Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Jrsuarez-62643-5799-80-950985.HTM
|
HTML document, ASCII text, with no line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\19b4d47a-4ade-4a3e-a215-70c132518bdc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\790ef354-a05e-4d29-9d46-ca119617566b.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8e06e0b5-ccd6-4540-91b7-92d07ccafa69.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\209ef779-7f9b-4551-bac4-40bc79fb57e2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\25ae2d48-24cc-4e0e-8e3c-d3b9a5c79545.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2b28ad90-75a3-448b-ad30-4da477fdeb37.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45316942-7c6d-4225-95af-61b8899d9240.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ebd56a9-7034-4927-9ea1-ebf934466cd9.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6738aba0-a65d-47e8-b667-b4548d41f242.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6cf534c2-3ef1-4062-a072-84b8d58d38c8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
dBase III DBT, next free block index 3238316739, block length 1024
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabson (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesmp (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencest (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\60aa342a-a17f-4b7c-bcf6-68d2025801cb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\9946152e-6414-4c5c-b36b-c9d3c825f698.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old.n
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.olded
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\af0192b9-9be1-46eb-86fd-f7d218e8d337.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d5cf158e-7991-433f-8b00-65a75c68ee0c.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldM (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ede11399-1740-43ef-bed2-df20f88defcb.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f7309247-1519-4405-8d6d-c45513a0dc1d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldl (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6756_509423512\Ruleset Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1470910808\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1470910808\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1470910808\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1470910808\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1470910808\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1892504408\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1892504408\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_1892504408\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2019422823\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2019422823\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2019422823\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2019422823\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2019422823\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_383417184\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_383417184\download_file_types.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_383417184\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_383417184\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_397759030\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_439876231\d195a2cb-f28a-44a5-a367-da40d7786806.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\58e138ab-cfd7-4c27-ac3d-64db246b69c2.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_661184209\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 248 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\Jrsuarez-62643-5799-80-950985.HTM'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1532,5326966957063742456,3171404271423619862,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1944 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://invoiceauthority.com/wp-admins/audio/audio/css/conv.css
|
69.49.234.122
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/inv-small-background.jpg
|
69.49.234.122
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/sigin.png
|
69.49.234.122
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
216.58.215.225
|
|
|
|
https://logo.clearbit.com/ingeniaglobal.cl
|
54.230.206.51
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/passwrd.png
|
69.49.234.122
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/arrow_left.svg
|
69.49.234.122
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/favicon.ico
|
69.49.234.122
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.78
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/api.php
|
69.49.234.122
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/ellipsis_grey.svg
|
69.49.234.122
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/enterpass.png
|
69.49.234.122
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/forgetpass.png
|
69.49.234.122
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/inv-big-background.jpg
|
69.49.234.122
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/forgetpass.png8
