Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\169da2e4-0592-4dc9-8db1-ca6672b82ade.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5aa0944a-6f78-474a-9cf6-33d10e5b2931.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\71df6af2-bf5a-41c4-ba5e-07fdece4cd25.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\12f9651e-fc19-4498-920d-91b1c59f41a7.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24ac1f83-c1d1-4f87-b24a-847bcb27fc48.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9d4a8711b3e84794_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b714f1660ad6dabe_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d1d9d63a8a78d342_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dad7386d86836f18_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e26f197ba329b62e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index.i (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldr (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldl (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsd (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.% (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesm (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.D (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old\-
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\aa2d8f10-a233-4c7c-855e-49a2237b8dd1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\3eb8c7c7-5820-4919-b495-6d36be2e84c4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old.C
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old28
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\afe39696-28f9-43b9-ae81-e86e100c2c66.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b75998ac-861f-4b05-bc1c-2ecfebcc55ba.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d2ee277f-358b-4778-b058-29af8b32db95.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e70ea8ae-ee42-41ed-910f-f15edabacf16.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed208af1-61c3-43ad-b17e-7ab065b4c6d0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f45d7e9f-8f30-40e1-8268-1b877075aee2.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldfb (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheTM (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ab644f54-52ba-435b-8aeb-5b08c73a1538.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3d769b01-cae0-4d71-b9b9-9a48385b408b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\cb070b23-2e13-4e69-8e67-5299d38c5f05.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\d0cb0a32-5e04-476c-b734-bf3c17c4d2c8.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\dee2c698-8fc7-4c5b-916b-f3fa21e78a13.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\3d769b01-cae0-4d71-b9b9-9a48385b408b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_594179644\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4652_800719741\cb070b23-2e13-4e69-8e67-5299d38c5f05.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 195 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=true'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1624,4175562419277808919,12095095040896516658,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1708 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=true
|
|
||
|
https://4dxos.com/C
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://www.4dxos.com/BUNDLES/LOGINHTML.BVN0011420205.JS
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=trueLogin/
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.46
|
|
|
|
https://www.4dxos.com
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=true
|
68.64.39.81
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.13
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.4dxos.com/BUNDLES/LOGIN.BVN0011420205.CSS
|
68.64.39.81
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://www.4dxos.com/BUNDLES/UTILITYDIALOG.BVN0011420205.CSS
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/formslogin/Login.aspx2
|
unknown
|
|
|
|
https://www.4dxos.com/
|
unknown
|
|
|
|
https://www.4dxos.com/BUNDLES/CORELIBRARY.BVN0011420200.JS
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/BUNDLES/LOGIN.BVN0011420205.JS
|
68.64.39.81
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.4dxos.com/BUNDLES/UTILITYDIALOGHTML.BVN0011420205.JS
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=true/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
172.217.168.1
|
|
|
|
https://www.4dxos.com/formslogin/Login.aspxLogin/
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=true2
|
unknown
|
|
|
|
https://4dxos.com/
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/Login.aspx
|
|
||
|
https://www.4dxos.com/css/login/login.css
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/images/login/username.png
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/images/favicon.ico
|
68.64.39.81
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://www.4dxos.com/images/login/background.png
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/images/login/logo.png
|
68.64.39.81
|
|
|
|
https://www.4dxos.com/BUNDLES/UTILITYDIALOG.BVN0011420205.JS
|
68.64.39.81
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://www.4dxos.com/images/close.png
|
68.64.39.81
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://www.4dxos.com/images/login/logos.jpg
|
68.64.39.81
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/finishpasswordreset.aspx?Key=CJ91J1&Welcome=trueLogin
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/Login.aspxLogin
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://www.4dxos.com/formslogin/Login.aspx
|
68.64.39.81
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 37 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.4dxos.com
|
68.64.39.81
|
|
|
|
accounts.google.com
|
172.217.168.13
|
|
|
|
clients.l.google.com
|
172.217.168.46
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.168.1
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
172.217.168.1
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
192.168.2.3
|
unknown
|
unknown
|
|
|
|
172.217.168.46
|
clients.l.google.com
|
United States
|
|
|
|
172.217.168.13
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
68.64.39.81
|
www.4dxos.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF550DB1000
|
unkown image
|
page readonly
|
|
|
|
225D7300000
|
unkown image
|
page readonly
|
|
|
|
19947A4F000
|
unkown
|
page read and write
|
|
|
|
28C38CC0000
|
unkown image
|
page readonly
|
|
|
|
7FF504ECE000
|
unkown image
|
page readonly
|
|
|
|
28C38E3E000
|
unkown
|
page read and write
|
|
|
|
2122926E000
|
unkown
|
page read and write
|
|
|
|
C4E1B7E000
|
unkown
|
page read and write
