Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1e1bbebc-7077-41c2-b0d0-010994a4f9a9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4b5df066-1808-4671-b598-402687eef6c6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\58a6aaea-2665-4b08-a16f-7a037e82c586.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6170c8f7-aa1f-422e-9ca8-0520ca8815dc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\86d0eb85-2884-4f5c-ae3f-6e14f68a3379.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8c7d42dc-0f68-4227-950c-a22c819f05cc.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1779d42d-50ad-4a0e-9f1e-2985adc979a1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4702d075-197b-47d6-b892-5b7e7e8bbee1.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ee7b72d-2704-480a-b631-43eeaa50b7b1.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6ff27842-69a1-4547-ab4b-b2b7003c11d5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7df0c636-1b7d-4473-b437-e184c128183a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7ee4fcea-2e35-4c35-8e50-85a7c750c06b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8389f69c-971d-4bb0-adf6-3e8f51e56279.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.- (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old0 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old- (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldO0 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.l (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsfi (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.olde (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State3} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldet (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesi (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~- (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldp. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\3a674d97-f757-4252-adfe-76f7070bb597.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\5b9ca5a5-5480-4705-8be0-6dc7f3fa716e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old@
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old92 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dbe4fe55-0803-4632-863f-6a2ef7312467.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ff303aae-68fa-4a5c-9247-f73916b2f399.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldl (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State\0 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stateca (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheMP (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachel (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cacheru (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir2960_1662881758\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b991dcb1-229f-4fcf-b912-f0e9f285abcf.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e5e57809-e14e-4e54-b75d-323dcee0ac64.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f0a80b32-3e29-42f5-9773-a970d82ebf46.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1d97a6e2-905c-4bca-a018-7aaa872bdc81.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2960_2115728039\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2960_2115728039\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2960_2115728039\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2960_2115728039\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2960_2115728039\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\9ac2bd0c-d917-4cf8-b629-4882178cefa9.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\bb3f0d03-3cf6-4e32-bad7-7d3d25bc86b6.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\f491c458-6734-440b-86bb-4671824f0566.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\9ac2bd0c-d917-4cf8-b629-4882178cefa9.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\vi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\zh\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_locales\zh_TW\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_1027584741\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\1d97a6e2-905c-4bca-a018-7aaa872bdc81.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir2960_124402116\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 224 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://Hey,%20I'm%20bored!%20My%20contacts:%20https://localchicks3.com/?u=41nkd08&o=8dhpkzk
