Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Revised_Purchase_Order.htm
|
HTML document, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1fdf5d04-69aa-4109-9fa8-d2cd488c3c64.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\43815c60-9974-4a7f-9209-439c92a64aee.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9dc429e4-f94f-4f25-8aad-6164b3349fff.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9f58f587-b8a9-4d3c-b473-ccc062e27827.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\124eb82e-f6a4-4754-840b-e01acd039925.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1628a05c-93a1-46d4-84bc-fb3624ca901b.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1dbd9063-ce42-4d64-8eca-f81be66b2641.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2682aed1-5d85-4432-a24c-d77aa0a29f3d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5a03babc-e431-40a4-8566-60af0f558d79.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5da6ed11-4f32-46a1-8fea-0e21bdb395b1.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldG (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldOG (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.oldin (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateE3 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencest (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\24be665e-cc94-4527-b0ef-885c978b7b63.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.oldt
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\88ff9280-ebba-48aa-bb22-4eb571098f50.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old2F
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old7
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.oldT
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f16ca68f-a0b7-41fe-b8d2-274cf67ab148.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statepe (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachep (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\220ef641-da1a-4516-9e90-186d95f2607a.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2576_1265160473\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\b028805b-a00a-45cc-922a-f5dcc620cdbd.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\220ef641-da1a-4516-9e90-186d95f2607a.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_1986833577\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2576_467421507\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 225 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\Revised_Purchase_Order.htm'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,9088724341580528280,8435398726282445508,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1936 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Revised_Purchase_Order.htm
|
|
||
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://gold-b-tours.com/fr/js/mid.js
|
172.67.219.206
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
216.58.215.225
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://gold-b-tours.com/fr/js/mid.jsI
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://gold-b-tours.com/fr/js/head.jsf
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.212.142
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=E%2BhalSf28Hdrg0JVdVXUrf%2FbKllKvje1xHjOkouKkpNTJf4WlbjtlTnuMHR4Gnvfjk84ljmHI3L9AQORicLlt8lNiiV68HTJvFv4XWb1PxAdSCKjits1yWt7tY9cp4xEg26%2B
|
35.190.80.1
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=DvKroWuoqV1SuFuFIJDHZHZp1T1JfBHzY8Z%2BTWWezSnt%2B80DQuKQwSl
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.0.9/js/all.jsD
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=E%2BhalSf28Hdrg0JVdVXUrf%2FbKllKvje1xHjOkouKkpNTJf4WlbjtlTn
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.0.9/js/all.js
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://gold-b-tours.com/fr/js/tail.js
|
172.67.219.206
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://gold-b-tours.com/fr/js/final.js
|
172.67.219.206
|
|
|
|
https://gold-b-tours.com/fr/js/head.js
|
172.67.219.206
|
|
|
|
https://gold-b-tours.com/fr/php/brand.php
|
172.67.219.206
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 60 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
gold-b-tours.com
|
172.67.219.206
|
|
|
|
clients.l.google.com
|
216.58.212.142
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.215.225
|
|
|
|
use.fontawesome.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
172.67.219.206
|
gold-b-tours.com
|
United States
|
|
|
|
216.58.212.142
|
clients.l.google.com
|
United States
|
|
|
|
216.58.215.225
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF51F327000
|
unkown image
|
page readonly
|
|
|
|
282900E8000
|
unkown
|
page read and write
|
|
|
|
214567B000
|
unkown
|
page read and write
|
|
|
|
7FF508E27000
|
unkown image
|
page readonly
|
|
|
|
1CA0E03C000
|
unkown
|
page read and write
|
|
|
|
7FF580B82000
|
unkown image
|
page readonly
|
|
|
|
19B97600000
|
unkown
|
page read and write
|
|
|
|
19B96851000
|
unkown
|
page read and write
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
7DF5E39F0000
|
unkown image
|
page readonly
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
28290440000
|
unkown
|
page read and write
|
|
|
|
7FF5D4154000
|
unkown image
|
page readonly
|
|
|
|
19B9715A000
|
unkown
|
page read and write
|
|
|
|
7FF51F19F000
|
unkown image
|
page readonly
|
|
|
|
7FF59128E000
|
unkown image
|
page readonly
|
|
|
|
1CA0E08A000
|
unkown
|
page read and write
|
|
|
|
7FF508A0B000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4234000
|
unkown image
|
page readonly
|
|
|
|
7FF580957000
|
unkown image
|
page readonly
|
|
|
|
7FF508CF5000
|
unkown image
|
page readonly
|
|
|
|
7FF51F384000
|
unkown image
|
page readonly
|
|
|
|
2828B599000
|
unkown
|
page read and write
|
|
|
|
16839020000
|
unkown image
|
page readonly
|
|
|
|
7FF59133B000
|
unkown image
|
page readonly
|
|
|
|
7FF5912C7000
|
unkown image
|
page readonly
|
|
|
|
7FF580AB2000
|
unkown image
|
page readonly
|
|
|
|
7B6FFE000
|
stack
|
page read and write
|
|
|
|
7FF580995000
|
unkown image
|
page readonly
|
|
|
|
7FF580B5A000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE012000
|
unkown image
|
page readonly
|
|
|
|
19B9718B000
|
unkown
|
page read and write
|
|
|
|
7FF508DC9000
|
unkown image
|
page readonly
|
|
|
|
7FF591377000
|
unkown image
|
page readonly
|
|
|
|
28290540000
|
unkown
|
page read and write
|
|
|
|
28290325000
|
unkown
|
page read and write
|
|
|
|
7DF512C20000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE020000
