Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ATT80307.HTM
|
HTML document, ASCII text, with very long lines, with no line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a2f8393-ff90-4503-a10d-56ed8363dbec.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1030b17f-22fa-4d76-87c7-46379589b412.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\15460679-3d6c-4504-af18-ee17962c85b0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\21375629-7e41-48c2-b376-635c92734e52.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\51a2a596-3710-4fef-bcef-6d8088ce4236.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\64057936-5e6e-46e3-a806-d3f0cc8f9054.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6c77ac4d-4d89-4a05-b096-0f49e6bf55c6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0af3e9a6-20ae-46c0-989e-7ad8e769ac7e.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2768fbcf-9217-4fc2-91c4-92b1924c0cec.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\498e884f-67c5-4904-afb3-21536cf2cefa.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5c903312-094e-4a30-b8cf-9596baccf89d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6634f754-f8f0-410b-8f64-2928d0db39a5.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7728557d-d3ef-4c47-9773-4a413dc01e9c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\77a59af7-4e65-429c-b9cb-825d58bc5b0a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsn (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences* (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences. (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldA) (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
StateTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldL.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.oldso
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e4554c27-094b-4e7d-9512-b7fbcb8b32fa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\0cbcfae0-ce25-4a2e-b34c-ea80916ddf7f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.oldon
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ab7353df-9253-46c5-ad3f-a1c62a80e6a3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b45ac8af-3be5-43f5-9898-1cdf6895bf6b.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d467e562-3803-46c7-a4cc-889a10dcb7c4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT`. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache.. (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\9.28.0\Indexing in Progress
|
empty
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5552_326153225\Ruleset Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c76f8a4b-74be-468f-9680-e6e177acadd3.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\cd362f3e-b6ee-4dab-8dc9-caab461047ed.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d014f817-a54b-4e91-ab67-921f2ced653d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d0241b5f-fc5d-400b-b98e-71148e47b301.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\dddb1c42-df0e-4acd-8143-512528495d73.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f65cc09f-2f5a-45e2-a502-e5b6acd5e53b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3b5877df-90f3-409a-b6e4-0b032102068c.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_1178784255\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_1690247351\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_1848331097\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_2039274400\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_354200150\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5552_778402376\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\cb5d408f-d4bb-4398-849d-fe19fc70f044.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecf81aff-2b6d-42da-945b-7ab8543b1647.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ffd01fec-08cc-445a-ac40-bc1388fa1b3e.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\3b5877df-90f3-409a-b6e4-0b032102068c.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_2053018660\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5552_429775178\ffd01fec-08cc-445a-ac40-bc1388fa1b3e.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 210 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\ATT80307.HTM'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,16190616929770877260,6847581079677092692,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1688 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/ATT80307.HTM#aXR0bXNobHBAc2VhcnNoYy5jb20=
|
|
||
|
https://a.nel.cloudflare.com/report/v3?s=D9qng0vedqLZkYZnCjx9UmjTJiHykmHo7EC5kqDYvlycv0QBjfioQFtFizS
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://nadine-julitz.de
|
unknown
|
|
|
|
https://aadcdn.msauthimages.net
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://pa-4jt.link/mx/favicon.ico
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://aadcdn.msauth.net
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/downloads-lorry
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nadine-julitz.de
|
62.108.32.123
|
|
|
|
accounts.google.com
|
216.58.205.77
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
clients.l.google.com
|
216.58.208.174
|
|
|
|
cs1025.wpc.upsiloncdn.net
|
152.199.23.72
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.208.129
|
|
|
|
pa-4jt.link
|
107.174.192.154
|
|
|
|
aadcdn.msauthimages.net
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
aadcdn.msauth.net
|
unknown
|
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
216.58.208.174
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
152.199.23.72
|
cs1025.wpc.upsiloncdn.net
|
United States
|
|
|
|
62.108.32.123
|
nadine-julitz.de
|
Germany
|
|
|
|
216.58.205.77
|
accounts.google.com
|
United States
|
|
|
|
107.174.192.154
|
pa-4jt.link
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
216.58.208.129
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
192.168.2.255
|
unknown
|
unknown
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
Blob
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
Blob
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5578FC000
|
unkown
|
page read and write
|
|
|
|
16E29570000
|
unkown
|
page read and write
|
|
|
|
24879E13000
|
unkown
|
page read and write
|
|
|
|
16E29F00000
|
unkown
|
page read and write
|
|
|
|
7FF506D41000
|
unkown
|
page readonly
|
|
|
|
7FF515FA8000
|
unkown
|
page readonly
|
|
|
|
7FF5480FD000
|
unkown
|
page readonly
|
|
|
|
7FF5EA36F000
|
unkown
|
page readonly
|
|
|
|
129C4AE4000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A66000
|
unkown
|
page readonly
|
|
|
|
129BF094000
|
unkown
|
page read and write
|
|
|
|
7FF554743000
|
unkown
|
page readonly
|
|
|
|
226C696C000
|
unkown
|
page read and write
|
|
|
|
7FF5070F2000
|
unkown
|
page readonly
|
|
|
|
1D3B2B40000
|
unkown
|
page readonly
|
|
|
|
7FF5BCAC3000
|
unkown
|
page readonly
|
|
|
|
129BFF00000
|
unkown
|
page read and write
|
|
|
|
7FF5BCAC7000
|
unkown
|
page readonly
|
|
|
|
1D6BD3A6000
|
heap default
|
page read and write
|
|
|
|
226C76A0000
|
unkown
|
page read and write
|
|
|
|
266FBF02000
|
unkown
|
page read and write
|
|
|
|
15027862000
|
unkown
|
page read and write
|
|
|
|
266FC740000
|
unkown
|
page read and write
|
|
|
|
1E528600000
|
unkown
|
page readonly
|
|
|
|
7DED7A000
|
unkown
|
page read and write
|
|
|
|
7FF506FDE000
|
unkown
|
page readonly
|
|
|
|
7FF54BB95000
|
unkown
|
page readonly
|
|
|
|
129C4902000
|
unkown
|
page read and write
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7DF67D000
|
unkown
|
page read and write
|
|
|
|
266FC800000
|
unkown
|
page readonly
|
|
|
|
129BF040000
|
unkown
|
page read and write
|
|
|
|
7FF54808D000
|
unkown
|
page readonly
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
7FF506E9A000
|
unkown
|
page readonly
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
129C45B0000
|
unkown
|
page read and write
|
|
|
|
129C48D7000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
151DE970000
|
unkown
|
page readonly
|
|
|
|
7FF54BA7F000
|
