown
 clean
onedrive.live.com
unknown
 clean
p.sfx.ms
unknown
 clean
amcdn.msftauth.net
unknown
 clean
spoprod-a.akamaihd.net
unknown
 clean
www.onenote.com
unknown
 clean
There are 18 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
52.5.55.81
gabby-gratis-tarascosaurus.glitch.me
United States
clean
192.168.2.4
unknown
unknown
clean
192.168.2.3
unknown
unknown
clean
216.58.208.129
googlehosted.l.googleusercontent.com
United States
clean
104.16.18.94
cdnjs.cloudflare.com
United States
clean
145.239.131.60
i.ibb.co
France
clean
216.58.205.77
accounts.google.com
United States
clean
13.107.42.12
1drv.ms
United States
clean
239.255.255.250
unknown
Reserved
clean
127.0.0.1
unknown
unknown
clean
104.18.10.207
maxcdn.bootstrapcdn.com
United States
clean
13.104.158.180
i-am3p-cor006.api.p001.1drv.com
United States
clean
13.104.208.160
i-db3p-cor005.api.p001.1drv.com
United States
clean
216.58.208.174
clients.l.google.com
United States
clean
142.250.186.163
gstaticadssl.l.google.com
United States
clean
18.196.58.60
linkprotect.cudasvc.com
United States
clean
There are 7 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
ahfgeienlihckogmohjhadlkjgocpleb
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
kmendfapggjehodndflmmgagdbamhnfd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mfehgcgbbipciphmccgaenjidiccnmng
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
neajdppkdcdipfabeoofebfddakdcjhd
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nkeimhogjdpnpccoofpliimaahmaaome
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
nmmhkkegccagdldgiimedpiccmgmieda
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
StatusCodes
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
state
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
dr
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.reporting
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
module_blacklist_cache_md5_digest
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
media.storage_id_salt
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.account_id
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_seed
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
default_search_provider_data.template_url_data
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
safebrowsing.incidents_sent
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
pinned_tabs
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
search_provider_overrides
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_default_search
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
prefs.preference_reset_time
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
google.services.last_username
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
session.restore_on_startup
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
software_reporter.prompt_version
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.last_triggered_for_startup_urls
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
settings_reset_prompt.prompt_wave
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
homepage_is_newtabpage
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
browser.show_home_button
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
user_experience_metrics.stability.exited_cleanly
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
lastrun
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
Blob
 clean
There are 39 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF51B247000
unkown
page readonly
 clean
7FF51AE45000
unkown
page readonly
 clean
7FF568C71000
unkown
page readonly
 clean
7FF51B0C2000
unkown
page readonly
 clean
1AB516A1000
unkown
page read and write
 clean
7FF5DA2CE000
unkown
page readonly
 clean
7FF568E55000
unkown
page readonly
 clean
8D7F97E000
unkown
page read and write
 clean
7FF51B0F1000
unkown
page readonly
 clean
2BB19B41000
unkown
page read and write
 clean
FB6B67E000
unkown
page read and write
 clean
2BB19B58000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF51B064000
unkown
page readonly
 clean
7FF58B826000
unkown
page readonly
 clean
7FF505A86000
unkown
page readonly
 clean
7FF568B1A000
unkown
page readonly
 clean
7FF58BAD9000
unkown
page readonly
 clean
2BB19B8A000
unkown
page read and write
 clean
1A864E00000
unkown
page read and write
 clean
7FF505A15000
unkown
page readonly
 clean
2BB199C0000
unkown
page readonly
 clean
1A864E5A000
unkown
page read and write
 clean
7FF559F24000
unkown
page readonly
 clean
785627E000
unkown
page read and write
 clean
26B98B56000
unkown
page read and write
 clean
89C2EFF000
unkown
page read and write
 clean
7FF58B5D2000
unkown
page readonly
 clean
7FF58B3B7000
unkown
page readonly
 clean
7FF505790000
unkown
page readonly
 clean
7FF51B1EF000
unkown
page readonly
 clean
7FF505A5A000
unkown
page readonly
 clean
1AB517F0000
unkown
page read and write
 clean
7FF51AE86000
unkown
page readonly
 clean
27543FB0000
unkown
page readonly
 clean
7FF51B1E3000
unkown
page readonly
 clean
7FF559EE7000
unkown
page readonly
