Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0789cf2a-dc04-4d99-831d-c404eb5d0405.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3ada581d-e511-4c74-b033-e522249b4ce4.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6bddea24-4230-4b80-8ee0-176f853ce226.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7255c5ca-a304-4341-9313-5364449212a0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8de68b69-8c47-486b-a7c2-db971c0fb8f6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1cf6cef9-b290-4c7d-83d9-a5be948c912d.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\614bf547-e666-4173-ac22-64bcf88433bf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\662795b1-e622-4940-be2d-4847bd219c71.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\846c4430-0f32-4c27-9eae-dea2c4ec8bdf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\87f46c20-6a74-4bcf-8013-991f1e50b82a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\91dbff81-6a84-45ff-8c44-0bcd1622b08b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9f40b297-d1c6-4388-b441-80480072a5c3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.oldl (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsfi (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State( (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferenceso\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencess (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e2d81348-0c42-405d-a413-d53104e87f50.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\803fdf11-4637-4f43-8d15-91259fa2664f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State4f (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldNT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b810b3e1-8796-4cbe-a2ad-a1df5a9ef4e9.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b884d25b-07fa-4b06-bb94-2fadafcaf3b0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bdbd7831-a61b-4861-b83b-f8de65fa0858.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c990330f-aedb-46f7-b598-5aeff3c8be27.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache1b (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\h (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c0f72bf9-f5bf-4133-beee-4aea38c4807d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d9416643-bb62-4d59-813a-fb23906b1fe3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\eac34f83-7ba2-4de2-bee3-dd97c0b691c3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f5ec0854-dc38-4be1-9521-3232e66ebe19.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0b1055f7-0842-45cd-985d-fd400e330de9.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\2d0c365e-06ec-473f-b7a3-bde299685e0b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6940_195575001\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\72af6370-a24f-458e-b97e-a747f1d04f64.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\d2f9e940-436c-4539-89f9-bb72c7171f35.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\72af6370-a24f-458e-b97e-a747f1d04f64.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1304395877\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\2d0c365e-06ec-473f-b7a3-bde299685e0b.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6940_1885826855\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 241 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://t1.coolnovemberbreeze.com
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,5440362692709353865,9662057465936564892,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://t1.coolnovemberbreeze.com
|
 |
||
|
http://t1.coolnovemberbreeze.com/
|
51.161.115.163
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 46 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
t1.coolnovemberbreeze.com
|
51.161.115.163
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
51.161.115.163
|
t1.coolnovemberbreeze.com
|
Canada
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF50DBC2000
|
unkown image
|
page readonly
|
|
|
|
23C23316000
|
unkown
|
page read and write
|
|
|
|
7FF5A7546000
|
unkown image
|
page readonly
|
|
|
|
7FF51972E000
|
unkown image
|
page readonly
|
|
|
|
1AB328D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46CA000
|
unkown image
|
page readonly
|
|
|
|
23C23BAB000
|
unkown
|
page read and write
|
|
|
|
2199EB50000
|
unkown
|
page read and write
|
|
|
|
7DF5B59B2000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6FE000
|
unkown image
|
page readonly
|
|
|
|
1AB322D0000
|
heap private
|
page read and write
|
|
|
|
7DF502350000
|
unkown image
|
page readonly
|
|
|
|
7DF527472000
|
unkown image
|
page readonly
|
|
|
|
FBA8F7B000
|
unkown
|
page read and write
|
|
|
|
20EF6202000
|
unkown
|
page read and write
|
|
|
|
7FF518C3A000
|
unkown image
|
page readonly
|
|
|
|
23C23170000
|
heap default
|
page read and write
|
|
|
|
58D7B2A000
|
unkown
|
page read and write
|
|
|
|
7FF518FB6000
|
unkown image
|
page readonly
|
|
|
|
7FF51F947000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7C56000
|
unkown image
|
page readonly
|
|
|
|
7FF537C21000
|
unkown image
|
page readonly
|
|
|
|
2199DC30000
|
unkown image
|
page readonly
|
|
|
|
20EF61E0000
|
heap default
|
page read and write
|
|
|
|
1D85C870000
|
unkown image
|
page readonly
|
|
|
|
23C236D0000
|