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,4411235333552159259,1498446926824188992,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1908 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://Hey,%20I'm%20bored!%20My%20contacts:%20https://localchicks3.com/?u=41nkd08&o=8dhpkzk
|
|
||
|
https://csp.withgoogle.com/csp/report-to/static-on-bigtable
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/one-google-eng
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/apps-themes
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/one-google-eng_
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/social-frontend-mpm-access
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
172.217.168.68
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/one-google-eng
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/social-frontend-mpm-accessCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://csp.withgoogle.com/csp/one-google-engCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://www.google.com/async/newtab_promos
|
172.217.168.68
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://www.google.com/async/ddljson?async=ntp:1
|
172.217.168.68
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.R9QuLJE0V3o.O/m=gapi_iframes
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themes
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access
|
unknown
|
|
|
|
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.R9QuLJE0V3o.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9DhQIvUvbE3v8eEhVx9XQkrkVYIQ/cb=gapi.loaded_0
|
172.217.168.78
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://fonts.google.com/license/googlerestricted
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 60 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.3
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
plus.l.google.com
|
172.217.168.78
|
|
|
|
www.google.com
|
172.217.168.68
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
apis.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
172.217.168.68
|
www.google.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
172.217.168.78
|
plus.l.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
172.217.168.3
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E60AF8000
|
stack
|
page read and write
|
|
|
|
7FF5697C1000
|
unkown image
|
page readonly
|
|
|
|
7DF510BD2000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA4C000
|
unkown
|
page read and write
|
|
|
|
361CBFC000
|
stack
|
page read and write
|
|
|
|
16F73688000
|
unkown
|
page read and write
|
|
|
|
7FF583096000
|
unkown image
|
page readonly
|
|
|
|
7FF5698B7000
|
unkown image
|
page readonly
|
|
|
|
7DF541022000
|
unkown image
|
page readonly
|
|
|
|
1B58018B000
|
unkown
|
page read and write
|
|
|
|
1B5801AF000
|
unkown
|
page read and write
|
|
|
|
7FF533146000
|
unkown image
|
page readonly
|
|
|
|
16F73700000
|
unkown
|
page read and write
|
|
|
|
7FF5831D1000
|
unkown image
|
page readonly
|
|
|
|
1B5801AC000
|
unkown
|
page read and write
|
|
|
|
7FF5698BD000
|
unkown image
|
page readonly
|
|
|
|
16F73540000
|
unkown image
|
page readonly
|
|
|
|
20E97700000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF599E13000
|
unkown image
|
page readonly
|
|
|
|
7FF583094000
|
unkown image
|
page readonly
|
|
|
|
7FF56984D000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA67000
|
unkown
|
page read and write
|
|
|
|
7FF502E7D000
|
unkown image
|
page readonly
|
|
|
|
E6F227C000
|
stack
|
page read and write
|
|
|
|
7FF583350000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
7FF56974F000
|
unkown image
|
page readonly
|
|
|
|
7FF502EC3000
|
unkown image
|
page readonly
|
|
|
|
1B57F850000
|
unkown
|
page read and write
|
|
|
|
7FF583101000
|
unkown image
|
page readonly
|
|
|
|
19EFF508000
|
unkown
|
page read and write
|
|
|
|
7FF533241000
|
unkown image
|
page readonly
|
|
|
|
510437F000
|
stack
|
page read and write
|
|
|
|
1B580174000
|
unkown
|
page read and write
|
|
|
|
95EED7F000
|
stack
|
page read and write
|
|
|
|
1F4BEA49000
|
unkown
|
page read and write
|
|
|
|
20E97740000
|
unkown
|
page read and write
|
|
|
|
1F4BEB02000
|
unkown
|
page read and write
|
|
|
|
7FF502EA7000
|
unkown image
|
page readonly
|
|
|
|
1F4BE8D0000
|
unkown image
|
page read and write
|
|
|
|
20E976C0000
|
unkown image
|
page read and write
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF53322C000
|
unkown image
|
page readonly
|
|
|
|
1B57F853000
|
unkown
|
page read and write
|
|
|
|
7DF5A7B32000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B30000
|
unkown image
|
page readonly
|
|
|
|
1B580600000
|
