Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Proof oF Payment.htm
|
HTML document, ASCII text, with very long lines, with CRLF, LF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\42a13f38-8b3b-4493-94cf-cdfd986b0c3e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4a53103a-497e-4a4d-893c-3e8206b5187d.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\71591bfc-83e6-4959-bca9-a387a0beaa9b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\77f7b882-d873-4f60-9375-0c0a83fb2ddd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1fe9d5a0-69ff-4f72-98c8-5de8197bae30.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2ac370c6-5316-458a-b972-7967e1864dc1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2cf27b28-1b67-4e2a-b5c3-ad73b52ba67d.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\339339eb-f468-457e-a873-3e8c955dbcc0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\52e1b2f1-f999-4dae-ae7b-bb282f620990.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\921752e4-5ab0-42e9-a075-305abe17a27d.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldG (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessiond (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old01 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateE3 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences* (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesa\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesjs (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\18ac3252-3be5-45df-8dc9-3756c5c5d51d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old..
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldo
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.oldf'
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldpn
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
Statemp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.oldg
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.oldj
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\b3e269f4-88fe-40f9-99e0-653c8a04299f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldt
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1e058cd-2dac-4f44-874a-dabc81147a1a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dd80bc7d-c852-4674-a362-72d934a13f0d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e682a5a2-0d11-4ed4-a605-33f916c5ac57.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.0 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachei (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5048_1844771540\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\be45bc8f-e801-452d-9cc2-f51d26bda255.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d2970804-a10c-4c88-b36d-14e818a5c120.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\da6d4aef-8603-4139-ab34-140ba7a5a73d.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f6f8abf6-345a-4e6e-8d45-ddb9b22ca019.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1274014156\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1274014156\_platform_specific\win_x64\widevinecdm.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1274014156\_platform_specific\win_x64\widevinecdm.dll.sig
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1274014156\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1274014156\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1595272711\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1898842429\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1898842429\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1898842429\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1898842429\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_1898842429\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2047447278\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2047447278\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2047447278\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2090465519\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2090465519\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2090465519\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2090465519\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5048_2090465519\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\d66b096c-f5af-4097-8604-64d6ece5313c.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_2147061876\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\4d38f0e3-c0ef-41d5-8d46-54aa87e1b1f9.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5048_73564849\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 254 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'C:\Users\user\Desktop\Proof
oF Payment.htm'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1620,5238171420075082225,5461324810935906513,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1964 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Proof%20oF%20Payment.htm
|
|
||
|
https://www.moneyminerxyx.xyz/dude/post.php
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://mail1.ccistack.com/fmlurlsvc/?fewReq=:B:JVc9NjIyPSFxOjUpNyFuYzo3Nj03NiF0bmBpZnNydWI6MWYyZDNiMzJmP2RmNmZlMjQ+MmJjZmRhMTI1MzUwMGQyPmRhNjc0ZiFzOjYxNDI2PjE0MjYhdm5jOjY+V0tEUjBENzc+Mjc+KjY+V0tEUjBDNzc+Mjc+IXVkd3M6bGtmZnRxZmlzb2hodUdkZG5qZm5rKWRoaiFkOjY+IW9jazo3&url=https%3a%2f%2fseeklogo.com%2fimages%2fA%2fadobe-logo-5CC38E11AD-seeklogo.com.png&fmlBlkTk
|
198.11.15.51
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://mail1.ccistack.com/fmlurlsvc/?fewReq=:B:JVc9NjIyPSFxOjUpNyFuYzo3Nj03NiF0bmBpZnNydWI6YTc/YTBj
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/apps-themes
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://i.gyazo.com/049bc4624875e35c9a678af7eb99bb95.jpg
|
104.19.143.111
|
|
|
|
https://mail1.ccistack.com/fmlurlsvc/?fewReq=:B:JVc9NjIyPSFxOjUpNyFuYzo3Nj03NiF0bmBpZnNydWI6MWYyZDNi
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.186.97
|
|
|
|
https://s3-us-west-2.amazonaws.com/s.cdpn.io/3/check.svg);background-size:
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://api.ipify.org/?format=json
|
3.232.242.170
|
|
|
|
https://mail1.ccistack.com/fmlurlsvc/?fewReq=:B:JVc9NjIyPSFxOjUpNyFuYzo3Nj03NiF0bmBpZnNydWI6YTc/YTBjPmIyNjJlMT41MT82MGM+MDExZGI/YzU/MDcwYTZmMzMyMyFzOjYxNDI2PjE0MjYhdm5jOjY+V0tEUjBENzc+Mjc+KjY+V0tEUjBDNzc+Mjc+IXVkd3M6bGtmZnRxZmlzb2hodUdkZG5qZm5rKWRoaiFkOjY+IW9jazo3&url=https%3a%2f%2fseeklogo.com%2fimages%2fA%2fAdobe_PDF-logo-D4883D5CD6-seeklogo.com.png&fmlBlkTk
|
198.11.15.51
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.4.1.min.jst
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://api.ipify.org?format=json
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.4.1.min.js
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://i.gyazo.com/049bc4624875e35c9a678af7eb99bb95.jpg)
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themes
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 64 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.185.131
|
|
|
|
accounts.google.com
|
142.250.203.109
|
|
|
|
api.ipify.org.herokudns.com
|
3.232.242.170
|
