IOC Report

loading gif

Files

File Path
Type
Category
Malicious
fel.com.html
HTML document, ASCII text, with very long lines, with no line terminators
initial sample
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0223b1ce-168a-4d27-b3dd-3d82a5840710.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\0a7f6c51-de4a-4cb8-8b2b-928b685827dd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\1f979f74-e25a-4d9b-b59a-47ab8b3675e4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\433e674a-8916-4cc4-af0e-78c7359be28c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4b8d25bd-40be-478a-a684-45807366ee9f.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4fa43f03-9a4f-415b-86f1-7b886bf843f2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\914530d3-9ffb-4b81-9168-34386586d380.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\916c0ac1-5922-4d21-86fd-bab95ac478c2.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0001051e-4b21-4980-ac6c-5518309682a5.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0cb7d1a7-1fa6-4f39-b672-271022128f8e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f5e17ca-c9f5-4755-8568-9541807f0285.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1204de56-6c8d-4874-a663-dbaf5d8f7c59.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\15bd2b96-6b26-43ca-b068-88692235c37d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\254c9f5a-99ff-41b9-af20-a7be759a9691.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3093ee19-1f42-4348-b7ee-cf4bb398844b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\37e797dd-c327-4f8a-909d-e50405ae56a1.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3e98c549-ee64-43cd-ae9e-3d379a602835.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\49a9c62e-4dac-4111-b367-dd90dcfccd4e.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ea0dd92-65c2-40e3-b8fd-6f391adf807d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\58eb56e6-a564-40da-8cee-2394c9542ee5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\77c56028-a3e7-40a5-ab41-518aeedf5038.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9496f2f7-e7e2-4a54-ad95-91f35335b67d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9554c84c-1308-4465-b394-925004ad733d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\974bee71-a35d-49a0-965e-10532f74e09f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldG (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldlo (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
dBase III DBT, next free block index 3238316739, block length 1024
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldl (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessionl\ (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences4 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\* (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesl (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesr\ (copy)
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesP. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old_o (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\23c12036-5bb8-470c-a800-ddfd8bf50d8d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\84c49c82-5e92-4533-a46d-63584b2ca968.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldpn (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.oldtt (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b8a5689f-9c58-4d96-8f4a-930c33b9604c.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bb407518-9962-4ae7-ba67-0c6c41510236.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bc3442db-87d4-4b2c-b201-46458d3894d8.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachej (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachen (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\aad3eb5b-6bdc-4e72-956a-605f3e2ede98.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\b3d2212f-c26a-4f14-893d-eefc7c068d0a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\466653f9-68ea-4efd-a1cc-e900e65e7b27.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\7112_2131231392\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\ab0895d1-4f30-4c33-8a39-137dd9e6693e.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\ac185d13-520b-45ca-a4c3-df35daa8695b.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\fc635faa-c9ea-427d-97ec-db0096b8ab14.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_2038398644\ac185d13-520b-45ca-a4c3-df35daa8695b.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\466653f9-68ea-4efd-a1cc-e900e65e7b27.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir7112_221601826\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
There are 254 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\fel.com.html
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,12419171399883482259,7756949574487736782,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1904 /prefetch:8
clean

URLs

Name
IP
Malicious
http://www.ciplla.com/uploads/send/pics/Stifel_lg_image.pngD
unknown
 malicious
file:///C:/Users/user/Desktop/fel.com.html
malicious
https://www.google.com/images/cleardot.gif
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.203.97
 clean
https://www.google.com
unknown
 clean
http://www.ciplla.com/uploads/send/pics/Stifel_bg_image.png
35.228.118.158
 clean
https://baddogand.co.uk/newantibot.js?PvsoX4b7Hz=a2l0dHJlZGdla0BzdGlmZWwuY29t&WcupjXToVuiP8je=YmlnYmFuZ2Jnc0B5YW5kZXguY29tLCBiaWdzYmFuZ2Jnc0BnbWFpbC5jb20-
88.208.245.10
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
http://angularjs.org
unknown
 clean
https://www.ciplla.com/uploads/send/send.php/check.php
35.228.118.158
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://baddogand.co.uk/newantibot.js?PvsoX4b7Hz=a2l0dHJlZGdla0BzdGlmZWwuY29t&WcupjXToVuiP8je=YmlnYm
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
http://llvm.org/):
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
https://i.ibb.co/3C2ZWFn/download01.gif
152.228.223.13
 clean
https://www.ciplla.com/uploads/send/pics/favicon_24.ico