|
|
|
|
1E0DD25C000
|
unkown
|
page read and write
|
|
|
|
225DCA6E000
|
unkown
|
page read and write
|
|
|
|
1CEE3D80000
|
unkown image
|
page readonly
|
|
|
|
7FF54AD90000
|
unkown image
|
page readonly
|
|
|
|
21229268000
|
unkown
|
page read and write
|
|
|
|
16702663000
|
unkown
|
page read and write
|
|
|
|
7FF550E43000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62AD000
|
unkown image
|
page readonly
|
|
|
|
167023B0000
|
unkown image
|
page readonly
|
|
|
|
5E87CFC000
|
unkown
|
page read and write
|
|
|
|
7FF5A5FC8000
|
unkown image
|
page readonly
|
|
|
|
5E8857F000
|
unkown
|
page read and write
|
|
|
|
7FF572B82000
|
unkown image
|
page readonly
|
|
|
|
1E0DD264000
|
unkown
|
page read and write
|
|
|
|
1E0DD4D0000
|
unkown image
|
page readonly
|
|
|
|
2E634FE000
|
unkown
|
page read and write
|
|
|
|
7FF528C50000
|
unkown image
|
page readonly
|
|
|
|
7FF5619E3000
|
unkown image
|
page readonly
|
|
|
|
225D7494000
|
unkown
|
page read and write
|
|
|
|
7FF54AD78000
|
unkown image
|
page readonly
|
|
|
|
28C38C70000
|
unkown image
|
page read and write
|
|
|
|
7FF5C14AD000
|
unkown image
|
page readonly
|
|
|
|
7FF572C84000
|
unkown image
|
page readonly
|
|
|
|
16702602000
|
unkown
|
page read and write
|
|
|
|
7FF528D84000
|
unkown image
|
page readonly
|
|
|
|
26854C70000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1344000
|
unkown image
|
page readonly
|
|
|
|
225D7600000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14CF000
|
unkown image
|
page readonly
|
|
|
|
225D71D0000
|
unkown image
|
page readonly
|
|
|
|
26854702000
|
unkown
|
page read and write
|
|
|
|
1E0DD6D0000
|
unkown image
|
page readonly
|
|
|
|
1E0DD246000
|
unkown
|
page read and write
|
|
|
|
7DF5BBBD0000
|
unkown image
|
page readonly
|
|
|
|
7FF572C5F000
|
unkown image
|
page readonly
|
|
|
|
7FF561BE6000
|
unkown image
|
page readonly
|
|
|
|
7FF504FE7000
|
unkown image
|
page readonly
|
|
|
|
B608A7C000
|
unkown
|
page read and write
|
|
|
|
2E6357E000
|
unkown
|
page read and write
|
|
|
|
7DF5885A0000
|
unkown image
|
page readonly
|
|
|
|
1E0DD241000
|
unkown
|
page read and write
|
|
|
|
1E0DD257000
|
unkown
|
page read and write
|
|
|
|
7FF572BAC000
|
unkown image
|
page readonly
|
|
|
|
7FF504FD7000
|
unkown image
|
page readonly
|
|
|
|
4C62AFE000
|
unkown
|
page read and write
|
|
|
|
28C38CE0000
|
heap default
|
page read and write
|
|
|
|
16702B80000
|
unkown image
|
page readonly
|
|
|
|
7DF51A9E0000
|
unkown image
|
page readonly
|
|
|
|
7FF572BD9000
|
unkown image
|
page readonly
|
|
|
|
7FF550DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF572C6B000
|
unkown image
|
page readonly
|
|
|
|
1E0DD244000
|
unkown
|
page read and write
|
|
|
|
21229110000
|
unkown image
|
page readonly
|
|
|
|
7FF528AED000
|
unkown image
|
page readonly
|
|
|
|
225D7458000
|
unkown
|
page read and write
|
|
|
|
16702667000
|
unkown
|
page read and write
|
|
|
|
1CEE35C0000
|
unkown image
|
page read and write
|
|
|
|
28C39470000
|
unkown
|
page read and write
|
|
|
|
1670265A000
|
unkown
|
page read and write
|
|
|
|
225DCAFB000
|
unkown
|
page read and write
|
|
|
|
7FF550FBD000
|
unkown image
|
page readonly
|
|
|
|
7FF551074000
|
unkown image
|
page readonly
|
|
|
|
19947A29000
|
unkown
|
page read and write
|
|
|
|
1CEE3630000
|
heap default
|
page read and write
|
|
|
|
7FF54ACA2000
|
unkown image
|
page readonly
|
|
|
|
7DF588592000
|
unkown image
|
page readonly
|
|
|
|
7FF550E27000
|
unkown image
|
page readonly
|
|
|
|
7FF528D8E000
|
unkown image
|
page readonly
|
|
|
|
7FF550EC7000
|
unkown image
|
page readonly
|
|
|
|
7FF52CC9B000
|
unkown image
|
page readonly
|
|
|
|
7DF5425C0000
|
unkown image
|
page readonly
|
|
|
|
1ED0567B000
|
unkown
|
page read and write
|
|
|
|
7FF528D5F000
|
unkown image
|
page readonly
|
|
|
|
7FF528CA7000
|
unkown image
|
page readonly
|
|
|
|
1E0DD285000
|
unkown
|
page read and write
|
|
|
|
1E0DD237000
|
unkown
|
page read and write
|
|
|
|
268545C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6209000
|
unkown image
|
page readonly
|
|
|
|
7DF5669A0000
|
unkown image
|
page readonly
|
|
|
|
1CEE3865000
|
unkown
|
page read and write
|
|
|
|
7FF54AB8F000
|
unkown image
|
page readonly
|
|
|
|
225DC9E0000
|
unkown
|
page read and write
|
|
|
|
7FF52CC15000
|
unkown image
|
page readonly
|
|
|
|
1ED05A00000
|
unkown image
|
page readonly
|
|
|
|
7FF550EDF000
|
unkown image
|
page readonly
|
|
|
|
167025D0000
|
unkown
|
page read and write
|
|
|
|
7FF5C12E3000
|
unkown image
|
page readonly
|
|
|
|
5E87FFC000
|
unkown
|
page read and write
|
|
|
|
7FF550C04000
|
unkown image
|
page readonly
|
|
|
|
7FF52C0AE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A61FD000
|
unkown image
|
page readonly
|
|
|
|
7DF53E690000
|
unkown image
|
page readonly
|
|
|
|
7DF5425A2000
|
unkown image
|
page readonly
|
|
|
|
21229140000
|
unkown image
|
page readonly
|
|
|
|
19947A7F000
|
unkown
|
page read and write
|
|
|
|
7FF550FF5000
|
unkown image
|
page readonly
|
|
|
|
7FF54ADA4000
|
unkown image
|
page readonly
|
|
|
|
1E0DD225000
|
unkown
|
page read and write
|
|
|
|
F8CC979000
|
unkown
|
page read and write
|
|
|
|
7DF5425A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62A0000
|
unkown image
|
page readonly
|
|
|
|
7FF55104F000
|
unkown image
|
page readonly
|
|
|
|
7DF486460000
|
unkown image
|
page readonly
|
|
|
|
19947A4A000
|
unkown
|
page read and write
|
|
|
|
26854AE0000
|
unkown image
|
page readonly
|
|
|
|
7FF572BA7000
|
unkown image
|
page readonly
|
|
|
|
28C39602000
|
unkown
|
page read and write
|
|
|
|
26854580000
|
unkown image
|
page read and write
|
|
|
|
7FF572A32000
|
unkown image
|
page readonly
|
|
|
|
1E0DD22A000
|
unkown
|
page read and write
|
|
|
|
7FF528B6E000
|
unkown image
|
page readonly
|
|
|
|
7FF561BFD000
|
unkown image
|
page readonly
|
|
|
|
225D7513000
|
unkown
|
page read and write
|
|
|
|
167023B0000
|
unkown image
|
page readonly
|
|
|
|
7FF572978000
|
unkown image
|
page readonly
|
|
|
|
225D747A000
|
unkown
|
page read and write
|
|
|
|
225DCAE8000
|
unkown
|
page read and write
|
|
|
|
EA48C7E000
|
unkown
|
page read and write
|
|
|
|
7FF54ACED000
|
unkown image
|
page readonly
|
|
|
|
7FF54AD25000
|
unkown image
|
page readonly
|
|
|
|
4C62D7E000
|
unkown
|
page read and write
|
|
|
|
7DF588592000
|
unkown image
|
page readonly
|
|
|
|
21229160000
|
heap default
|
page read and write
|
|
|
|
7DF4B9A90000
|
unkown image
|
page readonly
|
|
|
|
7FF528C82000
|
unkown image
|
page readonly
|
|
|
|
225D7D01000
|
unkown
|
page read and write
|
|
|
|
7FF572966000
|
unkown image
|
page readonly
|
|
|
|
7FF550F87000
|
unkown image
|
page readonly
|
|
|