|
unkown image
|
page readonly
|
|
|
|
53DB8F7000
|
stack
|
page read and write
|
|
|
|
19B96790000
|
unkown image
|
page readonly
|
|
|
|
214577F000
|
stack
|
page read and write
|
|
|
|
93845F7000
|
stack
|
page read and write
|
|
|
|
1A6CFFA0000
|
unkown image
|
page readonly
|
|
|
|
2145C7D000
|
stack
|
page read and write
|
|
|
|
7DF512C20000
|
unkown image
|
page readonly
|
|
|
|
19B968E9000
|
unkown
|
page read and write
|
|
|
|
18748181000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A83000
|
unkown image
|
page readonly
|
|
|
|
2828BA00000
|
unkown image
|
page read and write
|
|
|
|
16839302000
|
unkown
|
page read and write
|
|
|
|
19B9716F000
|
unkown
|
page read and write
|
|
|
|
7FF5809C8000
|
unkown image
|
page readonly
|
|
|
|
7FF508C1D000
|
unkown image
|
page readonly
|
|
|
|
7FF508E2D000
|
unkown image
|
page readonly
|
|
|
|
19B968A8000
|
unkown
|
page read and write
|
|
|
|
19B97195000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A86000
|
unkown image
|
page readonly
|
|
|
|
19B96750000
|
unkown image
|
page readonly
|
|
|
|
7FF580A81000
|
unkown image
|
page readonly
|
|
|
|
7FF51F197000
|
unkown image
|
page readonly
|
|
|
|
1A6CF980000
|
unkown
|
page read and write
|
|
|
|
2828AA50000
|
unkown image
|
page readonly
|
|
|
|
7FF51F387000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9857000
|
unkown image
|
page readonly
|
|
|
|
7FF51F1E8000
|
unkown image
|
page readonly
|
|
|
|
19B9684D000
|
unkown
|
page read and write
|
|
|
|
7FF590B9F000
|
unkown image
|
page readonly
|
|
|
|
2828AB80000
|
unkown
|
page read and write
|
|
|
|
53DBBFF000
|
stack
|
page read and write
|
|
|
|
28290110000
|
unkown
|
page read and write
|
|
|
|
19B96849000
|
unkown
|
page read and write
|
|
|
|
7DF58A920000
|
unkown image
|
page readonly
|
|
|
|
19B9684A000
|
unkown
|
page read and write
|
|
|
|
7FF508CE1000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9336000
|
unkown image
|
page readonly
|
|
|
|
28290327000
|
unkown
|
page read and write
|
|
|
|
18748040000
|
unkown
|
page read and write
|
|
|
|
2828AD02000
|
unkown
|
page read and write
|
|
|
|
19B96FB0000
|
unkown image
|
page read and write
|
|
|
|
7DF58A930000
|
unkown image
|
page readonly
|
|
|
|
7FF591366000
|
unkown image
|
page readonly
|
|
|
|
18748181000
|
unkown
|
page read and write
|
|
|
|
19B96710000
|
unkown image
|
page read and write
|
|
|
|
7FF5D9B8D000
|
unkown image
|
page readonly
|
|
|
|
19B9718C000
|
unkown
|
page read and write
|
|
|
|
93843F7000
|
stack
|
page read and write
|
|
|
|
2828AC8F000
|
unkown
|
page read and write
|
|
|
|
16839000000
|
unkown image
|
page read and write
|
|
|
|
19B96FA0000
|
unkown
|
page read and write
|
|
|
|
2828ACA1000
|
unkown
|
page read and write
|
|
|
|
19B9719F000
|
unkown
|
page read and write
|
|
|
|
7DF4E18B0000
|
unkown image
|
page readonly
|
|
|
|
1CA0DEA0000
|
heap private
|
page read and write
|
|
|
|
7FF5089A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9A97000
|
unkown image
|
page readonly
|
|
|
|
7FF591337000
|
unkown image
|
page readonly
|
|
|
|
2828B599000
|
unkown
|
page read and write
|
|
|
|
7FF508E34000
|
unkown image
|
page readonly
|
|
|
|
2828B5DB000
|
unkown
|
page read and write
|
|
|
|
7DF5DE012000
|
unkown image
|
page readonly
|
|
|
|
2828AC29000
|
unkown
|
page read and write
|
|
|
|
19B96870000
|
unkown
|
page read and write
|
|
|
|
19B9684E000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A47000
|
unkown image
|
page readonly
|
|
|
|
19B97620000
|
unkown
|
page read and write
|
|
|
|
20259690000
|
unkown image
|
page read and write
|
|
|
|
19B97180000
|
unkown
|
page read and write
|
|
|
|
19B9718A000
|
unkown
|
page read and write
|
|
|
|
7FF508D83000
|
unkown image
|
page readonly
|
|
|
|
19B9716D000
|
unkown
|
page read and write
|
|
|
|
BCA867B000
|
stack
|
page read and write
|
|
|
|
7FF580B31000
|
unkown image
|
page readonly
|
|
|
|
7DF529172000
|
unkown image
|
page readonly
|
|
|
|
18748130000
|
heap default
|
page read and write
|
|
|
|
7FF508DC7000
|
unkown image
|
page readonly
|
|
|
|
20259900000
|
unkown
|
page read and write
|
|
|
|
19B96E50000
|
unkown image
|
page readonly
|
|
|
|
18747F00000
|
unkown image
|
page readonly
|
|
|
|
7FF51F3D7000
|
unkown image
|
page readonly
|
|
|
|
7FF508B74000
|
unkown image
|
page readonly
|
|
|
|
7FF51F316000
|
unkown image
|
page readonly
|
|
|
|
28290217000
|
unkown
|
page read and write
|
|
|
|
7FF5D4080000
|
unkown image
|
page readonly
|
|
|
|
19B9684B000
|
unkown
|
page read and write
|
|
|
|
7FF5D3CEA000
|
unkown image
|
page readonly
|
|
|
|
7FF508C0A000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA30000
|
unkown
|
page read and write
|
|
|
|
2828AA80000
|
heap default
|
page read and write
|
|
|
|
28290317000
|
unkown
|
page read and write
|
|
|
|
2828BC10000
|
unkown image
|
page readonly
|
|
|
|
2829031B000
|
unkown
|
page read and write
|
|
|
|
53DB9FD000
|
stack
|
page read and write
|
|
|
|
19B968F8000
|
unkown
|
page read and write
|
|
|
|
7FF508C3F000
|
unkown image
|
page readonly
|
|
|
|
19B97702000
|
unkown
|
page read and write
|
|
|
|
93840FE000
|
stack
|
page read and write
|
|
|
|
2828AD13000
|
unkown
|
page read and write
|
|
|
|
28290319000
|
unkown
|
page read and write
|
|
|
|
151DBBB000
|
unkown
|
page read and write
|
|
|
|
19B9717A000
|
unkown
|
page read and write
|
|
|
|
282902FA000
|
unkown
|
page read and write
|
|
|
|
28291010000
|
unkown
|
page read and write
|
|
|
|
1A6CFA1F000
|
unkown
|
page read and write
|
|
|
|
7FF508D96000
|
unkown image
|
page readonly
|
|
|
|
7FF508E72000
|
unkown image
|
page readonly
|
|
|
|
7FF508D64000
|
unkown image
|
page readonly
|
|
|
|
122F77000
|
stack
|
page read and write
|
|
|
|
28290410000
|
unkown
|
page read and write
|
|
|
|
7FF5D3A9F000
|
unkown image
|
page readonly
|
|
|
|
187483D0000
|
heap private
|
page read and write
|
|
|
|
7FF5B998F000
|
unkown image
|
page readonly
|
|
|
|
2828B3E0000
|
unkown
|
page read and write
|
|
|
|
214597B000
|
stack
|
page read and write
|
|
|
|
2025984E000
|
unkown
|
page read and write
|
|
|
|
7FF5089F9000
|
unkown image
|
page readonly
|
|
|
|
19B97182000
|
unkown
|
page read and write
|
|
|
|
7FF5D9C36000
|
unkown image
|
page readonly
|
|
|
|
7FF508D47000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9701000
|
unkown image
|
page readonly
|
|
|
|
1CA0E002000
|
unkown
|
page read and write
|
|
|
|
19B96CD0000
|
unkown image
|
page readonly
|
|
|
|
18748E30000
|
unkown
|
