IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\26f7a07d-0805-42fc-814c-86d672de98cf.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3066d0c8-6527-420a-a584-d07826342048.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\81097d94-d3a1-43e4-9d26-fb923c27c88e.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\101de224-7cec-4e09-91aa-82b7fa4c62fd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27b0daf7-e212-4c11-941b-295bead5e828.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32da1e8c-26cb-4f56-b01f-14a04afea637.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ce7b67d-a8e0-435e-93b7-62389bc1b1bd.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5d0db571-0e80-4d80-b11a-c78140e7b9d8.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8bd912d0-fa7c-4c12-83f7-ee4920abc9ec.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8d66881e-41ca-41ad-8aaf-079c3f1d6349.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldgo (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsta (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent Statep (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesca (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesh\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\429f4b3a-b327-463c-8b0c-1543bdff1e81.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.oldat (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldes (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.oldl (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\da49156a-3ef8-4a75-83e5-5c5ffa1b5656.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old0 (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b437e35e-b0b5-4d10-ad15-c1a184178e00.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b85352c2-b7fb-4b96-9352-c3efbee1d9dc.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ef040679-f6cf-42aa-aff5-58333009053d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f80f124d-357b-4eff-9dfc-5ed727ff22bb.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cached (copy)
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\a1b48fb2-9606-48cf-ad49-5158364b5998.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\aa2448ea-6295-4aaf-9a05-965dc62564d6.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b4db60fa-72fb-4794-98d4-54e6ade7bd25.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_1779406145\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_1779406145\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_1779406145\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_1779406145\ssl_error_assistant.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_655119810\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_655119810\download_file_types.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_655119810\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6732_655119810\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\89282f2e-d4d4-4aca-a4ec-34b76f851db4.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\a6bfb494-301a-4cb7-8fc6-5f226089799c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1221724440\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6732_1783235084\a6bfb494-301a-4cb7-8fc6-5f226089799c.tmp
Google Chrome extension, version 3
dropped
 clean
There are 226 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html#ap@pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc'
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,8165339839797734844,7588681421374645251,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
clean

URLs

Name
IP
Malicious
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html#ap@pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc
malicious
http://crl.pki.goog/gsr1/gsr1.crl0;
unknown
 clean
https://apis.google.com/js/client.js
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://play.google.com
unknown
 clean
https://s3.us-east-2.amazonaws.com/favicon.icoChIKBw2DqFs9GgAKBw0qRtaDGgA=
unknown
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://chadland.com/clearbit.php?d=pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc
170.239.85.225
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
216.58.212.161
 clean
http://pki.goog/repo/certs/gtsr1.der04
unknown
 clean
https://www.google.com
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
https://chadland.com/call.php?u=ap@pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc
170.239.85.225
 clean
http://angularjs.org
unknown
 clean
https://chadland.com/call.php?u=ap
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html#ap@pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc
clean
https://apis.google.com
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.htmlHq?
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://clients2.google.com
unknown
 clean
https://www.google.com/tools/feedback
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://s3.us-east-2.amazonaws.com/favicon.ico
52.219.106.209
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
216.58.212.141
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://chadland.com/clearbit.php?d=pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgj
unknown
 clean
https://hangouts.google.com/
unknown
 clean
http://crl.pki.goog/gtsr1/gtsr1.crl0W
unknown
