Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
https://securecloud-oauth.herokuapp.com/#abuse@herokuapp.com
|
URL
|
initial url
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61020 bytes, 1 file
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\407fdfc4-1dc6-4f55-b074-c140375b6c39.tmp
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\63591980-6a47-4d2b-9d91-eed9a394b096.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6e22357c-0abe-42d4-a674-9d1e2a882347.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\744d6a6a-6890-4d67-9f00-415cc091265a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c8611e7-9767-40b7-98fb-080600599041.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1ea9fa42-651e-49b6-b335-1db1c80c7013.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\242dc786-0d28-45fe-b300-d4e2a8f25d86.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\312eeaf0-24ad-4793-95eb-a649fef18b37.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3828018e-0f34-414e-bb05-b40c7d3a4ca5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\55c64302-ee12-4fc0-a399-d0f0e79ebf4e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7006c2c3-1605-4326-a86c-ee56ed483ca3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ea1a38d-5039-4f4d-8deb-0432d87f5240.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldn (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldp (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old.a (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old0 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.| (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs.. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old[, (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldre (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\17993abe-5598-4d60-9531-709b347999fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.oldes
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\97cd849e-c5e8-4760-9af5-2ae8b4d0d089.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old10
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.oldon
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldg (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce583fbf-fdef-483b-9b23-bf1a1df97648.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ebfbf43a-3189-4129-9dd0-1507bb8d5081.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statep (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheTM (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b003f20a-7c93-432d-9c7f-a4d519f7140b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\dfc71007-626a-4091-97bd-d008913953e8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f23fa813-03ff-44ef-90d2-e81fad78b980.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1a3ed445-18ce-4d78-b49b-06c128d9113b.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\909f2633-c6bd-4a25-bb7b-88ab5d210a12.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\9d9144d4-ff20-46a0-8dae-621959a2a40f.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\e57c7105-cca3-45a5-b804-0f0f6e76f5f0.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\9d9144d4-ff20-46a0-8dae-621959a2a40f.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_1895090893\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir1956_682701174\e57c7105-cca3-45a5-b804-0f0f6e76f5f0.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 195 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://securecloud-oauth.herokuapp.com/#abuse@herokuapp.com'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,12548367778192904546,1557536481882000717,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1740 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://securecloud-oauth.herokuapp.com/#abuse
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://outlookcloud.live/?amp=abuse
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://securecloud-oauth.herokuapp.com/
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://securecloud-oauth.herokuapp.com
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/downloads-lorry
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 13 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
216.58.205.77
|
|
|
|
securecloud-oauth.herokuapp.com
|
3.223.221.167
|
|
|
|
clients.l.google.com
|
216.58.208.174
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.208.129
|
|
|
|
outlookcloud.live
|
63.250.40.230
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
63.250.40.230
|
outlookcloud.live
|
United States
|
|
|
|
216.58.208.174
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
216.58.205.77
|
accounts.google.com
|
United States
|
|
|
|
3.223.221.167
|
securecloud-oauth.herokuapp.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
216.58.208.129
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B5A5213000
|
unkown
|
page read and write
|
|
|
|
2A5546AE000
|
unkown
|
page read and write
|
|
|
|
7FF57D177000
|
unkown
|
page readonly
|
|
|
|
1B5A6D50000
|
unkown
|
page readonly
|
|
|
|
1C7A0002000
|
unkown
|
page read and write
|
|
|
|
7FF51A666000
|
unkown
|
page readonly
|
|
|
|
2352FC58000
|
unkown
|
page read and write
|
|
|
|
1F1F5634000
|
unkown
|
page read and write
|
|
|
|
1C79F750000
|
unkown
|
page readonly
|
|
|
|
7FF52069A000
|
unkown
|
page readonly
|
|
|
|
2A550220000
|
unkown
|
page read and write
|
|
|
|
1F1F55E0000
|
unkown
|
page readonly
|
|
|
|
7FF5B74A1000
|
unkown
|
page readonly
|
|
|
|
1F0B2002000
|
unkown
|
page read and write
|
|
|
|
7FF545D62000
|
unkown
|
page readonly
|
|
|
|
FC3997F000
|
unkown
|
page read and write
|
|
|
|
AC3E4CB000
|
unkown
|
page read and write
