Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Change Order - Draw #3 .htm
|
HTML document, ASCII text, with very long lines, with no line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0155f209-1277-4bdd-b03c-514e2d8cc250.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\66e990ce-3554-487b-8bfb-aa5440ccffc5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\87a89bfc-819a-4ff2-b1e5-39b7ed2fa15e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9fc9e0d7-b287-4a40-9332-4c0d6789ad5f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\00d5542b-db7f-4225-8132-1eed0da0bc3c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\02d25643-5873-48c8-baf6-16713ea6070e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2b3ecc82-b907-42d3-af9f-68aa41f2ec60.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32e421bf-b931-4369-9697-481513312b11.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\32e9b251-eb3b-4a9f-bffd-0107d788e920.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3cfde9b1-fa57-45dd-b4cf-462f5b995b6f.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\409843ff-7ea4-45f9-9907-8f5d6a047236.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\56cc4c72-0ee7-4f11-91c8-55e17954d293.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5b5864dc-15ec-4fe9-be82-0cf23d941ec3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\65bcf01a-793a-4046-a125-bfe8370095b2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6a133660-f160-434f-802b-53379809f6bf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\745ee0d8-6442-4b8f-8c60-4377b4ec476b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\81ef0800-e906-4fca-b492-130f2165f961.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9a43737f-a509-4590-a019-e49d8991cff8.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldB (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldg (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldin (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsta (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old63 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State1 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences` (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences# (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferenceslb (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\9e52c11b-34e0-4d99-9fd7-49a470a21b6c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\5e559647-4c67-4aea-b111-0d317bd14746.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldMP
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a31497c6-f57a-4f51-a5af-e9a240ba7ff7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be5ecd8e-087e-4f49-81b4-a2f6f189309b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c8ff70b9-6d52-4d66-89d7-3b22d594585f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTa (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\de154200-6958-4727-80a2-06c312cfe0bb.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ed942ca9-2f6a-442b-9607-0f8ae7332332.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f2b3d8f6-b724-4e25-8bca-46d45b67ce7c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f53b3598-0d68-48cb-98d1-dc2b54062098.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8f (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateRE (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheB (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\v (copy)
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir3984_1134415010\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a72e71eb-7e91-40b9-a4be-4c1202402342.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\aa87d3ed-4142-4c9d-ab2b-42ba9ae67d64.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\cd617176-f6a0-4034-b223-077d88402de8.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d182ae6e-853f-429c-beba-902f7c08a880.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d30616fa-ba2b-4ee6-a3f3-c62472d3b1ea.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f295fb2e-0198-4331-8b90-d0c6f4a88277.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ffd36dad-11af-4a9d-9ab5-4a7eef1d38f4.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1536201342\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1575958636\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1575958636\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_1575958636\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_17215717\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_17215717\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_17215717\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_17215717\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\3984_17215717\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\74761756-d3ab-4209-88c9-968efcb8a19b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\84ec76f5-4b64-4658-be5b-d879076f89ae.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\a7027531-a09a-41a3-a54f-386800bb708e.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ecee7f73-39bf-4e6a-8a23-8616ab2a3c5b.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_1079649158\a7027531-a09a-41a3-a54f-386800bb708e.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\74761756-d3ab-4209-88c9-968efcb8a19b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir3984_2127944006\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 263 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\Change
Order - Draw #3 .htm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,824141991095786902,2422586568805408263,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1948 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/Change%20Order%20-%20Draw%20%233%20.htm
|
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=B1V6483Ce5U4ngLqMuYvqFM6k3PFqGhsou3LRiSzLj8ybzgIxCRz6%2Fzxb
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
|
104.16.18.94
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://dma.ao/v1.1/___.php?_do=layout&email=mary.turner@tetratech.com
|
162.214.66.227
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 44 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
dma.ao
|
162.214.66.227
|
|
|
|