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/p5xij86qc4wutebzk9o1f730ndyah2grlmsv4e9mbzpcil3s6
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://invoiceauthority.com/wp-admins/audio/audio/images/ellipsis_white.svg
|
69.49.234.122
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 59 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nevadaediblestogo.com
|
69.49.228.175
|
|
|
|
d26p066pn2w0s0.cloudfront.net
|
54.230.206.51
|
|
|
|
invoiceauthority.com
|
69.49.234.122
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
172.217.168.78
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.215.225
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
logo.clearbit.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
69.49.228.175
|
nevadaediblestogo.com
|
United States
|
|
|
|
69.49.234.122
|
invoiceauthority.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
216.58.215.225
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
192.168.2.7
|
unknown
|
unknown
|
|
|
|
192.168.2.3
|
unknown
|
unknown
|
|
|
|
192.168.2.6
|
unknown
|
unknown
|
|
|
|
54.230.206.51
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
|
|
|
172.217.168.78
|
clients.l.google.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
There are 2 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22767546000
|
heap default
|
page read and write
|
|
|
|
203B4229000
|
unkown
|
page read and write
|
|
|
|
7FF57EAEF000
|
unkown image
|
page readonly
|
|
|
|
1ED4B989000
|
unkown
|
page read and write
|
|
|
|
7FF543409000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9C8000
|
unkown
|
page read and write
|
|
|
|
7FF5B7880000
|
unkown image
|
page readonly
|
|
|
|
2643B7B000
|
stack
|
page read and write
|
|
|
|
7FF582BD1000
|
unkown image
|
page readonly
|
|
|
|
978B17A000
|
stack
|
page read and write
|
|
|
|
19FCC6D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7873000
|
unkown image
|
page readonly
|
|
|
|
7FF5B786D000
|
unkown image
|
page readonly
|
|
|
|
1ED4B108000
|
unkown
|
page read and write
|
|
|
|
7FF5BBA21000
|
unkown image
|
page readonly
|
|
|
|
203B4261000
|
unkown
|
page read and write
|
|
|
|
7FF5B788E000
|
unkown image
|
page readonly
|
|
|
|
7FF542B3C000
|
unkown image
|
page readonly
|
|
|
|
7FF5B70E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5B77E1000
|
unkown image
|
page readonly
|
|
|
|
7FF57F5FE000
|
unkown image
|
page readonly
|
|
|
|
1ED4B990000
|
unkown
|
page read and write
|
|
|
|
19FCC44B000
|
unkown
|
page read and write
|
|
|
|
180C0E13000
|
unkown
|
page read and write
|
|
|
|
7FF582AAC000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
7FF5B7951000
|
unkown image
|
page readonly
|
|
|
|
19FCCC02000
|
unkown
|
page read and write
|
|
|
|
7FF52F341000
|
unkown image
|
page readonly
|
|
|
|
978AC7E000
|
stack
|
page read and write
|
|
|
|
19FCC43C000
|
unkown
|
page read and write
|
|
|
|
7FF57F09C000
|
unkown image
|
page readonly
|
|
|
|
8A15EFD000
|
stack
|
page read and write
|
|
|
|
1ED4B9C6000
|
unkown
|
page read and write
|
|
|
|
180C0F02000
|
unkown
|
page read and write
|
|
|
|
26B3E6B0000
|
unkown
|
page readonly
|
|
|
|
1ED4AF80000
|
unkown image
|
page readonly
|
|
|
|
180C0D70000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB9FB000
|
unkown image
|
page readonly
|
|
|
|
180C0C70000
|
unkown image
|
page readonly
|
|
|
|
26B3D790000
|
unkown image
|
page readonly
|
|
|
|
978B1FF000
|
stack
|
page read and write
|
|
|
|
7DF5C55E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB84000
|
unkown image
|
page readonly
|
|
|
|
1ED4B6C0000
|
unkown
|
page read and write
|
|
|
|
180C0C20000
|
unkown image
|
page read and write
|
|
|
|
1ED4B9C8000
|
unkown
|
page read and write
|
|
|
|
203B3FC0000
|
heap private
|
page read and write
|
|
|
|
7FF5BB82C000
|
unkown image
|
page readonly
|
|
|
|
1ED4BF3C000
|
unkown
|
page read and write
|
|
|
|
7FF57F69A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B774B000
|
unkown image
|
page readonly
|
|
|
|
7FF543336000
|
unkown image
|
page readonly
|
|
|
|
7DF56EB10000
|
unkown image
|
page readonly
|
|
|
|
7FF560DBF000
|
unkown image
|
page readonly
|
|
|
|
7FF542FD2000
|
unkown image
|
page readonly
|
|
|
|
1ED4B6C0000
|
unkown
|
page read and write
|
|
|
|
7FF560EB1000
|
unkown image
|
page readonly
|
|
|
|
19FCC450000
|
unkown
|
page read and write
|
|
|
|
19FCC508000
|
unkown
|
page read and write
|
|
|
|
7FF57F697000
|
unkown image
|
page readonly
|
|
|
|
7FF5433AA000
|
unkown image
|
page readonly
|
|
|
|
1ED4B916000
|
unkown
|
page read and write
|
|
|
|
7DF56EB10000
|
unkown image
|
page readonly
|
|
|
|
7FF560DDE000
|
unkown image
|
page readonly
|
|
|
|
7FF560EA5000
|
unkown image
|
page readonly
|
|
|
|
7FF57F201000
|
unkown image
|
page readonly
|
|
|
|
19FCC360000
|
heap default
|
page read and write
|
|
|
|
180C0C90000
|
heap default
|
page read and write
|
|
|
|
7FF5B77BB000
|
unkown image
|
page readonly
|
|
|
|
180C0E3C000
|
unkown
|
page read and write
|
|
|
|
7FF57F289000
|
unkown image
|
page readonly
|
|
|
|
7FF57F50B000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99E000
|
unkown
|
page read and write
|
|
|
|
1ED4B97B000
|
unkown