35.228.118.158
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
https://www.ciplla.com/uploads/send/pics/download_35.jpeg
35.228.118.158
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
unknown
 clean
http://www.ciplla.com/uploads/send/pics/Stifel_lg_image.png
35.228.118.158
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
https://clients6.google.com
unknown
 clean
https://www.ciplla.com/uploads/send/pics/download02.png
35.228.118.158
 clean
There are 48 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.ciplla.com
35.228.118.158
 clean
accounts.google.com
172.217.168.45
 clean
clients.l.google.com
142.250.203.110
 clean
googlehosted.l.googleusercontent.com
142.250.203.97
 clean
baddogand.co.uk
88.208.245.10
 clean
i.ibb.co
152.228.223.13
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
142.250.203.110
clients.l.google.com
United States
clean
152.228.223.13
i.ibb.co
United States
clean
192.168.2.3
unknown
unknown
clean
88.208.245.10
baddogand.co.uk
United Kingdom
clean
192.168.2.6
unknown
unknown
clean
172.217.168.45
accounts.google.com
United States
clean
142.250.203.97
googlehosted.l.googleusercontent.com
United States
clean
239.255.255.250
unknown
Reserved
clean
35.228.118.158
www.ciplla.com
United States
clean
127.0.0.1
unknown
unknown
clean
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 34 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF5E5C8A000
unkown image
page readonly
 clean
7DF5EFA60000
unkown image
page readonly
 clean
25CBEA80000
unkown
page read and write
 clean
7FF5DF619000
unkown image
page readonly
 clean
7FF57516F000
unkown image
page readonly
 clean
7FF5751C7000
unkown image
page readonly
 clean
7FF5DF997000
unkown image
page readonly
 clean
25CB9C15000
unkown
page read and write
 clean
7DF583440000
unkown image
page readonly
 clean
7FF5DF981000
unkown image
page readonly
 clean
25CBED04000
unkown
page read and write
 clean
288E4600000
unkown
page read and write
 clean
25CBECB1000
unkown
page read and write
 clean
7DF5528E0000
unkown image
page readonly
 clean
7FF5749A0000
unkown image
page readonly
 clean
25CBECE5000
unkown
page read and write
 clean
16C4942A000
unkown
page read and write
 clean
66E737A000
stack
page read and write
 clean
112AE448000
unkown
page read and write
 clean
1DFAEC50000
unkown image
page readonly
 clean
7FF5DF9AA000
unkown image
page readonly
 clean
25CB92A0000
unkown image
page readonly
 clean
7FF575224000
unkown image
page readonly
 clean
112AEAF0000
unkown image
page readonly
 clean
EED13FE000
stack
page read and write
 clean
25CB9413000
unkown
page read and write
 clean
288E4A00000
unkown image
page readonly
 clean
288E465D000
unkown
page read and write
 clean
288E4450000
unkown image
page readonly
 clean
66E7A7A000
stack
page read and write
 clean
7FF5E5921000
unkown image
page readonly
 clean
7FF579348000
unkown image
page readonly
 clean
112AED9E000
unkown
page read and write
 clean
112AE400000
unkown
page read and write
 clean
7FF4FFF49000
unkown image
page readonly
 clean
25CBED04000
unkown
page read and write
 clean
7FF574AA1000
unkown image
page readonly
 clean
112AE451000
unkown
page read and write
 clean
7DF5E9790000
unkown image
page readonly
 clean
112AEDAF000
unkown
page read and write
 clean
183AFE40000
unkown
page read and write
 clean
7DF5E9770000
unkown image
page readonly
 clean
7FF579644000
unkown image
page readonly
 clean
7DF5528F0000
unkown image
page readonly
 clean
1DFAEA9F000
unkown
page read and write
 clean
25CB9D18000
unkown
page read and write
 clean
25CBED0B000
unkown
page read and write
 clean
1115AF9000
stack
page read and write
 clean
7FF5E5BA4000
unkown image
page readonly
 clean
112AEDBF000
unkown
page read and write
 clean
25CBEC00000
unkown
page read and write
 clean
288E4629000
unkown
page read and write
 clean
7FF5E5C07000
unkown image
page readonly
 clean
1DFAEA97000
unkown
page read and write
 clean
25CBE7B0000
unkown
page read and write
 clean
7DF583430000
unkown image
page readonly
 clean
7FF579390000
unkown image
page readonly
 clean
16C49600000
unkown image
page readonly
 clean
7DF5E9780000
unkown image
page readonly
 clean
112AE2A0000
heap private
page read and write
 clean
202D6413000
unkown
page read and write
 clean
7FF579554000
unkown image
page readonly
 clean
25CBA430000
unkown image
page readonly
 clean
7DF57F030000
unkown image
page readonly
 clean
25CBEC1D000
unkown
page read and write
 clean
7FF5DF8D1000
unkown image
page readonly
 clean
7DF5EFA70000
unkown image
page readonly
 clean
66E777E000
stack
page read and write
 clean
1DFAEA90000
unkown
page read and write
 clean
7FF579676000
unkown image
page readonly
 clean
288E4702000
unkown
page read and write
 clean
7FF548940000
unkown image
page readonly
 clean
7DF5528F0000
unkown image
page readonly
 clean
112AED11000
unkown
page read and write
 clean
7DF5528E2000
unkown image
page readonly
 clean
7FF57957F000
unkown image
page readonly
 clean
11157DF000
stack
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
1DFAEA7B000
heap default
page read and write
 clean
309737E000
stack
page read and write
 clean
7FF5E5477000
unkown image
page readonly
 clean
202D6453000
unkown
page read and write
 clean
16C4947A000
unkown
page read and write
 clean
7DF57F010000
unkown image
page readonly
 clean
25CBE970000
unkown
page read and write
 clean
7FF583017000
unkown image
page readonly
 clean
7DF509DA2000
unkown image
page readonly
 clean
7FF5E5A5D000
unkown image
page readonly
 clean
112AED9E000
unkown
page read and write
 clean
7FF5E5AC8000
unkown image
page readonly
 clean
7FF579209000
unkown image
page readonly
 clean
16C4944D000
unkown
page read and write
 clean
7FF5E5C67000
unkown image
page readonly
 clean
1DFAEA87000
heap default
page read and write
 clean
7DF583422000
unkown image
page readonly
 clean
7FF548A31000
unkown image
page readonly
 clean
7FF5E5733000
unkown image
page readonly
 clean
7FF575227000
unkown image
page readonly
 clean
25CBECFE000
unkown
page read and write
 clean
7FF583763000
unkown image
page readonly
 clean