cdnjs.cloudflare.com
|
104.16.18.94
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.214.66.227
|
dma.ao
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
192.168.2.6
|
unknown
|
unknown
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
104.16.18.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5C5854000
|
unkown image
|
page readonly
|
|
|
|
7FF4F964C000
|
unkown image
|
page readonly
|
|
|
|
7FF559814000
|
unkown image
|
page readonly
|
|
|
|
1E9014A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5587000
|
unkown image
|
page readonly
|
|
|
|
19A39A93000
|
unkown
|
page read and write
|
|
|
|
1AA1EBD0000
|
heap default
|
page read and write
|
|
|
|
2D1C47F000
|
stack
|
page read and write
|
|
|
|
19A3DC45000
|
unkown
|
page read and write
|
|
|
|
7FF4FB277000
|
unkown image
|
page readonly
|
|
|
|
7FF5C57DB000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA85C000
|
unkown image
|
page readonly
|
|
|
|
7FF543430000
|
unkown image
|
page readonly
|
|
|
|
1F10E7A9000
|
unkown
|
page read and write
|
|
|
|
1F10E769000
|
unkown
|
page read and write
|
|
|
|
1F10E77D000
|
unkown
|
page read and write
|
|
|
|
2CF3C7B0000
|
unkown image
|
page read and write
|
|
|
|
1420DC50000
|
unkown
|
page read and write
|
|
|
|
1420DD13000
|
unkown
|
page read and write
|
|
|
|
2CF3C900000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA9A0000
|
unkown image
|
page readonly
|
|
|
|
19A38F02000
|
unkown
|
page read and write
|
|
|
|
1F10DDB0000
|
unkown image
|
page read and write
|
|
|
|
1F10E7A9000
|
unkown
|
page read and write
|
|
|
|
7FF543311000
|
unkown image
|
page readonly
|
|
|
|
7DF5FA5F0000
|
unkown image
|
page readonly
|
|
|
|
19A3867B000
|
unkown
|
page read and write
|
|
|
|
7FF4FB1B3000
|
unkown image
|
page readonly
|
|
|
|
1E901805000
|
heap private
|
page read and write
|
|
|
|
1F10EC00000
|
unkown
|
page read and write
|
|
|
|
7DF5103E2000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
7DF50E7B0000
|
unkown image
|
page readonly
|
|
|
|
19A3E090000
|
unkown
|
page read and write
|
|
|
|
19A3DAB0000
|
unkown
|
page read and write
|
|
|
|
1F10E74A000
|
unkown
|
page read and write
|
|
|
|
7FF5428D7000
|
unkown image
|
page readonly
|
|
|
|
19A3DD80000
|
unkown
|
page read and write
|
|
|
|
7FF5C5427000
|
unkown image
|
page readonly
|
|
|
|
7FF5E54CE000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5886000
|
unkown image
|
page readonly
|
|
|
|
7FF5C583F000
|
unkown image
|
page readonly
|
|
|
|
1E901B90000
|
unkown image
|
page readonly
|
|
|
|
1F10ED00000
|
unkown
|
page read and write
|
|
|
|
7FF5E53B3000
|
unkown image
|
page readonly
|
|
|
|
7DF50E7B0000
|
unkown image
|
page readonly
|
|
|
|
1F10E700000
|
unkown
|
page read and write
|
|
|
|
7FF5DA85F000
|
unkown image
|
page readonly
|
|
|
|
7FF5434A6000
|
unkown image
|
page readonly
|
|
|
|
19A3DE61000
|
unkown
|
page read and write
|
|
|
|
7DF56E942000
|
unkown image
|
page readonly
|
|
|
|
19A3DB20000
|
unkown
|
page read and write
|
|
|
|
7DF50E7A2000
|
unkown image
|
page readonly
|
|
|
|
19A3DDA0000
|
unkown
|
page read and write
|
|
|
|
19A39A90000
|
unkown
|
page read and write
|
|
|
|
7DF5585A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5FA5F0000
|
unkown image
|
page readonly
|
|
|
|
7FF559824000
|
unkown image
|
page readonly
|
|
|
|
19A39100000
|
unkown
|
page read and write
|
|
|
|
7DF40E2A0000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
1E901A10000
|
unkown image
|
page readonly
|
|
|
|
7DF5103D2000
|
unkown image
|
page readonly
|
|
|
|
1420DC3C000
|
unkown
|
page read and write
|
|
|
|
19A38696000
|
unkown
|
page read and write
|
|
|
|
7FF4F9304000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
1420DC00000
|
unkown
|
page read and write
|
|
|
|
19A386A1000
|
unkown
|
page read and write
|
|
|
|
7FF4FB1C4000
|
unkown image
|
page readonly
|
|
|
|
1F10E716000
|
unkown
|
page read and write
|
|
|
|
19A3DE88000
|
unkown
|
page read and write
|
|
|
|
7FF54339C000
|
unkown image
|
page readonly
|
|
|
|
1F10E108000
|
unkown
|
page read and write
|
|
|
|
1E901596000
|
unkown
|
page read and write
|
|
|
|
615F3FA000
|
stack
|
page read and write
|
|
|
|
615F0FF000
|
stack
|
page read and write
|
|
|
|
7FF5C570E000
|
unkown image
|
page readonly
|
|
|
|
19A3DC70000
|
unkown
|
page read and write
|
|
|
|
1F10E0D1000
|
unkown
|
page read and write
|
|
|
|
1F10DDC0000
|
heap private
|
page read and write
|
|
|
|
7FF4FB352000
|
unkown image
|
page readonly
|
|
|
|
19A38E15000
|
unkown
|
page read and write
|
|
|
|
7FF543005000
|
unkown image
|
page readonly
|
|
|
|
1420DC8B000
|
unkown
|
page read and write
|
|
|
|
7FF5C5651000
|
unkown image
|
page readonly
|
|
|
|
2D1C77D000
|
stack
|
page read and write
|
|
|
|
7FF5C57B2000
|
unkown image
|
page readonly
|
|
|
|
F9B0FF000
|
stack
|
page read and write
|
|
|
|
C9237E000
|
stack
|
page read and write
|
|
|
|
7FF5DA914000
|
unkown image
|
page readonly
|
|
|
|
7FF5432D3000
|
unkown image
|
page readonly
|
|
|
|
1420DC13000
|
unkown
|
page read and write
|
|
|
|
7FF5C54B5000
|
unkown image
|
page readonly
|
|
|
|
7DF5103F0000
|
unkown image
|
page readonly
|
|
|
|
7DF56E940000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5477000
|
unkown image
|
page readonly
|
|
|
|
F9B07F000
|
stack
|
page read and write
|
|
|
|
7FF5434A9000
|
unkown image
|
page readonly
|
|
|
|
7FF4F941D000
|
unkown image
|
page readonly
|
|
|
|
1F10E75B000
|
unkown
|
page read and write
|
|
|
|
7FF5DA922000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB26B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB1CC000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9182000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5864000
|
unkown image
|
page readonly
|
|
|
|
14A14250000
|
unkown
|
page read and write
|
|
|
|
14A14253000
|
unkown
|
page read and write
|
|
|
|
7DF5FA5D2000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9674000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB344000
|
unkown image
|
page readonly
|
|
|
|
7FF4F93CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5E54AA000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
7FF5E5341000
|
unkown image
|
page readonly
|
|
|
|
1AA1EC57000
|
unkown
|