page read and write
|
|
|
|
7DF529170000
|
unkown image
|
page readonly
|
|
|
|
19B9716D000
|
unkown
|
page read and write
|
|
|
|
28290430000
|
unkown
|
page read and write
|
|
|
|
19B96853000
|
unkown
|
page read and write
|
|
|
|
28290400000
|
unkown
|
page read and write
|
|
|
|
1CA0E802000
|
unkown
|
page read and write
|
|
|
|
7DF58A932000
|
unkown image
|
page readonly
|
|
|
|
2828B500000
|
unkown
|
page read and write
|
|
|
|
7DF529190000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3F45000
|
unkown image
|
page readonly
|
|
|
|
16839213000
|
unkown
|
page read and write
|
|
|
|
19B96FA0000
|
unkown
|
page read and write
|
|
|
|
19B97171000
|
unkown
|
page read and write
|
|
|
|
7FF5B99A3000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9C04000
|
unkown image
|
page readonly
|
|
|
|
2828B559000
|
unkown
|
page read and write
|
|
|
|
2828BBF0000
|
unkown image
|
page readonly
|
|
|
|
2828FFE0000
|
unkown
|
page read and write
|
|
|
|
19B96829000
|
unkown
|
page read and write
|
|
|
|
2829031A000
|
unkown
|
page read and write
|
|
|
|
2828AC95000
|
unkown
|
page read and write
|
|
|
|
7FF51E7E1000
|
unkown image
|
page readonly
|
|
|
|
16839253000
|
unkown
|
page read and write
|
|
|
|
28290223000
|
unkown
|
page read and write
|
|
|
|
7B6BCF000
|
stack
|
page read and write
|
|
|
|
28290249000
|
unkown
|
page read and write
|
|
|
|
7FF5086FA000
|
unkown image
|
page readonly
|
|
|
|
7FF51F1E5000
|
unkown image
|
page readonly
|
|
|
|
7FF508BAE000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4227000
|
unkown image
|
page readonly
|
|
|
|
20259851000
|
unkown
|
page read and write
|
|
|
|
28290440000
|
unkown
|
page read and write
|
|
|
|
282902F7000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A5B000
|
unkown image
|
page readonly
|
|
|
|
2025986D000
|
unkown
|
page read and write
|
|
|
|
2828B000000
|
unkown image
|
page readonly
|
|
|
|
7FF580ACD000
|
unkown image
|
page readonly
|
|
|
|
28290313000
|
unkown
|
page read and write
|
|
|
|
1A6CFA1F000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A6A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4237000
|
unkown image
|
page readonly
|
|
|
|
20259E60000
|
unkown
|
page read and write
|
|
|
|
19B9717D000
|
unkown
|
page read and write
|
|
|
|
19B96916000
|
unkown
|
page read and write
|
|
|
|
7FF5912C9000
|
unkown image
|
page readonly
|
|
|
|
1683924E000
|
unkown
|
page read and write
|
|
|
|
19B968F8000
|
unkown
|
page read and write
|
|
|
|
7FF51F2FA000
|
unkown image
|
page readonly
|
|
|
|
20259889000
|
unkown
|
page read and write
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
7FF580B37000
|
unkown image
|
page readonly
|
|
|
|
7FF5B99BA000
|
unkown image
|
page readonly
|
|
|
|
28290440000
|
unkown
|
page read and write
|
|
|
|
20259C00000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3A34000
|
unkown image
|
page readonly
|
|
|
|
7FF59132D000
|
unkown image
|
page readonly
|
|
|
|
19B9718E000
|
unkown
|
page read and write
|
|
|
|
7DF5E39F0000
|
unkown image
|
page readonly
|
|
|
|
7FF508E21000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE010000
|
unkown image
|
page readonly
|
|
|
|
2828BBE0000
|
unkown image
|
page readonly
|
|
|
|
7DF529182000
|
unkown image
|
page readonly
|
|
|
|
2828AC7B000
|
unkown
|
page read and write
|
|
|
|
28290110000
|
unkown
|
page read and write
|
|
|
|
7FF5D4183000
|
unkown image
|
page readonly
|
|
|
|
19B971A3000
|
unkown
|
page read and write
|
|
|
|
7DF529170000
|
unkown image
|
page readonly
|
|
|
|
7FF51E7DB000
|
unkown image
|
page readonly
|
|
|
|
7FF508B4F000
|
unkown image
|
page readonly
|
|
|
|
19B97159000
|
unkown
|
page read and write
|
|
|
|
1A6CF960000
|
unkown
|
page read and write
|
|
|
|
1A6CF9D0000
|
unkown image
|
page read and write
|
|
|
|
BCA837F000
|
stack
|
page read and write
|
|
|
|
19B9717C000
|
unkown
|
page read and write
|
|
|
|
7DF5DE022000
|
unkown image
|
page readonly
|
|
|
|
19B9718B000
|
unkown
|
page read and write
|
|
|
|
20259D80000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
BCA81FF000
|
stack
|
page read and write
|
|
|
|
7FF5086F8000
|
unkown image
|
page readonly
|
|
|
|
7FF508C1F000
|
unkown image
|
page readonly
|
|
|
|
2829023C000
|
unkown
|
page read and write
|
|
|
|
7FF5D417F000
|
unkown image
|
page readonly
|
|
|
|
7FF5B982A000
|
unkown image
|
page readonly
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
7FF5D9A71000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4047000
|
unkown image
|
page readonly
|
|
|
|
202596B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE030000
|
unkown image
|
page readonly
|
|
|
|
19B97002000
|
unkown
|
page read and write
|
|
|
|
7FF5D3D21000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9C0B000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3832000
|
unkown image
|
page readonly
|
|
|
|
19B971A7000
|
unkown
|
page read and write
|
|
|
|
7FF5B98D8000
|
unkown image
|
page readonly
|
|
|
|
7DF59B122000
|
unkown image
|
page readonly
|
|
|
|
53DB47B000
|
unkown
|
page read and write
|
|
|
|
16839300000
|
unkown
|
page read and write
|
|
|
|
7DF59B120000
|
unkown image
|
page readonly
|
|
|
|
7FF508BB0000
|
unkown image
|
page readonly
|
|
|
|
BCA88FE000
|
stack
|
page read and write
|
|
|
|
7FF5D41BD000
|
unkown image
|
page readonly
|
|
|
|
2025984C000
|
unkown
|
page read and write
|
|
|
|
28290317000
|
unkown
|
page read and write
|
|
|
|
7DF59B110000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9BFD000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3832000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4171000
|
unkown image
|
page readonly
|
|
|
|
1CA0E000000
|
unkown
|
page read and write
|
|
|
|
7FF580998000
|
unkown image
|
page readonly
|
|
|
|
151E17E000
|
stack
|
page read and write
|
|
|
|
19B9719B000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7DF5E39F2000
|
unkown image
|
page readonly
|
|
|
|
12291B000
|
unkown
|
page read and write
|
|
|
|
7FF5D4224000
|
unkown image
|
page readonly
|
|
|
|
7FF5D39A7000
|
unkown image
|
page readonly
|
|
|
|
20259A00000
|
unkown image
|
page readonly
|
|
|
|
28290318000
|
unkown
|
page read and write
|
|
|
|
7FF5D933D000
|
unkown image
|
page readonly
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
282900E6000
|
unkown
|
page read and write
|
|
|
|
1874818A000
|
unkown
|
page read and write
|
|
|
|
7FF5D4066000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3FD4000
|
unkown image
|
page readonly
|
|
|
|
19B968D2000
|
unkown
|
page read and write
