Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
_0.html
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\16070561-b950-40a8-9d97-7311c160f0e7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4e9e0835-6278-49e6-8e6a-ef397267b596.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7c30114d-f8fb-4eb2-a059-b1bf8c5e74da.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7ded2f70-d970-4893-8801-2e98ff707976.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9bb34ec9-f8e1-4a76-8537-c6759e3f313c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\15e198b3-9389-4cb8-b446-4a3415d13705.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\15fbb871-8eb7-4b4c-956f-1b4f30dfbd04.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1d48245c-8e7f-4ea5-b88b-74572cb5be15.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\200bcc04-72e9-4825-9b56-7838151335cd.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\33669357-948c-410a-b8e8-164dbb4ff866.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5cc0da89-0d6f-4a41-89f2-0572bfd00929.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5fb74274-9fb6-4308-891d-7e482934d8f8.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\793038f8-5dfe-4322-9583-bfcb737ebfe2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8eb176c4-3b3d-4491-8a53-69f3390accb7.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldp (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old1 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
dBase III DBT, next free block index 3238316739, block length 1024
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session`. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencest (copy)
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldps (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e7897dec-ee7c-44f7-bb2b-d8f6929a70aa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldx
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old/r
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\a2620b0c-ce95-429e-8215-c8354eadd2c9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldn.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa15d7ae-23b0-4373-8b92-eb7a4b1481bb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cec996c8-5828-48d0-9449-62a84bb87b7c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldt} (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statex (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache* (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\r (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5236_2052106015\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a4524ee2-4d8d-4133-8bba-648df2b20d26.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a543d379-6b17-4cf5-a997-fece7c875beb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c91b38ef-5231-405b-b5df-77fabcffa985.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d321dc8f-e411-4d00-85b7-c14a4fbaa128.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d3c523d6-7ace-45c3-a485-39addfd9f757.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d999d7be-23ef-4f00-867c-813703dbfd31.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\eac5e0fa-e842-419a-93a5-3c93673a3b90.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\eceffd43-fdf9-47cc-b5f1-068c54a92152.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1076980652\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1076980652\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1076980652\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1076980652\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1076980652\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1421901141\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1421901141\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1421901141\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1421901141\ssl_error_assistant.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1549129448\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1549129448\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1549129448\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1549129448\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1549129448\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5236_1779478962\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6aee8522-0f55-4a55-808a-fdddf08db27d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\7716c253-b8c0-4c76-a98e-0b85b84ba391.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\77b94257-2da0-4dd7-bbdc-1223e1bb0dc7.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\c0de4691-48a7-4f5f-9a92-6e4e58039e4d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\6aee8522-0f55-4a55-808a-fdddf08db27d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1069774260\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5236_1271905551\c0de4691-48a7-4f5f-9a92-6e4e58039e4d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 265 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\_0.html
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,5839696716232444063,16460988277363527402,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/_0.html
|
|
||
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficc
|
unknown
|
|
|
|
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
|
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
|
152.199.23.37
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
|
152.199.23.37
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.3.1.slim.min.js
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=5
|
unknown
|
|
|
|
https://login.windows-ppe.net
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
|
104.18.10.207
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.pn
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
|
152.199.23.37
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://login.microsoftonline.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_lgjnfq3xbrj5zvj5ionvww2.css
|
152.199.23.37
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://login.microsoftonline.com/jsdisabled
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
152.199.23.37
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.sv
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=hQAATpxCIT3D4W6dz6Ov9Ydf7JOaelOys6am00pXmNrmBn7pehyR7t6dgBy
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90b
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
|
152.199.23.37
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png
|
152.199.23.37
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.3.1.slim.min.jsC
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_ktc4wemsewhydsbdjhhsja2.js
|
152.199.23.37
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
|
104.16.19.94
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_lgjnfq3xbrj5zvj5ionvw
|
unknown
|
|
|
|
https://identity.nel.measure.office.net/api/report?catId=GW
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
|
152.199.23.37
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
|
152.199.23.37
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icoD
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
|
152.199.23.37
|
|
|
|
https://aadcdn.msftauth.net
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
|
152.199.23.37
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
|
152.199.23.37
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 84 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
aadcdn.msftauth.net
|
unknown
|
|
|
|
login.microsoftonline.com
|
unknown
|
|
|
|
aadcdn.msauth.net
|
unknown
|
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
152.199.23.37
|
cs1100.wpc.omegacdn.net
|
United States
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5720CB000
|
unkown image
|
page readonly
|
|
|
|
7FF55259B000
|
unkown image
|
page readonly
|
|
|
|
1AD7B4A0000
|
unkown
|
page read and write
|
|
|
|
1F84A24C000
|
unkown
|
page read and write
|
|
|
|
1F84A850000
|
unkown image
|
page readonly
|
|
|
|
27142C00000
|
unkown
|
page read and write
|
|
|
|
27142213000
|
unkown
|
page read and write
|
|
|
|
1A9F9862000
|
unkown
|
page read and write
|
|
|
|
7FF5720CF000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2E86000
|
unkown image
|
page readonly
|
|
|
|
1A9FA19A000
|
unkown
|
page read and write
|
|
|
|
1A9F984D000
|
unkown
|
page read and write
|
|
|
|
1A9F96D0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E5D2000
|
unkown image
|
page readonly
|
|
|
|
1AD7B720000
|
unkown
|
page read and write
|
|
|
|
7DF567E90000
|
unkown image
|
page readonly
|
|
|
|
26FBF980000
|
unkown
|
page read and write
|
|
|
|
7FF520000000
|
unkown image
|
page readonly
|
|
|
|
1F2CF43E000
|
unkown
|
page read and write
|
|
|
|
7FF51FDB3000
|
unkown image
|
page readonly
|
|
|
|
7FF52ED9D000
|
unkown image
|
page readonly
|
|
|
|
1615D683000
|
unkown
|
page read and write
|
|
|
|
7FF4F51DE000
|
unkown image
|
page readonly
|
|
|
|
7DF535BE0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51AF000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5F0000
|
unkown
|
page read and write
|
|
|
|
7DF5446B0000
|
unkown image
|
page readonly