|
|
|
|
2A5546B4000
|
unkown
|
page read and write
|
|
|
|
7FF5DD89C000
|
unkown
|
page readonly
|
|
|
|
FC398FB000
|
unkown
|
page read and write
|
|
|
|
1F1F5657000
|
unkown
|
page read and write
|
|
|
|
2A5546B2000
|
unkown
|
page read and write
|
|
|
|
2A5546D1000
|
unkown
|
page read and write
|
|
|
|
1F0B1F80000
|
heap private
|
page read and write
|
|
|
|
7FF57964C000
|
unkown
|
page readonly
|
|
|
|
1B5A5258000
|
unkown
|
page read and write
|
|
|
|
7FF58558D000
|
unkown
|
page readonly
|
|
|
|
7FF540BA1000
|
unkown
|
page readonly
|
|
|
|
7FF57958A000
|
unkown
|
page readonly
|
|
|
|
1B5A5400000
|
unkown
|
page readonly
|
|
|
|
7FF585536000
|
unkown
|
page readonly
|
|
|
|
7FF5B7876000
|
unkown
|
page readonly
|
|
|
|
6A1D1BC000
|
unkown
|
page read and write
|
|
|
|
2A5543E0000
|
unkown
|
page read and write
|
|
|
|
7FF521205000
|
unkown
|
page readonly
|
|
|
|
2A54F719000
|
unkown
|
page read and write
|
|
|
|
7FF5409BF000
|
unkown
|
page readonly
|
|
|
|
7FF540B42000
|
unkown
|
page readonly
|
|
|
|
1B5A54D0000
|
unkown
|
page readonly
|
|
|
|
7FF5855A6000
|
unkown
|
page readonly
|
|
|
|
FC39B7F000
|
unkown
|
page read and write
|
|
|
|
7FF5B74F7000
|
unkown
|
page readonly
|
|
|
|
50C03DE000
|
unkown
|
page read and write
|
|
|
|
7FF5211C9000
|
unkown
|
page readonly
|
|
|
|
2A554600000
|
unkown
|
page read and write
|
|
|
|
FC395FA000
|
unkown
|
page read and write
|
|
|
|
7FF5DD832000
|
unkown
|
page readonly
|
|
|
|
7FF5796D0000
|
unkown
|
page readonly
|
|
|
|
2A5543F0000
|
unkown
|
page read and write
|
|
|
|
1DFF3272000
|
unkown
|
page read and write
|
|
|
|
7FF579629000
|
unkown
|
page readonly
|
|
|
|
7FF57965C000
|
unkown
|
page readonly
|
|
|
|
2A5543C0000
|
unkown
|
page read and write
|
|
|
|
194BB540000
|
unkown
|
page readonly
|
|
|
|
2A54F702000
|
unkown
|
page read and write
|
|
|
|
2A554629000
|
unkown
|
page read and write
|
|
|
|
180D4E00000
|
unkown
|
page read and write
|
|
|
|
2A54F759000
|
unkown
|
page read and write
|
|
|
|
7FF520EDD000
|
unkown
|
page readonly
|
|
|
|
1F1F5E02000
|
unkown
|
page read and write
|
|
|
|
2A54EDA0000
|
unkown
|
page read and write
|
|
|
|
2352FE00000
|
unkown
|
page readonly
|
|
|
|
7FF5DD86F000
|
unkown
|
page readonly
|
|
|
|
7FF5B7721000
|
unkown
|
page readonly
|
|
|
|
1C79F660000
|
heap default
|
page read and write
|
|
|
|
7FF540B75000
|
unkown
|
page readonly
|
|
|
|
1C79F847000
|
unkown
|
page read and write
|
|
|
|
7FF57D230000
|
unkown
|
page readonly
|
|
|
|
7FF51A65D000
|
unkown
|
page readonly
|
|
|
|
7FF57D0BF000
|
unkown
|
page readonly
|
|
|
|
7FF57D2A6000
|
unkown
|
page readonly
|
|
|
|
194BA908000
|
unkown
|
page read and write
|
|
|
|
7FF5DD740000
|
unkown
|
page readonly
|
|
|
|
7FF585621000
|
unkown
|
page readonly
|
|
|
|
647147E000
|
unkown
|
page read and write
|
|
|
|
7FF540855000
|
unkown
|
page readonly
|
|
|
|
2A554230000
|
unkown
|
page read and write
|
|
|
|
2352FB80000
|
heap private
|
page read and write
|
|
|
|
2A96A7B000
|
unkown
|
page read and write
|
|
|
|
23530340000
|
unkown
|
page read and write
|
|
|
|
7FF5B7860000
|
unkown
|
page readonly
|
|
|
|
7FF5B76CE000
|
unkown
|
page readonly
|
|
|
|
7FF57D05A000
|
unkown
|
page readonly
|
|
|
|
7FF545296000
|
unkown
|
page readonly
|
|
|
|
1F0B1FF0000
|
unkown
|
page readonly
|
|
|
|
7FF545DA5000
|
unkown
|
page readonly
|
|
|
|
1C79F84E000
|
unkown
|
page read and write
|
|
|
|
7FF5B7862000
|
unkown
|
page readonly
|
|
|
|
2A554404000
|
unkown
|
page read and write
|
|
|
|
7FF51A676000
|
unkown
|
page readonly
|
|
|
|
C77F7FF000
|
unkown
|
page read and write
|
|
|
|
7FF57960E000
|
unkown
|
page readonly
|
|
|
|
5A0E1FF000
|
unkown
|
page read and write
|
|
|
|
7FF5B761E000
|
unkown
|
page readonly
|
|
|
|
7FF5B756D000
|
unkown
|
page readonly
|
|
|
|
2A5544C0000
|
unkown
|
page read and write
|
|
|
|
7FF58534A000
|
unkown
|
page readonly
|
|
|
|
2352FBE0000
|
heap default
|
page read and write
|
|
|
|
7FF57D27F000
|
unkown
|
page readonly
|
|
|
|
7FF521217000
|
unkown
|
page readonly
|
|
|
|
2A5544D0000
|
unkown
|
page read and write
|
|
|
|
7FF521105000
|
unkown
|
page readonly
|
|
|
|
2A5546CC000
|
unkown
|
page read and write
|
|
|
|
7FF521279000
|
unkown
|
page readonly
|
|
|
|
7FF5B7969000
|
unkown
|
page readonly
|
|
|
|
FC39FFE000
|
unkown
|
page read and write
|
|
|
|
1DFF3130000
|
unkown
|
page readonly
|
|
|
|
2A96D7D000
|
unkown
|
page read and write
|
|
|
|
7FF5B74FE000
|
unkown
|
page readonly
|
|
|
|
1F0B2660000
|
unkown
|
page readonly
|
|
|
|
C77F6F7000
|
unkown
|
page read and write
|
|
|
|
7FF57963D000
|
unkown
|
page readonly
|
|
|
|
E807FFE000
|
unkown
|
page read and write
|
|
|
|
7FF5DD7FA000
|
unkown
|
page readonly
|
|
|
|
7FF5B6DAB000
|
unkown
|
page readonly
|
|
|
|
7FF57D339000
|
unkown
|
page readonly
|
|
|
|
7FF545E5E000
|
unkown
|
page readonly
|
|
|
|
5A0E0FE000
|
unkown
|
page read and write
|
|
|
|
AC3EA7F000
|
unkown
|
page read and write
|
|
|
|
23530370000
|
unkown
|
page read and write
|
|
|
|
7FF5DD84A000
|
unkown
|
page readonly
|
|
|
|
7FF579677000
|
unkown
|
page readonly
|
|
|
|
7FF5DD879000
|
unkown
|
page readonly
|
|
|
|
194BA770000
|
unkown
|
page readonly
|
|
|
|
7FF585629000
|
unkown
|
page readonly
|
|
|
|
7FF545D72000
|
unkown
|
page readonly
|
|
|
|
C77F0FB000
|
unkown
|
page read and write
|
|
|
|
2A554510000
|
unkown
|
page read and write
|
|
|
|
2A554520000
|
unkown
|
page read and write
|
|
|
|
1DFF37C0000
|
unkown
|
page readonly
|
|
|
|
7FF521164000
|
unkown
|
page readonly
|
|
|
|
2352FC29000
|
unkown
|
page read and write
|
|
|
|
1F0B2113000
|
unkown
|
page read and write
|
|
|
|
2A965FE000
|
unkown
|
page read and write
|
|
|
|
7FF5B75EC000
|