|
page read and write
|
|
|
|
7FF57F3A5000
|
unkown image
|
page readonly
|
|
|
|
19FCC429000
|
unkown
|
page read and write
|
|
|
|
CA5A1FD000
|
stack
|
page read and write
|
|
|
|
7FF5B76E6000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE00000
|
unkown
|
page read and write
|
|
|
|
7FF5BB926000
|
unkown image
|
page readonly
|
|
|
|
203B3FF0000
|
unkown image
|
page readonly
|
|
|
|
203B425F000
|
unkown
|
page read and write
|
|
|
|
7DF590A80000
|
unkown image
|
page readonly
|
|
|
|
7FF560EA1000
|
unkown image
|
page readonly
|
|
|
|
19FCC400000
|
unkown
|
page read and write
|
|
|
|
19FCC47E000
|
unkown
|
page read and write
|
|
|
|
7DF58D392000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB72000
|
unkown image
|
page readonly
|
|
|
|
7FF57F2F4000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9A3000
|
unkown
|
page read and write
|
|
|
|
19FCC452000
|
unkown
|
page read and write
|
|
|
|
8A15C7B000
|
unkown
|
page read and write
|
|
|
|
7DF5510A2000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9B6000
|
unkown
|
page read and write
|
|
|
|
7FF542B37000
|
unkown image
|
page readonly
|
|
|
|
7FF582C75000
|
unkown image
|
page readonly
|
|
|
|
7DF5510A2000
|
unkown image
|
page readonly
|
|
|
|
180C0F00000
|
unkown
|
page read and write
|
|
|
|
6F4DAF7000
|
stack
|
page read and write
|
|
|
|
7FF542CAF000
|
unkown image
|
page readonly
|
|
|
|
2643EFE000
|
stack
|
page read and write
|
|
|
|
6F4D5AF000
|
stack
|
page read and write
|
|
|
|
7FF57F58C000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB9AF000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB79000
|
unkown image
|
page readonly
|
|
|
|
7FF582E21000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0EC000
|
unkown
|
page read and write
|
|
|
|
7FF582D43000
|
unkown image
|
page readonly
|
|
|
|
203B428C000
|
unkown
|
page read and write
|
|
|
|
7FF560E0E000
|
unkown image
|
page readonly
|
|
|
|
6F4D9FB000
|
stack
|
page read and write
|
|
|
|
7FF582DF9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9810000
|
unkown image
|
page readonly
|
|
|
|
7DF58D380000
|
unkown image
|
page readonly
|
|
|
|
227674D0000
|
unkown image
|
page read and write
|
|
|
|
227677C0000
|
heap private
|
page read and write
|
|
|
|
22767700000
|
unkown
|
page read and write
|
|
|
|
6F4D4AB000
|
unkown
|
page read and write
|
|
|
|
7DF5C55C0000
|
unkown image
|
page readonly
|
|
|
|
264374B000
|
unkown
|
page read and write
|
|
|
|
7FF57F464000
|
unkown image
|
page readonly
|
|
|
|
180C0E7B000
|
unkown
|
page read and write
|
|
|
|
7FF57F5D1000
|
unkown image
|
page readonly
|
|
|
|
7FF57F087000
|
unkown image
|
page readonly
|
|
|
|
26B3D950000
|
heap default
|
page read and write
|
|
|
|
7FF5B78AB000
|
unkown image
|
page readonly
|
|
|
|
7DF46C9E0000
|
unkown image
|
page readonly
|
|
|
|
1ED4B057000
|
unkown
|
page read and write
|
|
|
|
7FF57F419000
|
unkown image
|
page readonly
|
|
|
|
6F4D52F000
|
stack
|
page read and write
|
|
|
|
7FF543353000
|
unkown image
|
page readonly
|
|
|
|
7FF57F3AC000
|
unkown image
|
page readonly
|
|
|
|
1ED4B900000
|
unkown
|
page read and write
|
|
|
|
2643BFE000
|
stack
|
page read and write
|
|
|
|
7FF57F71A000
|
unkown image
|
page readonly
|
|
|
|
1ED4AFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB96D000
|
unkown image
|
page readonly
|
|
|
|
7FF560DBD000
|
unkown image
|
page readonly
|
|
|
|
2643CFB000
|
stack
|
page read and write
|
|
|
|
2959F9C000
|
unkown
|
page read and write
|
|
|
|
1ED4B071000
|
unkown
|
page read and write
|
|
|
|
7DF590A92000
|
unkown image
|
page readonly
|
|
|
|
7FF5B78DD000
|
unkown image
|
page readonly
|
|
|
|
180C0E53000
|
unkown
|
page read and write
|
|
|
|
203B4802000
|
unkown
|
page read and write
|
|
|
|
7FF543431000
|
unkown image
|
page readonly
|
|
|
|
19FCC459000
|
unkown
|
page read and write
|
|
|
|
26B3E480000
|
unkown
|
page read and write
|
|
|
|
1ED4B992000
|
unkown
|
page read and write
|
|
|
|
978ABFB000
|
stack
|
page read and write
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
1ED4B98F000
|
unkown
|
page read and write
|
|
|
|
7DF590AA0000
|
unkown image
|
page readonly
|
|
|
|
26B3E6D0000
|
unkown
|
page read and write
|
|
|
|
7FF57F657000
|
unkown image
|
page readonly
|
|
|
|
CA5A17F000
|
stack
|
page read and write
|
|
|
|
7FF5B7944000
|
unkown image
|
page readonly
|
|
|
|
7FF57F532000
|
unkown image
|
page readonly
|
|
|
|
7FF582D2F000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB1A000
|
unkown image
|
page readonly
|
|
|
|
7FF57F633000
|
unkown image
|
page readonly
|
|
|
|
7FF57F4F0000
|
unkown image
|
page readonly
|
|
|
|
203B425B000
|
unkown
|
page read and write
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
19FCC446000
|
unkown
|
page read and write
|
|
|
|
1ED4BE6A000
|
unkown
|
page read and write
|
|
|
|
1ED4BF3C000
|
unkown
|
page read and write
|
|
|
|
7FF582901000
|
unkown image
|
page readonly
|
|
|
|
180C0C60000
|
unkown image
|
page readonly
|
|
|
|
7FF57F4ED000
|
unkown image
|
page readonly
|
|
|
|
1ED4B990000
|
unkown
|
page read and write
|
|
|
|
7FF582D47000
|
unkown image
|
page readonly
|
|
|
|
7FF5431CA000
|
unkown image