|
|
|
|
23028E30000
|
unkown image
|
page readonly
|
|
|
|
7DF567EA2000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FC2000
|
unkown image
|
page readonly
|
|
|
|
1A9FA183000
|
unkown
|
page read and write
|
|
|
|
D4DD47E000
|
stack
|
page read and write
|
|
|
|
1F2CF280000
|
heap default
|
page read and write
|
|
|
|
7FF5588DB000
|
unkown image
|
page readonly
|
|
|
|
7FF51FE96000
|
unkown image
|
page readonly
|
|
|
|
7FF528EEB000
|
unkown image
|
page readonly
|
|
|
|
1F84A1A0000
|
unkown image
|
page readonly
|
|
|
|
1FEDBF40000
|
unkown
|
page read and write
|
|
|
|
1AD76918000
|
unkown
|
page read and write
|
|
|
|
1A9F98A0000
|
unkown
|
page read and write
|
|
|
|
7FF528F1F000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC3E5000
|
unkown image
|
page readonly
|
|
|
|
1AD7B91B000
|
unkown
|
page read and write
|
|
|
|
7DF5879D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5201E7000
|
unkown image
|
page readonly
|
|
|
|
7FF558803000
|
unkown image
|
page readonly
|
|
|
|
7FF51FDC8000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC47B000
|
unkown image
|
page readonly
|
|
|
|
7FF53194C000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8E6000
|
unkown
|
page read and write
|
|
|
|
7DF53E822000
|
unkown image
|
page readonly
|
|
|
|
7FF55238E000
|
unkown image
|
page readonly
|
|
|
|
7DF56E202000
|
unkown image
|
page readonly
|
|
|
|
1F2CF413000
|
unkown
|
page read and write
|
|
|
|
7DF563FE2000
|
unkown image
|
page readonly
|
|
|
|
7FF51FE94000
|
unkown image
|
page readonly
|
|
|
|
1F2CF4BB000
|
unkown
|
page read and write
|
|
|
|
11DA8FD000
|
stack
|
page read and write
|
|
|
|
7FF55883D000
|
unkown image
|
page readonly
|
|
|
|
27142180000
|
heap private
|
page read and write
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
7FF552570000
|
unkown image
|
page readonly
|
|
|
|
1A9F984C000
|
unkown
|
page read and write
|
|
|
|
1F84A271000
|
unkown
|
page read and write
|
|
|
|
EF297FE000
|
stack
|
page read and write
|
|
|
|
7FF520145000
|
unkown image
|
page readonly
|
|
|
|
7FF51FFE3000
|
unkown image
|
page readonly
|
|
|
|
7DF5446D0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA161000
|
unkown
|
page read and write
|
|
|
|
2457DEC2000
|
unkown
|
page read and write
|
|
|
|
1FEDBB50000
|
unkown image
|
page readonly
|
|
|
|
7DF4CFC70000
|
unkown image
|
page readonly
|
|
|
|
1A9FA185000
|
unkown
|
page read and write
|
|
|
|
7DF5879E0000
|
unkown image
|
page readonly
|
|
|
|
7FF552505000
|
unkown image
|
page readonly
|
|
|
|
7FF51FE21000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1B3000
|
unkown
|
page read and write
|
|
|
|
1AD7695A000
|
unkown
|
page read and write
|
|
|
|
7FF5202EF000
|
unkown image
|
page readonly
|
|
|
|
1AD7BB40000
|
unkown
|
page read and write
|
|
|
|
11DB2FF000
|
stack
|
page read and write
|
|
|
|
7FF5524AC000
|
unkown image
|
page readonly
|
|
|
|
7DF5446C0000
|
unkown image
|
page readonly
|
|
|
|
7FF558732000
|
unkown image
|
page readonly
|
|
|
|
EF28D8B000
|
unkown
|
page read and write
|
|
|
|
7FF558849000
|
unkown image
|
page readonly
|
|
|
|
7FF54E26A000
|
unkown image
|
page readonly
|
|
|
|
1A9FA170000
|
unkown
|
page read and write
|
|
|
|
1AD7B912000
|
unkown
|
page read and write
|
|
|
|
7DF563FF2000
|
unkown image
|
page readonly
|
|
|
|
7DF5879D0000
|
unkown image
|
page readonly
|
|
|
|
1AD75F60000
|
heap default
|
page read and write
|
|
|
|
1DF55A78000
|
unkown
|
page read and write
|
|
|
|
1AD7B91A000
|
unkown
|
page read and write
|
|
|
|
7FF53188F000
|
unkown image
|
page readonly
|
|
|
|
1FEDBC20000
|
heap default
|
page read and write
|
|
|
|
1A9F9884000
|
unkown
|
page read and write
|
|
|
|
1AD7695B000
|
unkown
|
page read and write
|
|
|
|
7DF567EA0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B911000
|
unkown
|
page read and write
|
|
|
|
7FF572009000
|
unkown image
|
page readonly
|
|
|
|
2457DEC2000
|
unkown
|
page read and write
|
|
|
|
7DF53E830000
|
unkown image
|
page readonly
|
|
|
|
1AD76913000
|
unkown
|
page read and write
|
|
|
|
1AD7B89D000
|
unkown
|
page read and write
|
|
|
|
1A9FA1A4000
|
unkown
|
page read and write
|
|
|
|
6DB9DFE000
|
stack
|
page read and write
|
|
|
|
1AD7B849000
|
unkown
|
page read and write
|
|
|
|
7FF558784000
|
unkown image
|
page readonly
|
|
|
|
1F2CFC02000
|
unkown
|
page read and write
|
|
|
|
7FF51FFE1000
|
unkown image
|
page readonly
|
|
|
|
7DF442580000
|
unkown image
|
page readonly
|
|
|
|
1AD76959000
|
unkown
|
page read and write
|
|
|
|
7FF4F4F8D000
|
unkown image
|
page readonly
|
|
|
|
7FF52EDA4000
|
unkown image
|
page readonly
|
|
|
|
1615D600000
|
unkown
|
page read and write
|
|
|
|
1DF55A45000
|
unkown
|
page read and write
|
|
|
|
2302908D000
|
unkown
|
page read and write
|
|
|
|
7FF55885A000
|
unkown image
|
page readonly
|
|
|
|
7FF571FC3000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECCC000
|
unkown image
|
page readonly
|
|
|
|
1AD77420000
|
unkown
|
page read and write
|
|
|
|
EF292FE000
|
stack
|
page read and write
|
|
|
|
7FF552584000
|
unkown image
|
page readonly
|
|
|
|
7FF51CBCE000
|
unkown image
|
page readonly
|
|
|
|
1AD7C010000
|
unkown
|
page read and write
|
|
|
|
27142302000
|
unkown
|
page read and write
|
|
|
|
7FF57201A000
|
unkown image
|
page readonly
|
|
|
|
7FF531A2E000
|
unkown image
|
page readonly
|
|
|
|
7FF55257D000
|
unkown image
|
page readonly
|
|
|
|
26FBFA00000
|
unkown
|
page read and write
|
|
|
|
1A9F9F40000
|
unkown
|
page read and write
|
|
|
|
1A9F96C0000
|
heap private
|
page read and write
|
|
|
|
1AD760BB000
|
unkown
|
page read and write
|
|
|
|
1AD7B908000
|
unkown
|
page read and write
|
|
|
|
1A9FA702000
|
unkown
|
page read and write
|
|
|
|
7FF55890F000
|
unkown image
|
page readonly
|
|
|
|
7DF56E220000
|
unkown image
|
page readonly
|
|
|
|
7FF54E625000
|
unkown image
|
page readonly
|
|
|
|
1DF55A4D000
|
unkown
|
page read and write
|
|
|
|
1615D63C000
|
unkown
|
page read and write
|
|
|
|
23028E50000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1B4000
|
unkown
|
page read and write
|
|
|
|
2302903C000
|
unkown
|
page read and write
|
|
|
|
1AD7695B000
|
unkown
|
page read and write
|
|
|
|
1FEDBEE0000
|
unkown
|
page read and write
|
|
|
|
1AD7B6D0000
|
unkown
|
page read and write
|
|
|
|
7FF558828000
|
unkown image
|
page readonly
|
|
|
|
1F84A6D0000
|
unkown image
|
page readonly
|
|
|
|
7FF552493000
|
unkown image
|
page readonly
|
|
|
|
1AD76918000
|
unkown
|
page read and write
|
|
|
|
7FF5A3635000
|
unkown image
|
page readonly
|
|
|
|
1AD76918000
|
unkown
|
page read and write
|
|
|
|
26FBFA41000
|
unkown
|
page read and write
|
|
|
|
7DF53E820000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18D000
|
unkown
|
page read and write
|
|
|
|
6DB987B000
|
unkown
|
page read and write
|
|
|
|
1F2CF502000
|
unkown
|
page read and write
|
|
|
|
7FF54E6BE000
|
unkown image
|
page readonly
|
|
|
|
1534EF7000
|
stack
|
page read and write
|
|
|
|
7DF563FF0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A2000
|
unkown
|
page read and write
|
|
|
|
1F2CF513000
|
unkown
|
page read and write
|
|
|
|
1AD76F00000
|
unkown image
|
page read and write
|
|
|
|
11DB27F000
|
stack
|
page read and write
|
|
|
|
1F2CFD12000
|
unkown
|
page read and write
|
|
|
|
1FEDBC70000
|
unkown
|
page read and write
|
|
|
|
EF2957F000
|
stack
|
page read and write
|
|
|
|
7FF5A36BB000
|
unkown image
|
page readonly
|
|
|
|
11DAF7E000
|
stack
|
page read and write
|
|
|
|
7FF528CAA000
|
unkown image
|
page readonly
|
|
|
|
7FF528F1F000
|
unkown image
|
page readonly
|
|
|
|
7FF571E96000
|
unkown image
|
page readonly
|
|
|
|
1A9F96B0000
|
unkown image
|
page read and write
|
|
|
|
1A9FA194000
|
unkown
|
page read and write
|
|
|
|
26FBFA63000
|
unkown
|
page read and write
|
|
|
|
2457DE90000
|
heap default
|
page read and write
|
|
|
|
20D067B000
|
stack
|
page read and write
|
|
|
|
23029113000
|
unkown
|
page read and write
|
|
|
|
7FF5524E3000
|
unkown image
|
page readonly
|
|
|
|
1AD76919000
|
unkown
|
page read and write
|
|
|
|
7FF572096000
|
unkown image
|
page readonly
|
|
|
|
26FBF820000
|
heap private
|
page read and write
|
|
|
|
7FF54E221000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC3FA000
|
unkown image
|
page readonly
|
|
|
|
1AD7B91B000
|
unkown
|
page read and write
|
|
|
|
7FF51CBCE000
|
unkown image
|
page readonly
|
|
|
|
11DA97E000
|
stack
|
page read and write
|
|
|
|
2302904A000
|
unkown
|
page read and write
|
|
|
|
7FF55890D000
|
unkown image
|
page readonly
|
|
|
|
1A9FA10E000
|
unkown
|
page read and write
|
|
|
|
7DF563FE0000
|
unkown image
|
page readonly
|
|
|
|
1AD76900000
|
unkown
|
page read and write
|
|
|
|
1A9F9800000
|
unkown
|
page read and write
|
|
|
|
27142225000
|
unkown
|
page read and write
|
|
|
|
759C6FF000
|
stack
|
page read and write
|
|
|
|
1FEDBED0000
|
unkown
|
page read and write
|
|
|
|
7FF52ED03000
|
unkown image
|
page readonly
|
|
|
|
1A9F9913000
|
unkown
|
page read and write
|
|
|
|
23029580000
|
unkown image
|
page readonly
|
|
|
|
1AD76102000
|
unkown
|
page read and write
|
|
|
|
26FBFB13000
|
unkown
|
page read and write
|
|
|
|
1AD7B460000
|
unkown
|
page read and write