16C4943C000
unkown
page read and write
 clean
1DFAEA10000
unkown image
page read and write
 clean
112AE449000
unkown
page read and write
 clean
7FF4FFF1A000
unkown image
page readonly
 clean
112AE43C000
unkown
page read and write
 clean
7FF579564000
unkown image
page readonly
 clean
ABD227E000
stack
page read and write
 clean
112AED96000
unkown
page read and write
 clean
7FF55A11B000
unkown image
page readonly
 clean
112AE4DE000
unkown
page read and write
 clean
183AF33F000
unkown
page read and write
 clean
202D6400000
unkown
page read and write
 clean
EED14FF000
stack
page read and write
 clean
66E757E000
stack
page read and write
 clean
25CB9513000
unkown
page read and write
 clean
7FF4FFD8A000
unkown image
page readonly
 clean
16C49453000
unkown
page read and write
 clean
25CB9C00000
unkown
page read and write
 clean
288E465D000
unkown
page read and write
 clean
25CB9D00000
unkown
page read and write
 clean
25CBEC4B000
unkown
page read and write
 clean
7DF57F022000
unkown image
page readonly
 clean
7DF509D90000
unkown image
page readonly
 clean
7FF57942F000
unkown image
page readonly
 clean
7FF5E5BE2000
unkown image
page readonly
 clean
7FF583013000
unkown image
page readonly
 clean
288E4560000
unkown image
page readonly
 clean
202D62A0000
heap default
page read and write
 clean
7FF5E59FB000
unkown image
page readonly
 clean
7DF583430000
unkown image
page readonly
 clean
7FF4FFFA4000
unkown image
page readonly
 clean
7FF548AE1000
unkown image
page readonly
 clean
1DFAE9C0000
unkown
page read and write
 clean
5E20FE000
stack
page read and write
 clean
202D6250000
unkown image
page readonly
 clean
7FF5795CD000
unkown image
page readonly
 clean
25CBE937000
unkown
page read and write
 clean
112AEDBE000
unkown
page read and write
 clean
7FF5793E4000
unkown image
page readonly
 clean
66E76FF000
stack
page read and write
 clean
7FF57942D000
unkown image
page readonly
 clean
25CBA230000
unkown image
page read and write
 clean
7DF583440000
unkown image
page readonly
 clean
5E277F000
stack
page read and write
 clean
7DF5E9782000
unkown image
page readonly
 clean
7FF548A43000
unkown image
page readonly
 clean
7FF548907000
unkown image
page readonly
 clean
ABD2477000
stack
page read and write
 clean
7FF583814000
unkown image
page readonly
 clean
7FF4FFFA1000
unkown image
page readonly
 clean
112AE421000
unkown
page read and write
 clean
7FF575196000
unkown image
page readonly
 clean
111575A000
unkown
page read and write
 clean
112AED80000
unkown
page read and write
 clean
7FF57932D000
unkown image
page readonly
 clean
112AE44D000
unkown
page read and write
 clean
7FF5E5CB2000
unkown image
page readonly
 clean
25CB9D59000
unkown
page read and write
 clean
202D6513000
unkown
page read and write
 clean
7FF57938A000
unkown image
page readonly
 clean
112AEDD0000
unkown
page read and write
 clean
7FF5E5545000
unkown image
page readonly
 clean
183AF33F000
unkown
page read and write
 clean
183AF9E0000
unkown image
page readonly
 clean
25CBA223000
unkown
page read and write
 clean
25CBE810000
unkown
page read and write
 clean
7FF579457000
unkown image
page readonly
 clean
25CBE93E000
unkown
page read and write
 clean
112AF202000
unkown
page read and write
 clean
7FF5E584D000
unkown image
page readonly
 clean
25CB9E00000
unkown
page read and write
 clean
1DFAEA82000
unkown
page read and write
 clean
7FF4FFF36000
unkown image
page readonly
 clean
183AF2F8000
heap default
page read and write
 clean
112AEDBE000
unkown
page read and write
 clean
1DFAEAB1000
unkown
page read and write
 clean
7DF509DA2000
unkown image
page readonly
 clean
112AE489000
unkown
page read and write
 clean
7FF583801000
unkown image
page readonly
 clean
112AE980000
unkown image
page readonly
 clean
25CB9D99000
unkown
page read and write
 clean
112AED8C000
unkown
page read and write
 clean
7DF58D610000
unkown image
page readonly
 clean
7DF57F020000
unkown image
page readonly
 clean
7FF5794F1000
unkown image
page readonly
 clean
7FF5E5C09000
unkown image
page readonly
 clean
7FF548A5A000
unkown image
page readonly
 clean
7FF548945000
unkown image
page readonly
 clean
112AF300000
unkown
page read and write
 clean
183AF160000
unkown image
page readonly
 clean
288E4655000
unkown
page read and write
 clean
7FF5DF8DF000
unkown image
page readonly
 clean
25CBED02000
unkown
page read and write
 clean
25CBE960000
unkown
page read and write
 clean
7FF548A2F000
unkown image
page readonly
 clean
5E2878000
stack
page read and write
 clean
25CBEA40000
unkown
page read and write
 clean
7FF5E5B65000
unkown image
page readonly
 clean
32027E000
stack
page read and write
 clean
7DF57F020000
unkown image
page readonly
 clean
112AE44A000
unkown
page read and write
 clean
7FF5793BE000
unkown image
page readonly
 clean
7DF5EFA60000
unkown image
page readonly
 clean
7FF5DF7E0000
unkown image
page readonly
 clean
7FF57523B000
unkown image
page readonly
 clean
7FF5E5CB7000
unkown image
page readonly
 clean
7FF58380D000
unkown image
page readonly
 clean
66E7DFE000
stack
page read and write
 clean
112AED5F000
unkown
page read and write
 clean
25CB93E0000
unkown image
page read and write
 clean
25CBEA50000
unkown
page read and write
 clean
7FF575277000
unkown image
page readonly
 clean
7FF5750B8000
unkown image
page readonly
 clean
7FF4FFEF1000
unkown image
page readonly
 clean
112AE450000
unkown
page read and write
 clean
7FF5DF7E5000
unkown image
page readonly
 clean
3096B4B000
unkown
page read and write
 clean
7FF5E5C61000
unkown image
page readonly
 clean
202D6508000
unkown
page read and write
 clean
7FF5DF7C6000
unkown image
page readonly
 clean
7FF5DF76A000
unkown image
page readonly
 clean
288E464E000
unkown
page read and write
 clean
288E4649000
unkown
page read and write
 clean
309727F000
stack
page read and write
 clean
112AE470000
unkown
page read and write
 clean
1DFAEA87000
unkown
page read and write
 clean
7FF5E5AA6000
unkown image
page readonly
 clean
16C49502000
unkown
page read and write
 clean
25CBEAA0000
unkown
page read and write
 clean
112AE502000
unkown
page read and write
 clean
