Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\01bdba33-5b7a-4a08-8ff6-d93f05cfa88b.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\35f571cd-ad0c-4983-9e9b-efcf872f90da.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6003783f-c771-4357-9d97-ff63cbcf03c5.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2a16e56c-c3ea-4b80-bd3d-5d7d7f7bd56d.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2ebca454-bcae-4a7e-9160-77416a6f1ad9.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45bbc3b1-c8df-46b4-8da4-a8cbc504556c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\954b3ada-246e-4e8d-91ed-4fbea563c6b0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5dc4e4e594caf8e4_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8f75485cfa400fd0_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eaf07a6405f89499_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldAA (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old@= (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last SessionXP (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsn (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State>. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesm (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\42dd92ad-78b6-4360-bb35-1ea8c01b7a17.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old..
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7090edc0-f3de-41b5-aff6-848ea8b0568c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old="
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.oldmg
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old/v
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b9e9fb22-4518-4ede-ab0c-d72de20bb3bd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c9e1512e-965d-45fd-b9cb-5d485f0d8073.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.olde8 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e951f4ae-f3b5-4921-a78b-e1fd4811a7ce.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed8855d7-f5f6-4553-bf02-d844021857b1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheR. (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachees (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ad0e0cd2-01c0-4694-ba13-292b920362d4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4520_1780333825\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\56557854-4bcb-4305-a0a9-9c10df71e78a.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\56557854-4bcb-4305-a0a9-9c10df71e78a.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ru\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\sk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\sl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\sr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\sv\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\sw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\ta\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\te\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\th\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\tr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\uk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\vi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\zh\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_locales\zh_TW\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_1079500869\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4520_671785993\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 226 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1600,8527828132282792844,17070123648795584736,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
|
|
||
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
|
|
||
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
|
|
||
|
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
http://candies-twentytwo.io/favicon.ico
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Regular.woff2
|
67.227.248.137
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/favicon-96x96.png
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-96x96.png
|
67.227.248.137
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/android-chrome-192x192.png
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/icons/icons.svg
|
67.227.248.137
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/android-chrome-192x192.pngN
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css
|
67.227.248.137
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/api.css
|
67.227.248.137
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/framework.min.js
|
67.227.248.137
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://logo.clearbit.com/office365.com?
|
unknown
|
|
|
|
https://insurance.insuretym.com/icewarpapi/
|
67.227.248.137
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/favicon-32x32.png
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-72x72.png
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-114x114.png
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-32x32.png
|
67.227.248.137
|
|
|
|
https://www.candies-twentytwo.io/
|
unknown
|
|
|
|
https://insurance.insuretym.com/
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/pikaday.css
|
67.227.248.137
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/api.cssV
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/bundle.min.js
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/fonts/Roboto-Medium.woff2
|
67.227.248.137
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
172.217.168.1
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-60x60.png
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/manifest.json
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/config.js
|
67.227.248.137
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-144x144.png
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-180x180.png
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/background.svg
|
67.227.248.137
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/favicon/manifest.jsonChIKBw
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-76x76.png
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-152x152.png
|
unknown
|
|
|
|
https://insuretym.com/
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/css/style.css%
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/bundle.min.js8
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://logo.clearbit.com/office365.com