|
|
|
|
7FF531A0B000
|
unkown image
|
page readonly
|
|
|
|
1AD7609C000
|
unkown
|
page read and write
|
|
|
|
7DF461EB0000
|
unkown image
|
page readonly
|
|
|
|
23029051000
|
unkown
|
page read and write
|
|
|
|
1615D67D000
|
unkown
|
page read and write
|
|
|
|
23029013000
|
unkown
|
page read and write
|
|
|
|
1A9FA198000
|
unkown
|
page read and write
|
|
|
|
1F2CF980000
|
unkown image
|
page readonly
|
|
|
|
7FF51FFED000
|
unkown image
|
page readonly
|
|
|
|
7FF52EBD3000
|
unkown image
|
page readonly
|
|
|
|
1A9F9902000
|
unkown
|
page read and write
|
|
|
|
2457DD90000
|
unkown image
|
page readonly
|
|
|
|
1AD76959000
|
unkown
|
page read and write
|
|
|
|
1A9F9F40000
|
unkown
|
page read and write
|
|
|
|
1A9FA185000
|
unkown
|
page read and write
|
|
|
|
7DF563FF2000
|
unkown image
|
page readonly
|
|
|
|
7FF51FF78000
|
unkown image
|
page readonly
|
|
|
|
7FF53180E000
|
unkown image
|
page readonly
|
|
|
|
7DF485890000
|
unkown image
|
page readonly
|
|
|
|
7FF5201DC000
|
unkown image
|
page readonly
|
|
|
|
B29917E000
|
stack
|
page read and write
|
|
|
|
7FF557D74000
|
unkown image
|
page readonly
|
|
|
|
7FF520011000
|
unkown image
|
page readonly
|
|
|
|
7FF52EDBF000
|
unkown image
|
page readonly
|
|
|
|
1DF55890000
|
unkown image
|
page readonly
|
|
|
|
7FF552414000
|
unkown image
|
page readonly
|
|
|
|
2457E1E0000
|
unkown image
|
page readonly
|
|
|
|
B298F7B000
|
stack
|
page read and write
|
|
|
|
7FF4F51EF000
|
unkown image
|
page readonly
|
|
|
|
BE0C2FF000
|
stack
|
page read and write
|
|
|
|
1A9FA1B3000
|
unkown
|
page read and write
|
|
|
|
7DF5879E0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F50FC000
|
unkown image
|
page readonly
|
|
|
|
7DF53E820000
|
unkown image
|
page readonly
|
|
|
|
11DB17A000
|
stack
|
page read and write
|
|
|
|
1F2CF360000
|
unkown image
|
page readonly
|
|
|
|
1DF55A3B000
|
unkown
|
page read and write
|
|
|
|
1DF55A13000
|
unkown
|
page read and write
|
|
|
|
11DAEFE000
|
stack
|
page read and write
|
|
|
|
7DF5B8FC2000
|
unkown image
|
page readonly
|
|
|
|
1AD767F3000
|
unkown
|
page read and write
|
|
|
|
1DF55A7F000
|
unkown
|
page read and write
|
|
|
|
1DF55850000
|
heap private
|
page read and write
|
|
|
|
7DF535BE2000
|
unkown image
|
page readonly
|
|
|
|
1AD7B852000
|
unkown
|
page read and write
|
|
|
|
7FF5A3605000
|
unkown image
|
page readonly
|
|
|
|
20D087E000
|
stack
|
page read and write
|
|
|
|
7DF535BE2000
|
unkown image
|
page readonly
|
|
|
|
EF2967D000
|
stack
|
page read and write
|
|
|
|
7FF54E5DC000
|
unkown image
|
page readonly
|
|
|
|
1F2CF990000
|
unkown image
|
page readonly
|
|
|
|
7FF52013F000
|
unkown image
|
page readonly
|
|
|
|
7FF520233000
|
unkown image
|
page readonly
|
|
|
|
1FEDBF70000
|
heap private
|
page read and write
|
|
|
|
7FF54E1F6000
|
unkown image
|
page readonly
|
|
|
|
1AD76919000
|
unkown
|
page read and write
|
|
|
|
1A9FA1AB000
|
unkown
|
page read and write
|
|
|
|
7FF558805000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5F0000
|
unkown
|
page read and write
|
|
|
|
1DF55A31000
|
unkown
|
page read and write
|
|
|
|
7FF5202ED000
|
unkown image
|
page readonly
|
|
|
|
1F84A308000
|
unkown
|
page read and write
|
|
|
|
7FF5A3688000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1C5000
|
unkown
|
page read and write
|
|
|
|
1A9FA100000
|
unkown
|
page read and write
|
|
|
|
1A9F9F50000
|
unkown image
|
page read and write
|
|
|
|
1DF55A7B000
|
unkown
|
page read and write
|
|
|
|
1AD7B908000
|
unkown
|
page read and write
|
|
|
|
BE0BFFD000
|
stack
|
page read and write
|
|
|
|
1A9F96D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FC0000
|
unkown image
|
page readonly
|
|
|
|
1AD767C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5287B9000
|
unkown image
|
page readonly
|
|
|
|
1615D580000
|
unkown image
|
page readonly
|
|
|
|
7FF4F50E7000
|
unkown image
|
page readonly
|
|
|
|
1F2CF220000
|
heap private
|
page read and write
|
|
|
|
1615D691000
|
unkown
|
page read and write
|
|
|
|
1A9F98C5000
|
unkown
|
page read and write
|
|
|
|
6DB9B7B000
|
stack
|
page read and write
|
|
|
|
20D0777000
|
stack
|
page read and write
|
|
|
|
7FF55233D000
|
unkown image
|
page readonly
|
|
|
|
7FF5202BB000
|
unkown image
|
page readonly
|
|
|
|
7FF5588ED000
|
unkown image
|
page readonly
|
|
|
|
1615D580000
|
unkown image
|
page readonly
|
|
|
|
7FF528E63000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5316F3000
|
unkown image
|
page readonly
|
|
|
|
1DF55A00000
|
unkown
|
page read and write
|
|
|
|
759C979000
|
stack
|
page read and write
|
|
|
|
7FF528D57000
|
unkown image
|
page readonly
|
|
|
|
1615D702000
|
unkown
|
page read and write
|
|
|
|
7FF52023A000
|
unkown image
|
page readonly
|
|
|
|
7FF52EDAE000
|
unkown image
|
page readonly
|
|
|
|
1615D8D0000
|
unkown image
|
page readonly
|
|
|
|
1FEDBC70000
|
unkown
|
page read and write
|
|
|
|
1A9FA18F000
|
unkown
|
page read and write
|
|
|
|
7FF528F04000
|
unkown image
|
page readonly
|
|
|
|
38E247F000
|
stack
|
page read and write
|
|
|
|
1A9F986A000
|
unkown
|
page read and write
|
|
|
|
1AD7B4B0000
|
unkown
|
page read and write
|
|
|
|
1AD7695A000
|
unkown
|
page read and write
|
|
|
|
1AD7B600000
|
unkown
|
page read and write
|
|
|
|
1AD767B0000
|
unkown image
|
page readonly
|
|
|
|
1F84A254000
|
unkown
|
page read and write
|
|
|
|
1AD75F10000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8B9000
|
unkown
|
page read and write
|
|
|
|
1AD7691A000
|
unkown
|
page read and write
|
|
|
|
23028E30000
|
unkown image
|
page readonly
|
|
|
|
7FF528679000
|
unkown image
|
page readonly
|
|
|
|
7FF520103000
|
unkown image
|
page readonly
|
|
|
|
38E21FF000
|
stack
|
page read and write
|
|
|
|
1F84A23C000
|
unkown
|
page read and write
|
|
|
|
7DF46C0D0000
|
unkown image
|
page readonly
|
|
|
|
1615D613000
|
unkown
|
page read and write
|
|
|
|
1A9FA190000
|
unkown
|
page read and write
|
|
|
|
7DF465D60000
|
unkown image
|
page readonly
|
|
|
|
7DF535BE0000
|
unkown image
|
page readonly
|
|
|
|
1DF56202000
|
unkown
|
page read and write
|
|
|
|
1A9FA191000
|
unkown
|
page read and write
|
|
|
|
26FBFC00000
|
unkown image
|
page readonly
|
|
|
|
1AD76B00000
|
unkown
|
page read and write
|
|
|
|
7DF564000000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5201F7000
|
unkown image
|
page readonly
|
|
|
|
1FEDBBE0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA184000
|
unkown
|
page read and write
|
|
|
|
1DF55A6A000
|
unkown
|
page read and write
|
|
|
|
7FF54E3DC000
|
unkown image
|
page readonly
|
|
|
|
11DAC7A000
|
stack
|
page read and write
|
|
|
|
1AD7B8E0000
|
unkown
|
page read and write
|
|
|
|
7FF528ED8000
|
unkown image
|
page readonly
|
|
|
|
7FF528E2C000
|
unkown image
|
page readonly
|
|
|
|
7FF558875000
|
unkown image
|
page readonly
|
|
|
|
7FF52E1C5000
|
unkown image
|
page readonly
|
|
|
|
7FF54E4A8000
|
unkown image
|
page readonly
|
|
|
|
7FF54E484000
|
unkown image
|
page readonly
|
|
|
|
1A9FA173000
|
unkown
|
page read and write
|
|
|
|
7FF55255F000
|
unkown image
|
page readonly
|
|
|
|
1615D651000
|
unkown
|
page read and write
|
|
|
|
1A9FA66A000
|
unkown
|
page read and write
|
|
|
|
7FF5A36B4000
|
unkown image
|
page readonly
|
|
|
|
7FF5720CD000
|
unkown image
|
page readonly
|
|
|
|
1A9F984B000
|
unkown
|
page read and write
|
|
|
|
1AD76000000
|
unkown
|
page read and write
|
|
|
|
1A9FA1B5000
|
unkown
|
page read and write
|
|
|
|
1FEDBDF0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B811000
|
unkown
|
page read and write
|
|
|
|
26FBFA29000
|
unkown
|
page read and write
|
|
|
|
7FF5319A5000
|
unkown image
|
page readonly
|
|
|
|
7FF552069000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18B000
|
unkown
|
page read and write
|
|
|
|
7FF5BC46F000
|
unkown image
|
page readonly
|
|
|
|
6DB9EFE000
|
stack
|
page read and write
|
|
|
|
7FF55259F000
|
unkown image
|
page readonly
|
|
|
|
7FF571FD8000
|
unkown image
|
page readonly
|
|
|
|
1A9FA191000
|
unkown
|
page read and write
|
|
|
|
7FF5524D5000
|
unkown image
|
page readonly
|
|
|
|
20D097F000
|
stack
|
page read and write
|
|
|
|
1AD7B800000
|
unkown
|
page read and write
|
|
|
|
38E267D000
|
stack
|
page read and write
|
|
|
|
7DF5D1DA0000
|
unkown image
|
page readonly
|
|
|
|
1534AFE000
|
stack
|
page read and write
|
|
|
|
759C7F9000
|
stack
|
page read and write
|
|
|
|
7FF57208F000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECD8000
|
unkown image
|
page readonly
|
|
|
|
271421B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC4AF000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5C0000
|
unkown
|
page read and write
|
|
|
|
7FF5202A8000
|
unkown image
|
page readonly
|
|
|
|
7FF5720BB000
|
unkown image
|
page readonly
|
|
|
|
1A9F9EA0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5CA000
|
unkown
|
page read and write
|
|
|
|
7FF54E37A000
|
unkown image
|
page readonly
|
|
|
|
1A9FA191000
|
unkown
|
page read and write
|
|
|
|
1A9F9A00000
|
unkown image
|
page readonly
|
|
|
|
7FF54E488000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51A8000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECF5000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC3F3000