7FF5DF481000
unkown image
page readonly
 clean
7FF5DF994000
unkown image
page readonly
 clean
7DF5EFA50000
unkown image
page readonly
 clean
7FF57965A000
unkown image
page readonly
 clean
16C49260000
unkown image
page readonly
 clean
7FF583857000
unkown image
page readonly
 clean
7FF5795D7000
unkown image
page readonly
 clean
7FF579443000
unkown image
page readonly
 clean
288E4420000
heap private
page read and write
 clean
7FF4FFFAD000
unkown image
page readonly
 clean
112AEDDF000
unkown
page read and write
 clean
7FF4FFF16000
unkown image
page readonly
 clean
7FF5E5B78000
unkown image
page readonly
 clean
7FF5E5A77000
unkown image
page readonly
 clean
25CB9980000
unkown image
page readonly
 clean
7DF57F010000
unkown image
page readonly
 clean
25CBECEB000
unkown
page read and write
 clean
202D6487000
unkown
page read and write
 clean
7FF4FFEFF000
unkown image
page readonly
 clean
7FF58376E000
unkown image
page readonly
 clean
202D646E000
unkown
page read and write
 clean
7FF5E5884000
unkown image
page readonly
 clean
5E1F7E000
stack
page read and write
 clean
7DF5528E2000
unkown image
page readonly
 clean
7DF5EFA62000
unkown image
page readonly
 clean
112AE2D0000
unkown image
page readonly
 clean
3202F9000
stack
page read and write
 clean
183AF130000
unkown
page read and write
 clean
7FF5837A7000
unkown image
page readonly
 clean
7FF5E5CA6000
unkown image
page readonly
 clean
112AED9E000
unkown
page read and write
 clean
7FF4FFF0D000
unkown image
page readonly
 clean
25CBEC3E000
unkown
page read and write
 clean
16C49500000
unkown
page read and write
 clean
7FF4FFFF7000
unkown image
page readonly
 clean
112AE413000
unkown
page read and write
 clean
7DF407C60000
unkown image
page readonly
 clean
7FF4FFAA7000
unkown image
page readonly
 clean
7FF5485E1000
unkown image
page readonly
 clean
66E7B7A000
stack
page read and write
 clean
7DF583420000
unkown image
page readonly
 clean
25CBED04000
unkown
page read and write
 clean
66E767B000
stack
page read and write
 clean
7FF548A62000
unkown image
page readonly
 clean
1DFAEFD0000
unkown image
page readonly
 clean
288E4430000
unkown image
page readonly
 clean
25CB9D99000
unkown
page read and write
 clean
7FF4FFFCA000
unkown image
page readonly
 clean
202D6448000
unkown
page read and write
 clean
7FF583776000
unkown image
page readonly
 clean
288E464B000
unkown
page read and write
 clean
7FF5E5BB1000
unkown image
page readonly
 clean
288E4713000
unkown
page read and write
 clean
7DF583420000
unkown image
page readonly
 clean
7FF4FFBBF000
unkown image
page readonly
 clean
7FF4FFC61000
unkown image
page readonly
 clean
7DF57F022000
unkown image
page readonly
 clean
7DF58D5F0000
unkown image
page readonly
 clean
7FF579535000
unkown image
page readonly
 clean
7FF579631000
unkown image
page readonly
 clean
7FF575237000
unkown image
page readonly
 clean
288E4651000
unkown
page read and write
 clean
5E1EFF000
stack
page read and write
 clean
25CB9473000
unkown
page read and write
 clean
16C49413000
unkown
page read and write
 clean
25CB9C02000
unkown
page read and write
 clean
16C49980000
unkown image
page readonly
 clean
7FF579333000
unkown image
page readonly
 clean
25CB9270000
heap private
page read and write
 clean
7FF579673000
unkown image
page readonly
 clean
7FF579254000
unkown image
page readonly
 clean
25CBEA90000
unkown
page read and write
 clean
7FF5E5A63000
unkown image
page readonly
 clean
7FF5E598F000
unkown image
page readonly
 clean
25CBECF9000
unkown
page read and write
 clean
202D644E000
unkown
page read and write
 clean
EED0EFE000
stack
page read and write
 clean
7DF509D92000
unkown image
page readonly
 clean
7FF5E5B94000
unkown image
page readonly
 clean
25CBED08000
unkown
page read and write
 clean
25CBED1E000
unkown
page read and write
 clean
202D6600000
unkown image
page readonly
 clean
202D647A000
unkown
page read and write
 clean
7FF579682000
unkown image
page readonly
 clean
7DF509D92000
unkown image
page readonly
 clean
112AEDC2000
unkown
page read and write
 clean
7FF5795C6000
unkown image
page readonly
 clean
112AEA60000
unkown
page read and write
 clean
ABD207E000
stack
page read and write
 clean
25CBED04000
unkown
page read and write
 clean
7FF583804000
unkown image
page readonly
 clean
112AEDBA000
unkown
page read and write
 clean
7FF574AF1000
unkown image
page readonly
 clean
7FF579384000
unkown image
page readonly
 clean
7FF5488F7000
unkown image
page readonly
 clean
7FF57959D000
unkown image
page readonly
 clean
7FF575221000
unkown image
page readonly
 clean
7FF5792CA000
unkown image
page readonly
 clean
25CBED13000
unkown
page read and write
 clean
7FF4FFE05000
unkown image
page readonly
 clean
112AEDD1000
unkown
page read and write
 clean
7FF4FFE08000
unkown image
page readonly
 clean
7DF57F030000
unkown image
page readonly
 clean
7FF5833ED000
unkown image
page readonly
 clean
25CBA220000
unkown
page read and write
 clean
7DF5528E0000
unkown image
page readonly
 clean
183AF5C5000
heap private
page read and write
 clean
7FF5DF984000
unkown image
page readonly
 clean
183AF2F0000
heap default
page read and write
 clean
7FF5E5A87000
unkown image
page readonly
 clean
112AE2B0000
unkown image
page readonly
 clean
183B00A0000
unkown
page read and write
 clean
112AF263000
unkown
page read and write
 clean
7FF578E97000
unkown image
page readonly
 clean
7FF548978000
unkown image
page readonly
 clean
7FF5E5BD6000
unkown image
page readonly
 clean
66E747A000
stack
page read and write
 clean
25CBA100000
unkown
page read and write
 clean
7FF5E59EE000
unkown image
page readonly
 clean
25CBEA80000
unkown
page read and write
 clean
183AF2A0000
unkown image
page readonly
 clean
25CBEC0B000
unkown
page read and write
 clean
EED0F7E000
stack
page read and write
 clean
7FF57524A000
unkown image
page readonly
 clean
7FF5E5CA3000
unkown image
page readonly
 clean
7FF5795A6000
unkown image
page readonly
 clean
25CBE960000
unkown
page read and write
 clean
7FF4FFDE6000
unkown image
page readonly
 clean
112AEC02000
unkown
page read and write
 clean
ABD267F000
stack