 clean
2BB19B5C000
unkown
page read and write
 clean
62ED7FF000
unkown
page read and write
 clean
1A905708000
unkown
page read and write
 clean
2BB191B0000
heap default
page read and write
 clean
7FF5AA5EF000
unkown
page readonly
 clean
27543FA0000
unkown
page readonly
 clean
1A864E64000
unkown
page read and write
 clean
2BB19BC7000
unkown
page read and write
 clean
1A864E13000
unkown
page read and write
 clean
2BB19B53000
unkown
page read and write
 clean
1A90564C000
unkown
page read and write
 clean
7FF5DA34A000
unkown
page readonly
 clean
7FF5AA5BF000
unkown
page readonly
 clean
1A905629000
unkown
page read and write
 clean
7FF559E3C000
unkown
page readonly
 clean
1539A302000
unkown
page read and write
 clean
205941D0000
unkown
page readonly
 clean
7FF5A649D000
unkown
page readonly
 clean
20594247000
unkown
page read and write
 clean
7FF505A0E000
unkown
page readonly
 clean
2BB19B62000
unkown
page read and write
 clean
7FF58B73A000
unkown
page readonly
 clean
2BB1A000000
unkown
page read and write
 clean
FB6AEFE000
unkown
page read and write
 clean
1A905650000
unkown
page read and write
 clean
7FF51B23B000
unkown
page readonly
 clean
7FF50590E000
unkown
page readonly
 clean
7FF58BAC8000
unkown
page readonly
 clean
2BB1A102000
unkown
page read and write
 clean
2BB19960000
unkown
page write copy
 clean
27544113000
unkown
page read and write
 clean
7FF568E4A000
unkown
page readonly
 clean
2BB19930000
unkown
page readonly
 clean
7FF5A646A000
unkown
page readonly
 clean
7FF568F42000
unkown
page readonly
 clean
2BB19B5A000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
7FF505AFA000
unkown
page readonly
 clean
7FF51AA85000
unkown
page readonly
 clean
1AB51580000
unkown
page read and write
 clean
7FF5DA2D6000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
7FF505A1B000
unkown
page readonly
 clean
7FF5AA606000
unkown
page readonly
 clean
2BB19B3B000
unkown
page read and write
 clean
1AB51770000
unkown
page read and write
 clean
7FF5AA682000
unkown
page readonly
 clean
2BB1A061000
unkown
page read and write
 clean
7FF559EFC000
unkown
page readonly
 clean
7FF51B314000
unkown
page readonly
 clean
26B98AE0000
unkown
page read and write
 clean
2BB192BF000
unkown
page read and write
 clean
62ECF4F000
unkown
page read and write
 clean
26B98B67000
unkown
page read and write
 clean
2BB19150000
heap private
page read and write
 clean
7FF5A60FA000
unkown
page readonly
 clean
7FF51B235000
unkown
page readonly
 clean
1AB4C815000
unkown
page read and write
 clean
7FF5DA1CC000
unkown
page readonly
 clean
7FF51B21A000
unkown
page readonly
 clean
7FF58BA2B000
unkown
page readonly
 clean
7FF58B53E000
unkown
page readonly
 clean
1AB516C4000
unkown
page read and write
 clean
7FF5AA3E1000
unkown
page readonly
 clean
1AB516A0000
unkown
page read and write
 clean
2BB19316000
unkown
page read and write
 clean
27543ED0000
unkown
page readonly
 clean
2BB192E9000
unkown
page read and write
 clean
7FF51B25F000
unkown
page readonly
 clean
2BB19A02000
unkown
page read and write
 clean
2BB1A061000
unkown
page read and write
 clean
1AB51A17000
unkown
page read and write
 clean
1AB515A0000
unkown
page read and write
 clean
89C29F7000
unkown
page read and write
 clean
1A905600000
unkown
page read and write
 clean
7FF58BA6B000
unkown
page readonly
 clean
7FF5A6458000
unkown
page readonly
 clean
7FF5A6488000
unkown
page readonly
 clean
7FF5AA609000
unkown
page readonly
 clean
FB6B4F7000
unkown
page read and write
 clean
26B98B70000
unkown
page read and write
 clean
7FF5DA2C8000
unkown
page readonly
 clean
7FF559E1D000
unkown
page readonly
 clean
1AB51A13000
unkown
page read and write
 clean
20594253000
unkown
page read and write
 clean
8D7F575000
unkown
page read and write
 clean
7FF568E7C000
unkown
page readonly
 clean
1AB4C2B7000
unkown
page read and write
 clean
7FF51B17D000
unkown
page readonly
 clean
7FF51B22A000
unkown
page readonly
 clean
7FF58B3B3000
unkown
page readonly
 clean
1AB51800000
unkown
page read and write
 clean
1A9055D0000
unkown
page readonly
 clean
7FF559EFF000
unkown
page readonly
 clean
1AB51770000
unkown
page readonly
 clean
7FF559ED5000
unkown
page readonly
 clean
62ED3FB000
unkown
page read and write
 clean
1AB51820000
unkown
page readonly
 clean
7FF5A6425000
unkown
page readonly
 clean
7FF51B176000
unkown
page readonly
 clean
89C2F7E000
unkown
page read and write
 clean
89C2A7E000
unkown
page read and write
 clean
2BB1A002000
unkown
page read and write
 clean
2BB19BB9000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
7FF505A54000
unkown
page readonly
 clean
1AB4D190000
unkown
page readonly
 clean
7FF50595D000
unkown
page readonly
 clean
1539A090000
unkown
page readonly
 clean
7FF559E34000
unkown
page readonly
 clean
FB6B5F8000
unkown
page read and write
 clean
1AB4C902000
unkown
page read and write
 clean
7FF559AA5000
unkown
page readonly
 clean
7FF505B01000
unkown
page readonly
 clean
7FF505787000
unkown
page readonly
 clean
1A865800000
unkown
page readonly
 clean
2BB192EA000
unkown
page read and write
 clean
7FF51B021000
unkown
page readonly