|
unkown image
|
page readonly
|
|
|
|
1DF55A60000
|
unkown
|
page read and write
|
|
|
|
1AD7BAD0000
|
unkown
|
page read and write
|
|
|
|
7FF54E5C8000
|
unkown image
|
page readonly
|
|
|
|
1A9F98DF000
|
unkown
|
page read and write
|
|
|
|
1DF55A2F000
|
unkown
|
page read and write
|
|
|
|
7DF4089B0000
|
unkown image
|
page readonly
|
|
|
|
1F84AA02000
|
unkown
|
page read and write
|
|
|
|
7FF54E4A3000
|
unkown image
|
page readonly
|
|
|
|
7FF530E45000
|
unkown image
|
page readonly
|
|
|
|
7FF528AC6000
|
unkown image
|
page readonly
|
|
|
|
26FBFF90000
|
unkown image
|
page readonly
|
|
|
|
7DF5446B2000
|
unkown image
|
page readonly
|
|
|
|
1AD76902000
|
unkown
|
page read and write
|
|
|
|
1F84A24F000
|
unkown
|
page read and write
|
|
|
|
7DF564000000
|
unkown image
|
page readonly
|
|
|
|
1FEDBB50000
|
unkown image
|
page readonly
|
|
|
|
1AD76650000
|
unkown image
|
page readonly
|
|
|
|
BE0BDFC000
|
stack
|
page read and write
|
|
|
|
B29927D000
|
stack
|
page read and write
|
|
|
|
7DF56E220000
|
unkown image
|
page readonly
|
|
|
|
7DF5446C2000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FE0000
|
unkown image
|
page readonly
|
|
|
|
7FF55258B000
|
unkown image
|
page readonly
|
|
|
|
759C8FE000
|
stack
|
page read and write
|
|
|
|
27142970000
|
unkown
|
page read and write
|
|
|
|
6DB9C77000
|
stack
|
page read and write
|
|
|
|
7FF54E3F7000
|
unkown image
|
page readonly
|
|
|
|
7DF50AAF2000
|
unkown image
|
page readonly
|
|
|
|
1DF55A5F000
|
unkown
|
page read and write
|
|
|
|
1F2CF230000
|
unkown image
|
page readonly
|
|
|
|
1AD7BAE0000
|
unkown
|
page read and write
|
|
|
|
7FF51FAAA000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18A000
|
unkown
|
page read and write
|
|
|
|
7FF558817000
|
unkown image
|
page readonly
|
|
|
|
7FF5201D2000
|
unkown image
|
page readonly
|
|
|
|
7FF52871D000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4D20000
|
unkown image
|
page readonly
|
|
|
|
26FBF810000
|
unkown image
|
page read and write
|
|
|
|
1F2CF380000
|
unkown
|
page read and write
|
|
|
|
1AD7695A000
|
unkown
|
page read and write
|
|
|
|
7FF51FFA3000
|
unkown image
|
page readonly
|
|
|
|
1AD7C000000
|
unkown
|
page read and write
|
|
|
|
7FF5BC415000
|
unkown image
|
page readonly
|
|
|
|
7FF571FFD000
|
unkown image
|
page readonly
|
|
|
|
1A9FA002000
|
unkown
|
page read and write
|
|
|
|
7DF547332000
|
unkown image
|
page readonly
|
|
|
|
907787F000
|
stack
|
page read and write
|
|
|
|
2457DED1000
|
unkown
|
page read and write
|
|
|
|
1AD7608B000
|
unkown
|
page read and write
|
|
|
|
7FF5720AD000
|
unkown image
|
page readonly
|
|
|
|
1DF55990000
|
unkown image
|
page readonly
|
|
|
|
20D057F000
|
stack
|
page read and write
|
|
|
|
23028E80000
|
heap default
|
page read and write
|
|
|
|
7FF53182E000
|
unkown image
|
page readonly
|
|
|
|
1A9F986B000
|
unkown
|
page read and write
|
|
|
|
7DF535C00000
|
unkown image
|
page readonly
|
|
|
|
7FF52ED86000
|
unkown image
|
page readonly
|
|
|
|
7FF4F5125000
|
unkown image
|
page readonly
|
|
|
|
7FF52EBAE000
|
unkown image
|
page readonly
|
|
|
|
7FF5585E8000
|
unkown image
|
page readonly
|
|
|
|
7FF4F464C000
|
unkown image
|
page readonly
|
|
|
|
1AD7B908000
|
unkown
|
page read and write
|
|
|
|
7FF528E55000
|
unkown image
|
page readonly
|
|
|
|
1F84A1F0000
|
unkown
|
page read and write
|
|
|
|
1AD7608D000
|
unkown
|
page read and write
|
|
|
|
7DF5879C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC476000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC3B7000
|
unkown image
|
page readonly
|
|
|
|
7DF535BF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5588DE000
|
unkown image
|
page readonly
|
|
|
|
1AD7B720000
|
unkown
|
page read and write
|
|
|
|
7FF5720BE000
|
unkown image
|
page readonly
|
|
|
|
26FBFE00000
|
unkown image
|
page readonly
|
|
|
|
EF2927C000
|
stack
|
page read and write
|
|
|
|
7FF5200FD000
|
unkown image
|
page readonly
|
|
|
|
1AD7B4C0000
|
unkown
|
page read and write
|
|
|
|
7DF50AAE0000
|
unkown image
|
page readonly
|
|
|
|
1615D655000
|
unkown
|
page read and write
|
|
|
|
7DF567E92000
|
unkown image
|
page readonly
|
|
|
|
7DF5879D0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E5FC000
|
unkown image
|
page readonly
|
|
|
|
23028E60000
|
unkown image
|
page readonly
|
|
|
|
1DF55A2E000
|
unkown
|
page read and write
|
|
|
|
7DF56E200000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC480000
|
unkown image
|
page readonly
|
|
|
|
26FC0202000
|
unkown
|
page read and write
|
|
|
|
1AD76013000
|
unkown
|
page read and write
|
|
|
|
7FF571E9F000
|
unkown image
|
page readonly
|
|
|
|
1DF55860000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51C0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A5000
|
unkown
|
page read and write
|
|
|
|
1A9FA1A4000
|
unkown
|
page read and write
|
|
|
|
7FF54E6DB000
|
unkown image
|
page readonly
|
|
|
|
1FEDBBA0000
|
unkown
|
page read and write
|
|
|
|
7DF563FF0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B95C000
|
unkown
|
page read and write
|
|
|
|
1AD7B902000
|
unkown
|
page read and write
|
|
|
|
7FF54DF16000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3613000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DB2000
|
unkown image
|
page readonly
|
|
|
|
7DF56E210000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3D3000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5C1000
|
unkown
|
page read and write
|
|
|
|
2457DEBA000
|
unkown
|
page read and write
|
|
|
|
1A9F98A7000
|
unkown
|
page read and write
|
|
|
|
1A9FA603000
|
unkown
|
page read and write
|
|
|
|
1AD76029000
|
unkown
|
page read and write
|
|
|
|
1A9F9861000
|
unkown
|
page read and write
|
|
|
|
1AD7607A000
|
unkown
|
page read and write
|
|
|
|
7FF5A36CF000
|
unkown image
|
page readonly
|
|
|
|
1DF55A85000
|
unkown
|
page read and write
|
|
|
|
11DAE7B000
|
stack
|
page read and write
|
|
|
|
1AD7603D000
|
unkown
|
page read and write
|
|
|
|
907712E000
|
stack
|
page read and write
|
|
|
|
2457E060000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18E000
|
unkown
|
page read and write
|
|
|
|
7FF571F4E000
|
unkown image
|
page readonly
|
|
|
|
7DF567E92000
|
unkown image
|
page readonly
|
|
|
|
1AD76919000
|
unkown
|
page read and write
|
|
|
|
2457DEC4000
|
unkown
|
page read and write
|
|
|
|
2457DDF0000
|
unkown
|
page read and write
|
|
|
|
7FF528F0E000
|
unkown image
|
page readonly
|
|
|
|
2457DEC2000
|
unkown
|
page read and write
|
|
|
|
1AD7609E000
|
unkown
|
page read and write
|
|
|
|
7FF55881C000
|
unkown image
|
page readonly
|
|
|
|
1DF55A49000
|
unkown
|
page read and write
|
|
|
|
1A9FA19E000
|
unkown
|
page read and write
|
|
|
|
7FF531933000
|
unkown image
|
page readonly
|
|
|
|
BE0BCFD000
|
stack
|
page read and write
|
|
|
|
7FF528716000
|
unkown image
|
page readonly
|
|
|
|
26FBF830000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35DD000
|
unkown image
|
page readonly
|
|
|
|
1AD7B730000
|
unkown
|
page read and write
|
|
|
|
271426D0000
|
unkown image
|
page readonly
|
|
|
|
7DF4B6E90000
|
unkown image
|
page readonly
|
|
|
|
11DB5FE000
|
stack
|
page read and write
|
|
|
|
7FF571DD7000
|
unkown image
|
page readonly
|
|
|
|
7FF528E85000
|
unkown image
|
page readonly
|
|
|
|
1A9FA196000
|
unkown
|
page read and write
|
|
|
|
7FF52E889000
|
unkown image
|
page readonly
|
|
|
|
7FF531A3F000
|
unkown image
|
page readonly
|
|
|
|
7DF5879D2000
|
unkown image
|
page readonly
|
|
|
|
7FF528F0B000
|
unkown image
|
page readonly
|
|
|
|
7FF531737000
|
unkown image
|
page readonly
|
|
|
|
1A9FA193000
|
unkown
|
page read and write
|
|
|
|
1615D570000
|
heap private
|
page read and write
|
|
|
|
7DF547332000
|
unkown image
|
page readonly
|
|
|
|
7FF5201A7000
|
unkown image
|
page readonly
|
|
|
|
1AD7B430000
|
unkown
|
page read and write
|
|
|
|
1A9FA170000
|
unkown
|
page read and write
|
|
|
|
1F84A27C000
|
unkown
|
page read and write
|
|
|
|
7FF531A3F000
|
unkown image
|
page readonly
|
|
|
|
7FF54DEA3000
|
unkown image
|
page readonly
|
|
|
|
1A9F9D90000
|
unkown image
|
page readonly
|
|
|
|
7DF56E210000
|
unkown image
|
page readonly
|
|
|
|
1A9F98D8000
|
unkown
|
page read and write
|
|
|
|
7FF54E59D000
|
unkown image
|
page readonly
|
|
|
|
1A9FA702000
|
unkown
|
page read and write
|
|
|
|
1AD76815000
|
unkown
|
page read and write
|
|
|
|
1DF55F80000
|
unkown image
|
page readonly
|
|
|
|
11DAB79000
|
stack
|
page read and write
|
|
|
|
38E1F7A000
|
stack
|
page read and write
|
|
|
|
1A9F9865000
|
unkown
|
page read and write
|
|
|
|
7DF563FE0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FD2000
|
unkown image
|
page readonly
|
|
|
|
7FF51FFF7000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1D7000
|
unkown
|
page read and write
|
|
|
|
7FF54E5B0000
|
unkown image
|
page readonly
|
|
|
|
1FEDBB40000
|
unkown
|
page read and write
|
|
|
|
1A9FA113000
|
unkown
|
page read and write
|
|
|
|
7DF535BF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5720B4000
|
unkown image
|
page readonly
|
|
|
|
7FF571E6D000
|
unkown image
|
page readonly
|
|
|
|
26FBF880000
|
heap default
|
page read and write
|
|
|
|
1AD7B710000