|
1E0DD302000
|
unkown
|
page read and write
|
|
|
|
7FF572C7D000
|
unkown image
|
page readonly
|
|
|
|
7FF561B6A000
|
unkown image
|
page readonly
|
|
|
|
7DF51A9D2000
|
unkown image
|
page readonly
|
|
|
|
19947A3C000
|
unkown
|
page read and write
|
|
|
|
19947A4D000
|
unkown
|
page read and write
|
|
|
|
7FF504E7D000
|
unkown image
|
page readonly
|
|
|
|
7DF5D6DD2000
|
unkown image
|
page readonly
|
|
|
|
2E63AFE000
|
unkown
|
page read and write
|
|
|
|
1E0DD276000
|
unkown
|
page read and write
|
|
|
|
7FF54AB86000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6296000
|
unkown image
|
page readonly
|
|
|
|
1ED0564E000
|
unkown
|
page read and write
|
|
|
|
1E0DD190000
|
unkown image
|
page readonly
|
|
|
|
4C62BFB000
|
unkown
|
page read and write
|
|
|
|
F8CC87F000
|
unkown
|
page read and write
|
|
|
|
7FF5050DB000
|
unkown image
|
page readonly
|
|
|
|
225D8350000
|
unkown image
|
page readonly
|
|
|
|
C85FD7F000
|
unkown
|
page read and write
|
|
|
|
1CEE35D0000
|
heap private
|
page read and write
|
|
|
|
7FF572BD5000
|
unkown image
|
page readonly
|
|
|
|
225D8160000
|
unkown image
|
page read and write
|
|
|
|
C4E1E7B000
|
unkown
|
page read and write
|
|
|
|
167024E0000
|
unkown image
|
page readonly
|
|
|
|
1E0DDA02000
|
unkown
|
page read and write
|
|
|
|
5E8847C000
|
unkown
|
page read and write
|
|
|
|
26854AD0000
|
unkown image
|
page readonly
|
|
|
|
1ED0563C000
|
unkown
|
page read and write
|
|
|
|
28C39200000
|
unkown image
|
page readonly
|
|
|
|
225DCA89000
|
unkown
|
page read and write
|
|
|
|
1CEE3D90000
|
unkown
|
page read and write
|
|
|
|
19947B00000
|
unkown
|
page read and write
|
|
|
|
1E0DD240000
|
unkown
|
page read and write
|
|
|
|
167023A0000
|
heap private
|
page read and write
|
|
|
|
1CEE3610000
|
unkown image
|
page readonly
|
|
|
|
7FF550F7C000
|
unkown image
|
page readonly
|
|
|
|
B60927F000
|
unkown
|
page read and write
|
|
|
|
7FF54AC3E000
|
unkown image
|
page readonly
|
|
|
|
28C39480000
|
unkown
|
page read and write
|
|
|
|
7DF51A9F0000
|
unkown image
|
page readonly
|
|
|
|
28C38E5F000
|
unkown
|
page read and write
|
|
|
|
19947B02000
|
unkown
|
page read and write
|
|
|
|
1E0DD245000
|
unkown
|
page read and write
|
|
|
|
7FF528CAC000
|
unkown image
|
page readonly
|
|
|
|
26854628000
|
unkown
|
page read and write
|
|
|
|
7DF566990000
|
unkown image
|
page readonly
|
|
|
|
225DC8C0000
|
unkown
|
page read and write
|
|
|
|
1E0DD1B0000
|
unkown image
|
page readonly
|
|
|
|
225D7B18000
|
unkown
|
page read and write
|
|
|
|
225D8340000
|
unkown image
|
page readonly
|
|
|
|
1ED05708000
|
unkown
|
page read and write
|
|
|
|
225DCAB3000
|
unkown
|
page read and write
|
|
|
|
1670265E000
|
unkown
|
page read and write
|
|
|
|
19947A13000
|
unkown
|
page read and write
|
|
|
|
7DF5606B0000
|
unkown image
|
page readonly
|
|
|
|
19947A4E000
|
unkown
|
page read and write
|
|
|
|
F8CCC7A000
|
unkown
|
page read and write
|
|
|
|
28C39470000
|
unkown
|
page read and write
|
|
|
|
7FF550F40000
|
unkown image
|
page readonly
|
|
|
|
225DC88E000
|
unkown
|
page read and write
|
|
|
|
7FF528D9F000
|
unkown image
|
page readonly
|
|
|
|
28C39390000
|
unkown image
|
page readonly
|
|
|
|
199478D0000
|
unkown image
|
page readonly
|
|
|
|
1CEE3889000
|
unkown
|
page read and write
|
|
|
|
7DF45E580000
|
unkown image
|
page readonly
|
|
|
|
B608C7E000
|
unkown
|
page read and write
|
|
|
|
7FF5050DF000
|
unkown image
|
page readonly
|
|
|
|
7FF5288D1000
|
unkown image
|
page readonly
|
|
|
|
19947B08000
|
unkown
|
page read and write
|
|
|
|
7FF5616E3000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6213000
|
unkown image
|
page readonly
|
|
|
|
225D79F0000
|
unkown
|
page read and write
|
|
|
|
EA48F7F000
|
unkown
|
page read and write
|
|
|
|
1CEE3913000
|
unkown
|
page read and write
|
|
|
|
26854700000
|
unkown
|
page read and write
|
|
|
|
7DF5D6DD0000
|
unkown image
|
page readonly
|
|
|
|
B60917F000
|
unkown
|
page read and write
|
|
|
|
1ED053A0000
|
unkown image
|
page read and write
|
|
|
|
7DF5D6DD2000
|
unkown image
|
page readonly
|
|
|
|
7FF5504BC000
|
unkown image
|
page readonly
|
|
|
|
7DF5606D0000
|
unkown image
|
page readonly
|
|
|
|
7FF550FC5000
|
unkown image
|
page readonly
|
|
|
|
7FF572A3D000
|
unkown image
|
page readonly
|
|
|
|
7DF5BBBE0000
|
unkown image
|
page readonly
|
|
|
|
21229200000
|
unkown
|
page read and write
|
|
|
|
1CEE3720000
|
unkown image
|
page readonly
|
|
|
|
225D8360000
|
unkown image
|
page readonly
|
|
|
|
7FF52CCAF000
|
unkown image
|
page readonly
|
|
|
|
225D7477000
|
unkown
|
page read and write
|
|
|
|
7FF504D93000
|
unkown image
|
page readonly
|
|
|
|
7FF550D81000
|
unkown image
|
page readonly
|
|
|
|
7FF528D9D000
|
unkown image
|
page readonly
|
|
|
|
7DF5425B2000
|
unkown image
|
page readonly
|
|
|
|
7FF572BE3000
|
unkown image
|
page readonly
|
|
|
|
19947F80000
|
unkown image
|
page readonly
|
|
|
|
7DF5606C2000
|
unkown image
|
page readonly
|
|
|
|
7FF561BEB000
|
unkown image
|
page readonly
|
|
|
|
7FF50509F000
|
unkown image
|
page readonly
|
|
|
|
7FF550BC1000
|
unkown image
|
page readonly
|
|
|
|
225D748D000
|
unkown
|
page read and write
|
|
|
|
1E0DD259000
|
unkown
|
page read and write
|
|
|
|
7FF561A94000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14CB000
|
unkown image
|
page readonly
|
|
|
|
16702800000
|
unkown image
|
page readonly
|
|
|
|
7FF528D66000
|
unkown image
|
page readonly
|
|
|
|
7FF561C1F000
|
unkown image
|
page readonly
|
|
|
|
7FF54AABD000
|
unkown image
|
page readonly
|
|
|
|
1E0DD261000
|
unkown
|
page read and write
|
|
|
|
5E8793E000
|
unkown
|
page read and write
|
|
|
|
225DC780000
|
unkown
|
page read and write
|
|
|
|
7DF588590000
|
unkown image
|
page readonly
|
|
|
|
5E87E7F000
|
unkown
|
page read and write
|
|
|
|
7FF561A0E000
|
unkown image
|
page readonly
|
|
|
|
7FF561BF0000
|
unkown image
|
page readonly
|
|
|
|
225DC880000
|
unkown
|
page read and write
|
|
|
|
7FF550E2D000
|
unkown image
|
page readonly
|
|
|
|
7FF54AD9D000
|
unkown image
|
page readonly
|
|
|
|
1ED05700000
|
unkown
|
page read and write
|
|
|
|
225D7400000
|
unkown
|
page read and write
|
|
|
|
1E0DD278000
|
unkown
|
page read and write
|
|
|
|
16702629000
|
unkown
|
page read and write
|
|
|
|
7FF5C1325000
|
unkown image
|
page readonly
|
|
|
|
1CEE35E0000
|
unkown image
|
page readonly
|
|
|
|
225DC9C0000
|
unkown
|
page read and write
|
|
|
|
7FF5727FA000
|
unkown image
|
page readonly
|
|
|
|
7DF577520000
|
unkown image
|
page readonly
|
|
|
|
7FF550F50000
|
unkown image
|
page readonly
|
|
|
|
7DF577520000
|
unkown image
|
page readonly
|
|
|
|
4C62F7F000
|
unkown
|
page read and write
|
|
|
|
C85F8FE000