unkown
|
page readonly
|
|
|
|
5A0E4FE000
|
unkown
|
page read and write
|
|
|
|
7FF57D29D000
|
unkown
|
page readonly
|
|
|
|
1F0B2013000
|
unkown
|
page read and write
|
|
|
|
2A5546E1000
|
unkown
|
page read and write
|
|
|
|
1B5A5180000
|
heap default
|
page read and write
|
|
|
|
2A54F759000
|
unkown
|
page read and write
|
|
|
|
7FF57D2D0000
|
unkown
|
page readonly
|
|
|
|
7FF57961F000
|
unkown
|
page readonly
|
|
|
|
194BA913000
|
unkown
|
page read and write
|
|
|
|
7FF5B782B000
|
unkown
|
page readonly
|
|
|
|
1F0B203F000
|
unkown
|
page read and write
|
|
|
|
1DFF3802000
|
unkown
|
page read and write
|
|
|
|
1B5A51A0000
|
unkown
|
page readonly
|
|
|
|
7FF5B789E000
|
unkown
|
page readonly
|
|
|
|
7FF5DD55E000
|
unkown
|
page readonly
|
|
|
|
7FF57930E000
|
unkown
|
page readonly
|
|
|
|
7FF521271000
|
unkown
|
page readonly
|
|
|
|
7FF5853EE000
|
unkown
|
page readonly
|
|
|
|
7FF545B30000
|
unkown
|
page readonly
|
|
|
|
E8083FF000
|
unkown
|
page read and write
|
|
|
|
AC3F07E000
|
unkown
|
page read and write
|
|
|
|
7FF579641000
|
unkown
|
page readonly
|
|
|
|
1C79F88C000
|
unkown
|
page read and write
|
|
|
|
2A554610000
|
unkown
|
page read and write
|
|
|
|
7FF5DD6EB000
|
unkown
|
page readonly
|
|
|
|
2A554510000
|
unkown
|
page read and write
|
|
|
|
2A5546DF000
|
unkown
|
page read and write
|
|
|
|
7FF5211AE000
|
unkown
|
page readonly
|
|
|
|
7FF540BD7000
|
unkown
|
page readonly
|
|
|
|
7FF5B7907000
|
unkown
|
page readonly
|
|
|
|
7FF540B89000
|
unkown
|
page readonly
|
|
|
|
2A554850000
|
unkown
|
page write copy
|
|
|
|
7FF520F40000
|
unkown
|
page readonly
|
|
|
|
7FF57D339000
|
unkown
|
page readonly
|
|
|
|
1F1F5510000
|
unkown
|
page readonly
|
|
|
|
E807E7B000
|
unkown
|
page read and write
|
|
|
|
1B5A5249000
|
unkown
|
page read and write
|
|
|
|
7FF521168000
|
unkown
|
page readonly
|
|
|
|
2A54F0D0000
|
unkown
|
page readonly
|
|
|
|
194BA700000
|
heap private
|
page read and write
|
|
|
|
7FF5206B9000
|
unkown
|
page readonly
|
|
|
|
1F1F5655000
|
unkown
|
page read and write
|
|
|
|
1DFF3213000
|
unkown
|
page read and write
|
|
|
|
2A554550000
|
unkown
|
page readonly
|
|
|
|
7FF5DD8C4000
|
unkown
|
page readonly
|
|
|
|
1DFF323F000
|
unkown
|
page read and write
|
|
|
|
2352FC40000
|
unkown
|
page read and write
|
|
|
|
7FF5B7904000
|
unkown
|
page readonly
|
|
|
|
7FF540B30000
|
unkown
|
page readonly
|
|
|
|
7FF540B9D000
|
unkown
|
page readonly
|
|
|
|
2A554820000
|
unkown
|
page readonly
|
|
|
|
2A54ED80000
|
unkown
|
page readonly
|
|
|
|
7FF545D60000
|
unkown
|
page readonly
|
|
|
|
180D5700000
|
unkown
|
page read and write
|
|
|
|
2A5546CE000
|
unkown
|
page read and write
|
|
|
|
1F1F5651000
|
unkown
|
page read and write
|
|
|
|
1F1F5646000
|
unkown
|
page read and write
|
|
|
|
2A554400000
|
unkown
|
page read and write
|
|
|
|
1C79F740000
|
unkown
|
page readonly
|
|
|
|
7FF545D9E000
|
unkown
|
page readonly
|
|
|
|
2A54F901000
|
unkown
|
page read and write
|
|
|
|
7FF5B78EC000
|
unkown
|
page readonly
|
|
|
|
1F1F5630000
|
unkown
|
page read and write
|
|
|
|
7FF57D2D7000
|
unkown
|
page readonly
|
|
|
|
180D4C90000
|
heap private
|
page read and write
|
|
|
|
7FF5DD8A6000
|
unkown
|
page readonly
|
|
|
|
7FF5792A8000
|
unkown
|
page readonly
|
|
|
|
180D4E13000
|
unkown
|
page read and write
|
|
|
|
2A554550000
|
unkown
|
page read and write
|
|
|
|
FC39A7F000
|
unkown
|
page read and write
|
|
|
|
7FF58549C000
|
unkown
|
page readonly
|
|
|
|
7FF57D2AC000
|
unkown
|
page readonly
|
|
|
|
23530260000
|
unkown
|
page readonly
|
|
|
|
1DFF3202000
|
unkown
|
page read and write
|
|
|
|
23530370000
|
unkown
|
page read and write
|
|
|
|
FC39DFA000
|
unkown
|
page read and write
|
|
|
|
2A5546E2000
|
unkown
|
page read and write
|
|
|
|
7FF57D32E000
|
unkown
|
page readonly
|
|
|
|
FC399FF000
|
unkown
|
page read and write
|
|
|
|
7FF5B7728000
|
unkown
|
page readonly
|
|
|
|
2A54F5B0000
|
unkown
|
page readonly
|
|
|
|
180D4ECD000
|
unkown
|
page read and write
|
|
|
|
7FF5DD7A7000
|
unkown
|
page readonly
|
|
|
|
7FF584A76000
|
unkown
|
page readonly
|
|
|
|
2A54F615000
|
unkown
|
page read and write
|
|
|
|
180D5390000
|
unkown
|
page readonly
|
|
|
|
1F1F563C000
|
unkown
|
page read and write
|
|
|
|
2A5546E0000
|
unkown
|
page read and write
|
|
|
|
7FF5DD80C000
|
unkown
|
page readonly
|
|
|
|
2A54EF13000
|
unkown
|
page read and write
|
|
|
|
1B5A51D0000
|
unkown
|
page read and write
|
|
|
|
7FF545A38000
|
unkown
|
page readonly
|
|
|
|
1B5A5860000
|
unkown
|
page readonly
|
|
|
|
7FF5DD822000
|
unkown
|
page readonly
|
|
|
|
180D4DD0000
|
unkown
|
page readonly
|
|
|
|
180D5732000
|
unkown
|
page read and write
|
|
|
|
1F1F5648000
|
unkown
|
page read and write
|
|
|
|
1F1F5500000
|
heap default
|
page read and write
|
|
|
|
1F1F5600000
|
unkown
|
page read and write
|
|
|
|
7FF5B7872000
|
unkown
|
page readonly
|
|
|
|
7FF5855C7000
|
unkown
|
page readonly
|
|
|
|
7FF545CF5000
|
unkown
|
page readonly
|
|
|
|
7FF5DD6C8000
|
unkown
|
page readonly
|
|
|
|
50C06F5000
|
unkown
|
page read and write
|
|
|
|
1C79F600000
|
heap private
|
page read and write
|
|
|
|
7FF5211F6000
|
unkown
|
page readonly
|
|
|
|
1F1F566E000
|
unkown
|
page read and write
|
|
|
|
1C79F84B000
|
unkown
|
page read and write
|
|
|
|
2A54F75A000
|
unkown
|
page read and write
|
|
|
|
194BA780000
|
unkown
|
page readonly
|
|
|
|
2A554499000
|
unkown
|
page write copy
|
|
|
|
7FF57D2BC000
|
unkown
|
page readonly
|
|
|
|
7FF5DD838000
|
unkown
|
page readonly
|
|
|
|
1B5A5202000
|
unkown
|
page read and write
|
|
|
|
2A54F460000
|
unkown
|
page readonly
|
|
|
|
7FF585418000
|
unkown
|
page readonly
|
|
|
|
1F0B2000000
|
unkown
|