page read and write
 clean
7FF578E69000
unkown image
page readonly
 clean
7FF5791FC000
unkown image
page readonly
 clean
1DFAEC45000
heap private
page read and write
 clean
7FF5DF9D7000
unkown image
page readonly
 clean
183AF140000
unkown image
page readonly
 clean
7FF57935F000
unkown image
page readonly
 clean
25CBE930000
unkown
page read and write
 clean
1DFAE9A0000
unkown
page read and write
 clean
7DF5EFA70000
unkown image
page readonly
 clean
25CBE7A0000
unkown
page read and write
 clean
112AF202000
unkown
page read and write
 clean
112AF202000
unkown
page read and write
 clean
7DF509DB0000
unkown image
page readonly
 clean
31FDEB000
unkown
page read and write
 clean
7FF4FFF3D000
unkown image
page readonly
 clean
7FF575263000
unkown image
page readonly
 clean
183AF140000
unkown image
page readonly
 clean
1115B7A000
stack
page read and write
 clean
183AF590000
unkown
page read and write
 clean
7FF5DF487000
unkown image
page readonly
 clean
7FF575088000
unkown image
page readonly
 clean
288E4656000
unkown
page read and write
 clean
25CB9280000
unkown image
page readonly
 clean
288E4460000
unkown image
page readonly
 clean
7FF5E5BDA000
unkown image
page readonly
 clean
1DFAEA9F000
unkown
page read and write
 clean
112AED87000
unkown
page read and write
 clean
7FF548A3F000
unkown image
page readonly
 clean
112AF202000
unkown
page read and write
 clean
112AE2E0000
unkown image
page readonly
 clean
288E466F000
unkown
page read and write
 clean
202D6270000
unkown image
page readonly
 clean
7DF58D5F2000
unkown image
page readonly
 clean
25CBEA00000
unkown
page read and write
 clean
112AEDD0000
unkown
page read and write
 clean
309707B000
stack
page read and write
 clean
7DF583432000
unkown image
page readonly
 clean
7FF5DF8CF000
unkown image
page readonly
 clean
7FF5487A1000
unkown image
page readonly
 clean
ABD237B000
stack
page read and write
 clean
25CBECBB000
unkown
page read and write
 clean
7FF5DF8E3000
unkown image
page readonly
 clean
112AE44E000
unkown
page read and write
 clean
7FF4FFFA7000
unkown image
page readonly
 clean
7FF579548000
unkown image
page readonly
 clean
7FF4FFFB4000
unkown image
page readonly
 clean
7FF5DF641000
unkown image
page readonly
 clean
112AEDAF000
unkown
page read and write
 clean
7DF5528D0000
unkown image
page readonly
 clean
25CB9456000
unkown
page read and write
 clean
7FF4FFF03000
unkown image
page readonly
 clean
25CB949A000
unkown
page read and write
 clean
25CBE830000
unkown
page read and write
 clean
183AF5D0000
unkown
page read and write
 clean
112AEDBE000
unkown
page read and write
 clean
7DF509DB0000
unkown image
page readonly
 clean
25CBA201000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
183B0090000
unkown
page read and write
 clean
112AE4BC000
unkown
page read and write
 clean
7FF548A7D000
unkown image
page readonly
 clean
7FF5E5CB7000
unkown image
page readonly
 clean
7FF579433000
unkown image
page readonly
 clean
7FF5E5C74000
unkown image
page readonly
 clean
25CB9260000
unkown image
page read and write
 clean
202D644B000
unkown
page read and write
 clean
1DFAEA96000
unkown
page read and write
 clean
25CBED0B000
unkown
page read and write
 clean
7FF4FFFE3000
unkown image
page readonly
 clean
7FF5DF8FA000
unkown image
page readonly
 clean
7FF5E5AC5000
unkown image
page readonly
 clean
25CBED08000
unkown
page read and write
 clean
112AEDBE000
unkown
page read and write
 clean
7FF579687000
unkown image
page readonly
 clean
7FF5E5473000
unkown image
page readonly
 clean
183AF5C0000
heap private
page read and write
 clean
25CB948A000
unkown
page read and write
 clean
25CB93B0000
unkown image
page readonly
 clean
66E70FD000
stack
page read and write
 clean
7FF5E5B67000
unkown image
page readonly
 clean
7FF5DF7E8000
unkown image
page readonly
 clean
7FF583857000
unkown image
page readonly
 clean
112AE800000
unkown image
page readonly
 clean
7FF5DF916000
unkown image
page readonly
 clean
7FF5489AE000
unkown image
page readonly
 clean
112AE4B1000
unkown
page read and write
 clean
288E4800000
unkown image
page readonly
 clean
112AE300000
heap default
page read and write
 clean
7FF5DF91D000
unkown image
page readonly
 clean
1DFAEA70000
heap default
page read and write
 clean
183AF570000
unkown image
page readonly
 clean
183AF580000
unkown
page read and write
 clean
112AE44B000
unkown
page read and write
 clean
320179000
stack
page read and write
 clean
7FF575184000
unkown image
page readonly
 clean
288E4708000
unkown
page read and write
 clean
7FF5E5BBF000
unkown image
page readonly
 clean
25CBED02000
unkown
page read and write
 clean
202D6500000
unkown
page read and write
 clean
7FF5DF9C3000
unkown image
page readonly
 clean
16C49250000
heap private
page read and write
 clean
25CBE951000
unkown
page read and write
 clean
7FF5DF797000
unkown image
page readonly
 clean
112AE483000
unkown
page read and write
 clean
1DFAEA91000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
112AEB20000
unkown
page read and write
 clean
183AF3F0000
unkown image
page readonly
 clean
288E464C000
unkown
page read and write
 clean
EED107B000
stack
page read and write
 clean
25CB92B0000
unkown image
page readonly
 clean
7DF5EFA62000
unkown image
page readonly
 clean
3096E7E000
stack
page read and write
 clean
112AE453000
unkown
page read and write
 clean
25CBEBF0000
unkown
page read and write
 clean
7FF5750A1000
unkown image
page readonly
 clean
25CB9990000
unkown image
page readonly
 clean
7FF548B32000
unkown image
page readonly
 clean
7FF579637000
unkown image
page readonly
 clean
7FF57963D000
unkown image
page readonly
 clean
7FF57942A000
unkown image
page readonly
 clean
25CBE7D0000
unkown
page read and write
 clean
66E77FF000
stack
page read and write
 clean
25CBA440000
unkown image
page readonly
 clean
25CBECFE000
unkown
page read and write
 clean
25CBED08000
unkown
page read and write
 clean
112AED85000
unkown
page read and write
 clean
7FF5DF9D7000
unkown image
page readonly
 clean
202D6980000
unkown image
page readonly
 clean
7DF58D610000
unkown image
page readonly
 clean
7DF5E9770000
