IOC Report

loading gif

Files

File Path
Type
Category
Malicious
Employee payment plan.HTM
HTML document, ASCII text, with very long lines, with no line terminators
initial sample
 malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\194b37f1-95c9-42d1-b72b-8f84c77defcd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3c7f7109-fd1c-4514-90dc-06ecd4c40f00.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\6623c62c-a198-4c22-bf02-c3249a33eeb3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\90fa6001-8e75-4879-850e-884e2c6fdaab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\026cdf18-dc89-4c6c-84a1-7b27530fe80a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2931b6f9-885d-41b1-8a3a-83f76ee85c2c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3f7a494a-2550-4a7c-a863-c4abd2a9292b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\473f0287-1eca-415b-94f3-959bc7c2cc84.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\47e6171d-0262-4a17-a553-6b6240230457.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4e7acba8-3c84-484d-b2ba-a485ca750deb.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\576d974d-f342-4466-a50a-62097864d4f0.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\703f1c6c-b9d8-4b4d-b7ed-5780039785b6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9035242e-434b-466c-9111-03eed9439c20.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\916ae8c9-6f56-456f-b811-ca6af0593f27.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\970bb2fb-9d9d-45ef-8fa1-8cdab4bb2b74.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\975e8ffc-962d-4b9a-a22f-f7976be2f9af.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldnb (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.E (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldE (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000001.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT1m (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001
PGP\011Secret Key -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessiona (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent Stater- (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldrf (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesn (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesp (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.E (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferenceson (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\5c30c054-d6d0-4d3d-a5b3-948ac7fbba7b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent Statemp (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.c (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old8c (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\e79c57c8-c58f-4207-b328-ead03d51d29e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldba (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a1bfd479-c6af-49a5-9b0b-653f68dcfe48.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a922b664-1cfa-4928-b110-49dbccd23324.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd8d737f-f86a-48fd-a3c2-a11137c7d4d6.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d205ae8a-fc19-4429-b771-4c34c6de1df9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\db8de09c-c54a-4f6d-b657-8d9f42ecc8f9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e283f933-a51d-46ef-9017-5736a4d87b8c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\edeb42de-6795-4ed4-af44-e941f8fe9c1d.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f0002b0f-6c20-4c9d-bb10-4e92c571cb75.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache.T (copy)
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheMP (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\ (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5608_2126881500\Ruleset Data
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b04b8f52-c55c-4411-8af2-90143dc1083f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b16ab5a5-4b4f-4126-a395-aecf915e0c13.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d05fa0b1-e83b-4716-9084-600bd6e362a4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d553ac04-70b0-45a7-b1db-ac766b4740f4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d70c30d8-deb5-44d4-8aee-ea45591925ad.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\e6be5aac-a0cd-41c9-9535-7f5674317014.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\e6ea5fcb-acff-462c-b48a-66e662e324a2.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\e9cb70ca-694d-459d-9897-915f7cb528b2.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\3a462a1f-8548-4b72-836d-825d10e6ba25.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1135409741\Filtering Rules
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1135409741\LICENSE.txt
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1135409741\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1135409741\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1135409741\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_1239255490\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_183191532\LICENSE
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_183191532\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_183191532\crl-set
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_183191532\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_183191532\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_729153652\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_729153652\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\5608_729153652\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\a29d67ea-c730-4e06-aad8-70c4f71ee604.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\b2c14a94-bc63-4350-8ef8-0471c0cec911.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\c2ae2d1d-025f-4e74-a094-43ac3c8e8783.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_2032851413\b2c14a94-bc63-4350-8ef8-0471c0cec911.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\3a462a1f-8548-4b72-836d-825d10e6ba25.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir5608_39744133\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
There are 276 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\Employee payment plan.HTM
clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1540,11108747202742976980,3893295354224505846,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
clean

URLs

Name
IP
Malicious
https://a-tk7.online/main/
malicious
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LfeNDgdAAAAAKfVUcAG
unknown
 clean
http://crl.pki.goog/gsr1/gsr1.crl0;
unknown
 clean
https://a-tk7.online/main/D
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.10.207
 clean
https://play.google.com
unknown
 clean
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeNDgdAAAAAKfVUcAGxh9ZR8-4RaKLBW_I3caW&co=aHR0
unknown
 clean
https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://a-tk7.online/favicon.ico
23.95.214.111
 clean
https://easylist.to/)
unknown
 clean
https://csp.withgoogle.com/csp/report-to/apps-themes
unknown
 clean
https://csp.withgoogle.com/csp/recaptcha
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl0
unknown
 clean
https://creativecommons.org/compatiblelicenses
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.203.97
 clean
http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
unknown
 clean
http://pki.goog/repo/certs/gtsr1.der04
unknown
 clean
https://www.google.com
unknown
 clean
https://csp.withgoogle.com/csp/apps-themescross-origin-resource-policy:cross-origincross-origin-open
unknown
 clean
https://a-tk7.online/?e=rmcgillivray
unknown
 clean
https://github.com/easylist)
unknown
 clean
https://a-tk7.online/main/
23.95.214.111
 clean
https://creativecommons.org/.