|
page readonly
|
|
|
|
7FF57F08B000
|
unkown image
|
page readonly
|
|
|
|
26B3DC05000
|
heap private
|
page read and write
|
|
|
|
26B3DA50000
|
unkown image
|
page readonly
|
|
|
|
26B3D99D000
|
unkown
|
page read and write
|
|
|
|
1ED4B0F8000
|
unkown
|
page read and write
|
|
|
|
7FF57F485000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9BB000
|
unkown
|
page read and write
|
|
|
|
1ED4B9D0000
|
unkown
|
page read and write
|
|
|
|
7FF560E82000
|
unkown image
|
page readonly
|
|
|
|
26B3D996000
|
unkown
|
page read and write
|
|
|
|
1ED4B9A3000
|
unkown
|
page read and write
|
|
|
|
7FF5BBBA1000
|
unkown image
|
page readonly
|
|
|
|
1ED4AE80000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0C0000
|
unkown
|
page read and write
|
|
|
|
19FCC513000
|
unkown
|
page read and write
|
|
|
|
7FF542B35000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBAD7000
|
unkown image
|
page readonly
|
|
|
|
7FF582E1A000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9CC000
|
unkown
|
page read and write
|
|
|
|
7FF5BBAAD000
|
unkown image
|
page readonly
|
|
|
|
7FF582AA5000
|
unkown image
|
page readonly
|
|
|
|
22767556000
|
unkown
|
page read and write
|
|
|
|
7FF5BBAAF000
|
unkown image
|
page readonly
|
|
|
|
978A7DB000
|
unkown
|
page read and write
|
|
|
|
1ED4AFA0000
|
unkown
|
page read and write
|
|
|
|
CA59D2F000
|
stack
|
page read and write
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
1ED4B9A3000
|
unkown
|
page read and write
|
|
|
|
7FF582D29000
|
unkown image
|
page readonly
|
|
|
|
7FF582C8C000
|
unkown image
|
page readonly
|
|
|
|
19FCC310000
|
unkown image
|
page readonly
|
|
|
|
978AF7F000
|
stack
|
page read and write
|
|
|
|
7FF57F207000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9A2000
|
unkown
|
page read and write
|
|
|
|
7FF5B7447000
|
unkown image
|
page readonly
|
|
|
|
1ED4B116000
|
unkown
|
page read and write
|
|
|
|
978AD78000
|
stack
|
page read and write
|
|
|
|
7FF5B77E5000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBAEB000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9810000
|
unkown image
|
page readonly
|
|
|
|
7DF551090000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0C7000
|
unkown
|
page read and write
|
|
|
|
7DF56EB30000
|
unkown image
|
page readonly
|
|
|
|
1ED4B98B000
|
unkown
|
page read and write
|
|
|
|
227674F0000
|
unkown image
|
page readonly
|
|
|
|
26B3D7A0000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
7FF582D7E000
|
unkown image
|
page readonly
|
|
|
|
22767760000
|
unkown image
|
page readonly
|
|
|
|
978B3F8000
|
stack
|
page read and write
|
|
|
|
7FF5BBACE000
|
unkown image
|
page readonly
|
|
|
|
7DF56EB22000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7932000
|
unkown image
|
page readonly
|
|
|
|
203B4400000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55C2000
|
unkown image
|
page readonly
|
|
|
|
1ED4B98F000
|
unkown
|
page read and write
|
|
|
|
7FF54333F000
|
unkown image
|
page readonly
|
|
|
|
7FF57F69D000
|
unkown image
|
page readonly
|
|
|
|
26B3D9BB000
|
heap default
|
page read and write
|
|
|
|
2643A7E000
|
stack
|
page read and write
|
|
|
|
26B3D750000
|
unkown image
|
page read and write
|
|
|
|
1ED4B95F000
|
unkown
|
page read and write
|
|
|
|
7FF5BBB91000
|
unkown image
|
page readonly
|
|
|
|
7FF582D97000
|
unkown image
|
page readonly
|
|
|
|
7FF57F64E000
|
unkown image
|
page readonly
|
|
|
|
7FF582907000
|
unkown image
|
page readonly
|
|
|
|
7FF542CB9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55D0000
|
unkown image
|
page readonly
|
|
|
|
2643DF7000
|
stack
|
page read and write
|
|
|
|
203B4213000
|
unkown
|
page read and write
|
|
|
|
26B3DC00000
|
heap private
|
page read and write
|
|
|
|
7FF5B772D000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
7DF56EB22000
|
unkown image
|
page readonly
|
|
|
|
7FF5BAF6F000
|
unkown image
|
page readonly
|
|
|
|
7FF543242000
|
unkown image
|
page readonly
|
|
|
|
7DF58D392000
|
unkown image
|
page readonly
|
|
|
|
295A2FF000
|
stack
|
page read and write
|
|
|
|
1ED4B029000
|
unkown
|
page read and write
|
|
|
|
978AE77000
|
stack
|
page read and write
|
|
|
|
7DF5510A0000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
26B3D8B0000
|
unkown
|
page read and write
|
|
|
|
26B3D8D0000
|
unkown image
|
page readonly
|
|
|
|
CA59CAA000
|
unkown
|
page read and write
|
|
|
|
1ED4BF9D000
|
unkown
|
page read and write
|
|
|
|
19FCC340000
|
unkown image
|
page readonly
|
|
|
|
22767572000
|
unkown
|
page read and write
|
|
|
|
7DF48B250000
|
unkown image
|
page readonly
|
|
|
|
26B3DC10000
|
unkown
|
page read and write
|
|
|
|
7DF58D382000
|
unkown image
|
page readonly
|
|
|
|
22767560000
|
unkown
|
page read and write
|
|
|
|
203B4000000
|
unkown image
|
page readonly
|
|
|
|
7DF590A80000
|
unkown image
|
page readonly
|
|
|
|
7FF560E9A000
|
unkown image
|
page readonly
|
|
|
|
1ED4B98B000
|
unkown
|
page read and write
|
|
|
|
7DF5C9812000
|
unkown image
|
page readonly
|
|
|
|
7FF560DD0000
|
unkown image
|
page readonly
|
|
|
|
1ED4B972000
|
unkown
|
page read and write
|
|
|
|
7FF57F70A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B75ED000