|
|
|
i.gyazo.com
|
104.19.143.111
|
|
|
|
mail1.ccistack.com
|
198.11.15.51
|
|
|
|
clients.l.google.com
|
216.58.215.238
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.186.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
api.ipify.org
|
unknown
|
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
104.19.143.111
|
i.gyazo.com
|
United States
|
|
|
|
3.232.242.170
|
api.ipify.org.herokudns.com
|
United States
|
|
|
|
216.58.215.238
|
clients.l.google.com
|
United States
|
|
|
|
198.11.15.51
|
mail1.ccistack.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
142.250.185.131
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
142.250.186.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
142.250.203.109
|
accounts.google.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1FA7E3E0000
|
unkown image
|
page readonly
|
|
|
|
1D4ED581000
|
unkown
|
page read and write
|
|
|
|
1FA7E2A0000
|
heap private
|
page read and write
|
|
|
|
1D4ED587000
|
unkown
|
page read and write
|
|
|
|
1FA040C0000
|
unkown
|
page read and write
|
|
|
|
BDCB27F000
|
stack
|
page read and write
|
|
|
|
1D4EDA7C000
|
unkown
|
page read and write
|
|
|
|
7FF510E0D000
|
unkown image
|
page readonly
|
|
|
|
27CD86A0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC4E000
|
unkown
|
page read and write
|
|
|
|
7DF56CCE2000
|
unkown image
|
page readonly
|
|
|
|
1D4ED583000
|
unkown
|
page read and write
|
|
|
|
2167068A000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7DF56CCE0000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA00000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF5E90A3000
|
unkown image
|
page readonly
|
|
|
|
7FF561DFD000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58E000
|
unkown
|
page read and write
|
|
|
|
1E8BA300000
|
unkown
|
page read and write
|
|
|
|
1D4ED587000
|
unkown
|
page read and write
|
|
|
|
1D4ED5A7000
|
unkown
|
page read and write
|
|
|
|
1FA7E800000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB10000
|
unkown image
|
page readonly
|
|
|
|
7FF585BA5000
|
unkown image
|
page readonly
|
|
|
|
286657D000
|
stack
|
page read and write
|
|
|
|
1FA7E471000
|
unkown
|
page read and write
|
|
|
|
1FA04050000
|
unkown
|
page read and write
|
|
|
|
1FA7F964000
|
unkown
|
page read and write
|
|
|
|
7DF51AC62000
|
unkown image
|
page readonly
|
|
|
|
1D4ED581000
|
unkown
|
page read and write
|
|
|
|
1FA7E4A9000
|
unkown
|
page read and write
|
|
|
|
799C97C000
|
stack
|
page read and write
|
|
|
|
7FF5D84A4000
|
unkown image
|
page readonly
|
|
|
|
7FF562E5E000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
1D4ED55E000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ECD13000
|
unkown
|
page read and write
|
|
|
|
7FF561D3F000
|
unkown image
|
page readonly
|
|
|
|
1E8BA24E000
|
unkown
|
page read and write
|
|
|
|
1B784010000
|
heap default
|
page read and write
|
|
|
|
1B783E90000
|
unkown image
|
page readonly
|
|
|
|
27CD8C00000
|
unkown image
|
page readonly
|
|
|
|
7DF5E2350000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD15000
|
unkown
|
page read and write
|
|
|
|
1FA7FCAB000
|
unkown
|
page read and write
|
|
|
|
7FF561D6A000
|
unkown image
|
page readonly
|
|
|
|
1D4ED5CF000
|
unkown
|
page read and write
|
|
|
|
1B784B80000
|
unkown
|
page read and write
|
|
|
|
21D52A74000
|
unkown
|
page read and write
|
|
|
|
1FA7FCFE000
|
unkown
|
page read and write
|
|
|
|
1FA04070000
|
unkown
|
page read and write
|
|
|
|
7FF5D83D1000
|
unkown image
|
page readonly
|
|
|
|
21D52F90000
|
unkown image
|
page readonly
|
|
|
|
7FF5E90B7000
|
unkown image
|
page readonly
|
|
|
|
7FF544154000
|
unkown image
|
page readonly
|
|
|
|
7FF543F66000
|
unkown image
|
page readonly
|
|
|
|
7FF585DCF000
|
unkown image
|
page readonly
|
|
|
|
7FF51093A000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD13000
|
unkown
|
page read and write
|
|
|
|
27CD887E000
|
unkown
|
page read and write
|
|
|
|
1FA7E980000
|
unkown image
|
page readonly
|
|
|
|
1D4ED581000
|
unkown
|
page read and write
|
|
|
|
7FF585DB0000
|
unkown image
|
page readonly
|
|
|
|
2167068E000
|
unkown
|
page read and write
|
|
|
|
7FF585E97000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD00000
|
unkown
|
page read and write
|
|
|
|
1B784DF0000
|
unkown
|
page read and write
|
|
|
|
7FF561E47000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9007000
|
unkown image
|
page readonly
|
|
|
|
1FA7F984000
|
unkown
|
page read and write
|
|
|
|
1B784B10000
|
unkown
|
page read and write
|
|
|
|
7FF510DBF000
|
unkown image
|
page readonly
|
|
|
|
1FA7E486000
|
unkown
|
page read and write
|
|
|
|
BDCAE78000
|
stack
|
page read and write
|
|
|
|
1E8B9FE0000
|
unkown image
|
page readonly
|
|
|
|
7DF56CCF0000
|
unkown image
|
page readonly
|
|
|
|
7DF56BBE2000
|
unkown image
|
page readonly
|
|
|
|
1D4ED59A000
|
unkown
|
page read and write
|
|
|
|
1FA7F480000
|
unkown image
|
page readonly
|
|
|
|
7FF54417D000
|
unkown image
|
page readonly
|
|
|
|
799C87E000
|
stack
|
page read and write
|
|
|
|
21D529D0000
|
unkown
|
page read and write
|
|
|
|
1D4ED250000
|
unkown image
|
page readonly
|
|
|
|
7FF510D45000
|
unkown image
|
page readonly
|
|
|
|
27CD8913000
|
unkown
|
page read and write
|
|
|
|
1D4ECB40000
|
unkown image
|
page readonly
|
|
|
|
7FF562F1A000
|
unkown image
|
page readonly
|
|
|
|
7FF585EC3000
|
unkown image
|
page readonly
|
|
|
|
27CD8829000
|
unkown
|
page read and write
|
|
|
|
21D52A8A000
|
unkown
|
page read and write
|
|
|
|
7FF585D55000
|
unkown image
|
page readonly
|
|
|
|
7FF510EC7000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD17000
|
unkown
|
page read and write
|
|
|
|
1E8BA302000
|
unkown
|
page read and write
|
|
|
|
7FF585E94000
|
unkown image
|
page readonly
|
|
|
|
7FF544161000
|
unkown image
|
page readonly
|
|
|
|
7FF5441A6000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC83000
|
unkown
|
page read and write
|
|
|
|
7DF54E000000
|
unkown image
|
page readonly
|
|
|
|
7FF510971000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7FF562EF1000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57E000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
799CDFD000
|
stack
|
page read and write
|
|
|
|
7FF5102E7000
|
unkown image
|
page readonly
|
|
|
|
1D4ED5A1000
|
unkown
|
page read and write
|
|
|
|
D02CEFC000
|
stack
|
page read and write
|
|
|
|
1FA7EA60000
|
unkown
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
1D4ED578000
|
unkown
|
page read and write
|
|
|
|
7FF5D7CE1000
|
unkown image
|
page readonly
|
|
|
|
7FF5E90A6000
|
unkown image
|
page readonly
|
|
|
|
1FA7F964000
|
unkown
|
page read and write
|
|
|
|
7FF585BAF000
|
unkown image
|
page readonly
|
|
|
|
7DF54E012000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
7FF585DC4000
|
unkown image
|
page readonly
|
|
|
|
7FF5D84E9000
|
unkown image
|
page readonly
|
|
|
|
7FF585DB4000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7FF543F59000
|
unkown image
|
page readonly
|
|
|
|
7FF5D83C1000
|
unkown image
|
page readonly
|
|
|
|
7FF543DC2000
|
unkown image
|
page readonly
|
|
|