unknown
 clean
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP
unknown
 clean
https://a-tk7.online/main2
unknown
 clean
https://a-tk7.onlineh
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://www.google.com/recaptcha/api.js
172.217.168.68
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://a-tk7.online
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
http://angularjs.org
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://www.google.com/recaptcha/api2/
unknown
 clean
https://www.google.com/recaptcha/api2/payload?p=06AGdBq27PixVdr1DhkCCeLGQskrTCrFvMD40ZKJfg9Q1g7c6Dgy
unknown
 clean
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LfeNDgdAAAAAKfVUcAGxh9ZR8-4RaKLBW_I3caW
clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://a-tk7.online/main
23.95.214.111
 clean
https://csp.withgoogle.com/csp/recaptchacross-origin-resource-policy:cross-origincross-origin-opener
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://csp.withgoogle.com/csp/report-to/recaptchaX
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
http://pki.goog/repo/certs/gts1c3.der0M
unknown
 clean
https://clients2.google.com
unknown
 clean
https://csp.withgoogle.com/csp/recaptchaCross-Origin-Resource-Policy:
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://csp.withgoogle.com/csp/report-to/recaptcha_
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.cssFs&
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
http://crl.pki.goog/gtsr1/gtsr1.crl0W
unknown
 clean
https://a-tk7.online/main2:
unknown
 clean
http://pki.goog/gsr1/gsr1.crt02
unknown
 clean
https://a-tk7.online/?e=rmcgillivray@ardaman.com
23.95.214.111
 clean
https://pki.goog/repository/0
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
 clean
http://llvm.org/):
unknown
 clean
https://csp.withgoogle.com/csp/report-to/recaptcha
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://a-tk7.online/main/2
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
https://a-tk7.online/main/main.php
unknown
 clean
https://a-tk7.online/main/2:
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://csp.withgoogle.com/csp/apps-themes
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
https://clients6.google.com
unknown
 clean
http://pki.goog/repo/certs/gts1c3.der0
unknown
 clean
There are 85 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
stackpath.bootstrapcdn.com
104.18.10.207
 clean
gstaticadssl.l.google.com
172.217.168.67
 clean
a-tk7.online
23.95.214.111
 clean
accounts.google.com
172.217.168.45
 clean
www.google.com
172.217.168.68
 clean
clients.l.google.com
142.250.203.110
 clean
googlehosted.l.googleusercontent.com
142.250.203.97
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
104.18.10.207
stackpath.bootstrapcdn.com
United States
clean
23.95.214.111
a-tk7.online
United States
clean
142.250.203.110
clients.l.google.com
United States
clean
192.168.2.5
unknown
unknown
clean
172.217.168.68
www.google.com
United States
clean
172.217.168.45
accounts.google.com
United States
clean
192.168.2.30
unknown
unknown
clean
142.250.203.97
googlehosted.l.googleusercontent.com
United States
clean
239.255.255.250
unknown
Reserved
clean
127.0.0.1
unknown
unknown
clean
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
28145F7E000
unkown
page read and write
 clean
1D4C8E4F000
unkown
page read and write
 clean
28146402000
unkown
page read and write
 clean
7DF42CA30000
unkown image
page readonly
 clean
7FF5047E4000
unkown image
page readonly
 clean
7FF50448A000
unkown image
page readonly
 clean
7FF504901000
unkown image
page readonly
 clean
2868E900000
unkown
page read and write
 clean
1F74DFD0000
unkown
page read and write
 clean
1F74D829000
unkown
page read and write
 clean
1F74DFF0000
unkown
page read and write
 clean
23E6FC00000
unkown image
page readonly
 clean
F4226FE000
stack
page read and write
 clean
55F34F7000
stack
page read and write
 clean
28146402000
unkown
page read and write
 clean
1F74D730000
unkown image
page readonly
 clean
28145F85000
unkown
page read and write
 clean
1F74E118000
unkown
page read and write
 clean
7FF519A66000
unkown image
page readonly
 clean
28145654000
unkown
page read and write
 clean
2868E880000
unkown image
page readonly
 clean
7DF5E5332000
unkown image
page readonly
 clean
7FF4EB412000
unkown image
page readonly
 clean
1F74E7C0000
unkown image
page readonly
 clean
28145F94000
unkown
page read and write
 clean
7FF4EB8B0000
unkown image
page readonly
 clean
281455D0000
unkown
page read and write
 clean
1D4C9200000
unkown image
page readonly
 clean
28145FA1000
unkown
page read and write
 clean
1D4C8E29000
unkown
page read and write
 clean
7FF5D02A2000
unkown image
page readonly
 clean
F42287E000
stack
page read and write
 clean
7FF4EB8C7000
unkown image
page readonly
 clean
28145F8C000
unkown
page read and write
 clean
1D4C8E50000
unkown
page read and write
 clean
23E6F800000
heap private
page read and write
 clean
23E6F840000
unkown image
page readonly
 clean
28145F5B000
unkown
page read and write
 clean
28145F65000
unkown
page read and write
 clean
1F74E810000
unkown image
page readonly
 clean
7FF5199F5000
unkown image
page readonly
 clean
7FF4EB81C000
unkown image
page readonly
 clean
7FF5D01E7000
unkown image
page readonly
 clean
1F753010000
unkown
page read and write
 clean
1F74E118000
unkown
page read and write
 clean
28145F5B000
unkown
page read and write
 clean
7DF519990000
unkown image
page readonly
 clean
23E6FA49000
unkown
page read and write
 clean
7DF4E31F0000
unkown image
page readonly
 clean
28145F7E000
unkown
page read and write
 clean
7FF5D0218000
unkown image
page readonly
 clean
7FF50483C000
unkown image
page readonly
 clean
7FF519AE1000
unkown image
page readonly
 clean
7FF4EB91E000
unkown image
page readonly
 clean
7DF5E5322000
unkown image
page readonly
 clean
7FF5199F0000
unkown image
page readonly
 clean
7FF50406D000
unkown image
