Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://125.47.255.248
|
URL
|
initial url
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\91c9014b-4d6f-4786-98f4-95e17cb4ef37.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\51266b58-8967-4bf9-a400-3d250baa9f60.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6ed57a7b-9d4a-47ce-a761-f21e5423ce87.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldon (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldW (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.oldes (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.olde (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences: (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldww (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\6135dcf3-2bd0-4063-8acd-ff21039c283f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State3f (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old97
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldd
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bf21dda3-4975-45e9-a84e-4901832b167a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old6 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f24bcec3-7020-43bc-9ad2-a07a7ea471f6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f33600a0-b641-497d-834e-096628884d12.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fab39d00-3328-46a0-9ef2-79f4ac781043.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8f (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a2706294-a71c-4cb6-aaf9-8ad572980a7d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\16dc31c6-a9cb-4ca6-a126-83126ce938c0.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\76772ec3-5571-48d8-9959-44ad51ffe706.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\a560c9d0-2165-470c-8a3d-f174243cb113.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\c2bf007a-cb49-4124-9079-74984806fea0.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_1945874024\a560c9d0-2165-470c-8a3d-f174243cb113.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\76772ec3-5571-48d8-9959-44ad51ffe706.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1048_35620492\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 165 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://125.47.255.248'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,275807099243823227,4504885289812018906,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1832 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
http://125.47.255.248/
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
216.58.205.77
|
|
|
|
clients.l.google.com
|
216.58.208.174
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.208.161
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
216.58.208.161
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
125.47.255.248
|
unknown
|
China
|
|
|
|
125.47.255.24
|
unknown
|
China
|
|
|
|
216.58.208.174
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
216.58.205.77
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
There are 29 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
231CC380000
|
unkown
|
page read and write
|
|
|
|
7FF5DCC2D000
|
unkown
|
page readonly
|
|
|
|
7FF55C711000
|
unkown
|
page readonly
|
|
|
|
231D19C4000
|