page read and write
|
|
|
|
5A0DEFE000
|
unkown
|
page read and write
|
|
|
|
50C035E000
|
unkown
|
page read and write
|
|
|
|
7FF57D171000
|
unkown
|
page readonly
|
|
|
|
FC3927C000
|
unkown
|
page read and write
|
|
|
|
7FF5DD818000
|
unkown
|
page readonly
|
|
|
|
1F1F5613000
|
unkown
|
page read and write
|
|
|
|
7FF545DEC000
|
unkown
|
page readonly
|
|
|
|
7FF5206AC000
|
unkown
|
page readonly
|
|
|
|
1B5A5120000
|
heap private
|
page read and write
|
|
|
|
7FF545C39000
|
unkown
|
page readonly
|
|
|
|
1F1F5678000
|
unkown
|
page read and write
|
|
|
|
7FF540C39000
|
unkown
|
page readonly
|
|
|
|
7FF5B6DA8000
|
unkown
|
page readonly
|
|
|
|
7FF5407F3000
|
unkown
|
page readonly
|
|
|
|
7FF5DD8C0000
|
unkown
|
page readonly
|
|
|
|
7FF57D10A000
|
unkown
|
page readonly
|
|
|
|
1C79F913000
|
unkown
|
page read and write
|
|
|
|
7FF5211FC000
|
unkown
|
page readonly
|
|
|
|
1DFF3302000
|
unkown
|
page read and write
|
|
|
|
7FF57D289000
|
unkown
|
page readonly
|
|
|
|
7FF5DD502000
|
unkown
|
page readonly
|
|
|
|
2A9657C000
|
unkown
|
page read and write
|
|
|
|
7FF58511A000
|
unkown
|
page readonly
|
|
|
|
1F0B2056000
|
unkown
|
page read and write
|
|
|
|
2A5543E4000
|
unkown
|
page read and write
|
|
|
|
7FF5B7625000
|
unkown
|
page readonly
|
|
|
|
2A5544A4000
|
unkown
|
page readonly
|
|
|
|
2A54F590000
|
unkown
|
page readonly
|
|
|
|
1C79F870000
|
unkown
|
page read and write
|
|
|
|
2A5546C1000
|
unkown
|
page read and write
|
|
|
|
1F1F562D000
|
unkown
|
page read and write
|
|
|
|
C77F4F5000
|
unkown
|
page read and write
|
|
|
|
7FF585520000
|
unkown
|
page readonly
|
|
|
|
7FF5B76EF000
|
unkown
|
page readonly
|
|
|
|
2A9677F000
|
unkown
|
page read and write
|
|
|
|
7FF5DD8B5000
|
unkown
|
page readonly
|
|
|
|
7FF579656000
|
unkown
|
page readonly
|
|
|
|
7FF5DD91E000
|
unkown
|
page readonly
|
|
|
|
2352FC02000
|
unkown
|
page read and write
|
|
|
|
2A5546BC000
|
unkown
|
page read and write
|
|
|
|
2A554655000
|
unkown
|
page read and write
|
|
|
|
180D4F02000
|
unkown
|
page read and write
|
|
|
|
1C79F849000
|
unkown
|
page read and write
|
|
|
|
7FF545DD6000
|
unkown
|
page readonly
|
|
|
|
6470D3E000
|
unkown
|
page read and write
|
|
|
|
2A5543C1000
|
unkown
|
page read and write
|
|
|
|
E807EFE000
|
unkown
|
page read and write
|
|
|
|
7FF519B15000
|
unkown
|
page readonly
|
|
|
|
7FF5B7900000
|
unkown
|
page readonly
|
|
|
|
7FF51A635000
|
unkown
|
page readonly
|
|
|
|
7FF57CE40000
|
unkown
|
page readonly
|
|
|
|
7FF5DD6AF000
|
unkown
|
page readonly
|
|
|
|
7FF545D58000
|
unkown
|
page readonly
|
|
|
|
7FF540804000
|
unkown
|
page readonly
|
|
|
|
5A0E2FC000
|
unkown
|
page read and write
|
|
|
|
FC39CF9000
|
unkown
|
page read and write
|
|
|
|
7FF5DD896000
|
unkown
|
page readonly
|
|
|
|
7FF51A6F9000
|
unkown
|
page readonly
|
|
|
|
1F1F566C000
|
unkown
|
page read and write
|
|
|
|
194BA829000
|
unkown
|
page read and write
|
|
|
|
7FF5B7837000
|
unkown
|
page readonly
|
|
|
|
7FF57CE2A000
|
unkown
|
page readonly
|
|
|
|
7FF540C39000
|
unkown
|
page readonly
|
|
|
|
1F1F5642000
|
unkown
|
page read and write
|
|
|
|
7FF521188000
|
unkown
|
page readonly
|
|
|
|
7FF520FA3000
|
unkown
|
page readonly
|
|
|
|
7FF5B7801000
|
unkown
|
page readonly
|
|
|
|
7FF5DD68E000
|
unkown
|
page readonly
|
|
|
|
2A54EF02000
|
unkown
|
page read and write
|
|
|
|
7FF5B7470000
|
unkown
|
page readonly
|
|
|
|
7FF5795D2000
|
unkown
|
page readonly
|
|
|
|
2A554490000
|
unkown
|
page read and write
|
|
|
|
7FF540B48000
|
unkown
|
page readonly
|
|
|
|
7FF57D2C5000
|
unkown
|
page readonly
|
|
|
|
194BA850000
|
unkown
|
page read and write
|
|
|
|
7FF57D232000
|
unkown
|
page readonly
|
|
|
|
7FF51A5F0000
|
unkown
|
page readonly
|
|
|
|
2A55485C000
|
unkown
|
page readonly
|
|
|
|
7FF5DD4FF000
|
unkown
|
page readonly
|
|
|
|
7FF5B788A000
|
unkown
|
page readonly
|
|
|
|
FC397FF000
|
unkown
|
page read and write
|
|
|
|
7FF545DCD000
|
unkown
|
page readonly
|
|
|
|
7FF545D3A000
|
unkown
|
page readonly
|
|
|
|
2A554500000
|
unkown
|
page read and write
|
|
|
|
194BA883000
|
unkown
|
page read and write
|
|
|
|
2A55461B000
|
unkown
|
page read and write
|
|
|
|
5A0E9FE000
|
unkown
|
page read and write
|
|
|
|
7FF5B7847000
|
unkown
|
page readonly
|
|
|
|
7FF545E69000
|
unkown
|
page readonly
|
|
|
|
7FF5795C8000
|
unkown
|
page readonly
|
|
|
|
1C79F82A000
|
unkown
|
page read and write
|
|
|
|
7FF57D331000
|
unkown
|
page readonly
|
|
|
|
194BA83C000
|
unkown
|
page read and write
|
|
|
|
1B5A6E02000
|
unkown
|
page read and write
|
|
|
|
7FF521170000
|
unkown
|
page readonly
|
|
|
|
7FF5796CE000
|
unkown
|
page readonly
|
|
|
|
7FF51A61A000
|
unkown
|
page readonly
|
|
|
|
7FF5211EC000
|
unkown
|
page readonly
|
|
|
|
7FF51A697000
|
unkown
|
page readonly
|
|
|
|
7FF51A47F000
|
unkown
|
page readonly
|
|
|
|
7FF5DD492000
|
unkown
|
page readonly
|
|
|
|
7FF545C28000
|
unkown
|
page readonly
|
|
|
|
7FF57D1AC000
|
unkown
|
page readonly
|
|
|
|
194BA853000
|
unkown
|
page read and write
|
|
|
|
7FF5B753A000
|
unkown
|
page readonly
|
|
|
|
2A54EE00000
|
unkown
|
page read and write
|
|
|
|
2A54F602000
|
unkown
|
page read and write
|
|
|
|
1B5A5190000
|
unkown
|
page readonly
|
|
|
|
2A5546CB000
|
unkown
|
page read and write
|
|
|
|
E80827E000
|
unkown
|
page read and write
|
|
|
|
7FF58554A000
|
unkown
|
page readonly
|
|
|
|
2A54FD00000
|
unkown
|
page read and write
|
|
|
|
7FF5796D9000
|
unkown
|
page readonly
|
|
|
|
1F1F5676000
|
unkown
|
page read and write
|
|
|
|
2A54FEC0000
|
unkown
|
page readonly
|
|
|
|
7FF51A606000
|
unkown
|
page readonly
|
|
|
|
7FF540C31000
|
unkown
|
page readonly
|
|
|
|
7FF545DE6000
|
unkown
|
page readonly
|