|
1D4ED59A000
|
unkown
|
page read and write
|
|
|
|
7FF510E19000
|
unkown image
|
page readonly
|
|
|
|
1B783E90000
|
unkown image
|
page readonly
|
|
|
|
7FF585B41000
|
unkown image
|
page readonly
|
|
|
|
7FF510EB6000
|
unkown image
|
page readonly
|
|
|
|
7DF58FC80000
|
unkown image
|
page readonly
|
|
|
|
7FF544211000
|
unkown image
|
page readonly
|
|
|
|
1FA7E46C000
|
unkown
|
page read and write
|
|
|
|
1E8BA249000
|
unkown
|
page read and write
|
|
|
|
1E8BA400000
|
unkown image
|
page readonly
|
|
|
|
7FF5D855B000
|
unkown image
|
page readonly
|
|
|
|
7FF562EF7000
|
unkown image
|
page readonly
|
|
|
|
1D4ED594000
|
unkown
|
page read and write
|
|
|
|
1FA7E2B0000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF543D92000
|
unkown image
|
page readonly
|
|
|
|
1FA7FCA1000
|
unkown
|
page read and write
|
|
|
|
1E8BA281000
|
unkown
|
page read and write
|
|
|
|
7FF544192000
|
unkown image
|
page readonly
|
|
|
|
1D4ED402000
|
unkown
|
page read and write
|
|
|
|
7FF585D87000
|
unkown image
|
page readonly
|
|
|
|
1D4ED59A000
|
unkown
|
page read and write
|
|
|
|
1D4ED59D000
|
unkown
|
page read and write
|
|
|
|
7FF510CB6000
|
unkown image
|
page readonly
|
|
|
|
7FF585B96000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED566000
|
unkown
|
page read and write
|
|
|
|
7FF5D8541000
|
unkown image
|
page readonly
|
|
|
|
27CD884C000
|
unkown
|
page read and write
|
|
|
|
1FA7F840000
|
unkown
|
page read and write
|
|
|
|
27CD8650000
|
unkown image
|
page read and write
|
|
|
|
BDCB67D000
|
stack
|
page read and write
|
|
|
|
76507FC000
|
stack
|
page read and write
|
|
|
|
7FF510EC7000
|
unkown image
|
page readonly
|
|
|
|
21D52A40000
|
unkown image
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF585DDF000
|
unkown image
|
page readonly
|
|
|
|
1B784140000
|
heap private
|
page read and write
|
|
|
|
7FF5E8FBF000
|
unkown image
|
page readonly
|
|
|
|
7FF585C7D000
|
unkown image
|
page readonly
|
|
|
|
1E8BA030000
|
heap default
|
page read and write
|
|
|
|
7FF510E7D000
|
unkown image
|
page readonly
|
|
|
|
27CD8A00000
|
unkown image
|
page readonly
|
|
|
|
1FA7E525000
|
unkown
|
page read and write
|
|
|
|
1D4ED589000
|
unkown
|
page read and write
|
|
|
|
7FF56126D000
|
unkown image
|
page readonly
|
|
|
|
7FF585956000
|
unkown image
|
page readonly
|
|
|
|
7FF5E90B7000
|
unkown image
|
page readonly
|
|
|
|
2167067F000
|
unkown
|
page read and write
|
|
|
|
1D4ED57C000
|
unkown
|
page read and write
|
|
|
|
1FA7FD13000
|
unkown
|
page read and write
|
|
|
|
7FF562E53000
|
unkown image
|
page readonly
|
|
|
|
7FF543E27000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
28E06FE000
|
stack
|
page read and write
|
|
|
|
7FF544186000
|
unkown image
|
page readonly
|
|
|
|
7FF585EAA000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC4A000
|
unkown
|
page read and write
|
|
|
|
27CD8847000
|
unkown
|
page read and write
|
|
|
|
7FF510C87000
|
unkown image
|
page readonly
|
|
|
|
7FF585DB9000
|
unkown image
|
page readonly
|
|
|
|
76504FB000
|
stack
|
page read and write
|
|
|
|
27CD8660000
|
heap private
|
page read and write
|
|
|
|
7FF543F70000
|
unkown image
|
page readonly
|
|
|
|
1E8BA292000
|
unkown
|
page read and write
|
|
|
|
1D4ED5B8000
|
unkown
|
page read and write
|
|
|
|
7FF585E84000
|
unkown image
|
page readonly
|
|
|
|
799CCFF000
|
stack
|
page read and write
|
|
|
|
1B784DC0000
|
unkown
|
page read and write
|
|
|
|
1B783EC0000
|
unkown image
|
page readonly
|
|
|
|
7DF51AC62000
|
unkown image
|
page readonly
|
|
|
|
1D4ECD02000
|
unkown
|
page read and write
|
|
|
|
7DF5F2E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5D856A000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9077000
|
unkown image
|
page readonly
|
|
|
|
1D4ED59F000
|
unkown
|
page read and write
|
|
|
|
7FF562E86000
|
unkown image
|
page readonly
|
|
|
|
7FF562E66000
|
unkown image
|
page readonly
|
|
|
|
1FA7FC62000
|
unkown
|
page read and write
|
|
|
|
1E8B9FE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9064000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA1D000
|
unkown
|
page read and write
|
|
|
|
1FA7F96E000
|
unkown
|
page read and write
|
|
|
|
7FF544134000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8D21000
|
unkown image
|
page readonly
|
|
|
|
27CD884D000
|
unkown
|
page read and write
|
|
|
|
7DF56BBF0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCC4000
|
unkown
|
page read and write
|
|
|
|
21670420000
|
heap default
|
page read and write
|
|
|
|
7DF469AB0000
|
unkown image
|
page readonly
|
|
|
|
1FA7F961000
|
unkown
|
page read and write
|
|
|
|
7FF510CD5000
|
unkown image
|
page readonly
|
|
|
|
7FF585DED000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
216703B0000
|
unkown image
|
page read and write
|
|
|
|
76503FF000
|
stack
|
page read and write
|
|
|
|
7FF562F47000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58C000
|
unkown
|
page read and write
|
|
|
|
1D4EDA02000
|
unkown
|
page read and write
|
|
|
|
27CD8846000
|
unkown
|
page read and write
|
|
|
|
1B784360000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
5427DDE000
|
stack
|
page read and write
|
|
|
|
1D4ED588000
|
unkown
|
page read and write
|
|
|
|
1FA7FA70000
|
unkown
|
page read and write
|
|
|
|
1B784053000
|
unkown
|
page read and write
|
|
|
|
1FA7F96C000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
21670B80000
|
unkown image
|
page readonly
|
|
|
|
1D4ED577000
|
unkown
|
page read and write
|
|
|
|
7FF585CE8000
|
unkown image
|
page readonly
|
|
|
|
799CA7B000
|
stack
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF585D18000
|
unkown image
|
page readonly
|
|
|
|
7FF543DDC000
|
unkown image
|
page readonly
|
|
|
|
1B783E80000
|
unkown
|
page read and write
|
|
|
|
1D4ED57A000
|
unkown
|
page read and write
|
|
|
|
7DF5E2342000
|
unkown image
|
page readonly
|
|
|
|
7FF510CD0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC51000
|
unkown
|
page read and write
|
|
|
|
7FF510EB3000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ED598000
|
unkown
|
page read and write
|
|
|
|
7FF562E97000
|
unkown image
|
page readonly
|
|
|
|
7FF544007000
|
unkown image
|
page readonly
|
|
|
|
7DF5F2E60000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57E000
|
unkown
|
page read and write
|
|
|
|
1FA7FAC0000
|
unkown
|
page read and write
|
|
|
|
21D52AA1000
|
unkown
|
page read and write
|
|
|
|
7FF5440A1000
|
unkown image
|
page readonly
|
|
|
|
7FF5441B7000
|
unkown image
|
page readonly
|
|
|
|
765087F000
|
stack
|
page read and write
|
|
|
|
1FA7F960000
|
unkown
|
page read and write
|
|
|
|
542857F000
|
stack
|
page read and write
|
|
|
|
1D4ECC6D000
|
unkown
|
page read and write
|
|
|
|
7DF5E2342000
|
unkown image
|
page readonly
|
|
|
|
7FF562E55000
|
unkown image
|
page readonly
|
|
|
|
7DF56CCF0000
|
unkown image
|
page readonly
|
|
|
|
7FF543F9E000
|
unkown image
|
page readonly
|
|
|
|
7FF585D98000
|
unkown image
|
page readonly
|
|
|
|
28E0779000
|
stack
|
page read and write
|
|
|
|
1FA7E48D000
|
unkown
|
page read and write
|
|
|
|