page read and write
|
|
|
|
1CF11F7000
|
stack
|
page read and write
|
|
|
|
1F10ED02000
|
unkown
|
page read and write
|
|
|
|
1CF0BAB000
|
unkown
|
page read and write
|
|
|
|
1F10E7A5000
|
unkown
|
page read and write
|
|
|
|
19A3DC61000
|
unkown
|
page read and write
|
|
|
|
7FF54337D000
|
unkown image
|
page readonly
|
|
|
|
14A1424F000
|
unkown
|
page read and write
|
|
|
|
1F10E7A7000
|
unkown
|
page read and write
|
|
|
|
7FF5C577C000
|
unkown image
|
page readonly
|
|
|
|
1F10E053000
|
unkown
|
page read and write
|
|
|
|
19A3DF02000
|
unkown
|
page read and write
|
|
|
|
7FF4FB141000
|
unkown image
|
page readonly
|
|
|
|
F7F69F7000
|
stack
|
page read and write
|
|
|
|
7FF4FB15B000
|
unkown image
|
page readonly
|
|
|
|
1F10E767000
|
unkown
|
page read and write
|
|
|
|
1F10E04A000
|
unkown
|
page read and write
|
|
|
|
19A38580000
|
heap private
|
page read and write
|
|
|
|
7FF5E5544000
|
unkown image
|
page readonly
|
|
|
|
7FF5E54D9000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA405000
|
unkown image
|
page readonly
|
|
|
|
19A3DC4E000
|
unkown
|
page read and write
|
|
|
|
7FF4FB265000
|
unkown image
|
page readonly
|
|
|
|
2CF3C7C0000
|
heap private
|
page read and write
|
|
|
|
1F10E7A9000
|
unkown
|
page read and write
|
|
|
|
7FF55984D000
|
unkown image
|
page readonly
|
|
|
|
F9A6FC000
|
unkown
|
page read and write
|
|
|
|
1AA1F402000
|
unkown
|
page read and write
|
|
|
|
14A14229000
|
unkown
|
page read and write
|
|
|
|
7FF54351A000
|
unkown image
|
page readonly
|
|
|
|
19A38590000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5810000
|
unkown image
|
page readonly
|
|
|
|
1F10EB90000
|
unkown image
|
page read and write
|
|
|
|
1F10E769000
|
unkown
|
page read and write
|
|
|
|
C920FD000
|
stack
|
page read and write
|
|
|
|
1E9014E0000
|
unkown
|
page read and write
|
|
|
|
7FF5E54BF000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9704000
|
unkown image
|
page readonly
|
|
|
|
1F10E767000
|
unkown
|
page read and write
|
|
|
|
615F2FF000
|
stack
|
page read and write
|
|
|
|
7FF4F8DE8000
|
unkown image
|
page readonly
|
|
|
|
1AA1EC4F000
|
unkown
|
page read and write
|
|
|
|
7FF4F964F000
|
unkown image
|
page readonly
|
|
|
|
7FF5C53D6000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AB000
|
unkown
|
page read and write
|
|
|
|
7DF4F84A0000
|
unkown image
|
page readonly
|
|
|
|
1CF14FF000
|
stack
|
page read and write
|
|
|
|
7FF5DA3F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C56D1000
|
unkown image
|
page readonly
|
|
|
|
1420DC4B000
|
unkown
|
page read and write
|
|
|
|
19A385F0000
|
unkown image
|
page readonly
|
|
|
|
19A3DD90000
|
unkown
|
page read and write
|
|
|
|
1F10E755000
|
unkown
|
page read and write
|
|
|
|
7DF56E940000
|
unkown image
|
page readonly
|
|
|
|
7DF56E952000
|
unkown image
|
page readonly
|
|
|
|
7FF5E4F96000
|
unkown image
|
page readonly
|
|
|
|
7FF4F95F4000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA847000
|
unkown image
|
page readonly
|
|
|
|
19A3DD30000
|
unkown
|
page read and write
|
|
|
|
1F10E775000
|
unkown
|
page read and write
|
|
|
|
1F10E04B000
|
unkown
|
page read and write
|
|
|
|
7FF54343B000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9310000
|
unkown image
|
page readonly
|
|
|
|
7DF5585C0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2D9000
|
unkown image
|
page readonly
|
|
|
|
615F87F000
|
stack
|
page read and write
|
|
|
|
7FF4F9696000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA82A000
|
unkown image
|
page readonly
|
|
|
|
1F10E0F4000
|
unkown
|
page read and write
|
|
|
|
7FF5E544A000
|
unkown image
|
page readonly
|
|
|
|
1AA1EBE0000
|
unkown image
|
page readonly
|
|
|
|
1F10E04E000
|
unkown
|
page read and write
|
|
|
|
7FF5C5774000
|
unkown image
|
page readonly
|
|
|
|
7DF5FA5E2000
|
unkown image
|
page readonly
|
|
|
|
19A38613000
|
unkown
|
page read and write
|
|
|
|
7FF5E53AD000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA83B000
|
unkown image
|
page readonly
|
|
|
|
1420DC29000
|
unkown
|
page read and write
|
|
|
|
7DF5585A2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB297000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9A2000
|
unkown image
|
page readonly
|
|
|
|
F9B1FF000
|
stack
|
page read and write
|
|
|
|
7FF4F9668000
|
unkown image
|
page readonly
|
|
|
|
F7F667E000
|
stack
|
page read and write
|
|
|
|
1420E0D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C537E000
|
unkown image
|
page readonly
|
|
|
|
1420DC02000
|
unkown
|
page read and write
|
|
|
|
7FF4F9699000
|
unkown image
|
page readonly
|
|
|
|
19A3DE7C000
|
unkown
|
page read and write
|
|
|
|
7FF4FB103000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAE26000
|
unkown image
|
page readonly
|
|
|
|
7FF4F93E6000
|
unkown image
|
page readonly
|
|
|
|
19A3DE1B000
|
unkown
|
page read and write
|
|
|
|
7FF5C586F000
|
unkown image
|
page readonly
|
|
|
|
7DF5103D0000
|
unkown image
|
page readonly
|
|
|
|
19A38691000
|
unkown
|
page read and write
|
|
|
|
C9277F000
|
stack
|
page read and write
|
|
|
|
2CF3CB00000
|
unkown
|
page read and write
|
|
|
|
2CF3CA55000
|
unkown
|
page read and write
|
|
|
|
7FF5C575D000
|
unkown image
|
page readonly
|
|
|
|
7FF54345C000
|
unkown image
|
page readonly
|
|
|
|
7FF5434AD000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2AA000
|
unkown image
|
page readonly
|
|
|
|
19A38F18000
|
unkown
|
page read and write
|
|
|
|
7FF5DA72E000
|
unkown image
|
page readonly
|
|
|
|
615F5F7000
|
stack
|
page read and write
|
|
|
|
19A3DE42000
|
unkown
|
page read and write
|
|
|
|
1AA1EC7D000
|
unkown
|
page read and write
|
|
|
|
1E90159F000
|
unkown
|
page read and write
|
|
|
|
7FF5DA711000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA992000
|
unkown image
|
page readonly
|
|
|
|
1E90159F000
|
unkown
|
page read and write
|
|
|
|
7FF54342E000
|
unkown image
|
page readonly
|
|
|
|
F7F6BFE000
|
stack
|
page read and write
|
|
|
|
7FF5DA72B000
|
unkown image
|
page readonly
|
|
|
|
7FF54341A000
|
unkown image
|
page readonly
|
|
|
|
14A1424A000
|
unkown
|
page read and write
|
|
|
|
F7F63BE000
|
stack
|
page read and write
|
|
|
|
7DF50E790000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9237000