|
54.230.206.106
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/js/config.js
|
67.227.248.137
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-57x57.png
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://candies-twentytwo.io/images/favicon/apple-touch-icon-120x120.png
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/framework.min.js
|
67.227.248.137
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/images/favicon/manifest.json
|
67.227.248.137
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/android-chrome-192x192.png
|
67.227.248.137
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/images/favicon/favicon-16x16.png
|
67.227.248.137
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
There are 89 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
d26p066pn2w0s0.cloudfront.net
|
54.230.206.106
|
|
|
|
google.com
|
142.250.203.110
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
172.217.168.78
|
|
|
|
insurance.insuretym.com
|
67.227.248.137
|
|
|
|
googlehosted.l.googleusercontent.com
|
172.217.168.1
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
candies-twentytwo.io
|
unknown
|
|
|
|
logo.clearbit.com
|
unknown
|
|
|
|
www.candies-twentytwo.io
|
unknown
|
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
172.217.168.1
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
54.230.206.106
|
d26p066pn2w0s0.cloudfront.net
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
67.227.248.137
|
insurance.insuretym.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 33 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF57ED97000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24DD000
|
unkown image
|
page readonly
|
|
|
|
7FF57EC30000
|
unkown image
|
page readonly
|
|
|
|
18ABD43D000
|
unkown
|
page read and write
|
|
|
|
84158F9000
|
stack
|
page read and write
|
|
|
|
7FF5A89FE000
|
unkown image
|
page readonly
|
|
|
|
2BB60013000
|
unkown
|
page read and write
|
|
|
|
7FF53369F000
|
unkown image
|
page readonly
|
|
|
|
7FF567E85000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24B8000
|
unkown image
|
page readonly
|
|
|
|
18ABD467000
|
unkown
|
page read and write
|
|
|
|
2824B10B000
|
unkown
|
page read and write
|
|
|
|
84156FE000
|
stack
|
page read and write
|
|
|
|
1F823480000
|
unkown
|
page read and write
|
|
|
|
A8D4977000
|
stack
|
page read and write
|
|
|
|
7DF5497A0000
|
unkown image
|
page readonly
|
|
|
|
DF16A7E000
|
stack
|
page read and write
|
|
|
|
7FF57EA60000
|
unkown image
|
page readonly
|
|
|
|
7DF4BC3D0000
|
unkown image
|
page readonly
|
|
|
|
7FF56260B000
|
unkown image
|
page readonly
|
|
|
|
19FF0850000
|
unkown image
|
page readonly
|
|
|
|
28246C93000
|
unkown
|
page read and write
|
|
|
|
18ABD485000
|
unkown
|
page read and write
|
|
|
|
7FF567EEB000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEC4000
|
unkown image
|
page readonly
|
|
|
|
2BB60802000
|
unkown
|
page read and write
|
|
|
|
F0D66FF000
|
stack
|
page read and write
|
|
|
|
17129FE000
|
stack
|
page read and write
|
|
|
|
7FF533B43000
|
unkown image
|
page readonly
|
|
|
|
285AF130000
|
unkown image
|
page readonly
|
|
|
|
7FF5030BB000
|
unkown image
|
page readonly
|
|
|
|
7FF533D87000
|
unkown image
|
page readonly
|
|
|
|
7FF5A86E8000
|
unkown image
|
page readonly
|
|
|
|
7FF54192D000
|
unkown image
|
page readonly
|
|
|
|
7FF567F1F000
|
unkown image
|
page readonly
|
|
|
|
1C4CC227000
|
unkown
|
page read and write
|
|
|
|
7FF5410C3000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE10000
|
heap private
|
page read and write
|
|
|
|
7FF502B9F000
|
unkown image
|
page readonly
|
|
|
|
28245780000
|
heap private
|
page read and write
|
|
|
|
7FF54185C000
|
unkown image
|
page readonly
|
|
|
|
7DF5189F2000
|
unkown image
|
page readonly
|
|
|
|
1C4CC060000
|
unkown image
|
page readonly
|
|
|
|
285AF160000
|
unkown image
|
page readonly
|
|
|
|
28245902000
|
unkown
|
page read and write
|
|
|
|
19FF0213000
|
unkown
|
page read and write
|
|
|
|
841607D000
|
stack
|
page read and write
|
|
|
|
7FF562537000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7E00000
|
unkown image
|
page readonly
|
|
|
|
2824AFA0000
|
unkown
|
page read and write
|
|
|
|
7DF447650000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24FF000
|
unkown image
|
page readonly
|
|
|
|
1C4CC213000
|
unkown
|
page read and write
|
|
|
|
7FF533E56000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2443000
|
unkown image
|
page readonly
|
|
|
|
2824AE40000
|
unkown
|
page read and write
|
|
|
|
7FF567F0E000
|
unkown image
|
page readonly
|
|
|
|
19FF06D0000
|
unkown image
|
page readonly
|
|
|
|
28246920000
|
unkown image
|
page readonly
|
|
|
|
201FF913000
|
unkown
|
page read and write
|
|
|
|
7DF577F42000
|
unkown image
|
page readonly
|
|
|
|
2824B108000
|
unkown
|
page read and write
|
|
|
|
7FF57EECE000
|
unkown image
|
page readonly
|
|
|
|
18ABD45C000
|
unkown
|
page read and write
|
|
|
|
7FF541843000
|
unkown image
|
page readonly
|
|
|
|
7FF54171E000
|
unkown image
|
page readonly
|
|
|
|
18ABD1E0000
|
heap private
|
page read and write
|
|
|
|
1F822E7D000
|
unkown
|
page read and write
|
|
|
|
7FF561A4D000
|
unkown image
|
page readonly
|
|
|
|
7FF57ED8D000
|
unkown image
|
page readonly
|
|
|
|
201FF029000
|
unkown
|
page read and write
|
|
|
|
2BB60025000
|
unkown
|
page read and write
|
|
|
|
28246118000
|
unkown
|
page read and write
|
|
|
|
2824AE60000
|
unkown
|
page read and write
|
|
|
|
7FF54160A000
|
unkown image
|
page readonly
|
|
|
|
282458A0000
|
unkown
|
page read and write
|
|
|
|
2824AF90000
|
unkown
|
page read and write
|
|
|
|
7FF5417A5000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B75000
|
unkown image
|
page readonly
|
|
|
|
18ABD47C000
|
unkown
|
page read and write
|
|
|
|
7DF557242000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8BE0000
|
unkown image
|
page readonly
|
|
|
|
7DF4168B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5624BE000
|
unkown image
|
page readonly
|
|
|
|
7FF5030B6000
|
unkown image
|
page readonly
|
|
|
|
7FF502FE5000
|
unkown image
|
page readonly
|
|
|
|
19FF0110000
|
heap private
|
page read and write
|
|
|
|
7DF5189E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C23AD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C239D000
|
unkown image
|
page readonly
|
|
|
|
7FF502DC8000
|
unkown image
|
page readonly