|
|
|
7FF51A685000
|
unkown
|
page readonly
|
|
|
|
2A5543C0000
|
unkown
|
page read and write
|
|
|
|
2A554814000
|
unkown
|
page read and write
|
|
|
|
1F1F5661000
|
unkown
|
page read and write
|
|
|
|
7FF579215000
|
unkown
|
page readonly
|
|
|
|
7FF5B78B9000
|
unkown
|
page readonly
|
|
|
|
7FF52126E000
|
unkown
|
page readonly
|
|
|
|
2A54EE56000
|
unkown
|
page read and write
|
|
|
|
1F0B1FE0000
|
heap default
|
page read and write
|
|
|
|
1B5A5249000
|
unkown
|
page read and write
|
|
|
|
1B5A5313000
|
unkown
|
page read and write
|
|
|
|
6470DBE000
|
unkown
|
page read and write
|
|
|
|
2A54EE8D000
|
unkown
|
page read and write
|
|
|
|
2A5544A0000
|
unkown
|
page read and write
|
|
|
|
7FF5DD7B5000
|
unkown
|
page readonly
|
|
|
|
7FF5B74E0000
|
unkown
|
page readonly
|
|
|
|
2A554270000
|
unkown
|
page readonly
|
|
|
|
AC3EF7E000
|
unkown
|
page read and write
|
|
|
|
7DFC09F51000
|
unkown
|
page readonly
|
|
|
|
2352FED0000
|
unkown
|
page readonly
|
|
|
|
1F1F5667000
|
unkown
|
page read and write
|
|
|
|
AC3E54E000
|
unkown
|
page read and write
|
|
|
|
7FF5B770E000
|
unkown
|
page readonly
|
|
|
|
1F1F5640000
|
unkown
|
page read and write
|
|
|
|
1F1F5660000
|
unkown
|
page read and write
|
|
|
|
2A54EE26000
|
unkown
|
page read and write
|
|
|
|
2A54ED00000
|
heap private
|
page read and write
|
|
|
|
50C0B7E000
|
unkown
|
page read and write
|
|
|
|
1DFF3255000
|
unkown
|
page read and write
|
|
|
|
7FF520DB1000
|
unkown
|
page readonly
|
|
|
|
7FF521018000
|
unkown
|
page readonly
|
|
|
|
FC39477000
|
unkown
|
page read and write
|
|
|
|
7FF585579000
|
unkown
|
page readonly
|
|
|
|
1DFF3050000
|
unkown
|
page readonly
|
|
|
|
7FF5DD8AC000
|
unkown
|
page readonly
|
|
|
|
194BA85C000
|
unkown
|
page read and write
|
|
|
|
7FF579577000
|
unkown
|
page readonly
|
|
|
|
7FF57D246000
|
unkown
|
page readonly
|
|
|
|
1B5A5259000
|
unkown
|
page read and write
|
|
|
|
194BA902000
|
unkown
|
page read and write
|
|
|
|
7FF540B6E000
|
unkown
|
page readonly
|
|
|
|
1F1F566A000
|
unkown
|
page read and write
|
|
|
|
7FF57D2B6000
|
unkown
|
page readonly
|
|
|
|
2A554662000
|
unkown
|
page read and write
|
|
|
|
1C79F902000
|
unkown
|
page read and write
|
|
|
|
2A54ED70000
|
unkown
|
page readonly
|
|
|
|
2A54EEF9000
|
unkown
|
page read and write
|
|
|
|
7FF57D25A000
|
unkown
|
page readonly
|
|
|
|
2A54F719000
|
unkown
|
page read and write
|
|
|
|
1F1F562F000
|
unkown
|
page read and write
|
|
|
|
1B5A5248000
|
unkown
|
page read and write
|
|
|
|
1DFF3120000
|
unkown
|
page readonly
|
|
|
|
1F1F564D000
|
unkown
|
page read and write
|
|
|
|
1F1F5C60000
|
unkown
|
page read and write
|
|
|
|
1C79F900000
|
unkown
|
page read and write
|
|
|
|
1DFF2FE0000
|
heap private
|
page read and write
|
|
|
|
2A554560000
|
unkown
|
page readonly
|
|
|
|
1F1F565F000
|
unkown
|
page read and write
|
|
|
|
7FF5DD820000
|
unkown
|
page readonly
|
|
|
|
2352FD02000
|
unkown
|
page read and write
|
|
|
|
7FF545D4C000
|
unkown
|
page readonly
|
|
|
|
2A54F713000
|
unkown
|
page read and write
|
|
|
|
1C79F813000
|
unkown
|
page read and write
|
|
|
|
2A5542B0000
|
unkown
|
page read and write
|
|
|
|
194BA870000
|
unkown
|
page read and write
|
|
|
|
23530600000
|
unkown
|
page read and write
|
|
|
|
1B5A6D30000
|
unkown
|
page read and write
|
|
|
|
7FF579591000
|
unkown
|
page readonly
|
|
|
|
7FF54009F000
|
unkown
|
page readonly
|
|
|
|
23530370000
|
unkown
|
page read and write
|
|
|
|
2A9687F000
|
unkown
|
page read and write
|
|
|
|
2A54EE73000
|
unkown
|
page read and write
|
|
|
|
E8080FE000
|
unkown
|
page read and write
|
|
|
|
2A96C7F000
|
unkown
|
page read and write
|
|
|
|
7FF5B7730000
|
unkown
|
page readonly
|
|
|
|
6A1D4FE000
|
unkown
|
page read and write
|
|
|
|
7FF520DB5000
|
unkown
|
page readonly
|
|
|
|
7FF5B719F000
|
unkown
|
page readonly
|
|
|
|
7FF51A6F9000
|
unkown
|
page readonly
|
|
|
|
6A1D97F000
|
unkown
|
page read and write
|
|
|
|
180D4F13000
|
unkown
|
page read and write
|
|
|
|
7FF519F2C000
|
unkown
|
page readonly
|
|
|
|
180D4DF0000
|
unkown
|
page read and write
|
|
|
|
1F1F5656000
|
unkown
|
page read and write
|
|
|
|
1F1F567C000
|
unkown
|
page read and write
|
|
|
|
2352FC00000
|
unkown
|
page read and write
|
|
|
|
1F1F5675000
|
unkown
|
page read and write
|
|
|
|
5A0E07B000
|
unkown
|
page read and write
|
|
|
|
7FF51A63F000
|
unkown
|
page readonly
|
|
|
|
2A54EE13000
|
unkown
|
page read and write
|
|
|
|
5A0EAFF000
|
unkown
|
page read and write
|
|
|
|
1F1F5659000
|
unkown
|
page read and write
|
|
|
|
1B5A5302000
|
unkown
|
page read and write
|
|
|
|
23530330000
|
unkown
|
page readonly
|
|
|
|
1C79F890000
|
unkown
|
page read and write
|
|
|
|
7FF585433000
|
unkown
|
page readonly
|
|
|
|
180D5602000
|
unkown
|
page read and write
|
|
|
|
1F1F567F000
|
unkown
|
page read and write
|
|
|
|
7FF540BB6000
|
unkown
|
page readonly
|
|
|
|
7FF5795E8000
|
unkown
|
page readonly
|
|
|
|
7FF5B7858000
|
unkown
|
page readonly
|
|
|
|
2A54EE71000
|
unkown
|
page read and write
|
|
|
|
5A0E3FF000
|
unkown
|
page read and write
|
|
|
|
2A5546B0000
|
unkown
|
page read and write
|
|
|
|
2A5543C8000
|
unkown
|
page read and write
|
|
|
|
7FF520FFF000
|
unkown
|
page readonly
|
|
|
|
50C087B000
|
unkown
|
page read and write
|
|
|
|
194BA849000
|
unkown
|
page read and write
|
|
|
|
1DFF3279000
|
unkown
|
page read and write
|
|
|
|
E80837D000
|
unkown
|
page read and write
|
|
|
|
1F0B2730000
|
unkown
|
page readonly
|
|
|
|
1C79F908000
|
unkown
|
page read and write
|
|
|
|
7FF57C786000
|
unkown
|
page readonly
|
|
|
|
7FF545C08000
|
unkown
|
page readonly
|
|
|
|
7FF5B757C000
|
unkown
|
page readonly
|
|
|
|
2A54F5F0000
|
