Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
https://onedrive.live.com/redir?resid=7066DF4C1D0AB014%21730&authkey=%21AHfvfhIqJz7URpI&page=View&wd=target%28Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b%2FUntitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e%2F%29
|
URL
|
initial url
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\05051875-1ace-443f-a0af-a60e0a7bbe5a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4d0c01db-e51a-4b69-8816-77003dd6e1f0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8951c169-f7b2-47bf-b8e9-ca42c0030403.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\90638c1b-b32d-4316-a550-dcc847eb096b.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0248a230-586c-41e4-b51b-148a6651fded.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\031c8e58-69c7-457d-adf8-5dd4bd7cf123.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\03b6d0a4-71c8-48d7-9511-4a96725ed566.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\093c6b48-f04a-4390-bec0-7c1580c46d0f.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\33c92c73-f10a-495d-8abd-603994e7758e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3aa12950-fdf1-4272-aac0-edb8e655bc65.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3b3269c6-5eb4-462e-87be-0412c09ed954.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\56da1bd8-99de-4dcb-81ad-b09dc41680a9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldCK (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldG (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02c7e165ebc7c9de_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\047447b274c22c54_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\089da834c75847e1_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bc1b686e63f82ff_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1bcd0439134a3715_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d5a541437e1e052_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\20e07459e7e2ecba_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2310e2ec0ef84354_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\253ada26cb26b6aa_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\281a196a87838cee_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2df19ed1090687b9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2f093249a8f8bca4_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3341dc8ccaa38e24_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37f28228f077dd16_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\387591b72ede2a53_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3da036a9ad3ac2b3_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\49e154754a1b515c_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\511f06892f5a721b_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\524efa2be89cbfde_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5b7aec4e1f50e12f_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bde89341a061de0_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5eb56a63fca89ad6_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6307df8c1ac7f419_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64ad52f359b9abdc_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6671f4ecda0f6e11_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6852eb091f2be39b_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74dda42491470d94_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c2fb13884395e20_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cd4eb7d184ef6b5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e3b21fda9937990_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\810e53cf61aed9ba_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\82587ac11889a0d9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\859faf000b5b27df_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88d4628693712bea_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a281a193daaab2f_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b5a510c5c1f1192_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c527f7c99a46d20_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e1634acc9edb463_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8e8c910519af4dd5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\90b75c1a333fbe5d_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\93a3fa42e61c139b_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b751b01290223f0_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9f4474a9eac49cfc_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a44c0a7d4561d38e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a496b5ea39da3bad_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a4e4f981b679f738_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5534787ec2d07e5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a63ea7b972ca7cfa_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7116b5a814c13d9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a99544b9320222ee_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa4a263f93dfaac5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ace05e7cac6c477f_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af47f16bd7610af9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af5c3b38004ce8f5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4f273c849fd66a8_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b6d69d74b43ab990_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b8d6903289bdf5e5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b9a0c0163bb1d181_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb7b434ae64a8b31_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c3aaa4689d2da28d_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2fa7340d4950923_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4f97bb7584c4d55_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e513ed8e4730e1c9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e5fee07f85dd431e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e78b87c38b36287e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e96383cd4fdf8308_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e99eb54082532864_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ee2f7dc01c580763_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7dd50aa7b62010a_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fa1d01002fa990ce_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd818ce584f1de3a_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldTM (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsOC (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.oldA (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateAp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldTM (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferenceslp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesh (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old86 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\1492cc8d-8f47-4db1-8204-216f8e7a8ae8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\ad42e84c-ddac-499a-b4c8-221ec21c8ef7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldNT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\adb18841-b659-43d3-ba7b-bbd3b2a07fef.