 clean
7FF568B0C000
unkown
page readonly
 clean
89C2FFE000
unkown
page read and write
 clean
2BB192A8000
unkown
page read and write
 clean
7FF505861000
unkown
page readonly
 clean
7FF51B284000
unkown
page readonly
 clean
1AB4D180000
unkown
page readonly
 clean
2BB19B61000
unkown
page read and write
 clean
7FF5DA2DD000
unkown
page readonly
 clean
1539A020000
heap private
page read and write
 clean
2BB19B82000
unkown
page read and write
 clean
7FF58BA8F000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
1A864E3C000
unkown
page read and write
 clean
2BB1A002000
unkown
page read and write
 clean
26B98B70000
unkown
page read and write
 clean
7FF58BA02000
unkown
page readonly
 clean
7FF568C16000
unkown
page readonly
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF5D9AB9000
unkown
page readonly
 clean
1AB4C28D000
unkown
page read and write
 clean
1A90564D000
unkown
page read and write
 clean
20594250000
unkown
page read and write
 clean
9B5B67F000
unkown
page read and write
 clean
1AB4C2F9000
unkown
page read and write
 clean
2BB199D0000
unkown
page read and write
 clean
7FF559ECE000
unkown
page readonly
 clean
2BB19B72000
unkown
page read and write
 clean
2BB19BBF000
unkown
page read and write
 clean
7FF58B362000
unkown
page readonly
 clean
7FF5AA5E4000
unkown
page readonly
 clean
7FF58B941000
unkown
page readonly
 clean
1AB4C299000
unkown
page read and write
 clean
7FF505A3F000
unkown
page readonly
 clean
7FF51B071000
unkown
page readonly
 clean
20594248000
unkown
page read and write
 clean
7FF51AF1A000
unkown
page readonly
 clean
7FF5AA60D000
unkown
page readonly
 clean
1539BBA0000
unkown
page read and write
 clean
78565F7000
unkown
page read and write
 clean
26B98B78000
unkown
page read and write
 clean
7FF58B8A1000
unkown
page readonly
 clean
62ED5FF000
unkown
page read and write
 clean
2BB19B54000
unkown
page read and write
 clean
7FF505A6F000
unkown
page readonly
 clean
7FF58BA5E000
unkown
page readonly
 clean
1A905713000
unkown
page read and write
 clean
2BB19B65000
unkown
page read and write
 clean
7FF5DA2D9000
unkown
page readonly
 clean
7FF58B896000
unkown
page readonly
 clean
26B98D20000
unkown
page read and write
 clean
1AB4D4D1000
unkown
page read and write
 clean
9B5B6FD000
unkown
page read and write
 clean
7FF568F41000
unkown
page readonly
 clean
2BB19B64000
unkown
page read and write
 clean
78566FE000
unkown
page read and write
 clean
2BB192E3000
unkown
page read and write
 clean
7FF505A78000
unkown
page readonly
 clean
7FF5055E5000
unkown
page readonly
 clean
1AB4D140000
unkown
page readonly
 clean
2BB19B62000
unkown
page read and write
 clean
1A864E5F000
unkown
page read and write
 clean
1539A1B0000
unkown
page readonly
 clean
1A865B40000
unkown
page readonly
 clean
1AB4C918000
unkown
page read and write
 clean
7FF58BAA4000
unkown
page readonly
 clean
1A905613000
unkown
page read and write
 clean
7FF51AFF6000
unkown
page readonly
 clean
89C2E7B000
unkown
page read and write
 clean
7FF5AA595000
unkown
page readonly
 clean
2BB1A002000
unkown
page read and write
 clean
1A864F13000
unkown
page read and write
 clean
7FF559F14000
unkown
page readonly
 clean
20594200000
unkown
page read and write
 clean
1AB4D130000
unkown
page readonly
 clean
2BB1923C000
unkown
page read and write
 clean
7FF51B00F000
unkown
page readonly
 clean
7FF51B19C000
unkown
page readonly
 clean
2BB19BB9000
unkown
page read and write
 clean
1AB4C913000
unkown
page read and write
 clean
7FF568D4B000
unkown
page readonly
 clean
1539A1F0000
unkown
page read and write
 clean
1539A256000
unkown
page read and write
 clean
1A864F08000
unkown
page read and write
 clean
89C287D000
unkown
page read and write
 clean
7FF51AEC1000
unkown
page readonly
 clean
7FF58B5C2000
unkown
page readonly
 clean
4847DFB000
unkown
page read and write
 clean
7FF51B081000
unkown
page readonly
 clean
7FF559DCE000
unkown
page readonly
 clean
26B98B79000
unkown
page read and write
 clean
62ED2F5000
unkown
page read and write
 clean
7FF568E9A000
unkown
page readonly
 clean
7FF50597C000
unkown
page readonly
 clean
1AB51A55000
unkown
page read and write
 clean
7FF5DA24A000
unkown
page readonly
 clean
7FF51B02D000
unkown
page readonly
 clean
7FF58B860000
unkown
page readonly
 clean
26B98E40000
heap private
page read and write
 clean
7FF5AA58E000
unkown
page readonly
 clean
1AB516A8000
unkown
page read and write
 clean
1A905E02000
unkown
page read and write
 clean
1A864F02000
unkown
page read and write
 clean
7FF51AB32000
unkown
page readonly
 clean
7FF559DCB000
unkown
page readonly
 clean
2BB191E0000
unkown
page read and write
 clean
7FF58B7E0000
unkown
page readonly
 clean
2BB19270000
unkown
page read and write
 clean
2BB19BBF000
unkown
page read and write
 clean
7FF58BB44000
unkown
page readonly
 clean
7FF58BA4C000
unkown
page readonly
 clean
1AB4C900000
unkown
page read and write
 clean
27544002000
unkown
page read and write
 clean
1A8650D0000
unkown
page readonly
 clean
7FF5DA103000
unkown
page readonly
 clean
27544670000
unkown
page readonly
 clean
1539A202000
unkown
page read and write