unkown
|
page read and write
|
|
|
|
7FF5BFBF6000
|
unkown
|
page readonly
|
|
|
|
162ADC88000
|
unkown
|
page read and write
|
|
|
|
7FF5BFD28000
|
unkown
|
page readonly
|
|
|
|
7FF5BFE67000
|
unkown
|
page readonly
|
|
|
|
7FF5BFBFF000
|
unkown
|
page readonly
|
|
|
|
7FF55C829000
|
unkown
|
page readonly
|
|
|
|
7FF5A0760000
|
unkown
|
page readonly
|
|
|
|
231CC350000
|
unkown
|
page readonly
|
|
|
|
7FF5BFDB9000
|
unkown
|
page readonly
|
|
|
|
7FF5DCA9A000
|
unkown
|
page readonly
|
|
|
|
7FF5A0755000
|
unkown
|
page readonly
|
|
|
|
231CC2E0000
|
heap private
|
page read and write
|
|
|
|
231CC46F000
|
unkown
|
page read and write
|
|
|
|
231D1B20000
|
unkown
|
page read and write
|
|
|
|
231CC600000
|
unkown
|
page readonly
|
|
|
|
20ABF700000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF6C000
|
unkown
|
page readonly
|
|
|
|
231CCD59000
|
unkown
|
page read and write
|
|
|
|
6D37D7B000
|
unkown
|
page read and write
|
|
|
|
20ABF647000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF87000
|
unkown
|
page readonly
|
|
|
|
231CCC02000
|
unkown
|
page read and write
|
|
|
|
4E57FFE000
|
unkown
|
page read and write
|
|
|
|
7FF55C7E6000
|
unkown
|
page readonly
|
|
|
|
231D1C96000
|
unkown
|
page read and write
|
|
|
|
7FF5BFC9E000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF0A000
|
unkown
|
page readonly
|
|
|
|
20AC0140000
|
unkown
|
page readonly
|
|
|
|
7FF5DCBD8000
|
unkown
|
page readonly
|
|
|
|
7FF5BFE81000
|
unkown
|
page readonly
|
|
|
|
231D1890000
|
unkown
|
page read and write
|
|
|
|
7FF5DCA8E000
|
unkown
|
page readonly
|
|
|
|
231D19A0000
|
unkown
|
page read and write
|
|
|
|
4E577FF000
|
unkown
|
page read and write
|
|
|
|
7FF5BFE5C000
|
unkown
|
page readonly
|
|
|
|
20ABF702000
|
unkown
|
page read and write
|
|
|
|
DC71B7F000
|
unkown
|
page read and write
|
|
|
|
7FF55C3CA000
|
unkown
|
page readonly
|
|
|
|
20ABF5C0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF84000
|
unkown
|
page readonly
|
|
|
|
20ABFC02000
|
unkown
|
page read and write
|
|
|
|
7FF5BFFE0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFAF3000
|
unkown
|
page readonly
|
|
|
|
7FF5A06FE000
|
unkown
|
page readonly
|
|
|
|
231CCD13000
|
unkown
|
page read and write
|
|
|
|
20ABF67C000
|
unkown
|
page read and write
|
|
|
|
7FF55C815000
|
unkown
|
page readonly
|
|
|
|
1C028602000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF39000
|
unkown
|
page readonly
|
|
|
|
231CCBE0000
|
unkown
|
page readonly
|
|
|
|
4E57BFB000
|
unkown
|
page read and write
|
|
|
|
DC718FB000
|
unkown
|
page read and write
|
|
|
|
231D1B00000
|
unkown
|
page read and write
|
|
|
|
CCE267E000
|
unkown
|
page read and write
|
|
|
|
231CC3E1000
|
unkown
|
page read and write
|
|
|
|
231D1C20000
|
unkown
|
page read and write
|
|
|
|
7FF5DC7C0000
|
unkown
|
page readonly
|
|
|
|
7FF55C7E8000
|
unkown
|
page readonly
|
|
|
|
231D1AF0000
|
unkown
|
page read and write
|
|
|
|
DC71EFE000
|
unkown
|
page read and write
|
|
|
|
162AE280000
|
unkown
|
page read and write
|
|
|
|
231D1B60000
|
unkown
|
page readonly
|
|
|
|
7FF5BF448000
|
unkown
|
page readonly
|
|
|
|
231CC49C000
|
unkown
|
page read and write
|
|
|
|
DC717FA000
|
unkown
|
page read and write
|
|
|
|
DC71AFF000
|
unkown
|
page read and write
|