unkown
|
page readonly
|
|
|
|
266FCD02000
|
unkown
|
page read and write
|
|
|
|
30C28FF000
|
unkown
|
page read and write
|
|
|
|
129C4460000
|
unkown
|
page readonly
|
|
|
|
30C27FE000
|
unkown
|
page read and write
|
|
|
|
516E27E000
|
unkown
|
page read and write
|
|
|
|
7FF5EA252000
|
unkown
|
page readonly
|
|
|
|
129C45E0000
|
unkown
|
page read and write
|
|
|
|
266FBDC0000
|
unkown
|
page readonly
|
|
|
|
15027864000
|
unkown
|
page read and write
|
|
|
|
7FF5B0F58000
|
unkown
|
page readonly
|
|
|
|
14400213000
|
unkown
|
page read and write
|
|
|
|
129C4AF0000
|
unkown
|
page readonly
|
|
|
|
7FF554A43000
|
unkown
|
page readonly
|
|
|
|
7FF50A44F000
|
unkown
|
page readonly
|
|
|
|
129C4900000
|
unkown
|
page read and write
|
|
|
|
1E98DFE000
|
unkown
|
page read and write
|
|
|
|
266FC602000
|
unkown
|
page read and write
|
|
|
|
129BF000000
|
unkown
|
page read and write
|
|
|
|
266FCC02000
|
unkown
|
page read and write
|
|
|
|
129BF2D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA061000
|
unkown
|
page readonly
|
|
|
|
129BEFF3000
|
unkown
|
page read and write
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
7FF515FDB000
|
unkown
|
page readonly
|
|
|
|
129BF08D000
|
unkown
|
page read and write
|
|
|
|
7FF5EA06D000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A58000
|
unkown
|
page readonly
|
|
|
|
7FF50715A000
|
unkown
|
page readonly
|
|
|
|
7FF52DAD5000
|
unkown
|
page readonly
|
|
|
|
129C45B0000
|
unkown
|
page read and write
|
|
|
|
14400245000
|
unkown
|
page read and write
|
|
|
|
7FF548255000
|
unkown
|
page readonly
|
|
|
|
266FC7C9000
|
unkown
|
page read and write
|
|
|
|
129C48EA000
|
unkown
|
page read and write
|
|
|
|
7FF52DB36000
|
unkown
|
page readonly
|
|
|
|
7FF54BBF6000
|
unkown
|
page readonly
|
|
|
|
7FF548038000
|
unkown
|
page readonly
|
|
|
|
1E528C02000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
7FF5E9F14000
|
unkown
|
page readonly
|
|
|
|
7FF50720F000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
7FF507149000
|
unkown
|
page readonly
|
|
|
|
14400040000
|
heap private
|
page read and write
|
|
|
|
78195FF000
|
unkown
|
page read and write
|
|
|
|
266FC7D7000
|
unkown
|
page read and write
|
|
|
|
7FF5157EA000
|
unkown
|
page readonly
|
|
|
|
8C7BEF7000
|
unkown
|
page read and write
|
|
|
|
129C48F3000
|
unkown
|
page read and write
|
|
|
|
7FF54B708000
|
unkown
|
page readonly
|
|
|
|
7FF5BC6A8000
|
unkown
|
page readonly
|
|
|
|
1E98EFE000
|
unkown
|
page read and write
|
|
|
|
7FF5EA107000
|
unkown
|
page readonly
|
|
|
|
1E992FC000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB8F000
|
unkown
|
page readonly
|
|
|
|
151DEB00000
|
unkown
|
page read and write
|
|
|
|
389D57F000
|
unkown
|
page read and write
|
|
|
|
7FF5E9A27000
|
unkown
|
page readonly
|
|
|
|
266FC5D0000
|
unkown
|
page read and write
|
|
|
|
7FF5D59D9000
|
unkown
|
page readonly
|
|
|
|
129BF7E0000
|
unkown
|
page readonly
|
|
|
|
7FF554A4E000
|
unkown
|
page readonly
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
7DF1FF000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A05000
|
unkown
|
page readonly
|
|
|
|
129C4A84000
|
unkown
|
page write copy
|
|
|
|
ADA56FE000
|
unkown
|
page read and write
|
|
|
|
1FDD805A000
|
unkown
|
page read and write
|
|
|
|
129BF802000
|
unkown
|
page read and write
|
|
|
|
266FBDB0000
|
heap default
|
page read and write
|
|
|
|
15027833000
|
unkown
|
page read and write
|
|
|
|
14400A00000
|
unkown
|
page readonly
|
|
|
|
7FF515FEF000
|
unkown
|
page readonly
|
|
|
|
151DEC00000
|
unkown
|
page readonly
|
|
|
|
7FF5071ED000
|
unkown
|
page readonly
|
|
|
|
78190FD000
|
unkown
|
page read and write
|
|
|
|
15027829000
|
unkown
|
page read and write
|
|
|
|
30C247E000
|
unkown
|
page read and write
|
|
|
|
7FF52D823000
|
unkown
|
page readonly
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
7FF5B1215000
|
unkown
|
page readonly
|
|
|
|
7FF5B11B7000
|
unkown
|
page readonly
|
|
|
|
7FF52D90D000
|
unkown
|
page readonly
|
|
|
|
7FF5EA2B3000
|
unkown
|
page readonly
|
|
|
|
7FF52DA7C000
|
unkown
|
page readonly
|
|
|
|
7FF5BCA25000
|
unkown
|
page readonly
|
|
|
|
16E29702000
|
unkown
|
page read and write
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
7FF547E4A000
|
unkown
|
page readonly
|
|
|
|
266FC74C000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB09000
|
unkown
|
page readonly
|
|
|
|
1502784B000
|
unkown
|
page read and write
|
|
|
|
14400255000
|
unkown
|
page read and write
|
|
|
|
16E29F12000
|
unkown
|
page read and write
|
|
|
|
129C4B20000
|
unkown
|
page read and write
|
|
|
|
14AFEFB000
|
unkown
|
page read and write
|
|
|
|
129BF815000
|
unkown
|
page read and write
|
|
|
|
2487A800000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF554B73000
|
unkown
|
page readonly
|
|
|
|
7FF5BCB96000
|
unkown
|
page readonly
|
|
|
|
266FCC02000
|
unkown
|
page read and write
|
|
|
|
129BEF60000
|
unkown
|
page readonly
|
|
|
|
7FF5BCA7D000
|
unkown
|
page readonly
|
|
|
|
129C48DC000
|
unkown
|
page read and write
|
|
|
|
129BF07B000
|
unkown
|
page read and write
|
|
|
|
129C48C6000
|
unkown
|
page read and write
|
|
|
|
516DF0B000
|
unkown
|
page read and write
|
|
|
|
7FF5B1193000
|
unkown
|
page readonly
|
|
|
|
7FF515FBB000
|
unkown
|
page readonly
|
|
|
|
14400302000
|
unkown
|
page read and write
|
|
|
|
16E29713000
|
unkown
|
page read and write
|
|
|
|
129C4700000
|
unkown
|
page read and write
|
|
|
|
151DE990000
|
unkown
|
page read and write
|
|
|
|
7FF5EA1BF000
|
unkown
|
page readonly
|
|
|
|
7FF554AD5000
|
unkown
|
page readonly
|
|
|
|
129BF0FD000
|
unkown
|
page read and write
|
|
|
|
7FF556042000
|
unkown
|
page readonly
|
|
|
|
5B822FE000
|
unkown
|
page read and write
|
|
|
|
7FF548229000
|
unkown
|
page readonly
|
|
|
|
129BF09F000
|
unkown
|
page read and write
|
|
|
|
226C7140000
|
unkown
|
page readonly
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
129C47F0000
|
unkown
|
page readonly
|
|
|
|
7FF55607F000
|
unkown
|
page readonly
|
|
|
|
14AFA7C000
|
unkown
|
page read and write
|
|
|
|
7FF55606C000
|
unkown
|
page readonly
|
|
|
|
7FF50A39A000
|
unkown
|
page readonly
|
|
|
|
129C45B5000
|
unkown
|
page read and write
|
|
|
|
1502787A000
|
unkown
|
page read and write
|
|
|
|
129BF077000
|
unkown
|
page read and write
|
|
|
|
129C489E000
|
unkown
|
page read and write
|
|
|
|
7FF54B6F3000
|
unkown
|
page readonly
|
|
|
|
24879E7B000
|
unkown
|
page read and write
|
|
|
|
266FBEEB000
|
unkown
|
page read and write
|
|
|
|
516E375000
|
unkown
|
page read and write
|
|
|
|
7FF5EA36B000
|
unkown
|
page readonly
|
|
|
|
7FF5482CD000
|
unkown
|
page readonly
|
|
|
|
7FF5561F3000
|
unkown
|
page readonly
|
|
|
|
7FF52DAA9000
|
unkown
|
page readonly
|
|
|
|
7FF556280000
|
unkown
|
page readonly
|
|
|
|
7FF5EA05A000
|
unkown
|
page readonly
|
|
|
|
24879E29000
|
unkown
|
page read and write
|
|
|
|
7FF5BC774000
|
unkown
|
page readonly
|
|
|
|
16E2A340000
|
unkown
|
page readonly
|
|
|
|
7FF50A37D000
|
unkown
|
page readonly
|
|
|
|
5B81CFE000
|
unkown
|
page read and write
|
|
|
|
7FF55629E000
|
unkown
|
page readonly
|
|
|
|
7818EFD000
|
unkown
|
page read and write
|
|
|
|
266FC7D7000
|
unkown
|
page read and write
|
|
|
|
1D3B2B80000
|
unkown
|
page read and write
|
|
|
|
129BFFE0000
|
unkown
|
page read and write
|
|
|
|
7FF5B12AF000
|
unkown
|
page readonly
|
|
|
|
7FF515730000
|
unkown
|
page readonly
|
|
|
|
15027859000
|
unkown
|
page read and write
|
|
|
|
129BF08B000
|
unkown
|
page read and write
|
|
|
|
7FF5B0ABF000
|
unkown
|
page readonly
|
|
|
|
129C48BE000
|
unkown
|
page read and write
|
|
|
|
7FF547E4E000
|
unkown
|
page readonly
|
|
|
|
7FF50713D000
|
unkown
|
page readonly
|
|
|
|
7FF5EA36D000
|
unkown
|
page readonly
|
|
|
|
7FF5BCAB2000
|
unkown
|
page readonly
|
|
|
|
151DEB02000
|
unkown
|
page read and write
|
|
|
|
129C48B5000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB1A000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBCD000
|
unkown
|
page readonly
|
|
|
|
16E29600000
|
unkown
|
page read and write