 clean
7FF5DA141000
unkown
page readonly
 clean
1AB516D0000
unkown
page read and write
 clean
1AB4C313000
unkown
page read and write
 clean
1AB51510000
unkown
page read and write
 clean
2BB19B21000
unkown
page read and write
 clean
1AB516A0000
unkown
page read and write
 clean
27543E60000
heap private
page read and write
 clean
7FF51AEAA000
unkown
page readonly
 clean
1AB4C7A0000
unkown
page read and write
 clean
2BB19B74000
unkown
page read and write
 clean
7FF559F07000
unkown
page readonly
 clean
7FF568F3A000
unkown
page readonly
 clean
7FF58B81B000
unkown
page readonly
 clean
1539A200000
unkown
page read and write
 clean
1AB4C29B000
unkown
page read and write
 clean
7FF51AFEB000
unkown
page readonly
 clean
7FF51B01B000
unkown
page readonly
 clean
812793B000
unkown
page read and write
 clean
1AB51A4A000
unkown
page read and write
 clean
89C30FF000
unkown
page read and write
 clean
9B5B57F000
unkown
page read and write
 clean
7FF5596F0000
unkown
page readonly
 clean
1AB51800000
unkown
page read and write
 clean
1A905550000
heap private
page read and write
 clean
7FF505A47000
unkown
page readonly
 clean
7FF51B31A000
unkown
page readonly
 clean
1AB4C229000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
27544A00000
unkown
page readonly
 clean
26B98B70000
unkown
page read and write
 clean
FB6B1FE000
unkown
page read and write
 clean
8127C7E000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF5A9DB0000
unkown
page readonly
 clean
7FF5A650A000
unkown
page readonly
 clean
7FF5AA5BC000
unkown
page readonly
 clean
89C307F000
unkown
page read and write
 clean
7FF5DA26B000
unkown
page readonly
 clean
785647B000
unkown
page read and write
 clean
7FF5AA5D4000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
7FF568E88000
unkown
page readonly
 clean
7FF58BA97000
unkown
page readonly
 clean
1A864DB0000
unkown
page readonly
 clean
7FF559ED0000
unkown
page readonly
 clean
7FF5DA2B4000
unkown
page readonly
 clean
2BB19B74000
unkown
page read and write
 clean
1AB518E0000
unkown
page readonly
 clean
20594010000
heap default
page read and write
 clean
7FF5DA351000
unkown
page readonly
 clean
81281FA000
unkown
page read and write
 clean
7FF5DA297000
unkown
page readonly
 clean
1A864DA0000
heap default
page read and write
 clean
1AB517E0000
unkown
page read and write
 clean
26B98E50000
unkown
page readonly
 clean
7FF51AA3D000
unkown
page readonly
 clean
1A864F00000
unkown
page read and write
 clean
7FF5AA5FE000
unkown
page readonly
 clean
2BB19B72000
unkown
page read and write
 clean
4847E79000
unkown
page read and write
 clean
7FF568B1F000
unkown
page readonly
 clean
7FF559F49000
unkown
page readonly
 clean
27543EC0000
heap default
page read and write
 clean
1A905702000
unkown
page read and write
 clean
2BB19B3D000
unkown
page read and write
 clean
2BB19B28000
unkown
page read and write
 clean
1AB51550000
unkown
page readonly
 clean
7FF58B95E000
unkown
page readonly
 clean
1AB4CE00000
unkown
page read and write
 clean
2BB19B31000
unkown
page read and write
 clean
1AB4C050000
unkown
page readonly
 clean
7FF559EBC000
unkown
page readonly
 clean
7FF58BACE000
unkown
page readonly
 clean
7FF58BAB4000
unkown
page readonly
 clean
7FF58B5CE000
unkown
page readonly
 clean
8D7F87F000
unkown
page read and write
 clean
1A906340000
unkown
page readonly
 clean
7FF5AA590000
unkown
page readonly
 clean
7FF51B008000
unkown
page readonly
 clean
1A90564F000
unkown
page read and write
 clean
2BB19B72000
unkown
page read and write
 clean
7FF5A6474000
unkown
page readonly
 clean
20594A00000
unkown
page readonly
 clean
7FF559F3E000
unkown
page readonly
 clean
7FF5AA5F8000
unkown
page readonly
 clean
7FF505974000
unkown
page readonly
 clean
1AB516C0000
unkown
page read and write
 clean
2BB19BC7000
unkown
page read and write
 clean
2BB19B53000
unkown
page read and write
 clean
1AB4C7B0000
unkown
page read and write
 clean
7FF5AA4E3000
unkown
page readonly
 clean
7FF51AF0A000
unkown
page readonly
 clean
1AB4CF70000
unkown
page read and write
 clean
2059424D000
unkown
page read and write
 clean
1A864E54000
unkown
page read and write
 clean
2BB19B72000
unkown
page read and write
 clean
7FF559FB4000
unkown
page readonly
 clean
7FF568EC9000
unkown
page readonly
 clean
1AB51830000
unkown
page read and write
 clean
1AB51810000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
8127D75000
unkown
page read and write
 clean
7FF5A644F000
unkown
page readonly
 clean
2BB19B58000
unkown
page read and write
 clean
89C28FE000
unkown
page read and write
 clean
7FF559D21000
unkown
page readonly
 clean
1AB4C26C000
unkown
page read and write
 clean
7FF5AA165000
unkown
page readonly
 clean
7FF559E23000
unkown
page readonly
 clean
2BB19B8D000
unkown
page read and write
 clean
7FF5DA15E000
unkown
page readonly
 clean
1AB4C802000
unkown
page read and write
 clean
7FF505A10000
unkown
page readonly
 clean
7FF5AA307000
unkown
page readonly
 clean
7FF5AA310000
unkown
page readonly
 clean
8D7F13B000
unkown
page read and write
 clean
1539A400000
unkown
page readonly
 clean
7FF58BB51000
unkown