|
|
|
231D1800000
|
unkown
|
page read and write
|
|
|
|
7FF55C7D2000
|
unkown
|
page readonly
|
|
|
|
231D1AA4000
|
unkown
|
page write copy
|
|
|
|
7FF5A06EA000
|
unkown
|
page readonly
|
|
|
|
1C027C50000
|
heap private
|
page read and write
|
|
|
|
231CC474000
|
unkown
|
page read and write
|
|
|
|
7FF5A07C9000
|
unkown
|
page readonly
|
|
|
|
162ADB30000
|
unkown
|
page readonly
|
|
|
|
7FF55C6AA000
|
unkown
|
page readonly
|
|
|
|
7FF5A074C000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEF2000
|
unkown
|
page readonly
|
|
|
|
231CC43D000
|
unkown
|
page read and write
|
|
|
|
162AE000000
|
unkown
|
page readonly
|
|
|
|
7FF55C6ED000
|
unkown
|
page readonly
|
|
|
|
231CCC00000
|
unkown
|
page read and write
|
|
|
|
231D1A74000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEB7000
|
unkown
|
page readonly
|
|
|
|
7FF5BFB60000
|
unkown
|
page readonly
|
|
|
|
7FF55C85C000
|
unkown
|
page readonly
|
|
|
|
7FF5BFCA5000
|
unkown
|
page readonly
|
|
|
|
231CCD02000
|
unkown
|
page read and write
|
|
|
|
7FF5DCCC9000
|
unkown
|
page readonly
|
|
|
|
231CC370000
|
unkown
|
page read and write
|
|
|
|
231D18A0000
|
unkown
|
page read and write
|
|
|
|
162ADAC0000
|
heap private
|
page read and write
|
|
|
|
7FF5BF82A000
|
unkown
|
page readonly
|
|
|
|
231D1850000
|
unkown
|
page readonly
|
|
|
|
DC715FB000
|
unkown
|
page read and write
|
|
|
|
7FF5BFD9C000
|
unkown
|
page readonly
|
|
|
|
1C027E4B000
|
unkown
|
page read and write
|
|
|
|
7FF5A058E000
|
unkown
|
page readonly
|
|
|
|
DC7127E000
|
unkown
|
page read and write
|
|
|
|
231CC477000
|
unkown
|
page read and write
|
|
|
|
231D1C9C000
|
unkown
|
page read and write
|
|
|
|
7FF5A054F000
|
unkown
|
page readonly
|
|
|
|
231CC6D0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFD4E000
|
unkown
|
page readonly
|
|
|
|
231CC4FB000
|
unkown
|
page read and write
|
|
|
|
DC713F7000
|
unkown
|
page read and write
|
|
|
|
7FF5DCBC2000
|
unkown
|
page readonly
|
|
|
|
DC716FF000
|
unkown
|
page read and write
|
|
|
|
7FF5BFD0B000
|
unkown
|
page readonly
|
|
|
|
162ADC13000
|
unkown
|
page read and write
|
|
|
|
231CC491000
|
unkown
|
page read and write
|
|
|
|
DC719FE000
|
unkown
|
page read and write
|
|
|
|
7FF5A02BA000
|
unkown
|
page readonly
|
|
|
|
7FF5BFBBA000
|
unkown
|
page readonly
|
|
|
|
231D19C0000
|
unkown
|
page read and write
|
|
|
|
7FF5A073C000
|
unkown
|
page readonly
|
|
|
|
231CCA60000
|
unkown
|
page readonly
|
|
|
|
231D1AD0000
|
unkown
|
page read and write
|
|
|
|
231CCBD0000
|
unkown
|
page readonly
|
|
|
|
162ADC3C000
|
unkown
|
page read and write
|
|
|
|
7FF5DCC67000
|
unkown
|
page readonly
|
|
|
|
231D1C3D000
|
unkown
|
page read and write
|
|
|
|
7FF5BFEA1000
|
unkown
|
page readonly
|
|
|
|
7FF5A0764000
|
unkown
|
page readonly
|
|
|
|
7FF5BFD8A000
|
unkown
|
page readonly
|
|
|
|
DC71A7F000
|
unkown
|
page read and write
|
|
|
|
231CC502000
|
unkown
|
page read and write
|
|
|
|
231D1C9E000
|
unkown
|
page read and write
|
|
|
|
7FF5DCCC1000
|
unkown
|
page readonly
|
|
|
|
162AE402000
|
unkown
|
page read and write
|
|
|
|
7FF55C65F000
|
unkown
|
page readonly
|
|
|
|
231CC413000
|
unkown
|
page read and write
|
|
|
|
CCE25FB000
|
unkown
|
page read and write
|
|
|
|
7FF5A07C1000
|
unkown
|
page readonly
|
|
|