|
|
|
|
129C4A90000
|
unkown
|
page read and write
|
|
|
|
ADA55F9000
|
unkown
|
page read and write
|
|
|
|
7FF55627B000
|
unkown
|
page readonly
|
|
|
|
7FF50A43E000
|
unkown
|
page readonly
|
|
|
|
129C4700000
|
unkown
|
page read and write
|
|
|
|
7FF556276000
|
unkown
|
page readonly
|
|
|
|
7FF5EA2D5000
|
unkown
|
page readonly
|
|
|
|
129BEF50000
|
heap default
|
page read and write
|
|
|
|
226C6929000
|
heap default
|
page read and write
|
|
|
|
129C4AF4000
|
unkown
|
page readonly
|
|
|
|
7FF506F26000
|
unkown
|
page readonly
|
|
|
|
7FF515FB6000
|
unkown
|
page readonly
|
|
|
|
129BF200000
|
unkown
|
page readonly
|
|
|
|
7FF554BE5000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5B11F3000
|
unkown
|
page readonly
|
|
|
|
7FF5482B6000
|
unkown
|
page readonly
|
|
|
|
1502785D000
|
unkown
|
page read and write
|
|
|
|
266FC771000
|
unkown
|
page read and write
|
|
|
|
1FDD8200000
|
unkown
|
page readonly
|
|
|
|
7FF548233000
|
unkown
|
page readonly
|
|
|
|
1440026F000
|
unkown
|
page read and write
|
|
|
|
151DEA7B000
|
unkown
|
page read and write
|
|
|
|
7FF54B040000
|
unkown
|
page readonly
|
|
|
|
7FF554758000
|
unkown
|
page readonly
|
|
|
|
129C48EA000
|
unkown
|
page read and write
|
|
|
|
7FF54BB48000
|
unkown
|
page readonly
|
|
|
|
7FF515FD4000
|
unkown
|
page readonly
|
|
|
|
8C7BCFC000
|
unkown
|
page read and write
|
|
|
|
129C45B0000
|
unkown
|
page read and write
|
|
|
|
389D4FE000
|
unkown
|
page read and write
|
|
|
|
7FF506F87000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A6B000
|
unkown
|
page readonly
|
|
|
|
7FF5BC883000
|
unkown
|
page readonly
|
|
|
|
516E6FE000
|
unkown
|
page read and write
|
|
|
|
7FF5BCA1F000
|
unkown
|
page readonly
|
|
|
|
14AFE7D000
|
unkown
|
page read and write
|
|
|
|
266FBE88000
|
unkown
|
page read and write
|
|
|
|
7FF52DB5B000
|
unkown
|
page readonly
|
|
|
|
129C4902000
|
unkown
|
page read and write
|
|
|
|
7FF5B129B000
|
unkown
|
page readonly
|
|
|
|
16E29540000
|
heap default
|
page read and write
|
|
|
|
1E528450000
|
unkown
|
page read and write
|
|
|
|
7FF55619C000
|
unkown
|
page readonly
|
|
|
|
557677000
|
unkown
|
page read and write
|
|
|
|
7FF50A103000
|
unkown
|
page readonly
|
|
|
|
24879E50000
|
unkown
|
page read and write
|
|
|
|
16E298D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA2A5000
|
unkown
|
page readonly
|
|
|
|
15027800000
|
unkown
|
page read and write
|
|
|
|
7FF554C64000
|
unkown
|
page readonly
|
|
|
|
7FF5EA354000
|
unkown
|
page readonly
|
|
|
|
226C7480000
|
unkown
|
page read and write
|
|
|
|
7DF3FE000
|
unkown
|
page read and write
|
|
|
|
7FF5070AD000
|
unkown
|
page readonly
|
|
|
|
7FF5EA33E000
|
unkown
|
page readonly
|
|
|
|
129C48F3000
|
unkown
|
page read and write
|
|
|
|
7FF515F1D000
|
unkown
|
page readonly
|
|
|
|
7FF5476F7000
|
unkown
|
page readonly
|
|
|
|
266FCC61000
|
unkown
|
page read and write
|
|
|
|
129BFB01000
|
unkown
|
page read and write
|
|
|
|
2487A530000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB88000
|
unkown
|
page readonly
|
|
|
|
24879DE0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA0C0000
|
unkown
|
page readonly
|
|
|
|
266FC78B000
|
unkown
|
page read and write
|
|
|
|
7FF5E9ED3000
|
unkown
|
page readonly
|
|
|
|
7FF54B8E3000
|
unkown
|
page readonly
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
266FC5D0000
|
unkown
|
page readonly
|
|
|
|
8C7B9AE000
|
unkown
|
page read and write
|
|
|
|
266FC782000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E76000
|
unkown
|
page readonly
|
|
|
|
129C48DA000
|
unkown
|
page read and write
|
|
|
|
1FDD8002000
|
unkown
|
page read and write
|
|
|
|
7FF556192000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBCB000
|
unkown
|
page readonly
|
|
|
|
266FC5F0000
|
unkown
|
page readonly
|
|
|
|
1E52843C000
|
unkown
|
page read and write
|
|
|
|
516DF8E000
|
unkown
|
page read and write
|
|
|
|
1E52848D000
|
unkown
|
page read and write
|
|
|
|
1E528390000
|
unkown
|
page readonly
|
|
|
|
129C4687000
|
unkown
|
page readonly
|
|
|
|
1FDD8013000
|
unkown
|
page read and write
|
|
|
|
129C4A30000
|
unkown
|
page readonly
|
|
|
|
1D3B2C5E000
|
unkown
|
page read and write
|
|
|
|
7FF52DAA5000
|
unkown
|
page readonly
|
|
|
|
7DF47E000
|
unkown
|
page read and write
|
|
|
|
8C7B92E000
|
unkown
|
page read and write
|
|
|
|
7FF52DA9D000
|
unkown
|
page readonly
|
|
|
|
7FF5BCAE8000
|
unkown
|
page readonly
|
|
|
|
274547F000
|
unkown
|
page read and write
|
|
|
|
7FF5BC993000
|
unkown
|
page readonly
|
|
|
|
7FF5561E9000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF554C38000
|
unkown
|
page readonly
|
|
|
|
129C48EC000
|
unkown
|
page read and write
|
|
|
|
151DF400000
|
unkown
|
page readonly
|
|
|
|
1D3B29F0000
|
heap private
|
page read and write
|
|
|
|
7FF554B8C000
|
unkown
|
page readonly
|
|
|
|
151DE980000
|
unkown
|
page readonly
|
|
|
|
5B81D7E000
|
unkown
|
page read and write
|
|
|
|
266FC713000
|
unkown
|
page read and write
|
|
|
|
266FBE3C000
|
unkown
|
page read and write
|
|
|
|
129C48F1000
|
unkown
|
page read and write
|
|
|
|
1502783C000
|
unkown
|
page read and write
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
15027883000
|
unkown
|
page read and write
|
|
|
|
226C6890000
|
unkown
|
page read and write
|
|
|
|
7FF5B11BD000
|
unkown
|
page readonly
|
|
|
|
129C0401000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5157EF000
|
unkown
|
page readonly
|
|
|
|
1E9917D000
|
unkown
|
page read and write
|
|
|
|
7FF52DA67000
|
unkown
|
page readonly
|
|
|
|
266FCCA6000
|
unkown
|
page read and write
|
|
|
|
15027813000
|
unkown
|
page read and write
|
|
|
|
129C45BE000
|
unkown
|
page read and write
|
|
|
|
129C46E0000
|
unkown
|
page read and write
|
|
|
|
226C696C000
|
unkown
|
page read and write
|
|
|
|
7FF547B34000
|
unkown
|
page readonly
|
|
|
|
7FF515FCD000
|
unkown
|
page readonly
|
|
|
|
266FC460000
|
unkown
|
page readonly
|
|
|
|
129C48D5000
|
unkown
|
page read and write
|
|
|
|
7FF5561C8000
|
unkown
|
page readonly
|
|
|
|
266FC72A000
|
unkown
|
page read and write
|
|
|
|
129BF7B0000
|
unkown
|
page readonly
|
|
|
|
7FF52DB6F000
|
unkown
|
page readonly
|
|
|
|
7FF5070C0000
|
unkown
|
page readonly
|
|
|
|
24879DD0000
|
heap default
|
page read and write
|
|
|
|
129BFB80000
|
unkown
|
page read and write
|
|
|
|
16E29560000
|
unkown
|
page readonly
|
|
|
|
7FF554C5D000
|
unkown
|
page readonly
|
|
|
|
7FF5B12AD000
|
unkown
|
page readonly
|
|
|
|
7FF50A385000
|
unkown
|
page readonly
|
|
|
|
14400308000
|
unkown
|
page read and write
|
|
|
|
7FF5EA1A7000
|
unkown
|
page readonly
|
|
|
|
7FF52DA63000
|
unkown
|
page readonly
|
|
|
|
129C48BF000
|
unkown
|
page read and write
|
|
|
|
14B00FE000
|
unkown
|
page read and write
|
|
|
|
1440024B000
|
unkown
|
page read and write
|
|
|
|
7FF5E9E1F000
|
unkown
|
page readonly
|
|
|
|
1E5283B0000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
389D67A000
|
unkown
|
page read and write
|
|
|
|
7FF547FC8000
|
unkown
|
page readonly
|
|
|
|
7FF554BCA000
|
unkown
|
page readonly
|
|
|
|
7FF5B1268000
|
unkown
|
page readonly
|
|
|
|
7DF37F000
|
unkown
|
page read and write
|
|
|
|
7FF5E979A000
|
unkown
|
page readonly
|
|
|
|
129C46D0000
|
unkown
|
page read and write
|
|
|
|
15027874000
|
unkown
|
page read and write
|
|
|
|
1FDD7F80000
|
heap private
|
page read and write
|
|
|
|
7FF5482AF000
|
unkown
|
page readonly
|
|
|
|
266FBE29000
|
unkown
|
page read and write
|
|
|
|
7FF5482D4000
|
unkown
|
page readonly
|
|
|
|
7FF5D59CD000
|
unkown
|
page readonly
|
|
|
|
7FF5EA05C000
|
unkown
|
page readonly
|
|
|
|
1D3B2B50000
|
unkown
|
page read and write
|
|
|
|
15027770000
|
heap private
|
page read and write
|
|
|
|
516E7FE000
|
unkown
|
page read and write
|
|
|
|
266FCC02000
|
unkown
|
page read and write
|
|
|
|
7FF5E97A5000
|
unkown
|
page readonly
|
|
|
|
129C4690000
|
unkown
|
page read and write
|
|
|
|
7FF50A41B000
|
unkown
|
page readonly
|
|
|
|
226C7700000
|
unkown
|
page read and write
|
|
|
|
78192FF000
|
unkown
|
page read and write
|
|
|
|
7FF5561BC000
|
unkown
|