unkown
|
page read and write
|
|
|
|
1F0B2802000
|
unkown
|
page read and write
|
|
|
|
7FF5B78D6000
|
unkown
|
page readonly
|
|
|
|
7FF51A66C000
|
unkown
|
page readonly
|
|
|
|
C77F1FD000
|
unkown
|
page read and write
|
|
|
|
2A554220000
|
unkown
|
page read and write
|
|
|
|
7FF521087000
|
unkown
|
page readonly
|
|
|
|
7FF5211DD000
|
unkown
|
page readonly
|
|
|
|
6470CBC000
|
unkown
|
page read and write
|
|
|
|
C77F5FB000
|
unkown
|
page read and write
|
|
|
|
50C077E000
|
unkown
|
page read and write
|
|
|
|
7FF57D248000
|
unkown
|
page readonly
|
|
|
|
2A5546B3000
|
unkown
|
page read and write
|
|
|
|
7FF579587000
|
unkown
|
page readonly
|
|
|
|
7FF57D2D4000
|
unkown
|
page readonly
|
|
|
|
FC392FD000
|
unkown
|
page read and write
|
|
|
|
1B5A528A000
|
unkown
|
page read and write
|
|
|
|
1F1F567B000
|
unkown
|
page read and write
|
|
|
|
7FF5851FA000
|
unkown
|
page readonly
|
|
|
|
7FF5B770A000
|
unkown
|
page readonly
|
|
|
|
7FF579211000
|
unkown
|
page readonly
|
|
|
|
7FF5795E6000
|
unkown
|
page readonly
|
|
|
|
FC396FB000
|
unkown
|
page read and write
|
|
|
|
7FF5B77E7000
|
unkown
|
page readonly
|
|
|
|
180D4EE6000
|
unkown
|
page read and write
|
|
|
|
194BAA00000
|
unkown
|
page readonly
|
|
|
|
1C79F760000
|
unkown
|
page read and write
|
|
|
|
180D4E6D000
|
unkown
|
page read and write
|
|
|
|
7FF57D0FE000
|
unkown
|
page readonly
|
|
|
|
7FF5DD865000
|
unkown
|
page readonly
|
|
|
|
7FF545E61000
|
unkown
|
page readonly
|
|
|
|
7FF521186000
|
unkown
|
page readonly
|
|
|
|
7FF57D143000
|
unkown
|
page readonly
|
|
|
|
194BA85C000
|
unkown
|
page read and write
|
|
|
|
7FF5DD929000
|
unkown
|
page readonly
|
|
|
|
180D4D00000
|
unkown
|
page readonly
|
|
|
|
2A5546CB000
|
unkown
|
page read and write
|
|
|
|
7FF545E00000
|
unkown
|
page readonly
|
|
|
|
7FF5DD88D000
|
unkown
|
page readonly
|
|
|
|
1DFF3200000
|
unkown
|
page read and write
|
|
|
|
7FF57D26E000
|
unkown
|
page readonly
|
|
|
|
180D5800000
|
unkown
|
page readonly
|
|
|
|
1B5A6D30000
|
unkown
|
page read and write
|
|
|
|
7FF540AFB000
|
unkown
|
page readonly
|
|
|
|
7FF5795D0000
|
unkown
|
page readonly
|
|
|
|
2A5542A0000
|
unkown
|
page read and write
|
|
|
|
194BB002000
|
unkown
|
page read and write
|
|
|
|
7FF579407000
|
unkown
|
page readonly
|
|
|
|
1C79FA00000
|
unkown
|
page readonly
|
|
|
|
1F1F55F0000
|
unkown
|
page readonly
|
|
|
|
AC3E97D000
|
unkown
|
page read and write
|
|
|
|
7FF579665000
|
unkown
|
page readonly
|
|
|
|
7FF5B795E000
|
unkown
|
page readonly
|
|
|
|
FC394FE000
|
unkown
|
page read and write
|
|
|
|
1B5A5318000
|
unkown
|
page read and write
|
|
|
|
7FF540BD4000
|
unkown
|
page readonly
|
|
|
|
7FF5B7878000
|
unkown
|
page readonly
|
|
|
|
5A0E6FF000
|
unkown
|
page read and write
|
|
|
|
7FF5B7817000
|
unkown
|
page readonly
|
|
|
|
E80817E000
|
unkown
|
page read and write
|
|
|
|
1F1F5685000
|
unkown
|
page read and write
|
|
|
|
7FF579674000
|
unkown
|
page readonly
|
|
|
|
7FF579615000
|
unkown
|
page readonly
|
|
|
|
647127B000
|
unkown
|
page read and write
|
|
|
|
2A54F700000
|
unkown
|
page read and write
|
|
|
|
2A54FC00000
|
unkown
|
page read and write
|
|
|
|
7FF5B7739000
|
unkown
|
page readonly
|
|
|
|
7FF5B78DC000
|
unkown
|
page readonly
|
|
|
|
7FF5B78CD000
|
unkown
|
page readonly
|
|
|
|
7FF5B76A8000
|
unkown
|
page readonly
|
|
|
|
2A54EE88000
|
unkown
|
page read and write
|
|
|
|
7FF545DB9000
|
unkown
|
page readonly
|
|
|
|
7FF579440000
|
unkown
|
page readonly
|
|
|
|
7FF57D14D000
|
unkown
|
page readonly
|
|
|
|
1B5A6CB0000
|
unkown
|
page read and write
|
|
|
|
7FF545B25000
|
unkown
|
page readonly
|
|
|
|
7FF521212000
|
unkown
|
page readonly
|
|
|
|
7FF5DD74C000
|
unkown
|
page readonly
|
|
|
|
2A54EEB7000
|
unkown
|
page read and write
|
|
|
|
194BA84B000
|
unkown
|
page read and write
|
|
|
|
7FF57D242000
|
unkown
|
page readonly
|
|
|
|
6A1D87E000
|
unkown
|
page read and write
|
|
|
|
7FF51A6EE000
|
unkown
|
page readonly
|
|
|
|
1B5A5200000
|
unkown
|
page read and write
|
|
|
|
AC3EB7F000
|
unkown
|
page read and write
|
|
|
|
7FF5B784C000
|
unkown
|
page readonly
|
|
|
|
7FF545E07000
|
unkown
|
page readonly
|
|
|
|
7FF57D128000
|
unkown
|
page readonly
|
|
|
|
7FF545BCE000
|
unkown
|
page readonly
|
|
|
|
7FF5B7576000
|
unkown
|
page readonly
|
|
|
|
1F0B207D000
|
unkown
|
page read and write
|
|
|
|
7FF5B769C000
|
unkown
|
page readonly
|
|
|
|
1DFF3313000
|
unkown
|
page read and write
|
|
|
|
2352FC13000
|
unkown
|
page read and write
|
|
|
|
1F1F5800000
|
unkown
|
page readonly
|
|
|
|
2A554498000
|
unkown
|
page read and write
|
|
|
|
E8084FD000
|
unkown
|
page read and write
|
|
|
|
1B5A6D40000
|
unkown
|
page readonly
|
|
|
|
194BA84D000
|
unkown
|
page read and write
|
|
|
|
7FF5DD79C000
|
unkown
|
page readonly
|
|
|
|
7FF5B7843000
|
unkown
|
page readonly
|
|
|
|
2A54EE2A000
|
unkown
|
page read and write
|
|
|
|
1B5A6C70000
|
unkown
|
page read and write
|
|
|
|
7FF584A70000
|
unkown
|
page readonly
|
|
|
|
7FF5DD920000
|
unkown
|
page readonly
|
|
|
|
2A554570000
|
unkown
|
page readonly
|
|
|
|
647117E000
|
unkown
|
page read and write
|
|
|
|
7FF52103A000
|
unkown
|
page readonly
|
|
|
|
7FF540B32000
|
unkown
|
page readonly
|
|
|
|
7FF5855C0000
|
unkown
|
page readonly
|
|
|
|
1F1F5662000
|
unkown
|
page read and write
|
|
|
|
2A96E7F000
|
unkown
|
page read and write
|
|
|
|
2A54EE3D000
|
unkown
|
page read and write
|
|
|
|
2A55463D000
|
unkown
|
page read and write
|
|
|
|
2A554550000
|
unkown
|
page read and write
|
|
|
|
2A554550000
|
unkown
|
page read and write
|
|
|
|
7FF5DD85E000
|
unkown
|
page readonly
|
|
|
|
7FF5B78AF000
|
unkown
|
page readonly
|
|
|
|
7FF5796D9000
|
unkown
