IOC Report

loading gif

Files

File Path
Type
Category
Malicious
#Ud83d#UdcdeAudio-File Islandhealth.htm
HTML document, ASCII text, with very long lines, with no line terminators
initial sample
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\29e97eb9-1987-4df3-b06a-ebab519aeb33.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d08e13f-086b-45ec-a24a-c3db34713cc4.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\42fabcf2-4c02-40c5-b6f9-dfd56c575f01.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5a4941e9-36ca-47e3-a49f-5a1e28916531.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5d993592-06b5-4f7d-a0d2-c7e2f28cb833.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\615712ff-059c-4d3d-9c80-74f8cc077942.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\671ff641-53a7-40d7-8549-218289073051.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e19b421-7158-44ba-8583-c3b3996dfe09.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8849c381-7433-4e92-92b3-e20458ea63fc.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8abd5687-5b1a-43b0-aa02-c9badcd16372.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0602ca95-3a97-4946-ad26-f01e4bf11277.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\24c9bf62-b095-48c1-a868-f96d5fb5c8bd.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\252dea4b-76a8-4cc4-9b0d-4818ef53e4db.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\33bbbe4d-3ec1-4a20-a11e-772a925de23d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\377cb0e6-f827-4964-b6aa-15b81effff9f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4415ed10-953f-4c67-afac-3e315bc8f6bc.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\44e8b2de-51c2-495e-8132-2a267d2d9d7b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5849fead-494c-4c81-b11d-a64e0b0948bd.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6c31f02e-2b0e-4a0f-8ee6-2722aec2bd90.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7e913b14-d505-4a8f-aa6f-f94f2f6ead2d.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\809863f1-8fc8-4cb8-951a-3cca49dca2bb.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8ed0a10b-39bd-4e39-87bb-fe80a58b483b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9391614b-5cbf-45b0-b433-2a786cd71975.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\96d34875-6db2-4c55-9c60-249ab31446ee.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ce7802f-f258-4d38-bdb5-8a4c008a1b39.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9dd62a77-872d-42d7-9978-996b21009c61.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old` (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\* (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesu/ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\6a2ec1e1-6bd0-4df2-97b5-43f2af9f9d2a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old.9 (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\445c47a0-3030-494e-9d13-7fa0141c8db4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent Stateb4 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a58ebbdd-16ed-42ec-9c7e-1f8cdeab328a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b1a9647e-6f45-49f2-ae8b-bee0cd2506d5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b834af85-2530-498f-acb5-18c66be11919.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b89b2833-b197-4449-8b68-da16af4fa2f2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT92 (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\eb41497e-3f9b-45ce-b5ca-2f7cca468a08.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldE (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Stateca (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local States (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache. (copy)
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cacheo (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachev (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\c49a2979-948e-411a-9545-741ac1c42b3b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\e114cc77-d299-4ff3-b175-b8b3cbca7370.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_1000833633\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_711790811\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_711790811\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_711790811\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_711790811\ssl_error_assistant.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_996805795\LICENSE
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_996805795\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_996805795\crl-set
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_996805795\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\2148_996805795\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\42cf78f5-76d3-4a62-9be4-131bec2aa61c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\50a7478f-a77d-4551-8721-98589351ffd7.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\6c676ac9-e3e1-4207-85a7-51ade5afdb33.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\eb401644-44cc-4418-ae8c-8a2cee344e6c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\42cf78f5-76d3-4a62-9be4-131bec2aa61c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_544948674\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir2148_844484386\eb401644-44cc-4418-ae8c-8a2cee344e6c.tmp
Google Chrome extension, version 3
dropped
 clean
There are 269 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\#Ud83d#UdcdeAudio-File Islandhealth.htm
clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1524,17859843090301061867,3461897776018277200,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
clean

URLs

Name
IP
Malicious
file:///C:/Users/user/Desktop/%23Ud83d%23UdcdeAudio-File%20Islandhealth.htm#cGF1bGEueW91bmdAaXNsYW5kaGVhbHRoLmNh
malicious
https://www.google.com/images/cleardot.gif
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://play.google.com
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.181.225
 clean
https://www.google.com
unknown
 clean
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
http://angularjs.org
unknown
 clean
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icop
unknown
 clean
https://use.fontawesome.com/releases/v5.7.0/css/all.css
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207
 clean
https://a.nel.cloudflare.com/report/v3?s=01s4RMx%2BkMQMYa%2FYlC9ItGlIiRPEv0txWaDcpORNCrPm%2F%2BWmFjI
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://clients2.google.com
unknown
 clean
https://www.google.com/tools/feedback
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
172.217.16.142
 clean
https://todosec.org/images/bg.jpg
104.21.78.148
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.184.205
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=sMCDZ4CvDaXJkJPfpOM1b0VYIVAwG2clIbPpmQAxX0As9WuYYY9fX0qMDzH
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushers
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://code.jquery.com/jquery-3.3.1.js
unknown
 clean
http://llvm.org/):
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.19.94
 clean
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2D
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=M0XS5%2FiXSJyTq1w6h3ED9pAFULnZW85HAPPklQg9OdD9RPp8YEvgaXAIx
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
unknown
 clean
https://clients2.google.com/service/update2/crx
unknown
 clean
https://clients6.google.com
unknown
 clean
There are 58 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.186.163
 clean
accounts.google.com
142.250.184.205
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
todosec.org
104.21.78.148
 clean
maxcdn.bootstrapcdn.com
104.18.11.207
 clean
clients.l.google.com
172.217.16.142
 clean
googlehosted.l.googleusercontent.com
142.250.181.225
 clean
use.fontawesome.com
unknown
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
code.jquery.com
unknown
 clean
aadcdn.msauth.net
unknown
 clean
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
142.250.186.163
gstaticadssl.l.google.com
United States
clean
104.18.11.207
maxcdn.bootstrapcdn.com
United States
clean
142.250.181.225
googlehosted.l.googleusercontent.com
United States
clean
239.255.255.250
unknown
Reserved
clean
142.250.184.205
accounts.google.com
United States
clean
104.21.78.148
todosec.org
United States
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
127.0.0.1
unknown
unknown
clean
172.217.16.142
clients.l.google.com
United States
clean