|
unkown
|
page read and write
|
|
|
|
225D748F000
|
unkown
|
page read and write
|
|
|
|
7FF52CBDD000
|
unkown image
|
page readonly
|
|
|
|
225D7A02000
|
unkown
|
page read and write
|
|
|
|
1E0DD27B000
|
unkown
|
page read and write
|
|
|
|
7FF528D58000
|
unkown image
|
page readonly
|
|
|
|
7FF572C9F000
|
unkown image
|
page readonly
|
|
|
|
7FF54A1CF000
|
unkown image
|
page readonly
|
|
|
|
7FF54ADBB000
|
unkown image
|
page readonly
|
|
|
|
199479E0000
|
unkown image
|
page readonly
|
|
|
|
7FF550F97000
|
unkown image
|
page readonly
|
|
|
|
225DC760000
|
unkown
|
page read and write
|
|
|
|
7FF5C13E8000
|
unkown image
|
page readonly
|
|
|
|
B60937E000
|
unkown
|
page read and write
|
|
|
|
1E0DD23D000
|
unkown
|
page read and write
|
|
|
|
5D7AF7000
|
unkown
|
page read and write
|
|
|
|
7FF52CBC8000
|
unkown image
|
page readonly
|
|
|
|
28C39470000
|
unkown
|
page read and write
|
|
|
|
225D7471000
|
unkown
|
page read and write
|
|
|
|
1E0DD26C000
|
unkown
|
page read and write
|
|
|
|
7FF54AD8B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A5F78000
|
unkown image
|
page readonly
|
|
|
|
225DCB02000
|
unkown
|
page read and write
|
|
|
|
1ED054F0000
|
unkown image
|
page readonly
|
|
|
|
7FF528CD5000
|
unkown image
|
page readonly
|
|
|
|
1CEE38C2000
|
unkown
|
page read and write
|
|
|
|
7DF5BBBE0000
|
unkown image
|
page readonly
|
|
|
|
4C62E77000
|
unkown
|
page read and write
|
|
|
|
21229170000
|
unkown image
|
page readonly
|
|
|
|
7FF5050DF000
|
unkown image
|
page readonly
|
|
|
|
EA492FF000
|
unkown
|
page read and write
|
|
|
|
7FF550DB3000
|
unkown image
|
page readonly
|
|
|
|
7FF54AD0A000
|
unkown image
|
page readonly
|
|
|
|
7FF5A621A000
|
unkown image
|
page readonly
|
|
|
|
C4E207F000
|
unkown
|
page read and write
|
|
|
|
7FF5A62CF000
|
unkown image
|
page readonly
|
|
|
|
28C38CB0000
|
unkown image
|
page readonly
|
|
|
|
7FF504EAE000
|
unkown image
|
page readonly
|
|
|
|
7DF5606C0000
|
unkown image
|
page readonly
|
|
|
|
EA48DFE000
|
unkown
|
page read and write
|
|
|
|
26854668000
|
unkown
|
page read and write
|
|
|
|
1ED0564B000
|
unkown
|
page read and write
|
|
|
|
5E879BD000
|
unkown
|
page read and write
|
|
|
|
7FF550C1F000
|
unkown image
|
page readonly
|
|
|
|
1ED05613000
|
unkown
|
page read and write
|
|
|
|
7FF5619BD000
|
unkown image
|
page readonly
|
|
|
|
225D7B00000
|
unkown
|
page read and write
|
|
|
|
2E637FE000
|
unkown
|
page read and write
|
|
|
|
7FF5C1183000
|
unkown image
|
page readonly
|
|
|
|
7FF528D05000
|
unkown image
|
page readonly
|
|
|
|
7DF588590000
|
unkown image
|
page readonly
|
|
|
|
225DC8C4000
|
unkown
|
page read and write
|
|
|
|
225D7502000
|
unkown
|
page read and write
|
|
|
|
7FF528CA4000
|
unkown image
|
page readonly
|
|
|
|
EA491FD000
|
unkown
|
page read and write
|
|
|
|
4C6278B000
|
unkown
|
page read and write
|
|
|
|
F8CBC9B000
|
unkown
|
page read and write
|
|
|
|
19947A4B000
|
unkown
|
page read and write
|
|
|
|
7FF52CC6F000
|
unkown image
|
page readonly
|
|
|
|
225D8240000
|
unkown
|
page read and write
|
|
|
|
199478B0000
|
unkown image
|
page readonly
|
|
|
|
F8CC67E000
|
unkown
|
page read and write
|
|
|
|
B60855B000
|
unkown
|
page read and write
|
|
|
|
1ED05688000
|
unkown
|
page read and write
|
|
|
|
1E0DD268000
|
unkown
|
page read and write
|
|
|
|
28C38DE0000
|
unkown
|
page read and write
|
|
|
|
7FF5A61A0000
|
unkown image
|
page readonly
|
|
|
|
225D8330000
|
unkown image
|
page readonly
|
|
|
|
7DF5606B2000
|
unkown image
|
page readonly
|
|
|
|
28C38C80000
|
heap private
|
page read and write
|
|
|
|
2685466A000
|
unkown
|
page read and write
|
|
|
|
225D7B02000
|
unkown
|
page read and write
|
|
|
|
7FF5C1413000
|
unkown image
|
page readonly
|
|
|
|
16702390000
|
unkown image
|
page read and write
|
|
|
|
7DF5885A2000
|
unkown image
|
page readonly
|
|
|
|
7FF504F54000
|
unkown image
|
page readonly
|
|
|
|
7FF550D8D000
|
unkown image
|
page readonly
|
|
|
|
1ED055E0000
|
unkown
|
page read and write
|
|
|
|
19947C00000
|
unkown image
|
page readonly
|
|
|
|
21229100000
|
heap private
|
page read and write
|
|
|
|
1CEE4340000
|
unkown image
|
page write copy
|
|
|
|
2685463C000
|
unkown
|
page read and write
|
|
|
|
B6085DE000
|
unkown
|
page read and write
|
|
|
|
7FF52CC9E000
|
unkown image
|
page readonly
|
|
|
|
7FF5C0F93000
|
unkown image
|
page readonly
|
|
|
|
225DC950000
|
unkown
|
page read and write
|
|
|
|
225DCA2D000
|
unkown
|
page read and write
|
|
|
|
7FF561C0E000
|
unkown image
|
page readonly
|
|
|
|
7FF572C66000
|
unkown image
|
page readonly
|
|
|
|
7FF550866000
|
unkown image
|
page readonly
|
|
|
|
225D7310000
|
unkown image
|
page readonly
|
|
|
|
7FF504BB8000
|
unkown image
|
page readonly
|
|
|
|
1ED05653000
|
unkown
|
page read and write
|
|
|
|
7FF528B17000
|
unkown image
|
page readonly
|
|
|
|
21229130000
|
unkown image
|
page readonly
|
|
|
|
1CEE3902000
|
unkown
|
page read and write
|
|
|
|
7DF5425B0000
|
unkown image
|
page readonly
|
|
|
|
7FF504FD3000
|
unkown image
|
page readonly
|
|
|
|
21229A02000
|
unkown
|
page read and write
|
|
|
|
1E0DD232000
|
unkown
|
page read and write
|
|
|
|
7DF5425A2000
|
unkown image
|
page readonly
|
|
|
|
225DC9A0000
|
unkown
|
page read and write
|
|
|
|
28C38C90000
|
unkown image
|
page readonly
|
|
|
|
268545A0000
|
unkown image
|
page readonly
|
|
|
|
1CEE3813000
|
unkown
|
page read and write
|
|
|
|
28C38F02000
|
unkown
|
page read and write
|
|
|
|
1CEE38BA000
|
unkown
|
page read and write
|
|
|
|
225DC9E0000
|
unkown
|
page read and write
|
|
|
|
225D71C0000
|
heap private
|
page read and write
|
|
|
|
199478A0000
|
heap private
|
page read and write
|
|
|
|
7FF5A628F000
|
unkown image
|
page readonly
|
|
|
|
7FF561C0B000
|
unkown image
|
page readonly
|
|
|
|
B608B7E000
|
unkown
|
page read and write
|
|
|
|
1E0DD262000
|
unkown
|
page read and write
|
|
|
|
7FF572B74000
|
unkown image
|
page readonly
|
|
|
|
225DC8B0000
|
unkown
|
page read and write
|
|
|
|
7FF550D97000
|
unkown image
|
page readonly
|
|
|
|
26854E02000
|
unkown
|
page read and write
|
|
|
|
7FF50502A000
|
unkown image
|
page readonly
|
|
|
|
7DF566980000
|
unkown image
|
page readonly
|
|
|
|
7FF54AC94000
|
unkown image
|
page readonly
|
|
|
|
1670265F000
|
unkown
|
page read and write
|
|
|
|
225DC990000
|
unkown
|
page read and write
|
|
|
|
21229213000
|
unkown
|
page read and write
|
|
|
|
7FF52CC80000
|
unkown image
|
page readonly
|
|
|
|
19947A02000
|
unkown
|
page read and write
|
|
|
|
19947890000
|
unkown image
|
page read and write
|
|
|
|
2E6377B000
|
unkown
|
page read and write
|
|
|
|
7FF52C963000
|
unkown image
|
page readonly
|
|
|
|
1ED05800000
|
unkown image
|