page readonly
|
|
|
|
7FF515889000
|
unkown
|
page readonly
|
|
|
|
389D6FE000
|
unkown
|
page read and write
|
|
|
|
7FF5482ED000
|
unkown
|
page readonly
|
|
|
|
15027861000
|
unkown
|
page read and write
|
|
|
|
7FF52D633000
|
unkown
|
page readonly
|
|
|
|
7FF554749000
|
unkown
|
page readonly
|
|
|
|
151DEA13000
|
unkown
|
page read and write
|
|
|
|
7FF5BC99E000
|
unkown
|
page readonly
|
|
|
|
129C4AC0000
|
unkown
|
page read and write
|
|
|
|
1D3B2B80000
|
unkown
|
page read and write
|
|
|
|
7FF515FEF000
|
unkown
|
page readonly
|
|
|
|
1D3B2A60000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A70000
|
unkown
|
page readonly
|
|
|
|
129C48EC000
|
unkown
|
page read and write
|
|
|
|
7FF506F5D000
|
unkown
|
page readonly
|
|
|
|
129BFE00000
|
unkown
|
page read and write
|
|
|
|
129BF113000
|
unkown
|
page read and write
|
|
|
|
7FF554ACF000
|
unkown
|
page readonly
|
|
|
|
1E528502000
|
unkown
|
page read and write
|
|
|
|
7FF509848000
|
unkown
|
page readonly
|
|
|
|
226C7070000
|
unkown
|
page readonly
|
|
|
|
226C6740000
|
unkown
|
page read and write
|
|
|
|
226C6AC5000
|
heap private
|
page read and write
|
|
|
|
226C6931000
|
heap default
|
page read and write
|
|
|
|
7FF5EA1E4000
|
unkown
|
page readonly
|
|
|
|
129C48D7000
|
unkown
|
page read and write
|
|
|
|
55737E000
|
unkown
|
page read and write
|
|
|
|
7FF5481E3000
|
unkown
|
page readonly
|
|
|
|
1D3B3260000
|
unkown
|
page read and write
|
|
|
|
226C6920000
|
heap default
|
page read and write
|
|
|
|
5576FE000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
129C4943000
|
unkown
|
page read and write
|
|
|
|
1D3B2C13000
|
unkown
|
page read and write
|
|
|
|
7FF5481E7000
|
unkown
|
page readonly
|
|
|
|
8C7BDFA000
|
unkown
|
page read and write
|
|
|
|
7FF5EA13C000
|
unkown
|
page readonly
|
|
|
|
7FF5EA27C000
|
unkown
|
page readonly
|
|
|
|
1FDD8113000
|
unkown
|
page read and write
|
|
|
|
7FF52DAB3000
|
unkown
|
page readonly
|
|
|
|
1D6BD385000
|
heap private
|
page read and write
|
|
|
|
1D6BD380000
|
heap private
|
page read and write
|
|
|
|
14400060000
|
unkown
|
page readonly
|
|
|
|
7FF50A40F000
|
unkown
|
page readonly
|
|
|
|
7FF5BCB9B000
|
unkown
|
page readonly
|
|
|
|
7DF2FE000
|
unkown
|
page read and write
|
|
|
|
7FF507153000
|
unkown
|
page readonly
|
|
|
|
7FF50711C000
|
unkown
|
page readonly
|
|
|
|
129C4849000
|
unkown
|
page read and write
|
|
|
|
14AFFFD000
|
unkown
|
page read and write
|
|
|
|
15027863000
|
unkown
|
page read and write
|
|
|
|
7FF5D59AD000
|
unkown
|
page readonly
|
|
|
|
1D3B2C40000
|
unkown
|
page read and write
|
|
|
|
7FF515E19000
|
unkown
|
page readonly
|
|
|
|
1D3B3190000
|
unkown
|
page readonly
|
|
|
|
7FF506D16000
|
unkown
|
page readonly
|
|
|
|
24879E3C000
|
unkown
|
page read and write
|
|
|
|
129C48BE000
|
unkown
|
page read and write
|
|
|
|
7FF5B11DD000
|
unkown
|
page readonly
|
|
|
|
1D3B2B30000
|
unkown
|
page readonly
|
|
|
|
129C45B1000
|
unkown
|
page read and write
|
|
|
|
129C48AC000
|
unkown
|
page read and write
|
|
|
|
129C48D5000
|
unkown
|
page read and write
|
|
|
|
7DEC77000
|
unkown
|
page read and write
|
|
|
|
1FDD8660000
|
unkown
|
page readonly
|
|
|
|
7FF5BC693000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8C1000
|
unkown
|
page readonly
|
|
|
|
1502786C000
|
unkown
|
page read and write
|
|
|
|
7FF515FC0000
|
unkown
|
page readonly
|
|
|
|
7818DFD000
|
unkown
|
page read and write
|
|
|
|
7FF54821D000
|
unkown
|
page readonly
|
|
|
|
151DEA00000
|
unkown
|
page read and write
|
|
|
|
226C6AD0000
|
unkown
|
page read and write
|
|
|
|
14400313000
|
unkown
|
page read and write
|
|
|
|
1D6BD3CF000
|
unkown
|
page read and write
|
|
|
|
2487A000000
|
unkown
|
page readonly
|
|
|
|
129C46C0000
|
unkown
|
page read and write
|
|
|
|
7FF5070BD000
|
unkown
|
page readonly
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
1E98FFD000
|
unkown
|
page read and write
|
|
|
|
7FF5BCADC000
|
unkown
|
page readonly
|
|
|
|
129C4740000
|
unkown
|
page read and write
|
|
|
|
7FF5556AF000
|
unkown
|
page readonly
|
|
|
|
129C4AB8000
|
unkown
|
page read and write
|
|
|
|
16E296CA000
|
unkown
|
page read and write
|
|
|
|
7DF17B000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
7FF5B0697000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF515EF4000
|
unkown
|
page readonly
|
|
|
|
1D6BD390000
|
heap default
|
page read and write
|
|
|
|
129C4B04000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5BC699000
|
unkown
|
page readonly
|
|
|
|
129BF0B0000
|
unkown
|
page read and write
|
|
|
|
ADA547B000
|
unkown
|
page read and write
|
|
|
|
129C4855000
|
unkown
|
page read and write
|
|
|
|
30C211B000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A03000
|
unkown
|
page readonly
|
|
|
|
1E528470000
|
unkown
|
page read and write
|
|
|
|
266FBEC0000
|
unkown
|
page read and write
|
|
|
|
7FF5EA02F000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBCF000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A8B000
|
unkown
|
page readonly
|
|
|
|
15027865000
|
unkown
|
page read and write
|
|
|
|
7FF5070FC000
|
unkown
|
page readonly
|
|
|
|
129C4760000
|
unkown
|
page readonly
|
|
|
|
7FF5071D6000
|
unkown
|
page readonly
|
|
|
|
129C48EC000
|
unkown
|
page read and write
|
|
|
|
129BEF90000
|
unkown
|
page read and write
|
|
|
|
129C48C2000
|
unkown
|
page read and write
|
|
|
|
129C48BF000
|
unkown
|
page read and write
|
|
|
|
266FC757000
|
unkown
|
page read and write
|
|
|
|
7FF5EA21D000
|
unkown
|
page readonly
|
|
|
|
7FF5EA267000
|
unkown
|
page readonly
|
|
|
|
7FF5562AB000
|
unkown
|
page readonly
|
|
|
|
1FDD802A000
|
unkown
|
page read and write
|
|
|
|
7FF554A93000
|
unkown
|
page readonly
|
|
|
|
129C46B0000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
30C25FE000
|
unkown
|
page read and write
|
|
|
|
14400200000
|
unkown
|
page read and write
|
|
|
|
129C4A87000
|
unkown
|
page write copy
|
|
|
|
7FF5EA123000
|
unkown
|
page readonly
|
|
|
|
129C0420000
|
unkown
|
page read and write
|
|
|
|
266FCC02000
|
unkown
|
page read and write
|
|
|
|
226C76B0000
|
unkown
|
page read and write
|
|
|
|
151DF202000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
266FC75D000
|
unkown
|
page read and write
|
|
|
|
266FC755000
|
unkown
|
page read and write
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
7FF5157BD000
|
unkown
|
page readonly
|
|
|
|
7FF52D37E000
|
unkown
|
page readonly
|
|
|
|
129C45F0000
|
unkown
|
page read and write
|
|
|
|
129C4A00000
|
unkown
|
page read and write
|
|
|
|
129C4A4C000
|
unkown
|
page readonly
|
|
|
|
5B821FF000
|
unkown
|
page read and write
|
|
|
|
7FF52D983000
|
unkown
|
page readonly
|
|
|
|
24879E4D000
|
unkown
|
page read and write
|
|
|
|
129C48F9000
|
unkown
|
page read and write
|
|
|
|
7FF52DB54000
|
unkown
|
page readonly
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
1D3B3402000
|
unkown
|
page read and write
|
|
|
|
1D6BD3C1000
|
unkown
|
page read and write
|
|
|
|
1E528513000
|
unkown
|
page read and write
|
|
|
|
7FF509BD1000
|
unkown
|
page readonly
|
|
|
|
1FDD8740000
|
unkown
|
page read and write
|
|
|
|
7FF5EA029000
|
unkown
|
page readonly
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
7FF50A347000
|
unkown
|
page readonly
|
|
|
|
7FF5EA220000
|
unkown
|
page readonly
|
|
|
|
1E9907E000
|
unkown
|
page read and write
|
|
|
|
5577FE000
|
unkown
|
page read and write
|
|
|
|
129C48F1000
|
unkown
|
page read and write
|
|
|
|
129C4450000
|
unkown
|
page read and write
|
|
|
|
7FF5EA336000
|
unkown
|
page readonly
|
|
|
|
ADA567E000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
150277D0000
|
heap default
|
page read and write
|
|
|
|
266FC7AE000
|
unkown
|
page read and write
|
|
|
|
78191FF000
|
unkown
|
page read and write
|
|
|
|
7FF5481F7000
|
unkown
|
page readonly
|
|
|
|
1D3B2C02000
|
unkown
|
page read and write
|
|
|
|
7FF5562AD000
|
unkown
|
page readonly
|
|
|
|
15027A00000
|
unkown
|
page readonly
|
|
|
|
129C4740000
|
unkown
|
page read and write
|
|
|
|
150277F0000
|
unkown
|
page readonly
|
|
|
|
151DEA52000
|