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b139b1b6-ad42-4f9f-8cb5-5c3734af21b1.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b2c28fab-46c7-4be7-933d-d97fcbd16cbd.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache2 (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheR (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ce669807-9ea3-4c18-8b2d-f736c557a136.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fcc0fcaa-3c72-444f-9e72-3eae606189f5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\228f88c8-6145-454a-b5f0-dbc9ce7c9625.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\782d4bf8-aa3f-4f55-9f9b-576c8f9b65a7.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\b242957f-84a5-4642-98ae-7a03795900c0.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\d58f3560-9a57-4105-8211-af35bee2f793.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_1815258763\b242957f-84a5-4642-98ae-7a03795900c0.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5520_56806229\d58f3560-9a57-4105-8211-af35bee2f793.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Windows\Fonts\segoeui.ttf
|
data
|
dropped
|
|
There are 280 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://onedrive.live.com/redir?resid=7066DF4C1D0AB014%21730&authkey=%21AHfvfhIqJz7URpI&page=View&wd=target%28Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b%2FUntitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e%2F%29'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,17180406757765110953,12677298960956058568,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1768 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://axervices.com/ytxol/
|
52.10.65.30
|
|
|
|
https://axervices.com/ytxol/0fflink.php#authoriz3?cli3nt_k3y=typce-x1c9r-irmlm1631705773c263cd4d5242
|
unknown
|
|
|
|
https://axervices.com/ytxol/0fflink.php#authoriz3?cli3nt_k3y=typce-x1c9r-irmlm1631705773c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6jy0p3-21jmv-bktp7
|
|
||
|
https://axervices.com/ytxol/0fflink.php
|
52.10.65.30
|
|
|
|
https://axervices.com/ytxol/Sign
|
unknown
|
|
|
|
https://onedrive.live.com/View.aspx?resid=7066DF4C1D0AB014!730&wd=target(Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b/Untitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e/)&authkey=!AHfvfhIqJz7URpI
|
|
||
|
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.710.0628.2003&
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac0-efa56458
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/popper.min.js
|
unknown
|
|
|
|
https://axervices.com/jt
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/favicon_a_eupayfgghk9sol6lg210.icoN
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://onenote.com/u
|
unknown
|
|
|
|
https://onedrive.live.com/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
172.217.168.65
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://live.com/4
|
unknown
|
|
|
|
https://www.onenote.com/officeaddins/learningtools/?et=
|
unknown
|
|
|
|
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/jquery.min.jsaD
|
unknown
|
|
|
|
https://onenote.com/d
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/favicon_a_eupayfgghk9sol6lg210.ico
|
unknown
|
|
|
|
https://live.com/OiK
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac1-cdc297b4
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://live.com/
|
unknown
|
|
|
|
https://live.com/=
|
unknown
|
|
|
|
https://ka-f.fontawesome.com/
|
unknown
|
|
|
|
https://onedrive.live.com/View.aspx?resid=7066DF4C1D0AB014
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/jquery.min.js
|
unknown
|
|
|
|
https://live.com/%
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/jquery-1.7.2-
|
unknown
|
|
|
|
https://p.sfx.ms//storage/aria-2.5.0.min.js
|
unknown
|
|
|
|
https://onenote.com/h6
|
unknown
|
|
|
|
https://live.com/)
|
unknown
|
|
|
|
https://content.growth.office.net/mirrored/resources/programmablesurfaces/prod/officewebsurfaces.cor
|
unknown
|
|
|
|
https://live.com//
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://live.com/Wsx
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/jquery-3.2.1.slim.min.js
|
unknown
|
|
|
|
https://live.com/7HJ
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://live.com/W
|
unknown
|
|
|
|
https://onenote.com/O
|
unknown
|
|
|
|
https://onedrive.live.comh
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://onedrive.live.com
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/
|
unknown
|
|
|
|
https://live.com/Tk
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.78
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.13
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://amcdn.msftauth.net/me?partner=OneNoteOnline&version=10.21153.1&market=EN-US&wrapperId=suites
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://onenote.com/I
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=Gnrs4E%2BU5Gu0P2a5%2B70C%2BGxyKcU9PyU2l%2BkTne88OKwSVvQGG63
|
unknown
|
|
|
|
https://live.com/J
|
unknown
|
|
|
|
https://www.onenote.com
|
unknown
|
|
|
|
https://www.onenote.com/
|
unknown
|
|
|
|
https://skyapi.onedrive.live.com/api/proxy?v=3
|
40.90.136.179
|
|
|
|
https://live.com/w
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/5051251.js
|
unknown
|
|
|
|
https://onenote.com/
|
unknown
|
|
|
|
https://live.com/y
|
unknown
|
|
|
|
https://axervices.com/e
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://onedrive.live.com/redir?resid=7066DF4C1D0AB014%21730&authkey=%21AHfvfhIqJz7URpI&page=View&wd=target%28Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b%2FUntitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e%2F%29
|
|
||
|
https://live.com/ifI
|
unknown
|
|
|
|
https://axervices.com/
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/jquery-3.3.1.js
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.710.0628.2003&useReq
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net
|
unknown
|
|
|
|
https://git-bucket-001.azurewebsites.net/bootstrap.min.js
|
unknown
|
|
|
|
https://live.com/k
|
unknown
|
|
|
|
https://onedrive.live.com/redir?resid=7066DF4C1D0AB014%21730&authkey=%21AHfvfhIqJz7URpI&page=View&wd
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
axervices.com
|
52.10.65.30
|
|
|
|
accounts.google.com
|
172.217.168.13
|
|
|
|
i-db3p-cor003.api.p001.1drv.com
|
40.90.136.179
|
|
|
|
clients.l.google.com
|
172.217.168.78
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.168.65
|
|
|
|
onenoteonlinesync.onenote.com
|
unknown
|
|
|
|
ka-f.fontawesome.com
|
unknown
|
|
|
|
messaging.office.com
|
unknown
|
|
|
|
c.live.com
|
unknown
|
|
|
|
ajax.aspnetcdn.com
|
unknown
|
|
|
|
skyapi.onedrive.live.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
git-bucket-001.azurewebsites.net
|
unknown
|
|
|
|
onedrive.live.com
|
unknown
|
|
|
|
p.sfx.ms
|
unknown
|
|
|
|
amcdn.msftauth.net
|
unknown
|
|
|
|
spoprod-a.akamaihd.net
|
unknown
|
|