page readonly
|
|
|
|
7FF528C3D000
|
unkown image
|
page readonly
|
|
|
|
16702600000
|
unkown
|
page read and write
|
|
|
|
C4E1F7B000
|
unkown
|
page read and write
|
|
|
|
1E0DD26E000
|
unkown
|
page read and write
|
|
|
|
1CEE35E0000
|
unkown image
|
page readonly
|
|
|
|
5E8837F000
|
unkown
|
page read and write
|
|
|
|
7FF55108F000
|
unkown image
|
page readonly
|
|
|
|
B60907E000
|
unkown
|
page read and write
|
|
|
|
1E0DD27C000
|
unkown
|
page read and write
|
|
|
|
1E0DD190000
|
unkown image
|
page readonly
|
|
|
|
7FF528C8C000
|
unkown image
|
page readonly
|
|
|
|
1E0DD242000
|
unkown
|
page read and write
|
|
|
|
225DC6E0000
|
unkown
|
page read and write
|
|
|
|
225DCAAA000
|
unkown
|
page read and write
|
|
|
|
7FF504BA9000
|
unkown image
|
page readonly
|
|
|
|
5D750E000
|
unkown
|
page read and write
|
|
|
|
7FF550FD3000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1409000
|
unkown image
|
page readonly
|
|
|
|
225D7413000
|
unkown
|
page read and write
|
|
|
|
7FF528C97000
|
unkown image
|
page readonly
|
|
|
|
7FF52CCAF000
|
unkown image
|
page readonly
|
|
|
|
1670263C000
|
unkown
|
page read and write
|
|
|
|
212296D0000
|
unkown image
|
page readonly
|
|
|
|
19947A82000
|
unkown
|
page read and write
|
|
|
|
7FF5C129E000
|
unkown image
|
page readonly
|
|
|
|
7FF54AD03000
|
unkown image
|
page readonly
|
|
|
|
7FF551048000
|
unkown image
|
page readonly
|
|
|
|
225D7B58000
|
unkown
|
page read and write
|
|
|
|
21229241000
|
unkown
|
page read and write
|
|
|
|
26854590000
|
heap private
|
page read and write
|
|
|
|
1ED05627000
|
unkown
|
page read and write
|
|
|
|
1ED05B80000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACB3000
|
unkown image
|
page readonly
|
|
|
|
7DF53E6A2000
|
unkown image
|
page readonly
|
|
|
|
7DF5D6DD0000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACB7000
|
unkown image
|
page readonly
|
|
|
|
7FF54ADAE000
|
unkown image
|
page readonly
|
|
|
|
EA490FF000
|
unkown
|
page read and write
|
|
|
|
7DF53E6A2000
|
unkown image
|
page readonly
|
|
|
|
1ED0566F000
|
unkown
|
page read and write
|
|
|
|
7FF572C58000
|
unkown image
|
page readonly
|
|
|
|
225D7980000
|
unkown image
|
page readonly
|
|
|
|
C4E1A7B000
|
unkown
|
page read and write
|
|
|
|
7FF56142F000
|
unkown image
|
page readonly
|
|
|
|
1ED05702000
|
unkown
|
page read and write
|
|
|
|
7FF550FA8000
|
unkown image
|
page readonly
|
|
|
|
7DF577510000
|
unkown image
|
page readonly
|
|
|
|
19948202000
|
unkown
|
page read and write
|
|
|
|
5E8827D000
|
unkown
|
page read and write
|
|
|
|
1ED05648000
|
unkown
|
page read and write
|
|
|
|
B60897A000
|
unkown
|
page read and write
|
|
|
|
7FF54ADAB000
|
unkown image
|
page readonly
|
|
|
|
225D74B5000
|
unkown
|
page read and write
|
|
|
|
7FF5724E4000
|
unkown image
|
page readonly
|
|
|
|
225D86C1000
|
unkown
|
page read and write
|
|
|
|
7FF572B8C000
|
unkown image
|
page readonly
|
|
|
|
225D7800000
|
unkown image
|
page readonly
|
|
|
|
1E0DD200000
|
unkown
|
page read and write
|
|
|
|
1E0DD275000
|
unkown
|
page read and write
|
|
|
|
1E0DD263000
|
unkown
|
page read and write
|
|
|
|
7FF504F35000
|
unkown image
|
page readonly
|
|
|
|
7FF505019000
|
unkown image
|
page readonly
|
|
|
|
21229302000
|
unkown
|
page read and write
|
|
|
|
7FF528AB6000
|
unkown image
|
page readonly
|
|
|
|
7FF550F9C000
|
unkown image
|
page readonly
|
|
|
|
7DF5BBBC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5720B7000
|
unkown image
|
page readonly
|
|
|
|
225DC8A4000
|
unkown
|
page read and write
|
|
|
|
1E0DD247000
|
unkown
|
page read and write
|
|
|
|
7FF55108D000
|
unkown image
|
page readonly
|
|
|
|
5D7BFE000
|
unkown
|
page read and write
|
|
|
|
F8CC7FE000
|
unkown
|
page read and write
|
|
|
|
7FF5C14CF000
|
unkown image
|
page readonly
|
|
|
|
7FF572C9B000
|
unkown image
|
page readonly
|
|
|
|
7FF55105B000
|
unkown image
|
page readonly
|
|
|
|
1ED05410000
|
heap default
|
page read and write
|
|
|
|
7FF561C04000
|
unkown image
|
page readonly
|
|
|
|
7FF52CBE9000
|
unkown image
|
page readonly
|
|
|
|
F8CCF7C000
|
unkown
|
page read and write
|
|
|
|
7FF57274F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6190000
|
unkown image
|
page readonly
|
|
|
|
7FF5504CA000
|
unkown image
|
page readonly
|
|
|
|
F8CCE7F000
|
unkown
|
page read and write
|
|
|
|
26854613000
|
unkown
|
page read and write
|
|
|
|
212294D0000
|
unkown image
|
page readonly
|
|
|
|
7FF550F64000
|
unkown image
|
page readonly
|
|
|
|
7FF550D7C000
|
unkown image
|
page readonly
|
|
|
|
7FF572C6E000
|
unkown image
|
page readonly
|
|
|
|
26854D50000
|
unkown
|
page read and write
|
|
|
|
1CEE386C000
|
unkown
|
page read and write
|
|
|
|
5D7CFF000
|
unkown
|
page read and write
|
|
|
|
7FF572B1E000
|
unkown image
|
page readonly
|
|
|
|
26854C60000
|
unkown image
|
page readonly
|
|
|
|
1CEE3843000
|
unkown
|
page read and write
|
|
|
|
28C39380000
|
unkown image
|
page readonly
|
|
|
|
28C38DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5285E4000
|
unkown image
|
page readonly
|
|
|
|
225DC8A0000
|
unkown
|
page read and write
|
|
|
|
B608D7E000
|
unkown
|
page read and write
|
|
|
|
7FF52C4BE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A629B000
|
unkown image
|
page readonly
|
|
|
|
1ED053F0000
|
unkown image
|
page readonly
|
|
|
|
7FF572C05000
|
unkown image
|
page readonly
|
|
|
|
7FF5616F8000
|
unkown image
|
page readonly
|
|
|
|
7DF5D6DC2000
|
unkown image
|
page readonly
|
|
|
|
167023D0000
|
unkown image
|
page readonly
|
|
|
|
1670268B000
|
unkown
|
page read and write
|
|
|
|
7FF5A5A7A000
|
unkown image
|
page readonly
|
|
|
|
7DF53E6B0000
|
unkown image
|
page readonly
|
|
|
|
7FF54AA4A000
|
unkown image
|
page readonly
|
|
|
|
7FF54AAC7000
|
unkown image
|
page readonly
|
|
|
|
7FF5C13D7000
|
unkown image
|
page readonly
|
|
|
|
7FF5C13DC000
|
unkown image
|
page readonly
|
|
|
|
16702652000
|
unkown
|
page read and write
|
|
|
|
21229229000
|
unkown
|
page read and write
|
|
|
|
19947900000
|
heap default
|
page read and write
|
|
|
|
7FF572B14000
|
unkown image
|
page readonly
|
|
|
|
7FF572BEA000
|
unkown image
|
page readonly
|
|
|
|
7DF53E692000
|
unkown image
|
page readonly
|
|
|
|
7FF54A1D4000
|
unkown image
|
page readonly
|
|
|
|
7DF566992000
|
unkown image
|
page readonly
|
|
|
|
7FF504FEC000
|
unkown image
|
page readonly
|
|
|
|
7FF5A61D7000
|
unkown image
|
page readonly
|
|
|
|
B608E7D000
|
unkown
|
page read and write
|
|
|
|
7DF53E6A0000
|
unkown image
|
page readonly
|
|
|
|
C85F58B000
|
unkown
|
page read and write
|
|
|
|
7FF561B27000
|
unkown image
|
page readonly
|
|
|
|
225D7429000
|
unkown
|
page read and write
|
|
|
|
1E0DD265000
|
unkown
|