page readonly
 clean
1F752C7B000
unkown
page read and write
 clean
7FF50477C000
unkown image
page readonly
 clean
2868EBC0000
heap private
page read and write
 clean
7FF4EB929000
unkown image
page readonly
 clean
1F74D800000
unkown
page read and write
 clean
1B4D1400000
unkown
page read and write
 clean
1D4C8E4B000
unkown
page read and write
 clean
23E6FA3C000
unkown
page read and write
 clean
28145F5C000
unkown
page read and write
 clean
7FF5046BF000
unkown image
page readonly
 clean
1F74E002000
unkown
page read and write
 clean
7DF579D70000
unkown image
page readonly
 clean
28145470000
heap private
page read and write
 clean
7DF3FE8F0000
unkown image
page readonly
 clean
7FF4EB753000
unkown image
page readonly
 clean
1D4C8E4E000
unkown
page read and write
 clean
7DF579D80000
unkown image
page readonly
 clean
28145708000
unkown
page read and write
 clean
28145F1D000
unkown
page read and write
 clean
7FF4EB87B000
unkown image
page readonly
 clean
28145F90000
unkown
page read and write
 clean
7FF5199EA000
unkown image
page readonly
 clean
28145647000
unkown
page read and write
 clean
7FF5199FB000
unkown image
page readonly
 clean
28145F90000
unkown
page read and write
 clean
7FF5D01DC000
unkown image
page readonly
 clean
7FF54359E000
unkown image
page readonly
 clean
1F752BF0000
unkown
page read and write
 clean
28145F5C000
unkown
page read and write
 clean
23E6FA7F000
unkown
page read and write
 clean
2868EBD0000
unkown image
page readonly
 clean
28145C80000
unkown image
page write copy
 clean
23E6FE00000
unkown image
page readonly
 clean
1F74D750000
unkown
page read and write
 clean
55F32FC000
stack
page read and write
 clean
281454B0000
unkown image
page readonly
 clean
28145F97000
unkown
page read and write
 clean
1F74E159000
unkown
page read and write
 clean
28145F5E000
unkown
page read and write
 clean
28145F94000
unkown
page read and write
 clean
1B4D1330000
unkown image
page read and write
 clean
1F74D7E0000
unkown
page read and write
 clean
2868E8F7000
unkown
page read and write
 clean
FF24079000
stack
page read and write
 clean
28145FA5000
unkown
page read and write
 clean
1B4D1485000
unkown
page read and write
 clean
7DF500A30000
unkown image
page readonly
 clean
1F753010000
unkown
page read and write
 clean
1B4D13D0000
unkown
page read and write
 clean
1F74E159000
unkown
page read and write
 clean
7FF4EB8BB000
unkown image
page readonly
 clean
7FF4EB8F4000
unkown image
page readonly
 clean
7FF5D01FA000
unkown image
page readonly
 clean
F42257F000
stack
page read and write
 clean
1F74D858000
unkown
page read and write
 clean
23E6F940000
unkown image
page readonly
 clean
7FF5047FA000
unkown image
page readonly
 clean
28145657000
unkown
page read and write
 clean
7FF4EB850000
unkown image
page readonly
 clean
1F74D600000
unkown image
page readonly
 clean
7FF5D019C000
unkown image
page readonly
 clean
7FF4EB4C5000
unkown image
page readonly
 clean
23E6FA53000
unkown
page read and write
 clean
7FF519A1F000
unkown image
page readonly
 clean
1F74E6E0000
unkown
page read and write
 clean
7FF4EB9A2000
unkown image
page readonly
 clean
7FF543411000
unkown image
page readonly
 clean
28145F90000
unkown
page read and write
 clean
7FF5040B9000
unkown image
page readonly
 clean
1B4D1479000
unkown
page read and write
 clean
C52297F000
stack
page read and write
 clean
28145F60000
unkown
page read and write
 clean
7FF5048FA000
unkown image
page readonly
 clean
7FF543621000
unkown image
page readonly
 clean
7FF4EB994000
unkown image
page readonly
 clean
28145600000
unkown
page read and write
 clean
28145613000
unkown
page read and write
 clean
7FF4EB814000
unkown image
page readonly
 clean
7DF5586A2000
unkown image
page readonly
 clean
7FF5047B0000
unkown image
page readonly
 clean
1F74D650000
heap default
page read and write
 clean
1F752BA0000
unkown
page read and write
 clean
1F74D620000
unkown image
page readonly
 clean
1D4C8F08000
unkown
page read and write
 clean
1B4D1413000
unkown
page read and write
 clean
28145F90000
unkown
page read and write
 clean
7FF50487E000
unkown image
page readonly
 clean
7FF4EB8FA000
unkown image
page readonly
 clean
C52247F000
stack
page read and write
 clean
7FF5048F4000
unkown image
page readonly
 clean
1F74D7E3000
unkown
page read and write
 clean
1B4D1508000
unkown
page read and write
 clean
7FF5045D6000
unkown image
page readonly
 clean
28145FA7000
unkown
page read and write
 clean
1F752BE0000
unkown
page read and write
 clean
7FF564C2F000
unkown image
page readonly
 clean
C6B9B3F000
stack
page read and write
 clean
7FF543483000
unkown image
page readonly
 clean
1F74D600000
unkown image
page readonly
 clean
7FF5047FC000
unkown image
page readonly
 clean
1F74E159000
unkown
page read and write
 clean
7DF5E5322000
unkown image
page readonly
 clean
28145480000
unkown image
page readonly
 clean
7FF519ADA000
unkown image
page readonly
 clean
7FF4EB676000
unkown image
page readonly
 clean
7FF5D01B0000
unkown image
page readonly
 clean
1F74D873000
unkown
page read and write
 clean
1F74DFC0000
unkown
page read and write
 clean
1F74DD90000
unkown image
page readonly
 clean
7FF4EB9A1000
unkown image
page readonly
 clean
1F752BCB000
unkown
page read and write
 clean
7FF54351C000
unkown image
page readonly
 clean
7DF500A40000
unkown image
page readonly
 clean
2868E820000
unkown
page read and write
 clean
281456F7000
unkown
page read and write
 clean
23E6FA50000
unkown
page read and write
 clean
7FF4EB38E000
unkown image
page readonly
 clean
2868E8E1000
unkown
page read and write
 clean
28145F5A000
unkown
page read and write
 clean
7DF5199A0000
unkown image
page readonly
 clean
7FF5D0226000
unkown image
page readonly
 clean
F42227E000
stack
page read and write
 clean
C522A7F000
stack
page read and write
 clean
28145F67000
unkown
page read and write
 clean
1F752BC4000
unkown
page read and write
 clean
7FF504756000
unkown image