unkown
|
page read and write
|
|
|
|
7FF502E97000
|
unkown image
|
page readonly
|
|
|
|
7FF5332CF000
|
unkown image
|
page readonly
|
|
|
|
16F73660000
|
unkown
|
page read and write
|
|
|
|
7FF502EEA000
|
unkown image
|
page readonly
|
|
|
|
7FF583167000
|
unkown image
|
page readonly
|
|
|
|
7FF569919000
|
unkown image
|
page readonly
|
|
|
|
7DF5775B0000
|
unkown image
|
page readonly
|
|
|
|
7FF533399000
|
unkown image
|
page readonly
|
|
|
|
1B58017E000
|
unkown
|
page read and write
|
|
|
|
1E601BE000
|
stack
|
page read and write
|
|
|
|
1F4BEA8B000
|
unkown
|
page read and write
|
|
|
|
16F73629000
|
unkown
|
page read and write
|
|
|
|
7FF582EC6000
|
unkown image
|
page readonly
|
|
|
|
1B57F7B0000
|
unkown image
|
page readonly
|
|
|
|
7FF569931000
|
unkown image
|
page readonly
|
|
|
|
19EFFC02000
|
unkown
|
page read and write
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
20E97D10000
|
unkown image
|
page readonly
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
1F4BEA00000
|
unkown
|
page read and write
|
|
|
|
1B57F660000
|
unkown image
|
page read and write
|
|
|
|
7FF583259000
|
unkown image
|
page readonly
|
|
|
|
19EFF200000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
19EFF400000
|
unkown
|
page read and write
|
|
|
|
1B57F870000
|
unkown
|
page read and write
|
|
|
|
7DF5775C0000
|
unkown image
|
page readonly
|
|
|
|
1B5801DA000
|
unkown
|
page read and write
|
|
|
|
19EFF220000
|
unkown image
|
page readonly
|
|
|
|
1F4BECD0000
|
unkown image
|
page readonly
|
|
|
|
1B57F8FC000
|
unkown
|
page read and write
|
|
|
|
7DF5775B2000
|
unkown image
|
page readonly
|
|
|
|
7DF590FC0000
|
unkown image
|
page readonly
|
|
|
|
16F73E02000
|
unkown
|
page read and write
|
|
|
|
19EFF488000
|
unkown
|
page read and write
|
|
|
|
20E977D6000
|
unkown
|
page read and write
|
|
|
|
7FF569860000
|
unkown image
|
page readonly
|
|
|
|
7FF502F49000
|
unkown image
|
page readonly
|
|
|
|
510407E000
|
stack
|
page read and write
|
|
|
|
1F4BEB08000
|
unkown
|
page read and write
|
|
|
|
361CDF7000
|
stack
|
page read and write
|
|
|
|
7FF569710000
|
unkown image
|
page readonly
|
|
|
|
7DF590FD0000
|
unkown image
|
page readonly
|
|
|
|
7DF5775A0000
|
unkown image
|
page readonly
|
|
|
|
7DF43EEF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5333C1000
|
unkown image
|
page readonly
|
|
|
|
19EFF600000
|
unkown image
|
page readonly
|
|
|
|
7FF502ECE000
|
unkown image
|
page readonly
|
|
|
|
7FF569912000
|
unkown image
|
page readonly
|
|
|
|
7FF5832CD000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF582F24000
|
unkown image
|
page readonly
|
|
|
|
7FF56917E000
|
unkown image
|
page readonly
|
|
|
|
1B57F84C000
|
unkown
|
page read and write
|
|
|
|
7FF502F71000
|
unkown image
|
page readonly
|
|
|
|
7DF510BF0000
|
unkown image
|
page readonly
|
|
|
|
7DF5775B0000
|
unkown image
|
page readonly
|
|
|
|
7FF569877000
|
unkown image
|
page readonly
|
|
|
|
7FF502DF5000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
7FF583273000
|
unkown image
|
page readonly
|
|
|
|
7FF50235A000
|
unkown image
|
page readonly
|
|
|
|
1B580190000
|
unkown
|
page read and write
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
1B58019A000
|
unkown
|
page read and write
|
|
|
|
7DF48EE80000
|
unkown image
|
page readonly
|
|
|
|
7DF510BF0000
|
unkown image
|
page readonly
|
|
|
|
7FF599EAA000
|
unkown image
|
page readonly
|
|
|
|
1B57F856000
|
unkown
|
page read and write
|
|
|
|
1B57F670000
|
heap private
|
page read and write
|
|
|
|
7FF58323E000
|
unkown image
|
page readonly
|
|
|
|
7FF53331E000
|
unkown image
|
page readonly
|
|
|
|
7FF533245000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B22000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF502A57000
|
unkown image
|
page readonly
|
|
|
|
7FF582B8E000
|
unkown image
|
page readonly
|
|
|
|
7FF53321B000
|
unkown image
|
page readonly
|
|
|
|
7FF58315F000
|
unkown image
|
page readonly
|
|
|
|
1B57F913000
|
unkown
|
page read and write
|
|
|
|
1B57F8ED000
|
unkown
|
page read and write
|
|
|
|
1B57F8E9000
|
unkown
|
page read and write
|
|
|
|
7FF583334000
|
unkown image
|
page readonly
|
|
|
|
7FF58311D000
|
unkown image
|
page readonly
|
|
|
|
7FF58313B000
|
unkown image
|
page readonly
|
|
|
|
20E97B00000
|
heap private
|
page read and write
|
|
|
|
7DF541020000
|
unkown image
|
page readonly
|
|
|
|
7FF533171000
|
unkown image
|
page readonly
|
|
|
|
7FF58325D000
|
unkown image
|
page readonly
|
|
|
|
7FF583105000
|
unkown image
|
page readonly
|
|
|
|
1F4BE8F0000