|
|
www.onenote.com
|
unknown
|
|
There are 9 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
40.90.136.179
|
i-db3p-cor003.api.p001.1drv.com
|
United States
|
|
|
|
192.168.2.6
|
unknown
|
unknown
|
|
|
|
172.217.168.65
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
52.10.65.30
|
axervices.com
|
United States
|
|
|
|
172.217.168.13
|
accounts.google.com
|
United States
|
|
|
|
172.217.168.78
|
clients.l.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF518810000
|
unkown image
|
page readonly
|
|
|
|
24A8BCCE000
|
unkown
|
page read and write
|
|
|
|
4576EF7000
|
unkown
|
page read and write
|
|
|
|
7DF5EB252000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13F7000
|
unkown image
|
page readonly
|
|
|
|
170CDE50000
|
unkown image
|
page readonly
|
|
|
|
7FF52A025000
|
unkown image
|
page readonly
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
|
|
170CD750000
|
unkown image
|
page readonly
|
|
|
|
7FF5227BA000
|
unkown image
|
page readonly
|
|
|
|
7FF518771000
|
unkown image
|
page readonly
|
|
|
|
7FF518629000
|
unkown image
|
page readonly
|
|
|
|
7FF5186DF000
|
unkown image
|
page readonly
|
|
|
|
7FF522979000
|
unkown image
|
page readonly
|
|
|
|
744BBFD000
|
unkown
|
page read and write
|
|
|
|
24A863A0000
|
unkown
|
page read and write
|
|
|
|
2C99177D000
|
unkown
|
page read and write
|
|
|
|
7FF518807000
|
unkown image
|
page readonly
|
|
|
|
7FF522816000
|
unkown image
|
page readonly
|
|
|
|
7DF5226D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5185E3000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94B0000
|
unkown image
|
page readonly
|
|
|
|
170CD902000
|
unkown
|
page read and write
|
|
|
|
2C99171C000
|
unkown
|
page read and write
|
|
|
|
7DF534200000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6DA000
|
unkown image
|
page readonly
|
|
|
|
7FF507247000
|
unkown image
|
page readonly
|
|
|
|
2C9917A9000
|
unkown
|
page read and write
|
|
|
|
744AEFE000
|
unkown
|
page read and write
|
|
|
|
7DF534200000
|
unkown image
|
page readonly
|
|
|
|
2C991788000
|
unkown
|
page read and write
|
|
|
|
7FF51883F000
|
unkown image
|
page readonly
|
|
|
|
1DB53AE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1325000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13E6000
|
unkown image
|
page readonly
|
|
|
|
7FF522966000
|
unkown image
|
page readonly
|
|
|
|
1DB53C82000
|
unkown
|
page read and write
|
|
|
|
7FF5BF6CB000
|
unkown image
|
page readonly
|
|
|
|
7DF511032000
|
unkown image
|
page readonly
|
|
|
|
7FF522977000
|
unkown image
|
page readonly
|
|
|
|
2C991C02000
|
unkown
|
page read and write
|
|
|
|
24A87801000
|
unkown
|
page read and write
|
|
|
|
2C991784000
|
unkown
|
page read and write
|
|
|
|
1DB53C6E000
|
unkown
|
page read and write
|
|
|
|
24A8B850000
|
unkown
|
page read and write
|
|
|
|
25997E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5186CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5184B9000
|
unkown image
|
page readonly
|
|
|
|
2C990F13000
|
unkown
|
page read and write
|
|
|
|
23855E16000
|
unkown
|
page read and write
|
|
|
|
7DF534202000
|
unkown image
|
page readonly
|
|
|
|
24A868D0000
|
unkown image
|
page readonly
|
|
|
|
170CD740000
|
heap default
|
page read and write
|
|
|
|
7FF507244000
|
unkown image
|
page readonly
|
|
|
|
7FF5071A3000
|
unkown image
|
page readonly
|
|
|
|
7FF52A37D000
|
unkown image
|
page readonly
|
|
|
|
7DF534202000
|
unkown image
|
page readonly
|
|
|
|
7FF5E12B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5186E3000
|
unkown image
|
page readonly
|
|
|
|
2C99176F000
|
unkown
|
page read and write
|
|
|
|
2C9912E0000
|
unkown image
|
page readonly
|
|
|
|
2C99178F000
|
unkown
|
page read and write
|
|
|
|
24A8BD13000
|
unkown
|
page read and write
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
|
|
7FF5229D4000
|
unkown image
|
page readonly
|
|
|
|
744B57E000
|
unkown
|
page read and write
|
|
|
|
24A864A9000
|
unkown
|
page read and write
|
|
|
|
2C99176C000
|
unkown
|
page read and write
|
|
|
|
7FF52A424000
|
unkown image
|
page readonly
|
|
|
|
7DF511030000
|
unkown image
|
page readonly
|
|
|
|
7DF534220000
|
unkown image
|
page readonly
|
|
|
|
24A86465000
|
unkown
|
page read and write
|
|
|
|
C53E87F000
|
unkown
|
page read and write
|
|
|
|
7FF5071AD000
|
unkown image
|
page readonly
|
|
|
|
23855E1B000
|
unkown
|
page read and write
|
|
|
|
4E317FF000
|
unkown
|
page read and write
|
|
|
|
23855E1B000
|
unkown
|
page read and write
|
|
|
|
2C990EC6000
|
unkown
|
page read and write
|
|
|
|
7FF52A2A8000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB240000
|
unkown image
|
page readonly
|
|
|
|
7FF5E145D000
|
unkown image
|
page readonly
|
|
|
|
24A86489000
|
unkown
|
page read and write
|
|
|
|
2C99177D000
|
unkown
|
page read and write
|
|
|
|
1DB53D00000
|
unkown
|
page read and write
|
|
|
|
7DF5EB242000
|
unkown image
|
page readonly
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
23855E07000
|
heap default
|
page read and write
|
|
|
|
7FF518876000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB260000
|
unkown image
|
page readonly
|
|
|
|
2C991775000
|
unkown
|
page read and write
|
|
|
|
23855E2D000
|
unkown
|
page read and write
|
|
|
|
7FF5E13ED000
|
unkown image
|
page readonly
|
|
|
|
2C99176B000
|
unkown
|
page read and write
|
|
|
|
1DB54000000
|
unkown image
|
page readonly
|
|
|
|
1DB53B00000
|
heap default
|
page read and write
|
|
|
|
744AF7D000
|
unkown
|
page read and write
|
|
|
|
7FF51811B000
|
unkown image
|
page readonly
|
|
|
|
23856070000
|
heap private
|
page read and write
|
|
|
|
7FF518605000
|
unkown image
|
page readonly
|
|
|
|
24A86454000
|
unkown
|
page read and write
|
|
|
|
7FF5E12B8000
|
unkown image
|
page readonly
|
|
|
|
2C991769000
|
unkown
|
page read and write
|
|
|
|
2C9917BB000
|
unkown
|
page read and write
|
|
|
|
25997B00000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
1DB53C13000
|
unkown
|
page read and write
|
|
|
|
2C990E4B000
|
unkown
|
page read and write
|
|
|
|
7FF5185EA000
|
unkown image
|
page readonly
|
|
|
|
2C990E4D000
|
unkown
|
page read and write
|
|
|
|
7DF4205A0000
|
unkown image
|
page readonly
|
|
|
|
7FF52294A000
|
unkown image
|
page readonly
|
|
|
|
24A8B830000
|
unkown
|
page read and write
|
|
|
|
24A86429000
|
unkown
|
page read and write
|
|
|
|
744AE7B000
|
unkown
|
page read and write
|
|
|
|
7FF52A237000
|
unkown image
|
page readonly
|
|
|
|
25997920000
|
unkown image
|
page readonly
|
|
|
|
2C9917D9000
|
unkown
|
page read and write
|
|
|
|
24A86C02000
|
unkown
|
page read and write
|
|
|
|
170CD900000
|
unkown
|
page read and write
|
|
|
|
2C990EF5000
|
unkown
|
page read and write
|
|
|
|
24A86320000
|
unkown image
|
page readonly
|
|
|
|
1DB53C4D000
|
unkown
|
page read and write
|
|
|
|
170CE002000
|
unkown
|
page read and write
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
23855E02000
|
unkown
|
page read and write
|
|
|
|
24A8BC2D000
|
unkown
|
page read and write
|
|
|
|
23855E1E000
|
unkown
|
page read and write
|
|
|
|
1DB54180000
|
unkown image
|
page readonly