|
|
|
|
7FF57EA54000
|
unkown image
|
page readonly
|
|
|
|
1C4CCA02000
|
unkown
|
page read and write
|
|
|
|
1C4CC27F000
|
unkown
|
page read and write
|
|
|
|
55FF15E000
|
stack
|
page read and write
|
|
|
|
7FF5030EF000
|
unkown image
|
page readonly
|
|
|
|
7FF5C218A000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24BF000
|
unkown image
|
page readonly
|
|
|
|
7FF502EFD000
|
unkown image
|
page readonly
|
|
|
|
201FF0CE000
|
unkown
|
page read and write
|
|
|
|
201FF113000
|
unkown
|
page read and write
|
|
|
|
7FF567F04000
|
unkown image
|
page readonly
|
|
|
|
171277E000
|
stack
|
page read and write
|
|
|
|
18ABD444000
|
unkown
|
page read and write
|
|
|
|
2824B10B000
|
unkown
|
page read and write
|
|
|
|
7FF533E74000
|
unkown image
|
page readonly
|
|
|
|
2824B0DF000
|
unkown
|
page read and write
|
|
|
|
7FF5625FF000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2439000
|
unkown image
|
page readonly
|
|
|
|
285AF1E0000
|
unkown
|
page read and write
|
|
|
|
2824AE41000
|
unkown
|
page read and write
|
|
|
|
285AF6D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2006000
|
unkown image
|
page readonly
|
|
|
|
7DF518A00000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24CE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8C0B000
|
unkown image
|
page readonly
|
|
|
|
7FF541885000
|
unkown image
|
page readonly
|
|
|
|
7FF5A88C3000
|
unkown image
|
page readonly
|
|
|
|
201FEF50000
|
heap private
|
page read and write
|
|
|
|
7FF5A8BCF000
|
unkown image
|
page readonly
|
|
|
|
201FF650000
|
unkown image
|
page readonly
|
|
|
|
7FF54173E000
|
unkown image
|
page readonly
|
|
|
|
28245859000
|
unkown
|
page read and write
|
|
|
|
7FF503008000
|
unkown image
|
page readonly
|
|
|
|
7FF54190F000
|
unkown image
|
page readonly
|
|
|
|
1F822D00000
|
unkown image
|
page readonly
|
|
|
|
1F822E58000
|
unkown
|
page read and write
|
|
|
|
7FF57EBE7000
|
unkown image
|
page readonly
|
|
|
|
7FF5030BE000
|
unkown image
|
page readonly
|
|
|
|
19FF0200000
|
unkown
|
page read and write
|
|
|
|
7FF57EE23000
|
unkown image
|
page readonly
|
|
|
|
201FEFB0000
|
heap default
|
page read and write
|
|
|
|
28246159000
|
unkown
|
page read and write
|
|
|
|
19FF0285000
|
unkown
|
page read and write
|
|
|
|
1712D7C000
|
stack
|
page read and write
|
|
|
|
19FF028E000
|
unkown
|
page read and write
|
|
|
|
7FF54191B000
|
unkown image
|
page readonly
|
|
|
|
7FF57EE15000
|
unkown image
|
page readonly
|
|
|
|
7FF503033000
|
unkown image
|
page readonly
|
|
|
|
1F823390000
|
unkown image
|
page readonly
|
|
|
|
1712C7E000
|
stack
|
page read and write
|
|
|
|
28245CD0000
|
unkown image
|
page readonly
|
|
|
|
1C4CC24F000
|
unkown
|
page read and write
|
|
|
|
18ABD478000
|
unkown
|
page read and write
|
|
|
|
7FF57EA11000
|
unkown image
|
page readonly
|
|
|
|
7FF57EB6A000
|
unkown image
|
page readonly
|
|
|
|
2824B103000
|
unkown
|
page read and write
|
|
|
|
2824AF40000
|
unkown
|
page read and write
|
|
|
|
285AFA02000
|
unkown
|
page read and write
|
|
|
|
7E0065779000
|
unkown image
|
page readonly
|
|
|
|
28246900000
|
unkown image
|
page readonly
|
|
|
|
7FF533C2D000
|
unkown image
|
page readonly
|
|
|
|
285AF130000
|
unkown image
|
page readonly
|
|
|
|
7FF57ED17000
|
unkown image
|
page readonly
|
|
|
|
1C4CC090000
|
unkown image
|
page readonly
|
|
|
|
19FF0248000
|
unkown
|
page read and write
|
|
|
|
7FF56254C000
|
unkown image
|
page readonly
|
|
|
|
28245790000
|
unkown image
|
page readonly
|
|
|
|
7DF5497A0000
|
unkown image
|
page readonly
|
|
|
|
7FF541916000
|
unkown image
|
page readonly
|
|
|
|
7DF549790000
|
unkown image
|
page readonly
|
|
|
|
282457F0000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEAB000
|
unkown image
|
page readonly
|
|
|
|
DF16D7D000
|
stack
|
page read and write
|
|
|
|
2BB60065000
|
unkown
|
page read and write
|
|
|
|
7FF5C2216000
|
unkown image
|
page readonly
|
|
|
|
2BB60029000
|
unkown
|
page read and write
|
|
|
|
282468E0000
|
unkown image
|
page readonly
|
|
|
|
18ABD1F0000
|
unkown image
|
page readonly
|
|
|
|
7FF57EBCC000
|
unkown image
|
page readonly
|
|
|
|
55FF777000
|
stack
|
page read and write
|
|
|
|
7DF5947D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE502000
|
unkown image
|
page readonly
|
|
|
|
7FF57EA84000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE50000
|
unkown image
|
page readonly
|
|
|
|
7FF502E8D000
|
unkown image
|
page readonly
|
|
|
|
19FF024E000
|
unkown
|
page read and write
|
|
|
|
2BB6008B000
|
unkown
|
page read and write
|
|
|
|
7FF567F1F000
|
unkown image
|
page readonly
|
|
|
|
7FF57EECB000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEDD000
|
unkown image
|
page readonly
|
|
|
|
DF164CC000
|
unkown
|
page read and write
|
|
|
|
19FF0120000
|
unkown image
|
page readonly
|
|
|
|
28246002000
|
unkown
|
page read and write
|
|
|
|
DF1707F000
|
stack
|
page read and write
|
|
|
|
7FF5C1929000
|
unkown image
|
page readonly
|
|
|
|
19FF0150000
|
unkown image
|
page readonly
|
|
|
|
285AF4D0000
|
unkown image
|
page readonly
|
|
|
|
2824B108000
|
unkown
|
page read and write
|
|
|
|
7DF5D7E10000
|
unkown image
|
page readonly
|
|
|
|
2824AE48000
|
unkown
|
page read and write
|
|
|
|
7FF533E4F000
|
unkown image
|
page readonly
|
|
|
|
28245813000
|
unkown
|
page read and write
|
|
|
|
7FF57EDE7000
|
unkown image
|
page readonly
|
|
|
|
201FF2D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DF0000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7E00000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8BF4000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEAE000
|
unkown image
|
page readonly
|
|
|
|
7DF5947E0000
|
unkown image
|
page readonly
|
|
|
|
7FF567E6A000
|
unkown image
|
page readonly
|
|
|
|
7FF562514000
|
unkown image
|
page readonly
|
|
|
|
18ABD459000
|
unkown
|
page read and write
|
|
|
|
7FF567E27000
|
unkown image
|
page readonly
|
|
|
|
7DF5947D2000
|
unkown image
|
page readonly
|
|
|
|
7FF57EB9F000
|
unkown image
|
page readonly
|
|
|
|
7FF567E2D000
|
unkown image
|
page readonly
|
|
|
|
7FF533E60000
|
unkown image
|
page readonly
|
|
|
|
7FF533E8F000
|
unkown image
|
page readonly
|
|
|
|
2BB60000000
|
unkown
|
page read and write
|
|
|
|
7FF56263F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B28000
|
unkown image
|
page readonly
|
|
|
|
7FF57EDD3000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE20000
|