unkown
|
page read and write
|
|
|
|
7FF5482A8000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8C3000
|
unkown
|
page readonly
|
|
|
|
1502784F000
|
unkown
|
page read and write
|
|
|
|
1D6BD3BE000
|
unkown
|
page read and write
|
|
|
|
7FF5561E5000
|
unkown
|
page readonly
|
|
|
|
151DEA02000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB13000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
266FC7C9000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EFF000
|
unkown
|
page readonly
|
|
|
|
14400802000
|
unkown
|
page read and write
|
|
|
|
7FF5EA33B000
|
unkown
|
page readonly
|
|
|
|
14400D40000
|
unkown
|
page readonly
|
|
|
|
129C4740000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF556076000
|
unkown
|
page readonly
|
|
|
|
129C45B0000
|
unkown
|
page read and write
|
|
|
|
7FF52DB3B000
|
unkown
|
page readonly
|
|
|
|
389D47A000
|
unkown
|
page read and write
|
|
|
|
1FDD8102000
|
unkown
|
page read and write
|
|
|
|
7FF54816E000
|
unkown
|
page readonly
|
|
|
|
7FF509C9E000
|
unkown
|
page readonly
|
|
|
|
7FF54BB23000
|
unkown
|
page readonly
|
|
|
|
7DF77E000
|
unkown
|
page read and write
|
|
|
|
7FF554C7F000
|
unkown
|
page readonly
|
|
|
|
129C48DB000
|
unkown
|
page read and write
|
|
|
|
129C48C8000
|
unkown
|
page read and write
|
|
|
|
1D6BD3CE000
|
unkown
|
page read and write
|
|
|
|
14B01FC000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EE4000
|
unkown
|
page readonly
|
|
|
|
7FF5BC67F000
|
unkown
|
page readonly
|
|
|
|
7FF52CF7A000
|
unkown
|
page readonly
|
|
|
|
7FF507107000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBAD000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBA0000
|
unkown
|
page readonly
|
|
|
|
16E29E02000
|
unkown
|
page read and write
|
|
|
|
24879E6F000
|
unkown
|
page read and write
|
|
|
|
266FC000000
|
unkown
|
page readonly
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
266FC758000
|
unkown
|
page read and write
|
|
|
|
226C6965000
|
unkown
|
page read and write
|
|
|
|
7FF5B1294000
|
unkown
|
page readonly
|
|
|
|
15027858000
|
unkown
|
page read and write
|
|
|
|
129C45D4000
|
unkown
|
page read and write
|
|
|
|
16E295B0000
|
unkown
|
page write copy
|
|
|
|
274527B000
|
unkown
|
page read and write
|
|
|
|
129C4740000
|
unkown
|
page read and write
|
|
|
|
7FF5BC858000
|
unkown
|
page readonly
|
|
|
|
266FBEC5000
|
unkown
|
page read and write
|
|
|
|
129C48AF000
|
unkown
|
page read and write
|
|
|
|
7FF5EA227000
|
unkown
|
page readonly
|
|
|
|
150277E0000
|
unkown
|
page readonly
|
|
|
|
7FF52DB5E000
|
unkown
|
page readonly
|
|
|
|
16E2962A000
|
unkown
|
page read and write
|
|
|
|
5B823FE000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
129C4AA0000
|
unkown
|
page read and write
|
|
|
|
15027846000
|
unkown
|
page read and write
|
|
|
|
129C4B00000
|
unkown
|
page readonly
|
|
|
|
7FF5482BE000
|
unkown
|
page readonly
|
|
|
|
16E29C60000
|
unkown
|
page readonly
|
|
|
|
7FF554C46000
|
unkown
|
page readonly
|
|
|
|
266FBDD0000
|
unkown
|
page readonly
|
|
|
|
7FF515F33000
|
unkown
|
page readonly
|
|
|
|
7FF5D59E3000
|
unkown
|
page readonly
|
|
|
|
274537E000
|
unkown
|
page read and write
|
|
|
|
24879F08000
|
unkown
|
page read and write
|
|
|
|
266FBE13000
|
unkown
|
page read and write
|
|
|
|
7FF52DB6F000
|
unkown
|
page readonly
|
|
|
|
266FBF13000
|
unkown
|
page read and write
|
|
|
|
16E2963E000
|
unkown
|
page read and write
|
|
|
|
129BEEF0000
|
heap private
|
page read and write
|
|
|
|
16E29664000
|
unkown
|
page read and write
|
|
|
|
266FCC54000
|
unkown
|
page read and write
|
|
|
|
7FF5EA35E000
|
unkown
|
page readonly
|
|
|
|
129C48F5000
|
unkown
|
page read and write
|
|
|
|
266FC78B000
|
unkown
|
page read and write
|
|
|
|
7FF5D5247000
|
unkown
|
page readonly
|
|
|
|
7DEAFE000
|
unkown
|
page read and write
|
|
|
|
7FF5481E5000
|
unkown
|
page readonly
|
|
|
|
1D3B2C00000
|
unkown
|
page read and write
|
|
|
|
7FF54B9CD000
|
unkown
|
page readonly
|
|
|
|
8C7C0FE000
|
unkown
|
page read and write
|
|
|
|
7FF54BC2F000
|
unkown
|
page readonly
|
|
|
|
7FF54BB65000
|
unkown
|
page readonly
|
|
|
|
129C48EC000
|
unkown
|
page read and write
|
|
|
|
7FF52DB4D000
|
unkown
|
page readonly
|
|
|
|
7FF554B98000
|
unkown
|
page readonly
|
|
|
|
129C48F4000
|
unkown
|
page read and write
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
7FF5BCAFD000
|
unkown
|
page readonly
|
|
|
|
129C00C0000
|
unkown
|
page readonly
|
|
|
|
7FF54BB37000
|
unkown
|
page readonly
|
|
|
|
1D3B2E00000
|
unkown
|
page readonly
|
|
|
|
16E29666000
|
unkown
|
page read and write
|
|
|
|
7FF5070C7000
|
unkown
|
page readonly
|
|
|
|
129C4710000
|
unkown
|
page read and write
|
|
|
|
7FF5BCB35000
|
unkown
|
page readonly
|
|
|
|
129BF800000
|
unkown
|
page read and write
|
|
|
|
24879E81000
|
unkown
|
page read and write
|
|
|
|
7FF555FB7000
|
unkown
|
page readonly
|
|
|
|
129BF7A0000
|
unkown
|
page readonly
|
|
|
|
129C48CA000
|
unkown
|
page read and write
|
|
|
|
1FDD8052000
|
unkown
|
page read and write
|
|
|
|
78193FF000
|
unkown
|
page read and write
|
|
|
|
7FF5071CF000
|
unkown
|
page readonly
|
|
|
|
7FF554A1D000
|
unkown
|
page readonly
|
|
|
|
129C4684000
|
unkown
|
page readonly
|
|
|
|
7FF5B129E000
|
unkown
|
page readonly
|
|
|
|
129BF913000
|
unkown
|
page read and write
|
|
|
|
266FBD50000
|
heap private
|
page read and write
|
|
|
|
16E294E0000
|
heap private
|
page read and write
|
|
|
|
129C48D5000
|
unkown
|
page read and write
|
|
|
|
129BF959000
|
unkown
|
page read and write
|
|
|
|
266FBED6000
|
unkown
|
page read and write
|
|
|
|
1FDD82D0000
|
unkown
|
page readonly
|
|
|
|
226C6910000
|
unkown
|
page read and write
|
|
|
|
15027AD0000
|
unkown
|
page readonly
|
|
|
|
15027860000
|
unkown
|
page read and write
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
266FC7CE000
|
unkown
|
page read and write
|
|
|
|
7FF554B77000
|
unkown
|
page readonly
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
129C483C000
|
unkown
|
page read and write
|
|
|
|
24879E00000
|
unkown
|
page read and write
|
|
|
|
226C696E000
|
unkown
|
page read and write
|
|
|
|
266FBEF8000
|
unkown
|
page read and write
|
|
|
|
7FF5482EB000
|
unkown
|
page readonly
|
|
|
|
15027842000
|
unkown
|
page read and write
|
|
|
|
129BF072000
|
unkown
|
page read and write
|
|
|
|
7FF54BC2F000
|
unkown
|
page readonly
|
|
|
|
7FF54BB3C000
|
unkown
|
page readonly
|
|
|
|
129BF959000
|
unkown
|
page read and write
|
|
|
|
7FF515F25000
|
unkown
|
page readonly
|
|
|
|
7DEA7B000
|
unkown
|
page read and write
|
|
|
|
1E528E00000
|
unkown
|
page readonly
|
|
|
|
5B81FFB000
|
unkown
|
page read and write
|
|
|
|
7FF5EA091000
|
unkown
|
page readonly
|
|
|
|
7FF50A44F000
|
unkown
|
page readonly
|
|
|
|
129C48D5000
|
unkown
|
page read and write
|
|
|
|
129C48D6000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
1D6BD490000
|
unkown
|
page readonly
|
|
|
|
5579FE000
|
unkown
|
page read and write
|
|
|
|
7FF5B1280000
|
unkown
|
page readonly
|
|
|
|
ADA54FE000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
129C45D1000
|
unkown
|
page read and write
|
|
|
|
7FF50A3B5000
|
unkown
|
page readonly
|
|
|
|
129C45BB000
|
unkown
|
page read and write
|
|
|
|
1502786D000
|
unkown
|
page read and write
|
|
|
|
7FF507117000
|
unkown
|
page readonly
|
|
|
|
7FF54BC1B000
|
unkown
|
page readonly
|
|
|
|
7FF5BC983000
|
unkown
|
page readonly
|
|
|
|
1FDD8730000
|
unkown
|
page readonly
|
|
|
|
129C4902000
|
unkown
|
page read and write
|
|
|
|
266FC75D000
|
unkown
|
page read and write
|
|
|
|
129C4750000
|
unkown
|
page readonly
|
|
|
|
15027877000
|
unkown
|
page read and write
|
|
|
|
7FF5EA093000
|
unkown
|
page readonly
|
|
|
|
7FF5BC9BE000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A7D000
|
unkown
|
page readonly
|
|
|
|
7FF5B1180000
|
unkown
|
page readonly
|
|
|
|
7FF554C7B000
|
unkown
|
page readonly
|
|
|
|
30C26FE000
|
unkown
|
page read and write
|
|
|
|
5B81EFD000
|
unkown
|
page read and write
|
|
|
|
7FF54BC0D000
|
unkown
|
page readonly
|
|
|
|
129BF013000
|
unkown
|