|
|
|
|
2C991773000
|
unkown
|
page read and write
|
|
|
|
24A86D00000
|
unkown
|
page read and write
|
|
|
|
7FF5E1451000
|
unkown image
|
page readonly
|
|
|
|
2C990DF0000
|
heap default
|
page read and write
|
|
|
|
1DB53D13000
|
unkown
|
page read and write
|
|
|
|
7FF5E1111000
|
unkown image
|
page readonly
|
|
|
|
24A8BD0C000
|
unkown
|
page read and write
|
|
|
|
2C9917A9000
|
unkown
|
page read and write
|
|
|
|
2C9917C9000
|
unkown
|
page read and write
|
|
|
|
2C991B50000
|
unkown
|
page read and write
|
|
|
|
24A86400000
|
unkown
|
page read and write
|
|
|
|
24A8BCFF000
|
unkown
|
page read and write
|
|
|
|
2C99177B000
|
unkown
|
page read and write
|
|
|
|
7DF5226D2000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF507257000
|
unkown image
|
page readonly
|
|
|
|
744B279000
|
unkown
|
page read and write
|
|
|
|
170CD710000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13BD000
|
unkown image
|
page readonly
|
|
|
|
7FF5180FB000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94C0000
|
unkown image
|
page readonly
|
|
|
|
7FF518778000
|
unkown image
|
page readonly
|
|
|
|
4E3127B000
|
unkown
|
page read and write
|
|
|
|
7FF52A453000
|
unkown image
|
page readonly
|
|
|
|
24A8BD21000
|
unkown
|
page read and write
|
|
|
|
7DF5226E2000
|
unkown image
|
page readonly
|
|
|
|
259977E0000
|
heap private
|
page read and write
|
|
|
|
1DB53C00000
|
unkown
|
page read and write
|
|
|
|
7FF5E139F000
|
unkown image
|
page readonly
|
|
|
|
2C991796000
|
unkown
|
page read and write
|
|
|
|
7FF5E11EB000
|
unkown image
|
page readonly
|
|
|
|
1DB53C2D000
|
unkown
|
page read and write
|
|
|
|
2C991460000
|
unkown image
|
page readonly
|
|
|
|
2C991789000
|
unkown
|
page read and write
|
|
|
|
7FF5E11B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5184AC000
|
unkown image
|
page readonly
|
|
|
|
170CD6F0000
|
unkown image
|
page readonly
|
|
|
|
7DF534220000
|
unkown image
|
page readonly
|
|
|
|
24A86350000
|
unkown image
|
page readonly
|
|
|
|
7DF511030000
|
unkown image
|
page readonly
|
|
|
|
7DF52C7E0000
|
unkown image
|
page readonly
|
|
|
|
7FF52A256000
|
unkown image
|
page readonly
|
|
|
|
2C991C1D000
|
unkown
|
page read and write
|
|
|
|
7DF5EB250000
|
unkown image
|
page readonly
|
|
|
|
25997840000
|
heap default
|
page read and write
|
|
|
|
7FF52A414000
|
unkown image
|
page readonly
|
|
|
|
25997A82000
|
unkown
|
page read and write
|
|
|
|
7FF518843000
|
unkown image
|
page readonly
|
|
|
|
1DB53A90000
|
unkown image
|
page read and write
|
|
|
|
7FF5E0C63000
|
unkown image
|
page readonly
|
|
|
|
7DF52C7D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5187E5000
|
unkown image
|
page readonly
|
|
|
|
7FF51887D000
|
unkown image
|
page readonly
|
|
|
|
744BB7C000
|
unkown
|
page read and write
|
|
|
|
7FF518634000
|
unkown image
|
page readonly
|
|
|
|
2C991786000
|
unkown
|
page read and write
|
|
|
|
7FF5186FF000
|
unkown image
|
page readonly
|
|
|
|
24A8BCA7000
|
unkown
|
page read and write
|
|
|
|
24A864FA000
|
unkown
|
page read and write
|
|
|
|
7FF507067000
|
unkown image
|
page readonly
|
|
|
|
2C9917D7000
|
unkown
|
page read and write
|
|
|
|
7FF5E1464000
|
unkown image
|
page readonly
|
|
|
|
24A86380000
|
unkown image
|
page readonly
|
|
|
|
7FF518640000
|
unkown image
|
page readonly
|
|
|
|
2C991C00000
|
unkown
|
page read and write
|
|
|
|
7FF507297000
|
unkown image
|
page readonly
|
|
|
|
744B17B000
|
unkown
|
page read and write
|
|
|
|
2C990E4F000
|
unkown
|
page read and write
|
|
|
|
C53E5FB000
|
unkown
|
page read and write
|
|
|
|
F13427A000
|
unkown
|
page read and write
|
|
|
|
7FF5071DD000
|
unkown image
|
page readonly
|
|
|
|
2C9917BD000
|
unkown
|
page read and write
|
|
|
|
24A8BC3E000
|
unkown
|
page read and write
|
|
|
|
2C991758000
|
unkown
|
page read and write
|
|
|
|
1DB54260000
|
unkown
|
page read and write
|
|
|
|
7FF5E147A000
|
unkown image
|
page readonly
|
|
|
|
744B77A000
|
unkown
|
page read and write
|
|
|
|
7FF5E11A7000
|
unkown image
|
page readonly
|
|
|
|
7FF522921000
|
unkown image
|
page readonly
|
|
|
|
2C990E00000
|
unkown
|
page read and write
|
|
|
|
7FF5185BA000
|
unkown image
|
page readonly
|
|
|
|
7FF518932000
|
unkown image
|
page readonly
|
|
|
|
7FF518937000
|
unkown image
|
page readonly
|
|
|
|
1DB53C4A000
|
unkown
|
page read and write
|
|
|
|
7FF52291F000
|
unkown image
|
page readonly
|
|
|
|
7FF5071E9000
|
unkown image
|
page readonly
|
|
|
|
7FF52A3B7000
|
unkown image
|
page readonly
|
|
|
|
7FF5187A1000
|
unkown image
|
page readonly
|
|
|
|
2C99178C000
|
unkown
|
page read and write
|
|
|
|
24A86310000
|
heap private
|
page read and write
|
|
|
|
24A87200000
|
unkown
|
page read and write
|
|
|
|
F13407E000
|
unkown
|
page read and write
|
|
|
|
24A8B9F0000
|
unkown
|
page read and write
|
|
|
|
2C9917AD000
|
unkown
|
page read and write
|
|
|
|
24A86502000
|
unkown
|
page read and write
|
|
|
|
2C991779000
|
unkown
|
page read and write
|
|
|
|
4E312FD000
|
unkown
|
page read and write
|
|
|
|
2C9917AA000
|
unkown
|
page read and write
|
|
|
|
7FF52219B000
|
unkown image
|
page readonly
|
|
|
|
25997B08000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7DF5226F0000
|
unkown image
|
page readonly
|
|
|
|
7FF52A275000
|
unkown image
|
page readonly
|
|
|
|
4E3157B000
|
unkown
|
page read and write
|
|
|
|
7FF518887000
|
unkown image
|
page readonly
|
|
|
|
744B37E000
|
unkown
|
page read and write
|
|
|
|
24A86B90000
|
unkown image
|
page readonly
|
|
|
|
23855DF0000
|
heap default
|
page read and write
|
|
|
|
7FF518707000
|
unkown image
|
page readonly
|
|
|
|
7FF5E123A000
|
unkown image
|
page readonly
|
|
|
|
4E316F7000
|
unkown
|
page read and write
|
|
|
|
2C991797000
|
unkown
|
page read and write
|
|
|
|
7DF52C7D2000
|
unkown image
|
page readonly
|
|
|
|
23856400000
|
unkown image
|
page readonly
|
|
|
|
170CD84B000
|
unkown
|
page read and write
|
|
|
|
2C99178C000
|
unkown
|
page read and write
|
|
|
|
24A86D13000
|
unkown
|
page read and write
|
|
|
|
24A86300000
|
unkown image
|
page read and write
|
|
|
|
7DF5C94B0000
|
unkown image
|
page readonly
|
|
|
|
2C990E54000
|
unkown
|
page read and write
|
|
|
|
7FF52A42B000
|
unkown image
|
page readonly
|
|
|
|
2C99176F000
|
unkown
|
page read and write
|
|
|
|
2C991C02000
|
unkown
|
page read and write
|
|
|
|
7DF5226E0000
|
unkown image
|
page readonly
|
|
|
|
430CDFC000
|
unkown
|
page read and write
|
|
|
|
7FF5185F8000
|
unkown image
|
page readonly
|
|
|
|
24A8BB10000
|
unkown
|
page read and write
|
|
|
|
430CCF9000
|
unkown
|
page read and write
|
|
|
|
7FF5E13C6000
|
unkown image
|
page readonly
|
|
|
|
170CDAD0000
|
unkown image
|
page readonly
|
|
|
|
25997FA0000
|
unkown
|
page read and write
|
|
|
|
2C99176B000
|
unkown
|
page read and write
|
|
|
|
7FF507057000
|
unkown image
|
page readonly
|
|
|
|
7FF507191000
|
unkown image
|
page readonly
|
|
|
|
24A8BAE0000
|
unkown
|
page read and write
|
|
|
|
7DF511040000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEEC3000
|
unkown image
|
page readonly
|
|
|
|
7FF51888E000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94B2000