|
|
|
|
BCA77FC000
|
unkown
|
page read and write
|
|
|
|
7FF51F2CF000
|
unkown image
|
page readonly
|
|
|
|
28290104000
|
unkown
|
page read and write
|
|
|
|
7FF580AD7000
|
unkown image
|
page readonly
|
|
|
|
1CA0DFE0000
|
unkown image
|
page readonly
|
|
|
|
7FF508E24000
|
unkown image
|
page readonly
|
|
|
|
7FF5D94C1000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE010000
|
unkown image
|
page readonly
|
|
|
|
7DF58A922000
|
unkown image
|
page readonly
|
|
|
|
28290325000
|
unkown
|
page read and write
|
|
|
|
16839200000
|
unkown
|
page read and write
|
|
|
|
7DF512C30000
|
unkown image
|
page readonly
|
|
|
|
1CA0E013000
|
unkown
|
page read and write
|
|
|
|
BCA817B000
|
stack
|
page read and write
|
|
|
|
28290317000
|
unkown
|
page read and write
|
|
|
|
18748164000
|
heap default
|
page read and write
|
|
|
|
2828AB90000
|
unkown image
|
page read and write
|
|
|
|
2828AC58000
|
unkown
|
page read and write
|
|
|
|
BCA7E7B000
|
stack
|
page read and write
|
|
|
|
2025984F000
|
unkown
|
page read and write
|
|
|
|
BCA7F7E000
|
stack
|
page read and write
|
|
|
|
20259913000
|
unkown
|
page read and write
|
|
|
|
202596E0000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
19B9719F000
|
unkown
|
page read and write
|
|
|
|
282902CF000
|
unkown
|
page read and write
|
|
|
|
7FF5D419A000
|
unkown image
|
page readonly
|
|
|
|
7FF580A7F000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
151DFF9000
|
stack
|
page read and write
|
|
|
|
7FF5B9A57000
|
unkown image
|
page readonly
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
18748139000
|
heap default
|
page read and write
|
|
|
|
7DF427040000
|
unkown image
|
page readonly
|
|
|
|
2145D7F000
|
stack
|
page read and write
|
|
|
|
2828AC13000
|
unkown
|
page read and write
|
|
|
|
7DF5E3A00000
|
unkown image
|
page readonly
|
|
|
|
7FF580B87000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE030000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3CF3000
|
unkown image
|
page readonly
|
|
|
|
19B97117000
|
unkown
|
page read and write
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
7FF5D9C1A000
|
unkown image
|
page readonly
|
|
|
|
19B9717E000
|
unkown
|
page read and write
|
|
|
|
7FF5D9C33000
|
unkown image
|
page readonly
|
|
|
|
19B97177000
|
unkown
|
page read and write
|
|
|
|
2828AA30000
|
unkown image
|
page readonly
|
|
|
|
282902C5000
|
unkown
|
page read and write
|
|
|
|
28290321000
|
unkown
|
page read and write
|
|
|
|
7DF5E39F2000
|
unkown image
|
page readonly
|
|
|
|
19B971D8000
|
unkown
|
page read and write
|
|
|
|
7FF5D9A88000
|
unkown image
|
page readonly
|
|
|
|
7FF508B35000
|
unkown image
|
page readonly
|
|
|
|
19B9719F000
|
unkown
|
page read and write
|
|
|
|
7FF5B99E7000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9B54000
|
unkown image
|
page readonly
|
|
|
|
16839270000
|
unkown
|
page read and write
|
|
|
|
18748181000
|
unkown
|
page read and write
|
|
|
|
93846FF000
|
stack
|
page read and write
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
282902BE000
|
unkown
|
page read and write
|
|
|
|
7FF58094F000
|
unkown image
|
page readonly
|
|
|
|
19B97172000
|
unkown
|
page read and write
|
|
|
|
7FF5D4164000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF508E77000
|
unkown image
|
page readonly
|
|
|
|
2828BBC0000
|
unkown image
|
page readonly
|
|
|
|
2828B400000
|
unkown
|
page read and write
|
|
|
|
7FF5B9541000
|
unkown image
|
page readonly
|
|
|
|
7FF5912BD000
|
unkown image
|
page readonly
|
|
|
|
7FF508C47000
|
unkown image
|
page readonly
|
|
|
|
7FF51F397000
|
unkown image
|
page readonly
|
|
|
|
7FF508BBB000
|
unkown image
|
page readonly
|
|
|
|
12307F000
|
stack
|
page read and write
|
|
|
|
7FF5B91C7000
|
unkown image
|
page readonly
|
|
|
|
7FF591321000
|
unkown image
|
page readonly
|
|
|
|
282902FE000
|
unkown
|
page read and write
|
|
|
|
7FF508B23000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7DF59B112000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA1F000
|
unkown
|
page read and write
|
|
|
|
1CA0E05B000
|
unkown
|
page read and write
|
|
|
|
7FF5B99D6000
|
unkown image
|
page readonly
|
|
|
|
7FF508B1D000
|
unkown image
|
page readonly
|
|
|
|
7DF512C10000
|
unkown image
|
page readonly
|
|
|
|
7DF4887F0000
|
unkown image
|
page readonly
|
|
|
|
19B96881000
|
unkown
|
page read and write
|
|
|
|
7DF59B122000
|
unkown image
|
page readonly
|
|
|
|
19B968C5000
|
unkown
|
page read and write
|
|
|
|
2828B681000
|
unkown
|
page read and write
|
|
|
|
282902AB000
|
unkown
|
page read and write
|
|
|
|
BCA84FE000
|
stack
|
page read and write
|
|
|
|
7FF5D3EE1000
|
unkown image
|
page readonly
|
|
|
|
BCA827E000
|
stack
|
page read and write
|
|
|
|
202596A0000
|
heap private
|
page read and write
|
|
|
|
16839A02000
|
unkown
|
page read and write
|
|
|
|
19B9766A000
|
unkown
|
page read and write
|
|
|
|
1A6CF9F0000
|
heap default
|
page read and write
|
|
|
|
7FF5912B6000
|
unkown image
|
page readonly
|
|
|
|
19B97174000
|
unkown
|
page read and write
|
|
|
|
19B9718C000
|
unkown
|
page read and write
|
|
|
|
53DB6FF000
|
stack
|
page read and write
|
|
|
|
7DF58A940000
|
unkown image
|
page readonly
|
|
|
|
19B967D0000
|
unkown image
|
page readonly
|
|
|
|
7FF51F2E3000
|
unkown image
|
page readonly
|
|
|
|
28290200000
|
unkown
|
page read and write
|
|
|
|
7FF591285000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4037000
|
unkown image
|
page readonly
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF5D9B97000
|
unkown image
|
page readonly
|
|
|
|
7DF4DBEE0000
|
unkown image
|
page readonly
|
|
|
|
7FF508D8D000
|
unkown image
|
page readonly
|
|
|
|
938417E000
|
stack
|
page read and write
|
|
|
|
1CA0E066000
|
unkown
|
page read and write
|
|
|
|
1CA0E113000
|
unkown
|
page read and write
|
|
|
|
2828AA10000
|
unkown image
|
page read and write
|
|
|
|
7FF5D401D000
|
unkown image
|
page readonly
|
|
|
|
16839040000
|
unkown image
|
page readonly
|
|
|
|
28291000000
|
unkown
|
page read and write
|
|
|
|
7FF51F1A7000
|
unkown image
|
page readonly
|
|
|
|
19B9717C000
|
unkown
|
page read and write
|
|
|
|
2828B559000
|
unkown
|
page read and write
|
|
|
|
19B971A6000
|
unkown
|
page read and write
|
|
|
|
7FF5D9C07000
|
unkown image
|
page readonly
|
|
|
|
7FF5B98A5000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39E0000
|
unkown image
|
page readonly
|
|
|
|
7FF51F39B000
|
unkown image
|
page readonly
|
|
|
|
7FF591283000
|
unkown image
|
page readonly
|
|
|
|
187480B0000
|
unkown
|