page readonly
 clean
1A905652000
unkown
page read and write
 clean
2BB192A4000
unkown
page read and write
 clean
7FF51A9E5000
unkown
page readonly
 clean
7FF5D9FD7000
unkown
page readonly
 clean
1A864E5C000
unkown
page read and write
 clean
7FF5AA57A000
unkown
page readonly
 clean
7FF559D73000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
1539A160000
unkown
page write copy
 clean
2BB19BA3000
unkown
page read and write
 clean
1AB4D160000
unkown
page readonly
 clean
7FF5059FA000
unkown
page readonly
 clean
7FF5D9E26000
unkown
page readonly
 clean
62ECECB000
unkown
page read and write
 clean
1AB4C400000
unkown
page readonly
 clean
20594308000
unkown
page read and write
 clean
7FF51AEB1000
unkown
page readonly
 clean
7FF5A644C000
unkown
page readonly
 clean
7FF5A6420000
unkown
page readonly
 clean
2BB19313000
unkown
page read and write
 clean
26B98B40000
heap default
page read and write
 clean
1AB51A1D000
unkown
page read and write
 clean
7FF58B903000
unkown
page readonly
 clean
1A865000000
unkown
page readonly
 clean
7FF58BA3F000
unkown
page readonly
 clean
2BB19B62000
unkown
page read and write
 clean
1AB4C271000
unkown
page read and write
 clean
7FF5058B3000
unkown
page readonly
 clean
7FF5059FC000
unkown
page readonly
 clean
1AB51A2B000
unkown
page read and write
 clean
7FF5AA48B000
unkown
page readonly
 clean
27544108000
unkown
page read and write
 clean
1539A229000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
7FF5A6464000
unkown
page readonly
 clean
1A90568A000
unkown
page read and write
 clean
7FF58B8B1000
unkown
page readonly
 clean
7FF58B90A000
unkown
page readonly
 clean
2059424B000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF5A6499000
unkown
page readonly
 clean
7FF58B9CC000
unkown
page readonly
 clean
7FF559F4D000
unkown
page readonly
 clean
7FF58BA60000
unkown
page readonly
 clean
7FF58BA77000
unkown
page readonly
 clean
2BB199D0000
unkown
page read and write
 clean
7FF559A90000
unkown
page readonly
 clean
20594245000
unkown
page read and write
 clean
7FF51AF14000
unkown
page readonly
 clean
1AB51774000
unkown
page read and write
 clean
1A864E58000
unkown
page read and write
 clean
1AB517D0000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
7FF58B9B3000
unkown
page readonly
 clean
7FF568E94000
unkown
page readonly
 clean
7FF58BAAA000
unkown
page readonly
 clean
7FF58B9AD000
unkown
page readonly
 clean
2754406A000
unkown
page read and write
 clean
7FF5A5D77000
unkown
page readonly
 clean
7FF5A6504000
unkown
page readonly
 clean
7FF568D53000
unkown
page readonly
 clean
7FF58BABF000
unkown
page readonly
 clean
7FF568CA9000
unkown
page readonly
 clean
89C25AC000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
20594255000
unkown
page read and write
 clean
7FF568E13000
unkown
page readonly
 clean
2BB19B62000
unkown
page read and write
 clean
7FF5AA59B000
unkown
page readonly
 clean
1AB51820000
unkown
page read and write
 clean
7FF505A64000
unkown
page readonly
 clean
1A864E86000
unkown
page read and write
 clean
FB6B2F7000
unkown
page read and write
 clean
7FF58B95B000
unkown
page readonly
 clean
7FF5DA1C4000
unkown
page readonly
 clean
7FF559EDB000
unkown
page readonly
 clean
7FF5DA0B1000
unkown
page readonly
 clean
7855FFE000
unkown
page read and write
 clean
2BB19B24000
unkown
page read and write
 clean
20594249000
unkown
page read and write
 clean
2754404B000
unkown
page read and write
 clean
7FF5AA674000
unkown
page readonly
 clean
8D7F47F000
unkown
page read and write
 clean
7FF505230000
unkown
page readonly
 clean
1AB516AE000
unkown
page read and write
 clean
2BB199E0000
unkown
page read and write
 clean
1AB516C1000
unkown
page read and write
 clean
7FF51B230000
unkown
page readonly
 clean
7FF5AA48E000
unkown
page readonly
 clean
2BB19B2E000
unkown
page read and write
 clean
2BB19B2A000
unkown
page read and write
 clean
1AB51850000
unkown
page readonly
 clean
7FF5DA1B3000
unkown
page readonly
 clean
26B98B30000
unkown
page readonly
 clean
26B98B66000
unkown
page read and write
 clean
7FF5AA150000
unkown
page readonly
 clean
2BB19B49000
unkown
page read and write
 clean
7FF5AA4F4000
unkown
page readonly
 clean
2BB19200000
unkown
page read and write
 clean
1AB51500000
unkown
page read and write
 clean
7FF568DF2000
unkown
page readonly
 clean
2754403C000
unkown
page read and write
 clean
7FF58B894000
unkown
page readonly
 clean
7FF51B21C000
unkown
page readonly
 clean
89C327A000
unkown
page read and write
 clean
1A865602000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
1A9055C0000
unkown
page readonly
 clean
7FF5058F1000
unkown
page readonly
 clean
7FF568E67000
unkown
page readonly
 clean
2BB1A100000
unkown
page read and write
 clean
2BB192D3000
unkown
page read and write
 clean
7FF559C47000
unkown
page readonly
 clean
7FF51AFAF000
unkown
page readonly
 clean
7FF559FBA000
unkown
page readonly
 clean
7FF58BA2F000
unkown
page readonly
 clean
2BB192E6000
unkown
page read and write
 clean
26B98C40000
unkown
page readonly
 clean
7FF5AA58A000
unkown
page readonly
 clean
FB6B17A000
unkown
page read and write