page readonly
 clean
7FF51995C000
unkown image
page readonly
 clean
7DF579D72000
unkown image
page readonly
 clean
7FF5046B5000
unkown image
page readonly
 clean
1D4C8C30000
heap private
page read and write
 clean
1F752BF0000
unkown
page read and write
 clean
7DF5E5330000
unkown image
page readonly
 clean
28145F8F000
unkown
page read and write
 clean
1F752FC0000
unkown
page read and write
 clean
7DF5E5332000
unkown image
page readonly
 clean
7FF4EB904000
unkown image
page readonly
 clean
1F752BB0000
unkown
page read and write
 clean
281456A9000
unkown
page read and write
 clean
1F752C1B000
unkown
page read and write
 clean
7FF5D0071000
unkown image
page readonly
 clean
7FF5045EF000
unkown image
page readonly
 clean
7FF519A1C000
unkown image
page readonly
 clean
23E6FB00000
unkown
page read and write
 clean
1B4D1350000
unkown image
page readonly
 clean
28145670000
unkown
page read and write
 clean
1D4C8E88000
unkown
page read and write
 clean
C522777000
stack
page read and write
 clean
FF23D0F000
stack
page read and write
 clean
7FF5430F6000
unkown image
page readonly
 clean
28145FB1000
unkown
page read and write
 clean
7DF579D80000
unkown image
page readonly
 clean
7DF500A30000
unkown image
page readonly
 clean
28145F13000
unkown
page read and write
 clean
55F33FB000
stack
page read and write
 clean
1D4C8E7E000
unkown
page read and write
 clean
1D4C8E00000
unkown
page read and write
 clean
F421B0C000
unkown
page read and write
 clean
1D4C9602000
unkown
page read and write
 clean
7FF5040B6000
unkown image
page readonly
 clean
7FF4EB664000
unkown image
page readonly
 clean
1B4D1370000
unkown image
page readonly
 clean
7DF5586B0000
unkown image
page readonly
 clean
28145F62000
unkown
page read and write
 clean
7DF52EB70000
unkown image
page readonly
 clean
7FF519841000
unkown image
page readonly
 clean
28145E02000
unkown
page read and write
 clean
7FF504601000
unkown image
page readonly
 clean
7FF543598000
unkown image
page readonly
 clean
7FF5D020F000
unkown image
page readonly
 clean
C52267B000
stack
page read and write
 clean
1F752BE0000
unkown
page read and write
 clean
7DF52EB70000
unkown image
page readonly
 clean
28145F5B000
unkown
page read and write
 clean
7DF52EB80000
unkown image
page readonly
 clean
7DF5586A0000
unkown image
page readonly
 clean
7DF519992000
unkown image
page readonly
 clean
FF23D8F000
stack
page read and write
 clean
28145F5C000
unkown
page read and write
 clean
7FF4EB485000
unkown image
page readonly
 clean
28145F6B000
unkown
page read and write
 clean
8D795F7000
stack
page read and write
 clean
1D4C9000000
unkown image
page readonly
 clean
28145FBF000
unkown
page read and write
 clean
7FF504854000
unkown image
page readonly
 clean
7FF519893000
unkown image
page readonly
 clean
7FF4EB7AE000
unkown image
page readonly
 clean
7FF5D01DF000
unkown image
page readonly
 clean
7DF5586C0000
unkown image
page readonly
 clean
7FF543584000
unkown image
page readonly
 clean
28145FA1000
unkown
page read and write
 clean
F42207B000
stack
page read and write
 clean
1D4C8E13000
unkown
page read and write
 clean
7FF4EB90F000
unkown image
page readonly
 clean
2868E910000
unkown
page read and write
 clean
7FF543105000
unkown image
page readonly
 clean
23E6FA56000
unkown
page read and write
 clean
7FF4EB8AE000
unkown image
page readonly
 clean
7FF4EB88F000
unkown image
page readonly
 clean
7FF519A58000
unkown image
page readonly
 clean
7FF50481B000
unkown image
page readonly
 clean
7FF5199EE000
unkown image
page readonly
 clean
1D4C8D90000
unkown
page read and write
 clean
7FF519767000
unkown image
page readonly
 clean
23E6FA88000
unkown
page read and write
 clean
1F74E7F0000
unkown image
page readonly
 clean
7FF542D94000
unkown image
page readonly
 clean
28145F4C000
unkown
page read and write
 clean
1F74D7C1000
unkown
page read and write
 clean
7FF5435A9000
unkown image
page readonly
 clean
7FF504847000
unkown image
page readonly
 clean
7FF504425000
unkown image
page readonly
 clean
7FF5CFD70000
unkown image
page readonly
 clean
7FF564C79000
unkown image
page readonly
 clean
281455F0000
unkown image
page readonly
 clean
7DF500A22000
unkown image
page readonly
 clean
7FF50460F000
unkown image
page readonly
 clean
1F74D5E0000
unkown image
page read and write
 clean
28145F7E000
unkown
page read and write
 clean
7DF52EB72000
unkown image
page readonly
 clean
7FF5430F0000
unkown image
page readonly
 clean
1F752C42000
unkown
page read and write
 clean
7FF50486F000
unkown image
page readonly
 clean
7FF4EB75A000
unkown image
page readonly
 clean
1F752BCF000
unkown
page read and write
 clean
23E6FA8E000
unkown
page read and write
 clean
1D4C8C20000
unkown image
page read and write
 clean
8D78FBB000
unkown
page read and write
 clean
7DF519982000
unkown image
page readonly
 clean
7FF4EB476000
unkown image
page readonly
 clean
28145F7D000
unkown
page read and write
 clean
1D4C8E58000
unkown
page read and write
 clean
28145FB4000
unkown
page read and write
 clean
7DF579D90000
unkown image
page readonly
 clean
7FF4EB11A000
unkown image
page readonly
 clean
7FF5D022D000
unkown image
page readonly
 clean
28145F69000
unkown
page read and write
 clean
7FF543614000
unkown image
page readonly
 clean
8D798FF000
stack
page read and write
 clean
7FF5CFA1A000
unkown image
page readonly
 clean
7FF4EB99A000
unkown image
page readonly
 clean
7DF5E5330000
unkown image
page readonly
 clean
7FF564C44000
unkown image
page readonly
 clean
1F752C9D000
unkown
page read and write
 clean
23E6F7F0000
unkown image
page read and write
 clean
1F752B90000
unkown
page read and write
 clean
1D4C8E4A000
unkown
page read and write
 clean
C6BA0F7000
stack
page read and write
 clean
28145F5A000
unkown
page read and write
 clean
55F2FDE000
stack
page read and write
 clean
C52287C000
stack
page read and write
 clean
7FF54361A000
unkown image
page readonly
 clean
7FF519A44000
unkown image
page readonly