|
unkown image
|
page readonly
|
|
|
|
7FF560E2D000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99F000
|
unkown
|
page read and write
|
|
|
|
7DF4C3490000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99B000
|
unkown
|
page read and write
|
|
|
|
1ED4B990000
|
unkown
|
page read and write
|
|
|
|
203B4200000
|
unkown
|
page read and write
|
|
|
|
1ED4B985000
|
unkown
|
page read and write
|
|
|
|
1ED4B98C000
|
unkown
|
page read and write
|
|
|
|
7DF551090000
|
unkown image
|
page readonly
|
|
|
|
7FF5B78DA000
|
unkown image
|
page readonly
|
|
|
|
7FF582CA1000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0E9000
|
unkown
|
page read and write
|
|
|
|
7DF58D390000
|
unkown image
|
page readonly
|
|
|
|
22767750000
|
unkown image
|
page readonly
|
|
|
|
7FF57F721000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99D000
|
unkown
|
page read and write
|
|
|
|
7FF5433AD000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9CC000
|
unkown
|
page read and write
|
|
|
|
7FF57F67E000
|
unkown image
|
page readonly
|
|
|
|
26B3DBF0000
|
unkown
|
page read and write
|
|
|
|
26B3E020000
|
unkown image
|
page readonly
|
|
|
|
26437CE000
|
stack
|
page read and write
|
|
|
|
26B3D957000
|
heap default
|
page read and write
|
|
|
|
7FF582E11000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
1ED4B988000
|
unkown
|
page read and write
|
|
|
|
7FF543343000
|
unkown image
|
page readonly
|
|
|
|
180C0E83000
|
unkown
|
page read and write
|
|
|
|
1ED4B07C000
|
unkown
|
page read and write
|
|
|
|
180C0F08000
|
unkown
|
page read and write
|
|
|
|
978B2FA000
|
stack
|
page read and write
|
|
|
|
2643FFF000
|
stack
|
page read and write
|
|
|
|
180C0E29000
|
unkown
|
page read and write
|
|
|
|
180C0E4E000
|
unkown
|
page read and write
|
|
|
|
1ED4B9A5000
|
unkown
|
page read and write
|
|
|
|
1ED4B9A5000
|
unkown
|
page read and write
|
|
|
|
203B4308000
|
unkown
|
page read and write
|
|
|
|
26B3D770000
|
unkown image
|
page readonly
|
|
|
|
1ED4B04E000
|
unkown
|
page read and write
|
|
|
|
7DF56EB20000
|
unkown image
|
page readonly
|
|
|
|
7FF57F4A6000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0B3000
|
unkown
|
page read and write
|
|
|
|
1ED4B9AB000
|
unkown
|
page read and write
|
|
|
|
7FF57F704000
|
unkown image
|
page readonly
|
|
|
|
1ED4B580000
|
unkown image
|
page readonly
|
|
|
|
7FF57F575000
|
unkown image
|
page readonly
|
|
|
|
7FF582E21000
|
unkown image
|
page readonly
|
|
|
|
1ED4B95E000
|
unkown
|
page read and write
|
|
|
|
7FF57F42B000
|
unkown image
|
page readonly
|
|
|
|
7FF543346000
|
unkown image
|
page readonly
|
|
|
|
7FF542BAB000
|
unkown image
|
page readonly
|
|
|
|
26B3D760000
|
unkown
|
page read and write
|
|
|
|
1ED4B054000
|
unkown
|
page read and write
|
|
|
|
1ED4B9CD000
|
unkown
|
page read and write
|
|
|
|
26B3D940000
|
unkown
|
page read and write
|
|
|
|
7DF590A92000
|
unkown image
|
page readonly
|
|
|
|
19FCC457000
|
unkown
|
page read and write
|
|
|
|
1ED4B98E000
|
unkown
|
page read and write
|
|
|
|
7FF57F2F7000
|
unkown image
|
page readonly
|
|
|
|
978AA7E000
|
stack
|
page read and write
|
|
|
|
7FF5BBA0C000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9800000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55D2000
|
unkown image
|
page readonly
|
|
|
|
7FF57F2F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBAC0000
|
unkown image
|
page readonly
|
|
|
|
7DF56EB12000
|
unkown image
|
page readonly
|
|
|
|
8A15FF9000
|
stack
|
page read and write
|
|
|
|
7DF590AA0000
|
unkown image
|
page readonly
|
|
|
|
7FF57F711000
|
unkown image
|
page readonly
|
|
|
|
7FF582D4E000
|
unkown image
|
page readonly
|
|
|
|
7FF57F5A1000
|
unkown image
|
page readonly
|
|
|
|
7FF5B786F000
|
unkown image
|
page readonly
|
|
|
|
1ED4AE40000
|
heap private
|
page read and write
|
|
|
|
7DF58D380000
|
unkown image
|
page readonly
|
|
|
|
203B4100000
|
unkown image
|
page readonly
|
|
|
|
1ED4B98F000
|
unkown
|
page read and write
|
|
|
|
19FCC2F0000
|
unkown image
|
page read and write
|
|
|
|
22767560000
|
unkown
|
page read and write
|
|
|
|
19FCC48F000
|
unkown
|
page read and write
|
|
|
|
1ED4B96E000
|
unkown
|
page read and write
|
|
|
|
1ED4BF00000
|
unkown
|
page read and write
|
|
|
|
19FCC300000
|
heap private
|
page read and write
|
|
|
|
7FF5B794A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7869000
|
unkown image
|
page readonly
|
|
|
|
1ED4B94D000
|
unkown
|
page read and write
|
|
|
|
7FF5BBB1D000
|
unkown image
|
page readonly
|
|
|
|
7FF560E2A000
|
unkown image
|
page readonly
|
|
|
|
7FF5B78D7000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55D2000
|
unkown image
|
page readonly
|
|
|
|
22767541000
|
unkown
|
page read and write
|
|
|
|
7FF54342A000
|
unkown image
|
page readonly
|
|
|
|
26B3D99D000
|
unkown
|
page read and write
|
|
|
|
26B3E720000
|
unkown
|
page read and write
|
|
|
|
203B3FB0000
|
unkown image
|
page read and write
|
|
|
|
7FF57F52F000
|
unkown image
|
page readonly
|
|
|
|
203B4600000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB9A000
|
unkown image
|
page readonly
|
|
|
|
180C0C40000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7711000