 clean
8127EFF000
unkown
page read and write
 clean
2BB19B20000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
20594D40000
unkown
page readonly
 clean
7FF505A0A000
unkown
page readonly
 clean
7FF58B620000
unkown
page readonly
 clean
81279BD000
unkown
page read and write
 clean
2BB19400000
unkown
page readonly
 clean
1AB4C800000
unkown
page read and write
 clean
1AB4C120000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
1AB51A96000
unkown
page read and write
 clean
7FF51B2A9000
unkown
page readonly
 clean
7FF51B274000
unkown
page readonly
 clean
20594300000
unkown
page read and write
 clean
7FF5AA681000
unkown
page readonly
 clean
1AB4C200000
unkown
page read and write
 clean
FB6B97F000
unkown
page read and write
 clean
1A864DD0000
unkown
page read and write
 clean
2BB1A002000
unkown
page read and write
 clean
20594020000
unkown
page readonly
 clean
7FF5AA57C000
unkown
page readonly
 clean
1AB518F0000
unkown
page read and write
 clean
7FF51B0DA000
unkown
page readonly
 clean
27544802000
unkown
page read and write
 clean
7FF51AE47000
unkown
page readonly
 clean
7FF51B298000
unkown
page readonly
 clean
1539A213000
unkown
page read and write
 clean
8D7F1BF000
unkown
page read and write
 clean
7FF5A6512000
unkown
page readonly
 clean
62ED4F7000
unkown
page read and write
 clean
2BB192A6000
unkown
page read and write
 clean
2BB199F0000
unkown
page readonly
 clean
7FF5A642B000
unkown
page readonly
 clean
4847CFE000
unkown
page read and write
 clean
7FF58B677000
unkown
page readonly
 clean
20594802000
unkown
page read and write
 clean
20594400000
unkown
page readonly
 clean
7FF51AD92000
unkown
page readonly
 clean
1A9055B0000
heap default
page read and write
 clean
1AB4C302000
unkown
page read and write
 clean
7FF5AA433000
unkown
page readonly
 clean
7FF58BA4A000
unkown
page readonly
 clean
FB6B3FE000
unkown
page read and write
 clean
27543FC0000
unkown
page read and write
 clean
7FF51B2A6000
unkown
page readonly
 clean
7FF568F34000
unkown
page readonly
 clean
7FF51B29E000
unkown
page readonly
 clean
2BB19B53000
unkown
page read and write
 clean
7FF559F38000
unkown
page readonly
 clean
7FF51B204000
unkown
page readonly
 clean
7FF51AB50000
unkown
page readonly
 clean
1AB51A00000
unkown
page read and write
 clean
1AB4C213000
unkown
page read and write
 clean
2059428A000
unkown
page read and write
 clean
26B98B56000
heap default
page read and write
 clean
7FF505A3C000
unkown
page readonly
 clean
2BB19B84000
unkown
page read and write
 clean
7FF559F46000
unkown
page readonly
 clean
2BB19BA3000
unkown
page read and write
 clean
7FF58B9C4000
unkown
page readonly
 clean
7FF51AB7E000
unkown
page readonly
 clean
20594313000
unkown
page read and write
 clean
7FF568ECD000
unkown
page readonly
 clean
2BB1A002000
unkown
page read and write
 clean
7FF5AA471000
unkown
page readonly
 clean
7FF5AA67A000
unkown
page readonly
 clean
7FF568DF0000
unkown
page readonly
 clean
7FF568D31000
unkown
page readonly
 clean
4847D7F000
unkown
page read and write
 clean
7FF568EBE000
unkown
page readonly
 clean
2BB199D0000
unkown
page readonly
 clean
9B5B5F9000
unkown
page read and write
 clean
1539BCA0000
unkown
page readonly
 clean
1AB4C130000
unkown
page readonly
 clean
7FF58BAD6000
unkown
page readonly
 clean
9B5B47F000
unkown
page read and write
 clean
26B98D10000
unkown
page readonly
 clean
9B5B1EA000
unkown
page read and write
 clean
89C337C000
unkown
page read and write
 clean
1AB4D170000
unkown
page readonly
 clean
2BB192F9000
unkown
page read and write
 clean
8127E7B000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
27544053000
unkown
page read and write
 clean
7FF505A7E000
unkown
page readonly
 clean
1AB51840000
unkown
page readonly
 clean
8D7F777000
unkown
page read and write
 clean
2BB194D0000
unkown
page readonly
 clean
7FF5A647E000
unkown
page readonly
 clean
81280FF000
unkown
page read and write
 clean
7FF51B0D5000
unkown
page readonly
 clean
7FF5DA1AD000
unkown
page readonly
 clean
27544100000
unkown
page read and write
 clean
7FF51B066000
unkown
page readonly
 clean
7FF5AA5DA000
unkown
page readonly
 clean
20593FB0000
heap private
page read and write
 clean
7FF5D9E35000
unkown
page readonly
 clean
2BB1A054000
unkown
page read and write
 clean
62ECFCE000
unkown
page read and write
 clean
7FF51B321000
unkown
page readonly
 clean
2BB19B72000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
1A905800000
unkown
page readonly
 clean
2BB19B82000
unkown
page read and write
 clean
7FF505AF4000
unkown
page readonly
 clean
7FF5A6511000
unkown
page readonly
 clean
1AB4C23D000
unkown
page read and write
 clean
7FF505A27000
unkown
page readonly
 clean
7FF559C50000
unkown
page readonly
 clean
7FF568C75000
unkown
page readonly
 clean
FB6AF7E000
unkown
page read and write
 clean
7FF51B1D0000
unkown
page readonly
 clean
2BB19B2D000
unkown
page read and write
 clean
7FF58BA34000
unkown
page readonly
 clean
2BB19308000
unkown
page read and write
 clean
1539A222000
unkown
page read and write
 clean
7FF505B02000
unkown
page readonly
 clean
1AB516E0000
unkown