page read and write
|
|
|
|
1FDD8802000
|
unkown
|
page read and write
|
|
|
|
7FF554C6B000
|
unkown
|
page readonly
|
|
|
|
266FC5B0000
|
unkown
|
page readonly
|
|
|
|
7FF5B1170000
|
unkown
|
page readonly
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
129C48BD000
|
unkown
|
page read and write
|
|
|
|
7FF5EA10D000
|
unkown
|
page readonly
|
|
|
|
1E52842A000
|
unkown
|
page read and write
|
|
|
|
7FF515E27000
|
unkown
|
page readonly
|
|
|
|
2487AB40000
|
unkown
|
page readonly
|
|
|
|
7FF50A43B000
|
unkown
|
page readonly
|
|
|
|
226C6AB0000
|
unkown
|
page read and write
|
|
|
|
7FF55604D000
|
unkown
|
page readonly
|
|
|
|
7FF548112000
|
unkown
|
page readonly
|
|
|
|
7FF5BCA44000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7FF5BC733000
|
unkown
|
page readonly
|
|
|
|
1E528400000
|
unkown
|
page read and write
|
|
|
|
7FF54BAA4000
|
unkown
|
page readonly
|
|
|
|
7FF55628D000
|
unkown
|
page readonly
|
|
|
|
1D3B2A50000
|
heap default
|
page read and write
|
|
|
|
129C45F0000
|
unkown
|
page read and write
|
|
|
|
14400263000
|
unkown
|
page read and write
|
|
|
|
129BF900000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
1E528380000
|
heap default
|
page read and write
|
|
|
|
7FF5071FB000
|
unkown
|
page readonly
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
7FF54BA43000
|
unkown
|
page readonly
|
|
|
|
7FF554BC3000
|
unkown
|
page readonly
|
|
|
|
7FF54BB69000
|
unkown
|
page readonly
|
|
|
|
129C48B5000
|
unkown
|
page read and write
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
129C48D7000
|
unkown
|
page read and write
|
|
|
|
7FF548164000
|
unkown
|
page readonly
|
|
|
|
266FBEA2000
|
unkown
|
page read and write
|
|
|
|
16E296C1000
|
unkown
|
page read and write
|
|
|
|
7FF54BBEF000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8E3000
|
unkown
|
page readonly
|
|
|
|
7FF5D5A84000
|
unkown
|
page readonly
|
|
|
|
266FBEEE000
|
unkown
|
page read and write
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7FF52DB6B000
|
unkown
|
page readonly
|
|
|
|
7FF54BB27000
|
unkown
|
page readonly
|
|
|
|
78194FE000
|
unkown
|
page read and write
|
|
|
|
1E528320000
|
heap private
|
page read and write
|
|
|
|
266FC782000
|
unkown
|
page read and write
|
|
|
|
7FF5482BB000
|
unkown
|
page readonly
|
|
|
|
266FC783000
|
unkown
|
page read and write
|
|
|
|
1E98D7F000
|
unkown
|
page read and write
|
|
|
|
8C7C1F7000
|
unkown
|
page read and write
|
|
|
|
7FF5BCBCF000
|
unkown
|
page readonly
|
|
|
|
7FF54BA1E000
|
unkown
|
page readonly
|
|
|
|
7DF57A000
|
unkown
|
page read and write
|
|
|
|
129C4490000
|
unkown
|
page read and write
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
129C4420000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
7FF54B9F3000
|
unkown
|
page readonly
|
|
|
|
266FC700000
|
unkown
|
page read and write
|
|
|
|
129C4A43000
|
unkown
|
page read and write
|
|
|
|
8C7C478000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
15027868000
|
unkown
|
page read and write
|
|
|
|
7FF5B11E9000
|
unkown
|
page readonly
|
|
|
|
7FF509C9E000
|
unkown
|
page readonly
|
|
|
|
7FF54BC2B000
|
unkown
|
page readonly
|
|
|
|
7818A7B000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
7FF50A420000
|
unkown
|
page readonly
|
|
|
|
7FF548208000
|
unkown
|
page readonly
|
|
|
|
7FF52DB28000
|
unkown
|
page readonly
|
|
|
|
151DEA6A000
|
unkown
|
page read and write
|
|
|
|
7DEE7A000
|
unkown
|
page read and write
|
|
|
|
129C48F1000
|
unkown
|
page read and write
|
|
|
|
7FF50A416000
|
unkown
|
page readonly
|
|
|
|
7FF5EA263000
|
unkown
|
page readonly
|
|
|
|
14400288000
|
unkown
|
page read and write
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
226C7690000
|
unkown
|
page readonly
|
|
|
|
7FF5BC96D000
|
unkown
|
page readonly
|
|
|
|
7FF507145000
|
unkown
|
page readonly
|
|
|
|
129C4800000
|
unkown
|
page read and write
|
|
|
|
129C45B6000
|
unkown
|
page read and write
|
|
|
|
1502787B000
|
unkown
|
page read and write
|
|
|
|
1502786F000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
16E29550000
|
unkown
|
page readonly
|
|
|
|
266FBE00000
|
unkown
|
page read and write
|
|
|
|
266FBEE7000
|
unkown
|
page read and write
|
|
|
|
7FF5EA2A9000
|
unkown
|
page readonly
|
|
|
|
7FF554C4B000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8D7000
|
unkown
|
page readonly
|
|
|
|
129C48EC000
|
unkown
|
page read and write
|
|
|
|
1D3B2D02000
|
unkown
|
page read and write
|
|
|
|
129C48C0000
|
unkown
|
page read and write
|
|
|
|
129C4A40000
|
unkown
|
page read and write
|
|
|
|
266FCC61000
|
unkown
|
page read and write
|
|
|
|
129C4770000
|
unkown
|
page readonly
|
|
|
|
7FF54BB5D000
|
unkown
|
page readonly
|
|
|
|
151DEA3C000
|
unkown
|
page read and write
|
|
|
|
129C4AA4000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7FF5EA063000
|
unkown
|
page readonly
|
|
|
|
7FF54BC1E000
|
unkown
|
page readonly
|
|
|
|
516E47B000
|
unkown
|
page read and write
|
|
|
|
7FF5EA34D000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8F1000
|
unkown
|
page readonly
|
|
|
|
266FCD00000
|
unkown
|
page read and write
|
|
|
|
129BF7D0000
|
unkown
|
page readonly
|
|
|
|
7FF548225000
|
unkown
|
page readonly
|
|
|
|
129C45BC000
|
unkown
|
page read and write
|
|
|
|
7FF5EA25C000
|
unkown
|
page readonly
|
|
|
|
1502785B000
|
unkown
|
page read and write
|
|
|
|
129C4680000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
129BF029000
|
unkown
|
page read and write
|
|
|
|
7FF5BCAD7000
|
unkown
|
page readonly
|
|
|
|
129C45D0000
|
unkown
|
page read and write
|
|
|
|
7DF07A000
|
unkown
|
page read and write
|
|
|
|
129C48DF000
|
unkown
|
page read and write
|
|
|
|
129BEF70000
|
unkown
|
page readonly
|
|
|
|
1FDD7FE0000
|
heap default
|
page read and write
|
|
|
|
129C45F4000
|
unkown
|
page read and write
|
|
|
|
1D6BD3A1000
|
unkown
|
page read and write
|
|
|
|
7FF5071F4000
|
unkown
|
page readonly
|
|
|
|
7FF515F55000
|
unkown
|
page readonly
|
|
|
|
129C48D1000
|
unkown
|
page read and write
|
|
|
|
7FF548106000
|
unkown
|
page readonly
|
|
|
|
7FF54BB73000
|
unkown
|
page readonly
|
|
|
|
129BF660000
|
unkown
|
page readonly
|
|
|
|
7FF5157E8000
|
unkown
|
page readonly
|
|
|
|
129C4861000
|
unkown
|
page read and write
|
|
|
|
16E295A0000
|
unkown
|
page readonly
|
|
|
|
7FF547FB6000
|
unkown
|
page readonly
|
|
|
|
7FF5482EF000
|
unkown
|
page readonly
|
|
|
|
389D77D000
|
unkown
|
page read and write
|
|
|
|
8C7B8AC000
|
unkown
|
page read and write
|
|
|
|
129C48D8000
|
unkown
|
page read and write
|
|
|
|
7FF556294000
|
unkown
|
page readonly
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
7FF54BB7A000
|
unkown
|
page readonly
|
|
|
|
7FF5BCB05000
|
unkown
|
page readonly
|
|
|
|
266FC755000
|
unkown
|
page read and write
|
|
|
|
226C696C000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
1D6BD3B5000
|
unkown
|
page read and write
|
|
|
|
7FF554A6E000
|
unkown
|
page readonly
|
|
|
|
7FF5EA2BA000
|
unkown
|
page readonly
|
|
|
|
7FF5071FE000
|
unkown
|
page readonly
|
|
|
|
226C6870000
|
unkown
|
page read and write
|
|
|
|
7FF52DABA000
|
unkown
|
page readonly
|
|
|
|
7FF5071DE000
|
unkown
|
page readonly
|
|
|
|
7FF50A368000
|
unkown
|
page readonly
|
|
|
|
7FF5482DB000
|
unkown
|
page readonly
|
|
|
|
7818C7B000
|
unkown
|
page read and write
|
|
|
|
7FF5547B0000
|
unkown
|
page readonly
|
|
|
|
7FF52D639000
|
unkown
|
page readonly
|
|
|
|
24879E55000
|
unkown
|
page read and write
|
|
|
|
1E5283A0000
|
unkown
|
page readonly
|
|
|
|
7FF5E9AF1000
|
unkown
|
page readonly
|
|
|
|
266FC772000
|
unkown
|
page read and write
|
|
|
|
129C4A10000
|
unkown
|
page readonly
|
|
|
|
1D6BD39B000
|
heap default
|
page read and write
|
|
|
|
389D5F9000
|
unkown
|
page read and write
|
|
|
|
7FF54B03A000
|
unkown
|
page readonly
|
|
|
|
1440028D000
|
unkown
|
page read and write
|
|
|
|
7FF52D9C5000
|
unkown
|
page readonly
|
|
|
|
1502783E000
|
unkown
|
page read and write
|
|
|
|
7FF50A35C000
|
unkown
|
page readonly
|
|
|
|
15028002000
|
unkown
|
page read and write
|
|
|
|
7FF5561A3000
|
unkown
|