unkown image
|
page readonly
|
|
|
|
2BB60102000
|
unkown
|
page read and write
|
|
|
|
7FF502C4E000
|
unkown image
|
page readonly
|
|
|
|
7FF57EC7D000
|
unkown image
|
page readonly
|
|
|
|
19FF0100000
|
unkown image
|
page read and write
|
|
|
|
18ABD220000
|
unkown image
|
page readonly
|
|
|
|
1F822E28000
|
unkown
|
page read and write
|
|
|
|
7DF577F30000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DF0000
|
unkown image
|
page readonly
|
|
|
|
7FF56731E000
|
unkown image
|
page readonly
|
|
|
|
18ABD980000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8BFB000
|
unkown image
|
page readonly
|
|
|
|
7FF5030D4000
|
unkown image
|
page readonly
|
|
|
|
7FF533DD3000
|
unkown image
|
page readonly
|
|
|
|
7FF57EE19000
|
unkown image
|
page readonly
|
|
|
|
7FF56240F000
|
unkown image
|
page readonly
|
|
|
|
7FF5625F8000
|
unkown image
|
page readonly
|
|
|
|
7FF562347000
|
unkown image
|
page readonly
|
|
|
|
7FF56258A000
|
unkown image
|
page readonly
|
|
|
|
18ABD429000
|
unkown
|
page read and write
|
|
|
|
7FF541857000
|
unkown image
|
page readonly
|
|
|
|
7FF533E48000
|
unkown image
|
page readonly
|
|
|
|
2824B290000
|
unkown
|
page read and write
|
|
|
|
2BB5FF50000
|
unkown image
|
page readonly
|
|
|
|
7DF5189E0000
|
unkown image
|
page readonly
|
|
|
|
7DF57D810000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE520000
|
unkown image
|
page readonly
|
|
|
|
7FF503025000
|
unkown image
|
page readonly
|
|
|
|
7DF5947F0000
|
unkown image
|
page readonly
|
|
|
|
7FF57ED90000
|
unkown image
|
page readonly
|
|
|
|
19FF0308000
|
unkown
|
page read and write
|
|
|
|
7DF577F32000
|
unkown image
|
page readonly
|
|
|
|
7FF56233D000
|
unkown image
|
page readonly
|
|
|
|
7FF5030DB000
|
unkown image
|
page readonly
|
|
|
|
7FF57EBDD000
|
unkown image
|
page readonly
|
|
|
|
7FF57ECAC000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DF2000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE00000
|
unkown image
|
page read and write
|
|
|
|
7FF503055000
|
unkown image
|
page readonly
|
|
|
|
7FF567EE6000
|
unkown image
|
page readonly
|
|
|
|
7FF502E82000
|
unkown image
|
page readonly
|
|
|
|
2824619A000
|
unkown
|
page read and write
|
|
|
|
F57887C000
|
unkown
|
page read and write
|
|
|
|
7FF502503000
|
unkown image
|
page readonly
|
|
|
|
7FF567C18000
|
unkown image
|
page readonly
|
|
|
|
1F822E13000
|
unkown
|
page read and write
|
|
|
|
7FF57EDB8000
|
unkown image
|
page readonly
|
|
|
|
7FF57EDC2000
|
unkown image
|
page readonly
|
|
|
|
7FF533DBD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2465000
|
unkown image
|
page readonly
|
|
|
|
2BB60075000
|
unkown
|
page read and write
|
|
|
|
7FF567ED8000
|
unkown image
|
page readonly
|
|
|
|
18ABDA02000
|
unkown
|
page read and write
|
|
|
|
28246118000
|
unkown
|
page read and write
|
|
|
|
8415F7F000
|
stack
|
page read and write
|
|
|
|
7DF5189F2000
|
unkown image
|
page readonly
|
|
|
|
7FF541763000
|
unkown image
|
page readonly
|
|
|
|
1F822CB0000
|
unkown image
|
page read and write
|
|
|
|
84157F7000
|
stack
|
page read and write
|
|
|
|
7FF502900000
|
unkown image
|
page readonly
|
|
|
|
1C4CC313000
|
unkown
|
page read and write
|
|
|
|
55FF87F000
|
stack
|
page read and write
|
|
|
|
7FF57EC03000
|
unkown image
|
page readonly
|
|
|
|
7FF567EDF000
|
unkown image
|
page readonly
|
|
|
|
201FEF90000
|
unkown image
|
page readonly
|
|
|
|
7FF562610000
|
unkown image
|
page readonly
|
|
|
|
7FF502C4A000
|
unkown image
|
page readonly
|
|
|
|
8415FFF000
|
stack
|
page read and write
|
|
|
|
7FF567EFD000
|
unkown image
|
page readonly
|
|
|
|
282467F0000
|
unkown
|
page read and write
|
|
|
|
84159FA000
|
stack
|
page read and write
|
|
|
|
7FF562583000
|
unkown image
|
page readonly
|
|
|
|
DF16F7F000
|
stack
|
page read and write
|
|
|
|
1C4CC274000
|
unkown
|
page read and write
|
|
|
|
7DF5BE500000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24FF000
|
unkown image
|
page readonly
|
|
|
|
7FF567E63000
|
unkown image
|
page readonly
|
|
|
|
171287F000
|
stack
|
page read and write
|
|
|
|
282457C0000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE70000
|
heap default
|
page read and write
|
|
|
|
7DF5947E2000
|
unkown image
|
page readonly
|
|
|
|
7FF57EA5A000
|
unkown image
|
page readonly
|
|
|
|
285AF229000
|
unkown
|
page read and write
|
|
|
|
7FF54189A000
|
unkown image
|
page readonly
|
|
|
|
19FF0140000
|
unkown image
|
page readonly
|
|
|
|
285AFC00000
|
unkown
|
page read and write
|
|
|
|
1F822CD0000
|
unkown image
|
page readonly
|
|
|
|
28245853000
|
unkown
|
page read and write
|
|
|
|
7DF549790000
|
unkown image
|
page readonly
|
|
|
|
1C4CC255000
|
unkown
|
page read and write
|
|
|
|
7FF567E17000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEDB000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8C0F000
|
unkown image
|
page readonly
|
|
|
|
2824B04D000
|
unkown
|
page read and write
|
|
|
|
7FF5C23F7000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24EB000
|
unkown image
|
page readonly
|
|
|
|
201FF750000
|
unkown image
|
page write copy
|
|
|
|
2824B000000
|
unkown
|
page read and write
|
|
|
|
7DF5189E2000
|
unkown image
|
page readonly
|
|
|
|
7FF54193B000
|
unkown image
|
page readonly
|
|
|
|
F578D7D000
|
stack
|
page read and write
|
|
|
|
18ABD46E000
|
unkown
|
page read and write
|
|
|
|
7FF56263B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C1D44000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24E4000
|
unkown image
|
page readonly
|
|
|
|
7FF533E5B000
|
unkown image
|
page readonly
|
|
|
|
1F823200000
|
unkown image
|
page readonly
|
|
|
|
201FF102000
|
unkown
|
page read and write
|
|
|
|
18ABD502000
|
unkown
|
page read and write
|
|
|
|
7FF5C2277000
|
unkown image
|
page readonly
|
|
|
|
28246000000
|
unkown
|
page read and write
|
|
|
|
282468D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C24C6000
|
unkown image
|
page readonly
|
|
|
|
7DF557260000
|
unkown image
|
page readonly
|
|
|
|
264B9FF000
|
stack
|
page read and write
|
|
|
|
18ABD441000
|
unkown
|
page read and write
|
|
|
|
7FF56252C000
|
unkown image
|
page readonly
|
|
|
|
1F822E41000
|
unkown
|
page read and write
|
|
|
|
2824AE80000
|
unkown
|
page read and write
|
|
|
|
7DF577F50000
|
unkown image
|
page readonly
|
|
|
|
7DF577F32000
|
unkown image
|
page readonly
|
|
|
|
2824ACC0000
|
unkown
|
page read and write
|
|
|
|
201FEF60000
|