7FF5E8EC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D848F000
|
unkown image
|
page readonly
|
|
|
|
7FF585987000
|
unkown image
|
page readonly
|
|
|
|
1FA7F850000
|
unkown
|
page read and write
|
|
|
|
1E8BA24D000
|
unkown
|
page read and write
|
|
|
|
7FF561D4F000
|
unkown image
|
page readonly
|
|
|
|
7FF585CE5000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8544000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC29000
|
unkown
|
page read and write
|
|
|
|
21D52A60000
|
heap default
|
page read and write
|
|
|
|
1D4ECC3C000
|
unkown
|
page read and write
|
|
|
|
7DF58FC90000
|
unkown image
|
page readonly
|
|
|
|
1FA7F460000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9009000
|
unkown image
|
page readonly
|
|
|
|
1FA7EBF3000
|
unkown
|
page read and write
|
|
|
|
BDCAC7E000
|
stack
|
page read and write
|
|
|
|
7DF5E2340000
|
unkown image
|
page readonly
|
|
|
|
21D528E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8554000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9061000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58D000
|
unkown
|
page read and write
|
|
|
|
7DF4F0D20000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7DF56BBE0000
|
unkown image
|
page readonly
|
|
|
|
7FF543F64000
|
unkown image
|
page readonly
|
|
|
|
7FF585B92000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA0A000
|
unkown
|
page read and write
|
|
|
|
27CD8902000
|
unkown
|
page read and write
|
|
|
|
1FA7FD2B000
|
unkown
|
page read and write
|
|
|
|
1D4EDA0C000
|
unkown
|
page read and write
|
|
|
|
1FA05000000
|
unkown
|
page read and write
|
|
|
|
1FA7FAC0000
|
unkown
|
page read and write
|
|
|
|
7FF5D84E7000
|
unkown image
|
page readonly
|
|
|
|
1FA7F981000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ECCA2000
|
unkown
|
page read and write
|
|
|
|
1FA7F270000
|
unkown
|
page read and write
|
|
|
|
1FA7E413000
|
unkown
|
page read and write
|
|
|
|
7FF543A08000
|
unkown image
|
page readonly
|
|
|
|
1D4ED380000
|
unkown
|
page read and write
|
|
|
|
7FF561DF1000
|
unkown image
|
page readonly
|
|
|
|
7FF54415F000
|
unkown image
|
page readonly
|
|
|
|
1E8BA313000
|
unkown
|
page read and write
|
|
|
|
7FF510E71000
|
unkown image
|
page readonly
|
|
|
|
1FA7F803000
|
unkown
|
page read and write
|
|
|
|
28663F9000
|
stack
|
page read and write
|
|
|
|
7DF5E2340000
|
unkown image
|
page readonly
|
|
|
|
7FF562F04000
|
unkown image
|
page readonly
|
|
|
|
7FF544262000
|
unkown image
|
page readonly
|
|
|
|
1D4ED585000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1FA7F96B000
|
unkown
|
page read and write
|
|
|
|
7FF585C10000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1FA7F967000
|
unkown
|
page read and write
|
|
|
|
1B784149000
|
heap private
|
page read and write
|
|
|
|
7FF510E84000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB10000
|
unkown image
|
page readonly
|
|
|
|
BDCAEFE000
|
stack
|
page read and write
|
|
|
|
1FA7FC4C000
|
unkown
|
page read and write
|
|
|
|
7DF58FC70000
|
unkown image
|
page readonly
|
|
|
|
7FF543AEA000
|
unkown image
|
page readonly
|
|
|
|
7FF585E27000
|
unkown image
|
page readonly
|
|
|
|
21D52A30000
|
unkown image
|
page readonly
|
|
|
|
7FF543F28000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1B784560000
|
unkown image
|
page readonly
|
|
|
|
7DF5F2E70000
|
unkown image
|
page readonly
|
|
|
|
1D4ED5C8000
|
unkown
|
page read and write
|
|
|
|
7FF5E8B61000
|
unkown image
|
page readonly
|
|
|
|
7FF561E04000
|
unkown image
|
page readonly
|
|
|
|
7FF510E8B000
|
unkown image
|
page readonly
|
|
|
|
7FF585BE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8597000
|
unkown image
|
page readonly
|
|
|
|
1FA7FBB0000
|
unkown
|
page read and write
|
|
|
|
1FA7F470000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8547000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB60000
|
heap default
|
page read and write
|
|
|
|
7DF5E2332000
|
unkown image
|
page readonly
|
|
|
|
7FF585CC6000
|
unkown image
|
page readonly
|
|
|
|
1E8BA24B000
|
unkown
|
page read and write
|
|
|
|
21670666000
|
unkown
|
page read and write
|
|
|
|
7FF5E8FDA000
|
unkown image
|
page readonly
|
|
|
|
7FF544214000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
7DF5F2E70000
|
unkown image
|
page readonly
|
|
|
|
1E8BA802000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED583000
|
unkown
|
page read and write
|
|
|
|
1FA7F9A0000
|
unkown
|
page read and write
|
|
|
|
7FF5D83A8000
|
unkown image
|
page readonly
|
|
|
|
1D4ECD16000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF5D84D6000
|
unkown image
|
page readonly
|
|
|
|
7DF58FC72000
|
unkown image
|
page readonly
|
|
|
|
7FF562C06000
|
unkown image
|
page readonly
|
|
|
|
21670600000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED5A2000
|
unkown
|
page read and write
|
|
|
|
7FF5D84DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5D854D000
|
unkown image
|
page readonly
|
|
|
|
7DF51AC70000
|
unkown image
|
page readonly
|
|
|
|
7FF561E42000
|
unkown image
|
page readonly
|
|
|
|
1D4ED580000
|
unkown
|
page read and write
|
|
|
|
1FA7E300000
|
heap default
|
page read and write
|
|
|
|
1FA7F990000
|
unkown
|
page read and write
|
|
|
|
1FA7FD1A000
|
unkown
|
page read and write
|
|
|
|
1FA7FAB0000
|
unkown
|
page read and write
|
|
|
|
1D4ECD08000
|
unkown
|
page read and write
|
|
|
|
1FA7F860000
|
unkown
|
page read and write
|
|
|
|
21670800000
|
unkown image
|
page readonly
|
|
|
|
1B784051000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED5A7000
|
unkown
|
page read and write
|
|
|
|
7FF561D86000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCA9000
|
unkown
|
page read and write
|
|
|
|
1E8B9FC0000
|
unkown image
|
page read and write
|
|
|
|
7DF5F2E52000
|
unkown image
|
page readonly
|
|
|
|
7FF54418A000
|
unkown image
|
page readonly
|
|
|
|
1D4ED583000
|
unkown
|
page read and write
|
|
|
|
1D4ECCCE000
|
unkown
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
21D529F0000
|
unkown
|
page read and write
|
|
|
|
1D4ED59F000
|
unkown
|
page read and write
|
|
|
|
1FA7E43D000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF543A3D000
|
unkown image
|
page readonly
|
|
|
|
1D4ECBB0000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD2F000
|
unkown
|
page read and write
|
|
|
|
7DF48DB40000
|
unkown image
|
page readonly
|
|
|
|
27CD86C0000
|
heap default
|
page read and write
|
|
|
|
7FF5E9074000
|
unkown image
|
page readonly
|
|
|
|
7DF58FC82000
|
unkown image
|
page readonly
|
|
|
|
7FF543EE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5441BE000
|
unkown image
|
page readonly
|
|
|
|
765067F000
|
stack
|
page read and write
|
|
|
|
7FF585B50000
|
unkown image
|
page readonly
|
|
|
|
7650077000
|
stack
|
page read and write
|
|
|
|
765097F000
|
stack
|
page read and write
|
|
|
|
1B784B00000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ECCE0000
|
unkown
|
page read and write
|
|
|
|
7DF54E012000
|
unkown image
|
page readonly
|
|
|
|
1E8BA251000
|
unkown
|
page read and write
|
|
|
|
1FA7ED13000
|
unkown
|
page read and write
|
|
|
|