|
unkown image
|
page readonly
|
|
|
|
14A141B0000
|
unkown
|
page read and write
|
|
|
|
CC518FA000
|
stack
|
page read and write
|
|
|
|
7FF5C5425000
|
unkown image
|
page readonly
|
|
|
|
F9AFFB000
|
stack
|
page read and write
|
|
|
|
7FF5E5551000
|
unkown image
|
page readonly
|
|
|
|
1F10DDF0000
|
unkown image
|
page readonly
|
|
|
|
19A3868B000
|
unkown
|
page read and write
|
|
|
|
7FF5DA00D000
|
unkown image
|
page readonly
|
|
|
|
1AA1ED08000
|
unkown
|
page read and write
|
|
|
|
7DF5FA5D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C58FA000
|
unkown image
|
page readonly
|
|
|
|
1420DB80000
|
heap private
|
page read and write
|
|
|
|
615F97D000
|
stack
|
page read and write
|
|
|
|
7FF4F967F000
|
unkown image
|
page readonly
|
|
|
|
19A38F00000
|
unkown
|
page read and write
|
|
|
|
7FF4F9637000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AD000
|
unkown
|
page read and write
|
|
|
|
7FF54341C000
|
unkown image
|
page readonly
|
|
|
|
1420DC8E000
|
unkown
|
page read and write
|
|
|
|
7FF5597FC000
|
unkown image
|
page readonly
|
|
|
|
1420DBC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E54D6000
|
unkown image
|
page readonly
|
|
|
|
7FF5E554A000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5163000
|
unkown image
|
page readonly
|
|
|
|
7DF50E7A0000
|
unkown image
|
page readonly
|
|
|
|
1F10DDD0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA980000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA5A7000
|
unkown image
|
page readonly
|
|
|
|
7FF543521000
|
unkown image
|
page readonly
|
|
|
|
1F10E084000
|
unkown
|
page read and write
|
|
|
|
7FF4FAFD7000
|
unkown image
|
page readonly
|
|
|
|
1E901530000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA8A000
|
unkown
|
page read and write
|
|
|
|
2CF3C9F0000
|
unkown
|
page read and write
|
|
|
|
7DF5EF9C0000
|
unkown image
|
page readonly
|
|
|
|
F7F6AFF000
|
stack
|
page read and write
|
|
|
|
19A3DE00000
|
unkown
|
page read and write
|
|
|
|
1E90159F000
|
unkown
|
page read and write
|
|
|
|
7FF4F962B000
|
unkown image
|
page readonly
|
|
|
|
14A1424B000
|
unkown
|
page read and write
|
|
|
|
7FF4FB15E000
|
unkown image
|
page readonly
|
|
|
|
7FF55983E000
|
unkown image
|
page readonly
|
|
|
|
615F6FF000
|
stack
|
page read and write
|
|
|
|
7FF5C5718000
|
unkown image
|
page readonly
|
|
|
|
7FF559838000
|
unkown image
|
page readonly
|
|
|
|
F9B2FF000
|
stack
|
page read and write
|
|
|
|
7FF5C5713000
|
unkown image
|
page readonly
|
|
|
|
F7F633B000
|
unkown
|
page read and write
|
|
|
|
7FF4F9711000
|
unkown image
|
page readonly
|
|
|
|
14A14213000
|
unkown
|
page read and write
|
|
|
|
7FF5E548C000
|
unkown image
|
page readonly
|
|
|
|
7FF542FF6000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5661000
|
unkown image
|
page readonly
|
|
|
|
1F10E03C000
|
unkown
|
page read and write
|
|
|
|
1F10E113000
|
unkown
|
page read and write
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
7FF5597FF000
|
unkown image
|
page readonly
|
|
|
|
19A3DE13000
|
unkown
|
page read and write
|
|
|
|
1F10E7A3000
|
unkown
|
page read and write
|
|
|
|
1F10E116000
|
unkown
|
page read and write
|
|
|
|
2D1C67F000
|
stack
|
page read and write
|
|
|
|
1AA1F250000
|
unkown image
|
page readonly
|
|
|
|
2CF3C7D0000
|
unkown image
|
page readonly
|
|
|
|
7DF46C810000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
1E901581000
|
unkown
|
page read and write
|
|
|
|
1F10E79B000
|
unkown
|
page read and write
|
|
|
|
1F10E7AB000
|
unkown
|
page read and write
|
|
|
|
7FF5DA81C000
|
unkown image
|
page readonly
|
|
|
|
2CF3C820000
|
heap default
|
page read and write
|
|
|
|
7FF543522000
|
unkown image
|
page readonly
|
|
|
|
2D1C87E000
|
stack
|
page read and write
|
|
|
|
7DF5DA990000
|
unkown image
|
page readonly
|
|
|
|
7FF5E51D7000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94CF000
|
unkown image
|
page readonly
|
|
|
|
7FF54332E000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA4D000
|
unkown
|
page read and write
|
|
|
|
615FA78000
|
stack
|
page read and write
|
|
|
|
19A3DF00000
|
unkown
|
page read and write
|
|
|
|
1AA1EC6D000
|
unkown
|
page read and write
|
|
|
|
7FF4F961E000
|
unkown image
|
page readonly
|
|
|
|
1AA1EBA0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94CA000
|
unkown image
|
page readonly
|
|
|
|
2CF3CB02000
|
unkown
|
page read and write
|
|
|
|
7FF543484000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA830000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C56BA000
|
unkown image
|
page readonly
|
|
|
|
7DF5585B2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5763000
|
unkown image
|
page readonly
|
|
|
|
F9B37F000
|
stack
|
page read and write
|
|
|
|
7FF4F93DB000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA6F1000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9625000
|
unkown image
|
page readonly
|
|
|
|
19A38E02000
|
unkown
|
page read and write
|
|
|
|
7FF54347A000
|
unkown image
|
page readonly
|
|
|
|
7FF4F95FF000
|
unkown image
|
page readonly
|
|
|
|
1E901570000
|
heap default
|
page read and write
|
|
|
|
7FF5DA867000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9307000
|
unkown image
|
page readonly
|
|
|
|
1F10E763000
|
unkown
|
page read and write
|
|
|
|
7DF5FA5D0000
|
unkown image
|
page readonly
|
|
|
|
7FF543435000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94B5000
|
unkown image
|
page readonly
|
|
|
|
CC5156F000
|
stack
|
page read and write
|
|
|
|
7FF5DA3F6000
|
unkown image
|
page readonly
|
|
|
|
14A14150000
|
unkown image
|
page readonly
|
|
|
|
615F7F8000
|
stack
|
page read and write
|
|
|
|
7FF4F9454000
|
unkown image
|
page readonly
|
|
|
|
14A1423C000
|
unkown
|
page read and write
|
|
|
|
1F10E767000
|
unkown
|
page read and write
|
|
|
|
615F17E000
|
stack
|
page read and write
|
|
|
|
1AA1ED00000
|
unkown
|
page read and write
|
|
|
|
7FF5597DB000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2D6000
|
unkown image
|
page readonly
|
|
|
|
7FF5C53E5000
|
unkown image
|
page readonly
|
|
|
|
19A38D40000
|
unkown
|
page read and write
|
|
|
|
19A38590000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5552000
|
unkown image
|
page readonly
|
|
|
|
19A3DC80000