|
unkown image
|
page readonly
|
|
|
|
744B077000
|
unkown
|
page read and write
|
|
|
|
7FF5185F5000
|
unkown image
|
page readonly
|
|
|
|
7FF5188ED000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1065000
|
unkown image
|
page readonly
|
|
|
|
24A86DDB000
|
unkown
|
page read and write
|
|
|
|
7FF5E12B5000
|
unkown image
|
page readonly
|
|
|
|
2C991B50000
|
unkown
|
page read and write
|
|
|
|
7FF52A0D1000
|
unkown image
|
page readonly
|
|
|
|
7FF518694000
|
unkown image
|
page readonly
|
|
|
|
2C9917A5000
|
unkown
|
page read and write
|
|
|
|
24A8B8D0000
|
unkown
|
page read and write
|
|
|
|
7FF50718F000
|
unkown image
|
page readonly
|
|
|
|
2C991C5D000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
F133DEE000
|
unkown
|
page read and write
|
|
|
|
7FF5BF6BD000
|
unkown image
|
page readonly
|
|
|
|
24A8BC1F000
|
unkown
|
page read and write
|
|
|
|
23856075000
|
heap private
|
page read and write
|
|
|
|
24A8B8C0000
|
unkown
|
page read and write
|
|
|
|
24A86BB0000
|
unkown image
|
page readonly
|
|
|
|
F134377000
|
unkown
|
page read and write
|
|
|
|
7FF5229E4000
|
unkown image
|
page readonly
|
|
|
|
24A86320000
|
unkown image
|
page readonly
|
|
|
|
24A8BB00000
|
unkown
|
page read and write
|
|
|
|
25997A58000
|
unkown
|
page read and write
|
|
|
|
7DF5226E0000
|
unkown image
|
page readonly
|
|
|
|
7FF52A373000
|
unkown image
|
page readonly
|
|
|
|
24A8BCF5000
|
unkown
|
page read and write
|
|
|
|
7DF5C94A0000
|
unkown image
|
page readonly
|
|
|
|
2C990EE4000
|
unkown
|
page read and write
|
|
|
|
7FF52A467000
|
unkown image
|
page readonly
|
|
|
|
7FF506DCB000
|
unkown image
|
page readonly
|
|
|
|
457693E000
|
unkown
|
page read and write
|
|
|
|
7DF52C7C2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6B7000
|
unkown image
|
page readonly
|
|
|
|
7FF522830000
|
unkown image
|
page readonly
|
|
|
|
7FF5071D6000
|
unkown image
|
page readonly
|
|
|
|
259977F0000
|
unkown image
|
page readonly
|
|
|
|
7FF518819000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
24A86D9A000
|
unkown
|
page read and write
|
|
|
|
7FF529F11000
|
unkown image
|
page readonly
|
|
|
|
170CD881000
|
unkown
|
page read and write
|
|
|
|
430C8AA000
|
unkown
|
page read and write
|
|
|
|
2C991797000
|
unkown
|
page read and write
|
|
|
|
24A86515000
|
unkown
|
page read and write
|
|
|
|
7FF52A392000
|
unkown image
|
page readonly
|
|
|
|
7FF5188E7000
|
unkown image
|
page readonly
|
|
|
|
7FF52A43A000
|
unkown image
|
page readonly
|
|
|
|
23856280000
|
unkown image
|
page readonly
|
|
|
|
24A86413000
|
unkown
|
page read and write
|
|
|
|
2C991779000
|
unkown
|
page read and write
|
|
|
|
744B5FF000
|
unkown
|
page read and write
|
|
|
|
7FF5E1493000
|
unkown image
|
page readonly
|
|
|
|
24A8BC11000
|
unkown
|
page read and write
|
|
|
|
2C9912D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1496000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1253000
|
unkown image
|
page readonly
|
|
|
|
23856080000
|
unkown image
|
page readonly
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
7DF5226F0000
|
unkown image
|
page readonly
|
|
|
|
2C990EE7000
|
unkown
|
page read and write
|
|
|
|
4E3147B000
|
unkown
|
page read and write
|
|
|
|
24A8BB20000
|
unkown
|
page read and write
|
|
|
|
7DF5226D0000
|
unkown image
|
page readonly
|
|
|
|
744BA7B000
|
unkown
|
page read and write
|
|
|
|
7FF52A41D000
|
unkown image
|
page readonly
|
|
|
|
170CD853000
|
unkown
|
page read and write
|
|
|
|
2C990EE7000
|
unkown
|
page read and write
|
|
|
|
7FF518462000
|
unkown image
|
page readonly
|
|
|
|
25997A75000
|
unkown
|
page read and write
|
|
|
|
7FF5E0F51000
|
unkown image
|
page readonly
|
|
|
|
7FF5E124D000
|
unkown image
|
page readonly
|
|
|
|
2C9917AC000
|
unkown
|
page read and write
|
|
|
|
2C990EB3000
|
unkown
|
page read and write
|
|
|
|
7FF5229DD000
|
unkown image
|
page readonly
|
|
|
|
7FF51860F000
|
unkown image
|
page readonly
|
|
|
|
259977D0000
|
unkown image
|
page read and write
|
|
|
|
7FF522A27000
|
unkown image
|
page readonly
|
|
|
|
7FF5186DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1357000
|
unkown image
|
page readonly
|
|
|
|
2C9917C5000
|
unkown
|
page read and write
|
|
|
|
2C990D80000
|
unkown image
|
page read and write
|
|
|
|
2C991779000
|
unkown
|
page read and write
|
|
|
|
4E315FE000
|
unkown
|
page read and write
|
|
|
|
C53E67F000
|
unkown
|
page read and write
|
|
|
|
7FF52292F000
|
unkown image
|
page readonly
|
|
|
|
7DF511042000
|
unkown image
|
page readonly
|
|
|
|
7FF518824000
|
unkown image
|
page readonly
|
|
|
|
7FF5E14A7000
|
unkown image
|
page readonly
|
|
|
|
24A8BE10000
|
unkown
|
page read and write
|
|
|
|
430CD7F000
|
unkown
|
page read and write
|
|
|
|
2C990F08000
|
unkown
|
page read and write
|
|
|
|
2C990E84000
|
unkown
|
page read and write
|
|
|
|
7FF518492000
|
unkown image
|
page readonly
|
|
|
|
7DF5226D0000
|
unkown image
|
page readonly
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
170CD913000
|
unkown
|
page read and write
|
|
|
|
24A8BD0F000
|
unkown
|
page read and write
|
|
|
|
1DB53C4F000
|
unkown
|
page read and write
|
|
|
|
24A87823000
|
unkown
|
page read and write
|
|
|
|
7DF42A690000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1204000
|
unkown image
|
page readonly
|
|
|
|
7DF52C7C0000
|
unkown image
|
page readonly
|
|
|
|
2C991773000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF50725B000
|
unkown image
|
page readonly
|
|
|
|
45769BE000
|
unkown
|
page read and write
|
|
|
|
7FF522A13000
|
unkown image
|
page readonly
|
|
|
|
2C990DD0000
|
unkown image
|
page readonly
|
|
|
|
1DB53C4C000
|
unkown
|
page read and write
|
|
|
|
24A8B840000
|
unkown
|
page read and write
|
|
|
|
7FF5E1175000
|
unkown image
|
page readonly
|
|
|
|
7FF5224D7000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEEC7000
|
unkown image
|
page readonly
|
|
|
|
4E318FF000
|
unkown
|
page read and write
|
|
|
|
7FF506D47000
|
unkown image
|
page readonly
|
|
|
|
7FF522A22000
|
unkown image
|
page readonly
|
|
|
|
1DB53C3C000
|
unkown
|
page read and write
|
|
|
|
7FF5228A5000
|
unkown image
|
page readonly
|
|
|
|
7FF507292000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6B4000
|
unkown image
|
page readonly
|
|
|
|
7DF534210000
|
unkown image
|
page readonly
|
|
|
|
24A86D58000
|
unkown
|
page read and write
|
|
|
|
7FF5BF659000
|
unkown image
|
page readonly
|
|
|
|
1DB53AB0000
|
unkown image
|
page readonly
|
|
|
|
25997B02000
|
unkown
|
page read and write
|
|
|
|
24A86BD0000
|
unkown image
|
page readonly
|
|
|
|
23855E15000
|
unkown
|
page read and write
|
|
|
|
7FF5BF6C7000
|
unkown image
|
page readonly
|
|
|
|
7FF522A27000
|
unkown image
|
page readonly
|
|
|
|
170CD84D000
|
unkown
|
page read and write
|
|
|
|
7FF5225E5000
|
unkown image
|
page readonly
|
|
|
|
2C990EAA000
|
unkown
|
page read and write
|
|
|
|
1DB53BE0000
|
unkown image
|
page readonly
|
|
|
|
25997B13000
|
unkown
|
page read and write
|
|
|
|
7FF5BF646000
|
unkown image
|
page readonly
|
|
|
|
23855C90000
|
unkown image
|