unkown image
|
page readonly
|
|
|
|
1AB32300000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8C7000
|
unkown image
|
page readonly
|
|
|
|
23C23B8E000
|
unkown
|
page read and write
|
|
|
|
23C23BA8000
|
unkown
|
page read and write
|
|
|
|
23C23BA0000
|
unkown
|
page read and write
|
|
|
|
2199DE6F000
|
heap default
|
page read and write
|
|
|
|
23C232E7000
|
unkown
|
page read and write
|
|
|
|
1EDC0390000
|
unkown image
|
page readonly
|
|
|
|
1D85CB00000
|
unkown
|
page read and write
|
|
|
|
7FF50E7C1000
|
unkown image
|
page readonly
|
|
|
|
7FF51967C000
|
unkown image
|
page readonly
|
|
|
|
7FF51F4B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5197EA000
|
unkown image
|
page readonly
|
|
|
|
7DF502342000
|
unkown image
|
page readonly
|
|
|
|
7FF5197E4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F463E000
|
unkown image
|
page readonly
|
|
|
|
2199DE07000
|
heap default
|
page read and write
|
|
|
|
20EF6308000
|
unkown
|
page read and write
|
|
|
|
7DF51C432000
|
unkown image
|
page readonly
|
|
|
|
248DAA20000
|
unkown image
|
page readonly
|
|
|
|
7DF52D650000
|
unkown image
|
page readonly
|
|
|
|
1D85CA3D000
|
unkown
|
page read and write
|
|
|
|
7FF537C21000
|
unkown image
|
page readonly
|
|
|
|
23C23B71000
|
unkown
|
page read and write
|
|
|
|
7FF51F9A2000
|
unkown image
|
page readonly
|
|
|
|
7FF519713000
|
unkown image
|
page readonly
|
|
|
|
7FF50E59D000
|
unkown image
|
page readonly
|
|
|
|
7FF537C15000
|
unkown image
|
page readonly
|
|
|
|
2199DDE0000
|
unkown
|
page read and write
|
|
|
|
7FF50E651000
|
unkown image
|
page readonly
|
|
|
|
23C23BA0000
|
unkown
|
page read and write
|
|
|
|
7FF51F8FE000
|
unkown image
|
page readonly
|
|
|
|
2199DE11000
|
heap default
|
page read and write
|
|
|
|
23C24063000
|
unkown
|
page read and write
|
|
|
|
7FF5A7D45000
|
unkown image
|
page readonly
|
|
|
|
7FF51F825000
|
unkown image
|
page readonly
|
|
|
|
9BFE9FE000
|
stack
|
page read and write
|
|
|
|
7DF527480000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6D9000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7D51000
|
unkown image
|
page readonly
|
|
|
|
7FF50E747000
|
unkown image
|
page readonly
|
|
|
|
7FF5A75DE000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59D0000
|
unkown image
|
page readonly
|
|
|
|
20EF6190000
|
unkown image
|
page readonly
|
|
|
|
7FF51F82B000
|
unkown image
|
page readonly
|
|
|
|
7DF51C450000
|
unkown image
|
page readonly
|
|
|
|
7FF537B2F000
|
unkown image
|
page readonly
|
|
|
|
7FF518C41000
|
unkown image
|
page readonly
|
|
|
|
BA2677F000
|
stack
|
page read and write
|
|
|
|
2199DD70000
|
unkown image
|
page readonly
|
|
|
|
23C23150000
|
unkown image
|
page readonly
|
|
|
|
7FF51977D000
|
unkown image
|
page readonly
|
|
|
|
1D85CB13000
|
unkown
|
page read and write
|
|
|
|
7FF50E67F000
|
unkown image
|
page readonly
|
|
|
|
23C23B87000
|
unkown
|
page read and write
|
|
|
|
7FF5194A4000
|
unkown image
|
page readonly
|
|
|
|
20EF6A02000
|
unkown
|
page read and write
|
|
|
|
BA262FE000
|
stack
|
page read and write
|
|
|
|
7FF51EDBC000
|
unkown image
|
page readonly
|
|
|
|
23C23258000
|
unkown
|
page read and write
|
|
|
|
23C23B9F000
|
unkown
|
page read and write
|
|
|
|
23C23990000
|
unkown
|
page read and write
|
|
|
|
7DF443750000
|
unkown image
|
page readonly
|
|
|
|
23C231C0000
|
unkown image
|
page readonly
|
|
|
|
7FF519801000
|
unkown image
|
page readonly
|
|
|
|
1AB32360000
|
unkown
|
page read and write
|
|
|
|
9AEA17F000
|
stack
|
page read and write
|
|
|
|
7DF52D640000
|
unkown image
|
page readonly
|
|
|
|
23C23B91000
|
unkown
|
page read and write
|
|
|
|
248DAB50000
|
unkown image
|
page readonly
|
|
|
|
23C24002000
|
unkown
|
page read and write
|
|
|
|
7FF519369000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59D0000
|
unkown image
|
page readonly
|
|
|
|
23C23256000
|
unkown
|
page read and write
|
|
|
|
7FF4F44CB000
|
unkown image
|
page readonly
|
|
|
|
248DAD00000
|
unkown
|
page read and write
|
|
|
|
9BFE4BB000
|
unkown
|
page read and write
|
|
|
|
23C23BD2000
|
unkown
|
page read and write
|
|
|
|
7DF527462000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7519000
|
unkown image
|
page readonly
|
|
|
|
23C23BA0000
|
unkown
|
page read and write
|
|
|
|
1D85E3F0000
|
unkown
|
page read and write
|
|
|
|
1D85E3F0000
|
unkown
|
page read and write
|
|
|
|
23C23B8D000
|
unkown
|
page read and write
|
|
|
|
7DF51F042000
|
unkown image
|
page readonly
|
|
|
|
7FF50E63C000
|
unkown image
|
page readonly
|
|
|
|
7DF51F050000
|
unkown image
|
page readonly
|
|
|
|
98A4B7C000
|
stack
|
page read and write
|
|
|
|
1AB3243D000
|
unkown
|
page read and write
|
|
|
|
7DF52D642000
|
unkown image
|
page readonly
|
|
|
|
1D85CA76000
|
unkown
|
page read and write
|
|
|
|
248DAC2A000
|
unkown
|
page read and write
|
|
|
|
9AEA37F000
|
stack
|
page read and write
|
|
|
|
7FF537B9A000
|
unkown image
|
page readonly
|
|
|
|
7FF519367000
|
unkown image
|
page readonly
|
|
|
|
7FF50E5E2000
|
unkown image
|
page readonly
|
|
|
|
58D807C000
|
stack
|
page read and write
|
|
|
|
23C23B89000
|
unkown
|
page read and write
|
|
|
|
7FF5A7CCD000
|
unkown image
|
page readonly
|
|
|
|
7FF51F7A0000
|
unkown image
|
page readonly
|
|
|
|
1EDC0610000
|
unkown image
|