 clean
1F74DA00000
unkown image
page readonly
 clean
7DF519982000
unkown image
page readonly
 clean
1F74D813000
unkown
page read and write
 clean
7FF5432A7000
unkown image
page readonly
 clean
1F752C00000
unkown
page read and write
 clean
7FF5197A4000
unkown image
page readonly
 clean
1F752F80000
unkown
page read and write
 clean
7FF4EB66B000
unkown image
page readonly
 clean
28145F96000
unkown
page read and write
 clean
FF240FA000
stack
page read and write
 clean
7DF500A22000
unkown image
page readonly
 clean
7FF5046BA000
unkown image
page readonly
 clean
C6BA678000
stack
page read and write
 clean
7FF543530000
unkown image
page readonly
 clean
7DF456570000
unkown image
page readonly
 clean
23E6FA00000
unkown
page read and write
 clean
28145F96000
unkown
page read and write
 clean
1F753120000
unkown
page read and write
 clean
7DF52EB60000
unkown image
page readonly
 clean
7FF504491000
unkown image
page readonly
 clean
7FF504068000
unkown image
page readonly
 clean
23E6FF80000
unkown image
page readonly
 clean
28145FA7000
unkown
page read and write
 clean
2868EB50000
unkown image
page readonly
 clean
7FF50483F000
unkown image
page readonly
 clean
7FF54355C000
unkown image
page readonly
 clean
1F74DFF3000
unkown
page read and write
 clean
28145CF0000
unkown
page read and write
 clean
1B4D1380000
unkown image
page readonly
 clean
7FF519954000
unkown image
page readonly
 clean
7FF503FD2000
unkown image
page readonly
 clean
1B4D1350000
unkown image
page readonly
 clean
1F74E015000
unkown
page read and write
 clean
23E6FA13000
unkown
page read and write
 clean
7FF5047EF000
unkown image
page readonly
 clean
1D4C8E52000
unkown
page read and write
 clean
28145713000
unkown
page read and write
 clean
28146402000
unkown
page read and write
 clean
7FF5433F1000
unkown image
page readonly
 clean
23E6FB02000
unkown
page read and write
 clean
7FF54349C000
unkown image
page readonly
 clean
281454D0000
heap default
page read and write
 clean
1F753010000
unkown
page read and write
 clean
1F752BC5000
unkown
page read and write
 clean
28145F90000
unkown
page read and write
 clean
7FF504886000
unkown image
page readonly
 clean
7FF543381000
unkown image
page readonly
 clean
7FF50475D000
unkown image
page readonly
 clean
1D4C8C40000
unkown image
page readonly
 clean
7FF543574000
unkown image
page readonly
 clean
2868E710000
unkown image
page readonly
 clean
7FF504815000
unkown image
page readonly
 clean
7FF564CE4000
unkown image
page readonly
 clean
8D7927E000
stack
page read and write
 clean
28145F85000
unkown
page read and write
 clean
2814564F000
unkown
page read and write
 clean
28145F84000
unkown
page read and write
 clean
F421B8E000
stack
page read and write
 clean
28145F61000
unkown
page read and write
 clean
7FF4EB701000
unkown image
page readonly
 clean
7FF564C0B000
unkown image
page readonly
 clean
1F74E500000
unkown
page read and write
 clean
7FF519AE2000
unkown image
page readonly
 clean
23E6F860000
heap default
page read and write
 clean
28145CF0000
unkown
page read and write
 clean
28145F94000
unkown
page read and write
 clean
1F74E118000
unkown
page read and write
 clean
7FF5435A6000
unkown image
page readonly
 clean
7FF4EB89A000
unkown image
page readonly
 clean
7FF5195B0000
unkown image
page readonly
 clean
1F752F0E000
unkown
page read and write
 clean
7FF504646000
unkown image
page readonly
 clean
1F74DC00000
unkown image
page readonly
 clean
1B4D1500000
unkown
page read and write
 clean
7FF54342E000
unkown image
page readonly
 clean
7FF564C00000
unkown image
page readonly
 clean
1D4C8F00000
unkown
page read and write
 clean
1B4D148E000
unkown
page read and write
 clean
7FF5CFD76000
unkown image
page readonly
 clean
28145F68000
unkown
page read and write
 clean
1F74E000000
unkown
page read and write
 clean
7FF5D019A000
unkown image
page readonly
 clean
7FF504864000
unkown image
page readonly
 clean
7FF5045C4000
unkown image
page readonly
 clean
2814564B000
unkown
page read and write
 clean
1F752BC0000
unkown
page read and write
 clean
7FF504661000
unkown image
page readonly
 clean
1B4D1A50000
unkown image
page readonly
 clean
7FF5044F4000
unkown image
page readonly
 clean
7FF4EB203000
unkown image
page readonly
 clean
28145F5A000
unkown
page read and write
 clean
1F752FF0000
unkown
page read and write
 clean
1F752C15000
unkown
page read and write
 clean
281456EE000
unkown
page read and write
 clean
1F74D630000
unkown image
page readonly
 clean
1D4C8C90000
heap default
page read and write
 clean
7FF564C2C000
unkown image
page readonly
 clean
1F74D913000
unkown
page read and write
 clean
7DF519990000
unkown image
page readonly
 clean
7FF50415E000
unkown image
page readonly
 clean
7FF5D01AE000
unkown image
page readonly
 clean
281455B0000
unkown image
page readonly
 clean
7FF519A3A000
unkown image
page readonly
 clean
7FF50460D000
unkown image
page readonly
 clean
1B4D1451000
unkown
page read and write
 clean
1B4D143C000
unkown
page read and write
 clean
1F74E159000
unkown
page read and write
 clean
28145F94000
unkown
page read and write
 clean
8D792FE000
stack
page read and write
 clean
28145655000
unkown
page read and write
 clean
23E6FB13000
unkown
page read and write
 clean
7FF5D0204000
unkown image
page readonly
 clean
7FF5D02A1000
unkown image
page readonly
 clean
7FF504651000
unkown image
page readonly
 clean
C6B9BBF000
stack
page read and write
 clean
28145F5C000
unkown
page read and write
 clean
7FF4EB7B8000
unkown image
page readonly
 clean
7FF5649B4000
unkown image
page readonly
 clean
7DF519992000
unkown image
page readonly
 clean
7FF564CF2000
unkown image
page readonly
 clean
2868E730000
unkown image
page readonly
 clean
F42237A000
stack
page read and write
 clean
7DF52EB72000
unkown image
page readonly
 clean
7FF519A34000
unkown image
page readonly
 clean
7FF54357A000
unkown image
page readonly
 clean
28146463000
unkown
page read and write