page read and write
|
|
|
|
7FF5048EF000
|
unkown image
|
page readonly
|
|
|
|
7FF550F60000
|
unkown image
|
page readonly
|
|
|
|
225DC888000
|
unkown
|
page read and write
|
|
|
|
1ED0568D000
|
unkown
|
page read and write
|
|
|
|
1ED05713000
|
unkown
|
page read and write
|
|
|
|
7FF5504CF000
|
unkown image
|
page readonly
|
|
|
|
225DD000000
|
unkown
|
page read and write
|
|
|
|
7FF550F47000
|
unkown image
|
page readonly
|
|
|
|
C4E1D7B000
|
unkown
|
page read and write
|
|
|
|
1E0DD170000
|
unkown image
|
page read and write
|
|
|
|
225D7B13000
|
unkown
|
page read and write
|
|
|
|
7FF52CBFA000
|
unkown image
|
page readonly
|
|
|
|
2E638F7000
|
unkown
|
page read and write
|
|
|
|
F8CC3FF000
|
unkown
|
page read and write
|
|
|
|
7FF550F83000
|
unkown image
|
page readonly
|
|
|
|
7FF504FF8000
|
unkown image
|
page readonly
|
|
|
|
7FF561A6F000
|
unkown image
|
page readonly
|
|
|
|
1CEE3863000
|
unkown
|
page read and write
|
|
|
|
7FF572C8B000
|
unkown image
|
page readonly
|
|
|
|
7DF5885B0000
|
unkown image
|
page readonly
|
|
|
|
7FF54AB5D000
|
unkown image
|
page readonly
|
|
|
|
7DF5BBBC0000
|
unkown image
|
page readonly
|
|
|
|
225DCAF2000
|
unkown
|
page read and write
|
|
|
|
7DF51A9D2000
|
unkown image
|
page readonly
|
|
|
|
7FF572AB6000
|
unkown image
|
page readonly
|
|
|
|
16702400000
|
heap default
|
page read and write
|
|
|
|
7FF550F04000
|
unkown image
|
page readonly
|
|
|
|
225DCAE6000
|
unkown
|
page read and write
|
|
|
|
21229202000
|
unkown
|
page read and write
|
|
|
|
28C38E02000
|
unkown
|
page read and write
|
|
|
|
7FF561B59000
|
unkown image
|
page readonly
|
|
|
|
7FF561B13000
|
unkown image
|
page readonly
|
|
|
|
225DC770000
|
unkown
|
page read and write
|
|
|
|
7FF561B85000
|
unkown image
|
page readonly
|
|
|
|
5D78FC000
|
unkown
|
page read and write
|
|
|
|
7DF5606B2000
|
unkown image
|
page readonly
|
|
|
|
1E0DD850000
|
unkown image
|
page readonly
|
|
|
|
225D7990000
|
unkown image
|
page read and write
|
|
|
|
21229860000
|
unkown image
|
page readonly
|
|
|
|
225DCA3C000
|
unkown
|
page read and write
|
|
|
|
1E0DD24F000
|
unkown
|
page read and write
|
|
|
|
7FF54AD7F000
|
unkown image
|
page readonly
|
|
|
|
7FF528D8B000
|
unkown image
|
page readonly
|
|
|
|
7DF577522000
|
unkown image
|
page readonly
|
|
|
|
225DC8A1000
|
unkown
|
page read and write
|
|
|
|
19948060000
|
unkown
|
page read and write
|
|
|
|
7FF55106D000
|
unkown image
|
page readonly
|
|
|
|
5E87F7F000
|
unkown
|
page read and write
|
|
|
|
7FF5C0F99000
|
unkown image
|
page readonly
|
|
|
|
7DF5BBBC2000
|
unkown image
|
page readonly
|
|
|
|
199478E0000
|
unkown image
|
page readonly
|
|
|
|
7FF52C0AC000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62CF000
|
unkown image
|
page readonly
|
|
|
|
167023E0000
|
unkown image
|
page readonly
|
|
|
|
7FF550D1A000
|
unkown image
|
page readonly
|
|
|
|
225D748A000
|
unkown
|
page read and write
|
|
|
|
7FF528D6B000
|
unkown image
|
page readonly
|
|
|
|
225DCA00000
|
unkown
|
page read and write
|
|
|
|
7FF5619EE000
|
unkown image
|
page readonly
|
|
|
|
7FF5616E9000
|
unkown image
|
page readonly
|
|
|
|
7FF5C0FA8000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACF5000
|
unkown image
|
page readonly
|
|
|
|
1CEE3F00000
|
unkown
|
page read and write
|
|
|
|
7FF55107E000
|
unkown image
|
page readonly
|
|
|
|
268545D0000
|
unkown image
|
page readonly
|
|
|
|
EA48E7F000
|
unkown
|
page read and write
|
|
|
|
7FF54AD86000
|
unkown image
|
page readonly
|
|
|
|
7DF5885A2000
|
unkown image
|
page readonly
|
|
|
|
1ED05629000
|
unkown
|
page read and write
|
|
|
|
225DCB02000
|
unkown
|
page read and write
|
|
|
|
1E0DD258000
|
unkown
|
page read and write
|
|
|
|
7FF52CBE5000
|
unkown image
|
page readonly
|
|
|
|
1670264A000
|
unkown
|
page read and write
|
|
|
|
7DF5425C0000
|
unkown image
|
page readonly
|
|
|
|
7FF55107B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62CD000
|
unkown image
|
page readonly
|
|
|
|
7DF566990000
|
unkown image
|
page readonly
|
|
|
|
7FF504EA3000
|
unkown image
|
page readonly
|
|
|
|
7DF577512000
|
unkown image
|
page readonly
|
|
|
|
7FF528C4D000
|
unkown image
|
page readonly
|
|
|
|
7FF550C34000
|
unkown image
|
page readonly
|
|
|
|
225D74BB000
|
unkown
|
page read and write
|
|
|
|
7FF505098000
|
unkown image
|
page readonly
|
|
|
|
7FF5A6288000
|
unkown image
|
page readonly
|
|
|
|
7FF528D6E000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1293000
|
unkown image
|
page readonly
|
|
|
|
225D86E0000
|
unkown
|
page read and write
|
|
|
|
7FF5C1405000
|
unkown image
|
page readonly
|
|
|
|
7FF550C10000
|
unkown image
|
page readonly
|
|
|
|
7DF5606B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5606C2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62BB000
|
unkown image
|
page readonly
|
|
|
|
225D79F3000
|
unkown
|
page read and write
|
|
|
|
16702659000
|
unkown
|
page read and write
|
|
|
|
7FF52CC94000
|
unkown image
|
page readonly
|
|
|
|
1670267E000
|
unkown
|
page read and write
|
|
|
|
1670265B000
|
unkown
|
page read and write
|
|
|
|
7FF572AAD000
|
unkown image
|
page readonly
|
|
|
|
7FF5050AB000
|
unkown image
|
page readonly
|
|
|
|
225DCAE2000
|
unkown
|
page read and write
|
|
|
|
F8CC4FD000
|
unkown
|
page read and write
|
|
|
|
7DF4D4C90000
|
unkown image
|
page readonly
|
|
|
|
7DF5BBBD2000
|
unkown image
|
page readonly
|
|
|
|
7FF528D9F000
|
unkown image
|
page readonly
|
|
|
|
1E0DD26A000
|
unkown
|
page read and write
|
|
|
|
1E0DD213000
|
unkown
|
page read and write
|
|
|
|
F8CC1FD000
|
unkown
|
page read and write
|
|
|
|
7DF5BBBD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1488000
|
unkown image
|
page readonly
|
|
|
|
26854656000
|
unkown
|
page read and write
|
|
|
|
225D8320000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14BE000
|
unkown image
|
page readonly
|
|
|
|
28C38E29000
|
unkown
|
page read and write
|
|
|
|
7FF5288A6000
|
unkown image
|
page readonly
|
|
|
|
7FF5050CB000
|
unkown image
|
page readonly
|
|
|
|
7DF566982000
|
unkown image
|
page readonly
|
|
|
|
7DF51A9E0000
|
unkown image
|
page readonly
|
|
|
|
1ED053C0000
|
unkown image
|
page readonly
|
|
|
|
7FF551056000
|
unkown image
|
page readonly
|
|
|
|
19947A70000
|
unkown
|
page read and write
|
|
|
|
7DF577530000
|
unkown image
|
page readonly
|
|
|
|
268545A0000
|
unkown image
|
page readonly
|
|
|
|
1CEE3F32000
|
unkown
|
page read and write
|
|
|
|
7FF5A6235000
|
unkown image
|
page readonly
|
|
|
|
7FF504BA3000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACD8000
|
unkown image
|
page readonly
|
|
|
|
225D743D000
|
unkown
|
page read and write
|
|
|
|
2122923E000
|
unkown
|
page read and write