|
page readonly
|
|
|
|
7FF5B7538000
|
unkown
|
page readonly
|
|
|
|
2A54F718000
|
unkown
|
page read and write
|
|
|
|
1C79F670000
|
unkown
|
page readonly
|
|
|
|
6A1D47E000
|
unkown
|
page read and write
|
|
|
|
1B5A523D000
|
unkown
|
page read and write
|
|
|
|
1F1F565C000
|
unkown
|
page read and write
|
|
|
|
2A55469F000
|
unkown
|
page read and write
|
|
|
|
7FF58559C000
|
unkown
|
page readonly
|
|
|
|
7FF585461000
|
unkown
|
page readonly
|
|
|
|
7FF5B78E6000
|
unkown
|
page readonly
|
|
|
|
2A5544F0000
|
unkown
|
page read and write
|
|
|
|
7FF545D78000
|
unkown
|
page readonly
|
|
|
|
2A554260000
|
unkown
|
page read and write
|
|
|
|
7FF5795BC000
|
unkown
|
page readonly
|
|
|
|
1B5A6D70000
|
unkown
|
page write copy
|
|
|
|
5A0DE7C000
|
unkown
|
page read and write
|
|
|
|
2A5542C0000
|
unkown
|
page read and write
|
|
|
|
2A54F5E0000
|
unkown
|
page readonly
|
|
|
|
7FF5B74A5000
|
unkown
|
page readonly
|
|
|
|
1B5A5269000
|
unkown
|
page read and write
|
|
|
|
7FF58561E000
|
unkown
|
page readonly
|
|
|
|
2A554810000
|
unkown
|
page readonly
|
|
|
|
2A554853000
|
unkown
|
page write copy
|
|
|
|
2A5543F0000
|
unkown
|
page read and write
|
|
|
|
50C0A77000
|
unkown
|
page read and write
|
|
|
|
7FF5B7630000
|
unkown
|
page readonly
|
|
|
|
6A1D67E000
|
unkown
|
page read and write
|
|
|
|
7FF5B7617000
|
unkown
|
page readonly
|
|
|
|
1C79F800000
|
unkown
|
page read and write
|
|
|
|
2A54F000000
|
unkown
|
page readonly
|
|
|
|
7FF5B78D1000
|
unkown
|
page readonly
|
|
|
|
5A0E5FD000
|
unkown
|
page read and write
|
|
|
|
1DFF3040000
|
heap default
|
page read and write
|
|
|
|
50C02DB000
|
unkown
|
page read and write
|
|
|
|
E807F7E000
|
unkown
|
page read and write
|
|
|
|
7FF58555E000
|
unkown
|
page readonly
|
|
|
|
1DFF3790000
|
unkown
|
page readonly
|
|
|
|
1DFF325B000
|
unkown
|
page read and write
|
|
|
|
180D5B40000
|
unkown
|
page readonly
|
|
|
|
7FF5DD82D000
|
unkown
|
page readonly
|
|
|
|
2A5543E1000
|
unkown
|
page read and write
|
|
|
|
7FF585467000
|
unkown
|
page readonly
|
|
|
|
7FF521279000
|
unkown
|
page readonly
|
|
|
|
1F1F5702000
|
unkown
|
page read and write
|
|
|
|
7FF5DD8C7000
|
unkown
|
page readonly
|
|
|
|
2A5544B4000
|
unkown
|
page write copy
|
|
|
|
180D4CF0000
|
heap default
|
page read and write
|
|
|
|
2A54F5F3000
|
unkown
|
page read and write
|
|
|
|
7FF545BEF000
|
unkown
|
page readonly
|
|
|
|
1F0B206A000
|
unkown
|
page read and write
|
|
|
|
1F0B2029000
|
unkown
|
page read and write
|
|
|
|
5A0DF7D000
|
unkown
|
page read and write
|
|
|
|
7FF545E04000
|
unkown
|
page readonly
|
|
|
|
7FF5DD929000
|
unkown
|
page readonly
|
|
|
|
7FF520F35000
|
unkown
|
page readonly
|
|
|
|
7FF5DD737000
|
unkown
|
page readonly
|
|
|
|
7FF5B6D9D000
|
unkown
|
page readonly
|
|
|
|
7FF5B78F5000
|
unkown
|
page readonly
|
|
|
|
7FF519B18000
|
unkown
|
page readonly
|
|
|
|
7FF5DD836000
|
unkown
|
page readonly
|
|
|
|
1DFF37A0000
|
unkown
|
page read and write
|
|
|
|
180D4E87000
|
unkown
|
page read and write
|
|
|
|
7FF545DDC000
|
unkown
|
page readonly
|
|
|
|
7FF58543D000
|
unkown
|
page readonly
|
|
|
|
7FF540B07000
|
unkown
|
page readonly
|
|
|
|
7FF545DAF000
|
unkown
|
page readonly
|
|
|
|
7FF5B7969000
|
unkown
|
page readonly
|
|
|
|
1DFF3400000
|
unkown
|
page readonly
|
|
|
|
2A554580000
|
unkown
|
page readonly
|
|
|
|
180D5000000
|
unkown
|
page readonly
|
|
|
|
7FF520E1D000
|
unkown
|
page readonly
|
|
|
|
7FF545D8A000
|
unkown
|
page readonly
|
|
|
|
2A54F5C0000
|
unkown
|
page readonly
|
|
|
|
7FF5B768B000
|
unkown
|
page readonly
|
|
|
|
194BB200000
|
unkown
|
page readonly
|
|
|
|
1F0B2024000
|
unkown
|
page read and write
|
|
|
|
2A54EE76000
|
unkown
|
page read and write
|
|
|
|
1B5A7000000
|
unkown
|
page readonly
|
|
|
|
194BA800000
|
unkown
|
page read and write
|
|
|
|
7FF5DD48E000
|
unkown
|
page readonly
|
|
|
|
C77F8FA000
|
unkown
|
page read and write
|
|
|
|
1F1F5658000
|
unkown
|
page read and write
|
|
|
|
7FF51A649000
|
unkown
|
page readonly
|
|
|
|
2A96B7D000
|
unkown
|
page read and write
|
|
|
|
7FF521214000
|
unkown
|
page readonly
|
|
|
|
7FF51A608000
|
unkown
|
page readonly
|
|
|
|
2A54F759000
|
unkown
|
page read and write
|
|
|
|
7FF585629000
|
unkown
|
page readonly
|
|
|
|
1F1F54A0000
|
heap private
|
page read and write
|
|
|
|
7FF521182000
|
unkown
|
page readonly
|
|
|
|
FC39BFF000
|
unkown
|
page read and write
|
|
|
|
2A5546C7000
|
unkown
|
page read and write
|
|
|
|
1DFF3A00000
|
unkown
|
page readonly
|
|
|
|
180D4DE0000
|
unkown
|
page readonly
|
|
|
|
647137F000
|
unkown
|
page read and write
|
|
|
|
7FF5211BF000
|
unkown
|
page readonly
|
|
|
|
1B5A522A000
|
unkown
|
page read and write
|
|
|
|
2A554840000
|
unkown
|
page readonly
|
|
|
|
7FF545B17000
|
unkown
|
page readonly
|
|
|
|
1B5A5300000
|
unkown
|
page read and write
|
|
|
|
7FF540C2E000
|
unkown
|
page readonly
|
|
|
|
7FF585565000
|
unkown
|
page readonly
|
|
|
|
AC3E8FE000
|
unkown
|
page read and write
|
|
|
|
1F1F562A000
|
unkown
|
page read and write
|
|
|
|
7FF51A62E000
|
unkown
|
page readonly
|
|
|
|
7FF5B7821000
|
unkown
|
page readonly
|
|
|
|
194BA847000
|
unkown
|
page read and write
|
|
|
|
7FF540BA6000
|
unkown
|
page readonly
|
|
|
|
1B5A531B000
|
unkown
|
page read and write
|
|
|
|
1F0B2102000
|
unkown
|
page read and write
|
|
|
|
7FF5DD891000
|
unkown
|
page readonly
|
|
|
|
1B5A5259000
|
unkown
|
page read and write
|
|
|
|
7FF5853AF000
|
unkown
|
page readonly
|
|
|
|
7FF585120000
|
unkown
|
page readonly
|
|
|
|
1C79F853000
|
unkown
|
page read and write
|
|
|
|
7FF585596000
|
unkown
|
page readonly
|
|
|
|
7FF5855C4000
|
unkown
|
page readonly
|
|
|
|
194BA900000
|
unkown
|