 clean
28145FA5000
unkown
page read and write
 clean
1F74D890000
unkown
page read and write
 clean
1F74E118000
unkown
page read and write
 clean
1B4D13A0000
heap default
page read and write
 clean
7FF564557000
unkown image
page readonly
 clean
8D794FB000
stack
page read and write
 clean
C6B9ABB000
unkown
page read and write
 clean
7DF579D70000
unkown image
page readonly
 clean
7FF564C68000
unkown image
page readonly
 clean
7FF4EB7AB000
unkown image
page readonly
 clean
28146402000
unkown
page read and write
 clean
7DF5586A2000
unkown image
page readonly
 clean
28145F8C000
unkown
page read and write
 clean
28145F60000
unkown
page read and write
 clean
1D4C9380000
unkown image
page readonly
 clean
7FF519A4F000
unkown image
page readonly
 clean
7FF5044F7000
unkown image
page readonly
 clean
7FF5433D3000
unkown image
page readonly
 clean
28146402000
unkown
page read and write
 clean
1F74EB60000
unkown
page read and write
 clean
7FF543567000
unkown image
page readonly
 clean
28145646000
unkown
page read and write
 clean
2814565B000
unkown
page read and write
 clean
281456C8000
unkown
page read and write
 clean
FF241FC000
stack
page read and write
 clean
7FF51993D000
unkown image
page readonly
 clean
7FF4EB8B5000
unkown image
page readonly
 clean
7FF564C7D000
unkown image
page readonly
 clean
28145629000
unkown
page read and write
 clean
7FF5D00AB000
unkown image
page readonly
 clean
7FF5D01F4000
unkown image
page readonly
 clean
7DF5586B2000
unkown image
page readonly
 clean
7FF542D9A000
unkown image
page readonly
 clean
1F752F00000
unkown
page read and write
 clean
7FF5D0294000
unkown image
page readonly
 clean
1F74E7E0000
unkown image
page readonly
 clean
28145F69000
unkown
page read and write
 clean
C6BA3FD000
stack
page read and write
 clean
F4229FA000
stack
page read and write
 clean
28145FA7000
unkown
page read and write
 clean
7FF564C05000
unkown image
page readonly
 clean
28145460000
unkown image
page read and write
 clean
7FF4EB8E7000
unkown image
page readonly
 clean
7FF5D0103000
unkown image
page readonly
 clean
1F752BC1000
unkown
page read and write
 clean
2868E840000
unkown
page read and write
 clean
7FF504644000
unkown image
page readonly
 clean
7FF5046A2000
unkown image
page readonly
 clean
C6B9EFB000
stack
page read and write
 clean
7FF5198B1000
unkown image
page readonly
 clean
281456DB000
unkown
page read and write
 clean
7DF417850000
unkown image
page readonly
 clean
FF23C8A000
unkown
page read and write
 clean
7FF564553000
unkown image
page readonly
 clean
28146400000
unkown
page read and write
 clean
C52210C000
unkown
page read and write
 clean
7FF564C5E000
unkown image
page readonly
 clean
7DF5586C0000
unkown image
page readonly
 clean
7FF5CFD85000
unkown image
page readonly
 clean
7DF5E5320000
unkown image
page readonly
 clean
7FF564CF1000
unkown image
page readonly
 clean
1B4D1477000
unkown
page read and write
 clean
28145FA7000
unkown
page read and write
 clean
7FF4EB1B2000
unkown image
page readonly
 clean
7FF5D0001000
unkown image
page readonly
 clean
7FF4EB7FD000
unkown image
page readonly
 clean
28145702000
unkown
page read and write
 clean
1F74D760000
unkown image
page read and write
 clean
1B4D1513000
unkown
page read and write
 clean
7FF50480E000
unkown image
page readonly
 clean
1D4C8E3C000
unkown
page read and write
 clean
7DF579D72000
unkown image
page readonly
 clean
1F752C8C000
unkown
page read and write
 clean
7DF579D82000
unkown image
page readonly
 clean
7FF4EB4C7000
unkown image
page readonly
 clean
7FF543622000
unkown image
page readonly
 clean
7FF5045CB000
unkown image
page readonly
 clean
28145FBF000
unkown
page read and write
 clean
28145F90000
unkown
page read and write
 clean
1F752C60000
unkown
page read and write
 clean
28145F62000
unkown
page read and write
 clean
1B4D1C02000
unkown
page read and write
 clean
28145FA1000
unkown
page read and write
 clean
28145F7C000
unkown
page read and write
 clean
1F74E113000
unkown
page read and write
 clean
7FF5D0091000
unkown image
page readonly
 clean
1D4C8E79000
unkown
page read and write
 clean
2868E6F0000
unkown image
page read and write
 clean
7FF519A07000
unkown image
page readonly
 clean
28145F8D000
unkown
page read and write
 clean
7FF54351A000
unkown image
page readonly
 clean
7FF5CFF64000
unkown image
page readonly
 clean
1D4C8F13000
unkown
page read and write
 clean
28145F5B000
unkown
page read and write
 clean
2868E8D0000
heap default
page read and write
 clean
23E6F810000
unkown image
page readonly
 clean
7FF4EB918000
unkown image
page readonly
 clean
7FF4EB926000
unkown image
page readonly
 clean
2814646A000
unkown
page read and write
 clean
7FF5D01AA000
unkown image
page readonly
 clean
23E6FA7D000
unkown
page read and write
 clean
281456B3000
unkown
page read and write
 clean
1D4C8D70000
unkown image
page readonly
 clean
7FF504827000
unkown image
page readonly
 clean
8D797FC000
stack
page read and write
 clean
7FF519AD4000
unkown image
page readonly
 clean
1D4C8C70000
unkown image
page readonly
 clean
28145FC1000
unkown
page read and write
 clean
28146402000
unkown
page read and write
 clean
7FF4EB41E000
unkown image
page readonly
 clean
1F74D83D000
unkown
page read and write
 clean
28146402000
unkown
page read and write
 clean
7FF5D011C000
unkown image
page readonly
 clean
1F752FD0000
unkown
page read and write
 clean
7FF4EB627000
unkown image
page readonly
 clean
7FF4EB791000
unkown image
page readonly
 clean
7DF477C40000
unkown image
page readonly
 clean
7DF579D82000
unkown image
page readonly
 clean
1D4C8C60000
unkown image
page readonly
 clean
7FF564CEA000
unkown image
page readonly
 clean
7FF504810000
unkown image
page readonly
 clean
1D4C8E54000
unkown
page read and write
 clean
7FF5047C3000
unkown image
page readonly
 clean
7FF5D00AE000
unkown image
page readonly
 clean
7FF5D0053000
unkown image
page readonly
 clean
7FF5432E4000
unkown image