 clean
http://pki.goog/gsr1/gsr1.crt02
unknown
 clean
https://pki.goog/repository/0
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.74.206
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=R%2FakBrE2vHhHyeO0ZdveFfWx63k%2F4o3xIYmU6%2FATvbc1kDXUUlIqx
unknown
 clean
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html#ap
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.16.19.94
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://docs.google.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
https://clients6.google.com
unknown
 clean
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html
52.219.106.209
 clean
http://pki.goog/repo/certs/gts1c3.der0
unknown
 clean
There are 58 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
s3.us-east-2.amazonaws.com
52.219.106.209
 clean
accounts.google.com
216.58.212.141
 clean
chadland.com
170.239.85.225
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
clients.l.google.com
142.250.74.206
 clean
googlehosted.l.googleusercontent.com
216.58.212.161
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
142.250.74.206
clients.l.google.com
United States
clean
192.168.2.5
unknown
unknown
clean
170.239.85.225
chadland.com
Chile
clean
239.255.255.250
unknown
Reserved
clean
216.58.212.161
googlehosted.l.googleusercontent.com
United States
clean
216.58.212.141
accounts.google.com
United States
clean
52.219.106.209
s3.us-east-2.amazonaws.com
United States
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
127.0.0.1
unknown
unknown
clean

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1B9AAB9D000
unkown
page read and write
 clean
1E1BC610000
unkown
page read and write
 clean
7FF549ADC000
unkown image
page readonly
 clean
1E1BC4E0000
unkown
page read and write
 clean
100B7E000
stack
page read and write
 clean
7FF581898000
unkown image
page readonly
 clean
1E1B7800000
unkown
page read and write
 clean
DDC25FF000
stack
page read and write
 clean
7FF5736AC000
unkown image
page readonly
 clean
7ABE077000
stack
page read and write
 clean
29F8F7D0000
unkown image
page readonly
 clean
1B9AABAF000
unkown
page read and write
 clean
7DF588832000
unkown image
page readonly
 clean
7FF58209F000
unkown image
page readonly
 clean
238A7F90000
unkown image
page read and write
 clean
235149B0000
unkown image
page readonly
 clean
1B9AA24D000
unkown
page read and write
 clean
2379AE29000
unkown
page read and write
 clean
2379AE8E000
unkown
page read and write
 clean
1B9AB003000
unkown
page read and write
 clean
1B9AAB96000
unkown
page read and write
 clean
1E1B7F00000
unkown
page read and write
 clean
23514D30000
unkown image
page readonly
 clean
7FF57E28C000
unkown image
page readonly
 clean
7DF495100000
unkown image
page readonly
 clean
7FF5736BA000
unkown image
page readonly
 clean
7FF57E21E000
unkown image
page readonly
 clean
1E1B6FE0000
unkown
page read and write
 clean
7FF549B23000
unkown image
page readonly
 clean
7FF581DAA000
unkown image
page readonly
 clean
1E1BC4B0000
unkown
page read and write
 clean
7FF581DA7000
unkown image
page readonly
 clean
7FF573736000
unkown image
page readonly
 clean
7ABDE7C000
stack
page read and write
 clean
7FF552977000
unkown image
page readonly
 clean
100BFE000
stack
page read and write
 clean
1E1B7E20000
unkown image
page read and write
 clean
1E1B7580000
unkown image
page readonly
 clean
1B9AAB6B000
unkown
page read and write
 clean
7FF5529C8000
unkown image
page readonly
 clean
7DF55ECE0000
unkown image
page readonly
 clean
7FF5529B4000
unkown image
page readonly
 clean
1E1BC4B5000
unkown
page read and write
 clean
1E1B6E30000
unkown image
page readonly
 clean
7DF5934A0000
unkown image
page readonly
 clean
1E1BC4F0000
unkown
page read and write
 clean
29F8FA6B000
unkown
page read and write
 clean
7FF552A44000
unkown image
page readonly
 clean
7DF55ED00000
unkown image
page readonly
 clean
7FF55298C000
unkown image
page readonly
 clean
1E1BC5D0000
unkown
page read and write
 clean
7FF581D16000
unkown image
page readonly
 clean
2379AE3C000
unkown
page read and write
 clean
1E1BC610000
unkown
page read and write
 clean
1B9AAB55000
unkown
page read and write
 clean
F3242FF000
stack
page read and write
 clean
1B9AAB9A000
unkown
page read and write
 clean
7FF58191D000
unkown image
page readonly
 clean
1E1B7FF0000
unkown image
page readonly
 clean
238A8302000
unkown
page read and write
 clean
7FF549745000
unkown image
page readonly
 clean
238A8313000
unkown
page read and write
 clean
7FF549B87000
unkown image
page readonly
 clean
F3243FA000
stack
page read and write
 clean
A207E7B000
stack
page read and write
 clean
1E1BC800000
unkown
page read and write
 clean
1B9AAB8D000
unkown
page read and write
 clean
1B9AA213000
unkown
page read and write
 clean
1B9AABD6000
unkown
page read and write
 clean
238A8600000
unkown image
page readonly
 clean
1E1BC600000
unkown
page read and write
 clean
29F8F800000
unkown image
page readonly
 clean
1E1B7113000
unkown
page read and write
 clean
7DF5934B0000
unkown image
page readonly
 clean
7FF5528AD000
unkown image
page readonly
 clean
7FF549C62000
unkown image
page readonly
 clean
7FF57373D000
unkown image
page readonly
 clean
1B9AABB5000
unkown
page read and write
 clean
29F8FA63000
unkown
page read and write
 clean
1007FF000
stack
page read and write
 clean