7FF5BD43B000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
7FF5D7CEE000
|
unkown image
|
page readonly
|
|
|
|
7FF585DF6000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7DF56CCE2000
|
unkown image
|
page readonly
|
|
|
|
7FF510E06000
|
unkown image
|
page readonly
|
|
|
|
7FF543F1A000
|
unkown image
|
page readonly
|
|
|
|
799C5DE000
|
stack
|
page read and write
|
|
|
|
BDCB0FA000
|
stack
|
page read and write
|
|
|
|
7FF5D7CF3000
|
unkown image
|
page readonly
|
|
|
|
28E087F000
|
stack
|
page read and write
|
|
|
|
7FF585E02000
|
unkown image
|
page readonly
|
|
|
|
216703D0000
|
unkown image
|
page readonly
|
|
|
|
7FF562EFD000
|
unkown image
|
page readonly
|
|
|
|
27CD8870000
|
unkown
|
page read and write
|
|
|
|
7FF5E8E87000
|
unkown image
|
page readonly
|
|
|
|
7DF56BC00000
|
unkown image
|
page readonly
|
|
|
|
7DF5E2350000
|
unkown image
|
page readonly
|
|
|
|
1E8BA288000
|
unkown
|
page read and write
|
|
|
|
1FA7F968000
|
unkown
|
page read and write
|
|
|
|
7FF561D72000
|
unkown image
|
page readonly
|
|
|
|
1B78402E000
|
heap default
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF585ED7000
|
unkown image
|
page readonly
|
|
|
|
7FF561C58000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
216703C0000
|
heap private
|
page read and write
|
|
|
|
1FA7EC15000
|
unkown
|
page read and write
|
|
|
|
21670702000
|
unkown
|
page read and write
|
|
|
|
7FF5440E5000
|
unkown image
|
page readonly
|
|
|
|
27CD8800000
|
unkown
|
page read and write
|
|
|
|
1D4ED5A7000
|
unkown
|
page read and write
|
|
|
|
1FA7FC3F000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
D02D0F7000
|
stack
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
21670602000
|
unkown
|
page read and write
|
|
|
|
1FA7ED9A000
|
unkown
|
page read and write
|
|
|
|
1FA7FCF8000
|
unkown
|
page read and write
|
|
|
|
27CD9002000
|
unkown
|
page read and write
|
|
|
|
1FA7E4B7000
|
unkown
|
page read and write
|
|
|
|
7DF54E002000
|
unkown image
|
page readonly
|
|
|
|
27CD8859000
|
unkown
|
page read and write
|
|
|
|
7DF46ABB0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB30000
|
unkown image
|
page readonly
|
|
|
|
7DF5E2332000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC00000
|
unkown
|
page read and write
|
|
|
|
7DF5E2330000
|
unkown image
|
page readonly
|
|
|
|
7FF54423A000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF5E8B67000
|
unkown image
|
page readonly
|
|
|
|
1FA7F990000
|
unkown
|
page read and write
|
|
|
|
7FF543CDA000
|
unkown image
|
page readonly
|
|
|
|
21D528C0000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57E000
|
unkown
|
page read and write
|
|
|
|
7FF561D97000
|
unkown image
|
page readonly
|
|
|
|
7FF585769000
|
unkown image
|
page readonly
|
|
|
|
7DF4E0200000
|
unkown image
|
page readonly
|
|
|
|
1FA7FAC0000
|
unkown
|
page read and write
|
|
|
|
7FF544144000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA0A000
|
unkown
|
page read and write
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
7DF5F2E52000
|
unkown image
|
page readonly
|
|
|
|
1D4ED588000
|
unkown
|
page read and write
|
|
|
|
1FA7EC02000
|
unkown
|
page read and write
|
|
|
|
1FA7FAC0000
|
unkown
|
page read and write
|
|
|
|
1D4ED330000
|
unkown image
|
page write copy
|
|
|
|
7FF561E07000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8597000
|
unkown image
|
page readonly
|
|
|
|
1D4ED587000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ED0D0000
|
unkown image
|
page readonly
|
|
|
|
1FA7E4F9000
|
unkown
|
page read and write
|
|
|
|
1FA040C0000
|
unkown
|
page read and write
|
|
|
|
76501FA000
|
stack
|
page read and write
|
|
|
|
7FF54416F000
|
unkown image
|
page readonly
|
|
|
|
21D52A79000
|
heap default
|
page read and write
|
|
|
|
1D4ED590000
|
unkown
|
page read and write
|
|
|
|
1D4ED5D7000
|
unkown
|
page read and write
|
|
|
|
7FF562F36000
|
unkown image
|
page readonly
|
|
|
|
7FF5D7CE8000
|
unkown image
|
page readonly
|
|
|
|
7FF561CC5000
|
unkown image
|
page readonly
|
|
|
|
BDCB478000
|
stack
|
page read and write
|
|
|
|
1B784150000
|
unkown
|
page read and write
|
|
|
|
1FA7F960000
|
unkown
|
page read and write
|
|
|
|
7FF5102ED000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA1B000
|
unkown
|
page read and write
|
|
|
|
BDCB578000
|
stack
|
page read and write
|
|
|
|
BDCB378000
|
stack
|
page read and write
|
|
|
|
7DF51AC60000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
1D4EDA27000
|
unkown
|
page read and write
|
|
|
|
21D52A20000
|
unkown image
|
page readonly
|
|
|
|
7FF543F35000
|
unkown image
|
page readonly
|
|
|
|
7FF544217000
|
unkown image
|
page readonly
|
|
|
|
1D4ED587000
|
unkown
|
page read and write
|
|
|
|
1FA7E600000
|
unkown image
|
page readonly
|
|
|
|
1D4ED596000
|
unkown
|
page read and write
|
|
|
|
7FF5E8EF8000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7DF51AC72000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8586000
|
unkown image
|
page readonly
|
|
|
|
7FF510E17000
|
unkown image
|
page readonly
|
|
|
|
1E8BA226000
|
unkown
|
page read and write
|
|
|
|
27CD884B000
|
unkown
|
page read and write
|
|
|
|
1D4ED390000
|
unkown image
|
page read and write
|
|
|
|
216703F0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECAF0000
|
unkown image
|
page read and write
|
|
|
|
1FA7EDDB000
|
unkown
|
page read and write
|
|
|
|
1D4EDA72000
|
unkown
|
page read and write
|
|
|
|
7FF585E81000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8E4A000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD02000
|
unkown
|
page read and write
|
|
|
|
7FF585C1B000
|
unkown image
|
page readonly
|
|
|
|
BDCB1FF000
|
stack
|
page read and write
|
|
|
|
1FA7FD18000
|
unkown
|
page read and write
|
|
|
|
7FF510EC2000
|
unkown image
|
page readonly
|
|
|
|
1D4ED518000
|
unkown
|
page read and write
|
|
|
|
7DF56BBE0000
|
unkown image
|
page readonly
|
|
|
|
1E8BA110000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC49000
|
unkown
|
page read and write
|
|
|
|
21670713000
|
unkown
|
page read and write
|
|
|
|
21D52C00000
|
heap private
|
page read and write
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7DF54E010000
|
unkown image
|
page readonly
|
|
|
|
27CD8813000
|
unkown
|
page read and write
|
|
|
|
27CD8908000
|
unkown
|
page read and write
|
|
|
|
1FA7EBD1000
|
unkown
|
page read and write
|
|
|
|
1FA7FD13000
|
unkown
|
page read and write
|
|
|
|
7FF544267000
|
unkown image
|
page readonly
|
|
|
|
286637A000
|
stack
|
page read and write
|
|
|
|
1D4ED380000
|
unkown
|
page read and write
|
|
|
|
1FA7FD18000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1FA7EBF0000
|
unkown
|
page read and write
|
|
|
|
27CD8855000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF585C0E000
|
unkown image
|
page readonly
|
|
|
|
7FF562F33000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58E000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF585C6A000
|
unkown image
|
page readonly
|
|
|
|
1FA7FCCC000
|
unkown
|
page read and write
|
|
|
|
7FF562F0B000
|
unkown image
|
page readonly
|
|
|
|
764FEFD000
|