|
1C028800000
|
unkown
|
page readonly
|
|
|
|
7FF55C6C8000
|
unkown
|
page readonly
|
|
|
|
7FF5BF43E000
|
unkown
|
page readonly
|
|
|
|
1C027E4D000
|
unkown
|
page read and write
|
|
|
|
7FF5A0767000
|
unkown
|
page readonly
|
|
|
|
1C027D90000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC55000
|
unkown
|
page readonly
|
|
|
|
162ADB20000
|
heap default
|
page read and write
|
|
|
|
7FF55C856000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF4D000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC64000
|
unkown
|
page readonly
|
|
|
|
20ABF5D0000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF56000
|
unkown
|
page readonly
|
|
|
|
7FF55C6E3000
|
unkown
|
page readonly
|
|
|
|
231D1A70000
|
unkown
|
page read and write
|
|
|
|
7FF5A0705000
|
unkown
|
page readonly
|
|
|
|
231D19A0000
|
unkown
|
page read and write
|
|
|
|
7FF5BFB21000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEF8000
|
unkown
|
page readonly
|
|
|
|
231CD800000
|
unkown
|
page read and write
|
|
|
|
231CC479000
|
unkown
|
page read and write
|
|
|
|
7FF55C7FA000
|
unkown
|
page readonly
|
|
|
|
DC7197E000
|
unkown
|
page read and write
|
|
|
|
231CC400000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF5C000
|
unkown
|
page readonly
|
|
|
|
CCE24F5000
|
unkown
|
page read and write
|
|
|
|
7FF5DCBC0000
|
unkown
|
page readonly
|
|
|
|
7FF55C07D000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF66000
|
unkown
|
page readonly
|
|
|
|
CCE287F000
|
unkown
|
page read and write
|
|
|
|
231D1C00000
|
unkown
|
page read and write
|
|
|
|
7FF5DCBD6000
|
unkown
|
page readonly
|
|
|
|
7FF5DCCBE000
|
unkown
|
page readonly
|
|
|
|
20ABF621000
|
unkown
|
page read and write
|
|
|
|
231CC49F000
|
unkown
|
page read and write
|
|
|
|
7FF5A05B8000
|
unkown
|
page readonly
|
|
|
|
1C027E86000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF1E000
|
unkown
|
page readonly
|
|
|
|
7FF5DCB01000
|
unkown
|
page readonly
|
|
|
|
231D1C4A000
|
unkown
|
page read and write
|
|
|
|
231CCBA0000
|
unkown
|
page readonly
|
|
|
|
7FF5A063C000
|
unkown
|
page readonly
|
|
|
|
231D19C1000
|
unkown
|
page read and write
|
|
|
|
162ADD13000
|
unkown
|
page read and write
|
|
|
|
7FF5BFFE9000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC05000
|
unkown
|
page readonly
|
|
|
|
7FF5BFDB0000
|
unkown
|
page readonly
|
|
|
|
7FF5DCBEA000
|
unkown
|
page readonly
|
|
|
|
7FF5BFD6F000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC3C000
|
unkown
|
page readonly
|
|
|
|
7FF5A06D6000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEC3000
|
unkown
|
page readonly
|
|
|
|
1C027E13000
|
unkown
|
page read and write
|
|
|
|
231CCBB0000
|
unkown
|
page readonly
|
|
|
|
231D1C62000
|
unkown
|
page read and write
|
|
|
|
231D1A88000
|
unkown
|
page write copy
|
|
|
|
6D37B7E000
|
unkown
|
page read and write
|
|
|
|
231D1BF0000
|
unkown
|
page read and write
|
|
|
|
7FF55C80E000
|
unkown
|
page readonly
|
|
|
|
231D1E20000
|
unkown
|
page readonly
|
|
|
|
7FF5BFBED000
|
unkown
|
page readonly
|
|
|
|
7FF5BFDA1000
|
unkown
|
page readonly
|
|
|
|
1C027E29000
|
unkown
|
page read and write
|
|
|
|
7FF5DC91C000
|
unkown
|
page readonly
|
|
|
|
231CCBC0000
|
unkown
|
page readonly
|
|
|
|
231D1AE0000
|
unkown
|
page read and write