|
unkown image
|
page readonly
|
|
|
|
95EECFF000
|
stack
|
page read and write
|
|
|
|
7FF569427000
|
unkown image
|
page readonly
|
|
|
|
16F7363C000
|
unkown
|
page read and write
|
|
|
|
95EF27F000
|
stack
|
page read and write
|
|
|
|
7FF582EB7000
|
unkown image
|
page readonly
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
1F4BEA4F000
|
unkown
|
page read and write
|
|
|
|
1B57F8A6000
|
unkown
|
page read and write
|
|
|
|
7DF590FC0000
|
unkown image
|
page readonly
|
|
|
|
16F73AD0000
|
unkown image
|
page readonly
|
|
|
|
7DF590FB2000
|
unkown image
|
page readonly
|
|
|
|
7FF5832A3000
|
unkown image
|
page readonly
|
|
|
|
1B580189000
|
unkown
|
page read and write
|
|
|
|
1B580172000
|
unkown
|
page read and write
|
|
|
|
7FF599DCD000
|
unkown image
|
page readonly
|
|
|
|
7FF583120000
|
unkown image
|
page readonly
|
|
|
|
E6F207F000
|
stack
|
page read and write
|
|
|
|
16F73671000
|
unkown
|
page read and write
|
|
|
|
7FF583109000
|
unkown image
|
page readonly
|
|
|
|
7FF5831BC000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B30000
|
unkown image
|
page readonly
|
|
|
|
7FF599E92000
|
unkown image
|
page readonly
|
|
|
|
7FF533045000
|
unkown image
|
page readonly
|
|
|
|
E6F1D3A000
|
unkown
|
page read and write
|
|
|
|
7DF510BD2000
|
unkown image
|
page readonly
|
|
|
|
7DF541040000
|
unkown image
|
page readonly
|
|
|
|
7FF582EB9000
|
unkown image
|
page readonly
|
|
|
|
20E97790000
|
unkown image
|
page read and write
|
|
|
|
19EFF1F0000
|
heap private
|
page read and write
|
|
|
|
7FF5696C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5333BA000
|
unkown image
|
page readonly
|
|
|
|
16F738D0000
|
unkown image
|
page readonly
|
|
|
|
19EFF230000
|
unkown image
|
page readonly
|
|
|
|
7FF5830B5000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B22000
|
unkown image
|
page readonly
|
|
|
|
7FF56972B000
|
unkown image
|
page readonly
|
|
|
|
7FF5331CF000
|
unkown image
|
page readonly
|
|
|
|
7FF568D30000
|
unkown image
|
page readonly
|
|
|
|
7FF533337000
|
unkown image
|
page readonly
|
|
|
|
7FF53333D000
|
unkown image
|
page readonly
|
|
|
|
1E60777000
|
stack
|
page read and write
|
|
|
|
20E977EF000
|
unkown
|
page read and write
|
|
|
|
7FF502E90000
|
unkown image
|
page readonly
|
|
|
|
7FF5830A1000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA4A000
|
unkown
|
page read and write
|
|
|
|
19EFF350000
|
unkown
|
page read and write
|
|
|
|
20E977D2000
|
unkown
|
page read and write
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
1E60C78000
|
stack
|
page read and write
|
|
|
|
1B580197000
|
unkown
|
page read and write
|
|
|
|
1B57F6B0000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA4B000
|
unkown
|
page read and write
|
|
|
|
7DF541020000
|
unkown image
|
page readonly
|
|
|
|
1B580186000
|
unkown
|
page read and write
|
|
|
|
16F73530000
|
heap default
|
page read and write
|
|
|
|
7FF583287000
|
unkown image
|
page readonly
|
|
|
|
7DF541030000
|
unkown image
|
page readonly
|
|
|
|
7DF510BD0000
|
unkown image
|
page readonly
|
|
|
|
16F73708000
|
unkown
|
page read and write
|
|
|
|
19EFF459000
|
unkown
|
page read and write
|
|
|
|
7FF533190000
|
unkown image
|
page readonly
|
|
|
|
19EFF44C000
|
unkown
|
page read and write
|
|
|
|
1B580195000
|
unkown
|
page read and write
|
|
|
|
1B5801CF000
|
unkown
|
page read and write
|
|
|
|
7FF502E79000
|
unkown image
|
page readonly
|
|
|
|
1B580175000
|
unkown
|
page read and write
|
|
|
|
1F4BE920000
|
unkown image
|
page readonly
|
|
|
|
16F73560000
|
unkown
|
page read and write
|
|
|
|
1E60E7F000
|
stack
|
page read and write
|
|
|
|
7FF599BB9000
|
unkown image
|
page readonly
|
|
|
|
1B57F8A8000
|
unkown
|
page read and write
|
|
|
|
7FF583201000
|
unkown image
|
page readonly
|
|
|
|
7FF5695C5000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B32000
|
unkown image
|
page readonly
|
|
|
|
1B57F680000
|
unkown image
|
page readonly
|
|
|
|
1B580199000
|
unkown
|
page read and write
|
|
|
|
1B580184000
|
unkown
|
page read and write
|
|
|
|
1B57F8E2000
|
unkown
|
page read and write
|
|
|
|
7DF5A7B40000
|
unkown image
|
page readonly
|
|
|
|
7DF590FC2000
|
unkown image
|
page readonly
|
|
|
|
7DF5775C0000
|
unkown image
|
page readonly
|
|
|
|
7FF502EED000
|
unkown image
|
page readonly
|
|
|
|
16F73713000
|
unkown
|
page read and write
|
|
|
|
1B57FF00000
|
unkown image
|
page read and write
|
|
|
|
7FF56984F000
|
unkown image
|
page readonly
|
|
|
|
7FF502CF6000
|
unkown image
|
page readonly
|
|
|
|
7FF583277000
|
unkown image
|