|
unkown image
|
page readonly
|
|
|
|
203B3FD0000
|
unkown image
|
page readonly
|
|
|
|
7FF57F647000
|
unkown image
|
page readonly
|
|
|
|
7DF58D3A0000
|
unkown image
|
page readonly
|
|
|
|
295A77F000
|
stack
|
page read and write
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
7FF560DC3000
|
unkown image
|
page readonly
|
|
|
|
295A87E000
|
stack
|
page read and write
|
|
|
|
7FF57F5FA000
|
unkown image
|
page readonly
|
|
|
|
1ED4AE70000
|
unkown image
|
page readonly
|
|
|
|
19FCCA50000
|
unkown image
|
page readonly
|
|
|
|
295A47F000
|
stack
|
page read and write
|
|
|
|
978B4FF000
|
stack
|
page read and write
|
|
|
|
7FF5B7857000
|
unkown image
|
page readonly
|
|
|
|
7FF57F643000
|
unkown image
|
page readonly
|
|
|
|
1ED4B113000
|
unkown
|
page read and write
|
|
|
|
1ED4B98A000
|
unkown
|
page read and write
|
|
|
|
7FF57F4D1000
|
unkown image
|
page readonly
|
|
|
|
7FF54338E000
|
unkown image
|
page readonly
|
|
|
|
7FF543350000
|
unkown image
|
page readonly
|
|
|
|
7FF560DFB000
|
unkown image
|
page readonly
|
|
|
|
1ED4B200000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9800000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
22767560000
|
unkown
|
page read and write
|
|
|
|
1ED4B04D000
|
unkown
|
page read and write
|
|
|
|
1ED4B013000
|
unkown
|
page read and write
|
|
|
|
1ED4BF9D000
|
unkown
|
page read and write
|
|
|
|
7FF57F720000
|
unkown image
|
page readonly
|
|
|
|
1ED4B0EC000
|
unkown
|
page read and write
|
|
|
|
7DF590A90000
|
unkown image
|
page readonly
|
|
|
|
26B3D930000
|
unkown
|
page read and write
|
|
|
|
7FF57F57B000
|
unkown image
|
page readonly
|
|
|
|
7DF56EB20000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9AC000
|
unkown
|
page read and write
|
|
|
|
7DF58D3A0000
|
unkown image
|
page readonly
|
|
|
|
7DF48E950000
|
unkown image
|
page readonly
|
|
|
|
180C0E51000
|
unkown
|
page read and write
|
|
|
|
7FF5B7887000
|
unkown image
|
page readonly
|
|
|
|
7FF57F5A5000
|
unkown image
|
page readonly
|
|
|
|
203B41F0000
|
unkown
|
page read and write
|
|
|
|
7DF590A82000
|
unkown image
|
page readonly
|
|
|
|
7FF582D40000
|
unkown image
|
page readonly
|
|
|
|
7DF551092000
|
unkown image
|
page readonly
|
|
|
|
1ED4B050000
|
unkown
|
page read and write
|
|
|
|
7FF543247000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7939000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99F000
|
unkown
|
page read and write
|
|
|
|
22767530000
|
heap default
|
page read and write
|
|
|
|
180C0D90000
|
unkown
|
page read and write
|
|
|
|
7FF5BBAF3000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7883000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9A3000
|
unkown
|
page read and write
|
|
|
|
8A15F7E000
|
stack
|
page read and write
|
|
|
|
19FCC390000
|
unkown
|
page read and write
|
|
|
|
203B4020000
|
heap default
|
page read and write
|
|
|
|
7FF5BBAFE000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7441000
|
unkown image
|
page readonly
|
|
|
|
19FCC330000
|
unkown image
|
page readonly
|
|
|
|
7FF560E89000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9AC000
|
unkown
|
page read and write
|
|
|
|
1ED4BF02000
|
unkown
|
page read and write
|
|
|
|
7DF5C9802000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB687000
|
unkown image
|
page readonly
|
|
|
|
26B3DBD0000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9C6000
|
unkown
|
page read and write
|
|
|
|
7FF542CBE000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB951000
|
unkown image
|
page readonly
|
|
|
|
7FF57F466000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
978AAFD000
|
stack
|
page read and write
|
|
|
|
7DF58D382000
|
unkown image
|
page readonly
|
|
|
|
1ED4B96D000
|
unkown
|
page read and write
|
|
|
|
7FF54341A000
|
unkown image
|
page readonly
|
|
|
|
7FF582D57000
|
unkown image
|
page readonly
|
|
|
|
1ED4BF02000
|
unkown
|
page read and write
|
|
|
|
CA5A07A000
|
stack
|
page read and write
|
|
|
|
26B3D770000
|
unkown image
|
page readonly
|
|
|
|
7FF57F3E7000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB17000
|
unkown image
|
page readonly
|
|
|
|
180C0F13000
|
unkown
|
page read and write
|
|
|
|
1ED4B98F000
|
unkown
|
page read and write
|
|
|
|
7FF582C0B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB681000
|
unkown image
|
page readonly
|
|
|
|
7FF582D6B000
|
unkown image
|
page readonly
|
|
|
|
7DF590A90000
|
unkown image
|
page readonly
|
|
|
|
26B3D9B5000
|
heap default
|
page read and write
|
|
|
|
1ED4B9B6000
|
unkown
|
page read and write
|
|
|
|
7FF57F537000
|
unkown image
|
page readonly
|
|
|
|
227677C5000
|
heap private
|
page read and write
|
|
|
|
295A27E000
|
stack
|
page read and write
|
|
|
|
7FF5B77CC000
|
unkown image
|
page readonly
|
|
|
|
7FF57F62F000
|
unkown image
|
page readonly
|
|
|
|
7FF542CAD000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9C4000
|
unkown
|
page read and write
|
|
|
|
7FF582BED000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7730000
|
unkown image
|
page readonly
|
|
|
|
1ED4B6C0000
|
unkown
|
page read and write
|
|
|
|
180C0E49000
|
unkown
|
page read and write
|
|
|
|