1E1B7A81000
unkown
page read and write
 clean
1B9AAB71000
unkown
page read and write
 clean
238A823C000
unkown
page read and write
 clean
1E1B708B000
unkown
page read and write
 clean
23514700000
unkown image
page readonly
 clean
1B9AA2E9000
unkown
page read and write
 clean
1B9AB06A000
unkown
page read and write
 clean
2379B450000
unkown image
page readonly
 clean
1B9AAB91000
unkown
page read and write
 clean
7FF57C2A7000
unkown image
page readonly
 clean
1E1BC89D000
unkown
page read and write
 clean
DA34F7E000
stack
page read and write
 clean
7FF582104000
unkown image
page readonly
 clean
1B9AAB5A000
unkown
page read and write
 clean
2379AE7D000
unkown
page read and write
 clean
DDC23F7000
stack
page read and write
 clean
1E1B8030000
unkown image
page readonly
 clean
1E1B7102000
unkown
page read and write
 clean
7FF54964E000
unkown image
page readonly
 clean
7FF573624000
unkown image
page readonly
 clean
1B9AA180000
unkown image
page readonly
 clean
1E1B709D000
unkown
page read and write
 clean
238A8400000
unkown image
page readonly
 clean
1E1BC600000
unkown
page read and write
 clean
7FF552821000
unkown image
page readonly
 clean
29F8F900000
unkown image
page readonly
 clean
7FF57C9CD000
unkown image
page readonly
 clean
7FF581EBF000
unkown image
page readonly
 clean
1E1BC4B8000
unkown
page read and write
 clean
7DF588850000
unkown image
page readonly
 clean
7FF552526000
unkown image
page readonly
 clean
1E1B7959000
unkown
page read and write
 clean
7FF5737A4000
unkown image
page readonly
 clean
1E1BC610000
unkown
page read and write
 clean
7FF549B9C000
unkown image
page readonly
 clean
2379AE54000
unkown
page read and write
 clean
1E1B7A01000
unkown
page read and write
 clean
7FF57E36A000
unkown image
page readonly
 clean
7DF588832000
unkown image
page readonly
 clean
7DF567AD2000
unkown image
page readonly
 clean
1B9AABC4000
unkown
page read and write
 clean
7FF549BDE000
unkown image
page readonly
 clean
2379AE4D000
unkown
page read and write
 clean
1B9AA950000
unkown image
page readonly
 clean
7FF581E98000
unkown image
page readonly
 clean
23514720000
unkown
page read and write
 clean
1B9AAB6E000
unkown
page read and write
 clean
7DF55ECE0000
unkown image
page readonly
 clean
7FF549785000
unkown image
page readonly
 clean
7FF57360D000
unkown image
page readonly
 clean
7FF57DEE6000
unkown image
page readonly
 clean
1E1BC88A000
unkown
page read and write
 clean
1E1BC4B1000
unkown
page read and write
 clean
7DF588830000
unkown image
page readonly
 clean
7FF581A0E000
unkown image
page readonly
 clean
1E1BC710000
unkown
page read and write
 clean
1B9AAF40000
unkown image
page read and write
 clean
7FF549A1A000
unkown image
page readonly
 clean
1B9AA180000
unkown image
page readonly
 clean
1B9AA2F8000
unkown
page read and write
 clean
1B9AAB98000
unkown
page read and write
 clean
2379AE4C000
unkown
page read and write
 clean
7FF581969000
unkown image
page readonly
 clean
7FF581CD7000
unkown image
page readonly
 clean
7DF567AF0000
unkown image
page readonly
 clean
7ABE2FE000
stack
page read and write
 clean
1B9AAB9D000
unkown
page read and write
 clean
1E1BC810000
unkown
page read and write
 clean
1B9AAB96000
unkown
page read and write
 clean
7FF57E364000
unkown image
page readonly
 clean
29F90002000
unkown
page read and write
 clean
1E1B7089000
unkown
page read and write
 clean
7FF582136000
unkown image
page readonly
 clean
7FF5736BE000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
7FF5820EC000
unkown image
page readonly
 clean
238A8280000
unkown
page read and write
 clean
7FF57C2A3000
unkown image
page readonly
 clean
7FF57E1C3000
unkown image
page readonly
 clean
7FF581E6A000
unkown image
page readonly
 clean
7FF5820AA000
unkown image
page readonly
 clean
DDC20FF000
stack
page read and write
 clean
7FF57E273000
unkown image
page readonly
 clean
7FF57CA34000
unkown image
page readonly
 clean
7FF57E396000
unkown image
page readonly
 clean
7FF573704000
unkown image
page readonly
 clean
1E1BC80D000
unkown
page read and write
 clean
1B9AA2A7000
unkown
page read and write
 clean
7FF549B4F000
unkown image
page readonly
 clean
1E1B7072000
unkown
page read and write
 clean
238A8308000
unkown
page read and write
 clean
7DF567AE2000
unkown image
page readonly
 clean
1B9AAB9C000
unkown
page read and write
 clean
235147A0000
heap private
page read and write
 clean
1E1B703D000
unkown
page read and write
 clean
1E1B7590000
unkown image
page readonly
 clean
1B9AA2B1000
unkown
page read and write
 clean
7FF582083000
unkown image
page readonly
 clean
2379AE26000
unkown
page read and write
 clean
7FF549BB4000
unkown image
page readonly
 clean
7FF549970000
unkown image
page readonly
 clean
100C7F000
stack
page read and write
 clean
7FF582060000
unkown image
page readonly
 clean
F32447F000
stack
page read and write
 clean
7FF57371F000
unkown image
page readonly
 clean
1E1BC4D4000
unkown
page read and write
 clean
235146E0000
unkown image
page readonly
 clean
7FF552A4A000
unkown image
page readonly
 clean
7FF57C9C9000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
1B9AAB9A000
unkown
page read and write
 clean
29F8FB02000
unkown
page read and write
 clean
DA352F7000
stack
page read and write
 clean
7FF57E37F000
unkown image
page readonly
 clean
29F8FA54000
unkown
page read and write
 clean