|
|
|
|
231CD4C0000
|
unkown
|
page readonly
|
|
|
|
CCE209C000
|
unkown
|
page read and write
|
|
|
|
7FF5A070F000
|
unkown
|
page readonly
|
|
|
|
162ADD02000
|
unkown
|
page read and write
|
|
|
|
7FF55C52C000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC4C000
|
unkown
|
page readonly
|
|
|
|
231CC513000
|
unkown
|
page read and write
|
|
|
|
1C027F00000
|
unkown
|
page read and write
|
|
|
|
231CCD00000
|
unkown
|
page read and write
|
|
|
|
231D1A8C000
|
unkown
|
page readonly
|
|
|
|
7FF5A06C0000
|
unkown
|
page readonly
|
|
|
|
231CCD18000
|
unkown
|
page read and write
|
|
|
|
7FF5BFD8E000
|
unkown
|
page readonly
|
|
|
|
CCE297F000
|
unkown
|
page read and write
|
|
|
|
231D1B20000
|
unkown
|
page read and write
|
|
|
|
7FF5BFED8000
|
unkown
|
page readonly
|
|
|
|
231CCD59000
|
unkown
|
page read and write
|
|
|
|
20ABF600000
|
unkown
|
page read and write
|
|
|
|
6D37F7C000
|
unkown
|
page read and write
|
|
|
|
7FF5BFBFC000
|
unkown
|
page readonly
|
|
|
|
231D1C0D000
|
unkown
|
page read and write
|
|
|
|
1C027F02000
|
unkown
|
page read and write
|
|
|
|
6D3807E000
|
unkown
|
page read and write
|
|
|
|
7FF5DC7BA000
|
unkown
|
page readonly
|
|
|
|
7FF55C717000
|
unkown
|
page readonly
|
|
|
|
20ABF63C000
|
unkown
|
page read and write
|
|
|
|
1C027E52000
|
unkown
|
page read and write
|
|
|
|
231D1E00000
|
unkown
|
page readonly
|
|
|
|
20ABF400000
|
heap default
|
page read and write
|
|
|
|
20ABF670000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF51000
|
unkown
|
page readonly
|
|
|
|
231D1CB1000
|
unkown
|
page read and write
|
|
|
|
20ABF410000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEC7000
|
unkown
|
page readonly
|
|
|
|
231CD3E0000
|
unkown
|
page read and write
|
|
|
|
231D19D0000
|
unkown
|
page read and write
|
|
|
|
1C027E3C000
|
unkown
|
page read and write
|
|
|
|
7FF5A0746000
|
unkown
|
page readonly
|
|
|
|
20ABF64B000
|
unkown
|
page read and write
|
|
|
|
231CC458000
|
unkown
|
page read and write
|
|
|
|
7FF55C3D0000
|
unkown
|
page readonly
|
|
|
|
CCE219E000
|
unkown
|
page read and write
|
|
|
|
7FF5BFFE9000
|
unkown
|
page readonly
|
|
|
|
7FF55C846000
|
unkown
|
page readonly
|
|
|
|
231D1B20000
|
unkown
|
page readonly
|
|
|
|
7FF5DC46D000
|
unkown
|
page readonly
|
|
|
|
DC71CFF000
|
unkown
|
page read and write
|
|
|
|
7FF5A0719000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEE0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF2F000
|
unkown
|
page readonly
|
|
|
|
6D37A7B000
|
unkown
|
page read and write
|
|
|
|
231CC340000
|
heap default
|
page read and write
|
|
|
|
7FF5BF84E000
|
unkown
|
page readonly
|
|
|
|
7FF5BFFDE000
|
unkown
|
page readonly
|
|
|
|
7FF5A0607000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF80000
|
unkown
|
page readonly
|
|
|
|
7FF55C69E000
|
unkown
|
page readonly
|
|
|
|
7FF5A02D0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFF75000
|
unkown
|
page readonly
|
|
|
|
CCE2777000
|
unkown
|
page read and write
|
|
|
|
4E576FB000
|
unkown
|
page read and write
|
|
|
|
1C027DA0000
|
unkown
|
page readonly
|
|
|
|
7FF55C7D0000
|
unkown
|
page readonly
|
|
|
|
162ADE00000
|
unkown
|
page readonly
|
|
|
|
162ADC29000
|
unkown
|
page read and write
|
|
|
|
7FF55C874000
|
unkown
|
page readonly
|
|
|