page readonly
|
|
|
|
7FF502DF1000
|
unkown image
|
page readonly
|
|
|
|
1B57F6A0000
|
unkown image
|
page readonly
|
|
|
|
7FF583247000
|
unkown image
|
page readonly
|
|
|
|
1B57F6D0000
|
heap default
|
page read and write
|
|
|
|
1E607FE000
|
stack
|
page read and write
|
|
|
|
1E60678000
|
stack
|
page read and write
|
|
|
|
1B57F7F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5831AB000
|
unkown image
|
page readonly
|
|
|
|
20E976E0000
|
unkown image
|
page readonly
|
|
|
|
7FF58333A000
|
unkown image
|
page readonly
|
|
|
|
1B57F859000
|
unkown
|
page read and write
|
|
|
|
20E977E5000
|
unkown
|
page read and write
|
|
|
|
16F73660000
|
unkown
|
page read and write
|
|
|
|
7FF58273A000
|
unkown image
|
page readonly
|
|
|
|
7FF5027AE000
|
unkown image
|
page readonly
|
|
|
|
7DF590FD0000
|
unkown image
|
page readonly
|
|
|
|
7FF599EC1000
|
unkown image
|
page readonly
|
|
|
|
7FF5333A4000
|
unkown image
|
page readonly
|
|
|
|
1B57F916000
|
unkown
|
page read and write
|
|
|
|
1F4BF202000
|
unkown
|
page read and write
|
|
|
|
1B580176000
|
unkown
|
page read and write
|
|
|
|
1F4BEA13000
|
unkown
|
page read and write
|
|
|
|
1B57F854000
|
unkown
|
page read and write
|
|
|
|
1B58018D000
|
unkown
|
page read and write
|
|
|
|
7FF599EB1000
|
unkown image
|
page readonly
|
|
|
|
1B58011D000
|
unkown
|
page read and write
|
|
|
|
7FF502E67000
|
unkown image
|
page readonly
|
|
|
|
7FF599DE7000
|
unkown image
|
page readonly
|
|
|
|
1B57F85C000
|
unkown
|
page read and write
|
|
|
|
7FF502360000
|
unkown image
|
page readonly
|
|
|
|
19EFF447000
|
unkown
|
page read and write
|
|
|
|
7FF599DE3000
|
unkown image
|
page readonly
|
|
|
|
1B57F829000
|
unkown
|
page read and write
|
|
|
|
7FF5831D5000
|
unkown image
|
page readonly
|
|
|
|
7FF53333A000
|
unkown image
|
page readonly
|
|
|
|
1B57F902000
|
unkown
|
page read and write
|
|
|
|
19EFF513000
|
unkown
|
page read and write
|
|
|
|
16F7364E000
|
unkown
|
page read and write
|
|
|
|
1B58017D000
|
unkown
|
page read and write
|
|
|
|
1E60B7E000
|
stack
|
page read and write
|
|
|
|
7FF5831FF000
|
unkown image
|
page readonly
|
|
|
|
7FF502F71000
|
unkown image
|
page readonly
|
|
|
|
19EFF502000
|
unkown
|
page read and write
|
|
|
|
7FF5332F7000
|
unkown image
|
page readonly
|
|
|
|
19EFF457000
|
unkown
|
page read and write
|
|
|
|
7FF5830D6000
|
unkown image
|
page readonly
|
|
|
|
7FF502DC5000
|
unkown image
|
page readonly
|
|
|
|
7FF5332E0000
|
unkown image
|
page readonly
|
|
|
|
1B580177000
|
unkown
|
page read and write
|
|
|
|
1B5801CF000
|
unkown
|
page read and write
|
|
|
|
7DF5A7B40000
|
unkown image
|
page readonly
|
|
|
|
7FF5832CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5698BA000
|
unkown image
|
page readonly
|
|
|
|
7FF582FD5000
|
unkown image
|
page readonly
|
|
|
|
7FF56993A000
|
unkown image
|
page readonly
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
7FF5831A5000
|
unkown image
|
page readonly
|
|
|
|
7FF502D7F000
|
unkown image
|
page readonly
|
|
|
|
1B57F83C000
|
unkown
|
page read and write
|
|
|
|
1B580128000
|
unkown
|
page read and write
|
|
|
|
1B58018F000
|
unkown
|
page read and write
|
|
|
|
7FF5832AE000
|
unkown image
|
page readonly
|
|
|
|
7FF5332D3000
|
unkown image
|
page readonly
|
|
|
|
1B58018A000
|
unkown
|
page read and write
|
|
|
|
7DF541040000
|
unkown image
|
page readonly
|
|
|
|
1B57F8B0000
|
unkown
|
page read and write
|
|
|
|
1F4BE910000
|
unkown image
|
page readonly
|
|
|
|
20E97B10000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA81000
|
unkown
|
page read and write
|
|
|
|
7FF53330B000
|
unkown image
|
page readonly
|
|
|
|
20E977C0000
|
heap default
|
page read and write
|
|
|
|
1B580174000
|
unkown
|
page read and write
|
|
|
|
7FF5332E3000
|
unkown image
|
page readonly
|
|
|
|
7FF502A51000
|
unkown image
|
page readonly
|
|
|
|
7FF5697C5000
|
unkown image
|
page readonly
|
|
|
|
7FF502E83000
|
unkown image
|
page readonly
|
|
|
|
7FF582CBB000
|
unkown image
|
page readonly
|
|
|
|
1B57F680000
|
unkown image
|
page readonly
|
|
|
|
7FF582E31000
|
unkown image
|
page readonly
|
|
|
|
16F73655000
|
unkown
|
page read and write
|
|
|
|
7FF502E93000
|
unkown image
|
page readonly
|
|
|
|
7FF569863000
|
unkown image
|
page readonly
|
|
|
|
361CAFF000
|
stack
|
page read and write
|
|
|
|
7FF5697AC000
|
unkown image
|
page readonly
|
|
|
|
19EFF450000
|
unkown
|
page read and write
|
|
|
|
1B5801AE000
|
unkown
|
page read and write
|
|
|
|
1E60D78000
|
stack
|
page read and write
|
|
|
|
19EFF47E000
|
unkown
|