page read and write
 clean
7FF51B02F000
unkown
page readonly
 clean
2BB19B40000
unkown
page read and write
 clean
7FF51B20F000
unkown
page readonly
 clean
7FF51AFDA000
unkown
page readonly
 clean
7FF5DA265000
unkown
page readonly
 clean
2BB19B54000
unkown
page read and write
 clean
7FF559F1A000
unkown
page readonly
 clean
7855F7B000
unkown
page read and write
 clean
2BB19BA3000
unkown
page read and write
 clean
1A90563C000
unkown
page read and write
 clean
7FF5055D0000
unkown
page readonly
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF51B22E000
unkown
page readonly
 clean
7FF5DA28C000
unkown
page readonly
 clean
7FF568D58000
unkown
page readonly
 clean
2BB19B75000
unkown
page read and write
 clean
2BB1924F000
unkown
page read and write
 clean
1AB4C040000
heap default
page read and write
 clean
2BB1928A000
unkown
page read and write
 clean
7FF5686AD000
unkown
page readonly
 clean
1539A080000
heap default
page read and write
 clean
2BB199D0000
unkown
page read and write
 clean
1AB4C958000
unkown
page read and write
 clean
7FF50590B000
unkown
page readonly
 clean
7FF568EAE000
unkown
page readonly
 clean
1AB51A94000
unkown
page read and write
 clean
89C317E000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
2BB19B72000
unkown
page read and write
 clean
7FF5DA277000
unkown
page readonly
 clean
7FF5055D6000
unkown
page readonly
 clean
2BB19B74000
unkown
page read and write
 clean
7FF51B0DF000
unkown
page readonly
 clean
2BB19B55000
unkown
page read and write
 clean
2059424A000
unkown
page read and write
 clean
2BB19302000
unkown
page read and write
 clean
2BB19B62000
unkown
page read and write
 clean
7FF568EC1000
unkown
page readonly
 clean
7FF5A5D73000
unkown
page readonly
 clean
1AB517C8000
unkown
page read and write
 clean
2BB19213000
unkown
page read and write
 clean
FB6AE7B000
unkown
page read and write
 clean
FB6B878000
unkown
page read and write
 clean
4847F79000
unkown
page read and write
 clean
2BB1A002000
unkown
page read and write
 clean
2BB19B2E000
unkown
page read and write
 clean
7FF5A648E000
unkown
page readonly
 clean
7FF58B968000
unkown
page readonly
 clean
7FF5DA25E000
unkown
page readonly
 clean
1AB51784000
unkown
page readonly
 clean
1AB4BFE0000
heap private
page read and write
 clean
20594229000
unkown
page read and write
 clean
7FF58BA8C000
unkown
page readonly
 clean
7FF5DA344000
unkown
page readonly
 clean
26B98B00000
unkown
page read and write
 clean
7FF51A9EF000
unkown
page readonly
 clean
205940F0000
unkown
page readonly
 clean
20594251000
unkown
page read and write
 clean
2059424E000
unkown
page read and write
 clean
2BB19B31000
unkown
page read and write
 clean
7FF568E4E000
unkown
page readonly
 clean
27544200000
unkown
page readonly
 clean
7FF5DA25A000
unkown
page readonly
 clean
7FF5DA2AA000
unkown
page readonly
 clean
7FF568E7F000
unkown
page readonly
 clean
2BB19B72000
unkown
page read and write
 clean
7FF559EBA000
unkown
page readonly
 clean
1A905700000
unkown
page read and write
 clean
2BB19B2A000
unkown
page read and write
 clean
2BB1A200000
unkown
page readonly
 clean
7FF5D9FE0000
unkown
page readonly
 clean
7FF5AA5A7000
unkown
page readonly
 clean
7FF58B280000
unkown
page readonly
 clean
20594213000
unkown
page read and write
 clean
1AB51820000
unkown
page read and write
 clean
7FF58B675000
unkown
page readonly
 clean
20594288000
unkown
page read and write
 clean
1A864E29000
unkown
page read and write
 clean
1AB516D0000
unkown
page read and write
 clean
7FF5AA5C7000
unkown
page readonly
 clean
1AB4D050000
unkown
page read and write
 clean
1A90564B000
unkown
page read and write
 clean
2BB19C00000
unkown
page readonly
 clean
1A864D40000
heap private
page read and write
 clean
2BB19B16000
unkown
page read and write
 clean
2754404E000
unkown
page read and write
 clean
9B5B4FF000
unkown
page read and write
 clean
1AB4D150000
unkown
page readonly
 clean
2BB191C0000
unkown
page readonly
 clean
7FF568EC6000
unkown
page readonly
 clean
7FF5DA24C000
unkown
page readonly
 clean
89C347C000
unkown
page read and write
 clean
2BB19B3C000
unkown
page read and write
 clean
7FF58B963000
unkown
page readonly
 clean
2BB19B72000
unkown
page read and write
 clean
1AB51860000
unkown
page readonly
 clean
20594270000
unkown
page read and write
 clean
7FF559F2F000
unkown
page readonly
 clean
FB6B778000
unkown
page read and write
 clean
2754402A000
unkown
page read and write
 clean
1A906000000
unkown
page readonly
 clean
1AB517F0000
unkown
page read and write
 clean
2BB19B20000
unkown
page read and write
 clean
7FF5DA352000
unkown
page readonly
 clean
7FF568E5B000
unkown
page readonly
 clean
2BB19B56000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
2BB19B83000
unkown
page read and write
 clean
2BB19229000
unkown
page read and write
 clean
7FF58B7D7000
unkown
page readonly
 clean
1AB4C790000
unkown
page readonly
 clean
1A864E7C000
unkown
page read and write
 clean
27544102000
unkown
page read and write
 clean
1AB4C256000
unkown
page read and write
 clean
2BB19B69000
unkown
page read and write
 clean
7FF5DA15B000
unkown