page readonly
|
|
|
|
266FC783000
|
unkown
|
page read and write
|
|
|
|
7FF55626F000
|
unkown
|
page readonly
|
|
|
|
7FF556268000
|
unkown
|
page readonly
|
|
|
|
129C4AD0000
|
unkown
|
page read and write
|
|
|
|
129C48DD000
|
unkown
|
page read and write
|
|
|
|
129C48C6000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
7FF507175000
|
unkown
|
page readonly
|
|
|
|
15027839000
|
unkown
|
page read and write
|
|
|
|
15027845000
|
unkown
|
page read and write
|
|
|
|
7DF27E000
|
unkown
|
page read and write
|
|
|
|
2487A602000
|
unkown
|
page read and write
|
|
|
|
7FF5B0F66000
|
unkown
|
page readonly
|
|
|
|
5B820F7000
|
unkown
|
page read and write
|
|
|
|
7FF5482EF000
|
unkown
|
page readonly
|
|
|
|
1D6BD360000
|
unkown
|
page readonly
|
|
|
|
7FF50A408000
|
unkown
|
page readonly
|
|
|
|
129C481F000
|
unkown
|
page read and write
|
|
|
|
1D6BD240000
|
unkown
|
page readonly
|
|
|
|
1502785F000
|
unkown
|
page read and write
|
|
|
|
7FF554AF4000
|
unkown
|
page readonly
|
|
|
|
1E528482000
|
unkown
|
page read and write
|
|
|
|
16E2A000000
|
unkown
|
page readonly
|
|
|
|
7FF5EA230000
|
unkown
|
page readonly
|
|
|
|
1FDD803F000
|
unkown
|
page read and write
|
|
|
|
129C4AA0000
|
unkown
|
page read and write
|
|
|
|
7FF554933000
|
unkown
|
page readonly
|
|
|
|
ADA5779000
|
unkown
|
page read and write
|
|
|
|
14400250000
|
unkown
|
page read and write
|
|
|
|
129C482D000
|
unkown
|
page read and write
|
|
|
|
7FF5BC988000
|
unkown
|
page readonly
|
|
|
|
7FF5EA328000
|
unkown
|
page readonly
|
|
|
|
16E29800000
|
unkown
|
page readonly
|
|
|
|
14400263000
|
unkown
|
page read and write
|
|
|
|
7FF5E9A3F000
|
unkown
|
page readonly
|
|
|
|
7FF5B11A7000
|
unkown
|
page readonly
|
|
|
|
16E29687000
|
unkown
|
page read and write
|
|
|
|
7FF515FDE000
|
unkown
|
page readonly
|
|
|
|
129C48B2000
|
unkown
|
page read and write
|
|
|
|
7FF5EA35B000
|
unkown
|
page readonly
|
|
|
|
7FF54B6F9000
|
unkown
|
page readonly
|
|
|
|
129C45B1000
|
unkown
|
page read and write
|
|
|
|
129C48BD000
|
unkown
|
page read and write
|
|
|
|
55757B000
|
unkown
|
page read and write
|
|
|
|
5572FE000
|
unkown
|
page read and write
|
|
|
|
151DE8A0000
|
unkown
|
page readonly
|
|
|
|
266FC0D0000
|
unkown
|
page readonly
|
|
|
|
7FF5BCBB4000
|
unkown
|
page readonly
|
|
|
|
226C6AC9000
|
heap private
|
page read and write
|
|
|
|
226C697C000
|
heap default
|
page read and write
|
|
|
|
7DEF7F000
|
unkown
|
page read and write
|
|
|
|
266FC730000
|
unkown
|
page read and write
|
|
|
|
8C7C37D000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A9F000
|
unkown
|
page readonly
|
|
|
|
7FF555F3A000
|
unkown
|
page readonly
|
|
|
|
226C6AC0000
|
heap private
|
page read and write
|
|
|
|
266FBEA9000
|
unkown
|
page read and write
|
|
|
|
7FF5BCABC000
|
unkown
|
page readonly
|
|
|
|
1502787E000
|
unkown
|
page read and write
|
|
|
|
129C4AE0000
|
unkown
|
page readonly
|
|
|
|
226C68B0000
|
unkown
|
page readonly
|
|
|
|
266FCC54000
|
unkown
|
page read and write
|
|
|
|
7FF5BC303000
|
unkown
|
page readonly
|
|
|
|
1FDD8070000
|
unkown
|
page read and write
|
|
|
|
ADA557D000
|
unkown
|
page read and write
|
|
|
|
129C45BB000
|
unkown
|
page read and write
|
|
|
|
129C4A50000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A9F000
|
unkown
|
page readonly
|
|
|
|
266FC7B4000
|
unkown
|
page read and write
|
|
|
|
14AFD7C000
|
unkown
|
page read and write
|
|
|
|
7FF5562AF000
|
unkown
|
page readonly
|
|
|
|
266FC560000
|
unkown
|
page write copy
|
|
|
|
7FF515FAF000
|
unkown
|
page readonly
|
|
|
|
7FF509845000
|
unkown
|
page readonly
|
|
|
|
7FF52DB40000
|
unkown
|
page readonly
|
|
|
|
144007A0000
|
unkown
|
page readonly
|
|
|
|
7FF5BC701000
|
unkown
|
page readonly
|
|
|
|
15027902000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A8E000
|
unkown
|
page readonly
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
7FF515796000
|
unkown
|
page readonly
|
|
|
|
7FF50720F000
|
unkown
|
page readonly
|
|
|
|
7FF5D59D5000
|
unkown
|
page readonly
|
|
|
|
7FF515F29000
|
unkown
|
page readonly
|
|
|
|
129C48F1000
|
unkown
|
page read and write
|
|
|
|
7FF52D9E4000
|
unkown
|
page readonly
|
|
|
|
1FDD8760000
|
unkown
|
page readonly
|
|
|
|
14AFBFE000
|
unkown
|
page read and write
|
|
|
|
1440024E000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5BC854000
|
unkown
|
page readonly
|
|
|
|
7FF554C7F000
|
unkown
|
page readonly
|
|
|
|
16E296B9000
|
unkown
|
page read and write
|
|
|
|
266FBE70000
|
unkown
|
page read and write
|
|
|
|
14400229000
|
unkown
|
page read and write
|
|
|
|
7FF515EFC000
|
unkown
|
page readonly
|
|
|
|
14400050000
|
heap private
|
page read and write
|
|
|
|
129C48DB000
|
unkown
|
page read and write
|
|
|
|
15027847000
|
unkown
|
page read and write
|
|
|
|
129C45B8000
|
unkown
|
page read and write
|
|
|
|
7FF5EA32F000
|
unkown
|
page readonly
|
|
|
|
266FC5C0000
|
unkown
|
page readonly
|
|
|
|
226C6CE0000
|
unkown
|
page readonly
|
|
|
|
129BEF80000
|
unkown
|
page read and write
|
|
|
|
7FF54BBFB000
|
unkown
|
page readonly
|
|
|
|
1E528455000
|
unkown
|
page read and write
|
|
|
|
2487A0D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA068000
|
unkown
|
page readonly
|
|
|
|
1502785A000
|
unkown
|
page read and write
|
|
|
|
129BF908000
|
unkown
|
page read and write
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
7FF5BCBBB000
|
unkown
|
page readonly
|
|
|
|
226C67A0000
|
unkown
|
page readonly
|
|
|
|
7FF515D7A000
|
unkown
|
page readonly
|
|
|
|
1D6BD3C0000
|
unkown
|
page read and write
|
|
|
|
7FF515DFD000
|
unkown
|
page readonly
|
|
|
|
151DEF90000
|
unkown
|
page readonly
|
|
|
|
1FDD8A00000
|
unkown
|
page readonly
|
|
|
|
266FC5E0000
|
unkown
|
page read and write
|
|
|
|
7FF554C6E000
|
unkown
|
page readonly
|
|
|
|
129C48B7000
|
unkown
|
page read and write
|
|
|
|
14AFCFE000
|
unkown
|
page read and write
|
|
|
|
7FF54BA85000
|
unkown
|
page readonly
|
|
|
|
266FBEDE000
|
unkown
|
page read and write
|
|
|
|
1E528500000
|
unkown
|
page read and write
|
|
|
|
129BF0A2000
|
unkown
|
page read and write
|
|
|
|
7FF5B11E5000
|
unkown
|
page readonly
|
|
|
|
226C6A70000
|
unkown
|
page read and write
|
|
|
|
7FF5BCA87000
|
unkown
|
page readonly
|
|
|
|
226C68C0000
|
unkown
|
page readonly
|
|
|
|
1D3B2B80000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
129C48DA000
|
unkown
|
page read and write
|
|
|
|
266FBDE0000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
1440023C000
|
unkown
|
page read and write
|
|
|
|
8C7C27F000
|
unkown
|
page read and write
|
|
|
|
1E528508000
|
unkown
|
page read and write
|
|
|
|
8C7BFF8000
|
unkown
|
page read and write
|
|
|
|
7FF52DA77000
|
unkown
|
page readonly
|
|
|
|
55727C000
|
unkown
|
page read and write
|
|
|
|
7FF554BB9000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7FF5B1276000
|
unkown
|
page readonly
|
|
|
|
1E5286D0000
|
unkown
|
page readonly
|
|
|
|
7FF52D648000
|
unkown
|
page readonly
|
|
|
|
129BF7C0000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
129C4430000
|
unkown
|
page read and write
|
|
|
|
129BF959000
|
unkown
|
page read and write
|
|
|
|
7FF5EA288000
|
unkown
|
page readonly
|
|
|
|
1D6BD3BE000
|
unkown
|
page read and write
|
|
|
|
1D3B2C29000
|
unkown
|
page read and write
|
|
|
|
5B81E75000
|
unkown
|
page read and write
|
|
|
|
14AF87B000
|
unkown
|
page read and write
|
|
|
|
7FF5EA29D000
|
unkown
|
page readonly
|
|
|
|
144004D0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA36F000
|
unkown
|
page readonly
|
|
|
|
7FF54BC14000
|
unkown
|
page readonly
|
|
|
|
129C46F0000
|
unkown
|
page read and write
|
|
|
|
7FF5BC8CD000
|
unkown
|
page readonly
|
|
|
|
5B81C7B000
|
unkown
|
page read and write
|
|
|
|
226C6900000
|
unkown
|
page read and write
|
|
|
|
7FF54B9FE000
|
unkown
|
page readonly
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
7FF5EA244000
|
unkown
|
page readonly
|
|
|
|
1D6BD3B6000
|
unkown
|
page read and write
|
|
|
|
266FC7B3000
|
unkown
|
page read and write
|
|
|
|
7FF5BC8E0000
|
unkown
|
page readonly
|
|
|
|
7FF5B128D000
|