page readonly
|
|
|
|
7DF52D632000
|
unkown image
|
page readonly
|
|
|
|
7FF50E137000
|
unkown image
|
page readonly
|
|
|
|
20EF624F000
|
unkown
|
page read and write
|
|
|
|
23C234D0000
|
unkown image
|
page readonly
|
|
|
|
23C23253000
|
unkown
|
page read and write
|
|
|
|
7FF5A74BA000
|
unkown image
|
page readonly
|
|
|
|
23C23B6D000
|
unkown
|
page read and write
|
|
|
|
23C23B8D000
|
unkown
|
page read and write
|
|
|
|
20EF6213000
|
unkown
|
page read and write
|
|
|
|
1D85C850000
|
unkown image
|
page read and write
|
|
|
|
7FF5197D2000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8D9000
|
unkown image
|
page readonly
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
7FF5A75D9000
|
unkown image
|
page readonly
|
|
|
|
23C23BAB000
|
unkown
|
page read and write
|
|
|
|
23C23180000
|
unkown image
|
page readonly
|
|
|
|
248DB180000
|
unkown image
|
page readonly
|
|
|
|
248DAA10000
|
heap private
|
page read and write
|
|
|
|
23C23B23000
|
unkown
|
page read and write
|
|
|
|
23C23B80000
|
unkown
|
page read and write
|
|
|
|
98A4A7D000
|
stack
|
page read and write
|
|
|
|
23C23B5B000
|
unkown
|
page read and write
|
|
|
|
7FF4F460E000
|
unkown image
|
page readonly
|
|
|
|
20EF6180000
|
heap private
|
page read and write
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
7FF51132E000
|
unkown image
|
page readonly
|
|
|
|
58D7F7A000
|
stack
|
page read and write
|
|
|
|
7FF50DBBC000
|
unkown image
|
page readonly
|
|
|
|
9AEA57B000
|
stack
|
page read and write
|
|
|
|
7FF5195BC000
|
unkown image
|
page readonly
|
|
|
|
1D85CA65000
|
unkown
|
page read and write
|
|
|
|
1D85CC00000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7D29000
|
unkown image
|
page readonly
|
|
|
|
20EF6300000
|
unkown
|
page read and write
|
|
|
|
7DF545882000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7CA2000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8DF000
|
unkown image
|
page readonly
|
|
|
|
34E9C79000
|
stack
|
page read and write
|
|
|
|
7FF5A7B67000
|
unkown image
|
page readonly
|
|
|
|
7FF537C04000
|
unkown image
|
page readonly
|
|
|
|
7DF51C430000
|
unkown image
|
page readonly
|
|
|
|
7FF519720000
|
unkown image
|
page readonly
|
|
|
|
248DB402000
|
unkown
|
page read and write
|
|
|
|
58D7BAF000
|
stack
|
page read and write
|
|
|
|
23C23BAB000
|
unkown
|
page read and write
|
|
|
|
7FF4F4365000
|
unkown image
|
page readonly
|
|
|
|
7FF51F756000
|
unkown image
|
page readonly
|
|
|
|
7FF50E4DB000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6AA000
|
unkown image
|
page readonly
|
|
|
|
23C239A0000
|
unkown image
|
page read and write
|
|
|
|
7DF5B59B0000
|
unkown image
|
page readonly
|
|
|
|
23C23B17000
|
unkown
|
page read and write
|
|
|
|
7FF5A7D4A000
|
unkown image
|
page readonly
|
|
|
|
1D85CA2A000
|
unkown
|
page read and write
|
|
|
|
9AE9E7E000
|
stack
|
page read and write
|
|
|
|
1AB322E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59C0000
|
unkown image
|
page readonly
|
|
|
|
20EF6302000
|
unkown
|
page read and write
|
|
|
|
2199E490000
|
unkown image
|
page readonly
|
|
|
|
1D85CA00000
|
unkown
|
page read and write
|
|
|
|
7DF51C430000
|
unkown image
|
page readonly
|
|
|
|
1EDC045F000
|
unkown
|
page read and write
|
|
|
|
7DF52D642000
|
unkown image
|
page readonly
|
|
|
|
7FF51F851000
|
unkown image
|
page readonly
|
|
|
|
23C23B5A000
|
unkown
|
page read and write
|
|
|
|
7FF5A7C5F000
|
unkown image
|
page readonly
|
|
|
|
34E97EB000
|
unkown
|
page read and write
|
|
|
|
7FF50E625000
|
unkown image
|
page readonly
|
|
|
|
1AB32310000
|
unkown image
|
page readonly
|
|
|
|
7DF502350000
|
unkown image
|
page readonly
|
|
|
|
7FF50E7B4000
|
unkown image
|
page readonly
|
|
|
|
7FF50E4A2000
|
unkown image
|
page readonly
|
|
|
|
7FF51F92E000
|
unkown image
|
page readonly
|
|
|
|
1D85CB1C000
|
unkown
|
page read and write
|
|
|
|
7FF51F9C1000
|
unkown image
|
page readonly
|
|
|
|
7FF51970D000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6F0000
|
unkown image
|
page readonly
|
|
|
|
7FF50E337000
|
unkown image
|
page readonly
|
|
|
|
7DF545890000
|
unkown image
|
page readonly
|
|
|
|
9BFED7D000
|
stack
|
page read and write
|
|
|
|
23C23B5A000
|
unkown
|
page read and write
|
|
|
|
23C23100000
|
unkown image
|
page read and write
|
|
|
|
7FF5A7CAE000
|
unkown image
|
page readonly
|
|
|
|
20EF6940000
|
unkown
|
page read and write
|
|
|
|
7FF5113A2000
|
unkown image
|
page readonly
|
|
|
|
1D85C9C0000
|
unkown
|
page read and write
|
|
|
|
7FF50E589000
|
unkown image
|
page readonly
|
|
|
|
7FF50E723000
|
unkown image
|
page readonly
|
|
|
|
1EDC07E0000
|
unkown image
|
page readonly
|
|
|
|
7FF511090000
|
unkown image
|
page readonly
|
|
|
|
23C23B71000
|
unkown
|
page read and write
|
|
|
|
23C23990000
|
unkown
|
page read and write
|
|
|
|
23C232D2000
|
unkown
|
page read and write
|
|
|
|
1AB326D0000
|
unkown image
|
page readonly
|
|
|
|
34E9BF9000
|
stack
|
page read and write
|
|
|
|
1AB32390000
|
unkown
|
page read and write
|
|
|
|
7FF50E3A4000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46B2000
|
unkown image
|
page readonly
|
|
|
|
7FF50E535000
|
unkown image
|
page readonly
|
|
|
|
BA25FBB000
|
unkown
|
page read and write
|
|
|
|
7DF527460000
|
unkown image
|
page readonly
|
|
|
|
7FF4F3F02000