page read and write
|
|
|
|
7FF5D9B86000
|
unkown image
|
page readonly
|
|
|
|
7FF51EE87000
|
unkown image
|
page readonly
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
7FF59134A000
|
unkown image
|
page readonly
|
|
|
|
1CA0E029000
|
unkown
|
page read and write
|
|
|
|
7DF5C3840000
|
unkown image
|
page readonly
|
|
|
|
2025984A000
|
unkown
|
page read and write
|
|
|
|
2828BBD0000
|
unkown image
|
page readonly
|
|
|
|
282902AB000
|
unkown
|
page read and write
|
|
|
|
7FF5B99C2000
|
unkown image
|
page readonly
|
|
|
|
7FF508BD4000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3D27000
|
unkown image
|
page readonly
|
|
|
|
187487F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9BF7000
|
unkown image
|
page readonly
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
19B96857000
|
unkown
|
page read and write
|
|
|
|
20259857000
|
unkown
|
page read and write
|
|
|
|
7FF508E37000
|
unkown image
|
page readonly
|
|
|
|
7FF5B999F000
|
unkown image
|
page readonly
|
|
|
|
7FF51F2ED000
|
unkown image
|
page readonly
|
|
|
|
2828FFC0000
|
unkown
|
page read and write
|
|
|
|
7FF580B76000
|
unkown image
|
page readonly
|
|
|
|
18748E60000
|
unkown
|
page read and write
|
|
|
|
1A6CF9C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4221000
|
unkown image
|
page readonly
|
|
|
|
7FF508D38000
|
unkown image
|
page readonly
|
|
|
|
7FF51F2DF000
|
unkown image
|
page readonly
|
|
|
|
7FF508D9A000
|
unkown image
|
page readonly
|
|
|
|
16839313000
|
unkown
|
page read and write
|
|
|
|
20259902000
|
unkown
|
page read and write
|
|
|
|
28290230000
|
unkown
|
page read and write
|
|
|
|
16839010000
|
heap private
|
page read and write
|
|
|
|
282902CC000
|
unkown
|
page read and write
|
|
|
|
19B9719F000
|
unkown
|
page read and write
|
|
|
|
7FF5D3DD2000
|
unkown image
|
page readonly
|
|
|
|
2828ACFF000
|
unkown
|
page read and write
|
|
|
|
7FF508D71000
|
unkown image
|
page readonly
|
|
|
|
7B6E7F000
|
stack
|
page read and write
|
|
|
|
7FF5BEAEB000
|
unkown image
|
page readonly
|
|
|
|
1A6CF870000
|
unkown image
|
page readonly
|
|
|
|
28290230000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF5D4272000
|
unkown image
|
page readonly
|
|
|
|
BCA7BF7000
|
stack
|
page read and write
|
|
|
|
7FF508B45000
|
unkown image
|
page readonly
|
|
|
|
187483D5000
|
heap private
|
page read and write
|
|
|
|
20259800000
|
unkown
|
page read and write
|
|
|
|
1683928F000
|
unkown
|
page read and write
|
|
|
|
7FF580B4B000
|
unkown image
|
page readonly
|
|
|
|
7FF51F3AA000
|
unkown image
|
page readonly
|
|
|
|
18748C00000
|
unkown
|
page read and write
|
|
|
|
282900EE000
|
unkown
|
page read and write
|
|
|
|
19B971B8000
|
unkown
|
page read and write
|
|
|
|
7FF5D4127000
|
unkown image
|
page readonly
|
|
|
|
16839229000
|
unkown
|
page read and write
|
|
|
|
19B97178000
|
unkown
|
page read and write
|
|
|
|
19B96F30000
|
unkown image
|
page write copy
|
|
|
|
2145B7F000
|
stack
|
page read and write
|
|
|
|
20259854000
|
unkown
|
page read and write
|
|
|
|
7FF51F16A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9A44000
|
unkown image
|
page readonly
|
|
|
|
7FF5089EC000
|
unkown image
|
page readonly
|
|
|
|
938407B000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A54000
|
unkown image
|
page readonly
|
|
|
|
7FF5B92C1000
|
unkown image
|
page readonly
|
|
|
|
7DF58A922000
|
unkown image
|
page readonly
|
|
|
|
19B968E7000
|
unkown
|
page read and write
|
|
|
|
1A6CF830000
|
unkown image
|
page read and write
|
|
|
|
2828AA20000
|
heap private
|
page read and write
|
|
|
|
7DF498FE0000
|
unkown image
|
page readonly
|
|
|
|
19B967B0000
|
unkown
|
page read and write
|
|
|
|
151E07E000
|
stack
|
page read and write
|
|
|
|
20259858000
|
unkown
|
page read and write
|
|
|
|
7FF5D4263000
|
unkown image
|
page readonly
|
|
|
|
2828AC91000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF5D41B6000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4159000
|
unkown image
|
page readonly
|
|
|
|
2025987E000
|
unkown
|
page read and write
|
|
|
|
2828B601000
|
unkown
|
page read and write
|
|
|
|
18748230000
|
unkown image
|
page readonly
|
|
|
|
202596D0000
|
unkown image
|
page readonly
|
|
|
|
19B971B1000
|
unkown
|
page read and write
|
|
|
|
19B97100000
|
unkown
|
page read and write
|
|
|
|
19B96908000
|
unkown
|
page read and write
|
|
|
|
7FF508B7A000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA2F000
|
unkown
|
page read and write
|
|
|
|
2828B513000
|
unkown
|
page read and write
|
|
|
|
7DF512C22000
|
unkown image
|
page readonly
|
|
|
|
7FF51F218000
|
unkown image
|
page readonly
|
|
|
|
1683923C000
|
unkown
|
page read and write
|
|
|
|
7FF508B76000
|
unkown image
|
page readonly
|
|
|
|
19B97122000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F80000
|
unkown image
|
page readonly
|
|
|
|
2828B190000
|
unkown image
|
page readonly
|
|
|
|
7FF508DBD000
|
unkown image
|
page readonly
|
|
|
|
7DF5DE022000
|
unkown image
|
page readonly
|
|
|
|
19B96913000
|
unkown
|
page read and write
|
|
|
|
7B6EFF000
|
stack
|
page read and write
|
|
|
|
19B9716F000
|
unkown
|
page read and write
|
|
|
|
7FF51F2D1000
|
unkown image
|
page readonly
|
|
|
|
BCA857F000
|
stack
|
page read and write
|
|
|
|
21456FE000
|
stack
|
page read and write
|
|
|
|
7FF508D54000
|
unkown image
|
page readonly
|
|
|
|
18748120000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF580B3D000
|
unkown image
|
page readonly
|
|
|
|
187483D9000
|
heap private
|
page read and write
|
|
|
|
7FF5D4023000
|
unkown image
|
page readonly
|
|
|
|
7DF4C1700000
|
unkown image
|
page readonly
|
|
|
|
7FF508D59000
|
unkown image
|
page readonly
|
|
|
|
12317F000
|
stack
|
page read and write
|
|
|
|
18748EB0000
|
unkown
|
page read and write
|
|
|
|
19B96FA0000
|
unkown
|
page read and write
|
|
|
|
20259829000
|
unkown
|
page read and write
|
|
|
|
7FF5D4138000
|
unkown image
|
page readonly
|
|
|
|
7FF580947000
|
unkown image
|
page readonly
|
|
|
|
BCA82FE000
|
stack
|
page read and write
|
|
|
|
7FF5D9A81000
|
unkown image
|
page readonly
|
|
|
|
7FF591327000
|
unkown image
|
page readonly
|
|
|
|
19B97182000
|
unkown
|
page read and write
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
19B96800000
|
unkown
|
page read and write
|
|
|
|
19B971A7000
|
unkown
|
page read and write
|
|
|
|
7DF5C3842000
|
unkown image
|
page readonly
|
|
|
|
19B9683C000
|
unkown
|
page read and write
|
|
|
|
1A6CF850000
|
unkown image
|
page readonly
|
|
|
|
2828B3F0000
|
unkown
|