page readonly
 clean
1B4D142A000
unkown
page read and write
 clean
7DF500A20000
unkown image
page readonly
 clean
1B4D18D0000
unkown image
page readonly
 clean
1F753020000
unkown
page read and write
 clean
2868E710000
unkown image
page readonly
 clean
1F753170000
unkown
page read and write
 clean
1F752F24000
unkown
page read and write
 clean
1F752C96000
unkown
page read and write
 clean
1D4C8E46000
unkown
page read and write
 clean
7DF579D90000
unkown image
page readonly
 clean
2868E900000
unkown
page read and write
 clean
28145FC2000
unkown
page read and write
 clean
2868E90F000
unkown
page read and write
 clean
1F752BC7000
unkown
page read and write
 clean
7FF50480A000
unkown image
page readonly
 clean
1F74E7D0000
unkown image
page readonly
 clean
7FF5047D3000
unkown image
page readonly
 clean
7FF54353B000
unkown image
page readonly
 clean
1B4D146F000
unkown
page read and write
 clean
FF2417F000
stack
page read and write
 clean
1D4C8E56000
unkown
page read and write
 clean
1F74E600000
unkown image
page read and write
 clean
1F74D88E000
unkown
page read and write
 clean
7FF5044A1000
unkown image
page readonly
 clean
1F74E100000
unkown
page read and write
 clean
7FF543535000
unkown image
page readonly
 clean
1D4C8E49000
unkown
page read and write
 clean
7FF4EB863000
unkown image
page readonly
 clean
28145F59000
unkown
page read and write
 clean
2868E8F6000
unkown
page read and write
 clean
7FF4EB89C000
unkown image
page readonly
 clean
C52257C000
stack
page read and write
 clean
28145F63000
unkown
page read and write
 clean
7FF4EB884000
unkown image
page readonly
 clean
28145F97000
unkown
page read and write
 clean
7FF5CFA14000
unkown image
page readonly
 clean
7FF504372000
unkown image
page readonly
 clean
7FF5D0229000
unkown image
page readonly
 clean
7FF4EB6E4000
unkown image
page readonly
 clean
23E6F960000
unkown
page read and write
 clean
F42247B000
stack
page read and write
 clean
55F2F5E000
stack
page read and write
 clean
7FF543547000
unkown image
page readonly
 clean
7FF54347D000
unkown image
page readonly
 clean
1B4D1456000
unkown
page read and write
 clean
28145B80000
unkown image
page readonly
 clean
1B4D13B0000
unkown image
page readonly
 clean
1F752BC0000
unkown
page read and write
 clean
1F74E102000
unkown
page read and write
 clean
1F74D900000
unkown
page read and write
 clean
28145F7E000
unkown
page read and write
 clean
1F74E118000
unkown
page read and write
 clean
55F36FF000
stack
page read and write
 clean
28145F94000
unkown
page read and write
 clean
1B4D16D0000
unkown image
page readonly
 clean
7FF4EB852000
unkown image
page readonly
 clean
28145CF0000
unkown
page read and write
 clean
7FF4EB470000
unkown image
page readonly
 clean
7FF504889000
unkown image
page readonly
 clean
1F752BB0000
unkown
page read and write
 clean
2868E870000
unkown image
page readonly
 clean
7FF4EB771000
unkown image
page readonly
 clean
2814564D000
unkown
page read and write
 clean
7FF564C38000
unkown image
page readonly
 clean
7DF5E5320000
unkown image
page readonly
 clean
1F752BC0000
unkown
page read and write
 clean
28145F82000
unkown
page read and write
 clean
7FF5044FA000
unkown image
page readonly
 clean
28145FA1000
unkown
page read and write
 clean
7FF503FDC000
unkown image
page readonly
 clean
28145716000
unkown
page read and write
 clean
1F74E159000
unkown
page read and write
 clean
1B4D1502000
unkown
page read and write
 clean
7FF5D021E000
unkown image
page readonly
 clean
C6BA57E000
stack
page read and write
 clean
28145F9F000
unkown
page read and write
 clean
7FF54355F000
unkown image
page readonly
 clean
7FF5045C1000
unkown image
page readonly
 clean
7FF519A6D000
unkown image
page readonly
 clean
7FF564C6E000
unkown image
page readonly
 clean
1F74D7F0000
unkown
page read and write
 clean
1F753000000
unkown
page read and write
 clean
7FF543494000
unkown image
page readonly
 clean
7FF5D01BB000
unkown image
page readonly
 clean
F4225FF000
stack
page read and write
 clean
28145F5B000
unkown
page read and write
 clean
7FF5198EE000
unkown image
page readonly
 clean
28145800000
unkown image
page readonly
 clean
7FF5D00FD000
unkown image
page readonly
 clean
1F752F08000
unkown
page read and write
 clean
C6BA4FA000
stack
page read and write
 clean
7FF5D01C7000
unkown image
page readonly
 clean
28145F92000
unkown
page read and write
 clean
2814563C000
unkown
page read and write
 clean
1F753100000
unkown
page read and write
 clean
28145F00000
unkown
page read and write
 clean
28145F90000
unkown
page read and write
 clean
7FF4EB207000
unkown image
page readonly
 clean
1F752F21000
unkown
page read and write
 clean
7FF4EB803000
unkown image
page readonly
 clean
7DF52EB60000
unkown image
page readonly
 clean
1F74D5F0000
heap private
page read and write
 clean
7FF504466000
unkown image
page readonly
 clean
F42277F000
stack
page read and write
 clean
2868EBC5000
heap private
page read and write
 clean
1F752C25000
unkown
page read and write
 clean
281456AB000
unkown
page read and write
 clean
C52218E000
stack
page read and write
 clean
7FF564C54000
unkown image
page readonly
 clean
7FF5198EB000
unkown image
page readonly
 clean
F4224FF000
stack
page read and write
 clean
1D4C8C40000
unkown image
page readonly
 clean
7FF54352E000
unkown image
page readonly
 clean
7FF4EB7B3000
unkown image
page readonly
 clean
C6BA1FE000
stack
page read and write
 clean
7FF5D0114000
unkown image
page readonly
 clean
7FF504858000
unkown image
page readonly
 clean
28145F90000
unkown
page read and write
 clean
23E6FA6C000
unkown
page read and write
 clean
7DF500A20000
unkown image
page readonly
 clean
28145F0F000
unkown
page read and write
 clean
7FF504501000
unkown image
page readonly
 clean
1B4D144A000
unkown
page read and write
 clean
7FF51925A000
unkown image
page readonly
 clean
7FF5198D1000
unkown image
page readonly
 clean
281456E3000
unkown
page read and write
 clean
7DF5586B0000