|
unkown
|
page read and write
|
|
|
|
7FF4F51EF000
|
unkown image
|
page readonly
|
|
|
|
1534DFB000
|
stack
|
page read and write
|
|
|
|
7DF53E810000
|
unkown image
|
page readonly
|
|
|
|
1AD7B911000
|
unkown
|
page read and write
|
|
|
|
23029400000
|
unkown image
|
page readonly
|
|
|
|
1F2CF800000
|
unkown image
|
page readonly
|
|
|
|
26FBFA02000
|
unkown
|
page read and write
|
|
|
|
1AD7B90D000
|
unkown
|
page read and write
|
|
|
|
7FF571FE8000
|
unkown image
|
page readonly
|
|
|
|
7FF520225000
|
unkown image
|
page readonly
|
|
|
|
1A9F9700000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5CE000
|
unkown
|
page read and write
|
|
|
|
7FF57209B000
|
unkown image
|
page readonly
|
|
|
|
1615DD30000
|
unkown
|
page read and write
|
|
|
|
1AD7B5C8000
|
unkown
|
page read and write
|
|
|
|
7FF5200BE000
|
unkown image
|
page readonly
|
|
|
|
1AD7B81D000
|
unkown
|
page read and write
|
|
|
|
1A9FA191000
|
unkown
|
page read and write
|
|
|
|
7FF52E898000
|
unkown image
|
page readonly
|
|
|
|
7FF531895000
|
unkown image
|
page readonly
|
|
|
|
1F84A213000
|
unkown
|
page read and write
|
|
|
|
1615D629000
|
unkown
|
page read and write
|
|
|
|
1FEDC190000
|
unkown image
|
page readonly
|
|
|
|
7FF54E6D4000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8E6000
|
unkown
|
page read and write
|
|
|
|
759C77E000
|
stack
|
page read and write
|
|
|
|
1F2CF487000
|
unkown
|
page read and write
|
|
|
|
7FF5BC48D000
|
unkown image
|
page readonly
|
|
|
|
1AD7B6A0000
|
unkown
|
page read and write
|
|
|
|
1AD7B5E0000
|
unkown
|
page read and write
|
|
|
|
759C879000
|
stack
|
page read and write
|
|
|
|
7FF5200A8000
|
unkown image
|
page readonly
|
|
|
|
7FF54E6BB000
|
unkown image
|
page readonly
|
|
|
|
11DB4FE000
|
stack
|
page read and write
|
|
|
|
7FF520208000
|
unkown image
|
page readonly
|
|
|
|
7FF572088000
|
unkown image
|
page readonly
|
|
|
|
1AD7B83C000
|
unkown
|
page read and write
|
|
|
|
1A9F9813000
|
unkown
|
page read and write
|
|
|
|
7FF54E6DE000
|
unkown image
|
page readonly
|
|
|
|
1F2CFD00000
|
unkown
|
page read and write
|
|
|
|
1AD7B5CB000
|
unkown
|
page read and write
|
|
|
|
1AD7B5C0000
|
unkown
|
page read and write
|
|
|
|
1DF55A2C000
|
unkown
|
page read and write
|
|
|
|
7FF520229000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51D4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F5155000
|
unkown image
|
page readonly
|
|
|
|
1A9FA194000
|
unkown
|
page read and write
|
|
|
|
1A9FA16F000
|
unkown
|
page read and write
|
|
|
|
7FF54E6CD000
|
unkown image
|
page readonly
|
|
|
|
7FF5588C8000
|
unkown image
|
page readonly
|
|
|
|
7DF5879C0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A6000
|
unkown
|
page read and write
|
|
|
|
1F84A1D0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA170000
|
unkown
|
page read and write
|
|
|
|
1DF55A67000
|
unkown
|
page read and write
|
|
|
|
2457DEC4000
|
unkown
|
page read and write
|
|
|
|
1F2CF429000
|
unkown
|
page read and write
|
|
|
|
271421C0000
|
unkown image
|
page readonly
|
|
|
|
7DF50AAE2000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DA2000
|
unkown image
|
page readonly
|
|
|
|
B29887B000
|
unkown
|
page read and write
|
|
|
|
1F2CF230000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECB3000
|
unkown image
|
page readonly
|
|
|
|
2457DEC4000
|
unkown
|
page read and write
|
|
|
|
B298C7E000
|
stack
|
page read and write
|
|
|
|
7FF54E19F000
|
unkown image
|
page readonly
|
|
|
|
7FF5202DE000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18E000
|
unkown
|
page read and write
|
|
|
|
1F84A24A000
|
unkown
|
page read and write
|
|
|
|
7FF52EDBB000
|
unkown image
|
page readonly
|
|
|
|
7FF5319F8000
|
unkown image
|
page readonly
|
|
|
|
1A9FA600000
|
unkown
|
page read and write
|
|
|
|
7FF571E8C000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC3E9000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC4AD000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECED000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5E1000
|
unkown
|
page read and write
|
|
|
|
759C67F000
|
stack
|
page read and write
|
|
|
|
1615D5B0000
|
unkown image
|
page readonly
|
|
|
|
1DF55840000
|
unkown image
|
page read and write
|
|
|
|
7FF54E61D000
|
unkown image
|
page readonly
|
|
|
|
1DF55A4A000
|
unkown
|
page read and write
|
|
|
|
7FF55199F000
|
unkown image
|
page readonly
|
|
|
|
7FF5202D4000
|
unkown image
|
page readonly
|
|
|
|
2457DED0000
|
unkown
|
page read and write
|
|
|
|
B298A7C000
|
stack
|
page read and write
|
|
|
|
90771AE000
|
stack
|
page read and write
|
|
|
|
7FF520013000
|
unkown image
|
page readonly
|
|
|
|
1615D688000
|
unkown
|
page read and write
|
|
|
|
7FF5BC4AF000
|
unkown image
|
page readonly
|
|
|
|
1F2CF400000
|
unkown
|
page read and write
|
|
|
|
7FF558154000
|
unkown image
|
page readonly
|
|
|
|
7FF552497000
|
unkown image
|
page readonly
|
|
|
|
1FEDC390000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC370000
|
unkown image
|
page readonly
|
|
|
|
7DF50AAF0000
|
unkown image
|
page readonly
|
|
|
|
7FF571FBC000
|
unkown image
|
page readonly
|
|
|
|
7FF5588FB000
|
unkown image
|
page readonly
|
|
|
|
2457E205000
|
heap private
|
page read and write
|
|
|
|
7FF531947000
|
unkown image
|
page readonly
|
|
|
|
1AD75F30000
|
unkown image
|
page readonly
|
|
|
|
1F84A170000
|
unkown image
|
page readonly
|
|
|
|
1615D708000
|
unkown
|
page read and write
|
|
|
|
7DF50AAE0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B6A0000
|
unkown
|
page read and write
|
|
|
|
B298EFD000
|
stack
|
page read and write
|
|
|
|
7FF5201E3000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5584E4000
|
unkown image
|
page readonly
|
|
|
|
7FF531958000
|
unkown image
|
page readonly
|
|
|
|
1AD7B908000
|
unkown
|
page read and write
|
|
|
|
1DF55A62000
|
unkown
|
page read and write
|
|
|
|
1FEDCAB0000
|
unkown
|
page read and write
|
|
|
|
2302906F000
|
unkown
|
page read and write
|
|
|
|
7FF571E62000
|
unkown image
|
page readonly
|
|
|
|
1AD7B6E0000
|
unkown
|
page read and write
|
|
|
|
7FF571FC7000
|
unkown image
|
page readonly
|
|
|
|
1AD75FA0000
|
unkown image
|
page read and write
|
|
|
|
27142A02000
|
unkown
|
page read and write
|
|
|
|
1FEDBB70000
|
unkown image
|
page readonly
|
|
|
|
1F84A190000
|
unkown image
|
page readonly
|
|
|
|
7FF571DCD000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18D000
|
unkown
|
page read and write
|
|
|
|
2457E200000
|
heap private
|
page read and write
|
|
|
|
7FF55846E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A361A000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8B2000
|
unkown
|
page read and write
|
|
|
|
7DF50AAF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5200B3000
|
unkown image
|
page readonly
|
|
|
|
1F84A300000
|
unkown
|
page read and write
|
|
|
|
7FF5318B4000
|
unkown image
|
page readonly
|
|
|
|
1A9FA194000
|
unkown
|
page read and write
|
|
|
|
38E22FA000
|
stack
|
page read and write
|
|
|
|
26FBFA58000
|
unkown
|
page read and write
|
|
|
|
1615D671000
|
unkown
|
page read and write
|
|
|
|
38E20F7000
|
stack
|
page read and write
|
|
|
|
7DF5446C2000
|
unkown image
|
page readonly
|
|
|
|
1DF55A29000
|
unkown
|
page read and write
|
|
|
|
23029108000
|
unkown
|
page read and write
|
|
|
|
1A9FA179000
|
unkown
|
page read and write
|
|
|
|
1AD7B690000
|
unkown
|
page read and write
|
|
|
|
7FF5BC494000
|
unkown image
|
page readonly
|
|
|
|
7FF52E883000
|
unkown image
|
page readonly
|
|
|
|
7FF52EC0F000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FD0000
|
unkown image
|
page readonly
|
|
|
|
26FBFA13000
|
unkown
|
page read and write
|
|
|
|
7FF5202DB000
|
unkown image
|
page readonly
|
|
|
|
7FF5587F2000
|
unkown image
|
page readonly
|
|
|
|
7DF547342000
|
unkown image
|
page readonly
|
|
|
|
1AD75F70000
|
unkown image
|
page readonly
|
|
|
|
1AD76919000
|
unkown
|
page read and write
|
|
|
|
7DF567EB0000
|
unkown image
|
page readonly
|
|
|
|
1AD75F40000
|
unkown image
|
page readonly
|
|
|
|
7FF531A10000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECC7000
|
unkown image
|
page readonly
|
|
|
|
1F2CF4CC000
|
unkown
|
page read and write
|
|
|
|
B298DFC000
|
stack
|
page read and write
|
|
|
|
7FF4F511D000
|
unkown image
|
page readonly
|
|
|
|
1A9F9829000
|
unkown
|
page read and write
|
|
|
|
1AD76FE0000
|
unkown
|
page read and write
|
|
|
|
1AD76075000
|
unkown
|
page read and write
|
|
|
|
1AD76113000
|
unkown
|
page read and write
|
|
|
|
1615D700000
|
unkown
|
page read and write
|
|
|
|
7FF552566000
|
unkown image
|
page readonly
|
|
|
|
1A9FA104000
|
unkown
|
page read and write
|
|
|
|
7FF54E294000
|
unkown image
|
page readonly
|
|
|
|
7FF531503000
|
unkown image
|
page readonly
|
|
|
|
271421F0000
|
unkown image
|
page readonly
|
|
|
|
7FF55871D000
|
unkown image
|
page readonly
|
|
|
|
2302904F000
|
unkown
|
page read and write
|
|
|
|
7FF52ED90000
|
unkown image
|
page readonly
|
|
|
|
7FF54E440000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18D000
|
unkown
|
page read and write
|
|
|
|
7DF5879C2000
|
unkown image
|
page readonly
|
|
|
|
7DF56E200000
|
unkown image
|
page readonly
|
|
|
|
7DF563FE2000