|
unkown image
|
page readonly
|
|
|
|
248DAC47000
|
unkown
|
page read and write
|
|
|
|
7DF527470000
|
unkown image
|
page readonly
|
|
|
|
7FF51F923000
|
unkown image
|
page readonly
|
|
|
|
7FF5197F5000
|
unkown image
|
page readonly
|
|
|
|
1EDC0600000
|
unkown image
|
page readonly
|
|
|
|
1EDC03D0000
|
unkown
|
page read and write
|
|
|
|
7DF52D650000
|
unkown image
|
page readonly
|
|
|
|
7FF51F7BB000
|
unkown image
|
page readonly
|
|
|
|
7FF511328000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7C9B000
|
unkown image
|
page readonly
|
|
|
|
7FF50E516000
|
unkown image
|
page readonly
|
|
|
|
1EDC07D0000
|
heap private
|
page read and write
|
|
|
|
23C23285000
|
unkown
|
page read and write
|
|
|
|
23C2325A000
|
unkown
|
page read and write
|
|
|
|
23C24019000
|
unkown
|
page read and write
|
|
|
|
23C23B8A000
|
unkown
|
page read and write
|
|
|
|
1D85C860000
|
heap private
|
page read and write
|
|
|
|
7FF51977A000
|
unkown image
|
page readonly
|
|
|
|
23C23990000
|
unkown
|
page read and write
|
|
|
|
248DAE00000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4535000
|
unkown image
|
page readonly
|
|
|
|
1D85C9A0000
|
unkown image
|
page readonly
|
|
|
|
23C23120000
|
unkown image
|
page readonly
|
|
|
|
7FF518FA1000
|
unkown image
|
page readonly
|
|
|
|
2199DD40000
|
unkown
|
page read and write
|
|
|
|
2199DBF0000
|
unkown
|
page read and write
|
|
|
|
23C232A6000
|
unkown
|
page read and write
|
|
|
|
1EDC0441000
|
unkown
|
page read and write
|
|
|
|
7FF50E72E000
|
unkown image
|
page readonly
|
|
|
|
1EDC0790000
|
unkown image
|
page readonly
|
|
|
|
7FF510B8A000
|
unkown image
|
page readonly
|
|
|
|
1D85C8A0000
|
unkown image
|
page readonly
|
|
|
|
7FF537B2D000
|
unkown image
|
page readonly
|
|
|
|
FBA977F000
|
stack
|
page read and write
|
|
|
|
23C23A02000
|
unkown
|
page read and write
|
|
|
|
7FF50E5DF000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4603000
|
unkown image
|
page readonly
|
|
|
|
9AEA5FF000
|
stack
|
page read and write
|
|
|
|
7FF5113D1000
|
unkown image
|
page readonly
|
|
|
|
23C23B98000
|
unkown
|
page read and write
|
|
|
|
9BFEC7F000
|
stack
|
page read and write
|
|
|
|
20EF6200000
|
unkown
|
page read and write
|
|
|
|
7FF511156000
|
unkown image
|
page readonly
|
|
|
|
7FF518ED9000
|
unkown image
|
page readonly
|
|
|
|
9AEA477000
|
stack
|
page read and write
|
|
|
|
23C23BA8000
|
unkown
|
page read and write
|
|
|
|
1D85CA58000
|
unkown
|
page read and write
|
|
|
|
7FF50E455000
|
unkown image
|
page readonly
|
|
|
|
23C23BD2000
|
unkown
|
page read and write
|
|
|
|
23C24000000
|
unkown
|
page read and write
|
|
|
|
7FF50E339000
|
unkown image
|
page readonly
|
|
|
|
2199DD69000
|
heap private
|
page read and write
|
|
|
|
98A4C7E000
|
stack
|
page read and write
|
|
|
|
7FF5195EB000
|
unkown image
|
page readonly
|
|
|
|
1D85CA47000
|
unkown
|
page read and write
|
|
|
|
7DF41A300000
|
unkown image
|
page readonly
|
|
|
|
7DF5458A0000
|
unkown image
|
page readonly
|
|
|
|
23C23B7D000
|
unkown
|
page read and write
|
|
|
|
7FF5A7D22000
|
unkown image
|
page readonly
|
|
|
|
7DF51F050000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4561000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6BE000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6C7000
|
unkown image
|
page readonly
|
|
|
|
7FF51EDC2000
|
unkown image
|
page readonly
|
|
|
|
7DF52D630000
|
unkown image
|
page readonly
|
|
|
|
7FF4F45D7000
|
unkown image
|
page readonly
|
|
|
|
1D85C870000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7D41000
|
unkown image
|
page readonly
|
|
|
|
23C231A0000
|
unkown
|
page read and write
|
|
|
|
2199EB40000
|
unkown
|
page readonly
|
|
|
|
1D85CA81000
|
unkown
|
page read and write
|
|
|
|
248DB000000
|
unkown image
|
page readonly
|
|
|
|
23C232B0000
|
unkown
|
page read and write
|
|
|
|
7DF51C440000
|
unkown image
|
page readonly
|
|
|
|
248DAC4E000
|
unkown
|
page read and write
|
|
|
|
9BFE97C000
|
stack
|
page read and write
|
|
|
|
7FF51F9D1000
|
unkown image
|
page readonly
|
|
|
|
7FF50E692000
|
unkown image
|
page readonly
|
|
|
|
23C23B7A000
|
unkown
|
page read and write
|
|
|
|
23C23252000
|
unkown
|
page read and write
|
|
|
|
7FF5112E3000
|
unkown image
|
page readonly
|
|
|
|
7FF537B9D000
|
unkown image
|
page readonly
|
|
|
|
7FF4F45ED000
|
unkown image
|
page readonly
|
|
|
|
248DAA20000
|
unkown image
|
page readonly
|
|
|
|
98A477F000
|
stack
|
page read and write
|
|
|
|
34E9B7F000
|
stack
|
page read and write
|
|
|
|
1D85CA59000
|
unkown
|
page read and write
|
|
|
|
2199DD20000
|
unkown
|
page read and write
|
|
|
|
98A487E000
|
stack
|
page read and write
|
|
|
|
23C23B75000
|
unkown
|
page read and write
|
|
|
|
7FF5A7C70000
|
unkown image
|
page readonly
|
|
|
|
1EDC0370000
|
unkown image
|
page read and write
|
|
|
|
7DF5B59C2000
|
unkown image
|
page readonly
|
|
|
|
1D85CA02000
|
unkown
|
page read and write
|
|
|
|
7FF5112D9000
|
unkown image
|
page readonly
|
|
|
|
7FF50E585000
|
unkown image
|
page readonly
|
|
|
|
20EF64D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F3ACC000
|
unkown image
|
page readonly
|
|
|
|
1EDC0455000
|
unkown
|
page read and write
|
|
|
|
7FF519024000
|
unkown image
|
page readonly
|
|
|
|
1EDC045F000
|
unkown
|
page read and write