page read and write
|
|
|
|
19EFF470000
|
unkown
|
page read and write
|
|
|
|
1E6047E000
|
stack
|
page read and write
|
|
|
|
19EFF250000
|
heap default
|
page read and write
|
|
|
|
7FF5332CD000
|
unkown image
|
page readonly
|
|
|
|
7FF599E99000
|
unkown image
|
page readonly
|
|
|
|
20E977EF000
|
unkown
|
page read and write
|
|
|
|
16F73702000
|
unkown
|
page read and write
|
|
|
|
19EFF980000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
1B57F8D5000
|
unkown
|
page read and write
|
|
|
|
1F4BEA52000
|
unkown
|
page read and write
|
|
|
|
5104177000
|
stack
|
page read and write
|
|
|
|
1B580171000
|
unkown
|
page read and write
|
|
|
|
1F4BE950000
|
unkown image
|
page readonly
|
|
|
|
1F4BEED0000
|
unkown image
|
page readonly
|
|
|
|
7DF5775B2000
|
unkown image
|
page readonly
|
|
|
|
1B57FEF0000
|
unkown
|
page read and write
|
|
|
|
16F734E0000
|
unkown image
|
page readonly
|
|
|
|
7FF56970D000
|
unkown image
|
page readonly
|
|
|
|
20E977D7000
|
heap default
|
page read and write
|
|
|
|
7FF582E37000
|
unkown image
|
page readonly
|
|
|
|
7FF532EA7000
|
unkown image
|
page readonly
|
|
|
|
7FF583022000
|
unkown image
|
page readonly
|
|
|
|
7FF5333C1000
|
unkown image
|
page readonly
|
|
|
|
20E977EF000
|
unkown
|
page read and write
|
|
|
|
7DF5775A2000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA29000
|
unkown
|
page read and write
|
|
|
|
7FF56992A000
|
unkown image
|
page readonly
|
|
|
|
7FF599DD3000
|
unkown image
|
page readonly
|
|
|
|
1E609F7000
|
stack
|
page read and write
|
|
|
|
7FF5333AA000
|
unkown image
|
page readonly
|
|
|
|
1F4BF050000
|
unkown image
|
page readonly
|
|
|
|
1B58066A000
|
unkown
|
page read and write
|
|
|
|
7FF56986E000
|
unkown image
|
page readonly
|
|
|
|
16F73613000
|
unkown
|
page read and write
|
|
|
|
1B57F84F000
|
unkown
|
page read and write
|
|
|
|
19EFF800000
|
unkown image
|
page readonly
|
|
|
|
1B580175000
|
unkown
|
page read and write
|
|
|
|
19EFF455000
|
unkown
|
page read and write
|
|
|
|
1B580186000
|
unkown
|
page read and write
|
|
|
|
1B57FEF0000
|
unkown
|
page read and write
|
|
|
|
7DF541022000
|
unkown image
|
page readonly
|
|
|
|
5103FFB000
|
stack
|
page read and write
|
|
|
|
20E97B05000
|
heap private
|
page read and write
|
|
|
|
7FF569941000
|
unkown image
|
page readonly
|
|
|
|
19EFF413000
|
unkown
|
page read and write
|
|
|
|
19EFF48D000
|
unkown
|
page read and write
|
|
|
|
7DF590FB0000
|
unkown image
|
page readonly
|
|
|
|
1B58019A000
|
unkown
|
page read and write
|
|
|
|
19EFF429000
|
unkown
|
page read and write
|
|
|
|
1B57FE80000
|
unkown image
|
page write copy
|
|
|
|
7DF541030000
|
unkown image
|
page readonly
|
|
|
|
7DF5775A0000
|
unkown image
|
page readonly
|
|
|
|
7FF599E0B000
|
unkown image
|
page readonly
|
|
|
|
7FF583212000
|
unkown image
|
page readonly
|
|
|
|
361CA7E000
|
stack
|
page read and write
|
|
|
|
7FF5333B1000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7DF510BE0000
|
unkown image
|
page readonly
|
|
|
|
95EF17F000
|
stack
|
page read and write
|
|
|
|
7FF502DCB000
|
unkown image
|
page readonly
|
|
|
|
7FF599EBA000
|
unkown image
|
page readonly
|
|
|
|
7FF583162000
|
unkown image
|
page readonly
|
|
|
|
7FF502F6A000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA3C000
|
unkown
|
page read and write
|
|
|
|
1B57F84B000
|
unkown
|
page read and write
|
|
|
|
7FF583270000
|
unkown image
|
page readonly
|
|
|
|
1B580171000
|
unkown
|
page read and write
|
|
|
|
1B580191000
|
unkown
|
page read and write
|
|
|
|
1B580174000
|
unkown
|
page read and write
|
|
|
|
7FF56979B000
|
unkown image
|
page readonly
|
|
|
|
7FF599EB5000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF533215000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
7FF58329B000
|
unkown image
|
page readonly
|
|
|
|
7FF502E7F000
|
unkown image
|
page readonly
|
|
|
|
7FF569893000
|
unkown image
|
page readonly
|
|
|
|
7DF510BD0000
|
unkown image
|
page readonly
|
|
|
|
19EFF44D000
|
unkown
|
page read and write
|
|
|
|
1B57F85B000
|
unkown
|
page read and write
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
1B57F7D0000
|
unkown
|
page read and write
|
|
|
|
20E977CB000
|
heap default
|
page read and write
|
|
|
|
7FF502F54000
|
unkown image
|
page readonly
|
|
|
|
7FF58322A000
|
unkown image
|
page readonly
|
|
|
|
7FF53318D000
|
unkown image
|
page readonly
|
|
|
|
361CFFE000
|
stack
|
page read and write
|
|
|
|
E6F1DBF000
|
stack
|
page read and write
|
|
|
|
1B58018C000
|
unkown
|
page read and write
|
|
|
|
1F4BEA70000
|
unkown