page readonly
|
|
|
|
23855DFB000
|
heap default
|
page read and write
|
|
|
|
2C991796000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
2C990DA0000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB260000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6B1000
|
unkown image
|
page readonly
|
|
|
|
24A8BCD7000
|
unkown
|
page read and write
|
|
|
|
2C9917C5000
|
unkown
|
page read and write
|
|
|
|
7FF5BF657000
|
unkown image
|
page readonly
|
|
|
|
7FF5071BA000
|
unkown image
|
page readonly
|
|
|
|
7FF52A36F000
|
unkown image
|
page readonly
|
|
|
|
7FF529BE1000
|
unkown image
|
page readonly
|
|
|
|
430C92E000
|
unkown
|
page read and write
|
|
|
|
2C990DA0000
|
unkown image
|
page readonly
|
|
|
|
7DF52C7C2000
|
unkown image
|
page readonly
|
|
|
|
23855E2E000
|
unkown
|
page read and write
|
|
|
|
2C991716000
|
unkown
|
page read and write
|
|
|
|
2C99179C000
|
unkown
|
page read and write
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
|
|
2C990D90000
|
heap private
|
page read and write
|
|
|
|
2C99176D000
|
unkown
|
page read and write
|
|
|
|
25997A3C000
|
unkown
|
page read and write
|
|
|
|
7FF518831000
|
unkown image
|
page readonly
|
|
|
|
7FF518856000
|
unkown image
|
page readonly
|
|
|
|
2C990E3C000
|
unkown
|
page read and write
|
|
|
|
24A86462000
|
unkown
|
page read and write
|
|
|
|
45771FE000
|
unkown
|
page read and write
|
|
|
|
7DF52C7D0000
|
unkown image
|
page readonly
|
|
|
|
7FF52A3B9000
|
unkown image
|
page readonly
|
|
|
|
24A866D0000
|
unkown image
|
page readonly
|
|
|
|
7FF507297000
|
unkown image
|
page readonly
|
|
|
|
7FF52A456000
|
unkown image
|
page readonly
|
|
|
|
7FF52A467000
|
unkown image
|
page readonly
|
|
|
|
744BDFD000
|
unkown
|
page read and write
|
|
|
|
7FF5BF6F6000
|
unkown image
|
page readonly
|
|
|
|
7FF507254000
|
unkown image
|
page readonly
|
|
|
|
7FF52A411000
|
unkown image
|
page readonly
|
|
|
|
2C99177B000
|
unkown
|
page read and write
|
|
|
|
7FF5E1467000
|
unkown image
|
page readonly
|
|
|
|
2C9917AD000
|
unkown
|
page read and write
|
|
|
|
170CD6E0000
|
heap private
|
page read and write
|
|
|
|
7DF511032000
|
unkown image
|
page readonly
|
|
|
|
7FF51884D000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF615000
|
unkown image
|
page readonly
|
|
|
|
2C9917BA000
|
unkown
|
page read and write
|
|
|
|
170CD861000
|
unkown
|
page read and write
|
|
|
|
23855CB0000
|
unkown image
|
page readonly
|
|
|
|
170CD88D000
|
unkown
|
page read and write
|
|
|
|
7FF5070A5000
|
unkown image
|
page readonly
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
2C991796000
|
unkown
|
page read and write
|
|
|
|
2C99174A000
|
unkown
|
page read and write
|
|
|
|
7DF511050000
|
unkown image
|
page readonly
|
|
|
|
4576FFF000
|
unkown
|
page read and write
|
|
|
|
24A86513000
|
unkown
|
page read and write
|
|
|
|
7FF5E0F26000
|
unkown image
|
page readonly
|
|
|
|
7FF52A386000
|
unkown image
|
page readonly
|
|
|
|
24A8BC94000
|
unkown
|
page read and write
|
|
|
|
7FF5E0F57000
|
unkown image
|
page readonly
|
|
|
|
25997820000
|
unkown image
|
page readonly
|
|
|
|
7FF51885A000
|
unkown image
|
page readonly
|
|
|
|
7FF5E0D35000
|
unkown image
|
page readonly
|
|
|
|
2C9917D7000
|
unkown
|
page read and write
|
|
|
|
2C991C03000
|
unkown
|
page read and write
|
|
|
|
7FF5E1380000
|
unkown image
|
page readonly
|
|
|
|
24A8BC00000
|
unkown
|
page read and write
|
|
|
|
24A8645D000
|
unkown
|
page read and write
|
|
|
|
7FF51890A000
|
unkown image
|
page readonly
|
|
|
|
170CD813000
|
unkown
|
page read and write
|
|
|
|
7DF4320D0000
|
unkown image
|
page readonly
|
|
|
|
2C990E29000
|
unkown
|
page read and write
|
|
|
|
7FF5229D7000
|
unkown image
|
page readonly
|
|
|
|
2C99178D000
|
unkown
|
page read and write
|
|
|
|
1DB53C50000
|
unkown
|
page read and write
|
|
|
|
7DF511050000
|
unkown image
|
page readonly
|
|
|
|
7FF5227F7000
|
unkown image
|
page readonly
|
|
|
|
2C99176B000
|
unkown
|
page read and write
|
|
|
|
24A86467000
|
unkown
|
page read and write
|
|
|
|
1DB53C54000
|
unkown
|
page read and write
|
|
|
|
7FF5BF613000
|
unkown image
|
page readonly
|
|
|
|
7FF507115000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1394000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94A2000
|
unkown image
|
page readonly
|
|
|
|
7FF52A2E5000
|
unkown image
|
page readonly
|
|
|
|
170CD6F0000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94A2000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF518862000
|
unkown image
|
page readonly
|
|
|
|
F13457A000
|
unkown
|
page read and write
|
|
|
|
7FF5188E4000
|
unkown image
|
page readonly
|
|
|
|
7FF518926000
|
unkown image
|
page readonly
|
|
|
|
2C990E70000
|
unkown
|
page read and write
|
|
|
|
24A86DAA000
|
unkown
|
page read and write
|
|
|
|
7FF5E1002000
|
unkown image
|
page readonly
|
|
|
|
24A86BC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1355000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB242000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
430CC7E000
|
unkown
|
page read and write
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
|
|
23855DC0000
|
unkown
|
page read and write
|
|
|
|
7FF5185DD000
|
unkown image
|
page readonly
|
|
|
|
25997A50000
|
unkown
|
page read and write
|
|
|
|
25997810000
|
unkown image
|
page readonly
|
|
|
|
24A8BD1B000
|
unkown
|
page read and write
|
|
|
|
2C991777000
|
unkown
|
page read and write
|
|
|
|
25997A52000
|
unkown
|
page read and write
|
|
|
|
24A8BA00000
|
unkown
|
page read and write
|
|
|
|
2C991796000
|
unkown
|
page read and write
|
|
|
|
259977F0000
|
unkown image
|
page readonly
|
|
|
|
C53E4FC000
|
unkown
|
page read and write
|
|
|
|
170CD908000
|
unkown
|
page read and write
|
|
|
|
2C99178B000
|
unkown
|
page read and write
|
|
|
|
7FF52A3A6000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF64D000
|
unkown image
|
page readonly
|
|
|
|
7FF5E0C21000
|
unkown image
|
page readonly
|
|
|
|
7FF52A1FA000
|
unkown image
|
page readonly
|
|
|
|
7FF529BDB000
|
unkown image
|
page readonly
|
|
|
|
24A8643D000
|
unkown
|
page read and write
|
|
|
|
7FF5E13D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5229FA000
|
unkown image
|
page readonly
|
|
|
|
F1348F8000
|
unkown
|
page read and write
|
|
|
|
2C991777000
|
unkown
|
page read and write
|
|
|
|
7FF522868000
|
unkown image
|
page readonly
|
|
|
|
7DF534212000
|
unkown image
|
page readonly
|
|
|
|
2C991570000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF5E1384000
|
unkown image
|
page readonly
|
|
|
|
2C991769000
|
unkown
|
page read and write
|
|
|
|
C53E777000
|
unkown
|
page read and write
|
|
|
|
24A87820000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF5E0C67000
|
unkown image
|
page readonly
|
|
|
|
7FF5070A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5229E7000
|
unkown image
|
page readonly
|
|
|
|
7DF534212000
|
unkown image
|
page readonly
|
|
|
|
7DF5226E2000
|
unkown image
|
page readonly
|
|
|
|
25997C00000
|
unkown image
|
page readonly
|
|
|
|
2C991779000
|
unkown
|
page read and write
|
|
|
|
7DF534210000
|
unkown image