1ED4AE50000
|
unkown image
|
page readonly
|
|
|
|
1ED4AE50000
|
unkown image
|
page readonly
|
|
|
|
7FF560DD7000
|
unkown image
|
page readonly
|
|
|
|
19FCC310000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBBA1000
|
unkown image
|
page readonly
|
|
|
|
19FCC44D000
|
unkown
|
page read and write
|
|
|
|
19FCC502000
|
unkown
|
page read and write
|
|
|
|
180C0E00000
|
unkown
|
page read and write
|
|
|
|
19FCC500000
|
unkown
|
page read and write
|
|
|
|
7DF58D390000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB98B000
|
unkown image
|
page readonly
|
|
|
|
7FF5B78BE000
|
unkown image
|
page readonly
|
|
|
|
1ED4B97F000
|
unkown
|
page read and write
|
|
|
|
180C0E4B000
|
unkown
|
page read and write
|
|
|
|
7FF582D2D000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
7FF543414000
|
unkown image
|
page readonly
|
|
|
|
7DF4C76D0000
|
unkown image
|
page readonly
|
|
|
|
26B3D997000
|
unkown
|
page read and write
|
|
|
|
180C0E55000
|
unkown
|
page read and write
|
|
|
|
1ED4B03C000
|
unkown
|
page read and write
|
|
|
|
19FCC447000
|
unkown
|
page read and write
|
|
|
|
7DF5510B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBAC3000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9820000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB825000
|
unkown image
|
page readonly
|
|
|
|
22767510000
|
unkown image
|
page readonly
|
|
|
|
CA5A0F9000
|
stack
|
page read and write
|
|
|
|
7DF551092000
|
unkown image
|
page readonly
|
|
|
|
7FF582D9A000
|
unkown image
|
page readonly
|
|
|
|
26B3DC09000
|
heap private
|
page read and write
|
|
|
|
7DF5510A0000
|
unkown image
|
page readonly
|
|
|
|
26B3D9C0000
|
heap default
|
page read and write
|
|
|
|
203B423C000
|
unkown
|
page read and write
|
|
|
|
295A677000
|
stack
|
page read and write
|
|
|
|
19FCC470000
|
unkown
|
page read and write
|
|
|
|
1ED4B400000
|
unkown image
|
page readonly
|
|
|
|
180C1602000
|
unkown
|
page read and write
|
|
|
|
7FF57F47F000
|
unkown image
|
page readonly
|
|
|
|
7FF582CA5000
|
unkown image
|
page readonly
|
|
|
|
7FF5B70DC000
|
unkown image
|
page readonly
|
|
|
|
7FF5BB9F5000
|
unkown image
|
page readonly
|
|
|
|
26B3D99E000
|
unkown
|
page read and write
|
|
|
|
7FF560EAA000
|
unkown image
|
page readonly
|
|
|
|
7FF543402000
|
unkown image
|
page readonly
|
|
|
|
203B4300000
|
unkown
|
page read and write
|
|
|
|
7FF5BBAA9000
|
unkown image
|
page readonly
|
|
|
|
7FF582D9D000
|
unkown image
|
page readonly
|
|
|
|
19FCC370000
|
unkown image
|
page readonly
|
|
|
|
7FF582BA6000
|
unkown image
|
page readonly
|
|
|
|
7FF57F617000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9C6000
|
unkown
|
page read and write
|
|
|
|
26B3D920000
|
unkown
|
page read and write
|
|
|
|
203B4313000
|
unkown
|
page read and write
|
|
|
|
7FF5821EF000
|
unkown image
|
page readonly
|
|
|
|
22767570000
|
unkown
|
page read and write
|
|
|
|
7FF560E94000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7897000
|
unkown image
|
page readonly
|
|
|
|
19FCC413000
|
unkown
|
page read and write
|
|
|
|
7FF57F3F2000
|
unkown image
|
page readonly
|
|
|
|
26B3E6C0000
|
unkown
|
page read and write
|
|
|
|
203B3FD0000
|
unkown image
|
page readonly
|
|
|
|
CA59DAF000
|
stack
|
page read and write
|
|
|
|
8A15E79000
|
stack
|
page read and write
|
|
|
|
1ED4B98E000
|
unkown
|
page read and write
|
|
|
|
1ED4B660000
|
unkown image
|
page write copy
|
|
|
|
7FF5B7961000
|
unkown image
|
page readonly
|
|
|
|
180C0E7C000
|
unkown
|
page read and write
|
|
|
|
1ED4B985000
|
unkown
|
page read and write
|
|
|
|
7FF582E0A000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9AB000
|
unkown
|
page read and write
|
|
|
|
7FF582DF2000
|
unkown image
|
page readonly
|
|
|
|
1ED4B91D000
|
unkown
|
page read and write
|
|
|
|
227674F0000
|
unkown image
|
page readonly
|
|
|
|
203B4266000
|
unkown
|
page read and write
|
|
|
|
1ED4B9A3000
|
unkown
|
page read and write
|
|
|
|
6F4DBFE000
|
stack
|
page read and write
|
|
|
|
8A1607E000
|
stack
|
page read and write
|
|
|
|
7FF560DC6000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE6A000
|
unkown
|
page read and write
|
|
|
|
7FF560E03000
|
unkown image
|
page readonly
|
|
|
|
19FCC44F000
|
unkown
|
page read and write
|
|
|
|
26B3D961000
|
heap default
|
page read and write
|
|
|
|
7FF560DD3000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
180C1380000
|
unkown image
|
page readonly
|
|
|
|
1ED4B102000
|
unkown
|
page read and write
|
|
|
|
26B3D890000
|
unkown
|
page read and write
|
|
|
|
7FF5BBA97000
|
unkown image
|
page readonly
|
|
|
|
1ED4AE30000
|
unkown image
|
page read and write
|
|
|
|
7FF543421000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBB8A000
|
unkown image
|
page readonly
|
|
|
|
7FF57F5E2000
|
unkown image
|
page readonly
|
|
|
|
7FF543431000
|
unkown image
|
page readonly
|
|
|
|
180C0E56000
|
unkown
|
page read and write
|
|
|
|
7FF57F629000
|
unkown image
|
page readonly
|
|
|
|
203B4302000
|
unkown
|
page read and write
|
|
|
|
7FF57F471000
|
unkown image
|
page readonly
|
|
|
|
7FF543382000
|
unkown image
|
page readonly
|
|
|
|
295A57B000
|
stack
|
page read and write
|
|
|
|