|
unkown
|
page read and write
|
|
|
|
1F10E0E8000
|
unkown
|
page read and write
|
|
|
|
F7F68FB000
|
stack
|
page read and write
|
|
|
|
7FF4F970A000
|
unkown image
|
page readonly
|
|
|
|
7FF4F8E04000
|
unkown image
|
page readonly
|
|
|
|
7DF56E960000
|
unkown image
|
page readonly
|
|
|
|
2CF3CB13000
|
unkown
|
page read and write
|
|
|
|
7DF5DA9A0000
|
unkown image
|
page readonly
|
|
|
|
19A38658000
|
unkown
|
page read and write
|
|
|
|
7FF5C585A000
|
unkown image
|
page readonly
|
|
|
|
1420DD02000
|
unkown
|
page read and write
|
|
|
|
7FF5C5382000
|
unkown image
|
page readonly
|
|
|
|
19A3DE30000
|
unkown
|
page read and write
|
|
|
|
7FF4F961A000
|
unkown image
|
page readonly
|
|
|
|
1F10E0E5000
|
unkown
|
page read and write
|
|
|
|
1420DD08000
|
unkown
|
page read and write
|
|
|
|
2CF3C7D0000
|
unkown image
|
page readonly
|
|
|
|
1E901595000
|
unkown
|
page read and write
|
|
|
|
1F10E04F000
|
unkown
|
page read and write
|
|
|
|
7FF543281000
|
unkown image
|
page readonly
|
|
|
|
1F10E056000
|
unkown
|
page read and write
|
|
|
|
1AA1EED0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F92FA000
|
unkown image
|
page readonly
|
|
|
|
19A38673000
|
unkown
|
page read and write
|
|
|
|
1CF10FB000
|
stack
|
page read and write
|
|
|
|
1F10E0BC000
|
unkown
|
page read and write
|
|
|
|
7FF5E5303000
|
unkown image
|
page readonly
|
|
|
|
7FF4F960C000
|
unkown image
|
page readonly
|
|
|
|
F9B27F000
|
stack
|
page read and write
|
|
|
|
19A3F000000
|
unkown
|
page read and write
|
|
|
|
7FF5598C2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5644000
|
unkown image
|
page readonly
|
|
|
|
1420DC70000
|
unkown
|
page read and write
|
|
|
|
7FF4F9235000
|
unkown image
|
page readonly
|
|
|
|
F9ACFA000
|
stack
|
page read and write
|
|
|
|
7FF4F93FF000
|
unkown image
|
page readonly
|
|
|
|
7FF5E544C000
|
unkown image
|
page readonly
|
|
|
|
1F10E78A000
|
unkown
|
page read and write
|
|
|
|
7FF4FB28F000
|
unkown image
|
page readonly
|
|
|
|
7FF4F92A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5585B0000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
7DF56E942000
|
unkown image
|
page readonly
|
|
|
|
7FF5598BA000
|
unkown image
|
page readonly
|
|
|
|
7FF5C587E000
|
unkown image
|
page readonly
|
|
|
|
7FF5E545A000
|
unkown image
|
page readonly
|
|
|
|
F9AAF7000
|
stack
|
page read and write
|
|
|
|
1420DD00000
|
unkown
|
page read and write
|
|
|
|
1AA1F330000
|
unkown
|
page read and write
|
|
|
|
7FF4F8DF2000
|
unkown image
|
page readonly
|
|
|
|
1F10E08A000
|
unkown
|
page read and write
|
|
|
|
19A39510000
|
unkown image
|
page read and write
|
|
|
|
1F10E7AF000
|
unkown
|
page read and write
|
|
|
|
7FF543467000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA982000
|
unkown image
|
page readonly
|
|
|
|
1F10E04D000
|
unkown
|
page read and write
|
|
|
|
19A39400000
|
unkown
|
page read and write
|
|
|
|
19A3DC84000
|
unkown
|
page read and write
|
|
|
|
1F10E0B0000
|
unkown
|
page read and write
|
|
|
|
1AA1EC51000
|
unkown
|
page read and write
|
|
|
|
1AA1ED02000
|
unkown
|
page read and write
|
|
|
|
14A14120000
|
heap private
|
page read and write
|
|
|
|
1F10E769000
|
unkown
|
page read and write
|
|
|
|
1AA1EC02000
|
unkown
|
page read and write
|
|
|
|
C922FB000
|
stack
|
page read and write
|
|
|
|
7FF4F93F8000
|
unkown image
|
page readonly
|
|
|
|
1420DBF0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9688000
|
unkown image
|
page readonly
|
|
|
|
19A38C50000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA50000
|
unkown
|
page read and write
|
|
|
|
19A3DC80000
|
unkown
|
page read and write
|
|
|
|
19A3868D000
|
unkown
|
page read and write
|
|
|
|
F9ADFE000
|
stack
|
page read and write
|
|
|
|
7FF543394000
|
unkown image
|
page readonly
|
|
|
|
14A14290000
|
unkown
|
page read and write
|
|
|
|
1F10EB40000
|
unkown image
|
page write copy
|
|
|
|
7FF4FB0B1000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2BF000
|
unkown image
|
page readonly
|
|
|
|
19A3DDA0000
|
unkown
|
page read and write
|
|
|
|
7FF559123000
|
unkown image
|
page readonly
|
|
|
|
1E9014A0000
|
unkown image
|
page readonly
|
|
|
|
1F10DDD0000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9A0000
|
unkown image
|
page readonly
|
|
|
|
19A38600000
|
unkown
|
page read and write
|
|
|
|
7FF5E5026000
|
unkown image
|
page readonly
|
|
|
|
7FF5E54A4000
|
unkown image
|
page readonly
|
|
|
|
19A3DB40000
|
unkown
|
page read and write
|
|
|
|
7DF5FA5E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C57DF000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9664000
|
unkown image
|
page readonly
|
|
|
|
2CF3CB08000
|
unkown
|
page read and write
|
|
|
|
19A3DC44000
|
unkown
|
page read and write
|
|
|
|
19A3DD60000
|
unkown
|
page read and write
|
|
|
|
1420DB90000
|
unkown image
|
page readonly
|
|
|
|
19A385B0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB351000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5610000
|
unkown image
|
page readonly
|
|
|
|
1F10E200000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5465000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAE20000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AA000
|
unkown
|
page read and write
|
|
|
|
19A3DDB0000
|
unkown
|
page read and write
|
|
|
|
7FF4F958C000
|
unkown image
|
page readonly
|
|
|
|
7FF55981A000
|
unkown image
|
page readonly
|
|
|
|
1420DED0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB28C000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FED000
|
unkown image
|
page readonly
|
|
|
|
1AA1EC29000
|
unkown
|
page read and write
|
|
|
|
1F10E769000
|
unkown
|
page read and write
|
|
|
|
7FF5C52EE000
|
unkown image
|
page readonly
|
|
|
|
1F10ED63000
|
unkown
|
page read and write
|
|
|
|
19A3DDA0000
|
unkown
|
page read and write
|
|
|
|
615F07C000
|
unkown
|
page read and write
|
|
|
|
7FF5C580A000
|
unkown image
|
page readonly
|
|
|
|
1F10ED63000
|
unkown
|
page read and write
|
|
|
|
7FF543498000
|
unkown image
|
page readonly
|
|
|
|
19A396D0000
|
unkown image
|
page readonly
|
|
|
|
19A386FD000
|
unkown
|
page read and write
|
|
|
|
C9267D000
|
stack
|
page read and write
|
|
|
|
19A3DC40000
|
unkown
|
page read and write