7FF5494C7000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
1B9AABD7000
unkown
page read and write
 clean
1E1B7918000
unkown
page read and write
 clean
7FF549BBA000
unkown image
page readonly
 clean
1B9AA9F0000
unkown
page read and write
 clean
7FF549C61000
unkown image
page readonly
 clean
7FF5736C0000
unkown image
page readonly
 clean
7FF58212E000
unkown image
page readonly
 clean
23514BB0000
unkown image
page readonly
 clean
1B9AAB86000
unkown
page read and write
 clean
1B9AA248000
unkown
page read and write
 clean
235147F6000
heap default
page read and write
 clean
7DF567AD0000
unkown image
page readonly
 clean
1E1BC4D0000
unkown
page read and write
 clean
7FF549B44000
unkown image
page readonly
 clean
7FF57C994000
unkown image
page readonly
 clean
1B9AAB98000
unkown
page read and write
 clean
7DF591AC0000
unkown image
page readonly
 clean
7FF57CA42000
unkown image
page readonly
 clean
7FF5735BE000
unkown image
page readonly
 clean
1E1B6DF0000
heap private
page read and write
 clean
1E1B6FE3000
unkown
page read and write
 clean
7DF593492000
unkown image
page readonly
 clean
2379AE90000
unkown
page read and write
 clean
7FF573613000
unkown image
page readonly
 clean
7FF549B12000
unkown image
page readonly
 clean
7DF591AD0000
unkown image
page readonly
 clean
7FF57E320000
unkown image
page readonly
 clean
7FF5499B1000
unkown image
page readonly
 clean
7FF5820F7000
unkown image
page readonly
 clean
7FF552714000
unkown image
page readonly
 clean
7DF588830000
unkown image
page readonly
 clean
2379AD70000
unkown image
page readonly
 clean
1E1BC4BE000
unkown
page read and write
 clean
7FF55285E000
unkown image
page readonly
 clean
1B9AA247000
unkown
page read and write
 clean
7ABE3F8000
stack
page read and write
 clean
7FF581EF6000
unkown image
page readonly
 clean
7FF57C97C000
unkown image
page readonly
 clean
1E1B708F000
unkown
page read and write
 clean
7DF591AD0000
unkown image
page readonly
 clean
7FF549C54000
unkown image
page readonly
 clean
7FF5736D7000
unkown image
page readonly
 clean
7DF597230000
unkown image
page readonly
 clean
7FF581F11000
unkown image
page readonly
 clean
1B9AAB9A000
unkown
page read and write
 clean
1B9AAB96000
unkown
page read and write
 clean
7FF573440000
unkown image
page readonly
 clean
A207C7F000
stack
page read and write
 clean
7FF581E7B000
unkown image
page readonly
 clean
29F8FA3C000
unkown
page read and write
 clean
1B9AABA4000
unkown
page read and write
 clean
1E1BC879000
unkown
page read and write
 clean
1E1B7200000
unkown image
page readonly
 clean
1B9AA1A0000
unkown image
page readonly
 clean
7FF581CD5000
unkown image
page readonly
 clean
2351480F000
unkown
page read and write
 clean
7FF549490000
unkown image
page readonly
 clean
1E1B7400000
unkown image
page readonly
 clean
7FF5499C1000
unkown image
page readonly
 clean
23514807000
unkown
page read and write
 clean
1B9AA23C000
unkown
page read and write
 clean
7FF5528CC000
unkown image
page readonly
 clean
7FF549A78000
unkown image
page readonly
 clean
1004F7000
stack
page read and write
 clean
2379AE13000
unkown
page read and write
 clean
2379AD90000
heap default
page read and write
 clean
1E1BC81C000
unkown
page read and write
 clean
7FF5529AA000
unkown image
page readonly
 clean
7FF57C950000
unkown image
page readonly
 clean
29F8FE00000
unkown image
page readonly
 clean
7FF5736EF000
unkown image
page readonly
 clean
1B9AA2E1000
unkown
page read and write
 clean
7FF57E357000
unkown image
page readonly
 clean
1B9AAB9A000
unkown
page read and write
 clean
7FF581955000
unkown image
page readonly
 clean
29F8FA67000
unkown
page read and write
 clean
1B9AA4D0000
unkown image
page readonly
 clean
F324379000
stack
page read and write
 clean
7FF552841000
unkown image
page readonly
 clean
7FF57C97F000
unkown image
page readonly
 clean
DDC22FB000
stack
page read and write
 clean
1E1B7959000
unkown
page read and write
 clean
23514822000
unkown
page read and write
 clean
7FF549BCF000
unkown image
page readonly
 clean
7FF55295E000
unkown image
page readonly
 clean
2379AD40000
unkown image
page readonly
 clean
7FF57372E000
unkown image
page readonly
 clean
238A8802000
unkown
page read and write
 clean
29F8FC00000
unkown image
page readonly
 clean
7FF5529D6000
unkown image
page readonly
 clean
7DF5934A2000
unkown image
page readonly
 clean
7FF581959000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
235146C0000
unkown image
page read and write
 clean
1E1BC5F0000
unkown
page read and write
 clean
1E1B7000000
unkown
page read and write
 clean
7FF549A51000
unkown image
page readonly
 clean
100F7D000
stack
page read and write
 clean
7FF57E40A000
unkown image
page readonly
 clean
7ABE4FA000
stack
page read and write
 clean
7ABE277000
stack
page read and write
 clean
DA353FE000
stack
page read and write
 clean
7FF552520000
unkown image
page readonly
 clean
1B9AABA7000
unkown
page read and write
 clean
7DF588850000
unkown image
page readonly
 clean
2379B2D0000
unkown image
page readonly
 clean
235147E0000
heap default
page read and write
 clean
1B9AA2C7000
unkown
page read and write
 clean
7FF57E0A0000
unkown image
page readonly
 clean
7FF5820BE000
unkown image
page readonly
 clean
1E1B7918000
unkown
page read and write
 clean
1E1B77D0000
unkown
page read and write
 clean
1E1BC720000
unkown
page read and write