|
7FF5BFE55000
|
unkown
|
page readonly
|
|
|
|
DC714FC000
|
unkown
|
page read and write
|
|
|
|
7FF5BFD1C000
|
unkown
|
page readonly
|
|
|
|
4E5777F000
|
unkown
|
page read and write
|
|
|
|
6D37E77000
|
unkown
|
page read and write
|
|
|
|
7FF55C84C000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEF6000
|
unkown
|
page readonly
|
|
|
|
4E57EFF000
|
unkown
|
page read and write
|
|
|
|
7FF5A05DD000
|
unkown
|
page readonly
|
|
|
|
1C027E6F000
|
unkown
|
page read and write
|
|
|
|
162AE270000
|
unkown
|
page readonly
|
|
|
|
231CC429000
|
unkown
|
page read and write
|
|
|
|
7FF5A059A000
|
unkown
|
page readonly
|
|
|
|
7FF5DCAB8000
|
unkown
|
page readonly
|
|
|
|
7FF5BFDA8000
|
unkown
|
page readonly
|
|
|
|
231D1A70000
|
unkown
|
page write copy
|
|
|
|
162ADC70000
|
unkown
|
page read and write
|
|
|
|
7FF5A06D8000
|
unkown
|
page readonly
|
|
|
|
7FF55C8D9000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC46000
|
unkown
|
page readonly
|
|
|
|
231D1810000
|
unkown
|
page read and write
|
|
|
|
231D1C2D000
|
unkown
|
page read and write
|
|
|
|
231CC360000
|
unkown
|
page readonly
|
|
|
|
231CCC15000
|
unkown
|
page read and write
|
|
|
|
1C027E00000
|
unkown
|
page read and write
|
|
|
|
CCE211E000
|
unkown
|
page read and write
|
|
|
|
231D1AA7000
|
unkown
|
page write copy
|
|
|
|
20ABFE00000
|
unkown
|
page readonly
|
|
|
|
DC70FDB000
|
unkown
|
page read and write
|
|
|
|
231D1880000
|
unkown
|
page read and write
|
|
|
|
20ABF4E0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFB7E000
|
unkown
|
page readonly
|
|
|
|
7FF5BFE97000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEE2000
|
unkown
|
page readonly
|
|
|
|
1C027DB0000
|
unkown
|
page read and write
|
|
|
|
4E57DFD000
|
unkown
|
page read and write
|
|
|
|
6D37AFF000
|
unkown
|
page read and write
|
|
|
|
7FF5BFF25000
|
unkown
|
page readonly
|
|
|
|
DC71DFD000
|
unkown
|
page read and write
|
|
|
|
7FF55C81F000
|
unkown
|
page readonly
|
|
|
|
162ADC8E000
|
unkown
|
page read and write
|
|
|
|
7FF5DCCC9000
|
unkown
|
page readonly
|
|
|
|
7FF5BFC1A000
|
unkown
|
page readonly
|
|
|
|
7FF55C74C000
|
unkown
|
page readonly
|
|
|
|
7FF5A07C9000
|
unkown
|
page readonly
|
|
|
|
7FF5A06C2000
|
unkown
|
page readonly
|
|
|
|
7FF55C870000
|
unkown
|
page readonly
|
|
|
|
7FF5A02C0000
|
unkown
|
page readonly
|
|
|
|
1C027F13000
|
unkown
|
page read and write
|
|
|
|
7FF5BFB77000
|
unkown
|
page readonly
|
|
|
|
7FF5BF849000
|
unkown
|
page readonly
|
|
|
|
6D3817F000
|
unkown
|
page read and write
|
|
|
|
7FF5BFB25000
|
unkown
|
page readonly
|
|
|
|
7FF5A04EA000
|
unkown
|
page readonly
|
|
|
|
7FF5BFEAB000
|
unkown
|
page readonly
|
|
|
|
7FF5A06D2000
|
unkown
|
page readonly
|
|
|
|
7FF55C8D1000
|
unkown
|
page readonly
|
|
|
|
DC712FE000
|
unkown
|
page read and write
|
|
|
|
20ABF613000
|
unkown
|
page read and write
|
|
|
|
231CC456000
|
unkown
|
page read and write
|
|
|
|
4E57AFC000
|
unkown
|
page read and write
|
|
|
|
7FF55C7E2000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC36000
|
unkown
|
page readonly
|
|
|
|
1C028460000
|
unkown
|
page readonly
|
|
|
|
7FF5BFCB0000
|
unkown
|
page readonly
|
|
|
|
7FF5BFBB8000
|
unkown
|
page readonly
|
|
|
|
20ABF3A0000
|
heap private
|
page read and write
|
|
|
|