|
unkown image
|
page readonly
|
|
|
|
23029102000
|
unkown
|
page read and write
|
|
|
|
7DF547330000
|
unkown image
|
page readonly
|
|
|
|
7FF531975000
|
unkown image
|
page readonly
|
|
|
|
907777E000
|
stack
|
page read and write
|
|
|
|
7FF5A3696000
|
unkown image
|
page readonly
|
|
|
|
7FF572005000
|
unkown image
|
page readonly
|
|
|
|
7FF57152F000
|
unkown image
|
page readonly
|
|
|
|
2457DEB7000
|
unkown
|
page read and write
|
|
|
|
23028F60000
|
unkown image
|
page readonly
|
|
|
|
759C9FF000
|
stack
|
page read and write
|
|
|
|
7FF52ED25000
|
unkown image
|
page readonly
|
|
|
|
1FEDBF80000
|
unkown
|
page read and write
|
|
|
|
7FF530E3F000
|
unkown image
|
page readonly
|
|
|
|
1A9F98B1000
|
unkown
|
page read and write
|
|
|
|
7FF528D2D000
|
unkown image
|
page readonly
|
|
|
|
7FF52EC15000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8F5000
|
unkown
|
page read and write
|
|
|
|
1A9F9916000
|
unkown
|
page read and write
|
|
|
|
7FF55890B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC380000
|
unkown image
|
page readonly
|
|
|
|
1FEDC860000
|
unkown
|
page read and write
|
|
|
|
7DF5D1DB0000
|
unkown image
|
page readonly
|
|
|
|
1A9F98AF000
|
unkown
|
page read and write
|
|
|
|
1DF559B0000
|
unkown
|
page read and write
|
|
|
|
6DB997E000
|
stack
|
page read and write
|
|
|
|
1534A7B000
|
unkown
|
page read and write
|
|
|
|
7FF5A36CF000
|
unkown image
|
page readonly
|
|
|
|
1A9FA193000
|
unkown
|
page read and write
|
|
|
|
1A9F9C00000
|
unkown image
|
page readonly
|
|
|
|
7FF528EE6000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3609000
|
unkown image
|
page readonly
|
|
|
|
1DF55A61000
|
unkown
|
page read and write
|
|
|
|
1F2CF260000
|
unkown image
|
page readonly
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
1DF55A3E000
|
unkown
|
page read and write
|
|
|
|
1AD76790000
|
unkown image
|
page readonly
|
|
|
|
7FF54E53F000
|
unkown image
|
page readonly
|
|
|
|
2457DEB9000
|
unkown
|
page read and write
|
|
|
|
1AD7B90F000
|
unkown
|
page read and write
|
|
|
|
15350FE000
|
stack
|
page read and write
|
|
|
|
1AD75EF0000
|
unkown image
|
page read and write
|
|
|
|
7FF5586A2000
|
unkown image
|
page readonly
|
|
|
|
1DF55E00000
|
unkown image
|
page readonly
|
|
|
|
1F84A150000
|
unkown image
|
page read and write
|
|
|
|
26FBFF80000
|
unkown image
|
page readonly
|
|
|
|
1615DC50000
|
unkown image
|
page readonly
|
|
|
|
B298D7F000
|
stack
|
page read and write
|
|
|
|
1DF55A6E000
|
unkown
|
page read and write
|
|
|
|
23029002000
|
unkown
|
page read and write
|
|
|
|
1DF55A42000
|
unkown
|
page read and write
|
|
|
|
38E23F7000
|
stack
|
page read and write
|
|
|
|
7DF50AB00000
|
unkown image
|
page readonly
|
|
|
|
7FF571FB2000
|
unkown image
|
page readonly
|
|
|
|
1A9FA183000
|
unkown
|
page read and write
|
|
|
|
7FF5588CF000
|
unkown image
|
page readonly
|
|
|
|
7DF547330000
|
unkown image
|
page readonly
|
|
|
|
2457DE97000
|
heap default
|
page read and write
|
|
|
|
7FF51F6F5000
|
unkown image
|
page readonly
|
|
|
|
1A9F9884000
|
unkown
|
page read and write
|
|
|
|
1F2CFD3A000
|
unkown
|
page read and write
|
|
|
|
1AD767E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC49B000
|
unkown image
|
page readonly
|
|
|
|
1DF55C00000
|
unkown image
|
page readonly
|
|
|
|
1AD75F90000
|
unkown
|
page read and write
|
|
|
|
7FF520255000
|
unkown image
|
page readonly
|
|
|
|
1F2CF4E4000
|
unkown
|
page read and write
|
|
|
|
1A9FA1A5000
|
unkown
|
page read and write
|
|
|
|
11DAD7E000
|
stack
|
page read and write
|
|
|
|
7DF56E212000
|
unkown image
|
page readonly
|
|
|
|
11DA87B000
|
unkown
|
page read and write
|
|
|
|
7FF54E3E3000
|
unkown image
|
page readonly
|
|
|
|
27142190000
|
unkown image
|
page readonly
|
|
|
|
1A9F983C000
|
unkown
|
page read and write
|
|
|
|
7FF54E48D000
|
unkown image
|
page readonly
|
|
|
|
907757E000
|
stack
|
page read and write
|
|
|
|
1AD76058000
|
unkown
|
page read and write
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
1AD7B463000
|
unkown
|
page read and write
|
|
|
|
7FF54E6AF000
|
unkown image
|
page readonly
|
|
|
|
7DF43C6E0000
|
unkown image
|
page readonly
|
|
|
|
1F84A229000
|
unkown
|
page read and write
|
|
|
|
7FF5588FE000
|
unkown image
|
page readonly
|
|
|
|
7FF531803000
|
unkown image
|
page readonly
|
|
|
|
7FF52EDBF000
|
unkown image
|
page readonly
|
|
|
|
7FF520164000
|
unkown image
|
page readonly
|
|
|
|
1FEDBC70000
|
unkown
|
page read and write
|
|
|
|
7FF5A3276000
|
unkown image
|
page readonly
|
|
|
|
1AD7B85F000
|
unkown
|
page read and write
|
|
|
|
7FF5201B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A369B000
|
unkown image
|
page readonly
|
|
|
|
38E2778000
|
stack
|
page read and write
|
|
|
|
1A9FA183000
|
unkown
|
page read and write
|
|
|
|
1AD7B6F0000
|
unkown
|
page read and write
|
|
|
|
7FF572013000
|
unkown image
|
page readonly
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
7FF54E6EF000
|
unkown image
|
page readonly
|
|
|
|
1AD76E00000
|
unkown
|
page read and write
|
|
|
|
7DF547340000
|
unkown image
|
page readonly
|
|
|
|
1AD76070000
|
unkown
|
page read and write
|
|
|
|
26FBF850000
|
unkown image
|
page readonly
|
|
|
|
7FF531937000
|
unkown image
|
page readonly
|
|
|
|
7FF54E270000
|
unkown image
|
page readonly
|
|
|
|
7FF5583BF000
|
unkown image
|
page readonly
|
|
|
|
1A9F984E000
|
unkown
|
page read and write
|
|
|
|
D4DD5FF000
|
stack
|
page read and write
|
|
|
|
7FF52ECF9000
|
unkown image
|
page readonly
|
|
|
|
B29937F000
|
stack
|
page read and write
|
|
|
|
1A9F96F0000
|
unkown image
|
page readonly
|
|
|
|
27142229000
|
unkown
|
page read and write
|
|
|
|
7FF5201C8000
|
unkown image
|
page readonly
|
|
|
|
7FF54E629000
|
unkown image
|
page readonly
|
|
|
|
1DF55A7C000
|
unkown
|
page read and write
|
|
|
|
7FF5A3633000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC468000
|
unkown image
|
page readonly
|
|
|
|
1DF558B0000
|
heap default
|
page read and write
|
|
|
|
7FF54E5C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5879C2000
|
unkown image
|
page readonly
|
|
|
|
7FF528EF0000
|
unkown image
|
page readonly
|
|
|
|
7FF528D49000
|
unkown image
|
page readonly
|
|
|
|
11DAA77000
|
stack
|
page read and write
|
|
|
|
7DF5D1DB0000
|
unkown image
|
page readonly
|
|
|
|
2457DEA7000
|
heap default
|
page read and write
|
|
|
|
7DF56E212000
|
unkown image
|
page readonly
|
|
|
|
20D00BB000
|
unkown
|
page read and write
|
|
|
|
7FF5317DD000
|
unkown image
|
page readonly
|
|
|
|
BE0C0FE000
|
stack
|
page read and write
|
|
|
|
7FF55890F000
|
unkown image
|
page readonly
|
|
|
|
1FEDC510000
|
unkown image
|
page readonly
|
|
|
|
7DF56E202000
|
unkown image
|
page readonly
|
|
|
|
7FF54E277000
|
unkown image
|
page readonly
|
|
|
|
1F84A200000
|
unkown
|
page read and write
|
|
|
|
7DF567EA0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA196000
|
unkown
|
page read and write
|
|
|
|
7FF54E633000
|
unkown image
|
page readonly
|
|
|
|
1F84A257000
|
unkown
|
page read and write
|
|
|
|
1AD7BA10000
|
unkown
|
page read and write
|
|
|
|
7FF5BC3BD000
|
unkown image
|
page readonly
|
|
|
|
7FF558845000
|
unkown image
|
page readonly
|
|
|
|
7FF51FFA9000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5523F5000
|
unkown image
|
page readonly
|
|
|
|
1AD764D0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E413000
|
unkown image
|
page readonly
|
|
|
|
1AD76B81000
|
unkown
|
page read and write
|
|
|
|
7FF54E3ED000
|
unkown image
|
page readonly
|
|
|
|
1F84A1C0000
|
heap default
|
page read and write
|
|
|
|
7FF5202EB000
|
unkown image
|
page readonly
|
|
|
|
1F2CFA60000
|
unkown image
|
page write copy
|
|
|
|
1A9FA621000
|
unkown
|
page read and write
|
|
|
|
38E1C7C000
|
unkown
|
page read and write
|
|
|
|
7FF5A36AD000
|
unkown image
|
page readonly
|
|
|
|
7FF5524B8000
|
unkown image
|
page readonly
|
|
|
|
1A9FA193000
|
unkown
|
page read and write
|
|
|
|
7FF54E6EB000
|
unkown image
|
page readonly
|
|
|
|
7FF5200A3000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A6000
|
unkown
|
page read and write
|
|
|
|
7FF528E24000
|
unkown image
|
page readonly
|
|
|
|
7DF433AB0000
|
unkown image
|
page readonly
|
|
|
|
1A9F9F40000
|
unkown
|
page read and write
|
|
|
|
38E1CFE000
|
stack
|
page read and write
|
|
|
|
7FF520003000
|
unkown image
|
page readonly
|
|
|
|
27142190000
|
unkown image
|
page readonly
|
|
|
|
7DF53E830000
|
unkown image
|
page readonly
|
|
|
|
1DF55A46000
|
unkown
|
page read and write
|
|
|
|
7FF5720CF000
|
unkown image
|
page readonly
|
|
|
|
1A9F98C0000
|
unkown
|
page read and write
|
|
|
|
1F84A313000
|
unkown
|
page read and write
|
|
|
|
7FF54E608000
|
unkown image
|
page readonly
|
|
|
|
1AD7B440000
|
unkown
|
page read and write
|
|
|
|
1AD76800000
|
unkown
|
page read and write
|
|
|
|
7FF51F6EF000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1C4000
|
unkown
|
page read and write
|
|
|
|
7FF5523EF000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4D53000
|
unkown image
|
page readonly
|
|
|
|
7DF50AAF2000
|
unkown image
|
page readonly
|
|
|
|
2457E210000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5C7000
|
unkown
|