unkown image
page readonly
 clean
183B0070000
unkown
page read and write
 clean
7DF48B4C0000
unkown image
page readonly
 clean
25CBE931000
unkown
page read and write
 clean
7FF5E5A14000
unkown image
page readonly
 clean
112AEAA0000
unkown image
page write copy
 clean
7FF548A76000
unkown image
page readonly
 clean
7FF548AE7000
unkown image
page readonly
 clean
7FF579581000
unkown image
page readonly
 clean
25CBEB80000
unkown
page read and write
 clean
25CBECF9000
unkown
page read and write
 clean
7FF5794FE000
unkown image
page readonly
 clean
7FF4FFFB7000
unkown image
page readonly
 clean
202D6427000
unkown
page read and write
 clean
7FF5E5BC3000
unkown image
page readonly
 clean
202D63A0000
unkown
page read and write
 clean
25CB9DDB000
unkown
page read and write
 clean
7FF5E5B35000
unkown image
page readonly
 clean
7FF5E5B99000
unkown image
page readonly
 clean
5E297F000
stack
page read and write
 clean
7FF548A4D000
unkown image
page readonly
 clean
25CBECE1000
unkown
page read and write
 clean
112AF200000
unkown
page read and write
 clean
7FF548B23000
unkown image
page readonly
 clean
7FF5E5761000
unkown image
page readonly
 clean
288E4647000
unkown
page read and write
 clean
7FF4FFFBB000
unkown image
page readonly
 clean
7FF579355000
unkown image
page readonly
 clean
7FF579593000
unkown image
page readonly
 clean
7FF579647000
unkown image
page readonly
 clean
183AF260000
unkown
page read and write
 clean
7FF548AED000
unkown image
page readonly
 clean
183AF33F000
unkown
page read and write
 clean
7FF579557000
unkown image
page readonly
 clean
7DF583432000
unkown image
page readonly
 clean
25CB9D59000
unkown
page read and write
 clean
202D6230000
unkown image
page read and write
 clean
7FF583843000
unkown image
page readonly
 clean
25CBECF1000
unkown
page read and write
 clean
25CB94FA000
unkown
page read and write
 clean
7FF5DF927000
unkown image
page readonly
 clean
7FF5DF987000
unkown image
page readonly
 clean
66E727F000
stack
page read and write
 clean
1DFAE9F0000
unkown image
page readonly
 clean
7FF579569000
unkown image
page readonly
 clean
7FF579574000
unkown image
page readonly
 clean
25CBECFE000
unkown
page read and write
 clean
183B0080000
unkown
page readonly
 clean
7FF5791B2000
unkown image
page readonly
 clean
25CBA420000
unkown image
page readonly
 clean
25CBECEA000
unkown
page read and write
 clean
288E4700000
unkown
page read and write
 clean
25CBE934000
unkown
page read and write
 clean
112AF202000
unkown
page read and write
 clean
112AE600000
unkown image
page readonly
 clean
25CB9D9A000
unkown
page read and write
 clean
25CBEA90000
unkown
page read and write
 clean
25CBE938000
unkown
page read and write
 clean
7FF5485E7000
unkown image
page readonly
 clean
7DF4E7640000
unkown image
page readonly
 clean
25CBECF9000
unkown
page read and write
 clean
7FF5E59C0000
unkown image
page readonly
 clean
7FF579397000
unkown image
page readonly
 clean
7FF583817000
unkown image
page readonly
 clean
25CBEC61000
unkown
page read and write
 clean
112AED7C000
unkown
page read and write
 clean
112AED00000
unkown
page read and write
 clean
7FF4FFF22000
unkown image
page readonly
 clean
7FF5E5985000
unkown image
page readonly
 clean
202D6429000
unkown
page read and write
 clean
7DF5528D2000
unkown image
page readonly
 clean
7FF575234000
unkown image
page readonly
 clean
7DF47CEE0000
unkown image
page readonly
 clean
7FF5DF99B000
unkown image
page readonly
 clean
25CBEA90000
unkown
page read and write
 clean
7FF5488CA000
unkown image
page readonly
 clean
112AF202000
unkown
page read and write
 clean
25CBE930000
unkown
page read and write
 clean
7FF4FFE75000
unkown image
page readonly
 clean
25CBECF9000
unkown
page read and write
 clean
112AE4A7000
unkown
page read and write
 clean
112AEDD6000
unkown
page read and write
 clean
7FF548B26000
unkown image
page readonly
 clean
7FF57933A000
unkown image
page readonly
 clean
25CBEA60000
unkown
page read and write
 clean
112AE4C3000
unkown
page read and write
 clean
112AF302000
unkown
page read and write
 clean
112AED9C000
unkown
page read and write
 clean
288E467C000
unkown
page read and write
 clean
EED12F7000
stack
page read and write
 clean
112AE516000
unkown
page read and write
 clean
183AF120000
unkown image
page read and write
 clean
7FF548926000
unkown image
page readonly
 clean
16C49280000
unkown image
page readonly
 clean
25CBEA70000
unkown
page read and write
 clean
7FF58381B000
unkown image
page readonly
 clean
25CBA400000
unkown image
page readonly
 clean
25CB946E000
unkown
page read and write
 clean
112AEDC2000
unkown
page read and write
 clean
25CB9475000
unkown
page read and write
 clean
202D647B000
unkown
page read and write
 clean
7FF5DF7A7000
unkown image
page readonly
 clean
112AED5C000
unkown
page read and write
 clean
7FF5E5BFD000
unkown image
page readonly
 clean
112AED85000
unkown
page read and write
 clean
7DF509DA0000
unkown image
page readonly
 clean
7FF574A98000
unkown image
page readonly
 clean
1DFAEAB2000
unkown
page read and write
 clean
7FF5DF9C6000
unkown image
page readonly
 clean
112AEDB0000
unkown
page read and write
 clean
5E25FA000
stack
page read and write
 clean
112AF26A000
unkown
page read and write
 clean
112AED48000
unkown
page read and write
 clean
7FF5E5AF8000
unkown image
page readonly
 clean
7FF583807000
unkown image
page readonly
 clean
288E4613000
unkown
page read and write
 clean
288E4580000
unkown
page read and write
 clean
7DF5EFA52000
unkown image
page readonly
 clean
7FF5DF8ED000
unkown image
page readonly
 clean
112AED9E000
unkown
page read and write
 clean
25CBE974000
unkown
page read and write
 clean
25CBA3F0000
unkown image
page readonly
 clean
7FF4FFFF2000
unkown image
page readonly
 clean
ABD1DFB000
unkown
page read and write
 clean
112AE447000
unkown
page read and write
 clean
112AED5C000
unkown
page read and write
 clean
112AED7C000
unkown
page read and write
 clean
288E4480000
heap default
page read and write
 clean
183AF170000
unkown image
page readonly
 clean
7FF579427000
unkown image
page readonly
 clean
25CBED08000