unkown image
page readonly
 clean
7FF5046D1000
unkown image
page readonly
 clean
1D4C8F02000
unkown
page read and write
 clean
7FF54342B000
unkown image
page readonly
 clean
7DF5586B2000
unkown image
page readonly
 clean
7DF519980000
unkown image
page readonly
 clean
7DF5E5340000
unkown image
page readonly
 clean
28145FB2000
unkown
page read and write
 clean
1F752C33000
unkown
page read and write
 clean
C6BA2FA000
stack
page read and write
 clean
23E6FA4B000
unkown
page read and write
 clean
7FF504878000
unkown image
page readonly
 clean
1B4D1340000
heap private
page read and write
 clean
F42217A000
stack
page read and write
 clean
28145F11000
unkown
page read and write
 clean
7FF4EB6E6000
unkown image
page readonly
 clean
28145F97000
unkown
page read and write
 clean
1F752C88000
unkown
page read and write
 clean
28145D00000
unkown image
page read and write
 clean
23E6FA4E000
unkown
page read and write
 clean
7FF519943000
unkown image
page readonly
 clean
28145F65000
unkown
page read and write
 clean
7FF504902000
unkown image
page readonly
 clean
28145F81000
unkown
page read and write
 clean
7FF4EB114000
unkown image
page readonly
 clean
1F74D902000
unkown
page read and write
 clean
7DF5586A0000
unkown image
page readonly
 clean
7FF5199DC000
unkown image
page readonly
 clean
1F752FE0000
unkown
page read and write
 clean
1F74E159000
unkown
page read and write
 clean
1D4C8E4C000
unkown
page read and write
 clean
28145F82000
unkown
page read and write
 clean
55F2EDB000
unkown
page read and write
 clean
7FF5D029A000
unkown image
page readonly
 clean
7DF52EB80000
unkown image
page readonly
 clean
23E6FA29000
unkown
page read and write
 clean
7FF5045FB000
unkown image
page readonly
 clean
1F74E118000
unkown
page read and write
 clean
28145F62000
unkown
page read and write
 clean
7FF519A27000
unkown image
page readonly
 clean
2868E900000
unkown
page read and write
 clean
28145F90000
unkown
page read and write
 clean
7DF500A32000
unkown image
page readonly
 clean
7FF5D01B5000
unkown image
page readonly
 clean
55F35FF000
stack
page read and write
 clean
1F74D87C000
unkown
page read and write
 clean
28145F66000
unkown
page read and write
 clean
1F74D897000
unkown
page read and write
 clean
28145F94000
unkown
page read and write
 clean
23E6F810000
unkown image
page readonly
 clean
28145480000
unkown image
page readonly
 clean
28145688000
unkown
page read and write
 clean
7FF4EB8AA000
unkown image
page readonly
 clean
1F752C64000
unkown
page read and write
 clean
1F74DD80000
unkown image
page readonly
 clean
1F74E10E000
unkown
page read and write
 clean
7DF52EB62000
unkown image
page readonly
 clean
7FF4EB8DC000
unkown image
page readonly
 clean
28145F92000
unkown
page read and write
 clean
F421F78000
stack
page read and write
 clean
7FF519A5E000
unkown image
page readonly
 clean
28145F96000
unkown
page read and write
 clean
1B4D144D000
unkown
page read and write
 clean
2814565C000
unkown
page read and write
 clean
F42267E000
stack
page read and write
 clean
28145A00000
unkown image
page readonly
 clean
28145659000
unkown
page read and write
 clean
1F752BC6000
unkown
page read and write
 clean
7FF564C4A000
unkown image
page readonly
 clean
7FF4EB422000
unkown image
page readonly
 clean
7FF4EB6B0000
unkown image
page readonly
 clean
28145F91000
unkown
page read and write
 clean
23E6F830000
unkown image
page readonly
 clean
23E6FB08000
unkown
page read and write
 clean
1F74E800000
unkown image
page readonly
 clean
7FF5195C5000
unkown image
page readonly
 clean
1F74D878000
unkown
page read and write
 clean
1F752C4F000
unkown
page read and write
 clean
7DF5E5340000
unkown image
page readonly
 clean
7FF5045BA000
unkown image
page readonly
 clean
7FF5044E9000
unkown image
page readonly
 clean
281456C2000
unkown
page read and write
 clean
7FF4EB87F000
unkown image
page readonly
 clean
7FF54358F000
unkown image
page readonly
 clean
23E70202000
unkown
page read and write
 clean
C6BA779000
stack
page read and write
 clean
7FF5435AD000
unkown image
page readonly
 clean
1F752E00000
unkown
page read and write
 clean
7FF4EB6F1000
unkown image
page readonly
 clean
7DF52EB62000
unkown image
page readonly
 clean
C6B9FFA000
stack
page read and write
 clean
28145F1B000
unkown
page read and write
 clean
7FF5199DA000
unkown image
page readonly
 clean
2814564C000
unkown
page read and write
 clean
2868E8E6000
heap default
page read and write
 clean
7FF5047CF000
unkown image
page readonly
 clean
1F74E280000
unkown
page read and write
 clean
1D4C8E59000
unkown
page read and write
 clean
7DF5199A0000
unkown image
page readonly
 clean
2868E9D0000
unkown image
page readonly
 clean
28145F63000
unkown
page read and write
 clean
7FF5CFF27000
unkown image
page readonly
 clean
7FF519A69000
unkown image
page readonly
 clean
281454A0000
unkown image
page readonly
 clean
7DF500A40000
unkown image
page readonly
 clean
1D4C8E70000
unkown
page read and write
 clean
7FF504427000
unkown image
page readonly
 clean
7FF5195B6000
unkown image
page readonly
 clean
1F752C8C000
unkown
page read and write
 clean
7FF4EB8DF000
unkown image
page readonly
 clean
7DF500A32000
unkown image
page readonly
 clean
7FF5045E8000
unkown image
page readonly
 clean
7DF519980000
unkown image
page readonly
 clean
8D796FF000
stack
page read and write
 clean
7FF54352A000
unkown image
page readonly
 clean
28145F90000
unkown
page read and write
 clean
1F752BF4000
unkown
page read and write
 clean
28145FB1000
unkown
page read and write
 clean
There are 795 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://a-tk7.online/main/
 malicious
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeNDgdAAAAAKfVUcAGxh9ZR8-4RaKLBW_I3caW&co=aHR0cHM6Ly9hLXRrNy5vbmxpbmU6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4fhsd4t1vfzw
 clean
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LfeNDgdAAAAAKfVUcAGxh9ZR8-4RaKLBW_I3caW
 clean