page read and write
|
|
|
|
1FEDBC28000
|
heap default
|
page read and write
|
|
|
|
1A9F9848000
|
unkown
|
page read and write
|
|
|
|
1A9FA185000
|
unkown
|
page read and write
|
|
|
|
7FF558853000
|
unkown image
|
page readonly
|
|
|
|
7FF52ECB7000
|
unkown image
|
page readonly
|
|
|
|
1AD76077000
|
unkown
|
page read and write
|
|
|
|
7FF54E5E7000
|
unkown image
|
page readonly
|
|
|
|
1AD76091000
|
unkown
|
page read and write
|
|
|
|
7FF54E3E1000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A9000
|
unkown
|
page read and write
|
|
|
|
2457DD70000
|
unkown image
|
page read and write
|
|
|
|
7FF5BC3DD000
|
unkown image
|
page readonly
|
|
|
|
20D04FC000
|
stack
|
page read and write
|
|
|
|
7FF5201FC000
|
unkown image
|
page readonly
|
|
|
|
7FF528EDF000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1B4000
|
unkown
|
page read and write
|
|
|
|
1AD7B8F5000
|
unkown
|
page read and write
|
|
|
|
27142970000
|
unkown
|
page read and write
|
|
|
|
7FF528E4D000
|
unkown image
|
page readonly
|
|
|
|
26FBFB02000
|
unkown
|
page read and write
|
|
|
|
7FF54E63A000
|
unkown image
|
page readonly
|
|
|
|
7FF4F5129000
|
unkown image
|
page readonly
|
|
|
|
7FF531A3B000
|
unkown image
|
page readonly
|
|
|
|
1AD7B720000
|
unkown
|
page read and write
|
|
|
|
1615D5E0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B720000
|
unkown
|
page read and write
|
|
|
|
7FF5524A7000
|
unkown image
|
page readonly
|
|
|
|
1F84A256000
|
unkown
|
page read and write
|
|
|
|
7FF5202EF000
|
unkown image
|
page readonly
|
|
|
|
EF293FE000
|
stack
|
page read and write
|
|
|
|
7FF52021D000
|
unkown image
|
page readonly
|
|
|
|
7FF54E564000
|
unkown image
|
page readonly
|
|
|
|
1AD76802000
|
unkown
|
page read and write
|
|
|
|
1F84A160000
|
heap private
|
page read and write
|
|
|
|
7DF53E810000
|
unkown image
|
page readonly
|
|
|
|
20D01BE000
|
stack
|
page read and write
|
|
|
|
2457DDB0000
|
unkown image
|
page readonly
|
|
|
|
1AD76918000
|
unkown
|
page read and write
|
|
|
|
1AD7B5C0000
|
unkown
|
page read and write
|
|
|
|
7FF558807000
|
unkown image
|
page readonly
|
|
|
|
27142860000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC1A8000
|
unkown image
|
page readonly
|
|
|
|
7FF52EB8E000
|
unkown image
|
page readonly
|
|
|
|
23029100000
|
unkown
|
page read and write
|
|
|
|
7FF4F51EB000
|
unkown image
|
page readonly
|
|
|
|
271424D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51BB000
|
unkown image
|
page readonly
|
|
|
|
7FF528BDA000
|
unkown image
|
page readonly
|
|
|
|
1AD767F0000
|
unkown
|
page read and write
|
|
|
|
7DF547342000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4EA3000
|
unkown image
|
page readonly
|
|
|
|
7FF54E5A7000
|
unkown image
|
page readonly
|
|
|
|
1A9F9ED0000
|
unkown image
|
page write copy
|
|
|
|
7FF55878E000
|
unkown image
|
page readonly
|
|
|
|
7FF572035000
|
unkown image
|
page readonly
|
|
|
|
7FF54E6EF000
|
unkown image
|
page readonly
|
|
|
|
1615DE02000
|
unkown
|
page read and write
|
|
|
|
1AD7B8E0000
|
unkown
|
page read and write
|
|
|
|
D4DD11A000
|
unkown
|
page read and write
|
|
|
|
1A9FA18A000
|
unkown
|
page read and write
|
|
|
|
7FF54E3AF000
|
unkown image
|
page readonly
|
|
|
|
2457DEB7000
|
heap default
|
page read and write
|
|
|
|
1F84A289000
|
unkown
|
page read and write
|
|
|
|
2714225E000
|
unkown
|
page read and write
|
|
|
|
1A9FA1A5000
|
unkown
|
page read and write
|
|
|
|
1AD76959000
|
unkown
|
page read and write
|
|
|
|
1FEDBBC0000
|
unkown
|
page read and write
|
|
|
|
7FF51FF74000
|
unkown image
|
page readonly
|
|
|
|
7FF552558000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1B4000
|
unkown
|
page read and write
|
|
|
|
23028E20000
|
heap private
|
page read and write
|
|
|
|
7FF5BC166000
|
unkown image
|
page readonly
|
|
|
|
23029802000
|
unkown
|
page read and write
|
|
|
|
1F84A252000
|
unkown
|
page read and write
|
|
|
|
7FF54E27F000
|
unkown image
|
page readonly
|
|
|
|
27142970000
|
unkown
|
page read and write
|
|
|
|
7FF53198A000
|
unkown image
|
page readonly
|
|
|
|
B29907D000
|
stack
|
page read and write
|
|
|
|
7FF5586AD000
|
unkown image
|
page readonly
|
|
|
|
7FF55846A000
|
unkown image
|
page readonly
|
|
|
|
1DF55880000
|
unkown image
|
page readonly
|
|
|
|
1A9F9850000
|
unkown
|
page read and write
|
|
|
|
1AD7B5C5000
|
unkown
|
page read and write
|
|
|
|
7FF552078000
|
unkown image
|
page readonly
|
|
|
|
20D013F000
|
stack
|
page read and write
|
|
|
|
7FF54E655000
|
unkown image
|
page readonly
|
|
|
|
7FF54E411000
|
unkown image
|
page readonly
|
|
|
|
1FEDBF75000
|
heap private
|
page read and write
|
|
|
|
1615D64C000
|
unkown
|
page read and write
|
|
|
|
7DF50AB00000
|
unkown image
|
page readonly
|
|
|
|
1AD7B82B000
|
unkown
|
page read and write
|
|
|
|
7FF5BC3A7000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC49E000
|
unkown image
|
page readonly
|
|
|
|
1AD7B690000
|
unkown
|
page read and write
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
7FF5524CD000
|
unkown image
|
page readonly
|
|
|
|
1AD75F00000
|
heap private
|
page read and write
|
|
|
|
1DF55A3A000
|
unkown
|
page read and write
|
|
|
|
7FF54E2BB000
|
unkown image
|
page readonly
|
|
|
|
1DF55A4B000
|
unkown
|
page read and write
|
|
|
|
907767E000
|
stack
|
page read and write
|
|
|
|
1AD7695A000
|
unkown
|
page read and write
|
|
|
|
7FF5BC158000
|
unkown image
|
page readonly
|
|
|
|
7FF552363000
|
unkown image
|
page readonly
|
|
|
|
7FF571FA4000
|
unkown image
|
page readonly
|
|
|
|
BE0C3FF000
|
stack
|
page read and write
|
|
|
|
7FF54E6A8000
|
unkown image
|
page readonly
|
|
|
|
1A9FA700000
|
unkown
|
page read and write
|
|
|
|
7FF528E59000
|
unkown image
|
page readonly
|
|
|
|
1DF55A6C000
|
unkown
|
page read and write
|
|
|
|
7FF4F51B6000
|
unkown image
|
page readonly
|
|
|
|
7FF5319FF000
|
unkown image
|
page readonly
|
|
|
|
BE0C4FF000
|
stack
|
page read and write
|
|
|
|
27142200000
|
unkown
|
page read and write
|
|
|
|
1FEDBF60000
|
unkown
|
page read and write
|
|
|
|
7FF528EFD000
|
unkown image
|
page readonly
|
|
|
|
26FBF960000
|
unkown image
|
page readonly
|
|
|
|
1A9F988A000
|
unkown
|
page read and write
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
7FF5202CD000
|
unkown image
|
page readonly
|
|
|
|
1AD762D0000
|
unkown image
|
page readonly
|
|
|
|
38E1FFF000
|
stack
|
page read and write
|
|
|
|
7DF567EB0000
|
unkown image
|
page readonly
|
|
|
|
27142202000
|
unkown
|
page read and write
|
|
|
|
EF294FD000
|
stack
|
page read and write
|
|
|
|
7FF5A36BE000
|
unkown image
|
page readonly
|
|
|
|
7FF55259F000
|
unkown image
|
page readonly
|
|
|
|
1AD76660000
|
unkown image
|
page readonly
|
|
|
|
1F2CF250000
|
unkown image
|
page readonly
|
|
|
|
7FF54E6B6000
|
unkown image
|
page readonly
|
|
|
|
11DAFFF000
|
stack
|
page read and write
|
|
|
|
7FF52008D000
|
unkown image
|
page readonly
|
|
|
|
2457DDD0000
|
unkown
|
page read and write
|
|
|
|
1FEDCAA0000
|
unkown
|
page read and write
|
|
|
|
7FF54E264000
|
unkown image
|
page readonly
|
|
|
|
7FF531A06000
|
unkown image
|
page readonly
|
|
|
|
1A9FA192000
|
unkown
|
page read and write
|
|
|
|
7DF5B8FE0000
|
unkown image
|
page readonly
|
|
|
|
7FF54E23F000
|
unkown image
|
page readonly
|
|
|
|
7FF520040000
|
unkown image
|
page readonly
|
|
|
|
7FF54E6ED000
|
unkown image
|
page readonly
|
|
|
|
1A9FA185000
|
unkown
|
page read and write
|
|
|
|
1615D560000
|
unkown image
|
page read and write
|
|
|
|
7FF571534000
|
unkown image
|
page readonly
|
|
|
|
1DF55A41000
|
unkown
|
page read and write
|
|
|
|
1A9FA1A6000
|
unkown
|
page read and write
|
|
|
|
1F84A170000
|
unkown image
|
page readonly
|
|
|
|
1AD7B8AE000
|
unkown
|
page read and write
|
|
|
|
7FF531518000
|
unkown image
|
page readonly
|
|
|
|
7FF54E29E000
|
unkown image
|
page readonly
|
|
|
|
1AD7691A000
|
unkown
|
page read and write
|
|
|
|
7FF5BC393000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A4000
|
unkown
|
page read and write
|
|
|
|
7FF52EB83000
|
unkown image
|
page readonly
|
|
|
|
1615DAD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5587FC000
|
unkown image
|
page readonly
|
|
|
|
1A9FA18C000
|
unkown
|
page read and write
|
|
|
|
BE0C1FF000
|
stack
|
page read and write
|
|
|
|
7FF54E5F7000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DB2000
|
unkown image
|
page readonly
|
|
|
|
27142275000
|
unkown
|
page read and write
|
|
|
|
7DF5446B2000
|
unkown image
|
page readonly
|
|
|
|
7FF52ED8B000
|
unkown image
|
page readonly
|
|
|
|
1AD76026000
|
unkown
|
page read and write
|
|
|
|
1DF55A47000
|
unkown
|
page read and write
|
|
|
|
1F2CF4C4000
|
unkown
|
page read and write
|
|
|
|
2457DD90000
|
unkown image
|
page readonly
|
|
|
|
7DF50AAE2000
|
unkown image
|
page readonly
|
|
|
|
7FF53196D000
|
unkown image
|
page readonly
|
|
|
|
7FF531853000
|
unkown image
|
page readonly
|
|
|
|
1AD767D0000
|
unkown image
|
page readonly
|
|
|
|
26FBFA78000
|
unkown
|
page read and write
|
|
|
|
7FF52ED78000
|
unkown image
|
page readonly
|
|
|
|
7FF552253000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8FD0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B919000
|
unkown
|