unkown
page read and write
 clean
16C49400000
unkown
page read and write
 clean
7FF58379D000
unkown image
page readonly
 clean
7FF5795B2000
unkown image
page readonly
 clean
25CB94AC000
unkown
page read and write
 clean
7FF548B37000
unkown image
page readonly
 clean
7DF5E9772000
unkown image
page readonly
 clean
25CBED02000
unkown
page read and write
 clean
25CB943D000
unkown
page read and write
 clean
7FF5751BD000
unkown image
page readonly
 clean
7FF4FFDB7000
unkown image
page readonly
 clean
1DFAEA00000
unkown image
page readonly
 clean
ABD20FE000
stack
page read and write
 clean
7FF5489B5000
unkown image
page readonly
 clean
1DFAE890000
unkown image
page readonly
 clean
25CBECE9000
unkown
page read and write
 clean
5E22F7000
stack
page read and write
 clean
7FF4FFAA1000
unkown image
page readonly
 clean
7FF5E5BF6000
unkown image
page readonly
 clean
25CB9D13000
unkown
page read and write
 clean
7DF58D600000
unkown image
page readonly
 clean
16C49513000
unkown
page read and write
 clean
7FF5E5AC0000
unkown image
page readonly
 clean
288E468E000
unkown
page read and write
 clean
7FF575277000
unkown image
page readonly
 clean
288E4627000
unkown
page read and write
 clean
7FF5793CB000
unkown image
page readonly
 clean
25CBECFE000
unkown
page read and write
 clean
112AED88000
unkown
page read and write
 clean
7FF4FFE38000
unkown image
page readonly
 clean
7FF548A56000
unkown image
page readonly
 clean
112AED69000
unkown
page read and write
 clean
7FF57522D000
unkown image
page readonly
 clean
7FF548B0A000
unkown image
page readonly
 clean
25CB9478000
unkown
page read and write
 clean
7DF5E9780000
unkown image
page readonly
 clean
7FF5794C8000
unkown image
page readonly
 clean
66E797F000
stack
page read and write
 clean
1DFAE890000
unkown image
page readonly
 clean
5E267F000
stack
page read and write
 clean
25CBEE40000
unkown
page read and write
 clean
112AEDAF000
unkown
page read and write
 clean
7DF5E9790000
unkown image
page readonly
 clean
ABD21FB000
stack
page read and write
 clean
7FF579634000
unkown image
page readonly
 clean
25CBEA90000
unkown
page read and write
 clean
112AE4A8000
unkown
page read and write
 clean
1DFAE870000
unkown image
page read and write
 clean
202D6240000
heap private
page read and write
 clean
7FF548AF4000
unkown image
page readonly
 clean
7FF5795DE000
unkown image
page readonly
 clean
7FF5751B6000
unkown image
page readonly
 clean
202D6250000
unkown image
page readonly
 clean
16C49C02000
unkown
page read and write
 clean
25CBECF9000
unkown
page read and write
 clean
25CBEC2B000
unkown
page read and write
 clean
7FF5E5C77000
unkown image
page readonly
 clean
25CBA410000
unkown image
page readonly
 clean
3201FA000
stack
page read and write
 clean
5E23F8000
stack
page read and write
 clean
7FF578EED000
unkown image
page readonly
 clean
7DF57F012000
unkown image
page readonly
 clean
7FF5E5812000
unkown image
page readonly
 clean
16C49240000
unkown image
page read and write
 clean
7FF4FFFE6000
unkown image
page readonly
 clean
288E4E02000
unkown
page read and write
 clean
7DF5EFA50000
unkown image
page readonly
 clean
112AED94000
unkown
page read and write
 clean
7DF5528D0000
unkown image
page readonly
 clean
7FF5E5549000
unkown image
page readonly
 clean
112AEB20000
unkown
page read and write
 clean
202D6380000
unkown image
page readonly
 clean
25CBEC54000
unkown
page read and write
 clean
7DF58D602000
unkown image
page readonly
 clean
16C49290000
unkown image
page readonly
 clean
7FF5793C0000
unkown image
page readonly
 clean
7FF574997000
unkown image
page readonly
 clean
112AED13000
unkown
page read and write
 clean
112AEB30000
unkown image
page read and write
 clean
25CB9D58000
unkown
page read and write
 clean
3096BCE000
stack
page read and write
 clean
7DF509D90000
unkown image
page readonly
 clean
1DFAEA9F000
unkown
page read and write
 clean
66E71F7000
stack
page read and write
 clean
EED11FB000
stack
page read and write
 clean
25CB9400000
unkown
page read and write
 clean
1DFAE8B0000
unkown image
page readonly
 clean
112AE508000
unkown
page read and write
 clean
112AEDAF000
unkown
page read and write
 clean
5E1E7B000
unkown
page read and write
 clean
7FF5751C9000
unkown image
page readonly
 clean
25CB9600000
unkown image
page readonly
 clean
25CBEC19000
unkown
page read and write
 clean
112AED0F000
unkown
page read and write
 clean
183AF280000
unkown
page read and write
 clean
7FF4FFF47000
unkown image
page readonly
 clean
25CB9800000
unkown image
page readonly
 clean
112AE4F6000
unkown
page read and write
 clean
7FF55A11B000
unkown image
page readonly
 clean
7DF58D602000
unkown image
page readonly
 clean
7FF5E5A5F000
unkown image
page readonly
 clean
7FF4FFFF7000
unkown image
page readonly
 clean
7FF4FF43E000
unkown image
page readonly
 clean
202D6C02000
unkown
page read and write
 clean
202D6498000
unkown
page read and write
 clean
EED0E7B000
unkown
page read and write
 clean
112AEDAF000
unkown
page read and write
 clean
5E21F7000
stack
page read and write
 clean
25CBEC1D000
unkown
page read and write
 clean
7FF5483A3000
unkown image
page readonly
 clean
112AE290000
unkown image
page read and write
 clean
7FF5795D9000
unkown image
page readonly
 clean
7DF5E9772000
unkown image
page readonly
 clean
7DF5E9782000
unkown image
page readonly
 clean
7DF5EFA52000
unkown image
page readonly
 clean
7FF58382A000
unkown image
page readonly
 clean
7FF5DF9D2000
unkown image
page readonly
 clean
112AE4D6000
unkown
page read and write
 clean
25CBECF0000
unkown
page read and write
 clean
25CBE954000
unkown
page read and write
 clean
5E24FF000
stack
page read and write
 clean
7FF5DF902000
unkown image
page readonly
 clean
7FF5791E2000
unkown image
page readonly
 clean
25CBED1C000
unkown
page read and write
 clean
7FF548AFB000
unkown image
page readonly
 clean
16C493B0000
unkown
page read and write
 clean
16C49390000
unkown image
page readonly
 clean
7FF5750B1000
unkown image
page readonly
 clean
7FF548A89000
unkown image
page readonly
 clean
25CB9502000
unkown
page read and write
 clean
288E463C000