7FF5DC9EA000
|
unkown
|
page readonly
|
|
|
|
20ABF688000
|
unkown
|
page read and write
|
|
|
|
7FF55C83D000
|
unkown
|
page readonly
|
|
|
|
7FF5A041C000
|
unkown
|
page readonly
|
|
|
|
7FF55C8D9000
|
unkown
|
page readonly
|
|
|
|
7FF5A07BE000
|
unkown
|
page readonly
|
|
|
|
231D19E4000
|
unkown
|
page read and write
|
|
|
|
7FF5BFC6C000
|
unkown
|
page readonly
|
|
|
|
231CCB90000
|
unkown
|
page readonly
|
|
|
|
231D1BE0000
|
unkown
|
page readonly
|
|
|
|
7FF5DC7D0000
|
unkown
|
page readonly
|
|
|
|
20ABF65E000
|
unkown
|
page read and write
|
|
|
|
7FF5DCB07000
|
unkown
|
page readonly
|
|
|
|
7FF55C877000
|
unkown
|
page readonly
|
|
|
|
231D1CA0000
|
unkown
|
page read and write
|
|
|
|
1C027E45000
|
unkown
|
page read and write
|
|
|
|
231D1AF0000
|
unkown
|
page read and write
|
|
|
|
20ABF713000
|
unkown
|
page read and write
|
|
|
|
20ABF629000
|
unkown
|
page read and write
|
|
|
|
1C027E50000
|
unkown
|
page read and write
|
|
|
|
231D19E0000
|
unkown
|
page read and write
|
|
|
|
7FF55C3E0000
|
unkown
|
page readonly
|
|
|
|
7FF5DCBFE000
|
unkown
|
page readonly
|
|
|
|
20ABF800000
|
unkown
|
page readonly
|
|
|
|
7FF5A072D000
|
unkown
|
page readonly
|
|
|
|
231D1B50000
|
unkown
|
page readonly
|
|
|
|
7FF5BFAF0000
|
unkown
|
page readonly
|
|
|
|
7FF5DCAD3000
|
unkown
|
page readonly
|
|
|
|
162AE600000
|
unkown
|
page readonly
|
|
|
|
231CD300000
|
unkown
|
page read and write
|
|
|
|
7FF55C8CE000
|
unkown
|
page readonly
|
|
|
|
7FF55C083000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC60000
|
unkown
|
page readonly
|
|
|
|
DC71BFF000
|
unkown
|
page read and write
|
|
|
|
1C028000000
|
unkown
|
page readonly
|
|
|
|
7FF5DCC19000
|
unkown
|
page readonly
|
|
|
|
231D1B40000
|
unkown
|
page readonly
|
|
|
|
231D1CB6000
|
unkown
|
page read and write
|
|
|
|
231D19AE000
|
unkown
|
page read and write
|
|
|
|
7FF5BFC97000
|
unkown
|
page readonly
|
|
|
|
162AE1A0000
|
unkown
|
page readonly
|
|
|
|
7FF5A05D3000
|
unkown
|
page readonly
|
|
|
|
7FF5BFECC000
|
unkown
|
page readonly
|
|
|
|
7FF5A0601000
|
unkown
|
page readonly
|
|
|
|
231CC48A000
|
unkown
|
page read and write
|
|
|
|
1C027CB0000
|
heap default
|
page read and write
|
|
|
|
1C027CC0000
|
unkown
|
page readonly
|
|
|
|
7FF55C865000
|
unkown
|
page readonly
|
|
|
|
7FF55C5FA000
|
unkown
|
page readonly
|
|
|
|
162ADC00000
|
unkown
|
page read and write
|
|
|
|
162ADC26000
|
unkown
|
page read and write
|
|
|
|
20ABF708000
|
unkown
|
page read and write
|
|
|
|
231D1B20000
|
unkown
|
page read and write
|
|
|
|
7FF5A0736000
|
unkown
|
page readonly
|
|
|
|
1C027F08000
|
unkown
|
page read and write
|
|
|
|
7FF5DCC0F000
|
unkown
|
page readonly
|
|
|
|
231D19D0000
|
unkown
|
page read and write
|
|
|
|
7FF5DCA4F000
|
unkown
|
page readonly
|
|
|
|
7FF5DC473000
|
unkown
|
page readonly
|
|
|
|
7FF5BF7CC000
|
unkown
|
page readonly
|
|
|
|
231D19A8000
|
unkown
|
page read and write
|
|
|
|
231D1B00000
|
unkown
|
page read and write
|
|
|
|
20ABF64F000
|
unkown
|
page read and write
|
|
|
|
231CCD18000
|
unkown
|
page read and write
|
|
|
|
7FF5DCBD2000
|
unkown
|
page readonly
|
|
|
|
7FF5DCB3C000
|
unkown
|
page readonly
|
|
|
|
4E57CF7000
|
unkown
|
page read and write
|
|
There are 393 hidden memdumps, click here to show them.