|
|
|
|
7FF55982E000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9461000
|
unkown image
|
page readonly
|
|
|
|
1420E402000
|
unkown
|
page read and write
|
|
|
|
1AA1EB60000
|
unkown image
|
page read and write
|
|
|
|
CC519FC000
|
stack
|
page read and write
|
|
|
|
14A144D0000
|
unkown image
|
page readonly
|
|
|
|
1F10E400000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
19A3DB30000
|
unkown
|
page read and write
|
|
|
|
CC5197E000
|
stack
|
page read and write
|
|
|
|
7DF5FA5D0000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
7FF4F941F000
|
unkown image
|
page readonly
|
|
|
|
7DF5585C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5847000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AA000
|
unkown
|
page read and write
|
|
|
|
14A14160000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA87A000
|
unkown image
|
page readonly
|
|
|
|
19A38F18000
|
unkown
|
page read and write
|
|
|
|
1F10E759000
|
unkown
|
page read and write
|
|
|
|
7FF4FB34A000
|
unkown image
|
page readonly
|
|
|
|
19A3DC60000
|
unkown
|
page read and write
|
|
|
|
19A38641000
|
unkown
|
page read and write
|
|
|
|
14A14300000
|
unkown
|
page read and write
|
|
|
|
7FF5DA91A000
|
unkown image
|
page readonly
|
|
|
|
7DF5585B2000
|
unkown image
|
page readonly
|
|
|
|
19A3DC70000
|
unkown
|
page read and write
|
|
|
|
7FF4F8F6E000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA898000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAF08000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA3C000
|
unkown
|
page read and write
|
|
|
|
1420E250000
|
unkown image
|
page readonly
|
|
|
|
19A3DD50000
|
unkown
|
page read and write
|
|
|
|
CC514EA000
|
unkown
|
page read and write
|
|
|
|
1F10E75B000
|
unkown
|
page read and write
|
|
|
|
2CF3CA70000
|
unkown
|
page read and write
|
|
|
|
7FF5E52B1000
|
unkown image
|
page readonly
|
|
|
|
1AA1EB80000
|
unkown image
|
page readonly
|
|
|
|
7DF5103D0000
|
unkown image
|
page readonly
|
|
|
|
1F10E052000
|
unkown
|
page read and write
|
|
|
|
7DF5103F0000
|
unkown image
|
page readonly
|
|
|
|
19A388D0000
|
unkown image
|
page readonly
|
|
|
|
1AA1EB70000
|
heap private
|
page read and write
|
|
|
|
2D1C3FB000
|
stack
|
page read and write
|
|
|
|
14A14308000
|
unkown
|
page read and write
|
|
|
|
1F10EC6A000
|
unkown
|
page read and write
|
|
|
|
7FF4F9657000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA835000
|
unkown image
|
page readonly
|
|
|
|
19A3DC64000
|
unkown
|
page read and write
|
|
|
|
1F10E055000
|
unkown
|
page read and write
|
|
|
|
1F10E713000
|
unkown
|
page read and write
|
|
|
|
7FF4F9276000
|
unkown image
|
page readonly
|
|
|
|
1AA1EB80000
|
unkown image
|
page readonly
|
|
|
|
7FF54349E000
|
unkown image
|
page readonly
|
|
|
|
14A14257000
|
unkown
|
page read and write
|
|
|
|
1F10E0C3000
|
unkown
|
page read and write
|
|
|
|
19A38713000
|
unkown
|
page read and write
|
|
|
|
7FF4FB2DD000
|
unkown image
|
page readonly
|
|
|
|
F9A7FE000
|
stack
|
page read and write
|
|
|
|
19A385C0000
|
unkown image
|
page readonly
|
|
|
|
7FF559808000
|
unkown image
|
page readonly
|
|
|
|
19A39A71000
|
unkown
|
page read and write
|
|
|
|
7FF5E53C4000
|
unkown image
|
page readonly
|
|
|
|
1CF13FC000
|
stack
|
page read and write
|
|
|
|
1F10DF00000
|
unkown image
|
page readonly
|
|
|
|
1F10E0A6000
|
unkown
|
page read and write
|
|
|
|
7FF4FB260000
|
unkown image
|
page readonly
|
|
|
|
1420DC4D000
|
unkown
|
page read and write
|
|
|
|
7FF5C5902000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94C5000
|
unkown image
|
page readonly
|
|
|
|
7FF5C57B0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F960A000
|
unkown image
|
page readonly
|
|
|
|
19A38629000
|
unkown
|
page read and write
|
|
|
|
C9207E000
|
stack
|
page read and write
|
|
|
|
14A14190000
|
unkown image
|
page readonly
|
|
|
|
7FF54348F000
|
unkown image
|
page readonly
|
|
|
|
2CF3C7F0000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA00000
|
unkown
|
page read and write
|
|
|
|
14A14200000
|
unkown
|
page read and write
|
|
|
|
1F10E7AF000
|
unkown
|
page read and write
|
|
|
|
7FF5E545E000
|
unkown image
|
page readonly
|
|
|
|
C9257F000
|
stack
|
page read and write
|
|
|
|
1CF0EFD000
|
stack
|
page read and write
|
|
|
|
1F10E7CD000
|
unkown
|
page read and write
|
|
|
|
1AA1EC88000
|
unkown
|
page read and write
|
|
|
|
19A3F010000
|
unkown
|
page read and write
|
|
|
|
2CF3CA4A000
|
unkown
|
page read and write
|
|
|
|
14A14130000
|
unkown image
|
page readonly
|
|
|
|
1420DC81000
|
unkown
|
page read and write
|
|
|
|
14A14110000
|
unkown image
|
page read and write
|
|
|
|
7FF4FB24C000
|
unkown image
|
page readonly
|
|
|
|
615FB7F000
|
stack
|
page read and write
|
|
|
|
F7F677B000
|
stack
|
page read and write
|
|
|
|
1AA1EC3C000
|
unkown
|
page read and write
|
|
|
|
7FF4F92B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5E535B000
|
unkown image
|
page readonly
|
|
|
|
7DF50E792000
|
unkown image
|
page readonly
|
|
|
|
2CF3CC00000
|
unkown image
|
page readonly
|
|
|
|
14A14850000
|
unkown image
|
page readonly
|
|
|
|
1F10E0E3000
|
unkown
|
page read and write
|
|
|
|
19A3DE98000
|
unkown
|
page read and write
|
|
|
|
7FF5E54DD000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB1AD000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA8AD000
|
unkown image
|
page readonly
|
|
|
|
2CF3D002000
|
unkown
|
page read and write
|
|
|
|
14A1426E000
|
unkown
|
page read and write
|
|
|
|
1420DC49000
|
unkown
|
page read and write
|
|
|
|
7FF5DA794000
|
unkown image
|
page readonly
|
|
|
|
19A3DE24000
|
unkown
|
page read and write
|
|
|
|
7FF5E548F000
|
unkown image
|
page readonly
|
|
|
|
19A38570000
|
unkown image
|
page read and write
|
|
|
|
1F10E0DE000
|
unkown
|
page read and write
|
|
|
|
1420DC27000
|
unkown
|
page read and write
|
|
|
|
1F10E5F0000
|
unkown
|
page read and write
|
|
|
|
7DF4ED870000
|
unkown image
|
page readonly
|
|
|
|
7FF542FF0000
|
unkown image
|
page readonly
|
|
|
|
1AA1ED13000
|
unkown
|
page read and write
|
|
|
|
7DF56E950000
|
unkown image
|
page readonly
|
|
|
|
1F10E775000
|
unkown
|
page read and write
|
|
|
|
1F10E775000
|
unkown
|
page read and write
|
|
|
|
CC515EF000
|
stack