page read and write
|
|
|
|
7FF508E66000
|
unkown image
|
page readonly
|
|
|
|
7FF5D41A2000
|
unkown image
|
page readonly
|
|
|
|
1CA0E05E000
|
unkown
|
page read and write
|
|
|
|
19B97171000
|
unkown
|
page read and write
|
|
|
|
7DF529180000
|
unkown image
|
page readonly
|
|
|
|
7DF529172000
|
unkown image
|
page readonly
|
|
|
|
7FF580B87000
|
unkown image
|
page readonly
|
|
|
|
19B968BE000
|
unkown
|
page read and write
|
|
|
|
7FF5D41C7000
|
unkown image
|
page readonly
|
|
|
|
19B971A5000
|
unkown
|
page read and write
|
|
|
|
7FF5D3FB0000
|
unkown image
|
page readonly
|
|
|
|
7DF58A932000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9A41000
|
unkown image
|
page readonly
|
|
|
|
7FF5D40F5000
|
unkown image
|
page readonly
|
|
|
|
1A6CF9B0000
|
unkown image
|
page readonly
|
|
|
|
53DB67B000
|
stack
|
page read and write
|
|
|
|
1CA0E580000
|
unkown image
|
page readonly
|
|
|
|
7DF58A930000
|
unkown image
|
page readonly
|
|
|
|
2828AE00000
|
unkown image
|
page readonly
|
|
|
|
7FF5085A1000
|
unkown image
|
page readonly
|
|
|
|
7FF580B73000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4277000
|
unkown image
|
page readonly
|
|
|
|
19B9761E000
|
unkown
|
page read and write
|
|
|
|
2828AA30000
|
unkown image
|
page readonly
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
19B97184000
|
unkown
|
page read and write
|
|
|
|
7FF5D4266000
|
unkown image
|
page readonly
|
|
|
|
28290323000
|
unkown
|
page read and write
|
|
|
|
7FF51F255000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9C47000
|
unkown image
|
page readonly
|
|
|
|
1CA0E102000
|
unkown
|
page read and write
|
|
|
|
19B96854000
|
unkown
|
page read and write
|
|
|
|
1CA0E400000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9BF4000
|
unkown image
|
page readonly
|
|
|
|
28290124000
|
unkown
|
page read and write
|
|
|
|
18748179000
|
unkown
|
page read and write
|
|
|
|
2828B59A000
|
unkown
|
page read and write
|
|
|
|
7FF580B34000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3840000
|
unkown image
|
page readonly
|
|
|
|
28290101000
|
unkown
|
page read and write
|
|
|
|
7FF51F3C6000
|
unkown image
|
page readonly
|
|
|
|
1CA0DEB0000
|
unkown image
|
page readonly
|
|
|
|
7FF580631000
|
unkown image
|
page readonly
|
|
|
|
18747F30000
|
unkown image
|
page readonly
|
|
|
|
7FF51F302000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA17000
|
unkown
|
page read and write
|
|
|
|
7FF51F329000
|
unkown image
|
page readonly
|
|
|
|
2828B59A000
|
unkown
|
page read and write
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
19B971A5000
|
unkown
|
page read and write
|
|
|
|
202597E0000
|
unkown image
|
page readonly
|
|
|
|
19B96858000
|
unkown
|
page read and write
|
|
|
|
16839400000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3842000
|
unkown image
|
page readonly
|
|
|
|
7FF5D400A000
|
unkown image
|
page readonly
|
|
|
|
19B971AA000
|
unkown
|
page read and write
|
|
|
|
7FF5D93EB000
|
unkown image
|
page readonly
|
|
|
|
19B97177000
|
unkown
|
page read and write
|
|
|
|
282901B0000
|
unkown
|
page read and write
|
|
|
|
7FF5D933F000
|
unkown image
|
page readonly
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
1A6CFC15000
|
heap private
|
page read and write
|
|
|
|
1CA0E100000
|
unkown
|
page read and write
|
|
|
|
19B96889000
|
unkown
|
page read and write
|
|
|
|
9384B7E000
|
stack
|
page read and write
|
|
|
|
16839251000
|
unkown
|
page read and write
|
|
|
|
16839600000
|
unkown image
|
page readonly
|
|
|
|
16839780000
|
unkown image
|
page readonly
|
|
|
|
7FF580AC6000
|
unkown image
|
page readonly
|
|
|
|
7FF508A37000
|
unkown image
|
page readonly
|
|
|
|
19B96847000
|
unkown
|
page read and write
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A97000
|
unkown image
|
page readonly
|
|
|
|
7FF580976000
|
unkown image
|
page readonly
|
|
|
|
19B97198000
|
unkown
|
page read and write
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
7DF58A940000
|
unkown image
|
page readonly
|
|
|
|
18747EE0000
|
unkown image
|
page read and write
|
|
|
|
7FF580A8F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3B09000
|
unkown image
|
page readonly
|
|
|
|
7FF51EE81000
|
unkown image
|
page readonly
|
|
|
|
28290270000
|
unkown
|
page read and write
|
|
|
|
187483B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9A58000
|
unkown image
|
page readonly
|
|
|
|
19B9717C000
|
unkown
|
page read and write
|
|
|
|
7FF508E63000
|
unkown image
|
page readonly
|
|
|
|
18748167000
|
heap default
|
page read and write
|
|
|
|
7DF5E39E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4196000
|
unkown image
|
page readonly
|
|
|
|
19B971D9000
|
unkown
|
page read and write
|
|
|
|
7FF508B69000
|
unkown image
|
page readonly
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
2828B180000
|
unkown image
|
page readonly
|
|
|
|
7FF5D424A000
|
unkown image
|
page readonly
|
|
|
|
7FF508B62000
|
unkown image
|
page readonly
|
|
|
|
16839308000
|
unkown
|
page read and write
|
|
|
|
2145A77000
|
stack
|
page read and write
|
|
|
|
2828AC41000
|
unkown
|
page read and write
|
|
|
|
16839070000
|
heap default
|
page read and write
|
|
|
|
7DF529190000
|
unkown image
|
page readonly
|
|
|
|
2829030C000
|
unkown
|
page read and write
|
|
|
|
7FF5B9867000
|
unkown image
|
page readonly
|
|
|
|
7FF508B38000
|
unkown image
|
page readonly
|
|
|
|
7FF5B99B6000
|
unkown image
|
page readonly
|
|
|
|
BCA847B000
|
stack
|
page read and write
|
|
|
|
7FF5D9B66000
|
unkown image
|
page readonly
|
|
|
|
7DF59B112000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4085000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3850000
|
unkown image
|
page readonly
|
|
|
|
7FF5B98A8000
|
unkown image
|
page readonly
|
|
|
|
7FF5B99DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5B98A0000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA16000
|
unkown
|
page read and write
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
7DF59B130000
|
unkown image
|
page readonly
|
|
|
|
2828AC71000
|
unkown
|
page read and write
|
|
|
|
7FF58091A000
|
unkown image
|
page readonly
|
|
|
|
187480C0000
|
unkown
|
page read and write
|
|
|
|
7FF591324000
|
unkown image
|
page readonly
|
|
|
|
20259908000
|
unkown
|
page read and write
|
|
|
|
19B97182000
|
unkown
|
page read and write
|
|
|
|
151DF7A000
|
stack
|
page read and write
|
|
|
|
7FF580A93000
|
unkown image
|
page readonly
|
|
|
|
7FF5B99AD000
|
unkown image
|
page readonly
|
|
|
|
28290302000
|
unkown
|
page read and write