page read and write
|
|
|
|
7FF5B78A5000
|
unkown
|
page readonly
|
|
|
|
7FF58556F000
|
unkown
|
page readonly
|
|
|
|
7FF5B71A4000
|
unkown
|
page readonly
|
|
|
|
2A54F5D0000
|
unkown
|
page readonly
|
|
|
|
7FF57CE30000
|
unkown
|
page readonly
|
|
|
|
7FF5B7480000
|
unkown
|
page readonly
|
|
|
|
7FF5853FA000
|
unkown
|
page readonly
|
|
|
|
7FF540BC5000
|
unkown
|
page readonly
|
|
|
|
2A54EE98000
|
unkown
|
page read and write
|
|
|
|
2A554800000
|
unkown
|
page readonly
|
|
|
|
7FF5B757F000
|
unkown
|
page readonly
|
|
|
|
180D4E2A000
|
unkown
|
page read and write
|
|
|
|
FC3937E000
|
unkown
|
page read and write
|
|
|
|
2A54F718000
|
unkown
|
page read and write
|
|
|
|
7FF520AAC000
|
unkown
|
page readonly
|
|
|
|
7FF540B7F000
|
unkown
|
page readonly
|
|
|
|
2A54ED60000
|
heap default
|
page read and write
|
|
|
|
7FF5794AA000
|
unkown
|
page readonly
|
|
|
|
7FF5DD654000
|
unkown
|
page readonly
|
|
|
|
7FF5B77D5000
|
unkown
|
page readonly
|
|
|
|
2A5543C4000
|
unkown
|
page read and write
|
|
|
|
2A969FC000
|
unkown
|
page read and write
|
|
|
|
1F1F5641000
|
unkown
|
page read and write
|
|
|
|
7FF5B771C000
|
unkown
|
page readonly
|
|
|
|
7FF585522000
|
unkown
|
page readonly
|
|
|
|
180D5490000
|
unkown
|
page write copy
|
|
|
|
1B5A51B0000
|
unkown
|
page read and write
|
|
|
|
7FF540BBC000
|
unkown
|
page readonly
|
|
|
|
2A55464A000
|
unkown
|
page read and write
|
|
|
|
7FF545E69000
|
unkown
|
page readonly
|
|
|
|
2A554860000
|
unkown
|
page read and write
|
|
|
|
7FF545DF5000
|
unkown
|
page readonly
|
|
|
|
7FF585538000
|
unkown
|
page readonly
|
|
|
|
1C79FE60000
|
unkown
|
page readonly
|
|
|
|
180D4EBC000
|
unkown
|
page read and write
|
|
|
|
1F1F5634000
|
unkown
|
page read and write
|
|
|
|
1DFF3229000
|
unkown
|
page read and write
|
|
|
|
7FF521172000
|
unkown
|
page readonly
|
|
|
|
E8085FF000
|
unkown
|
page read and write
|
|
|
|
2352FBF0000
|
unkown
|
page readonly
|
|
|
|
1F0B22D0000
|
unkown
|
page readonly
|
|
|
|
5A0E7FF000
|
unkown
|
page read and write
|
|
|
|
2A9647E000
|
unkown
|
page read and write
|
|
|
|
7FF5407F7000
|
unkown
|
page readonly
|
|
|
|
AC3E5CD000
|
unkown
|
page read and write
|
|
|
|
AC3EE7C000
|
unkown
|
page read and write
|
|
|
|
7FF5211B5000
|
unkown
|
page readonly
|
|
|
|
2A54F600000
|
unkown
|
page read and write
|
|
|
|
2A54EE86000
|
unkown
|
page read and write
|
|
|
|
194BAAD0000
|
unkown
|
page readonly
|
|
|
|
1F0B2740000
|
unkown
|
page read and write
|
|
|
|
7FF579646000
|
unkown
|
page readonly
|
|
|
|
2A5546E4000
|
unkown
|
page read and write
|
|
|
|
7FF51A6F1000
|
unkown
|
page readonly
|
|
|
|
6A1D77E000
|
unkown
|
page read and write
|
|
|
|
7FF520E4A000
|
unkown
|
page readonly
|
|
|
|
7FF585130000
|
unkown
|
page readonly
|
|
|
|
7FF57D275000
|
unkown
|
page readonly
|
|
|
|
7FF545D76000
|
unkown
|
page readonly
|
|
|
|
7FF51A694000
|
unkown
|
page readonly
|
|
|
|
7FF51A67C000
|
unkown
|
page readonly
|
|
|
|
7FF5B7960000
|
unkown
|
page readonly
|
|
|
|
7FF521049000
|
unkown
|
page readonly
|
|
|
|
7FF57C780000
|
unkown
|
page readonly
|
|
|
|
2A9612B000
|
unkown
|
page read and write
|
|
|
|
7FF51A41A000
|
unkown
|
page readonly
|
|
|
|
2A961AD000
|
unkown
|
page read and write
|
|
|
|
2A550201000
|
unkown
|
page read and write
|
|
|
|
5A0E8FF000
|
unkown
|
page read and write
|
|
|
|
1F1F565A000
|
unkown
|
page read and write
|
|
|
|
180D4E3E000
|
unkown
|
page read and write
|
|
|
|
194BA790000
|
unkown
|
page read and write
|
|
|
|
FC39EFE000
|
unkown
|
page read and write
|
|
|
|
23530402000
|
unkown
|
page read and write
|
|
|
|
7FF5DD511000
|
unkown
|
page readonly
|
|
|
|
C77F17E000
|
unkown
|
page read and write
|
|
|
|
1F0B2A00000
|
unkown
|
page readonly
|
|
|
|
7FF520D83000
|
unkown
|
page readonly
|
|
|
|
7FF5DD576000
|
unkown
|
page readonly
|
|
|
|
2A5544B7000
|
unkown
|
page write copy
|
|
|
|
1F0B2100000
|
unkown
|
page read and write
|
|
|
|
194BA813000
|
unkown
|
page read and write
|
|
|
|
7FF5211E6000
|
unkown
|
page readonly
|
|
|
|
2A5543CE000
|
unkown
|
page read and write
|
|
|
|
7FF545B1E000
|
unkown
|
page readonly
|
|
|
|
7FF5855B5000
|
unkown
|
page readonly
|
|
|
|
7FF5855AC000
|
unkown
|
page readonly
|
|
|
|
7FF540BAC000
|
unkown
|
page readonly
|
|
|
|
7FF5407F0000
|
unkown
|
page readonly
|
|
|
|
7FF51A690000
|
unkown
|
page readonly
|
|
|
|
7FF520FE0000
|
unkown
|
page readonly
|
|
|
|
FC3A0FC000
|
unkown
|
page read and write
|
|
|
|
2A54ED90000
|
unkown
|
page read and write
|
|
|
|
180D5480000
|
unkown
|
page readonly
|
|
|
|
7FF5795E2000
|
unkown
|
page readonly
|
|
|
|
7FF57CF0A000
|
unkown
|
page readonly
|
|
|
|
2A54FDE0000
|
unkown
|
page read and write
|
|
|
|
1C7A0200000
|
unkown
|
page readonly
|
|
|
|
AC3EC7E000
|
unkown
|
page read and write
|
|
|
|
1B5A6D30000
|
unkown
|
page read and write
|
|
|
|
180D4EC3000
|
unkown
|
page read and write
|
|
|
|
1DFF3269000
|
unkown
|
page read and write
|
|
|
|
194BA88D000
|
unkown
|
page read and write
|
|
|
|
1F0B2200000
|
unkown
|
page readonly
|
|
|
|
7FF585532000
|
unkown
|
page readonly
|
|
|
|
FC39AFF000
|
unkown
|
page read and write
|
|
|
|
7FF5B77DC000
|
unkown
|
page readonly
|
|
|
|
2A54EE9B000
|
unkown
|
page read and write
|
|
|
|
2A968FC000
|
unkown
|
page read and write
|
|
|
|
2A54EE6C000
|
unkown
|
page read and write
|
|
|
|
1C79F83C000
|
unkown
|
page read and write
|
|
|
|
2A54F5A0000
|
unkown
|
page readonly
|
|
|
|
2A5544E0000
|
unkown
|
page read and write
|
|
|
|
50C097E000
|
unkown
|
page read and write
|
|
|
|
AC3ED7C000
|
unkown
|
page read and write
|
|
|
|
194BA760000
|
heap default
|
page read and write
|
|
There are 828 hidden memdumps, click here to show them.