unkown
|
page readonly
|
|
|
|
1FDD8000000
|
unkown
|
page read and write
|
|
|
|
2744D2C000
|
unkown
|
page read and write
|
|
|
|
1D6BD3BE000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EEA000
|
unkown
|
page readonly
|
|
|
|
7FF55629B000
|
unkown
|
page readonly
|
|
|
|
7FF5071C8000
|
unkown
|
page readonly
|
|
|
|
7FF548082000
|
unkown
|
page readonly
|
|
|
|
7FF5EA277000
|
unkown
|
page readonly
|
|
|
|
7FF54BC00000
|
unkown
|
page readonly
|
|
|
|
15027879000
|
unkown
|
page read and write
|
|
|
|
7FF52CF80000
|
unkown
|
page readonly
|
|
|
|
129C48BF000
|
unkown
|
page read and write
|
|
|
|
7FF52D95E000
|
unkown
|
page readonly
|
|
|
|
1E52844D000
|
unkown
|
page read and write
|
|
|
|
129C4B30000
|
unkown
|
page read and write
|
|
|
|
1D6BD370000
|
unkown
|
page readonly
|
|
|
|
7FF5B0FA8000
|
unkown
|
page readonly
|
|
|
|
1E9889C000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EDB000
|
unkown
|
page readonly
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
7FF50A389000
|
unkown
|
page readonly
|
|
|
|
7FF5561FA000
|
unkown
|
page readonly
|
|
|
|
7FF52D9BF000
|
unkown
|
page readonly
|
|
|
|
129BEFF0000
|
unkown
|
page read and write
|
|
|
|
516E5F7000
|
unkown
|
page read and write
|
|
|
|
30C219E000
|
unkown
|
page read and write
|
|
|
|
7FF5EA240000
|
unkown
|
page readonly
|
|
|
|
129BF790000
|
unkown
|
page readonly
|
|
|
|
266FBECF000
|
unkown
|
page read and write
|
|
|
|
7FF5BC920000
|
unkown
|
page readonly
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
7FF5EA104000
|
unkown
|
page readonly
|
|
|
|
7FF55612E000
|
unkown
|
page readonly
|
|
|
|
7FF54BBE8000
|
unkown
|
page readonly
|
|
|
|
7FF5561A7000
|
unkown
|
page readonly
|
|
|
|
144007B0000
|
unkown
|
page read and write
|
|
|
|
266FC759000
|
unkown
|
page read and write
|
|
|
|
129C48CF000
|
unkown
|
page read and write
|
|
|
|
7FF52D933000
|
unkown
|
page readonly
|
|
|
|
7FF5E9FFA000
|
unkown
|
page readonly
|
|
|
|
16E29613000
|
unkown
|
page read and write
|
|
|
|
7FF5B104D000
|
unkown
|
page readonly
|
|
|
|
129C45B6000
|
unkown
|
page read and write
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
7FF5B126F000
|
unkown
|
page readonly
|
|
|
|
7FF5481FC000
|
unkown
|
page readonly
|
|
|
|
7FF5E9EF0000
|
unkown
|
page readonly
|
|
|
|
7FF5BC8F3000
|
unkown
|
page readonly
|
|
|
|
7FF52DA88000
|
unkown
|
page readonly
|
|
|
|
7FF556184000
|
unkown
|
page readonly
|
|
|
|
7FF50A1ED000
|
unkown
|
page readonly
|
|
|
|
24879DF0000
|
unkown
|
page readonly
|
|
|
|
7FF5EA128000
|
unkown
|
page readonly
|
|
|
|
7FF5B11FA000
|
unkown
|
page readonly
|
|
|
|
24879E4A000
|
unkown
|
page read and write
|
|
|
|
129BF7F0000
|
unkown
|
page read and write
|
|
|
|
7FF5D59EA000
|
unkown
|
page readonly
|
|
|
|
151DE830000
|
heap private
|
page read and write
|
|
|
|
7FF5561DD000
|
unkown
|
page readonly
|
|
|
|
7FF5481C4000
|
unkown
|
page readonly
|
|
|
|
151DEA66000
|
unkown
|
page read and write
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
24879D70000
|
heap private
|
page read and write
|
|
|
|
1D3B2C56000
|
unkown
|
page read and write
|
|
|
|
15027F30000
|
unkown
|
page read and write
|
|
|
|
7FF5EA248000
|
unkown
|
page readonly
|
|
|
|
7FF52DB2F000
|
unkown
|
page readonly
|
|
|
|
266FC749000
|
unkown
|
page read and write
|
|
|
|
7FF554B87000
|
unkown
|
page readonly
|
|
|
|
129BF058000
|
unkown
|
page read and write
|
|
|
|
7FF506A54000
|
unkown
|
page readonly
|
|
|
|
7FF50720D000
|
unkown
|
page readonly
|
|
|
|
7FF50A44B000
|
unkown
|
page readonly
|
|
|
|
16E2966D000
|
unkown
|
page read and write
|
|
|
|
1D6BD310000
|
unkown
|
page read and write
|
|
|
|
7FF5BCBBE000
|
unkown
|
page readonly
|
|
|
|
129C48D0000
|
unkown
|
page read and write
|
|
|
|
129C48EA000
|
unkown
|
page read and write
|
|
|
|
266FC5D0000
|
unkown
|
page read and write
|
|
|
|
7FF5D5A5F000
|
unkown
|
page readonly
|
|
|
|
7FF5481DC000
|
unkown
|
page readonly
|
|
|
|
129C48D3000
|
unkown
|
page read and write
|
|
|
|
1D6BD330000
|
unkown
|
page read and write
|
|
|
|
129C44A0000
|
unkown
|
page read and write
|
|
|
|
7FF50A393000
|
unkown
|
page readonly
|
|
|
|
7FF5BC377000
|
unkown
|
page readonly
|
|
|
|
7FF515729000
|
unkown
|
page readonly
|
|
|
|
1E528413000
|
unkown
|
page read and write
|
|
|
|
7FF5562AF000
|
unkown
|
page readonly
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
7FF52D93E000
|
unkown
|
page readonly
|
|
|
|
129C4453000
|
unkown
|
page read and write
|
|
|
|
15027875000
|
unkown
|
page read and write
|
|
|
|
129BF99A000
|
unkown
|
page read and write
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
15027841000
|
unkown
|
page read and write
|
|
|
|
129BF959000
|
unkown
|
page read and write
|
|
|
|
7FF547D9F000
|
unkown
|
page readonly
|
|
|
|
7FF5E9EF7000
|
unkown
|
page readonly
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
129C45B4000
|
unkown
|
page read and write
|
|
|
|
266FC530000
|
unkown
|
page readonly
|
|
|
|
129C45BC000
|
unkown
|
page read and write
|
|
|
|
7FF5E97AA000
|
unkown
|
page readonly
|
|
|
|
129C48B3000
|
unkown
|
page read and write
|
|
|
|
151DEA29000
|
unkown
|
page read and write
|
|
|
|
129C4815000
|
unkown
|
page read and write
|
|
|
|
24879F00000
|
unkown
|
page read and write
|
|
|
|
266FC783000
|
unkown
|
page read and write
|
|
|
|
266FC79F000
|
unkown
|
page read and write
|
|
|
|
7FF554BB5000
|
unkown
|
page readonly
|
|
|
|
266FCC00000
|
unkown
|
page read and write
|
|
|
|
24879F13000
|
unkown
|
page read and write
|
|
|
|
7FF5BC9DD000
|
unkown
|
page readonly
|
|
|
|
7FF554C50000
|
unkown
|
page readonly
|
|
|
|
7FF556215000
|
unkown
|
page readonly
|
|
|
|
7FF5BCAA8000
|
unkown
|
page readonly
|
|
|
|
1E52844A000
|
unkown
|
page read and write
|
|
|
|
7FF5B127B000
|
unkown
|
page readonly
|
|
|
|
7FF5071DB000
|
unkown
|
page readonly
|
|
|
|
7FF5B12AF000
|
unkown
|
page readonly
|
|
|
|
24879F02000
|
unkown
|
page read and write
|
|
|
|
7FF554C3F000
|
unkown
|
page readonly
|
|
|
|
129C44B0000
|
unkown
|
page read and write
|
|
|
|
129C48D6000
|
unkown
|
page read and write
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
1FDD8076000
|
unkown
|
page read and write
|
|
|
|
7FF5E9EA1000
|
unkown
|
page readonly
|
|
|
|
129C45E0000
|
unkown
|
page read and write
|
|
|
|
7FF5482DE000
|
unkown
|
page readonly
|
|
|
|
266FBEEE000
|
unkown
|
page read and write
|
|
|
|
15027843000
|
unkown
|
page read and write
|
|
|
|
7FF554BAD000
|
unkown
|
page readonly
|
|
|
|
266FC5D0000
|
unkown
|
page read and write
|
|
|
|
129BF102000
|
unkown
|
page read and write
|
|
|
|
516E4FF000
|
unkown
|
page read and write
|
|
|
|
7FF54823A000
|
unkown
|
page readonly
|
|
|
|
7FF5BCA80000
|
unkown
|
page readonly
|
|
|
|
7FF555FAD000
|
unkown
|
page readonly
|
|
|
|
266FC75B000
|
unkown
|
page read and write
|
|
|
|
266FCC02000
|
unkown
|
page read and write
|
|
|
|
14400400000
|
unkown
|
page readonly
|
|
|
|
129BF918000
|
unkown
|
page read and write
|
|
|
|
7FF50A434000
|
unkown
|
page readonly
|
|
|
|
151DEB13000
|
unkown
|
page read and write
|
|
|
|
1FDD8066000
|
unkown
|
page read and write
|
|
|
|
14400030000
|
heap default
|
page read and write
|
|
|
|
7FF5481D2000
|
unkown
|
page readonly
|
|
|
|
14B02FF000
|
unkown
|
page read and write
|
|
|
|
1FDD7FF0000
|
unkown
|
page readonly
|
|
|
|
129C48E2000
|
unkown
|
page read and write
|
|
|
|
129C48D9000
|
unkown
|
page read and write
|
|
|
|
129C48C6000
|
unkown
|
page read and write
|
|
|
|
7FF5561B8000
|
unkown
|
page readonly
|
|
|
|
1E529140000
|
unkown
|
page readonly
|
|
|
|
129BF99D000
|
unkown
|
page read and write
|
|
|
|
151DE890000
|
heap default
|
page read and write
|
|
|
|
1FDD8057000
|
unkown
|
page read and write
|
|
|
|
7FF5EA077000
|
unkown
|
page readonly
|
|
|
|
129C4902000
|
unkown
|
page read and write
|
|
|
|
129C48B6000
|
unkown
|
page read and write
|
|
|
|
1D6BD3A6000
|
unkown
|
page read and write
|
|
|
|
7FF5556A9000
|
unkown
|
page readonly
|
|
There are 1215 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/ATT80307.HTM#aXR0bXNobHBAc2VhcnNoYy5jb20=
|
|