page readonly
 clean
7FF568EB8000
unkown
page readonly
 clean
1AB51A3D000
unkown
page read and write
 clean
7FF559ECA000
unkown
page readonly
 clean
2BB191D0000
unkown
page readonly
 clean
2BB19B00000
unkown
page read and write
 clean
7FF58BA00000
unkown
page readonly
 clean
1AB516E4000
unkown
page read and write
 clean
1A9058D0000
unkown
page readonly
 clean
2BB19B54000
unkown
page read and write
 clean
1A90562C000
unkown
page read and write
 clean
7FF58BA65000
unkown
page readonly
 clean
8127FF7000
unkown
page read and write
 clean
2BB192D6000
unkown
page read and write
 clean
7FF559FC1000
unkown
page readonly
 clean
2BB19B62000
unkown
page read and write
 clean
1AB51590000
unkown
page read and write
 clean
7FF51B322000
unkown
page readonly
 clean
7FF5DA28F000
unkown
page readonly
 clean
1AB51A8B000
unkown
page read and write
 clean
7FF568C0B000
unkown
page readonly
 clean
7FF51B28F000
unkown
page readonly
 clean
2BB19256000
unkown
page read and write
 clean
1AB51780000
unkown
page read and write
 clean
1AB51540000
unkown
page read and write
 clean
4847EFE000
unkown
page read and write
 clean
27544047000
unkown
page read and write
 clean
7FF5DA260000
unkown
page readonly
 clean
27544000000
unkown
page read and write
 clean
89C2B7B000
unkown
page read and write
 clean
2BB192B0000
unkown
page read and write
 clean
1AB4C288000
unkown
page read and write
 clean
7FF58BA5A000
unkown
page readonly
 clean
7FF51B278000
unkown
page readonly
 clean
7FF559FC2000
unkown
page readonly
 clean
2BB19B73000
unkown
page read and write
 clean
7FF568E50000
unkown
page readonly
 clean
1AB51820000
unkown
page read and write
 clean
1539A241000
unkown
page read and write
 clean
26B98E45000
heap private
page read and write
 clean
1AB4D500000
unkown
page read and write
 clean
89C34FD000
unkown
page read and write
 clean
7FF51AF17000
unkown
page readonly
 clean
7FF58BB52000
unkown
page readonly
 clean
20594302000
unkown
page read and write
 clean
26B98B7C000
unkown
page read and write
 clean
7FF559A96000
unkown
page readonly
 clean
7FF505963000
unkown
page readonly
 clean
4847C7B000
unkown
page read and write
 clean
7FF568B27000
unkown
page readonly
 clean
7FF51B25C000
unkown
page readonly
 clean
89C2C7A000
unkown
page read and write
 clean
1A905670000
unkown
page read and write
 clean
7FF5AA156000
unkown
page readonly
 clean
7856375000
unkown
page read and write
 clean
7FF5DA2BF000
unkown
page readonly
 clean
27544013000
unkown
page read and write
 clean
2BB199B0000
unkown
page readonly
 clean
7FF505A8D000
unkown
page readonly
 clean
1AB4C273000
unkown
page read and write
 clean
7FF51B1F3000
unkown
page readonly
 clean
62ED6FF000
unkown
page read and write
 clean
7FF568EA4000
unkown
page readonly
 clean
7FF51B267000
unkown
page readonly
 clean
20594254000
unkown
page read and write
 clean
1AB51A62000
unkown
page read and write
 clean
2059428E000
unkown
page read and write
 clean
2BB19B5A000
unkown
page read and write
 clean
7FF58B626000
unkown
page readonly
 clean
1A864DC0000
unkown
page readonly
 clean
78567FF000
unkown
page read and write
 clean
1AB4C276000
unkown
page read and write
 clean
20594256000
unkown
page read and write
 clean
7FF58BB4A000
unkown
page readonly
 clean
1A9055E0000
unkown
page read and write
 clean
78564FE000
unkown
page read and write
 clean
7FF5AA4FC000
unkown
page readonly
 clean
2059423C000
unkown
page read and write
 clean
7FF505A89000
unkown
page readonly
 clean
7FF5AA4DD000
unkown
page readonly
 clean
1AB517C9000
unkown
page write copy
 clean
89C2D7F000
unkown
page read and write
 clean
2BB19B30000
unkown
page read and write
 clean
1A864E7C000
unkown
page read and write
 clean
2754408A000
unkown
page read and write
 clean
7FF5DA2A4000
unkown
page readonly
 clean
8D7F67B000
unkown
page read and write
 clean
205941E0000
unkown
page read and write
 clean
7FF58B635000
unkown
page readonly
 clean
26B98B7E000
unkown
page read and write
 clean
2BB192C6000
unkown
page read and write
 clean
26B98B51000
unkown
page read and write
 clean
7FF559DB1000
unkown
page readonly
 clean
7FF51AF20000
unkown
page readonly
 clean
7FF5D9E20000
unkown
page readonly
 clean
There are 829 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://gabby-gratis-tarascosaurus.glitch.me/wein.html
 malicious
https://onedrive.live.com/view.aspx?resid=6060782D2B8D50A6!129&ithint=onenote%2c&authkey=!ApbFYYOKMpcYgog
 clean
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-GB&rs=en-US&hid=4Kwqom6xbEyammHJBw%2FTHw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2F6060782D2B8D50A6!129&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1628011373246&jsapi=1&jsapiver=v1&newsession=1&corrid=247ba8a7-c0fa-46ac-af1a-a9f36c915c97&usid=247ba8a7-c0fa-46ac-af1a-a9f36c915c97&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
 clean
https://onedrive.live.com/redir?resid=6060782D2B8D50A6%21129&authkey=%21ApbFYYOKMpcYgog&page=View&wd=target%28Quick%20Notes.one%7C9d63e26b-8e15-4b90-a730-077581269bde%2FEnvironmental%20Fluids%7C74fd9e3e-3791-42d6-9ff6-6a7ed758b675%2F%29
 clean