 clean
7DF591AC2000
unkown image
page readonly
 clean
238A8780000
unkown image
page readonly
 clean
7FF57370A000
unkown image
page readonly
 clean
7FF582114000
unkown image
page readonly
 clean
1E1B77F0000
unkown
page read and write
 clean
7FF5529BF000
unkown image
page readonly
 clean
7FF549C5A000
unkown image
page readonly
 clean
7FF5499A6000
unkown image
page readonly
 clean
7FF57C9B8000
unkown image
page readonly
 clean
7FF5736C5000
unkown image
page readonly
 clean
2379AF00000
unkown
page read and write
 clean
238A81D0000
unkown
page read and write
 clean
7FF582108000
unkown image
page readonly
 clean
7FF549B7B000
unkown image
page readonly
 clean
29F8F820000
heap default
page read and write
 clean
7DF567AF0000
unkown image
page readonly
 clean
7FF5496A6000
unkown image
page readonly
 clean
1B9AAB98000
unkown
page read and write
 clean
7DF591AC2000
unkown image
page readonly
 clean
7FF5820CB000
unkown image
page readonly
 clean
7ABE5FA000
stack
page read and write
 clean
2379B0D0000
unkown image
page readonly
 clean
1001FE000
stack
page read and write
 clean
1B9AA229000
unkown
page read and write
 clean
7DF593492000
unkown image
page readonly
 clean
7FF549A73000
unkown image
page readonly
 clean
7FF549B5C000
unkown image
page readonly
 clean
2379AE84000
unkown
page read and write
 clean
7FF549936000
unkown image
page readonly
 clean
23514780000
unkown image
page readonly
 clean
29F8FB08000
unkown
page read and write
 clean
1E1B7077000
unkown
page read and write
 clean
7FF5820D7000
unkown image
page readonly
 clean
A20817F000
stack
page read and write
 clean
1B9AB002000
unkown
page read and write
 clean
7DF567AE0000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
29F8F7C0000
heap private
page read and write
 clean
23514740000
unkown
page read and write
 clean
7FF572F33000
unkown image
page readonly
 clean
1E1B7918000
unkown
page read and write
 clean
1B9AAB1E000
unkown
page read and write
 clean
7FF57E31E000
unkown image
page readonly
 clean
1B9AA24B000
unkown
page read and write
 clean
1005FA000
stack
page read and write
 clean
238A8200000
unkown
page read and write
 clean
1E1B709A000
unkown
page read and write
 clean
7FF549B70000
unkown image
page readonly
 clean
1B9AA28A000
unkown
page read and write
 clean
2379AE46000
unkown
page read and write
 clean
1B9AAB00000
unkown
page read and write
 clean
7FF57E1E1000
unkown image
page readonly
 clean
1B9AABAF000
unkown
page read and write
 clean
7FF581D20000
unkown image
page readonly
 clean
7FF57E34F000
unkown image
page readonly
 clean
7DF597232000
unkown image
page readonly
 clean
7FF5498E7000
unkown image
page readonly
 clean
F323FCA000
unkown
page read and write
 clean
7FF552803000
unkown image
page readonly
 clean
1E1BC860000
unkown
page read and write
 clean
7FF581F65000
unkown image
page readonly
 clean
7FF57C9A4000
unkown image
page readonly
 clean
1B9AB003000
unkown
page read and write
 clean
7FF5529D9000
unkown image
page readonly
 clean
1B9AABC4000
unkown
page read and write
 clean
7FF549BE9000
unkown image
page readonly
 clean
1E1BC580000
unkown
page read and write
 clean
7ABDCFE000
stack
page read and write
 clean
238A7FE0000
unkown image
page readonly
 clean
238A8000000
heap default
page read and write
 clean
7DF588842000
unkown image
page readonly
 clean
7DF593490000
unkown image
page readonly
 clean
1B9AA1B0000
unkown image
page readonly
 clean
7FF552A52000
unkown image
page readonly
 clean
7FF581C22000
unkown image
page readonly
 clean
7FF581E40000
unkown image
page readonly
 clean
DDC207E000
stack
page read and write
 clean
7DF55ECF0000
unkown image
page readonly
 clean
7DF591AC0000
unkown image
page readonly
 clean
7FF58207F000
unkown image
page readonly
 clean
7DF588842000
unkown image
page readonly
 clean
7FF581F6F000
unkown image
page readonly
 clean
2379ADA0000
unkown image
page readonly
 clean
1B9AAB8C000
unkown
page read and write
 clean
7FF552997000
unkown image
page readonly
 clean
7FF5527B1000
unkown image
page readonly
 clean
29F8F7B0000
unkown image
page read and write
 clean
1E1BC890000
unkown
page read and write
 clean
7FF57E097000
unkown image
page readonly
 clean
1B9AAB6E000
unkown
page read and write
 clean
A20790B000
unkown
page read and write
 clean
7FF58188E000
unkown image
page readonly
 clean
7FF55294C000
unkown image
page readonly
 clean
23514770000
unkown image
page readonly
 clean
7FF552960000
unkown image
page readonly
 clean
1E1BC5E0000
unkown
page read and write
 clean
7FF57E31A000
unkown image
page readonly
 clean
7FF58202C000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
7FF57DEF5000
unkown image
page readonly
 clean
7FF57E411000
unkown image
page readonly
 clean
7FF5737B2000
unkown image
page readonly
 clean
7FF581918000
unkown image
page readonly
 clean
2379AD60000
unkown image
page readonly
 clean
7FF57C955000
unkown image
page readonly
 clean
7FF573280000
unkown image
page readonly
 clean
7FF581F52000
unkown image
page readonly
 clean
1B9AB01D000
unkown
page read and write
 clean
7FF5529DD000
unkown image
page readonly
 clean
1B9AAB96000
unkown
page read and write
 clean
7FF549B10000
unkown image
page readonly
 clean
7DF486700000
unkown image
page readonly
 clean
1B9AAA02000
unkown
page read and write
 clean
7FF57E404000
unkown image
page readonly
 clean
1E1B7900000
unkown