|
page read and write
|
|
|
|
19A385E0000
|
heap default
|
page read and write
|
|
|
|
7FF4FB2B4000
|
unkown image
|
page readonly
|
|
|
|
19A3DE4F000
|
unkown
|
page read and write
|
|
|
|
14A14258000
|
unkown
|
page read and write
|
|
|
|
14A1424E000
|
unkown
|
page read and write
|
|
|
|
7FF5C55D6000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
1F10E058000
|
unkown
|
page read and write
|
|
|
|
1F10E75C000
|
unkown
|
page read and write
|
|
|
|
7DF5585A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA79C000
|
unkown image
|
page readonly
|
|
|
|
7FF5C570B000
|
unkown image
|
page readonly
|
|
|
|
1F10E000000
|
unkown
|
page read and write
|
|
|
|
1F10E049000
|
unkown
|
page read and write
|
|
|
|
1F10E102000
|
unkown
|
page read and write
|
|
|
|
19A38F13000
|
unkown
|
page read and write
|
|
|
|
7DF4D8850000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB25A000
|
unkown image
|
page readonly
|
|
|
|
19A3DD70000
|
unkown
|
page read and write
|
|
|
|
1420DBB0000
|
unkown image
|
page readonly
|
|
|
|
14A14313000
|
unkown
|
page read and write
|
|
|
|
F9AEFB000
|
stack
|
page read and write
|
|
|
|
1F10E5F0000
|
unkown
|
page read and write
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
19A38F59000
|
unkown
|
page read and write
|
|
|
|
7FF5597D5000
|
unkown image
|
page readonly
|
|
|
|
2CF3CF80000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9B0000
|
unkown image
|
page readonly
|
|
|
|
7FF559127000
|
unkown image
|
page readonly
|
|
|
|
19A39720000
|
unkown image
|
page readonly
|
|
|
|
7FF5C56B3000
|
unkown image
|
page readonly
|
|
|
|
7FF5C53D0000
|
unkown image
|
page readonly
|
|
|
|
1E901480000
|
unkown image
|
page read and write
|
|
|
|
7FF4F8EB5000
|
unkown image
|
page readonly
|
|
|
|
7DF5103E0000
|
unkown image
|
page readonly
|
|
|
|
19A396F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5035000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB24A000
|
unkown image
|
page readonly
|
|
|
|
1F10E7A6000
|
unkown
|
page read and write
|
|
|
|
7FF5DA681000
|
unkown image
|
page readonly
|
|
|
|
7FF543474000
|
unkown image
|
page readonly
|
|
|
|
615F4F7000
|
stack
|
page read and write
|
|
|
|
7DF5585B0000
|
unkown image
|
page readonly
|
|
|
|
19A3DDA0000
|
unkown
|
page read and write
|
|
|
|
7FF4FB121000
|
unkown image
|
page readonly
|
|
|
|
14A14252000
|
unkown
|
page read and write
|
|
|
|
7FF5C580E000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2C8000
|
unkown image
|
page readonly
|
|
|
|
1420DBE0000
|
heap default
|
page read and write
|
|
|
|
1F10E746000
|
unkown
|
page read and write
|
|
|
|
7FF4FAE35000
|
unkown image
|
page readonly
|
|
|
|
1F10E7A9000
|
unkown
|
page read and write
|
|
|
|
1420DB90000
|
unkown image
|
page readonly
|
|
|
|
1F10E050000
|
unkown
|
page read and write
|
|
|
|
7FF5598B4000
|
unkown image
|
page readonly
|
|
|
|
C91DFB000
|
unkown
|
page read and write
|
|
|
|
19A39700000
|
unkown image
|
page readonly
|
|
|
|
7DF5585A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9456000
|
unkown image
|
page readonly
|
|
|
|
7FF5E4C3D000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
1F10E7A3000
|
unkown
|
page read and write
|
|
|
|
7DF5103E2000
|
unkown image
|
page readonly
|
|
|
|
1F10E76A000
|
unkown
|
page read and write
|
|
|
|
7FF5C57FA000
|
unkown image
|
page readonly
|
|
|
|
1F10E744000
|
unkown
|
page read and write
|
|
|
|
14A14180000
|
heap default
|
page read and write
|
|
|
|
F9ABFA000
|
stack
|
page read and write
|
|
|
|
7DF50E7A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F930A000
|
unkown image
|
page readonly
|
|
|
|
1E9014C0000
|
unkown image
|
page readonly
|
|
|
|
F9B17F000
|
stack
|
page read and write
|
|
|
|
14A14A02000
|
unkown
|
page read and write
|
|
|
|
1F10E71D000
|
unkown
|
page read and write
|
|
|
|
7FF5C57C3000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5815000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA29000
|
unkown
|
page read and write
|
|
|
|
7FF4F9620000
|
unkown image
|
page readonly
|
|
|
|
F7F67FE000
|
stack
|
page read and write
|
|
|
|
7FF5DA366000
|
unkown image
|
page readonly
|
|
|
|
CC51879000
|
stack
|
page read and write
|
|
|
|
7FF5C5827000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5901000
|
unkown image
|
page readonly
|
|
|
|
7FF5C57E4000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AA000
|
unkown
|
page read and write
|
|
|
|
7FF5DA884000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9B2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAA3D000
|
unkown image
|
page readonly
|
|
|
|
7FF5E535E000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA88F000
|
unkown image
|
page readonly
|
|
|
|
1420E340000
|
unkown
|
page read and write
|
|
|
|
7FF4F956D000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA13000
|
unkown
|
page read and write
|
|
|
|
7FF5DA82E000
|
unkown image
|
page readonly
|
|
|
|
7FF4F95E3000
|
unkown image
|
page readonly
|
|
|
|
7FF5E53CC000
|
unkown image
|
page readonly
|
|
|
|
7DF56E952000
|
unkown image
|
page readonly
|
|
|
|
1420DB70000
|
unkown image
|
page read and write
|
|
|
|
2CF3CE00000
|
unkown image
|
page readonly
|
|
|
|
7FF5597D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F968E000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94B2000
|
unkown image
|
page readonly
|
|
|
|
1F10E75F000
|
unkown
|
page read and write
|
|
|
|
19A38C60000
|
unkown image
|
page readonly
|
|
|
|
7FF5C58F4000
|
unkown image
|
page readonly
|
|
|
|
7DF5103E0000
|
unkown image
|
page readonly
|
|
|
|
1E901500000
|
unkown
|
page read and write
|
|
|
|
7FF5C55CB000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA81A000
|
unkown image
|
page readonly
|
|
|
|
19A38AD0000
|
unkown image
|
page readonly
|
|
|
|
1F10E7AF000
|
unkown
|
page read and write
|
|
|
|
7FF5598C1000
|
unkown image
|
page readonly
|
|
|
|
1F10E580000
|
unkown image
|
page readonly
|
|
|
|
7DF50E790000
|
unkown image
|
page readonly
|
|
|
|
19A38D50000
|
unkown image
|
page read and write
|
|
|
|
1F10E0A8000
|
unkown
|
page read and write
|
|
|
|
7DF40C660000
|
unkown image
|
page readonly
|
|
|
|
19A3DAE0000
|
unkown
|
page read and write
|
|
|
|
7FF4F9712000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA874000