|
|
|
|
12299E000
|
stack
|
page read and write
|
|
|
|
19B968B2000
|
unkown
|
page read and write
|
|
|
|
19B97198000
|
unkown
|
page read and write
|
|
|
|
16839050000
|
unkown image
|
page readonly
|
|
|
|
2828FFD0000
|
unkown
|
page read and write
|
|
|
|
7FF5D4277000
|
unkown image
|
page readonly
|
|
|
|
19B9761E000
|
unkown
|
page read and write
|
|
|
|
7FF508D25000
|
unkown image
|
page readonly
|
|
|
|
7FF51F3D2000
|
unkown image
|
page readonly
|
|
|
|
19B9718F000
|
unkown
|
page read and write
|
|
|
|
28290600000
|
unkown
|
page read and write
|
|
|
|
7FF51F3C3000
|
unkown image
|
page readonly
|
|
|
|
2828AB60000
|
unkown image
|
page readonly
|
|
|
|
187485F0000
|
unkown image
|
page readonly
|
|
|
|
282901F0000
|
unkown
|
page read and write
|
|
|
|
7FF5D3AA1000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7FF51F1C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5D416F000
|
unkown image
|
page readonly
|
|
|
|
BCA7D7A000
|
stack
|
page read and write
|
|
|
|
1A6CFE20000
|
unkown image
|
page readonly
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
7FF508D6F000
|
unkown image
|
page readonly
|
|
|
|
20259849000
|
unkown
|
page read and write
|
|
|
|
18747F00000
|
unkown image
|
page readonly
|
|
|
|
18748020000
|
unkown
|
page read and write
|
|
|
|
18747F20000
|
unkown image
|
page readonly
|
|
|
|
19B96760000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEAEB000
|
unkown image
|
page readonly
|
|
|
|
2829028B000
|
unkown
|
page read and write
|
|
|
|
2828B900000
|
unkown
|
page read and write
|
|
|
|
938487E000
|
stack
|
page read and write
|
|
|
|
7FF508C23000
|
unkown image
|
page readonly
|
|
|
|
122E7B000
|
stack
|
page read and write
|
|
|
|
19B97603000
|
unkown
|
page read and write
|
|
|
|
BCA807A000
|
stack
|
page read and write
|
|
|
|
7DF410AE0000
|
unkown image
|
page readonly
|
|
|
|
2828BF60000
|
unkown
|
page read and write
|
|
|
|
7DF58A920000
|
unkown image
|
page readonly
|
|
|
|
53DB57E000
|
stack
|
page read and write
|
|
|
|
19B96848000
|
unkown
|
page read and write
|
|
|
|
7B6B4A000
|
unkown
|
page read and write
|
|
|
|
1CA0E200000
|
unkown image
|
page readonly
|
|
|
|
1A6CFA07000
|
heap default
|
page read and write
|
|
|
|
93842FF000
|
stack
|
page read and write
|
|
|
|
16839170000
|
unkown
|
page read and write
|
|
|
|
1CA0E660000
|
unkown
|
page read and write
|
|
|
|
7B6F79000
|
stack
|
page read and write
|
|
|
|
7FF580B44000
|
unkown image
|
page readonly
|
|
|
|
2025A002000
|
unkown
|
page read and write
|
|
|
|
2025984B000
|
unkown
|
page read and write
|
|
|
|
19B968A7000
|
unkown
|
page read and write
|
|
|
|
7DF512C22000
|
unkown image
|
page readonly
|
|
|
|
7FF51F381000
|
unkown image
|
page readonly
|
|
|
|
7FF508597000
|
unkown image
|
page readonly
|
|
|
|
7FF5807F1000
|
unkown image
|
page readonly
|
|
|
|
28290120000
|
unkown
|
page read and write
|
|
|
|
7FF580AAA000
|
unkown image
|
page readonly
|
|
|
|
2829031B000
|
unkown
|
page read and write
|
|
|
|
2828B3C1000
|
unkown
|
page read and write
|
|
|
|
19B97197000
|
unkown
|
page read and write
|
|
|
|
19B9717D000
|
unkown
|
page read and write
|
|
|
|
93844FA000
|
stack
|
page read and write
|
|
|
|
7FF5D9B3F000
|
unkown image
|
page readonly
|
|
|
|
9384978000
|
stack
|
page read and write
|
|
|
|
1CA0DED0000
|
unkown image
|
page readonly
|
|
|
|
202596B0000
|
unkown image
|
page readonly
|
|
|
|
19B968FB000
|
unkown
|
page read and write
|
|
|
|
7FF508D50000
|
unkown image
|
page readonly
|
|
|
|
2828FF60000
|
unkown
|
page read and write
|
|
|
|
19B97119000
|
unkown
|
page read and write
|
|
|
|
19B97173000
|
unkown
|
page read and write
|
|
|
|
1683924B000
|
unkown
|
page read and write
|
|
|
|
7FF5089D2000
|
unkown image
|
page readonly
|
|
|
|
7DF512C10000
|
unkown image
|
page readonly
|
|
|
|
20259700000
|
heap default
|
page read and write
|
|
|
|
7FF591296000
|
unkown image
|
page readonly
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
19B968DF000
|
unkown
|
page read and write
|
|
|
|
19B96813000
|
unkown
|
page read and write
|
|
|
|
1CA0E061000
|
unkown
|
page read and write
|
|
|
|
19B9717F000
|
unkown
|
page read and write
|
|
|
|
7FF508CB1000
|
unkown image
|
page readonly
|
|
|
|
7FF580990000
|
unkown image
|
page readonly
|
|
|
|
19B97172000
|
unkown
|
page read and write
|
|
|
|
7FF5D3FBB000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9991000
|
unkown image
|
page readonly
|
|
|
|
1CA0E108000
|
unkown
|
page read and write
|
|
|
|
7FF5D41C9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3830000
|
unkown image
|
page readonly
|
|
|
|
19B97172000
|
unkown
|
page read and write
|
|
|
|
19B97171000
|
unkown
|
page read and write
|
|
|
|
19B971C7000
|
unkown
|
page read and write
|
|
|
|
93847FC000
|
stack
|
page read and write
|
|
|
|
53DB4FE000
|
stack
|
page read and write
|
|
|
|
2828AC79000
|
unkown
|
page read and write
|
|
|
|
7FF591363000
|
unkown image
|
page readonly
|
|
|
|
7FF51F3D7000
|
unkown image
|
page readonly
|
|
|
|
18747EF0000
|
unkown
|
page read and write
|
|
|
|
7DF5DE020000
|
unkown image
|
page readonly
|
|
|
|
7DF5C3850000
|
unkown image
|
page readonly
|
|
|
|
7DF529180000
|
unkown image
|
page readonly
|
|
|
|
7FF508B2A000
|
unkown image
|
page readonly
|
|
|
|
9384A7D000
|
stack
|
page read and write
|
|
|
|
7FF508C1A000
|
unkown image
|
page readonly
|
|
|
|
7FF51F041000
|
unkown image
|
page readonly
|
|
|
|
2828AA60000
|
unkown image
|
page readonly
|
|
|
|
7FF51F38D000
|
unkown image
|
page readonly
|
|
|
|
2828B415000
|
unkown
|
page read and write
|
|
|
|
2828BC00000
|
unkown image
|
page readonly
|
|
|
|
7FF508D7F000
|
unkown image
|
page readonly
|
|
|
|
187483E0000
|
unkown
|
page read and write
|
|
|
|
19B971B8000
|
unkown
|
page read and write
|
|
|
|
7FF51F31D000
|
unkown image
|
page readonly
|
|
|
|
19B9716D000
|
unkown
|
page read and write
|
|
|
|
2828BAE0000
|
unkown
|
page read and write
|
|
|
|
7FF591377000
|
unkown image
|
page readonly
|
|
|
|
28290240000
|
unkown
|
page read and write
|
|
|
|
19B97700000
|
unkown
|
page read and write
|
|
|
|
2828FF80000
|
unkown
|
page read and write
|
|
|
|
19B96AD0000
|
unkown image
|
page readonly
|
|
|
|
7FF508DCE000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9BF1000
|
unkown image
|
page readonly
|
|
|
|
20259813000
|
unkown
|
page read and write
|
|
|
|
2829031D000
|
unkown
|
page read and write
|
|
|
|
16839150000
|
unkown image
|
page readonly
|
|
|
|
19B9716F000
|
unkown
|
page read and write
|
|
|
|