page read and write
 clean
DA354FD000
stack
page read and write
 clean
7FF5735BB000
unkown image
page readonly
 clean
7DF567AD2000
unkown image
page readonly
 clean
29F8FA61000
unkown
page read and write
 clean
1E1BC88A000
unkown
page read and write
 clean
238A828A000
unkown
page read and write
 clean
1E1B7802000
unkown
page read and write
 clean
100DFD000
stack
page read and write
 clean
DA351FB000
stack
page read and write
 clean
1B9AA24C000
unkown
page read and write
 clean
7FF5820EF000
unkown image
page readonly
 clean
7DF55ED00000
unkown image
page readonly
 clean
7FF5736CB000
unkown image
page readonly
 clean
2379AF13000
unkown
page read and write
 clean
7FF549A6B000
unkown image
page readonly
 clean
29F8FA8A000
unkown
page read and write
 clean
7FF582006000
unkown image
page readonly
 clean
7FF57C270000
unkown image
page readonly
 clean
1B9AA9F0000
unkown
page read and write
 clean
238A8270000
unkown
page read and write
 clean
7FF57E38E000
unkown image
page readonly
 clean
7FF57E34C000
unkown image
page readonly
 clean
1E1BC4B7000
unkown
page read and write
 clean
29F8FB13000
unkown
page read and write
 clean
1B9AAB9F000
unkown
page read and write
 clean
7DF597242000
unkown image
page readonly
 clean
238A8252000
unkown
page read and write
 clean
7FF5521D3000
unkown image
page readonly
 clean
7DF5934A0000
unkown image
page readonly
 clean
1B9AA2C0000
unkown
page read and write
 clean
7DF567AD0000
unkown image
page readonly
 clean
7FF57E399000
unkown image
page readonly
 clean
7FF5821B1000
unkown image
page readonly
 clean
7FF5821A4000
unkown image
page readonly
 clean
1B9AAB5C000
unkown
page read and write
 clean
2379B602000
unkown
page read and write
 clean
7FF57E32B000
unkown image
page readonly
 clean
1E1B6F50000
unkown
page read and write
 clean
DDC26FE000
stack
page read and write
 clean
7FF57E30C000
unkown image
page readonly
 clean
7FF57E325000
unkown image
page readonly
 clean
7DF588840000
unkown image
page readonly
 clean
1B9AA9F0000
unkown
page read and write
 clean
7FF581EB1000
unkown image
page readonly
 clean
1E1BC84B000
unkown
page read and write
 clean
7FF549A31000
unkown image
page readonly
 clean
1E1BC882000
unkown
page read and write
 clean
7DF55ECF0000
unkown image
page readonly
 clean
7FF581D41000
unkown image
page readonly
 clean
1E1B8380000
unkown
page read and write
 clean
2379AF08000
unkown
page read and write
 clean
7FF57E374000
unkown image
page readonly
 clean
7FF57C95B000
unkown image
page readonly
 clean
7FF5820BA000
unkown image
page readonly
 clean
1E1B6FC1000
unkown
page read and write
 clean
A207F7E000
stack
page read and write
 clean
7FF549B3F000
unkown image
page readonly
 clean
1B9AA930000
unkown
page read and write
 clean
7FF57CA41000
unkown image
page readonly
 clean
7FF57E30A000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
7FF573563000
unkown image
page readonly
 clean
7FF581D51000
unkown image
page readonly
 clean
1E1B7029000
unkown
page read and write
 clean
1B9AA308000
unkown
page read and write
 clean
DA34EFE000
stack
page read and write
 clean
1B9AAB84000
unkown
page read and write
 clean
1E1B6E00000
unkown image
page readonly
 clean
7FF5735A1000
unkown image
page readonly
 clean
7FF54992B000
unkown image
page readonly
 clean
7FF57C988000
unkown image
page readonly
 clean
7FF582094000
unkown image
page readonly
 clean
1B9AAB4A000
unkown
page read and write
 clean
7DF45CBB0000
unkown image
page readonly
 clean
F32427F000
stack
page read and write
 clean
1B9AA160000
unkown image
page read and write
 clean
7FF57E201000
unkown image
page readonly
 clean
7FF549AD4000
unkown image
page readonly
 clean
1E1B7918000
unkown
page read and write
 clean
7DF567AE2000
unkown image
page readonly
 clean
7FF57DEE0000
unkown image
page readonly
 clean
1B9AA270000
unkown
page read and write
 clean
7FF549BC4000
unkown image
page readonly
 clean
1E1B6E20000
unkown image
page readonly
 clean
7FF5496E2000
unkown image
page readonly
 clean
7FF5736EC000
unkown image
page readonly
 clean
7FF581EBD000
unkown image
page readonly
 clean
1E1B7013000
unkown
page read and write
 clean
7DF597232000
unkown image
page readonly
 clean
1B9AAB96000
unkown
page read and write
 clean
7FF552535000
unkown image
page readonly
 clean
1E1B706D000
unkown
page read and write
 clean
7FF573581000
unkown image
page readonly
 clean
238A80E0000
unkown image
page readonly
 clean
1B9AAB99000
unkown
page read and write
 clean
1B9AA1E0000
unkown image
page readonly
 clean
7DF591AD2000
unkown image
page readonly
 clean
7DF597250000
unkown image
page readonly
 clean
7FF5528B3000
unkown image
page readonly
 clean
DA350FF000
stack
page read and write
 clean
7FF552965000
unkown image
page readonly
 clean
238A8213000
unkown
page read and write
 clean
23514806000
unkown
page read and write
 clean
7FF549A13000
unkown image
page readonly
 clean
238A8229000
unkown
page read and write
 clean
1B9AAB13000
unkown
page read and write
 clean
1B9AAB60000
unkown
page read and write
 clean
F3244FF000
stack
page read and write
 clean
DA34E7C000
unkown
page read and write
 clean
1E1B8020000
unkown image
page readonly
 clean
7FF549A6E000
unkown image
page readonly
 clean
7FF582073000
unkown image
page readonly
 clean
7FF549730000
unkown image
page readonly
 clean
1E1BC829000
unkown
page read and write
 clean