stack
|
page read and write
|
|
|
|
7FF585C83000
|
unkown image
|
page readonly
|
|
|
|
7FF561E33000
|
unkown image
|
page readonly
|
|
|
|
7FF543DFA000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC57000
|
unkown
|
page read and write
|
|
|
|
1E8BA600000
|
unkown image
|
page readonly
|
|
|
|
1FA7FC55000
|
unkown
|
page read and write
|
|
|
|
7FF510CD8000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC4B000
|
unkown
|
page read and write
|
|
|
|
7FF561C07000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7DF56BBE2000
|
unkown image
|
page readonly
|
|
|
|
54280FB000
|
stack
|
page read and write
|
|
|
|
1FA7F9A4000
|
unkown
|
page read and write
|
|
|
|
28E07FE000
|
stack
|
page read and write
|
|
|
|
1D4ECC4F000
|
unkown
|
page read and write
|
|
|
|
1E8B9FD0000
|
heap private
|
page read and write
|
|
|
|
7FF510E77000
|
unkown image
|
page readonly
|
|
|
|
7DF56BC00000
|
unkown image
|
page readonly
|
|
|
|
27CD87A0000
|
unkown image
|
page readonly
|
|
|
|
1D4ED562000
|
unkown
|
page read and write
|
|
|
|
7FF54400D000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
D02CFFB000
|
stack
|
page read and write
|
|
|
|
21D52E10000
|
unkown image
|
page readonly
|
|
|
|
7DF5F2E62000
|
unkown image
|
page readonly
|
|
|
|
7FF54421D000
|
unkown image
|
page readonly
|
|
|
|
21670A00000
|
unkown image
|
page readonly
|
|
|
|
1FA7E513000
|
unkown
|
page read and write
|
|
|
|
7FF5E8FE2000
|
unkown image
|
page readonly
|
|
|
|
7FF585EC6000
|
unkown image
|
page readonly
|
|
|
|
7FF561D99000
|
unkown image
|
page readonly
|
|
|
|
1FA7F4A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E906D000
|
unkown image
|
page readonly
|
|
|
|
28664F9000
|
stack
|
page read and write
|
|
|
|
1D4ED526000
|
unkown
|
page read and write
|
|
|
|
D02CBCF000
|
stack
|
page read and write
|
|
|
|
1D4ECC59000
|
unkown
|
page read and write
|
|
|
|
27CD8670000
|
unkown image
|
page readonly
|
|
|
|
7FF5618F1000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED5BC000
|
unkown
|
page read and write
|
|
|
|
7FF585E1D000
|
unkown image
|
page readonly
|
|
|
|
7DF56CD00000
|
unkown image
|
page readonly
|
|
|
|
27CD8900000
|
unkown
|
page read and write
|
|
|
|
7FF562E99000
|
unkown image
|
page readonly
|
|
|
|
1FA7FC00000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF585CE0000
|
unkown image
|
page readonly
|
|
|
|
542827E000
|
stack
|
page read and write
|
|
|
|
7DF58FC82000
|
unkown image
|
page readonly
|
|
|
|
1D4ED56F000
|
unkown
|
page read and write
|
|
|
|
7FF544137000
|
unkown image
|
page readonly
|
|
|
|
21D528A0000
|
unkown image
|
page read and write
|
|
|
|
7FF5441AD000
|
unkown image
|
page readonly
|
|
|
|
7FF543A71000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8FAF000
|
unkown image
|
page readonly
|
|
|
|
1FA00000000
|
unkown
|
page read and write
|
|
|
|
1D4ED55E000
|
unkown
|
page read and write
|
|
|
|
1E8BA010000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58E000
|
unkown
|
page read and write
|
|
|
|
D02D1FF000
|
stack
|
page read and write
|
|
|
|
7FF561AB1000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA02000
|
unkown
|
page read and write
|
|
|
|
21D52AA0000
|
unkown
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
7FF585DE3000
|
unkown image
|
page readonly
|
|
|
|
1D4ED596000
|
unkown
|
page read and write
|
|
|
|
27CD8670000
|
unkown image
|
page readonly
|
|
|
|
BDCAFF7000
|
stack
|
page read and write
|
|
|
|
7DF51AC60000
|
unkown image
|
page readonly
|
|
|
|
1B7846F0000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA03000
|
unkown
|
page read and write
|
|
|
|
7DF56CCE0000
|
unkown image
|
page readonly
|
|
|
|
76505FF000
|
stack
|
page read and write
|
|
|
|
D02CACC000
|
unkown
|
page read and write
|
|
|
|
7FF5E8FD6000
|
unkown image
|
page readonly
|
|
|
|
7FF58594B000
|
unkown image
|
page readonly
|
|
|
|
765057F000
|
stack
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF5441B9000
|
unkown image
|
page readonly
|
|
|
|
1FA7E49A000
|
unkown
|
page read and write
|
|
|
|
21670700000
|
unkown
|
page read and write
|
|
|
|
7FF5D83D8000
|
unkown image
|
page readonly
|
|
|
|
1D4ED584000
|
unkown
|
page read and write
|
|
|
|
7FF510E74000
|
unkown image
|
page readonly
|
|
|
|
1D4ED585000
|
unkown
|
page read and write
|
|
|
|
7FF561DF7000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD13000
|
unkown
|
page read and write
|
|
|
|
27CD8690000
|
unkown image
|
page readonly
|
|
|
|
7FF585E87000
|
unkown image
|
page readonly
|
|
|
|
1E8BA213000
|
unkown
|
page read and write
|
|
|
|
7FF544149000
|
unkown image
|
page readonly
|
|
|
|
7DF56BBF2000
|
unkown image
|
page readonly
|
|
|
|
1D4ECED0000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB70000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD2D000
|
unkown
|
page read and write
|
|
|
|
7FF510DDD000
|
unkown image
|
page readonly
|
|
|
|
7FF5629BB000
|
unkown image
|
page readonly
|
|
|
|
7FF543AE8000
|
unkown image
|
page readonly
|
|
|
|
1FA7FC1F000
|
unkown
|
page read and write
|
|
|
|
27CD8D80000
|
unkown image
|
page readonly
|
|
|
|
7FF544224000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1FA7FC9E000
|
unkown
|
page read and write
|
|
|
|
7FF585A6A000
|
unkown image
|
page readonly
|
|
|
|
7FF543E25000
|
unkown image
|
page readonly
|
|
|
|
7FF543F13000
|
unkown image
|
page readonly
|
|
|
|
7FF585DD1000
|
unkown image
|
page readonly
|
|
|
|
1B784008000
|
heap default
|
page read and write
|
|
|
|
1FA7E42A000
|
unkown
|
page read and write
|
|
|
|
1B784145000
|
heap private
|
page read and write
|
|
|
|
1D4ED58E000
|
unkown
|
page read and write
|
|
|
|
1B784051000
|
unkown
|
page read and write
|
|
|
|
7FF5D7CDE000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8E77000
|
unkown image
|
page readonly
|
|
|
|
1FA7F290000
|
unkown image
|
page read and write
|
|
|
|
7FF561D5D000
|
unkown image
|
page readonly
|
|
|
|
2167063C000
|
unkown
|
page read and write
|
|
|
|
7FF544037000
|
unkown image
|
page readonly
|
|
|
|
7FF510D08000
|
unkown image
|
page readonly
|
|
|
|
7FF585E29000
|
unkown image
|
page readonly
|
|
|
|
1B7846E0000
|
unkown image
|
page readonly
|
|
|
|
1FA7F980000
|
unkown
|
page read and write
|
|
|
|
1D4ED5AF000
|
unkown
|
page read and write
|
|
|
|
2167062A000
|
unkown
|
page read and write
|
|
|
|
7FF5E8EA6000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57B000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7DF54E020000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA0A000
|
unkown
|
page read and write
|
|
|
|
1FA040D0000
|
unkown
|
page read and write
|
|
|
|
1B783FF0000
|
unkown image
|
page readonly
|
|
|
|
D02CB4F000
|
stack
|
page read and write
|
|
|
|
1FA7FD2B000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF5618BA000
|
unkown image
|
page readonly
|
|
|
|
1FA7E2D0000
|
unkown image
|
page readonly
|
|
|
|
1B784B70000
|
unkown
|
page read and write
|
|
|
|
7FF543FAB000
|
unkown image
|
page readonly
|
|
|
|
1B783E70000
|
unkown image
|
page read and write
|
|
|
|
1FA7F800000
|
unkown
|
page read and write
|
|
|
|
1D4ED554000