1CA0E07F000
|
unkown
|
page read and write
|
|
|
|
7DF59B120000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9C47000
|
unkown image
|
page readonly
|
|
|
|
282900E1000
|
unkown
|
page read and write
|
|
|
|
20259859000
|
unkown
|
page read and write
|
|
|
|
7FF5D422D000
|
unkown image
|
page readonly
|
|
|
|
7FF508CB8000
|
unkown image
|
page readonly
|
|
|
|
2828B559000
|
unkown
|
page read and write
|
|
|
|
7DF512C12000
|
unkown image
|
page readonly
|
|
|
|
2828ABF3000
|
unkown
|
page read and write
|
|
|
|
19B971A7000
|
unkown
|
page read and write
|
|
|
|
7FF5D3F4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D93D0000
|
unkown image
|
page readonly
|
|
|
|
28290319000
|
unkown
|
page read and write
|
|
|
|
1CA0DEB0000
|
unkown image
|
page readonly
|
|
|
|
19B971A5000
|
unkown
|
page read and write
|
|
|
|
7FF5D99CC000
|
unkown image
|
page readonly
|
|
|
|
1A6CFC20000
|
unkown image
|
page readonly
|
|
|
|
122C7E000
|
stack
|
page read and write
|
|
|
|
28290100000
|
unkown
|
page read and write
|
|
|
|
2828ABF0000
|
unkown
|
page read and write
|
|
|
|
19B96730000
|
unkown image
|
page readonly
|
|
|
|
19B96850000
|
unkown
|
page read and write
|
|
|
|
19B97763000
|
unkown
|
page read and write
|
|
|
|
7FF508B80000
|
unkown image
|
page readonly
|
|
|
|
7FF51F2F6000
|
unkown image
|
page readonly
|
|
|
|
282900E0000
|
unkown
|
page read and write
|
|
|
|
7DF512C30000
|
unkown image
|
page readonly
|
|
|
|
7FF51F394000
|
unkown image
|
page readonly
|
|
|
|
19B97702000
|
unkown
|
page read and write
|
|
|
|
2828B402000
|
unkown
|
page read and write
|
|
|
|
2828B518000
|
unkown
|
page read and write
|
|
|
|
16839288000
|
unkown
|
page read and write
|
|
|
|
7DF529182000
|
unkown image
|
page readonly
|
|
|
|
1A6CF9FB000
|
heap default
|
page read and write
|
|
|
|
53DB7FB000
|
stack
|
page read and write
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
7FF580637000
|
unkown image
|
page readonly
|
|
|
|
1CA0E054000
|
unkown
|
page read and write
|
|
|
|
7FF5D418D000
|
unkown image
|
page readonly
|
|
|
|
19B9718D000
|
unkown
|
page read and write
|
|
|
|
7FF5D3CF6000
|
unkown image
|
page readonly
|
|
|
|
7FF508D44000
|
unkown image
|
page readonly
|
|
|
|
18748E40000
|
unkown
|
page readonly
|
|
|
|
7DF5E39E2000
|
unkown image
|
page readonly
|
|
|
|
1CA0DEE0000
|
unkown image
|
page readonly
|
|
|
|
7FF580A9D000
|
unkown image
|
page readonly
|
|
|
|
7FF580AD9000
|
unkown image
|
page readonly
|
|
|
|
7FF5D3FAE000
|
unkown image
|
page readonly
|
|
|
|
7FF5802B7000
|
unkown image
|
page readonly
|
|
|
|
19B9716F000
|
unkown
|
page read and write
|
|
|
|
7DF512C12000
|
unkown image
|
page readonly
|
|
|
|
7FF580A05000
|
unkown image
|
page readonly
|
|
|
|
19B971C7000
|
unkown
|
page read and write
|
|
|
|
7FF508659000
|
unkown image
|
page readonly
|
|
|
|
19B97184000
|
unkown
|
page read and write
|
|
|
|
282900E0000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A92000
|
unkown image
|
page readonly
|
|
|
|
28290420000
|
unkown
|
page read and write
|
|
|
|
19B96902000
|
unkown
|
page read and write
|
|
|
|
7FF5B9915000
|
unkown image
|
page readonly
|
|
|
|
7FF508E4A000
|
unkown image
|
page readonly
|
|
|
|
19B971A8000
|
unkown
|
page read and write
|
|
|
|
2828B518000
|
unkown
|
page read and write
|
|
|
|
1A6CFA02000
|
unkown
|
page read and write
|
|
|
|
7FF5D40B8000
|
unkown image
|
page readonly
|
|
|
|
7FF508DB6000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4125000
|
unkown image
|
page readonly
|
|
|
|
7FF51F1E0000
|
unkown image
|
page readonly
|
|
|
|
1CA0DE90000
|
unkown image
|
page read and write
|
|
|
|
7FF508C17000
|
unkown image
|
page readonly
|
|
|
|
7DF5E3A00000
|
unkown image
|
page readonly
|
|
|
|
2829031C000
|
unkown
|
page read and write
|
|
|
|
53DBAFE000
|
stack
|
page read and write
|
|
|
|
7FF5D401F000
|
unkown image
|
page readonly
|
|
|
|
7FF590B34000
|
unkown image
|
page readonly
|
|
|
|
7FF508DA2000
|
unkown image
|
page readonly
|
|
|
|
1CA0DF00000
|
heap default
|
page read and write
|
|
|
|
282900E5000
|
unkown
|
page read and write
|
|
|
|
19B968EA000
|
unkown
|
page read and write
|
|
|
|
1A6CF850000
|
unkown image
|
page readonly
|
|
|
|
282902A1000
|
unkown
|
page read and write
|
|
|
|
7FF580B47000
|
unkown image
|
page readonly
|
|
|
|
18748060000
|
unkown image
|
page readonly
|
|
|
|
7FF5D9B99000
|
unkown image
|
page readonly
|
|
|
|
19B97170000
|
unkown
|
page read and write
|
|
|
|
19B97173000
|
unkown
|
page read and write
|
|
|
|
7DF5E39E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5B9886000
|
unkown image
|
page readonly
|
|
|
|
2829031F000
|
unkown
|
page read and write
|
|
|
|
7FF591334000
|
unkown image
|
page readonly
|
|
|
|
19B971A1000
|
unkown
|
page read and write
|
|
|
|
16839249000
|
unkown
|
page read and write
|
|
|
|
2828AC76000
|
unkown
|
page read and write
|
|
|
|
7FF5D3B05000
|
unkown image
|
page readonly
|
|
|
|
214587C000
|
stack
|
page read and write
|
|
|
|
19B96730000
|
unkown image
|
page readonly
|
|
|
|
19B97763000
|
unkown
|
page read and write
|
|
|
|
7FF5B9547000
|
unkown image
|
page readonly
|
|
|
|
2025983C000
|
unkown
|
page read and write
|
|
|
|
19B96780000
|
heap default
|
page read and write
|
|
|
|
2828AC00000
|
unkown
|
page read and write
|
|
|
|
7FF5B9A4D000
|
unkown image
|
page readonly
|
|
|
|
19B97186000
|
unkown
|
page read and write
|
|
|
|
7DF5C3830000
|
unkown image
|
page readonly
|
|
|
|
1A6CFC10000
|
heap private
|
page read and write
|
|
|
|
19B96856000
|
unkown
|
page read and write
|
|
|
|
7B707C000
|
stack
|
page read and write
|
|
|
|
7FF5D4088000
|
unkown image
|
page readonly
|
|
|
|
7FF5D4150000
|
unkown image
|
page readonly
|
|
|
|
7FF5088EA000
|
unkown image
|
page readonly
|
|
|
|
18748E50000
|
unkown
|
page read and write
|
|
|
|
7FF508C33000
|
unkown image
|
page readonly
|
|
|
|
7DF59B130000
|
unkown image
|
page readonly
|
|
|
|
19B97602000
|
unkown
|
page read and write
|
|
|
|
151E0F9000
|
stack
|
page read and write
|
|
|
|
19B9714C000
|
unkown
|
page read and write
|
|
|
|
16839020000
|
unkown image
|
page readonly
|
|
|
|
7DF59B110000
|
unkown image
|
page readonly
|
|
|
|
7FF580AA6000
|
unkown image
|
page readonly
|
|
|
|
28290213000
|
unkown
|
page read and write
|
|
|
|
19B96720000
|
heap private
|
page read and write
|
|
|
|
19B9766A000
|
unkown
|
page read and write
|
|
|
|
7FF5B99E9000
|
unkown image
|
page readonly
|
|
There are 914 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Revised_Purchase_Order.htm
|
|