|
page readonly
|
|
|
|
7FF5227E7000
|
unkown image
|
page readonly
|
|
|
|
24A864B7000
|
unkown
|
page read and write
|
|
|
|
24A873E0000
|
unkown
|
page read and write
|
|
|
|
170CD82A000
|
unkown
|
page read and write
|
|
|
|
7FF51866E000
|
unkown image
|
page readonly
|
|
|
|
23855E07000
|
unkown
|
page read and write
|
|
|
|
7FF522952000
|
unkown image
|
page readonly
|
|
|
|
744B87E000
|
unkown
|
page read and write
|
|
|
|
7FF5BF707000
|
unkown image
|
page readonly
|
|
|
|
7FF518095000
|
unkown image
|
page readonly
|
|
|
|
7FF507086000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6F3000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1267000
|
unkown image
|
page readonly
|
|
|
|
2C991789000
|
unkown
|
page read and write
|
|
|
|
7FF5071B6000
|
unkown image
|
page readonly
|
|
|
|
24A8BAF0000
|
unkown
|
page read and write
|
|
|
|
24A8BAB0000
|
unkown
|
page read and write
|
|
|
|
7DF40EF00000
|
unkown image
|
page readonly
|
|
|
|
2C99175B000
|
unkown
|
page read and write
|
|
|
|
7DF4C7370000
|
unkown image
|
page readonly
|
|
|
|
7FF522838000
|
unkown image
|
page readonly
|
|
|
|
430C9AF000
|
unkown
|
page read and write
|
|
|
|
1DB53AA0000
|
heap private
|
page read and write
|
|
|
|
1DB53D08000
|
unkown
|
page read and write
|
|
|
|
7FF51809F000
|
unkown image
|
page readonly
|
|
|
|
7FF5E0F23000
|
unkown image
|
page readonly
|
|
|
|
2C991C02000
|
unkown
|
page read and write
|
|
|
|
24A8BC4B000
|
unkown
|
page read and write
|
|
|
|
7FF50726A000
|
unkown image
|
page readonly
|
|
|
|
2C991C02000
|
unkown
|
page read and write
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
744B4FF000
|
unkown
|
page read and write
|
|
|
|
24A8B8B0000
|
unkown
|
page read and write
|
|
|
|
23855F10000
|
unkown image
|
page read and write
|
|
|
|
7DF511042000
|
unkown image
|
page readonly
|
|
|
|
7FF5229D1000
|
unkown image
|
page readonly
|
|
|
|
1DB53C52000
|
unkown
|
page read and write
|
|
|
|
C53E97F000
|
unkown
|
page read and write
|
|
|
|
1DB53C4B000
|
unkown
|
page read and write
|
|
|
|
25997A29000
|
unkown
|
page read and write
|
|
|
|
7FF52A462000
|
unkown image
|
page readonly
|
|
|
|
7FF5188E1000
|
unkown image
|
page readonly
|
|
|
|
7FF5E12E8000
|
unkown image
|
page readonly
|
|
|
|
7FF51882F000
|
unkown image
|
page readonly
|
|
|
|
24A8BCD4000
|
unkown
|
page read and write
|
|
|
|
7FF5E117F000
|
unkown image
|
page readonly
|
|
|
|
2C991C63000
|
unkown
|
page read and write
|
|
|
|
2C99177E000
|
unkown
|
page read and write
|
|
|
|
7DF52C7E0000
|
unkown image
|
page readonly
|
|
|
|
170CD848000
|
unkown
|
page read and write
|
|
|
|
2C991773000
|
unkown
|
page read and write
|
|
|
|
7FF518889000
|
unkown image
|
page readonly
|
|
|
|
7FF5E11E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E0C1B000
|
unkown image
|
page readonly
|
|
|
|
2C991789000
|
unkown
|
page read and write
|
|
|
|
24A86A60000
|
unkown image
|
page readonly
|
|
|
|
C53E0DB000
|
unkown
|
page read and write
|
|
|
|
7DF5C94A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5C94C0000
|
unkown image
|
page readonly
|
|
|
|
25997A13000
|
unkown
|
page read and write
|
|
|
|
24A8BD02000
|
unkown
|
page read and write
|
|
|
|
170CDCD0000
|
unkown image
|
page readonly
|
|
|
|
25997A4B000
|
unkown
|
page read and write
|
|
|
|
7FF5E14A7000
|
unkown image
|
page readonly
|
|
|
|
25997A48000
|
unkown
|
page read and write
|
|
|
|
7FF5E14A2000
|
unkown image
|
page readonly
|
|
|
|
7FF52A3AD000
|
unkown image
|
page readonly
|
|
|
|
2C991779000
|
unkown
|
page read and write
|
|
|
|
7FF5E13B3000
|
unkown image
|
page readonly
|
|
|
|
7DF511040000
|
unkown image
|
page readonly
|
|
|
|
4576DFB000
|
unkown
|
page read and write
|
|
|
|
2C9917BD000
|
unkown
|
page read and write
|
|
|
|
24A86490000
|
unkown
|
page read and write
|
|
|
|
F133D6B000
|
unkown
|
page read and write
|
|
|
|
1DB54402000
|
unkown
|
page read and write
|
|
|
|
1DB53AD0000
|
unkown image
|
page readonly
|
|
|
|
2C991550000
|
unkown
|
page read and write
|
|
|
|
2C9910D0000
|
unkown image
|
page readonly
|
|
|
|
2C990F16000
|
unkown
|
page read and write
|
|
|
|
7FF506D41000
|
unkown image
|
page readonly
|
|
|
|
2C991602000
|
unkown
|
page read and write
|
|
|
|
7FF522691000
|
unkown image
|
page readonly
|
|
|
|
7FF52A38A000
|
unkown image
|
page readonly
|
|
|
|
2C99178C000
|
unkown
|
page read and write
|
|
|
|
7FF5BF707000
|
unkown image
|
page readonly
|
|
|
|
170CD83C000
|
unkown
|
page read and write
|
|
|
|
7DF52C7D2000
|
unkown image
|
page readonly
|
|
|
|
7FF50702A000
|
unkown image
|
page readonly
|
|
|
|
7FF5187B5000
|
unkown image
|
page readonly
|
|
|
|
7DF4E9110000
|
unkown image
|
page readonly
|
|
|
|
25998002000
|
unkown
|
page read and write
|
|
|
|
23855E1E000
|
unkown
|
page read and write
|
|
|
|
7FF522946000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
2C99179D000
|
unkown
|
page read and write
|
|
|
|
25997F80000
|
unkown image
|
page readonly
|
|
|
|
2C991798000
|
unkown
|
page read and write
|
|
|
|
170CD6D0000
|
unkown image
|
page read and write
|
|
|
|
24A86C00000
|
unkown
|
page read and write
|
|
|
|
2C990EA9000
|
unkown
|
page read and write
|
|
|
|
2C99177D000
|
unkown
|
page read and write
|
|
|
|
2C990E57000
|
unkown
|
page read and write
|
|
|
|
7FF518622000
|
unkown image
|
page readonly
|
|
|
|
7FF52A417000
|
unkown image
|
page readonly
|
|
|
|
2C9917A9000
|
unkown
|
page read and write
|
|
|
|
2C991B60000
|
unkown image
|
page read and write
|
|
|
|
7FF5E1454000
|
unkown image
|
page readonly
|
|
|
|
24A87300000
|
unkown image
|
page read and write
|
|
|
|
744BCFE000
|
unkown
|
page read and write
|
|
|
|
7FF5E1389000
|
unkown image
|
page readonly
|
|
|
|
23855C70000
|
unkown image
|
page read and write
|
|
|
|
7FF529F17000
|
unkown image
|
page readonly
|
|
|
|
24A86F01000
|
unkown
|
page read and write
|
|
|
|
2C99179B000
|
unkown
|
page read and write
|
|
|
|
7FF5E13CA000
|
unkown image
|
page readonly
|
|
|
|
2C991714000
|
unkown
|
page read and write
|
|
|
|
2C99177B000
|
unkown
|
page read and write
|
|
|
|
2C990E13000
|
unkown
|
page read and write
|
|
|
|
2C99177A000
|
unkown
|
page read and write
|
|
|
|
45770FC000
|
unkown
|
page read and write
|
|
|
|
2C99177D000
|
unkown
|
page read and write
|
|
|
|
2C9915A0000
|
unkown image
|
page write copy
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF5187F8000
|
unkown image
|
page readonly
|
|
|
|
23855C90000
|
unkown image
|
page readonly
|
|
|
|
7FF522835000
|
unkown image
|
page readonly
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF52A427000
|
unkown image
|
page readonly
|
|
|
|
7FF52A278000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1457000
|
unkown image
|
page readonly
|
|
|
|
24A86C15000
|
unkown
|
page read and write
|
|
|
|
7DF5EB240000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13A1000
|
unkown image
|
page readonly
|
|
|
|
2C991700000
|
unkown
|
page read and write
|
|
|
|
2C99178A000
|
unkown
|
page read and write
|
|
|
|
23855DA0000
|
unkown
|
page read and write
|
|
|
|
7FF522933000
|
unkown image
|
page readonly
|
|
|