7DF5C55C0000
|
unkown image
|
page readonly
|
|
|
|
7FF54337B000
|
unkown image
|
page readonly
|
|
|
|
7FF582D73000
|
unkown image
|
page readonly
|
|
|
|
7FF560EB1000
|
unkown image
|
page readonly
|
|
|
|
203B427E000
|
unkown
|
page read and write
|
|
|
|
7DF56EB12000
|
unkown image
|
page readonly
|
|
|
|
7FF57F6F2000
|
unkown image
|
page readonly
|
|
|
|
7FF57F603000
|
unkown image
|
page readonly
|
|
|
|
7FF582D17000
|
unkown image
|
page readonly
|
|
|
|
22767557000
|
unkown
|
page read and write
|
|
|
|
227677D0000
|
unkown image
|
page readonly
|
|
|
|
19FCC455000
|
unkown
|
page read and write
|
|
|
|
1ED4B6D0000
|
unkown image
|
page read and write
|
|
|
|
7FF5B77B5000
|
unkown image
|
page readonly
|
|
|
|
203B4288000
|
unkown
|
page read and write
|
|
|
|
7DF5510B0000
|
unkown image
|
page readonly
|
|
|
|
7DF44EF60000
|
unkown image
|
page readonly
|
|
|
|
7FF52F341000
|
unkown image
|
page readonly
|
|
|
|
7FF560BA9000
|
unkown image
|
page readonly
|
|
|
|
7DF5C9812000
|
unkown image
|
page readonly
|
|
|
|
7FF582C2F000
|
unkown image
|
page readonly
|
|
|
|
1ED4B044000
|
unkown
|
page read and write
|
|
|
|
7FF57F60E000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9B1000
|
unkown
|
page read and write
|
|
|
|
22767B50000
|
unkown image
|
page readonly
|
|
|
|
7FF57F673000
|
unkown image
|
page readonly
|
|
|
|
203B4254000
|
unkown
|
page read and write
|
|
|
|
1ED4B0D6000
|
unkown
|
page read and write
|
|
|
|
7DF5C9820000
|
unkown image
|
page readonly
|
|
|
|
7FF543425000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9BE000
|
unkown
|
page read and write
|
|
|
|
1ED4B9AA000
|
unkown
|
page read and write
|
|
|
|
7FF5BBAB3000
|
unkown image
|
page readonly
|
|
|
|
7FF57F4D5000
|
unkown image
|
page readonly
|
|
|
|
6F4DCFF000
|
stack
|
page read and write
|
|
|
|
7FF54333D000
|
unkown image
|
page readonly
|
|
|
|
295A3FC000
|
stack
|
page read and write
|
|
|
|
7FF57F66B000
|
unkown image
|
page readonly
|
|
|
|
7FF5B75E5000
|
unkown image
|
page readonly
|
|
|
|
978B07A000
|
stack
|
page read and write
|
|
|
|
7FF5B776F000
|
unkown image
|
page readonly
|
|
|
|
180C0E88000
|
unkown
|
page read and write
|
|
|
|
1ED4B9B1000
|
unkown
|
page read and write
|
|
|
|
7DF5C9802000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9BE000
|
unkown
|
page read and write
|
|
|
|
7FF54329C000
|
unkown image
|
page readonly
|
|
|
|
1ED4B043000
|
unkown
|
page read and write
|
|
|
|
26B3DE20000
|
unkown image
|
page readonly
|
|
|
|
1ED4B99A000
|
unkown
|
page read and write
|
|
|
|
180C0C40000
|
unkown image
|
page readonly
|
|
|
|
1ED4B9D0000
|
unkown
|
page read and write
|
|
|
|
19FCC8D0000
|
unkown image
|
page readonly
|
|
|
|
19FCC44C000
|
unkown
|
page read and write
|
|
|
|
7FF582C7B000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55C2000
|
unkown image
|
page readonly
|
|
|
|
7FF57F640000
|
unkown image
|
page readonly
|
|
|
|
7FF57F5CF000
|
unkown image
|
page readonly
|
|
|
|
180C0C30000
|
heap private
|
page read and write
|
|
|
|
19FCC458000
|
unkown
|
page read and write
|
|
|
|
7FF560A80000
|
unkown image
|
page readonly
|
|
|
|
19FCC488000
|
unkown
|
page read and write
|
|
|
|
180C1000000
|
unkown image
|
page readonly
|
|
|
|
180C0E70000
|
unkown
|
page read and write
|
|
|
|
1ED4B000000
|
unkown
|
page read and write
|
|
|
|
1ED4B08A000
|
unkown
|
page read and write
|
|
|
|
7FF57F62D000
|
unkown image
|
page readonly
|
|
|
|
7DF56EB30000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55D0000
|
unkown image
|
page readonly
|
|
|
|
7FF57F287000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBAC7000
|
unkown image
|
page readonly
|
|
|
|
7FF5BBA25000
|
unkown image
|
page readonly
|
|
|
|
7FF5B7961000
|
unkown image
|
page readonly
|
|
|
|
22767720000
|
unkown
|
page read and write
|
|
|
|
1ED4B0E2000
|
unkown
|
page read and write
|
|
|
|
1ED4B9DB000
|
unkown
|
page read and write
|
|
|
|
1ED4B9B6000
|
unkown
|
page read and write
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
1ED4B802000
|
unkown
|
page read and write
|
|
|
|
227679D0000
|
unkown image
|
page readonly
|
|
|
|
203B4780000
|
unkown image
|
page readonly
|
|
|
|
7FF582E04000
|
unkown image
|
page readonly
|
|
|
|
1ED4BE02000
|
unkown
|
page read and write
|
|
|
|
7FF5B795A000
|
unkown image
|
page readonly
|
|
|
|
7FF582BF0000
|
unkown image
|
page readonly
|
|
|
|
7DF590A82000
|
unkown image
|
page readonly
|
|
|
|
1ED4B985000
|
unkown
|
page read and write
|
|
|
|
180C1200000
|
unkown image
|
page readonly
|
|
|
|
7DF5C55E0000
|
unkown image
|
page readonly
|
|
|
|
7FF582D33000
|
unkown image
|
page readonly
|
|
|
|
7FF57F6F9000
|
unkown image
|
page readonly
|
|
|
|
7FF57F4D9000
|
unkown image
|
page readonly
|
|
|
|
1ED4AEA0000
|
heap default
|
page read and write
|
|
|
|
7FF5BB970000
|
unkown image
|
page readonly
|
|
|
|
7FF5B78B3000
|
unkown image
|
page readonly
|
|
There are 656 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://invoiceauthority.com/wp-admins/audio/audio/p5xij86qc4wutebzk9o1f730ndyah2grlmsv4e9mbzpcil3s6t8uhw5dg02q1xynkor7vajfoe5hqi86lb2ngv4w39xj1ckyzfdsumpa70rt?data=anJzdWFyZXpAaW5nZW5pYWdsb2JhbC5jbA==
|
|