unkown image
|
page readonly
|
|
|
|
8415D7F000
|
stack
|
page read and write
|
|
|
|
18ABD440000
|
unkown
|
page read and write
|
|
|
|
7FF57EEBD000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE520000
|
unkown image
|
page readonly
|
|
|
|
7FF541889000
|
unkown image
|
page readonly
|
|
|
|
7FF502F6E000
|
unkown image
|
page readonly
|
|
|
|
7FF541868000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE500000
|
unkown image
|
page readonly
|
|
|
|
7DF577F42000
|
unkown image
|
page readonly
|
|
|
|
2BB60113000
|
unkown
|
page read and write
|
|
|
|
19FF01A0000
|
unkown
|
page read and write
|
|
|
|
2824B10A000
|
unkown
|
page read and write
|
|
|
|
285AF202000
|
unkown
|
page read and write
|
|
|
|
201FF660000
|
unkown image
|
page readonly
|
|
|
|
8415DFE000
|
stack
|
page read and write
|
|
|
|
28246113000
|
unkown
|
page read and write
|
|
|
|
7FF503029000
|
unkown image
|
page readonly
|
|
|
|
2824AF10000
|
unkown
|
page read and write
|
|
|
|
7FF5A8BD6000
|
unkown image
|
page readonly
|
|
|
|
A8D4B7F000
|
stack
|
page read and write
|
|
|
|
7FF5A89AD000
|
unkown image
|
page readonly
|
|
|
|
19FF0170000
|
heap default
|
page read and write
|
|
|
|
7FF5A8BFE000
|
unkown image
|
page readonly
|
|
|
|
18ABD46C000
|
unkown
|
page read and write
|
|
|
|
28246910000
|
unkown image
|
page readonly
|
|
|
|
19FF022A000
|
unkown
|
page read and write
|
|
|
|
7FF5C24EE000
|
unkown image
|
page readonly
|
|
|
|
1C4CC252000
|
unkown
|
page read and write
|
|
|
|
1C4CC28F000
|
unkown
|
page read and write
|
|
|
|
7DF57D822000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B17000
|
unkown image
|
page readonly
|
|
|
|
2824B09E000
|
unkown
|
page read and write
|
|
|
|
28245800000
|
unkown
|
page read and write
|
|
|
|
2824B020000
|
unkown
|
page read and write
|
|
|
|
7FF567CBD000
|
unkown image
|
page readonly
|
|
|
|
28245E60000
|
unkown image
|
page readonly
|
|
|
|
7FF57EBD3000
|
unkown image
|
page readonly
|
|
|
|
2824B110000
|
unkown
|
page read and write
|
|
|
|
7FF5030EB000
|
unkown image
|
page readonly
|
|
|
|
2824B0A1000
|
unkown
|
page read and write
|
|
|
|
7DF57D820000
|
unkown image
|
page readonly
|
|
|
|
7DF5947D0000
|
unkown image
|
page readonly
|
|
|
|
19FF024B000
|
unkown
|
page read and write
|
|
|
|
18ABD44E000
|
unkown
|
page read and write
|
|
|
|
7DF5947E0000
|
unkown image
|
page readonly
|
|
|
|
19FF023C000
|
unkown
|
page read and write
|
|
|
|
7FF567BD6000
|
unkown image
|
page readonly
|
|
|
|
7FF54187D000
|
unkown image
|
page readonly
|
|
|
|
7FF502FE7000
|
unkown image
|
page readonly
|
|
|
|
7FF502F64000
|
unkown image
|
page readonly
|
|
|
|
1712E7F000
|
stack
|
page read and write
|
|
|
|
7DF57D810000
|
unkown image
|
page readonly
|
|
|
|
2824B0F2000
|
unkown
|
page read and write
|
|
|
|
2824AFA0000
|
unkown
|
page read and write
|
|
|
|
2BB5FF70000
|
unkown
|
page read and write
|
|
|
|
7FF533E8B000
|
unkown image
|
page readonly
|
|
|
|
7FF5030ED000
|
unkown image
|
page readonly
|
|
|
|
7DF557250000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE512000
|
unkown image
|
page readonly
|
|
|
|
2824B103000
|
unkown
|
page read and write
|
|
|
|
7FF5A86D9000
|
unkown image
|
page readonly
|
|
|
|
7FF5417C4000
|
unkown image
|
page readonly
|
|
|
|
2824AE70000
|
unkown
|
page read and write
|
|
|
|
F0D5E8B000
|
unkown
|
page read and write
|
|
|
|
201FF0C0000
|
unkown
|
page read and write
|
|
|
|
7FF5A8B53000
|
unkown image
|
page readonly
|
|
|
|
201FF0E2000
|
unkown
|
page read and write
|
|
|
|
285AF860000
|
unkown image
|
page readonly
|
|
|
|
7FF502FE3000
|
unkown image
|
page readonly
|
|
|
|
285AF190000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B5A000
|
unkown image
|
page readonly
|
|
|
|
7DF455110000
|
unkown image
|
page readonly
|
|
|
|
7FF5030CD000
|
unkown image
|
page readonly
|
|
|
|
282458AD000
|
unkown
|
page read and write
|
|
|
|
7DF57D812000
|
unkown image
|
page readonly
|
|
|
|
18ABD47B000
|
unkown
|
page read and write
|
|
|
|
282457E0000
|
heap default
|
page read and write
|
|
|
|
2824AF70000
|
unkown
|
page read and write
|
|
|
|
F578B7D000
|
stack
|
page read and write
|
|
|
|
1712B7C000
|
stack
|
page read and write
|
|
|
|
2824AF50000
|
unkown
|
page read and write
|
|
|
|
2824B119000
|
unkown
|
page read and write
|
|
|
|
7DF57D822000
|
unkown image
|
page readonly
|
|
|
|
7FF56263F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B1C000
|
unkown image
|
page readonly
|
|
|
|
7FF57EBCA000
|
unkown image
|
page readonly
|
|
|
|
7DF549782000
|
unkown image
|
page readonly
|
|
|
|
F57907E000
|
stack
|
page read and write
|
|
|
|
7FF5030DE000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7E02000
|
unkown image
|
page readonly
|
|
|
|
285AF1E0000
|
unkown
|
page read and write
|
|
|
|
7FF5A89DE000
|
unkown image
|
page readonly
|
|
|
|
18ABD9A0000
|
unkown
|
page read and write
|
|
|
|
282461E1000
|
unkown
|
page read and write
|
|
|
|
264B4FE000
|
stack
|
page read and write
|
|
|
|
7FF5C244A000
|
unkown image
|
page readonly
|
|
|
|
7FF541934000
|
unkown image
|
page readonly
|
|
|
|
285AF240000
|
unkown
|
page read and write
|
|
|
|
7FF567EF0000
|
unkown image
|
page readonly
|
|
|
|
2824AD30000
|
unkown
|
page read and write
|
|
|
|
7FF541893000
|
unkown image
|
page readonly
|
|
|
|
1F822CD0000
|
unkown image
|
page readonly
|
|
|
|
264B8FE000
|
stack
|
page read and write
|
|
|
|
7DF5189F0000
|
unkown image
|
page readonly
|
|
|
|
7FF567F0B000
|
unkown image
|
page readonly
|
|
|
|
7DF4926A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B07000
|
unkown image
|
page readonly
|
|
|
|
18ABD800000
|
unkown image
|
page readonly
|
|
|
|
282458FD000
|
unkown
|
page read and write
|
|
|
|
7FF567DF0000
|
unkown image
|
page readonly
|
|
|
|
285AF180000
|
heap default
|
page read and write
|
|
|
|
1C4CC289000
|
unkown
|
page read and write
|
|
|
|
7FF541920000
|
unkown image
|
page readonly
|
|
|
|
1C4CC600000
|
unkown image
|
page readonly
|
|
|
|
285AF223000
|
unkown
|
page read and write
|
|
|
|
7FF57EEDF000
|
unkown image
|
page readonly
|
|
|
|
7DF557240000
|
unkown image
|
page readonly
|
|
|
|
7FF57EC74000
|
unkown image
|
page readonly
|
|
|
|
55FF1DD000
|
stack
|
page read and write
|
|
|
|
7FF57EBD1000
|
unkown image
|
page readonly
|
|
|
|
7DF557252000
|
unkown image
|
page readonly
|
|
|
|
2824B056000
|
unkown
|
page read and write
|
|
|
|
7FF57EE45000
|
unkown image
|