|
|
|
|
7FF50E6F7000
|
unkown image
|
page readonly
|
|
|
|
7DF42B500000
|
unkown image
|
page readonly
|
|
|
|
7FF5110EA000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4633000
|
unkown image
|
page readonly
|
|
|
|
23C23B79000
|
unkown
|
page read and write
|
|
|
|
1D85E3B0000
|
unkown
|
page read and write
|
|
|
|
23C23302000
|
unkown
|
page read and write
|
|
|
|
7FF5A7D34000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5112F3000
|
unkown image
|
page readonly
|
|
|
|
7FF51134A000
|
unkown image
|
page readonly
|
|
|
|
1D85E600000
|
unkown
|
page read and write
|
|
|
|
1AB32340000
|
unkown image
|
page readonly
|
|
|
|
7FF519709000
|
unkown image
|
page readonly
|
|
|
|
248DAC89000
|
unkown
|
page read and write
|
|
|
|
7FF511087000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74EA000
|
unkown image
|
page readonly
|
|
|
|
7FF4F3AD2000
|
unkown image
|
page readonly
|
|
|
|
BA2657E000
|
stack
|
page read and write
|
|
|
|
7FF50E13B000
|
unkown image
|
page readonly
|
|
|
|
7FF51F855000
|
unkown image
|
page readonly
|
|
|
|
7DF502360000
|
unkown image
|
page readonly
|
|
|
|
7FF5112FE000
|
unkown image
|
page readonly
|
|
|
|
23C2324F000
|
unkown
|
page read and write
|
|
|
|
7DF527480000
|
unkown image
|
page readonly
|
|
|
|
7FF5A74B3000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7C5D000
|
unkown image
|
page readonly
|
|
|
|
23C23BB9000
|
unkown
|
page read and write
|
|
|
|
23C23B87000
|
unkown
|
page read and write
|
|
|
|
7FF50E6F3000
|
unkown image
|
page readonly
|
|
|
|
7FF50E3A7000
|
unkown image
|
page readonly
|
|
|
|
23C23B87000
|
unkown
|
page read and write
|
|
|
|
9BFEAFE000
|
stack
|
page read and write
|
|
|
|
34E9D7B000
|
stack
|
page read and write
|
|
|
|
1AB32413000
|
unkown
|
page read and write
|
|
|
|
1D85E402000
|
unkown
|
page read and write
|
|
|
|
23C23B49000
|
unkown
|
page read and write
|
|
|
|
7FF519777000
|
unkown image
|
page readonly
|
|
|
|
7DF51C450000
|
unkown image
|
page readonly
|
|
|
|
7FF5195B3000
|
unkown image
|
page readonly
|
|
|
|
23C23BCF000
|
unkown
|
page read and write
|
|
|
|
7DF52D632000
|
unkown image
|
page readonly
|
|
|
|
7FF537819000
|
unkown image
|
page readonly
|
|
|
|
7FF50E7BA000
|
unkown image
|
page readonly
|
|
|
|
7FF519752000
|
unkown image
|
page readonly
|
|
|
|
7FF50E521000
|
unkown image
|
page readonly
|
|
|
|
23C23B87000
|
unkown
|
page read and write
|
|
|
|
7FF51F9A9000
|
unkown image
|
page readonly
|
|
|
|
1AB32402000
|
unkown
|
page read and write
|
|
|
|
98A497F000
|
stack
|
page read and write
|
|
|
|
7FF50E6AE000
|
unkown image
|
page readonly
|
|
|
|
1AB32C02000
|
unkown
|
page read and write
|
|
|
|
7DF51F040000
|
unkown image
|
page readonly
|
|
|
|
7FF5112C7000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4607000
|
unkown image
|
page readonly
|
|
|
|
2199DE00000
|
heap default
|
page read and write
|
|
|
|
7FF4F4491000
|
unkown image
|
page readonly
|
|
|
|
2199DDC0000
|
unkown
|
page read and write
|
|
|
|
248DAA70000
|
heap default
|
page read and write
|
|
|
|
1AB3245C000
|
unkown
|
page read and write
|
|
|
|
7FF537B40000
|
unkown image
|
page readonly
|
|
|
|
20EF61B0000
|
unkown image
|
page readonly
|
|
|
|
1D85C8C0000
|
heap default
|
page read and write
|
|
|
|
23C24002000
|
unkown
|
page read and write
|
|
|
|
2199EB30000
|
unkown
|
page read and write
|
|
|
|
7FF51F8F7000
|
unkown image
|
page readonly
|
|
|
|
23C2323C000
|
unkown
|
page read and write
|
|
|
|
7DF4B3880000
|
unkown image
|
page readonly
|
|
|
|
9BFE87E000
|
stack
|
page read and write
|
|
|
|
7FF4F41C7000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46DA000
|
unkown image
|
page readonly
|
|
|
|
23C23B4F000
|
unkown
|
page read and write
|
|
|
|
248DAD13000
|
unkown
|
page read and write
|
|
|
|
7FF50E6B3000
|
unkown image
|
page readonly
|
|
|
|
23C23B7D000
|
unkown
|
page read and write
|
|
|
|
7FF51F94A000
|
unkown image
|
page readonly
|
|
|
|
23C23B87000
|
unkown
|
page read and write
|
|
|
|
248DAC6F000
|
unkown
|
page read and write
|
|
|
|
FBA967E000
|
stack
|
page read and write
|
|
|
|
7FF50E514000
|
unkown image
|
page readonly
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
7DF425330000
|
unkown image
|
page readonly
|
|
|
|
7FF537B47000
|
unkown image
|
page readonly
|
|
|
|
23C23B00000
|
unkown
|
page read and write
|
|
|
|
34E9CFE000
|
stack
|
page read and write
|
|
|
|
7FF519723000
|
unkown image
|
page readonly
|
|
|
|
20EF624D000
|
unkown
|
page read and write
|
|
|
|
1EDC07A0000
|
unkown image
|
page read and write
|
|
|
|
7DF527470000
|
unkown image
|
page readonly
|
|
|
|
7FF51F9B4000
|
unkown image
|
page readonly
|
|
|
|
1D85E3F0000
|
unkown
|
page read and write
|
|
|
|
23C23B8D000
|
unkown
|
page read and write
|
|
|
|
7FF50E2B7000
|
unkown image
|
page readonly
|
|
|
|
7FF537C11000
|
unkown image
|
page readonly
|
|
|
|
23C23110000
|
heap private
|
page read and write
|
|
|
|
1D85E9F0000
|
unkown image
|
page write copy
|
|
|
|
2199DE45000
|
unkown
|
page read and write
|
|
|
|
7FF4F4617000
|
unkown image
|
page readonly
|
|
|
|
7FF50E52F000
|
unkown image
|
page readonly
|
|
|
|
7FF51F94D000
|
unkown image
|
page readonly
|
|
|
|
7FF51F781000
|
unkown image
|
page readonly
|
|
|
|
1AB32A50000
|
unkown image
|
page readonly
|
|
|
|
7FF51F9D1000