|
unkown
|
page read and write
|
|
|
|
7DF44BED0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E2330000
|
unkown image
|
page readonly
|
|
|
|
1B784000000
|
heap default
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
7FF561C17000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7FF562E8D000
|
unkown image
|
page readonly
|
|
|
|
1FA7FAD0000
|
unkown
|
page read and write
|
|
|
|
7FF5E8FB1000
|
unkown image
|
page readonly
|
|
|
|
1D4ED56B000
|
unkown
|
page read and write
|
|
|
|
7FF585981000
|
unkown image
|
page readonly
|
|
|
|
BDCA97B000
|
unkown
|
page read and write
|
|
|
|
7FF561C88000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8EC8000
|
unkown image
|
page readonly
|
|
|
|
1D4ED5A2000
|
unkown
|
page read and write
|
|
|
|
5428377000
|
stack
|
page read and write
|
|
|
|
1D4ED588000
|
unkown
|
page read and write
|
|
|
|
7FF5D84B6000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCF8000
|
unkown
|
page read and write
|
|
|
|
7FF544013000
|
unkown image
|
page readonly
|
|
|
|
7FF544023000
|
unkown image
|
page readonly
|
|
|
|
7FF544140000
|
unkown image
|
page readonly
|
|
|
|
7DF51AC72000
|
unkown image
|
page readonly
|
|
|
|
1B784049000
|
unkown
|
page read and write
|
|
|
|
7FF5D7CEC000
|
unkown image
|
page readonly
|
|
|
|
7FF561E0B000
|
unkown image
|
page readonly
|
|
|
|
1D4ED54E000
|
unkown
|
page read and write
|
|
|
|
7650BFD000
|
stack
|
page read and write
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
1B783FD0000
|
unkown
|
page read and write
|
|
|
|
1FA7ED9A000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF561C55000
|
unkown image
|
page readonly
|
|
|
|
1E8BA200000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
21D52C10000
|
unkown image
|
page readonly
|
|
|
|
7650D7E000
|
stack
|
page read and write
|
|
|
|
216703D0000
|
unkown image
|
page readonly
|
|
|
|
1FA7EB70000
|
unkown image
|
page read and write
|
|
|
|
7FF5E8EC5000
|
unkown image
|
page readonly
|
|
|
|
7DF51AC80000
|
unkown image
|
page readonly
|
|
|
|
1FA04080000
|
unkown
|
page read and write
|
|
|
|
7FF585E16000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC56000
|
unkown
|
page read and write
|
|
|
|
21D528C0000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED99000
|
unkown
|
page read and write
|
|
|
|
7FF5D8557000
|
unkown image
|
page readonly
|
|
|
|
1FA7F960000
|
unkown
|
page read and write
|
|
|
|
1D4ED577000
|
unkown
|
page read and write
|
|
|
|
7DF58FC80000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8FC3000
|
unkown image
|
page readonly
|
|
|
|
7FF543F77000
|
unkown image
|
page readonly
|
|
|
|
7FF510DD3000
|
unkown image
|
page readonly
|
|
|
|
7FF561DF4000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58E000
|
unkown
|
page read and write
|
|
|
|
7FF561D66000
|
unkown image
|
page readonly
|
|
|
|
1FA7E456000
|
unkown
|
page read and write
|
|
|
|
286647E000
|
stack
|
page read and write
|
|
|
|
1FA7FC8A000
|
unkown
|
page read and write
|
|
|
|
1D4ED5A7000
|
unkown
|
page read and write
|
|
|
|
7DF56CCF2000
|
unkown image
|
page readonly
|
|
|
|
7FF510DCF000
|
unkown image
|
page readonly
|
|
|
|
1B783EB0000
|
unkown image
|
page readonly
|
|
|
|
1FA7FA80000
|
unkown
|
page read and write
|
|
|
|
21670660000
|
unkown
|
page read and write
|
|
|
|
21670613000
|
unkown
|
page read and write
|
|
|
|
21D52C05000
|
heap private
|
page read and write
|
|
|
|
7DF5F2E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5440A8000
|
unkown image
|
page readonly
|
|
|
|
799C55C000
|
unkown
|
page read and write
|
|
|
|
7FF561C36000
|
unkown image
|
page readonly
|
|
|
|
1D4ED380000
|
unkown
|
page read and write
|
|
|
|
1D4ED5B3000
|
unkown
|
page read and write
|
|
|
|
7FF585C7F000
|
unkown image
|
page readonly
|
|
|
|
1FA7FCD4000
|
unkown
|
page read and write
|
|
|
|
1FA7E2B0000
|
unkown image
|
page readonly
|
|
|
|
7FF543F52000
|
unkown image
|
page readonly
|
|
|
|
7FF5852F7000
|
unkown image
|
page readonly
|
|
|
|
7FF561E47000
|
unkown image
|
page readonly
|
|
|
|
7FF510DC1000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED500000
|
unkown
|
page read and write
|
|
|
|
7FF562F07000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57F000
|
unkown
|
page read and write
|
|
|
|
7FF5E907B000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF510977000
|
unkown image
|
page readonly
|
|
|
|
1D4ED59F000
|
unkown
|
page read and write
|
|
|
|
1FA7E2E0000
|
unkown image
|
page readonly
|
|
|
|
7FF561C50000
|
unkown image
|
page readonly
|
|
|
|
7DF56BBF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8583000
|
unkown image
|
page readonly
|
|
|
|
7DF56BBF2000
|
unkown image
|
page readonly
|
|
|
|
7FF562EF4000
|
unkown image
|
page readonly
|
|
|
|
1FA7E476000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
7FF510B31000
|
unkown image
|
page readonly
|
|
|
|
21670C02000
|
unkown
|
page read and write
|
|
|
|
1FA7EC00000
|
unkown
|
page read and write
|
|
|
|
1D4ED58A000
|
unkown
|
page read and write
|
|
|
|
7FF561D53000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7FF5618F7000
|
unkown image
|
page readonly
|
|
|
|
7FF5852FD000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED00000
|
unkown
|
page read and write
|
|
|
|
1D4ED59B000
|
unkown
|
page read and write
|
|
|
|
1D4ECCCA000
|
unkown
|
page read and write
|
|
|
|
7FF5BD43B000
|
unkown image
|
page readonly
|
|
|
|
799CBF7000
|
stack
|
page read and write
|
|
|
|
7FF510E9A000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8B2A000
|
unkown image
|
page readonly
|
|
|
|
7FF543F0D000
|
unkown image
|
page readonly
|
|
|
|
21D52A85000
|
heap default
|
page read and write
|
|
|
|
1D4ECC8A000
|
unkown
|
page read and write
|
|
|
|
1FA7E990000
|
unkown image
|
page readonly
|
|
|
|
7FF5E90B2000
|
unkown image
|
page readonly
|
|
|
|
7DF54E002000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1E8BA000000
|
unkown image
|
page readonly
|
|
|
|
21D52A85000
|
unkown
|
page read and write
|
|
|
|
76509FF000
|
stack
|
page read and write
|
|
|
|
7FF585C97000
|
unkown image
|
page readonly
|
|
|
|
1E8BA790000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED585000
|
unkown
|
page read and write
|
|
|
|
7FF585E8D000
|
unkown image
|
page readonly
|
|
|
|
7FF510C97000
|
unkown image
|
page readonly
|
|
|
|
799CAFF000
|
stack
|
page read and write
|
|
|
|
7FF5D7E11000
|
unkown image
|
page readonly
|
|
|
|
7650AFA000
|
stack
|
page read and write
|
|
|
|
1FA7F961000
|
unkown
|
page read and write
|
|
|
|
27CD884F000
|
unkown
|
page read and write
|
|
|
|
7FF544128000
|
unkown image
|
page readonly
|
|
|
|
7FF5E9067000
|
unkown image
|
page readonly
|
|
|
|
BDCA9FD000
|
stack
|
page read and write
|
|
|
|
1FA7E400000
|
unkown
|
page read and write
|
|
|
|
7FF585C34000
|
unkown image
|
page readonly
|
|
|
|
7FF543DE9000
|
unkown image
|
page readonly
|
|
|
|
1B784051000
|
unkown
|
page read and write
|
|
|
|
7FF5E8FF6000
|
unkown image
|
page readonly
|
|
|
|
1E8BA24A000
|
unkown
|
page read and write
|
|
|
|
7FF585953000
|
unkown image
|
page readonly
|
|
|
|
28E067E000
|
stack
|