|
7FF52293D000
|
unkown image
|
page readonly
|
|
|
|
7FF5070A8000
|
unkown image
|
page readonly
|
|
|
|
7FF507286000
|
unkown image
|
page readonly
|
|
|
|
24A8BC87000
|
unkown
|
page read and write
|
|
|
|
7DF5C94B2000
|
unkown image
|
page readonly
|
|
|
|
2C991787000
|
unkown
|
page read and write
|
|
|
|
7DF52C7C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB252000
|
unkown image
|
page readonly
|
|
|
|
7DF5EB250000
|
unkown image
|
page readonly
|
|
|
|
7FF5188F4000
|
unkown image
|
page readonly
|
|
|
|
4E3137E000
|
unkown
|
page read and write
|
|
|
|
F1346FF000
|
unkown
|
page read and write
|
|
|
|
2C991784000
|
unkown
|
page read and write
|
|
|
|
7FF518814000
|
unkown image
|
page readonly
|
|
|
|
7FF5066EF000
|
unkown image
|
page readonly
|
|
|
|
24A86370000
|
heap default
|
page read and write
|
|
|
|
2C99179D000
|
unkown
|
page read and write
|
|
|
|
744B67F000
|
unkown
|
page read and write
|
|
|
|
7FF52A361000
|
unkown image
|
page readonly
|
|
|
|
744B97A000
|
unkown
|
page read and write
|
|
|
|
24A87830000
|
unkown
|
page read and write
|
|
|
|
7FF5E124F000
|
unkown image
|
page readonly
|
|
|
|
7FF52A270000
|
unkown image
|
page readonly
|
|
|
|
24A8649B000
|
unkown
|
page read and write
|
|
|
|
1DB53AB0000
|
unkown image
|
page readonly
|
|
|
|
2C991787000
|
unkown
|
page read and write
|
|
|
|
1DB53C29000
|
unkown
|
page read and write
|
|
|
|
2C991775000
|
unkown
|
page read and write
|
|
|
|
7FF5E0D39000
|
unkown image
|
page readonly
|
|
|
|
7FF50724D000
|
unkown image
|
page readonly
|
|
|
|
7FF51863A000
|
unkown image
|
page readonly
|
|
|
|
7FF5BF6C4000
|
unkown image
|
page readonly
|
|
|
|
2C991B50000
|
unkown
|
page read and write
|
|
|
|
F1347FB000
|
unkown
|
page read and write
|
|
|
|
7FF52A227000
|
unkown image
|
page readonly
|
|
|
|
7FF507283000
|
unkown image
|
page readonly
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
|
|
F13417C000
|
unkown
|
page read and write
|
|
|
|
7FF5E1277000
|
unkown image
|
page readonly
|
|
|
|
2C990DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E11DE000
|
unkown image
|
page readonly
|
|
|
|
23855E1E000
|
unkown
|
page read and write
|
|
|
|
7FF51867B000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13F9000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1296000
|
unkown image
|
page readonly
|
|
|
|
C53E1DE000
|
unkown
|
page read and write
|
|
|
|
2C990F02000
|
unkown
|
page read and write
|
|
|
|
7FF5229EB000
|
unkown image
|
page readonly
|
|
|
|
23855EF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5070D8000
|
unkown image
|
page readonly
|
|
|
|
744B7FF000
|
unkown
|
page read and write
|
|
|
|
7FF506F01000
|
unkown image
|
page readonly
|
|
|
|
2C99178C000
|
unkown
|
page read and write
|
|
|
|
2C990EE2000
|
unkown
|
page read and write
|
|
|
|
2C990EC0000
|
unkown
|
page read and write
|
|
|
|
7FF518804000
|
unkown image
|
page readonly
|
|
|
|
7FF5E13AF000
|
unkown image
|
page readonly
|
|
|
|
2C991770000
|
unkown
|
page read and write
|
|
|
|
7FF5071C2000
|
unkown image
|
page readonly
|
|
|
|
1DB53E00000
|
unkown image
|
page readonly
|
|
|
|
7FF50719F000
|
unkown image
|
page readonly
|
|
|
|
25997A71000
|
unkown
|
page read and write
|
|
|
|
7FF5221A1000
|
unkown image
|
page readonly
|
|
|
|
170CD850000
|
unkown
|
page read and write
|
|
|
|
7FF5BF626000
|
unkown image
|
page readonly
|
|
|
|
2C991784000
|
unkown
|
page read and write
|
|
|
|
2C9917C9000
|
unkown
|
page read and write
|
|
|
|
744B47B000
|
unkown
|
page read and write
|
|
|
|
7FF5BF2C5000
|
unkown image
|
page readonly
|
|
|
|
170CD770000
|
unkown
|
page read and write
|
|
|
|
7FF52A35F000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1368000
|
unkown image
|
page readonly
|
|
|
|
2C991796000
|
unkown
|
page read and write
|
|
|
|
24A86BA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5188F7000
|
unkown image
|
page readonly
|
|
|
|
1DB53D02000
|
unkown
|
page read and write
|
|
|
|
7FF5186F3000
|
unkown image
|
page readonly
|
|
|
|
F134677000
|
unkown
|
page read and write
|
|
|
|
7FF507241000
|
unkown image
|
page readonly
|
|
|
|
24A8BC9D000
|
unkown
|
page read and write
|
|
|
|
2C9917CF000
|
unkown
|
page read and write
|
|
|
|
23855F00000
|
unkown image
|
page readonly
|
|
|
|
7FF5224D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5071E7000
|
unkown image
|
page readonly
|
|
|
|
2C991C02000
|
unkown
|
page read and write
|
|
|
|
F13447F000
|
unkown
|
page read and write
|
|
|
|
2C991785000
|
unkown
|
page read and write
|
|
|
|
7FF5186D7000
|
unkown image
|
page readonly
|
|
|
|
45768BB000
|
unkown
|
page read and write
|
|
|
|
2C99179B000
|
unkown
|
page read and write
|
|
|
|
24A86340000
|
unkown image
|
page readonly
|
|
|
|
24A8BC60000
|
unkown
|
page read and write
|
|
|
|
23855E1B000
|
unkown
|
page read and write
|
|
|
|
7FF518670000
|
unkown image
|
page readonly
|
|
|
|
170CD720000
|
unkown image
|
page readonly
|
|
|
|
2C990E8A000
|
unkown
|
page read and write
|
|
|
|
7FF518100000
|
unkown image
|
page readonly
|
|
|
|
7FF522A16000
|
unkown image
|
page readonly
|
|
|
|
7FF518923000
|
unkown image
|
page readonly
|
|
|
|
C53E15E000
|
unkown
|
page read and write
|
|
|
|
24A863B0000
|
unkown image
|
page read and write
|
|
|
|
7FF5BF61E000
|
unkown image
|
page readonly
|
|
|
|
2C99176B000
|
unkown
|
page read and write
|
|
|
|
7FF518636000
|
unkown image
|
page readonly
|
|
|
|
7FF52296D000
|
unkown image
|
page readonly
|
|
|
|
2C99176C000
|
unkown
|
page read and write
|
|
|
|
24A86BE0000
|
unkown image
|
page readonly
|
|
|
|
170CD86E000
|
unkown
|
page read and write
|
|
|
|
24A86A50000
|
unkown image
|
page readonly
|
|
|
|
170CD800000
|
unkown
|
page read and write
|
|
|
|
25997A00000
|
unkown
|
page read and write
|
|
|
|
2C991783000
|
unkown
|
page read and write
|
|
There are 785 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://axervices.com/ytxol/0fflink.php#authoriz3?cli3nt_k3y=typce-x1c9r-irmlm1631705773c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6c263cd4d524218156280b6d5504a1ae6jy0p3-21jmv-bktp7
|
|
|
|
https://onedrive.live.com/View.aspx?resid=7066DF4C1D0AB014!730&wd=target(Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b/Untitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e/)&authkey=!AHfvfhIqJz7URpI
|
|
|
|
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-US&rs=en-US&hid=i7HFOrcJ%2FE6FK%2FsBxg5CxQ.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2F7066DF4C1D0AB014!730&wd=target%28Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b%2FUntitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e%2F%29&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1631738146318&jsapi=1&jsapiver=v1&newsession=1&corrid=f3913b3a-11cb-467a-98dd-e3a1f4dd513c&usid=f3913b3a-11cb-467a-98dd-e3a1f4dd513c&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
|
|
|
|
https://onedrive.live.com/redir?resid=7066DF4C1D0AB014%21730&authkey=%21AHfvfhIqJz7URpI&page=View&wd=target%28Quick%20Notes.one%7Ce4864d19-c30a-4c4a-b033-f0bd266d599b%2FUntitled%20Page%7Ca546cc8d-4a78-493f-a62b-5e5827c1282e%2F%29
|
|