|
unkown image
|
page readonly
|
|
|
|
23C23B5C000
|
unkown
|
page read and write
|
|
|
|
23C232DF000
|
unkown
|
page read and write
|
|
|
|
7FF51F91B000
|
unkown image
|
page readonly
|
|
|
|
FBA937B000
|
stack
|
page read and write
|
|
|
|
7FF5196F7000
|
unkown image
|
page readonly
|
|
|
|
7FF51903E000
|
unkown image
|
page readonly
|
|
|
|
23C23B73000
|
unkown
|
page read and write
|
|
|
|
2199E4A0000
|
unkown image
|
page readonly
|
|
|
|
23C23B73000
|
unkown
|
page read and write
|
|
|
|
7FF4F45EF000
|
unkown image
|
page readonly
|
|
|
|
248DAD02000
|
unkown
|
page read and write
|
|
|
|
7FF50E7D1000
|
unkown image
|
page readonly
|
|
|
|
7FF51F9BA000
|
unkown image
|
page readonly
|
|
|
|
7FF50E26B000
|
unkown image
|
page readonly
|
|
|
|
1AB3242A000
|
unkown
|
page read and write
|
|
|
|
7FF50E71B000
|
unkown image
|
page readonly
|
|
|
|
58D7FFE000
|
stack
|
page read and write
|
|
|
|
7FF537B36000
|
unkown image
|
page readonly
|
|
|
|
20EF61F0000
|
unkown image
|
page readonly
|
|
|
|
23C2324C000
|
unkown
|
page read and write
|
|
|
|
23C23B98000
|
unkown
|
page read and write
|
|
|
|
23C232C4000
|
unkown
|
page read and write
|
|
|
|
7FF51959F000
|
unkown image
|
page readonly
|
|
|
|
7FF50E681000
|
unkown image
|
page readonly
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
23C232A5000
|
unkown
|
page read and write
|
|
|
|
7FF537C1A000
|
unkown image
|
page readonly
|
|
|
|
1EDC03B0000
|
unkown image
|
page readonly
|
|
|
|
7FF511292000
|
unkown image
|
page readonly
|
|
|
|
23C23B6F000
|
unkown
|
page read and write
|
|
|
|
1D85CA49000
|
unkown
|
page read and write
|
|
|
|
7FF50E581000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8E3000
|
unkown image
|
page readonly
|
|
|
|
2199DD65000
|
heap private
|
page read and write
|
|
|
|
7FF50E2B1000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5113B4000
|
unkown image
|
page readonly
|
|
|
|
7FF50E6E3000
|
unkown image
|
page readonly
|
|
|
|
7FF51F9CA000
|
unkown image
|
page readonly
|
|
|
|
1D85CB02000
|
unkown
|
page read and write
|
|
|
|
7FF5112DD000
|
unkown image
|
page readonly
|
|
|
|
1AB32330000
|
heap default
|
page read and write
|
|
|
|
7FF5194C7000
|
unkown image
|
page readonly
|
|
|
|
7FF50E5E7000
|
unkown image
|
page readonly
|
|
|
|
7DFC88C28000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7AEA000
|
unkown image
|
page readonly
|
|
|
|
7FF4F454C000
|
unkown image
|
page readonly
|
|
|
|
7DF51F032000
|
unkown image
|
page readonly
|
|
|
|
20EF66D0000
|
unkown image
|
page readonly
|
|
|
|
98A45FE000
|
stack
|
page read and write
|
|
|
|
7FF5A7B62000
|
unkown image
|
page readonly
|
|
|
|
248DAC3C000
|
unkown
|
page read and write
|
|
|
|
23C23308000
|
unkown
|
page read and write
|
|
|
|
7FF537B7E000
|
unkown image
|
page readonly
|
|
|
|
7FF511347000
|
unkown image
|
page readonly
|
|
|
|
7FF537C0A000
|
unkown image
|
page readonly
|
|
|
|
23C24002000
|
unkown
|
page read and write
|
|
|
|
7FF51129E000
|
unkown image
|
page readonly
|
|
|
|
23C2406A000
|
unkown
|
page read and write
|
|
|
|
7FF5112F0000
|
unkown image
|
page readonly
|
|
|
|
1EDC045F000
|
unkown
|
page read and write
|
|
|
|
20EF627E000
|
unkown
|
page read and write
|
|
|
|
7FF50E74A000
|
unkown image
|
page readonly
|
|
|
|
34E9A7E000
|
stack
|
page read and write
|
|
|
|
7FF537B4E000
|
unkown image
|
page readonly
|
|
|
|
20EF6190000
|
unkown image
|
page readonly
|
|
|
|
BA264FB000
|
stack
|
page read and write
|
|
|
|
7FF50E62B000
|
unkown image
|
page readonly
|
|
|
|
20EF6313000
|
unkown
|
page read and write
|
|
|
|
23C23213000
|
unkown
|
page read and write
|
|
|
|
2199DD60000
|
heap private
|
page read and write
|
|
|
|
248DAC4B000
|
unkown
|
page read and write
|
|
|
|
7FF4F4600000
|
unkown image
|
page readonly
|
|
|
|
248DAA40000
|
unkown image
|
page readonly
|
|
|
|
7DF502340000
|
unkown image
|
page readonly
|
|
|
|
23C2324A000
|
unkown
|
page read and write
|
|
|
|
23C23B72000
|
unkown
|
page read and write
|
|
|
|
1AB32390000
|
unkown
|
page read and write
|
|
|
|
7DF51F040000
|
unkown image
|
page readonly
|
|
|
|
7FF51131B000
|
unkown image
|
page readonly
|
|
|
|
248DAC53000
|
unkown
|
page read and write
|
|
|
|
7DF502342000
|
unkown image
|
page readonly
|
|
|
|
23C232BD000
|
unkown
|
page read and write
|
|
|
|
9AE9FFB000
|
stack
|
page read and write
|
|
|
|
23C23850000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4565000
|
unkown image
|
page readonly
|
|
|
|
1AB32400000
|
unkown
|
page read and write
|
|
|
|
23C23200000
|
unkown
|
page read and write
|
|
|
|
7FF519042000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59B0000
|
unkown image
|
page readonly
|
|
|
|
2199DC00000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59C0000
|
unkown image
|
page readonly
|
|
|
|
7DF545880000
|
unkown image
|
page readonly
|
|
|
|
23C23251000
|
unkown
|
page read and write
|
|
|
|
7FF537BF9000
|
unkown image
|
page readonly
|
|
|
|
7FF537B73000
|
unkown image
|
page readonly
|
|
|
|
23C23BA0000
|
unkown
|
page read and write
|
|
|
|
1EDC0446000
|
heap default
|
page read and write
|
|
|
|
7DF51F032000
|
unkown image
|
page readonly
|
|
|
|
20EF6850000
|
unkown image
|
page readonly
|
|
|
|
9AEA0F8000
|
stack
|
page read and write
|
|
|
|
7FF5196EF000
|
unkown image
|
page readonly