page readonly
|
|
|
|
2824AF60000
|
unkown
|
page read and write
|
|
|
|
1C4CC308000
|
unkown
|
page read and write
|
|
|
|
2824B0FF000
|
unkown
|
page read and write
|
|
|
|
2824588D000
|
unkown
|
page read and write
|
|
|
|
2824B040000
|
unkown
|
page read and write
|
|
|
|
285AF110000
|
unkown image
|
page read and write
|
|
|
|
18ABD1F0000
|
unkown image
|
page readonly
|
|
|
|
7FF57EC98000
|
unkown image
|
page readonly
|
|
|
|
7FF541908000
|
unkown image
|
page readonly
|
|
|
|
7FF562548000
|
unkown image
|
page readonly
|
|
|
|
28245829000
|
unkown
|
page read and write
|
|
|
|
18ABD43B000
|
unkown
|
page read and write
|
|
|
|
18ABD447000
|
unkown
|
page read and write
|
|
|
|
2824AE61000
|
unkown
|
page read and write
|
|
|
|
7DF549780000
|
unkown image
|
page readonly
|
|
|
|
2824B0FF000
|
unkown
|
page read and write
|
|
|
|
285AF1E0000
|
unkown
|
page read and write
|
|
|
|
1F823000000
|
unkown image
|
page readonly
|
|
|
|
7FF50303A000
|
unkown image
|
page readonly
|
|
|
|
2824AFB0000
|
unkown
|
page read and write
|
|
|
|
55FF5FB000
|
stack
|
page read and write
|
|
|
|
7FF5416ED000
|
unkown image
|
page readonly
|
|
|
|
18ABD45A000
|
unkown
|
page read and write
|
|
|
|
841539B000
|
unkown
|
page read and write
|
|
|
|
7FF502DB6000
|
unkown image
|
page readonly
|
|
|
|
7FF50301D000
|
unkown image
|
page readonly
|
|
|
|
7FF57EBC3000
|
unkown image
|
page readonly
|
|
|
|
1F822F00000
|
unkown
|
page read and write
|
|
|
|
7FF57EBD8000
|
unkown image
|
page readonly
|
|
|
|
2BB6005A000
|
unkown
|
page read and write
|
|
|
|
285AF1B0000
|
unkown
|
page read and write
|
|
|
|
7FF57EDB4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8BED000
|
unkown image
|
page readonly
|
|
|
|
7FF5625A5000
|
unkown image
|
page readonly
|
|
|
|
8415AFE000
|
stack
|
page read and write
|
|
|
|
201FEF40000
|
unkown image
|
page read and write
|
|
|
|
1C4CC1B0000
|
unkown
|
page read and write
|
|
|
|
7FF541603000
|
unkown image
|
page readonly
|
|
|
|
285AF120000
|
heap private
|
page read and write
|
|
|
|
28246CA0000
|
unkown
|
page read and write
|
|
|
|
7FF57E98F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B49000
|
unkown image
|
page readonly
|
|
|
|
7FF5C23EC000
|
unkown image
|
page readonly
|
|
|
|
2BB60400000
|
unkown image
|
page readonly
|
|
|
|
7FF502934000
|
unkown image
|
page readonly
|
|
|
|
7DF57D820000
|
unkown image
|
page readonly
|
|
|
|
7FF567BC8000
|
unkown image
|
page readonly
|
|
|
|
8415BFA000
|
stack
|
page read and write
|
|
|
|
201FF06E000
|
unkown
|
page read and write
|
|
|
|
2824B106000
|
unkown
|
page read and write
|
|
|
|
201FF939000
|
unkown
|
page read and write
|
|
|
|
7DF549782000
|
unkown image
|
page readonly
|
|
|
|
DF1717F000
|
stack
|
page read and write
|
|
|
|
7FF5C242D000
|
unkown image
|
page readonly
|
|
|
|
7DF549780000
|
unkown image
|
page readonly
|
|
|
|
19FF0300000
|
unkown
|
page read and write
|
|
|
|
201FF03E000
|
unkown
|
page read and write
|
|
|
|
1C4CC302000
|
unkown
|
page read and write
|
|
|
|
7DF577F30000
|
unkown image
|
page readonly
|
|
|
|
7FF5030AF000
|
unkown image
|
page readonly
|
|
|
|
7DF549792000
|
unkown image
|
page readonly
|
|
|
|
2824B02E000
|
unkown
|
page read and write
|
|
|
|
285AF213000
|
unkown
|
page read and write
|
|
|
|
7FF5C24CB000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEDF000
|
unkown image
|
page readonly
|
|
|
|
7FF502F06000
|
unkown image
|
page readonly
|
|
|
|
19FF04D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5622CA000
|
unkown image
|
page readonly
|
|
|
|
A8D4A7C000
|
stack
|
page read and write
|
|
|
|
28245790000
|
unkown image
|
page readonly
|
|
|
|
2BB5FE40000
|
unkown image
|
page readonly
|
|
|
|
19FF0302000
|
unkown
|
page read and write
|
|
|
|
18ABD46A000
|
unkown
|
page read and write
|
|
|
|
1C4CC780000
|
unkown image
|
page readonly
|
|
|
|
7FF562579000
|
unkown image
|
page readonly
|
|
|
|
DF16C7F000
|
stack
|
page read and write
|
|
|
|
2824B108000
|
unkown
|
page read and write
|
|
|
|
7DF5189F0000
|
unkown image
|
page readonly
|
|
|
|
F0D63FB000
|
stack
|
page read and write
|
|
|
|
1C4CC271000
|
unkown
|
page read and write
|
|
|
|
7FF5C24FD000
|
unkown image
|
page readonly
|
|
|
|
55FF0DC000
|
unkown
|
page read and write
|
|
|
|
2824AD40000
|
unkown
|
page read and write
|
|
|
|
28245AD0000
|
unkown image
|
page readonly
|
|
|
|
7FF567DE0000
|
unkown image
|
page readonly
|
|
|
|
1C4CC229000
|
unkown
|
page read and write
|
|
|
|
282457B0000
|
unkown image
|
page readonly
|
|
|
|
7FF57EE2A000
|
unkown image
|
page readonly
|
|
|
|
7DF5947E2000
|
unkown image
|
page readonly
|
|
|
|
28245893000
|
unkown
|
page read and write
|
|
|
|
7FF533DC5000
|
unkown image
|
page readonly
|
|
|
|
1F822E00000
|
unkown
|
page read and write
|
|
|
|
18ABD240000
|
heap default
|
page read and write
|
|
|
|
7DF518A00000
|
unkown image
|
page readonly
|
|
|
|
7FF562522000
|
unkown image
|
page readonly
|
|
|
|
2BB6006F000
|
unkown
|
page read and write
|
|
|
|
7FF56263D000
|
unkown image
|
page readonly
|
|
|
|
18ABD457000
|
unkown
|
page read and write
|
|
|
|
18ABD432000
|
unkown
|
page read and write
|
|
|
|
28246710000
|
unkown image
|
page read and write
|
|
|
|
F578FFD000
|
stack
|
page read and write
|
|
|
|
2824B10D000
|
unkown
|
page read and write
|
|
|
|
7FF562624000
|
unkown image
|
page readonly
|
|
|
|
A8D487B000
|
stack
|
page read and write
|
|
|
|
28245824000
|
unkown
|
page read and write
|
|
|
|
2BB6003D000
|
unkown
|
page read and write
|
|
|
|
1C4CC400000
|
unkown image
|
page readonly
|
|
|
|
7FF5030EF000
|
unkown image
|
page readonly
|
|
|
|
7FF533E7B000
|
unkown image
|
page readonly
|
|
|
|
7DF557250000
|
unkown image
|
page readonly
|
|
|
|
A8D4C7F000
|
stack
|
page read and write
|
|
|
|
1C4CC050000
|
heap private
|
page read and write
|
|
|
|
7FF502FFC000
|
unkown image
|
page readonly
|
|
|
|
7FF5C23E2000
|
unkown image
|
page readonly
|
|
|
|
7FF57EA6F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A86D3000
|
unkown image
|
page readonly
|
|
|
|
84162FB000
|
stack
|
page read and write
|
|
|
|
7DF577F40000
|
unkown image
|
page readonly
|
|
|
|
7FF541428000
|
unkown image
|
page readonly
|
|
|
|
2824B111000
|
unkown
|
page read and write
|
|
|
|
7DF577F50000
|
unkown image
|
page readonly
|
|
|
|
2824ACB0000
|
unkown
|
page read and write
|
|
|
|
18ABD600000
|
unkown image
|
page readonly
|
|
|
|
2824B110000
|
unkown