|
unkown image
|
page readonly
|
|
|
|
2D1BEBC000
|
unkown
|
page read and write
|
|
|
|
7FF5E54B4000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5372000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5460000
|
unkown image
|
page readonly
|
|
|
|
19A395F0000
|
unkown
|
page read and write
|
|
|
|
14A14130000
|
unkown image
|
page readonly
|
|
|
|
14A14279000
|
unkown
|
page read and write
|
|
|
|
7FF5DA6D3000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB25E000
|
unkown image
|
page readonly
|
|
|
|
19A39710000
|
unkown image
|
page readonly
|
|
|
|
7DF5103D2000
|
unkown image
|
page readonly
|
|
|
|
1420DC55000
|
unkown
|
page read and write
|
|
|
|
1AA1F0D0000
|
unkown image
|
page readonly
|
|
|
|
7DF456470000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9471000
|
unkown image
|
page readonly
|
|
|
|
1F10EC02000
|
unkown
|
page read and write
|
|
|
|
7FF4F95DF000
|
unkown image
|
page readonly
|
|
|
|
2D1C577000
|
stack
|
page read and write
|
|
|
|
19A3DAC0000
|
unkown
|
page read and write
|
|
|
|
7FF5C581B000
|
unkown image
|
page readonly
|
|
|
|
1F10E06F000
|
unkown
|
page read and write
|
|
|
|
7FF543447000
|
unkown image
|
page readonly
|
|
|
|
19A39AA0000
|
unkown
|
page read and write
|
|
|
|
1F10DE00000
|
unkown image
|
page readonly
|
|
|
|
14A146D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA783000
|
unkown image
|
page readonly
|
|
|
|
7FF5C583C000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA77D000
|
unkown image
|
page readonly
|
|
|
|
7FF5432F1000
|
unkown image
|
page readonly
|
|
|
|
19A3868F000
|
unkown
|
page read and write
|
|
|
|
19A3DE54000
|
unkown
|
page read and write
|
|
|
|
14A14255000
|
unkown
|
page read and write
|
|
|
|
7FF4F9411000
|
unkown image
|
page readonly
|
|
|
|
1F10E602000
|
unkown
|
page read and write
|
|
|
|
1F10DE20000
|
heap default
|
page read and write
|
|
|
|
7FF5E5497000
|
unkown image
|
page readonly
|
|
|
|
7FF54342A000
|
unkown image
|
page readonly
|
|
|
|
14A1424D000
|
unkown
|
page read and write
|
|
|
|
7FF5C57FC000
|
unkown image
|
page readonly
|
|
|
|
19A3DD90000
|
unkown
|
page read and write
|
|
|
|
19A396E0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F940B000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9C0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2CE000
|
unkown image
|
page readonly
|
|
|
|
1F10E5F0000
|
unkown
|
page read and write
|
|
|
|
7FF543383000
|
unkown image
|
page readonly
|
|
|
|
7FF5C56F1000
|
unkown image
|
page readonly
|
|
|
|
1AA1EC13000
|
unkown
|
page read and write
|
|
|
|
7DF5DA992000
|
unkown image
|
page readonly
|
|
|
|
19A3DC48000
|
unkown
|
page read and write
|
|
|
|
7FF5DA89E000
|
unkown image
|
page readonly
|
|
|
|
7FF4F95C0000
|
unkown image
|
page readonly
|
|
|
|
19A38679000
|
unkown
|
page read and write
|
|
|
|
1F10E029000
|
unkown
|
page read and write
|
|
|
|
7FF4F95D3000
|
unkown image
|
page readonly
|
|
|
|
19A38702000
|
unkown
|
page read and write
|
|
|
|
19A3DAA0000
|
unkown
|
page read and write
|
|
|
|
7FF559849000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA8A9000
|
unkown image
|
page readonly
|
|
|
|
2D1BF3E000
|
stack
|
page read and write
|
|
|
|
14A14302000
|
unkown
|
page read and write
|
|
|
|
1E901540000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5646000
|
unkown image
|
page readonly
|
|
|
|
1F10E5B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA980000
|
unkown image
|
page readonly
|
|
|
|
1E901800000
|
heap private
|
page read and write
|
|
|
|
7FF543514000
|
unkown image
|
page readonly
|
|
|
|
1E901810000
|
unkown image
|
page readonly
|
|
|
|
C92477000
|
stack
|
page read and write
|
|
|
|
7DF56E960000
|
unkown image
|
page readonly
|
|
|
|
1F10DFF0000
|
unkown
|
page read and write
|
|
|
|
19A3DD10000
|
unkown
|
page read and write
|
|
|
|
7FF4F8EA4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F9566000
|
unkown image
|
page readonly
|
|
|
|
7FF54345F000
|
unkown image
|
page readonly
|
|
|
|
7FF4F94E1000
|
unkown image
|
page readonly
|
|
|
|
1F10E770000
|
unkown
|
page read and write
|
|
|
|
14A14284000
|
unkown
|
page read and write
|
|
|
|
7FF5C57EF000
|
unkown image
|
page readonly
|
|
|
|
1F10E013000
|
unkown
|
page read and write
|
|
|
|
7DF56E950000
|
unkown image
|
page readonly
|
|
|
|
7DF50E7A2000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FB2A4000
|
unkown image
|
page readonly
|
|
|
|
7DF5DA982000
|
unkown image
|
page readonly
|
|
|
|
2CF3CA7F000
|
unkown
|
page read and write
|
|
|
|
2CF3C800000
|
unkown image
|
page readonly
|
|
|
|
7FF5431A7000
|
unkown image
|
page readonly
|
|
|
|
1F10ED02000
|
unkown
|
page read and write
|
|
|
|
1F10EC6A000
|
unkown
|
page read and write
|
|
|
|
1AA1EBB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA8A6000
|
unkown image
|
page readonly
|
|
|
|
1F10E78A000
|
unkown
|
page read and write
|
|
|
|
1AA1EC00000
|
unkown
|
page read and write
|
|
|
|
7FF5E54C8000
|
unkown image
|
page readonly
|
|
|
|
7FF5E546B000
|
unkown image
|
page readonly
|
|
|
|
7DF5EF9B2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5889000
|
unkown image
|
page readonly
|
|
|
|
1AA1EC4B000
|
unkown
|
page read and write
|
|
|
|
7DF5DA990000
|
unkown image
|
page readonly
|
|
|
|
19A3DC40000
|
unkown
|
page read and write
|
|
|
|
7FF5C5878000
|
unkown image
|
page readonly
|
|
|
|
7FF5DA921000
|
unkown image
|
page readonly
|
|
|
|
19A38E00000
|
unkown
|
page read and write
|
|
|
|
7FF5C5167000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5020000
|
unkown image
|
page readonly
|
|
|
|
7FF5E5321000
|
unkown image
|
page readonly
|
|
|
|
7DF5FA5E2000
|
unkown image
|
page readonly
|
|
|
|
7DF5FA5E0000
|
unkown image
|
page readonly
|
|
|
|
19A3DC41000
|
unkown
|
page read and write
|
|
|
|
1CF0E7E000
|
stack
|
page read and write
|
|
|
|
1CF12FE000
|
stack
|
page read and write
|
|
|
|
2D1BFBE000
|
stack
|
page read and write
|
|
|
|
1E901586000
|
heap default
|
page read and write
|
|
|
|
7FF54332B000
|
unkown image
|
page readonly
|
|
|
|
7DF50E792000
|
unkown image
|
page readonly
|
|
There are 822 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/Change%20Order%20-%20Draw%20%233%20.htm
|
|