page read and write
|
|
|
|
2865FCB000
|
unkown
|
page read and write
|
|
|
|
1FA7FD19000
|
unkown
|
page read and write
|
|
|
|
21670400000
|
unkown image
|
page readonly
|
|
|
|
7FF543FC4000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB00000
|
heap private
|
page read and write
|
|
|
|
1D4ECC4C000
|
unkown
|
page read and write
|
|
|
|
1D4ED59F000
|
unkown
|
page read and write
|
|
|
|
7FF5E8F35000
|
unkown image
|
page readonly
|
|
|
|
7FF585ED7000
|
unkown image
|
page readonly
|
|
|
|
7DF54E020000
|
unkown image
|
page readonly
|
|
|
|
7FF561BDA000
|
unkown image
|
page readonly
|
|
|
|
7FF5D831C000
|
unkown image
|
page readonly
|
|
|
|
1D4ED584000
|
unkown
|
page read and write
|
|
|
|
1E8BA780000
|
unkown image
|
page readonly
|
|
|
|
7FF543A12000
|
unkown image
|
page readonly
|
|
|
|
7FF561E36000
|
unkown image
|
page readonly
|
|
|
|
1FA7F260000
|
unkown
|
page read and write
|
|
|
|
1FA7E290000
|
unkown image
|
page read and write
|
|
|
|
1E8BA308000
|
unkown
|
page read and write
|
|
|
|
7FF585A32000
|
unkown image
|
page readonly
|
|
|
|
21670651000
|
unkown
|
page read and write
|
|
|
|
7DF5F2E62000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC13000
|
unkown
|
page read and write
|
|
|
|
7DF5F2E60000
|
unkown image
|
page readonly
|
|
|
|
7FF585D85000
|
unkown image
|
page readonly
|
|
|
|
1FA7FA30000
|
unkown
|
page read and write
|
|
|
|
7FF585DFA000
|
unkown image
|
page readonly
|
|
|
|
1FA7FD13000
|
unkown
|
page read and write
|
|
|
|
7FF510DF2000
|
unkown image
|
page readonly
|
|
|
|
216705F0000
|
unkown
|
page read and write
|
|
|
|
7DF58FC90000
|
unkown image
|
page readonly
|
|
|
|
7FF543F3F000
|
unkown image
|
page readonly
|
|
|
|
21670708000
|
unkown
|
page read and write
|
|
|
|
28E039E000
|
stack
|
page read and write
|
|
|
|
7FF561D41000
|
unkown image
|
page readonly
|
|
|
|
7FF510DEA000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8FCD000
|
unkown image
|
page readonly
|
|
|
|
7DF58FC72000
|
unkown image
|
page readonly
|
|
|
|
1D4ED581000
|
unkown
|
page read and write
|
|
|
|
7FF543FFA000
|
unkown image
|
page readonly
|
|
|
|
7FF510DE6000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCE2000
|
unkown
|
page read and write
|
|
|
|
7DF418B30000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1FA7F450000
|
unkown image
|
page readonly
|
|
|
|
1D4ECC53000
|
unkown
|
page read and write
|
|
|
|
21670500000
|
unkown image
|
page readonly
|
|
|
|
1FA7F370000
|
unkown
|
page read and write
|
|
|
|
1FA7F9A0000
|
unkown
|
page read and write
|
|
|
|
7DF58FC70000
|
unkown image
|
page readonly
|
|
|
|
7DF51AC70000
|
unkown image
|
page readonly
|
|
|
|
7FF5E8FFD000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCB3000
|
unkown
|
page read and write
|
|
|
|
7FF544115000
|
unkown image
|
page readonly
|
|
|
|
5427CDC000
|
unkown
|
page read and write
|
|
|
|
1B784DD0000
|
unkown
|
page readonly
|
|
|
|
1D4ED58C000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1FA05010000
|
unkown
|
page read and write
|
|
|
|
21D52A8C000
|
unkown
|
page read and write
|
|
|
|
7FF544256000
|
unkown image
|
page readonly
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ED576000
|
unkown
|
page read and write
|
|
|
|
21D52A66000
|
heap default
|
page read and write
|
|
|
|
76506FF000
|
stack
|
page read and write
|
|
|
|
1FA7FAA0000
|
unkown
|
page read and write
|
|
|
|
7FF561E1A000
|
unkown image
|
page readonly
|
|
|
|
7FF543A40000
|
unkown image
|
page readonly
|
|
|
|
1B784DE0000
|
unkown
|
page read and write
|
|
|
|
1FA04020000
|
unkown
|
page read and write
|
|
|
|
1B783FB0000
|
unkown
|
page read and write
|
|
|
|
1FA7EE80000
|
unkown
|
page read and write
|
|
|
|
1FA7FD2B000
|
unkown
|
page read and write
|
|
|
|
7FF54400F000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
7FF585ED2000
|
unkown image
|
page readonly
|
|
|
|
1FA7E502000
|
unkown
|
page read and write
|
|
|
|
7DF56CD00000
|
unkown image
|
page readonly
|
|
|
|
D02D2FC000
|
stack
|
page read and write
|
|
|
|
7FF543F6A000
|
unkown image
|
page readonly
|
|
|
|
1FA7FC2D000
|
unkown
|
page read and write
|
|
|
|
7FF562F47000
|
unkown image
|
page readonly
|
|
|
|
27CD883C000
|
unkown
|
page read and write
|
|
|
|
1D4ED595000
|
unkown
|
page read and write
|
|
|
|
1FA7FD0D000
|
unkown
|
page read and write
|
|
|
|
1D4ED592000
|
unkown
|
page read and write
|
|
|
|
1D4ECC50000
|
unkown
|
page read and write
|
|
|
|
7FF544253000
|
unkown image
|
page readonly
|
|
|
|
1E8BA24F000
|
unkown
|
page read and write
|
|
|
|
7FF544173000
|
unkown image
|
page readonly
|
|
|
|
7FF561D8D000
|
unkown image
|
page readonly
|
|
|
|
1FA7ED18000
|
unkown
|
page read and write
|
|
|
|
1FA7F100000
|
unkown
|
page read and write
|
|
|
|
7FF544227000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA0B000
|
unkown
|
page read and write
|
|
|
|
27CD87C0000
|
unkown
|
page read and write
|
|
|
|
7DF51AC80000
|
unkown image
|
page readonly
|
|
|
|
7FF585CA7000
|
unkown image
|
page readonly
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
7FF510E87000
|
unkown image
|
page readonly
|
|
|
|
1D4ECB90000
|
unkown
|
page read and write
|
|
|
|
5427D5E000
|
stack
|
page read and write
|
|
|
|
27CD8889000
|
unkown
|
page read and write
|
|
|
|
1D4EDA0A000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1FA7E473000
|
unkown
|
page read and write
|
|
|
|
1FA7F490000
|
unkown image
|
page readonly
|
|
|
|
1FA7FA90000
|
unkown
|
page read and write
|
|
|
|
7FF561267000
|
unkown image
|
page readonly
|
|
|
|
54281FB000
|
stack
|
page read and write
|
|
|
|
7FF543FA0000
|
unkown image
|
page readonly
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
1D4ED57D000
|
unkown
|
page read and write
|
|
|
|
1FA7ED59000
|
unkown
|
page read and write
|
|
|
|
7FF510C5A000
|
unkown image
|
page readonly
|
|
|
|
7DF54E000000
|
unkown image
|
page readonly
|
|
|
|
1E8BA23C000
|
unkown
|
page read and write
|
|
|
|
1FA7FAB0000
|
unkown
|
page read and write
|
|
|
|
7FF585765000
|
unkown image
|
page readonly
|
|
|
|
1D4ECCA9000
|
unkown
|
page read and write
|
|
|
|
1D4ED5AB000
|
unkown
|
page read and write
|
|
|
|
7FF562C02000
|
unkown image
|
page readonly
|
|
|
|
28E031A000
|
unkown
|
page read and write
|
|
|
|
D02D3FF000
|
stack
|
page read and write
|
|
|
|
1D4ECC54000
|
unkown
|
page read and write
|
|
|
|
1D4ED575000
|
unkown
|
page read and write
|
|
|
|
1D4ED59A000
|
unkown
|
page read and write
|
|
|
|
764FE7B000
|
unkown
|
page read and write
|
|
|
|
76502F9000
|
stack
|
page read and write
|
|
|
|
7FF5440D1000
|
unkown image
|
page readonly
|
|
|
|
542847F000
|
stack
|
page read and write
|
|
|
|
7DF56CCF2000
|
unkown image
|
page readonly
|
|
|
|
BDCAD7B000
|
stack
|
page read and write
|
|
|
|
1B784E40000
|
unkown
|
page read and write
|
|
|
|
1D4ED58F000
|
unkown
|
page read and write
|
|
|
|
7FF5E908A000
|
unkown image
|
page readonly
|
|
|
|
1D4EDA0A000
|
unkown
|
page read and write
|
|
|
|
7DF54E010000
|
unkown image
|
page readonly
|
|
There are 979 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Proof%20oF%20Payment.htm
|
|