|
|
|
|
5D748B000
|
unkown
|
page read and write
|
|
|
|
7DF5BBBC2000
|
unkown image
|
page readonly
|
|
|
|
5D758E000
|
unkown
|
page read and write
|
|
|
|
7FF54ACC8000
|
unkown image
|
page readonly
|
|
|
|
7FF52CC7B000
|
unkown image
|
page readonly
|
|
|
|
19947A50000
|
unkown
|
page read and write
|
|
|
|
7FF52CC76000
|
unkown image
|
page readonly
|
|
|
|
1ED05C02000
|
unkown
|
page read and write
|
|
|
|
16702713000
|
unkown
|
page read and write
|
|
|
|
7DF53E6B0000
|
unkown image
|
page readonly
|
|
|
|
7FF561B4D000
|
unkown image
|
page readonly
|
|
|
|
225DC9E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A62B4000
|
unkown image
|
page readonly
|
|
|
|
19947B13000
|
unkown
|
page read and write
|
|
|
|
7FF550C0A000
|
unkown image
|
page readonly
|
|
|
|
B608F7F000
|
unkown
|
page read and write
|
|
|
|
7FF561C1F000
|
unkown image
|
page readonly
|
|
|
|
225D71D0000
|
unkown image
|
page readonly
|
|
|
|
28C38E00000
|
unkown
|
page read and write
|
|
|
|
7FF5A6205000
|
unkown image
|
page readonly
|
|
|
|
225D74A0000
|
unkown
|
page read and write
|
|
|
|
7DF440470000
|
unkown image
|
page readonly
|
|
|
|
7DF5606D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5425A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C13C7000
|
unkown image
|
page readonly
|
|
|
|
21229110000
|
unkown image
|
page readonly
|
|
|
|
7DF5669A0000
|
unkown image
|
page readonly
|
|
|
|
1E0DD1C0000
|
unkown image
|
page readonly
|
|
|
|
7FF528A2A000
|
unkown image
|
page readonly
|
|
|
|
1ED053E0000
|
unkown image
|
page readonly
|
|
|
|
7FF561C1B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A61DD000
|
unkown image
|
page readonly
|
|
|
|
7FF561B17000
|
unkown image
|
page readonly
|
|
|
|
7DF577510000
|
unkown image
|
page readonly
|
|
|
|
7FF550E48000
|
unkown image
|
page readonly
|
|
|
|
26854679000
|
unkown
|
page read and write
|
|
|
|
7DF5606C0000
|
unkown image
|
page readonly
|
|
|
|
F8CCB7B000
|
unkown
|
page read and write
|
|
|
|
C85FB7E000
|
unkown
|
page read and write
|
|
|
|
7FF5050CE000
|
unkown image
|
page readonly
|
|
|
|
26854663000
|
unkown
|
page read and write
|
|
|
|
F8CC6FF000
|
unkown
|
page read and write
|
|
|
|
7DF577512000
|
unkown image
|
page readonly
|
|
|
|
199478B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5885A0000
|
unkown image
|
page readonly
|
|
|
|
7FF561BD8000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14BB000
|
unkown image
|
page readonly
|
|
|
|
21229289000
|
unkown
|
page read and write
|
|
|
|
7FF52CC68000
|
unkown image
|
page readonly
|
|
|
|
1E0DD27E000
|
unkown
|
page read and write
|
|
|
|
21229313000
|
unkown
|
page read and write
|
|
|
|
7FF52CBBC000
|
unkown image
|
page readonly
|
|
|
|
268548D0000
|
unkown image
|
page readonly
|
|
|
|
28C38E13000
|
unkown
|
page read and write
|
|
|
|
7DF51A9E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C141A000
|
unkown image
|
page readonly
|
|
|
|
7DF5D6DC0000
|
unkown image
|
page readonly
|
|
|
|
7DF5425B0000
|
unkown image
|
page readonly
|
|
|
|
28C39000000
|
unkown image
|
page readonly
|
|
|
|
225D8370000
|
unkown image
|
page readonly
|
|
|
|
1E0DD180000
|
heap private
|
page read and write
|
|
|
|
7FF5A61B3000
|
unkown image
|
page readonly
|
|
|
|
7DF53E692000
|
unkown image
|
page readonly
|
|
|
|
7FF5050A6000
|
unkown image
|
page readonly
|
|
|
|
7FF505023000
|
unkown image
|
page readonly
|
|
|
|
EA4890B000
|
unkown
|
page read and write
|
|
|
|
F8CC0F7000
|
unkown
|
page read and write
|
|
|
|
225DCAFC000
|
unkown
|
page read and write
|
|
|
|
7FF54ACCC000
|
unkown image
|
page readonly
|
|
|
|
7DF577522000
|
unkown image
|
page readonly
|
|
|
|
7FF5C12BE000
|
unkown image
|
page readonly
|
|
|
|
EA4937E000
|
unkown
|
page read and write
|
|
|
|
2E6347B000
|
unkown
|
page read and write
|
|
|
|
7DF4188A0000
|
unkown image
|
page readonly
|
|
|
|
7FF550D7A000
|
unkown image
|
page readonly
|
|
|
|
7FF528D7D000
|
unkown image
|
page readonly
|
|
|
|
7FF550F68000
|
unkown image
|
page readonly
|
|
|
|
1E0DD940000
|
unkown
|
page read and write
|
|
|
|
225DCA49000
|
unkown
|
page read and write
|
|
|
|
7FF55108B000
|
unkown image
|
page readonly
|
|
|
|
1E0DD24E000
|
unkown
|
page read and write
|
|
|
|
225DC9E0000
|
unkown
|
page read and write
|
|
|
|
16702708000
|
unkown
|
page read and write
|
|
|
|
7FF550C17000
|
unkown image
|
page readonly
|
|
|
|
7FF5727FE000
|
unkown image
|
page readonly
|
|
|
|
7FF550E5C000
|
unkown image
|
page readonly
|
|
|
|
F8CC5FB000
|
unkown
|
page read and write
|
|
|
|
225DCAFD000
|
unkown
|
page read and write
|
|
|
|
7FF550F72000
|
unkown image
|
page readonly
|
|
|
|
212290F0000
|
unkown image
|
page read and write
|
|
|
|
7FF561A33000
|
unkown image
|
page readonly
|
|
|
|
7FF505015000
|
unkown image
|
page readonly
|
|
|
|
7FF54AB52000
|
unkown image
|
page readonly
|
|
|
|
F8CBD9E000
|
unkown
|
page read and write
|
|
|
|
16702613000
|
unkown
|
page read and write
|
|
|
|
F8CC9FF000
|
unkown
|
page read and write
|
|
|
|
7FF55108F000
|
unkown image
|
page readonly
|
|
|
|
7FF54ADBF000
|
unkown image
|
page readonly
|
|
|
|
7DF5885B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5050BD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C126D000
|
unkown image
|
page readonly
|
|
|
|
7FF572B97000
|
unkown image
|
page readonly
|
|
|
|
7FF5C14B4000
|
unkown image
|
page readonly
|
|
|
|
7FF528CCD000
|
unkown image
|
page readonly
|
|
|
|
21229850000
|
unkown image
|
page readonly
|
|
|
|
7FF505045000
|
unkown image
|
page readonly
|
|
|
|
7FF561B38000
|
unkown image
|
page readonly
|
|
|
|
19947A00000
|
unkown
|
page read and write
|
|
|
|
7DF51A9D0000
|
unkown image
|
page readonly
|
|
|
|
C4E1AFE000
|
unkown
|
page read and write
|
|
|
|
1CEE382A000
|
unkown
|
page read and write
|
|
|
|
7FF572AC2000
|
unkown image
|
page readonly
|
|
|
|
7DF43C560000
|
unkown image
|
page readonly
|
|
|
|
225D74FD000
|
unkown
|
page read and write
|
|
|
|
225DC9B0000
|
unkown
|
page read and write
|
|
|
|
7DF53E6A0000
|
unkown image
|
page readonly
|
|
|
|
16702702000
|
unkown
|
page read and write
|
|
|
|
19947A52000
|
unkown
|
page read and write
|
|
|
|
7FF5C131F000
|
unkown image
|
page readonly
|
|
|
|
5E880FC000
|
unkown
|
page read and write
|
|
|
|
5E8817B000
|
unkown
|
page read and write
|
|
|
|
7FF5C149B000
|
unkown image
|
page readonly
|
|
|
|
16702A00000
|
unkown image
|
page readonly
|
|
|
|
7FF50500D000
|
unkown image
|
page readonly
|
|
|
|
7FF5050C4000
|
unkown image
|
page readonly
|
|
|
|
16702700000
|
unkown
|
page read and write
|
|
|
|
7FF550D83000
|
unkown image
|
page readonly
|
|
|
|
B60887D000
|
unkown
|
page read and write
|
|
|
|
5E878BB000
|