|
page read and write
|
|
|
|
7FF5623DD000
|
unkown image
|
page readonly
|
|
|
|
2824B0F8000
|
unkown
|
page read and write
|
|
|
|
1C4CC060000
|
unkown image
|
page readonly
|
|
|
|
7FF541713000
|
unkown image
|
page readonly
|
|
|
|
18ABD462000
|
unkown
|
page read and write
|
|
|
|
201FF802000
|
unkown
|
page read and write
|
|
|
|
18ABD446000
|
unkown
|
page read and write
|
|
|
|
19FF0A02000
|
unkown
|
page read and write
|
|
|
|
7DF4D5CC0000
|
unkown image
|
page readonly
|
|
|
|
201FF013000
|
unkown
|
page read and write
|
|
|
|
2824AF90000
|
unkown
|
page read and write
|
|
|
|
7FF56261D000
|
unkown image
|
page readonly
|
|
|
|
7FF502FD2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C240C000
|
unkown image
|
page readonly
|
|
|
|
19FF0253000
|
unkown
|
page read and write
|
|
|
|
7FF5A8A5F000
|
unkown image
|
page readonly
|
|
|
|
264B7FE000
|
stack
|
page read and write
|
|
|
|
55FF97F000
|
stack
|
page read and write
|
|
|
|
2824B063000
|
unkown
|
page read and write
|
|
|
|
28246300000
|
unkown
|
page read and write
|
|
|
|
1F822F02000
|
unkown
|
page read and write
|
|
|
|
84160FF000
|
stack
|
page read and write
|
|
|
|
1F822E66000
|
unkown
|
page read and write
|
|
|
|
201FEFC0000
|
unkown image
|
page readonly
|
|
|
|
2824AE4E000
|
unkown
|
page read and write
|
|
|
|
7FF533E7E000
|
unkown image
|
page readonly
|
|
|
|
19FF0313000
|
unkown
|
page read and write
|
|
|
|
7DF57D812000
|
unkown image
|
page readonly
|
|
|
|
F578AFF000
|
stack
|
page read and write
|
|
|
|
A8D43FF000
|
stack
|
page read and write
|
|
|
|
7FF502FDC000
|
unkown image
|
page readonly
|
|
|
|
7FF57EE9F000
|
unkown image
|
page readonly
|
|
|
|
7FF562558000
|
unkown image
|
page readonly
|
|
|
|
7DF475E00000
|
unkown image
|
page readonly
|
|
|
|
7FF56256D000
|
unkown image
|
page readonly
|
|
|
|
7FF57E9E6000
|
unkown image
|
page readonly
|
|
|
|
18ABD210000
|
unkown image
|
page readonly
|
|
|
|
28245770000
|
unkown image
|
page read and write
|
|
|
|
2824AD20000
|
unkown
|
page read and write
|
|
|
|
7FF53329D000
|
unkown image
|
page readonly
|
|
|
|
28246C90000
|
unkown
|
page read and write
|
|
|
|
19FF0120000
|
unkown image
|
page readonly
|
|
|
|
7FF567E4D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C23B7000
|
unkown image
|
page readonly
|
|
|
|
7FF5C192B000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7E02000
|
unkown image
|
page readonly
|
|
|
|
1C4CC23C000
|
unkown
|
page read and write
|
|
|
|
7FF561A53000
|
unkown image
|
page readonly
|
|
|
|
201FEFE0000
|
unkown
|
page read and write
|
|
|
|
7FF541419000
|
unkown image
|
page readonly
|
|
|
|
7FF57EEA6000
|
unkown image
|
page readonly
|
|
|
|
7DF5947D2000
|
unkown image
|
page readonly
|
|
|
|
285AF200000
|
unkown
|
page read and write
|
|
|
|
DF16B7D000
|
stack
|
page read and write
|
|
|
|
7FF57E68E000
|
unkown image
|
page readonly
|
|
|
|
285AF236000
|
unkown
|
page read and write
|
|
|
|
7FF533DA8000
|
unkown image
|
page readonly
|
|
|
|
7FF562606000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE510000
|
unkown image
|
page readonly
|
|
|
|
7DF5947F0000
|
unkown image
|
page readonly
|
|
|
|
7FF57EE0D000
|
unkown image
|
page readonly
|
|
|
|
7DF5189E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8A65000
|
unkown image
|
page readonly
|
|
|
|
7FF56262E000
|
unkown image
|
page readonly
|
|
|
|
7FF533E8F000
|
unkown image
|
page readonly
|
|
|
|
7FF57EDD7000
|
unkown image
|
page readonly
|
|
|
|
DF16E7D000
|
stack
|
page read and write
|
|
|
|
2BB5FE20000
|
unkown image
|
page readonly
|
|
|
|
7DF57D830000
|
unkown image
|
page readonly
|
|
|
|
2824B11B000
|
unkown
|
page read and write
|
|
|
|
19FF0180000
|
unkown image
|
page readonly
|
|
|
|
1C4CC080000
|
unkown image
|
page readonly
|
|
|
|
2824AFA0000
|
unkown
|
page read and write
|
|
|
|
1C4CC190000
|
unkown image
|
page readonly
|
|
|
|
7FF562575000
|
unkown image
|
page readonly
|
|
|
|
264B57E000
|
stack
|
page read and write
|
|
|
|
7FF57E355000
|
unkown image
|
page readonly
|
|
|
|
18ABD442000
|
unkown
|
page read and write
|
|
|
|
28246118000
|
unkown
|
page read and write
|
|
|
|
7FF57EC01000
|
unkown image
|
page readonly
|
|
|
|
2824AE64000
|
unkown
|
page read and write
|
|
|
|
7FF533DDA000
|
unkown image
|
page readonly
|
|
|
|
7FF54193E000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE510000
|
unkown image
|
page readonly
|
|
|
|
201FEF80000
|
unkown image
|
page readonly
|
|
|
|
7FF5418B5000
|
unkown image
|
page readonly
|
|
|
|
7FF57EDF8000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8A84000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8BC8000
|
unkown image
|
page readonly
|
|
|
|
2824AE70000
|
unkown
|
page read and write
|
|
|
|
7FF541847000
|
unkown image
|
page readonly
|
|
|
|
18ABD460000
|
unkown
|
page read and write
|
|
|
|
18ABD461000
|
unkown
|
page read and write
|
|
|
|
8415EFF000
|
stack
|
page read and write
|
|
|
|
18ABD445000
|
unkown
|
page read and write
|
|
|
|
2824B111000
|
unkown
|
page read and write
|
|
|
|
1F822E02000
|
unkown
|
page read and write
|
|
|
|
7FF5C2435000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7E10000
|
unkown image
|
page readonly
|
|
|
|
28245F40000
|
unkown
|
page read and write
|
|
|
|
7FF57E341000
|
unkown image
|
page readonly
|
|
|
|
1C4CC300000
|
unkown
|
page read and write
|
|
|
|
7FF5A8BDB000
|
unkown image
|
page readonly
|
|
|
|
7FF5410BD000
|
unkown image
|
page readonly
|
|
|
|
7FF502FF7000
|
unkown image
|
page readonly
|
|
|
|
1712A7C000
|
stack
|
page read and write
|
|
|
|
2BB60002000
|
unkown
|
page read and write
|
|
|
|
7FF54194F000
|
unkown image
|
page readonly
|
|
|
|
28245874000
|
unkown
|
page read and write
|
|
|
|
28246015000
|
unkown
|
page read and write
|
|
|
|
7FF5623D2000
|
unkown image
|
page readonly
|
|
|
|
28246C71000
|
unkown
|
page read and write
|
|
|
|
2824AE40000
|
unkown
|
page read and write
|
|
|
|
7FF57E350000
|
unkown image
|
page readonly
|
|
|
|
2824B0DB000
|
unkown
|
page read and write
|
|
|
|
7FF541413000
|
unkown image
|
page readonly
|
|
|
|
2BB60200000
|
unkown image
|
page readonly
|
|
|
|
1C4CC248000
|
unkown
|
page read and write
|
|
|
|
18ABD400000
|
unkown
|
page read and write
|
|
|
|
7DF557252000
|
unkown image
|
page readonly
|
|
|
|
1C4CC0B0000
|
heap default
|
page read and write
|
|
|
|
28245F50000
|
unkown image
|
page read and write
|
|
|
|
1F8233A0000
|
unkown image
|