|
|
|
|
7DF51F030000
|
unkown image
|
page readonly
|
|
|
|
7DF502360000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7C66000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7BBC000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7D3A000
|
unkown image
|
page readonly
|
|
|
|
7FF51957B000
|
unkown image
|
page readonly
|
|
|
|
7FF51F1F2000
|
unkown image
|
page readonly
|
|
|
|
23C2324E000
|
unkown
|
page read and write
|
|
|
|
20EF6270000
|
unkown
|
page read and write
|
|
|
|
7FF4F45F3000
|
unkown image
|
page readonly
|
|
|
|
1EDC0390000
|
unkown image
|
page readonly
|
|
|
|
FBA947B000
|
stack
|
page read and write
|
|
|
|
7FF51134D000
|
unkown image
|
page readonly
|
|
|
|
1EDC0420000
|
unkown image
|
page readonly
|
|
|
|
7FF4F44B0000
|
unkown image
|
page readonly
|
|
|
|
2199E110000
|
unkown image
|
page readonly
|
|
|
|
7FF50E707000
|
unkown image
|
page readonly
|
|
|
|
7FF51974B000
|
unkown image
|
page readonly
|
|
|
|
7FF5113CA000
|
unkown image
|
page readonly
|
|
|
|
23C23120000
|
unkown image
|
page readonly
|
|
|
|
23C232E8000
|
unkown
|
page read and write
|
|
|
|
7FF5197D9000
|
unkown image
|
page readonly
|
|
|
|
7FF50E7A9000
|
unkown image
|
page readonly
|
|
|
|
1D85CA13000
|
unkown
|
page read and write
|
|
|
|
7DF527462000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46E1000
|
unkown image
|
page readonly
|
|
|
|
23C23BB9000
|
unkown
|
page read and write
|
|
|
|
7DF527472000
|
unkown image
|
page readonly
|
|
|
|
7FF4F453B000
|
unkown image
|
page readonly
|
|
|
|
2199DE4D000
|
unkown
|
page read and write
|
|
|
|
248DAC13000
|
unkown
|
page read and write
|
|
|
|
7DF51C442000
|
unkown image
|
page readonly
|
|
|
|
1AB322E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B59B2000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4657000
|
unkown image
|
page readonly
|
|
|
|
7FF537B33000
|
unkown image
|
page readonly
|
|
|
|
FBA9577000
|
stack
|
page read and write
|
|
|
|
2199DC20000
|
unkown image
|
page readonly
|
|
|
|
7FF50E3C9000
|
unkown image
|
page readonly
|
|
|
|
1AB32A60000
|
unkown image
|
page readonly
|
|
|
|
2199E310000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7D51000
|
unkown image
|
page readonly
|
|
|
|
23C23236000
|
unkown
|
page read and write
|
|
|
|
7FF50E6DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5113C1000
|
unkown image
|
page readonly
|
|
|
|
248DAA00000
|
unkown image
|
page read and write
|
|
|
|
1EDC03F0000
|
unkown
|
page read and write
|
|
|
|
7FF51F655000
|
unkown image
|
page readonly
|
|
|
|
7FF5197FA000
|
unkown image
|
page readonly
|
|
|
|
9AEA277000
|
stack
|
page read and write
|
|
|
|
23C23B8D000
|
unkown
|
page read and write
|
|
|
|
20EF623C000
|
unkown
|
page read and write
|
|
|
|
7DF5B59C2000
|
unkown image
|
page readonly
|
|
|
|
BA2627E000
|
stack
|
page read and write
|
|
|
|
1EDC0430000
|
heap default
|
page read and write
|
|
|
|
7DF502352000
|
unkown image
|
page readonly
|
|
|
|
248DAD08000
|
unkown
|
page read and write
|
|
|
|
7FF5113D1000
|
unkown image
|
page readonly
|
|
|
|
1EDC0456000
|
unkown
|
page read and write
|
|
|
|
23C23B8B000
|
unkown
|
page read and write
|
|
|
|
7FF50E14C000
|
unkown image
|
page readonly
|
|
|
|
1D85C9E0000
|
unkown
|
page read and write
|
|
|
|
7FF519612000
|
unkown image
|
page readonly
|
|
|
|
7FF50E74D000
|
unkown image
|
page readonly
|
|
|
|
23C23249000
|
unkown
|
page read and write
|
|
|
|
7FF50E5BB000
|
unkown image
|
page readonly
|
|
|
|
7DF545892000
|
unkown image
|
page readonly
|
|
|
|
34E9AFD000
|
stack
|
page read and write
|
|
|
|
7DF51C440000
|
unkown image
|
page readonly
|
|
|
|
7FF51915D000
|
unkown image
|
page readonly
|
|
|
|
20EF622A000
|
unkown
|
page read and write
|
|
|
|
23C23259000
|
unkown
|
page read and write
|
|
|
|
7DF545880000
|
unkown image
|
page readonly
|
|
|
|
7FF519727000
|
unkown image
|
page readonly
|
|
|
|
7FF50E655000
|
unkown image
|
page readonly
|
|
|
|
7DF545892000
|
unkown image
|
page readonly
|
|
|
|
20EF61C0000
|
unkown image
|
page readonly
|
|
|
|
7FF50E7D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F465A000
|
unkown image
|
page readonly
|
|
|
|
23C23255000
|
unkown
|
page read and write
|
|
|
|
7DF52D640000
|
unkown image
|
page readonly
|
|
|
|
7FF4F44EF000
|
unkown image
|
page readonly
|
|
|
|
7FF537B43000
|
unkown image
|
page readonly
|
|
|
|
7FF4F462B000
|
unkown image
|
page readonly
|
|
|
|
7FF593C61000
|
unkown image
|
page readonly
|
|
|
|
7DF51C442000
|
unkown image
|
page readonly
|
|
|
|
7FF518EB9000
|
unkown image
|
page readonly
|
|
|
|
7DF52D630000
|
unkown image
|
page readonly
|
|
|
|
98A4D7C000
|
stack
|
page read and write
|
|
|
|
248DAC00000
|
unkown
|
page read and write
|
|
|
|
98A418B000
|
unkown
|
page read and write
|
|
|
|
1AB322C0000
|
unkown image
|
page read and write
|
|
|
|
7FF51F8DD000
|
unkown image
|
page readonly
|
|
|
|
1AB32390000
|
unkown
|
page read and write
|
|
|
|
1EDC07D5000
|
heap private
|
page read and write
|
|
|
|
7FF519801000
|
unkown image
|
page readonly
|
|
|
|
23C23B89000
|
unkown
|
page read and write
|
|
|
|
7FF50E7CA000
|
unkown image
|
page readonly
|
|
|
|
2199EB60000
|
unkown
|
page read and write
|
|
|
|
7DF400210000
|
unkown image
|
page readonly
|
|
|
|
7FF50E5A0000
|
unkown image
|
page readonly