unkown
|
page read and write
|
|
|
|
1CEE3600000
|
unkown image
|
page readonly
|
|
|
|
7FF504F2F000
|
unkown image
|
page readonly
|
|
|
|
225DC8B0000
|
unkown
|
page read and write
|
|
|
|
C85FC7E000
|
unkown
|
page read and write
|
|
|
|
7FF52CA4D000
|
unkown image
|
page readonly
|
|
|
|
1ED05600000
|
unkown
|
page read and write
|
|
|
|
7FF5050B0000
|
unkown image
|
page readonly
|
|
|
|
7FF572BCD000
|
unkown image
|
page readonly
|
|
|
|
1E0DD25F000
|
unkown
|
page read and write
|
|
|
|
7FF5044DF000
|
unkown image
|
page readonly
|
|
|
|
7FF561B63000
|
unkown image
|
page readonly
|
|
|
|
7FF572BB8000
|
unkown image
|
page readonly
|
|
|
|
1E0DD24A000
|
unkown
|
page read and write
|
|
|
|
7DF464850000
|
unkown image
|
page readonly
|
|
|
|
7FF550E24000
|
unkown image
|
page readonly
|
|
|
|
4C62A7E000
|
unkown
|
page read and write
|
|
|
|
7FF550B3F000
|
unkown image
|
page readonly
|
|
|
|
4C6307F000
|
unkown
|
page read and write
|
|
|
|
7FF528CD9000
|
unkown image
|
page readonly
|
|
|
|
7FF572C9F000
|
unkown image
|
page readonly
|
|
|
|
28C38C90000
|
unkown image
|
page readonly
|
|
|
|
1CEE38CB000
|
unkown
|
page read and write
|
|
|
|
7DF5425B2000
|
unkown image
|
page readonly
|
|
|
|
225DCB02000
|
unkown
|
page read and write
|
|
|
|
7FF54AB7C000
|
unkown image
|
page readonly
|
|
|
|
26854600000
|
unkown
|
page read and write
|
|
|
|
21229190000
|
unkown
|
page read and write
|
|
|
|
7FF528CE3000
|
unkown image
|
page readonly
|
|
|
|
4C62CFB000
|
unkown
|
page read and write
|
|
|
|
7FF528C57000
|
unkown image
|
page readonly
|
|
|
|
16702C02000
|
unkown
|
page read and write
|
|
|
|
7DF5BBBD2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C13FD000
|
unkown image
|
page readonly
|
|
|
|
EA4907D000
|
unkown
|
page read and write
|
|
|
|
5D79FC000
|
unkown
|
page read and write
|
|
|
|
1CEE3E02000
|
unkown
|
page read and write
|
|
|
|
7FF550F3D000
|
unkown image
|
page readonly
|
|
|
|
19947A8C000
|
unkown
|
page read and write
|
|
|
|
2122925B000
|
unkown
|
page read and write
|
|
|
|
1CEE3C00000
|
unkown image
|
page readonly
|
|
|
|
7FF52CBA7000
|
unkown image
|
page readonly
|
|
|
|
1ED053C0000
|
unkown image
|
page readonly
|
|
|
|
225D71F0000
|
unkown image
|
page readonly
|
|
|
|
225D7B18000
|
unkown
|
page read and write
|
|
|
|
7FF5C1435000
|
unkown image
|
page readonly
|
|
|
|
2E639FF000
|
unkown
|
page read and write
|
|
|
|
7FF5A5F86000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACAC000
|
unkown image
|
page readonly
|
|
|
|
1E0DD23B000
|
unkown
|
page read and write
|
|
|
|
225DCA21000
|
unkown
|
page read and write
|
|
|
|
7DF5D6DC2000
|
unkown image
|
page readonly
|
|
|
|
7FF504EF3000
|
unkown image
|
page readonly
|
|
|
|
1ED05602000
|
unkown
|
page read and write
|
|
|
|
7FF561B55000
|
unkown image
|
page readonly
|
|
|
|
19947E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1496000
|
unkown image
|
page readonly
|
|
|
|
7DF577530000
|
unkown image
|
page readonly
|
|
|
|
7FF54ADBD000
|
unkown image
|
page readonly
|
|
|
|
28C38E57000
|
unkown
|
page read and write
|
|
|
|
7FF55105E000
|
unkown image
|
page readonly
|
|
|
|
225D73F0000
|
unkown
|
page read and write
|
|
|
|
1670268D000
|
unkown
|
page read and write
|
|
|
|
225DC9D0000
|
unkown
|
page read and write
|
|
|
|
7FF54ADBF000
|
unkown image
|
page readonly
|
|
|
|
F8CC77E000
|
unkown
|
page read and write
|
|
|
|
C85F87E000
|
unkown
|
page read and write
|
|
|
|
7FF550D4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A61C7000
|
unkown image
|
page readonly
|
|
|
|
7FF56101F000
|
unkown image
|
page readonly
|
|
|
|
1CEE3710000
|
unkown image
|
page readonly
|
|
|
|
1670265C000
|
unkown
|
page read and write
|
|
|
|
7FF528CEA000
|
unkown image
|
page readonly
|
|
|
|
225D71B0000
|
unkown image
|
page read and write
|
|
|
|
7DF566982000
|
unkown image
|
page readonly
|
|
|
|
1E0DD260000
|
unkown
|
page read and write
|
|
|
|
7FF561BDF000
|
unkown image
|
page readonly
|
|
|
|
F8CC2FB000
|
unkown
|
page read and write
|
|
|
|
7FF550FDA000
|
unkown image
|
page readonly
|
|
|
|
26854602000
|
unkown
|
page read and write
|
|
|
|
7DF566992000
|
unkown image
|
page readonly
|
|
|
|
7FF5C148F000
|
unkown image
|
page readonly
|
|
|
|
7FF5618D3000
|
unkown image
|
page readonly
|
|
|
|
7DF51A9D0000
|
unkown image
|
page readonly
|
|
|
|
7FF572C8E000
|
unkown image
|
page readonly
|
|
|
|
7DF5D6DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF54ACF9000
|
unkown image
|
page readonly
|
|
|
|
225DCB00000
|
unkown
|
page read and write
|
|
|
|
7FF561B2C000
|
unkown image
|
page readonly
|
|
|
|
7FF52CCAB000
|
unkown image
|
page readonly
|
|
|
|
7FF550B96000
|
unkown image
|
page readonly
|
|
|
|
7DF566980000
|
unkown image
|
page readonly
|
|
|
|
7FF572B95000
|
unkown image
|
page readonly
|
|
|
|
7FF572C9D000
|
unkown image
|
page readonly
|
|
|
|
1E0DD1F0000
|
unkown image
|
page readonly
|
|
|
|
1E0DD1E0000
|
heap default
|
page read and write
|
|
|
|
7DF53E690000
|
unkown image
|
page readonly
|
|
|
|
225DC880000
|
unkown
|
page read and write
|
|
|
|
C85FA7E000
|
unkown
|
page read and write
|
|
|
|
1CEE3800000
|
unkown
|
page read and write
|
|
|
|
7DF5D6DE0000
|
unkown image
|
page readonly
|
|
|
|
225D7A00000
|
unkown
|
page read and write
|
|
|
|
7FF5504C7000
|
unkown image
|
page readonly
|
|
|
|
F8CCA7F000
|
unkown
|
page read and write
|
|
|
|
F8CBD1E000
|
unkown
|
page read and write
|
|
|
|
7FF550BFB000
|
unkown image
|
page readonly
|
|
|
|
1E0DD25A000
|
unkown
|
page read and write
|
|
|
|
7FF5C13C3000
|
unkown image
|
page readonly
|
|
|
|
268545F0000
|
heap default
|
page read and write
|
|
|
|
7DF51A9F0000
|
unkown image
|
page readonly
|
|
|
|
225D7200000
|
unkown image
|
page readonly
|
|
|
|
7FF550FC9000
|
unkown image
|
page readonly
|
|
|
|
7FF561A75000
|
unkown image
|
page readonly
|
|
|
|
7FF52CBF3000
|
unkown image
|
page readonly
|
|
|
|
225DC6F0000
|
unkown
|
page read and write
|
|
|
|
1ED053B0000
|
heap private
|
page read and write
|
|
|
|
26854713000
|
unkown
|
page read and write
|
|
|
|
EA4898E000
|
unkown
|
page read and write
|
|
|
|
7DF4753E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A606D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A62BE000
|
unkown image
|
page readonly
|
|
|
|
225D7A15000
|
unkown
|
page read and write
|
|
|
|
7DF5D6DC0000
|
unkown image
|
page readonly
|
|
|
|
225D7220000
|
heap default
|
page read and write
|
|
|
|
1CEE3A00000
|
unkown image
|
page readonly
|
|
|
|
7DF51A9E2000
|
unkown image
|
page readonly
|
|
|
|
7FF572B93000
|
unkown image
|
page readonly
|
|
There are 898 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.4dxos.com/formslogin/Login.aspx
|
|