page readonly
|
|
|
|
DF1727F000
|
stack
|
page read and write
|
|
|
|
2824AFA0000
|
unkown
|
page read and write
|
|
|
|
7FF5A8C0F000
|
unkown image
|
page readonly
|
|
|
|
2BB60590000
|
unkown image
|
page readonly
|
|
|
|
2824B108000
|
unkown
|
page read and write
|
|
|
|
285AF302000
|
unkown
|
page read and write
|
|
|
|
7FF57EDB0000
|
unkown image
|
page readonly
|
|
|
|
285AF850000
|
unkown image
|
page readonly
|
|
|
|
2824586F000
|
unkown
|
page read and write
|
|
|
|
2BB60580000
|
unkown image
|
page readonly
|
|
|
|
7FF54179F000
|
unkown image
|
page readonly
|
|
|
|
1C4CC040000
|
unkown image
|
page read and write
|
|
|
|
7FF5A8A23000
|
unkown image
|
page readonly
|
|
|
|
7FF54194B000
|
unkown image
|
page readonly
|
|
|
|
1F822E6A000
|
unkown
|
page read and write
|
|
|
|
55FF67E000
|
stack
|
page read and write
|
|
|
|
F0D64FE000
|
stack
|
page read and write
|
|
|
|
28246600000
|
unkown
|
page read and write
|
|
|
|
A8D437C000
|
unkown
|
page read and write
|
|
|
|
7FF57EE98000
|
unkown image
|
page readonly
|
|
|
|
7FF5030A8000
|
unkown image
|
page readonly
|
|
|
|
1F822F13000
|
unkown
|
page read and write
|
|
|
|
8415CFB000
|
stack
|
page read and write
|
|
|
|
2824B108000
|
unkown
|
page read and write
|
|
|
|
F578DFE000
|
stack
|
page read and write
|
|
|
|
19FF0270000
|
unkown
|
page read and write
|
|
|
|
7FF57EDCC000
|
unkown image
|
page readonly
|
|
|
|
7FF567F1D000
|
unkown image
|
page readonly
|
|
|
|
1F822CF0000
|
unkown image
|
page readonly
|
|
|
|
F578C7F000
|
stack
|
page read and write
|
|
|
|
F578EFD000
|
stack
|
page read and write
|
|
|
|
7FF57ED2F000
|
unkown image
|
page readonly
|
|
|
|
7FF502FC4000
|
unkown image
|
page readonly
|
|
|
|
7DF557242000
|
unkown image
|
page readonly
|
|
|
|
8415E7E000
|
stack
|
page read and write
|
|
|
|
7DF577F40000
|
unkown image
|
page readonly
|
|
|
|
7DF47B6E0000
|
unkown image
|
page readonly
|
|
|
|
7DF549792000
|
unkown image
|
page readonly
|
|
|
|
7FF57EC93000
|
unkown image
|
page readonly
|
|
|
|
2824AF80000
|
unkown
|
page read and write
|
|
|
|
7FF57EC7A000
|
unkown image
|
page readonly
|
|
|
|
201FF0D1000
|
unkown
|
page read and write
|
|
|
|
7FF5A8B45000
|
unkown image
|
page readonly
|
|
|
|
201FF000000
|
unkown
|
page read and write
|
|
|
|
7FF5C22CE000
|
unkown image
|
page readonly
|
|
|
|
1F822CC0000
|
heap private
|
page read and write
|
|
|
|
264B6FE000
|
stack
|
page read and write
|
|
|
|
201FF08B000
|
unkown
|
page read and write
|
|
|
|
19FF027B000
|
unkown
|
page read and write
|
|
|
|
28245913000
|
unkown
|
page read and write
|
|
|
|
7FF5A89D3000
|
unkown image
|
page readonly
|
|
|
|
18ABD320000
|
unkown image
|
page readonly
|
|
|
|
7FF562533000
|
unkown image
|
page readonly
|
|
|
|
18ABD413000
|
unkown
|
page read and write
|
|
|
|
7FF5C23B0000
|
unkown image
|
page readonly
|
|
|
|
84161FF000
|
stack
|
page read and write
|
|
|
|
171211B000
|
unkown
|
page read and write
|
|
|
|
7FF567E03000
|
unkown image
|
page readonly
|
|
|
|
7DF557240000
|
unkown image
|
page readonly
|
|
|
|
7FF567E59000
|
unkown image
|
page readonly
|
|
|
|
2824B0E1000
|
unkown
|
page read and write
|
|
|
|
1C4CC200000
|
unkown
|
page read and write
|
|
|
|
7FF57EDA0000
|
unkown image
|
page readonly
|
|
|
|
7FF562406000
|
unkown image
|
page readonly
|
|
|
|
DF1737E000
|
stack
|
page read and write
|
|
|
|
285AF150000
|
unkown image
|
page readonly
|
|
|
|
28246100000
|
unkown
|
page read and write
|
|
|
|
7FF533DC9000
|
unkown image
|
page readonly
|
|
|
|
7FF57ED54000
|
unkown image
|
page readonly
|
|
|
|
7FF5A8B3D000
|
unkown image
|
page readonly
|
|
|
|
7DF5D7DF2000
|
unkown image
|
page readonly
|
|
|
|
7DF5BE512000
|
unkown image
|
page readonly
|
|
|
|
7DF557260000
|
unkown image
|
page readonly
|
|
|
|
28245E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2407000
|
unkown image
|
page readonly
|
|
|
|
7FF5C2031000
|
unkown image
|
page readonly
|
|
|
|
28246158000
|
unkown
|
page read and write
|
|
|
|
7DF57D830000
|
unkown image
|
page readonly
|
|
|
|
18ABD1D0000
|
unkown image
|
page read and write
|
|
|
|
7FF5623FC000
|
unkown image
|
page readonly
|
|
|
|
17128FC000
|
stack
|
page read and write
|
|
|
|
1F823210000
|
unkown image
|
page readonly
|
|
|
|
7FF54194F000
|
unkown image
|
page readonly
|
|
|
|
1F822D20000
|
heap default
|
page read and write
|
|
|
|
18ABD47F000
|
unkown
|
page read and write
|
|
|
|
7FF567E55000
|
unkown image
|
page readonly
|
|
|
|
7FF533D9C000
|
unkown image
|
page readonly
|
|
|
|
7FF533DF5000
|
unkown image
|
page readonly
|
|
|
|
2824B10D000
|
unkown
|
page read and write
|
|
|
|
171257B000
|
stack
|
page read and write
|
|
|
|
28245879000
|
unkown
|
page read and write
|
|
|
|
2824583D000
|
unkown
|
page read and write
|
|
|
|
2824589E000
|
unkown
|
page read and write
|
|
|
|
7FF5A8B03000
|
unkown image
|
page readonly
|
|
|
|
282468F0000
|
unkown image
|
page readonly
|
|
|
|
1C4CC249000
|
unkown
|
page read and write
|
|
|
|
1C4CC24C000
|
unkown
|
page read and write
|
|
|
|
1F823602000
|
unkown
|
page read and write
|
|
|
|
7FF502F12000
|
unkown image
|
page readonly
|
|
|
|
7FF5A841F000
|
unkown image
|
page readonly
|
|
|
|
18ABD45F000
|
unkown
|
page read and write
|
|
|
|
7FF57EDEC000
|
unkown image
|
page readonly
|
|
|
|
2824AE84000
|
unkown
|
page read and write
|
|
|
|
285AF258000
|
unkown
|
page read and write
|
|
|
|
201FF900000
|
unkown
|
page read and write
|
|
|
|
264B47B000
|
unkown
|
page read and write
|
|
|
|
2824B2E0000
|
unkown
|
page read and write
|
|
|
|
A8D467E000
|
stack
|
page read and write
|
|
|
|
201FEF60000
|
unkown image
|
page readonly
|
|
|
|
201FF4D0000
|
unkown image
|
page readonly
|
|
|
|
F0D65FE000
|
stack
|
page read and write
|
|
|
|
2824ACA0000
|
unkown
|
page read and write
|
|
|
|
DF168FB000
|
stack
|
page read and write
|
|
|
|
7DF5BE502000
|
unkown image
|
page readonly
|
|
|
|
2824B014000
|
unkown
|
page read and write
|
|
|
|
7FF56262B000
|
unkown image
|
page readonly
|
|
|
|
18ABD458000
|
unkown
|
page read and write
|
|
There are 813 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/webmail/?client_id=PSACQnYyNumKgoTvEUp5rB&redirect_uri=https%3A%2F%2Fwww.candies-twentytwo.io%2F&protectedtoken=false&id=Y2FuZGllcy10d2VudHl0d28uaW8=&Country=US&x=YW5keUBjYW5kaWVzLXR3ZW50eXR3by5pbw==&i=outlook
|
|
|
|
https://insurance.insuretym.com/wp-include/reports/genWeb/?email=andy@candies-twentytwo.io
|
|