|
page read and write
|
|
|
|
7FF502D3D000
|
unkown image
|
page readonly
|
|
|
|
1B57F800000
|
unkown
|
page read and write
|
|
|
|
1B58016C000
|
unkown
|
page read and write
|
|
|
|
7FF5327B0000
|
unkown image
|
page readonly
|
|
|
|
7FF533313000
|
unkown image
|
page readonly
|
|
|
|
1B5801AF000
|
unkown
|
page read and write
|
|
|
|
16F73C50000
|
unkown image
|
page readonly
|
|
|
|
7FF569421000
|
unkown image
|
page readonly
|
|
|
|
7FF583233000
|
unkown image
|
page readonly
|
|
|
|
7FF583049000
|
unkown image
|
page readonly
|
|
|
|
7FF599DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF502BF5000
|
unkown image
|
page readonly
|
|
|
|
16F73600000
|
unkown
|
page read and write
|
|
|
|
7FF599EA4000
|
unkown image
|
page readonly
|
|
|
|
7FF532BFE000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA4D000
|
unkown
|
page read and write
|
|
|
|
1E608FF000
|
stack
|
page read and write
|
|
|
|
361CCFB000
|
stack
|
page read and write
|
|
|
|
19EFF446000
|
unkown
|
page read and write
|
|
|
|
7DF590FB2000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA50000
|
unkown
|
page read and write
|
|
|
|
1B5801C0000
|
unkown
|
page read and write
|
|
|
|
1B5801AF000
|
unkown
|
page read and write
|
|
|
|
16F73650000
|
unkown
|
page read and write
|
|
|
|
7FF502F42000
|
unkown image
|
page readonly
|
|
|
|
1B58014E000
|
unkown
|
page read and write
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
7FF583351000
|
unkown image
|
page readonly
|
|
|
|
7FF502D21000
|
unkown image
|
page readonly
|
|
|
|
1B57F85A000
|
unkown
|
page read and write
|
|
|
|
19EFF43C000
|
unkown
|
page read and write
|
|
|
|
1B580100000
|
unkown
|
page read and write
|
|
|
|
E6F2179000
|
stack
|
page read and write
|
|
|
|
7FF58322E000
|
unkown image
|
page readonly
|
|
|
|
1B58016C000
|
unkown
|
page read and write
|
|
|
|
1B580159000
|
unkown
|
page read and write
|
|
|
|
95EEF7B000
|
stack
|
page read and write
|
|
|
|
7FF502EE7000
|
unkown image
|
page readonly
|
|
|
|
1B57F8BE000
|
unkown
|
page read and write
|
|
|
|
1B58015A000
|
unkown
|
page read and write
|
|
|
|
7FF5332E7000
|
unkown image
|
page readonly
|
|
|
|
7FF569924000
|
unkown image
|
page readonly
|
|
|
|
1B580002000
|
unkown
|
page read and write
|
|
|
|
1F4BEB13000
|
unkown
|
page read and write
|
|
|
|
19EFF452000
|
unkown
|
page read and write
|
|
|
|
7DF590FB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5332B7000
|
unkown image
|
page readonly
|
|
|
|
7FF56989E000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
1B580176000
|
unkown
|
page read and write
|
|
|
|
510427F000
|
stack
|
page read and write
|
|
|
|
19EFF1E0000
|
unkown image
|
page read and write
|
|
|
|
7FF599EC1000
|
unkown image
|
page readonly
|
|
|
|
16F73510000
|
unkown image
|
page readonly
|
|
|
|
1B57FEF0000
|
unkown
|
page read and write
|
|
|
|
1B580602000
|
unkown
|
page read and write
|
|
|
|
7FF502F61000
|
unkown image
|
page readonly
|
|
|
|
7FF502D5B000
|
unkown image
|
page readonly
|
|
|
|
1B58018A000
|
unkown
|
page read and write
|
|
|
|
7FF599DCF000
|
unkown image
|
page readonly
|
|
|
|
1B57F8EC000
|
unkown
|
page read and write
|
|
|
|
7FF583329000
|
unkown image
|
page readonly
|
|
|
|
7FF582740000
|
unkown image
|
page readonly
|
|
|
|
7FF599E3D000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
1B580602000
|
unkown
|
page read and write
|
|
|
|
1F4BE970000
|
unkown
|
page read and write
|
|
|
|
7DF510BE2000
|
unkown image
|
page readonly
|
|
|
|
7DF40EAA0000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
16F734C0000
|
unkown image
|
page read and write
|
|
|
|
7FF583263000
|
unkown image
|
page readonly
|
|
|
|
7DF590FC2000
|
unkown image
|
page readonly
|
|
|
|
1F4BE940000
|
heap default
|
page read and write
|
|
|
|
7FF5331AB000
|
unkown image
|
page readonly
|
|
|
|
7FF58334A000
|
unkown image
|
page readonly
|
|
|
|
7FF569867000
|
unkown image
|
page readonly
|
|
|
|
361C78C000
|
unkown
|
page read and write
|
|
|
|
1B57F84A000
|
unkown
|
page read and write
|
|
|
|
7FF599E1E000
|
unkown image
|
page readonly
|
|
|
|
7DF4A59F0000
|
unkown image
|
page readonly
|
|
|
|
7FF583322000
|
unkown image
|
page readonly
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
1B58016B000
|
unkown
|
page read and write
|
|
|
|
7FF533392000
|
unkown image
|
page readonly
|
|
|
|
1F4BE8E0000
|
heap private
|
page read and write
|
|
|
|
7FF502D40000
|
unkown image
|
page readonly
|
|
|
|
7FF569849000
|
unkown image
|
page readonly
|
|
|
|
16F7367D000
|
unkown
|
page read and write
|
|
|
|
7DF475470000