|
|
|
|
BA2687F000
|
stack
|
page read and write
|
|
|
|
23C2324B000
|
unkown
|
page read and write
|
|
|
|
7FF5113BA000
|
unkown image
|
page readonly
|
|
|
|
7FF51F8F3000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46C4000
|
unkown image
|
page readonly
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
23C23930000
|
unkown image
|
page write copy
|
|
|
|
23C232E4000
|
unkown
|
page read and write
|
|
|
|
7FF4F41C1000
|
unkown image
|
page readonly
|
|
|
|
7FF511323000
|
unkown image
|
page readonly
|
|
|
|
23C23B89000
|
unkown
|
page read and write
|
|
|
|
7FF5113C5000
|
unkown image
|
page readonly
|
|
|
|
2199DE4D000
|
unkown
|
page read and write
|
|
|
|
1D85C890000
|
unkown image
|
page readonly
|
|
|
|
7FF4F46E1000
|
unkown image
|
page readonly
|
|
|
|
7FF51F79D000
|
unkown image
|
page readonly
|
|
|
|
23C23237000
|
unkown
|
page read and write
|
|
|
|
23C23140000
|
unkown image
|
page readonly
|
|
|
|
23C23B8F000
|
unkown
|
page read and write
|
|
|
|
23C23313000
|
unkown
|
page read and write
|
|
|
|
23C23257000
|
unkown
|
page read and write
|
|
|
|
7DF51F042000
|
unkown image
|
page readonly
|
|
|
|
7DF502340000
|
unkown image
|
page readonly
|
|
|
|
23C23BA3000
|
unkown
|
page read and write
|
|
|
|
23C24002000
|
unkown
|
page read and write
|
|
|
|
1D85CF80000
|
unkown image
|
page readonly
|
|
|
|
2199DE4D000
|
unkown
|
page read and write
|
|
|
|
1D85CE00000
|
unkown image
|
page readonly
|
|
|
|
2199DF00000
|
unkown
|
page read and write
|
|
|
|
7FF51F7DF000
|
unkown image
|
page readonly
|
|
|
|
7FF5113A9000
|
unkown image
|
page readonly
|
|
|
|
7FF5112DF000
|
unkown image
|
page readonly
|
|
|
|
7FF50E7A2000
|
unkown image
|
page readonly
|
|
|
|
1AB32502000
|
unkown
|
page read and write
|
|
|
|
BA263FB000
|
stack
|
page read and write
|
|
|
|
BA26677000
|
stack
|
page read and write
|
|
|
|
1D85CB18000
|
unkown
|
page read and write
|
|
|
|
7FF50E6DF000
|
unkown image
|
page readonly
|
|
|
|
23C232F7000
|
unkown
|
page read and write
|
|
|
|
7FF5A7C73000
|
unkown image
|
page readonly
|
|
|
|
7FF4F4466000
|
unkown image
|
page readonly
|
|
|
|
7DF51C432000
|
unkown image
|
page readonly
|
|
|
|
23C2328C000
|
unkown
|
page read and write
|
|
|
|
7DF41CF00000
|
unkown image
|
page readonly
|
|
|
|
FBA8FFE000
|
stack
|
page read and write
|
|
|
|
7DF51F030000
|
unkown image
|
page readonly
|
|
|
|
FBA927E000
|
stack
|
page read and write
|
|
|
|
7FF537B6B000
|
unkown image
|
page readonly
|
|
|
|
1D85CF90000
|
unkown image
|
page readonly
|
|
|
|
1D85CA57000
|
unkown
|
page read and write
|
|
|
|
23C23B6F000
|
unkown
|
page read and write
|
|
|
|
23C23229000
|
unkown
|
page read and write
|
|
|
|
58D7E7F000
|
stack
|
page read and write
|
|
|
|
7DF545890000
|
unkown image
|
page readonly
|
|
|
|
20EF628A000
|
unkown
|
page read and write
|
|
|
|
7FF519586000
|
unkown image
|
page readonly
|
|
|
|
9BFEBFD000
|
stack
|
page read and write
|
|
|
|
7FF5112B4000
|
unkown image
|
page readonly
|
|
|
|
23C23B99000
|
unkown
|
page read and write
|
|
|
|
7FF4F45E9000
|
unkown image
|
page readonly
|
|
|
|
7FF5196EB000
|
unkown image
|
page readonly
|
|
|
|
7FF5193CC000
|
unkown image
|
page readonly
|
|
|
|
20EF6170000
|
unkown image
|
page read and write
|
|
|
|
7FF51F907000
|
unkown image
|
page readonly
|
|
|
|
2199E900000
|
unkown
|
page read and write
|
|
|
|
7DF502352000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7CCA000
|
unkown image
|
page readonly
|
|
|
|
7FF4F44AD000
|
unkown image
|
page readonly
|
|
|
|
23C23BB2000
|
unkown
|
page read and write
|
|
|
|
248DAA50000
|
unkown image
|
page readonly
|
|
|
|
7FF519617000
|
unkown image
|
page readonly
|
|
|
|
1D85CA48000
|
unkown
|
page read and write
|
|
|
|
7FF51F83C000
|
unkown image
|
page readonly
|
|
|
|
7DF545882000
|
unkown image
|
page readonly
|
|
|
|
7FF593C61000
|
unkown image
|
page readonly
|
|
|
|
23C24002000
|
unkown
|
page read and write
|
|
|
|
7FF537BF2000
|
unkown image
|
page readonly
|
|
|
|
2199DBE0000
|
unkown image
|
page read and write
|
|
|
|
7FF4F46B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5A7C63000
|
unkown image
|
page readonly
|
|
|
|
7FF51975E000
|
unkown image
|
page readonly
|
|
|
|
23C23B9A000
|
unkown
|
page read and write
|
|
|
|
7FF50E556000
|
unkown image
|
page readonly
|
|
|
|
7FF5197F1000
|
unkown image
|
page readonly
|
|
|
|
7DF5458A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4F465D000
|
unkown image
|
page readonly
|
|
|
|
9AE9EFE000
|
stack
|
page read and write
|
|
|
|
7FF50E497000
|
unkown image
|
page readonly
|
|
|
|
7FF51F4B7000
|
unkown image
|
page readonly
|
|
|
|
7DF527460000
|
unkown image
|
page readonly
|
|
|
|
2199DC00000
|
unkown image
|
page readonly
|
|
|
|
7FF519353000
|
unkown image
|
page readonly
|
|
|
|
7FF5194D2000
|
unkown image
|
page readonly
|
|
|
|
1AB32E00000
|
unkown
|
page read and write
|
|
|
|
58D7EF9000
|
stack
|
page read and write
|
|
|
|
23C23270000
|
unkown
|
page read and write
|
|
|
|
248DAB70000
|
unkown
|
page read and write
|
|
|
|
248DAC7E000
|
unkown
|
page read and write
|
|
|
|
7FF5112F7000
|
unkown image
|
page readonly
|
|
|
|
7FF51970F000
|
unkown image
|
page readonly
|
|
|
|
9AE9BBB000
|
unkown
|
page read and write
|
|
There are 727 hidden memdumps, click here to show them.