unkown
page read and write
 clean
183AF7E0000
unkown image
page readonly
 clean
7DF58D5F2000
unkown image
page readonly
 clean
7FF575266000
unkown image
page readonly
 clean
112AEDB0000
unkown
page read and write
 clean
7FF548AF7000
unkown image
page readonly
 clean
112AE429000
unkown
page read and write
 clean
7DF583422000
unkown image
page readonly
 clean
112AED5C000
unkown
page read and write
 clean
202D6280000
unkown image
page readonly
 clean
66E78FE000
stack
page read and write
 clean
16C49470000
unkown
page read and write
 clean
7FF5E59F0000
unkown image
page readonly
 clean
7FF5E5A4A000
unkown image
page readonly
 clean
7FF579379000
unkown image
page readonly
 clean
7FF5E5BCD000
unkown image
page readonly
 clean
112AED87000
unkown
page read and write
 clean
112AEDBA000
unkown
page read and write
 clean
7FF57941A000
unkown image
page readonly
 clean
1DFAEE50000
unkown image
page readonly
 clean
25CBE790000
unkown
page read and write
 clean
7FF5E5C64000
unkown image
page readonly
 clean
1115A7E000
stack
page read and write
 clean
288E468A000
unkown
page read and write
 clean
25CB93D0000
unkown
page read and write
 clean
1DFAEC40000
heap private
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
288E4653000
unkown
page read and write
 clean
183AF351000
heap default
page read and write
 clean
7FF579372000
unkown image
page readonly
 clean
7FF583796000
unkown image
page readonly
 clean
7DF58D600000
unkown image
page readonly
 clean
183AF5A0000
unkown
page read and write
 clean
112AEDC5000
unkown
page read and write
 clean
25CBA790000
unkown
page read and write
 clean
202D643C000
unkown
page read and write
 clean
7DF57F012000
unkown image
page readonly
 clean
7FF5E5BAF000
unkown image
page readonly
 clean
7FF579505000
unkown image
page readonly
 clean
7DF5528D2000
unkown image
page readonly
 clean
66E787F000
stack
page read and write
 clean
183AF5C9000
heap private
page read and write
 clean
7FF5DF98D000
unkown image
page readonly
 clean
7DF4ED920000
unkown image
page readonly
 clean
7FF548948000
unkown image
page readonly
 clean
25CBECF0000
unkown
page read and write
 clean
7FF4FFDC7000
unkown image
page readonly
 clean
7FF5E5C6D000
unkown image
page readonly
 clean
183AF337000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
7FF579386000
unkown image
page readonly
 clean
7FF5DF929000
unkown image
page readonly
 clean
202D6502000
unkown
page read and write
 clean
7FF579560000
unkown image
page readonly
 clean
25CB9D18000
unkown
page read and write
 clean
7FF5749A5000
unkown image
page readonly
 clean
288E4B80000
unkown image
page readonly
 clean
7FF5DF818000
unkown image
page readonly
 clean
7FF4FFE00000
unkown image
page readonly
 clean
112AE3E0000
unkown image
page readonly
 clean
288E4410000
unkown image
page read and write
 clean
66E6DEC000
unkown
page read and write
 clean
25CB92D0000
heap default
page read and write
 clean
1115C7D000
stack
page read and write
 clean
112AEDD6000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
112AED87000
unkown
page read and write
 clean
25CBED0B000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
25CBEC87000
unkown
page read and write
 clean
7DF58D5F0000
unkown image
page readonly
 clean
7DF4812F0000
unkown image
page readonly
 clean
25CBEC89000
unkown
page read and write
 clean
7FF57958F000
unkown image
page readonly
 clean
16C49260000
unkown image
page readonly
 clean
112AF26A000
unkown
page read and write
 clean
112AEDC5000
unkown
page read and write
 clean
112AEDBA000
unkown
page read and write
 clean
183B00F0000
unkown
page read and write
 clean
7FF5E5736000
unkown image
page readonly
 clean
25CBED0B000
unkown
page read and write
 clean
7FF5DF243000
unkown image
page readonly
 clean
16C49508000
unkown
page read and write
 clean
7FF5E5B90000
unkown image
page readonly
 clean
7FF578DD8000
unkown image
page readonly
 clean
7FF583846000
unkown image
page readonly
 clean
7FF548B37000
unkown image
page readonly
 clean
112AE513000
unkown
page read and write
 clean
112AEB20000
unkown
page read and write
 clean
7FF574FFC000
unkown image
page readonly
 clean
7FF583765000
unkown image
page readonly
 clean
25CBE950000
unkown
page read and write
 clean
25CB9280000
unkown image
page readonly
 clean
7DF509DA0000
unkown image
page readonly
 clean
7FF4FFEEF000
unkown image
page readonly
 clean
16C492B0000
heap default
page read and write
 clean
25CBE820000
unkown
page read and write
 clean
7FF5E5523000
unkown image
page readonly
 clean
EED10FD000
stack
page read and write
 clean
7FF5795AA000
unkown image
page readonly
 clean
7FF5E5767000
unkown image
page readonly
 clean
ABD257F000
stack
page read and write
 clean
202D6800000
unkown image
page readonly
 clean
112AEDD0000
unkown
page read and write
 clean
7FF4FF444000
unkown image
page readonly
 clean
EED15FF000
stack
page read and write
 clean
25CB942A000
unkown
page read and write
 clean
25CBED02000
unkown
page read and write
 clean
7FF57499E000
unkown image
page readonly
 clean
7FF5DF8F6000
unkown image
page readonly
 clean
7FF548A87000
unkown image
page readonly
 clean
7FF5DF855000
unkown image
page readonly
 clean
7DF4507A0000
unkown image
page readonly
 clean
7FF5794C1000
unkown image
page readonly
 clean
112AED85000
unkown
page read and write
 clean
7FF5837A9000
unkown image
page readonly
 clean
112AED9E000
unkown
page read and write
 clean
16C49488000
unkown
page read and write
 clean
7FF548AE4000
unkown image
page readonly
 clean
112AE4EE000
unkown
page read and write
 clean
16C49800000
unkown image
page readonly
 clean
112AE2B0000
unkown image
page readonly
 clean
288E4430000
unkown image
page readonly
 clean
25CBECD4000
unkown
page read and write
 clean
112AED9E000
unkown
page read and write
 clean
25CB9D59000
unkown
page read and write
 clean
3097177000
stack
page read and write
 clean
1115BFE000
stack
page read and write
 clean
25CBA310000
unkown
page read and write
 clean
25CB948F000
unkown
page read and write
 clean
There are 870 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/fel.com.html
 clean