|
unkown image
|
page readonly
|
|
|
|
361CEFF000
|
stack
|
page read and write
|
|
|
|
1F4BEB00000
|
unkown
|
page read and write
|
|
|
|
16F734D0000
|
heap private
|
page read and write
|
|
|
|
7FF582CB7000
|
unkown image
|
page readonly
|
|
|
|
7FF599E3A000
|
unkown image
|
page readonly
|
|
|
|
7FF502F5A000
|
unkown image
|
page readonly
|
|
|
|
20E976E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5A7B20000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA02000
|
unkown
|
page read and write
|
|
|
|
5103B7E000
|
stack
|
page read and write
|
|
|
|
1B57F813000
|
unkown
|
page read and write
|
|
|
|
7FF583341000
|
unkown image
|
page readonly
|
|
|
|
20E97770000
|
unkown image
|
page readonly
|
|
|
|
7FF599DEE000
|
unkown image
|
page readonly
|
|
|
|
7FF569941000
|
unkown image
|
page readonly
|
|
|
|
7FF583017000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
20E97780000
|
unkown image
|
page readonly
|
|
|
|
1B57F908000
|
unkown
|
page read and write
|
|
|
|
20E97E90000
|
unkown image
|
page readonly
|
|
|
|
7FF569853000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
19EFF330000
|
unkown image
|
page readonly
|
|
|
|
20E97720000
|
unkown
|
page read and write
|
|
|
|
1B58017E000
|
unkown
|
page read and write
|
|
|
|
1B5801B0000
|
unkown
|
page read and write
|
|
|
|
7DF541032000
|
unkown image
|
page readonly
|
|
|
|
7DF5775A2000
|
unkown image
|
page readonly
|
|
|
|
7FF569837000
|
unkown image
|
page readonly
|
|
|
|
E6F20FF000
|
stack
|
page read and write
|
|
|
|
7FF502E9E000
|
unkown image
|
page readonly
|
|
|
|
1B57F852000
|
unkown
|
page read and write
|
|
|
|
7FF502DDC000
|
unkown image
|
page readonly
|
|
|
|
7FF58325F000
|
unkown image
|
page readonly
|
|
|
|
1B5801AE000
|
unkown
|
page read and write
|
|
|
|
7FF5332C9000
|
unkown image
|
page readonly
|
|
|
|
7DF541032000
|
unkown image
|
page readonly
|
|
|
|
7DF510BE2000
|
unkown image
|
page readonly
|
|
|
|
1B580188000
|
unkown
|
page read and write
|
|
|
|
1B57FD80000
|
unkown image
|
page readonly
|
|
|
|
1B580602000
|
unkown
|
page read and write
|
|
|
|
1E6013B000
|
unkown
|
page read and write
|
|
|
|
7FF582CCC000
|
unkown image
|
page readonly
|
|
|
|
7FF58305B000
|
unkown image
|
page readonly
|
|
|
|
7FF5996FE000
|
unkown image
|
page readonly
|
|
|
|
7FF5332EE000
|
unkown image
|
page readonly
|
|
|
|
7FF58327E000
|
unkown image
|
page readonly
|
|
|
|
7FF599DD6000
|
unkown image
|
page readonly
|
|
|
|
7FF502EBB000
|
unkown image
|
page readonly
|
|
|
|
1E6057C000
|
stack
|
page read and write
|
|
|
|
19EFF44B000
|
unkown
|
page read and write
|
|
|
|
1B57F8C5000
|
unkown
|
page read and write
|
|
|
|
1F4BE8F0000
|
unkown image
|
page readonly
|
|
|
|
16F73500000
|
unkown image
|
page readonly
|
|
|
|
1B57F84D000
|
unkown
|
page read and write
|
|
|
|
5103BFE000
|
stack
|
page read and write
|
|
|
|
7DF5A7B20000
|
unkown image
|
page readonly
|
|
|
|
1B580175000
|
unkown
|
page read and write
|
|
|
|
20E977E6000
|
unkown
|
page read and write
|
|
|
|
7FF5696F1000
|
unkown image
|
page readonly
|
|
|
|
7FF56988B000
|
unkown image
|
page readonly
|
|
|
|
7FF582F27000
|
unkown image
|
page readonly
|
|
|
|
1B57FC00000
|
unkown image
|
page readonly
|
|
|
|
E6F21FF000
|
stack
|
page read and write
|
|
|
|
16F7364A000
|
unkown
|
page read and write
|
|
|
|
19EFF500000
|
unkown
|
page read and write
|
|
|
|
7FF569795000
|
unkown image
|
page readonly
|
|
|
|
7FF568D2A000
|
unkown image
|
page readonly
|
|
|
|
7FF5832C7000
|
unkown image
|
page readonly
|
|
|
|
7FF5830AF000
|
unkown image
|
page readonly
|
|
|
|
1B58018E000
|
unkown
|
page read and write
|
|
|
|
1B580602000
|
unkown
|
page read and write
|
|
|
|
5103AFB000
|
unkown
|
page read and write
|
|
|
|
1B57FA00000
|
unkown image
|
page readonly
|
|
|
|
1F4BEA67000
|
unkown
|
page read and write
|
|
|
|
19EFF200000
|
unkown image
|
page readonly
|
|
|
|
1B580602000
|
unkown
|
page read and write
|
|
|
|
1B58019F000
|
unkown
|
page read and write
|
|
|
|
19EFF44F000
|
unkown
|
page read and write
|
|
|
|
7DF510BE0000
|
unkown image
|
page readonly
|
|
|
|
95EEC7B000
|
unkown
|
page read and write
|
|
|
|
1B580190000
|
unkown
|
page read and write
|
|
|
|
1B580663000
|
unkown
|
page read and write
|
|
|
|
7FF532EA1000
|
unkown image
|
page readonly
|
|
|
|
95EF077000
|
stack
|
page read and write
|
|
|
|
1B57F888000
|
unkown
|
page read and write
|
|
|
|
19EFF45A000
|
unkown
|
page read and write
|
|
|
|
16F734E0000
|
unkown image
|
page readonly
|
|
There are 574 hidden memdumps, click here to show them.