7FF581E86000
unkown image
page readonly
 clean
238A8250000
unkown
page read and write
 clean
7FF581E74000
unkown image
page readonly
 clean
1E1B7902000
unkown
page read and write
 clean
7FF5820C5000
unkown image
page readonly
 clean
7FF57E171000
unkown image
page readonly
 clean
1E1B8000000
unkown image
page readonly
 clean
7DF593490000
unkown image
page readonly
 clean
1B9AABD4000
unkown
page read and write
 clean
238A7FA0000
heap private
page read and write
 clean
1E1BC883000
unkown
page read and write
 clean
1B9AAB96000
unkown
page read and write
 clean
7DF591AE0000
unkown image
page readonly
 clean
1009FB000
stack
page read and write
 clean
7FF573286000
unkown image
page readonly
 clean
7FF549736000
unkown image
page readonly
 clean
7FF57C9AE000
unkown image
page readonly
 clean
1E1B70F9000
unkown
page read and write
 clean
1E1BC4E0000
unkown
page read and write
 clean
100AFE000
stack
page read and write
 clean
1E1B6FF0000
unkown
page read and write
 clean
7FF5736AA000
unkown image
page readonly
 clean
29F8FF80000
unkown image
page readonly
 clean
7DF567AE0000
unkown image
page readonly
 clean
2379AE70000
unkown
page read and write
 clean
1E1BC4D1000
unkown
page read and write
 clean
7ABDD7D000
stack
page read and write
 clean
29F8FA00000
unkown
page read and write
 clean
7FF582128000
unkown image
page readonly
 clean
29F8F7D0000
unkown image
page readonly
 clean
7FF549B3B000
unkown image
page readonly
 clean
7FF57E21B000
unkown image
page readonly
 clean
7FF58211F000
unkown image
page readonly
 clean
1B9AAB98000
unkown
page read and write
 clean
1B9AA2E8000
unkown
page read and write
 clean
7DF597240000
unkown image
page readonly
 clean
10007B000
unkown
page read and write
 clean
1B9AA200000
unkown
page read and write
 clean
7FF57E39D000
unkown image
page readonly
 clean
100CFF000
stack
page read and write
 clean
2379AE89000
unkown
page read and write
 clean
7FF549B6A000
unkown image
page readonly
 clean
1B9AB002000
unkown
page read and write
 clean
7FF5528C4000
unkown image
page readonly
 clean
1E1BC5C0000
unkown
page read and write
 clean
1B9AA980000
unkown image
page write copy
 clean
23514821000
unkown
page read and write
 clean
A20798E000
stack
page read and write
 clean
7FF55285B000
unkown image
page readonly
 clean
1B9AA24E000
unkown
page read and write
 clean
7DF55ECE2000
unkown image
page readonly
 clean
1B9AA302000
unkown
page read and write
 clean
7FF5496D2000
unkown image
page readonly
 clean
7FF573739000
unkown image
page readonly
 clean
7FF55298F000
unkown image
page readonly
 clean
DA3507C000
stack
page read and write
 clean
7DF591AD2000
unkown image
page readonly
 clean
7DF591AE0000
unkown image
page readonly
 clean
1E1B70B0000
unkown
page read and write
 clean
7FF573728000
unkown image
page readonly
 clean
1E1BC4B0000
unkown
page read and write
 clean
7FF549B75000
unkown image
page readonly
 clean
238A824F000
unkown
page read and write
 clean
29F8FA7D000
unkown
page read and write
 clean
DDC1D8B000
unkown
page read and write
 clean
2379AE4B000
unkown
page read and write
 clean
1B9AAB97000
unkown
page read and write
 clean
7FF5820AC000
unkown image
page readonly
 clean
7FF5494C3000
unkown image
page readonly
 clean
1B9AABBB000
unkown
page read and write
 clean
29F8FB00000
unkown
page read and write
 clean
7ABE6FE000
stack
page read and write
 clean
7DF597242000
unkown image
page readonly
 clean
2379AD40000
unkown image
page readonly
 clean
1B9AAB15000
unkown
page read and write
 clean
7FF581F6A000
unkown image
page readonly
 clean
238A824D000
unkown
page read and write
 clean
29F8FA2A000
unkown
page read and write
 clean
7DF4659A0000
unkown image
page readonly
 clean
1008FA000
stack
page read and write
 clean
238A8300000
unkown
page read and write
 clean
2379AD30000
heap private
page read and write
 clean
7DF5934A2000
unkown image
page readonly
 clean
1E1B6F30000
unkown image
page readonly
 clean
29F8FA13000
unkown
page read and write
 clean
7FF549B9F000
unkown image
page readonly
 clean
1E1B6E50000
heap default
page read and write
 clean
29F8FA02000
unkown
page read and write
 clean
7FF552A51000
unkown image
page readonly
 clean
7FF55296B000
unkown image
page readonly
 clean
7FF5820C0000
unkown image
page readonly
 clean
7DF55ECF2000
unkown image
page readonly
 clean
7FF5529CE000
unkown image
page readonly
 clean
23514790000
unkown image
page read and write
 clean
1B9AABB2000
unkown
page read and write
 clean
1B9AB000000
unkown
page read and write
 clean
DDC24FF000
stack
page read and write
 clean
7FF581E9F000
unkown image
page readonly
 clean
1B9AAB96000
unkown
page read and write
 clean
7FF58200D000
unkown image
page readonly
 clean
1E1B8010000
unkown image
page readonly
 clean
7FF5499A4000
unkown image
page readonly
 clean
1E1B7057000
unkown
page read and write
 clean
7FF549ABD000
unkown image
page readonly
 clean
2379ADC0000
unkown
page read and write
 clean
7FF57E412000
unkown image
page readonly
 clean
1B9AABD9000
unkown
page read and write
 clean
7FF549AC3000
unkown image
page readonly
 clean
1E1B6DE0000
unkown image
page read and write
 clean
1E1B77C0000
unkown
page read and write
 clean
29F8F7F0000
unkown image
page readonly
 clean
1B9AA2A6000
unkown
page read and write
 clean
7FF549B5A000
unkown image
page readonly
 clean
7DF597230000
unkown image
page readonly