page read and write
|
|
|
|
7FF55256B000
|
unkown image
|
page readonly
|
|
|
|
1A9FA14E000
|
unkown
|
page read and write
|
|
|
|
7FF5524D9000
|
unkown image
|
page readonly
|
|
|
|
7FF55236E000
|
unkown image
|
page readonly
|
|
|
|
1534B7E000
|
stack
|
page read and write
|
|
|
|
1A9F9E80000
|
unkown
|
page read and write
|
|
|
|
7FF528718000
|
unkown image
|
page readonly
|
|
|
|
7FF4F513A000
|
unkown image
|
page readonly
|
|
|
|
7DF5446C0000
|
unkown image
|
page readonly
|
|
|
|
1AD767A0000
|
unkown image
|
page readonly
|
|
|
|
1A9FA1A2000
|
unkown
|
page read and write
|
|
|
|
1A9FA1B0000
|
unkown
|
page read and write
|
|
|
|
1A9F9867000
|
unkown
|
page read and write
|
|
|
|
7DF5B8FD2000
|
unkown image
|
page readonly
|
|
|
|
1F84A302000
|
unkown
|
page read and write
|
|
|
|
7DF53E822000
|
unkown image
|
page readonly
|
|
|
|
7FF531A24000
|
unkown image
|
page readonly
|
|
|
|
1AD7BAB0000
|
unkown
|
page read and write
|
|
|
|
7DF53E812000
|
unkown image
|
page readonly
|
|
|
|
7FF531979000
|
unkown image
|
page readonly
|
|
|
|
23029027000
|
unkown
|
page read and write
|
|
|
|
1615D713000
|
unkown
|
page read and write
|
|
|
|
7FF5A368F000
|
unkown image
|
page readonly
|
|
|
|
1AD7B915000
|
unkown
|
page read and write
|
|
|
|
7DF53E812000
|
unkown image
|
page readonly
|
|
|
|
D4DD57A000
|
stack
|
page read and write
|
|
|
|
1A9F9908000
|
unkown
|
page read and write
|
|
|
|
7FF5202AF000
|
unkown image
|
page readonly
|
|
|
|
7FF54E527000
|
unkown image
|
page readonly
|
|
|
|
7FF54DE86000
|
unkown image
|
page readonly
|
|
|
|
1AD75F10000
|
unkown image
|
page readonly
|
|
|
|
1AD77401000
|
unkown
|
page read and write
|
|
|
|
7DF5446D0000
|
unkown image
|
page readonly
|
|
|
|
7DF547350000
|
unkown image
|
page readonly
|
|
|
|
7FF55258E000
|
unkown image
|
page readonly
|
|
|
|
7FF5523B3000
|
unkown image
|
page readonly
|
|
|
|
7FF531983000
|
unkown image
|
page readonly
|
|
|
|
1A9FA183000
|
unkown
|
page read and write
|
|
|
|
1AD7B710000
|
unkown
|
page read and write
|
|
|
|
1AD7B91B000
|
unkown
|
page read and write
|
|
|
|
7FF531A2B000
|
unkown image
|
page readonly
|
|
|
|
7FF4F5108000
|
unkown image
|
page readonly
|
|
|
|
1A9FA66A000
|
unkown
|
page read and write
|
|
|
|
7FF571D5A000
|
unkown image
|
page readonly
|
|
|
|
D4DD19E000
|
stack
|
page read and write
|
|
|
|
1F2CF46D000
|
unkown
|
page read and write
|
|
|
|
26FBF860000
|
unkown image
|
page readonly
|
|
|
|
7FF52ED7F000
|
unkown image
|
page readonly
|
|
|
|
38E257A000
|
stack
|
page read and write
|
|
|
|
1FEDBB30000
|
unkown image
|
page read and write
|
|
|
|
11DB1FF000
|
stack
|
page read and write
|
|
|
|
7DF547340000
|
unkown image
|
page readonly
|
|
|
|
1AD760FD000
|
unkown
|
page read and write
|
|
|
|
7FF51FDB9000
|
unkown image
|
page readonly
|
|
|
|
23029029000
|
unkown
|
page read and write
|
|
|
|
7FF5A36A0000
|
unkown image
|
page readonly
|
|
|
|
7FF52E5CE000
|
unkown image
|
page readonly
|
|
|
|
1615D5A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F51DB000
|
unkown image
|
page readonly
|
|
|
|
7FF52019D000
|
unkown image
|
page readonly
|
|
|
|
2302904C000
|
unkown
|
page read and write
|
|
|
|
7FF5588F4000
|
unkown image
|
page readonly
|
|
|
|
7FF552297000
|
unkown image
|
page readonly
|
|
|
|
7DF5D1DA2000
|
unkown image
|
page readonly
|
|
|
|
7FF5202B6000
|
unkown image
|
page readonly
|
|
|
|
7FF54E5C4000
|
unkown image
|
page readonly
|
|
|
|
1A9FA193000
|
unkown
|
page read and write
|
|
|
|
1A9F9720000
|
heap default
|
page read and write
|
|
|
|
7FF531509000
|
unkown image
|
page readonly
|
|
|
|
7DF535BF0000
|
unkown image
|
page readonly
|
|
|
|
1A9F9864000
|
unkown
|
page read and write
|
|
|
|
26FBFA5C000
|
unkown
|
page read and write
|
|
|
|
1F2CF600000
|
unkown image
|
page readonly
|
|
|
|
1A9F9849000
|
unkown
|
page read and write
|
|
|
|
759C3DB000
|
unkown
|
page read and write
|
|
|
|
7FF5588D6000
|
unkown image
|
page readonly
|
|
|
|
1A9FA15C000
|
unkown
|
page read and write
|
|
|
|
1A9F9847000
|
unkown
|
page read and write
|
|
|
|
7FF4F5133000
|
unkown image
|
page readonly
|
|
|
|
7DF567EA2000
|
unkown image
|
page readonly
|
|
|
|
1FEDBC68000
|
unkown
|
page read and write
|
|
|
|
1AD7B604000
|
unkown
|
page read and write
|
|
|
|
1DF55A44000
|
unkown
|
page read and write
|
|
|
|
1A9F982C000
|
unkown
|
page read and write
|
|
|
|
6DB9A7B000
|
stack
|
page read and write
|
|
|
|
27142850000
|
unkown image
|
page readonly
|
|
|
|
23029200000
|
unkown image
|
page readonly
|
|
|
|
1AD7BB50000
|
unkown
|
page read and write
|
|
|
|
7FF51FD9F000
|
unkown image
|
page readonly
|
|
|
|
271421E0000
|
heap default
|
page read and write
|
|
|
|
1DF55A3C000
|
unkown
|
page read and write
|
|
|
|
7FF5587E4000
|
unkown image
|
page readonly
|
|
|
|
7DF445200000
|
unkown image
|
page readonly
|
|
|
|
7FF5BC24D000
|
unkown image
|
page readonly
|
|
|
|
23028E10000
|
unkown image
|
page read and write
|
|
|
|
7DF535C00000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35FD000
|
unkown image
|
page readonly
|
|
|
|
23029000000
|
unkown
|
page read and write
|
|
|
|
38E1E7B000
|
stack
|
page read and write
|
|
|
|
1A9F98F2000
|
unkown
|
page read and write
|
|
|
|
7FF54E5A0000
|
unkown image
|
page readonly
|
|
|
|
7FF52ED0A000
|
unkown image
|
page readonly
|
|
|
|
1AD7B91B000
|
unkown
|
page read and write
|
|
|
|
7FF552063000
|
unkown image
|
page readonly
|
|
|
|
7FF558726000
|
unkown image
|
page readonly
|
|
|
|
1615D5D0000
|
heap default
|
page read and write
|
|
|
|
1FEDCA90000
|
unkown
|
page readonly
|
|
|
|
1A9FA763000
|
unkown
|
page read and write
|
|
|
|
6DB9CFF000
|
stack
|
page read and write
|
|
|
|
1AD7B908000
|
unkown
|
page read and write
|
|
|
|
7FF5200DE000
|
unkown image
|
page readonly
|
|
|
|
D4DD4F9000
|
stack
|
page read and write
|
|
|
|
7DF5446B0000
|
unkown image
|
page readonly
|
|
|
|
7DF535BF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5585D6000
|
unkown image
|
page readonly
|
|
|
|
2457DE30000
|
unkown image
|
page readonly
|
|
|
|
7FF52EC34000
|
unkown image
|
page readonly
|
|
|
|
7FF5524EA000
|
unkown image
|
page readonly
|
|
|
|
BE0B75B000
|
unkown
|
page read and write
|
|
|
|
7FF5519A5000
|
unkown image
|
page readonly
|
|
|
|
BE0BB7B000
|
stack
|
page read and write
|
|
|
|
90770AB000
|
unkown
|
page read and write
|
|
|
|
1534CFF000
|
stack
|
page read and write
|
|
|
|
1A9FA1AB000
|
unkown
|
page read and write
|
|
|
|
1AD7B5C4000
|
unkown
|
page read and write
|
|
|
|
1A9FA183000
|
unkown
|
page read and write
|
|
|
|
7FF5A2E8A000
|
unkown image
|
page readonly
|
|
|
|
1F84A4D0000
|
unkown image
|
page readonly
|
|
|
|
1AD7B700000
|
unkown
|
page read and write
|
|
|
|
2457DE20000
|
unkown image
|
page readonly
|
|
|
|
1A9FA763000
|
unkown
|
page read and write
|
|
|
|
1A9FA194000
|
unkown
|
page read and write
|
|
|
|
7DF567E90000
|
unkown image
|
page readonly
|
|
|
|
7FF531A1D000
|
unkown image
|
page readonly
|
|
|
|
1A9F9C10000
|
unkown image
|
page readonly
|
|
|
|
1F2CF210000
|
unkown image
|
page read and write
|
|
|
|
1A9FA19A000
|
unkown
|
page read and write
|
|
|
|
26FBF830000
|
unkown image
|
page readonly
|
|
|
|
7FF52EB5D000
|
unkown image
|
page readonly
|
|
|
|
1FEDBB80000
|
unkown image
|
page readonly
|
|
|
|
1AD7B5E4000
|
unkown
|
page read and write
|
|
|
|
1DF55B02000
|
unkown
|
page read and write
|
|
|
|
7FF5BB8B5000
|
unkown image
|
page readonly
|
|
|
|
1534FFF000
|
stack
|
page read and write
|
|
|
|
7FF54E4BC000
|
unkown image
|
page readonly
|
|
|
|
7FF571FDC000
|
unkown image
|
page readonly
|
|
|
|
1DF55860000
|
unkown image
|
page readonly
|
|
|
|
7FF51FAA6000
|
unkown image
|
page readonly
|
|
|
|
D4DD67E000
|
stack
|
page read and write
|
|
|
|
1AD7B420000
|
unkown
|
page read and write
|
|
|
|
2457DEA2000
|
unkown
|
page read and write
|
|
|
|
1AD76919000
|
unkown
|
page read and write
|
|
|
|
2714223D000
|
unkown
|
page read and write
|
|
|
|
1AD7B600000
|
unkown
|
page read and write
|
|
|
|
1A9FA602000
|
unkown
|
page read and write
|
|
|
|
7FF52E1BF000
|
unkown image
|
page readonly
|
|
|
|
23028F80000
|
unkown
|
page read and write
|
|
|
|
7FF54E5E3000
|
unkown image
|
page readonly
|
|
|
|
7FF54E3DA000
|
unkown image
|
page readonly
|
|
|
|
27142940000
|
unkown
|
page read and write
|
|
|
|
1AD7B8F7000
|
unkown
|
page read and write
|
|
|
|
7FF52EA73000
|
unkown image
|
page readonly
|
|
|
|
27142170000
|
unkown image
|
page read and write
|
|
|
|
7FF5202C0000
|
unkown image
|
page readonly
|
|
|
|
7DF547350000
|
unkown image
|
page readonly
|
|
|
|
7FF52EDAB000
|
unkown image
|
page readonly
|
|
|
|
11DB3FA000
|
stack
|
page read and write
|
|
|
|
7FF54DF35000
|
unkown image
|
page readonly
|
|
|
|
6DB98FE000
|
stack
|
page read and write
|
|
|
|
1DF55A2D000
|
unkown
|
page read and write
|
|
|
|
7FF5201A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5720A0000
|
unkown image
|
page readonly
|
|
|
|
1FEDBF79000
|
heap private
|
page read and write
|
|
|
|
38E1D7E000
|
stack
|
page read and write
|
|
|
|
1FEDCB00000
|
unkown
|
page read and write
|
|
There are 1251 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
|
|
|
|
file:///C:/Users/user/Desktop/_0.html
|
|