 clean
2351480F000
unkown
page read and write
 clean
7FF581F01000
unkown image
page readonly
 clean
29F8F9F0000
unkown
page read and write
 clean
1B9AA2D1000
unkown
page read and write
 clean
7FF5493E3000
unkown image
page readonly
 clean
7FF573511000
unkown image
page readonly
 clean
1E1B7D00000
unkown
page read and write
 clean
7FF5529A4000
unkown image
page readonly
 clean
1B9AAB96000
unkown
page read and write
 clean
235147F1000
unkown
page read and write
 clean
7FF5737B1000
unkown image
page readonly
 clean
100A7F000
stack
page read and write
 clean
7DF55ECF2000
unkown image
page readonly
 clean
29F8FA8D000
unkown
page read and write
 clean
1E1BC89D000
unkown
page read and write
 clean
1E1B70B4000
unkown
page read and write
 clean
238A7FB0000
unkown image
page readonly
 clean
7FF5821AA000
unkown image
page readonly
 clean
7FF581F81000
unkown image
page readonly
 clean
1006FA000
stack
page read and write
 clean
1B9AA283000
unkown
page read and write
 clean
1E1B7E00000
unkown
page read and write
 clean
1B9AA850000
unkown image
page readonly
 clean
1E1BC83E000
unkown
page read and write
 clean
7FF57E337000
unkown image
page readonly
 clean
1E1BC4B6000
unkown
page read and write
 clean
238A7FB0000
unkown image
page readonly
 clean
7FF549B6E000
unkown image
page readonly
 clean
7FF57C99A000
unkown image
page readonly
 clean
7FF55294A000
unkown image
page readonly
 clean
2379AD20000
unkown image
page read and write
 clean
7FF573437000
unkown image
page readonly
 clean
1E1B7075000
unkown
page read and write
 clean
7FF549BA7000
unkown image
page readonly
 clean
1B9AB063000
unkown
page read and write
 clean
7FF573295000
unkown image
page readonly
 clean
1E1B7959000
unkown
page read and write
 clean
2379AE00000
unkown
page read and write
 clean
7DF48F990000
unkown image
page readonly
 clean
2379AE57000
unkown
page read and write
 clean
1E1BC4F4000
unkown
page read and write
 clean
1B9AAB8E000
unkown
page read and write
 clean
7FF582139000
unkown image
page readonly
 clean
7FF549BE6000
unkown image
page readonly
 clean
1E1BC620000
unkown
page read and write
 clean
238A7FD0000
unkown image
page readonly
 clean
1E1B7FE0000
unkown image
page readonly
 clean
7ABDF78000
stack
page read and write
 clean
7FF5526D7000
unkown image
page readonly
 clean
1B9AAB80000
unkown
page read and write
 clean
7FF573714000
unkown image
page readonly
 clean
2379AF02000
unkown
page read and write
 clean
1B9AAB98000
unkown
page read and write
 clean
7FF55295A000
unkown image
page readonly
 clean
1B9AA316000
unkown
page read and write
 clean
1B9AAB6E000
unkown
page read and write
 clean
7FF581EAB000
unkown image
page readonly
 clean
7DF597240000
unkown image
page readonly
 clean
7FF57E284000
unkown image
page readonly
 clean
1E1B6F60000
unkown image
page read and write
 clean
1E1BC4BB000
unkown
page read and write
 clean
1B9AAB7F000
unkown
page read and write
 clean
7FF57E388000
unkown image
page readonly
 clean
7DF597250000
unkown image
page readonly
 clean
7FF57C9BE000
unkown image
page readonly
 clean
1B9AA313000
unkown
page read and write
 clean
DDC21FB000
stack
page read and write
 clean
A208077000
stack
page read and write
 clean
1B9AA249000
unkown
page read and write
 clean
7FF5737AA000
unkown image
page readonly
 clean
7FF57CA3A000
unkown image
page readonly
 clean
7FF5821B2000
unkown image
page readonly
 clean
7DF5934B0000
unkown image
page readonly
 clean
7DF55ECE2000
unkown image
page readonly
 clean
7FF581DA4000
unkown image
page readonly
 clean
1E1B6E00000
unkown image
page readonly
 clean
1E1BC3B0000
unkown
page read and write
 clean
2379AE47000
unkown
page read and write
 clean
1E1B7815000
unkown
page read and write
 clean
7FF5736F7000
unkown image
page readonly
 clean
7DF588840000
unkown image
page readonly
 clean
1E1B7959000
unkown
page read and write
 clean
235146E0000
unkown image
page readonly
 clean
7FF57362C000
unkown image
page readonly
 clean
1B9AA170000
heap private
page read and write
 clean
7DF491360000
unkown image
page readonly
 clean
7FF549BD8000
unkown image
page readonly
 clean
1B9AA6D0000
unkown image
page readonly
 clean
1E1B7E10000
unkown
page read and write
 clean
1E1B7913000
unkown
page read and write
 clean
1B9AAB9A000
unkown
page read and write
 clean
7ABE17E000
stack
page read and write
 clean
1B9AAB86000
unkown
page read and write
 clean
1B9AA2E5000
unkown
page read and write
 clean
7FF581EF4000
unkown image
page readonly
 clean
1B9AAB7F000
unkown
page read and write
 clean
1B9AA1D0000
heap default
page read and write
 clean
1B9AAB4C000
unkown
page read and write
 clean
1E1BC610000
unkown
page read and write
 clean
235147A5000
heap private
page read and write
 clean
7FF57E26D000
unkown image
page readonly
 clean
7ABDC7B000
unkown
page read and write
 clean
7FF549787000
unkown image
page readonly
 clean
2379AE4F000
unkown
page read and write
 clean
2351480F000
unkown
page read and write
 clean
1B9AAB96000
unkown
page read and write
 clean
1B9AB01F000
unkown
page read and write
 clean
7FF5496DE000
unkown image
page readonly
 clean
There are 751 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://s3.us-east-2.amazonaws.com/powerpointreader.edu/xlsachremmittance.html#ap@pointloma.edu06891765014988372040251843501WNjb3VudGluZ0Btb3RoZgjhjkoiphiggvghugiXJzbWlsay5vcmc
 malicious