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
28EC3229000
unkown
page read and write
 clean
2093CE25000
unkown
page read and write
 clean
5FB6FFA000
stack
page read and write
 clean
7DF57F350000
unkown image
page readonly
 clean
2093CE5C000
unkown
page read and write
 clean
7FF54E25B000
unkown image
page readonly
 clean
28EC3130000
heap private
page read and write
 clean
7DF51ED50000
unkown image
page readonly
 clean
23D3EAB0000
unkown
page read and write
 clean
1E183600000
unkown
page read and write
 clean
5FB70FA000
stack
page read and write
 clean
7FF5BFC63000
unkown image
page readonly
 clean
7FF5716C4000
unkown image
page readonly
 clean
7FF582D12000
unkown image
page readonly
 clean
60954FF000
stack
page read and write
 clean
175CBE3C000
unkown
page read and write
 clean
7FF5BF6DD000
unkown image
page readonly
 clean
7FF54E397000
unkown image
page readonly
 clean
2093CE28000
unkown
page read and write
 clean
7FF54E461000
unkown image
page readonly
 clean
7FF5EFFEA000
unkown image
page readonly
 clean
260C2F02000
unkown
page read and write
 clean
7FF57B130000
unkown image
page readonly
 clean
7FF582C02000
unkown image
page readonly
 clean
7DF57F360000
unkown image
page readonly
 clean
23EDD590000
unkown
page read and write
 clean
23D3DE60000
unkown image
page readonly
 clean
23D3E165000
heap private
page read and write
 clean
7FF573EF1000
unkown image
page readonly
 clean
175CB0F5000
unkown
page read and write
 clean
175CB0D7000
unkown
page read and write
 clean
7FF57ACF7000
unkown image
page readonly
 clean
7FF57AD77000
unkown image
page readonly
 clean
7DF5909A2000
unkown image
page readonly
 clean
7FF582C37000
unkown image
page readonly
 clean
23D3DDD0000
unkown image
page readonly
 clean
175CAF20000
unkown image
page readonly
 clean
7DF57F352000
unkown image
page readonly
 clean
23EDD200000
unkown image
page readonly
 clean
7FF57AF54000
unkown image
page readonly
 clean
7FF53F719000
unkown image
page readonly
 clean
1B91D8F0000
heap private
page read and write
 clean
7FF5BFCC2000
unkown image
page readonly
 clean
7FF582C60000
unkown image
page readonly
 clean
EA12FF9000
stack
page read and write
 clean
7DF5909B2000
unkown image
page readonly
 clean
28EC3253000
unkown
page read and write
 clean
EA12F7E000
stack
page read and write
 clean
7FF573FA7000
unkown image
page readonly
 clean
23D3ED80000
unkown
page read and write
 clean
7FF5713A7000
unkown image
page readonly
 clean
7DF54FD60000
unkown image
page readonly
 clean
175CB9C5000
unkown
page read and write
 clean
7FF51100E000
unkown image
page readonly
 clean
31C147E000
stack
page read and write
 clean
7FF5716B9000
unkown image
page readonly
 clean
7DF55C0F0000
unkown image
page readonly
 clean
7DF54D7E0000
unkown image
page readonly
 clean
7FF5EFEE7000
unkown image
page readonly
 clean
7FF5EFAD1000
unkown image
page readonly
 clean
1E1835B0000
unkown image
page readonly
 clean
7FF5110B2000
unkown image
page readonly
 clean
5FB6D7F000
stack
page read and write
 clean
23EDD102000
unkown
page read and write
 clean
FDED177000
stack
page read and write
 clean
7DF459FA0000
unkown image
page readonly
 clean
7DF48E870000
unkown image
page readonly
 clean
1E183580000
unkown image
page readonly
 clean
7FF573FCE000
unkown image
page readonly
 clean
7FF5BFDDE000
unkown image
page readonly
 clean
7DF51ED40000
unkown image
page readonly
 clean
7FF573E3D000
unkown image
page readonly
 clean
7FF54E3ED000
unkown image
page readonly
 clean
175CB9C1000
unkown
page read and write
 clean
3E503FD000
stack
page read and write
 clean
2093CE6E000
unkown
page read and write
 clean
7FF53FA86000
unkown image
page readonly
 clean
2093CE76000
unkown
page read and write
 clean
7FF57AFDD000
unkown image
page readonly
 clean
186157F000
stack
page read and write
 clean
7FF57B091000
unkown image
page readonly
 clean
2093CE7E000
unkown
page read and write
 clean
7FF54E37D000
unkown image
page readonly
 clean
3E508FF000
stack
page read and write
 clean
7FF582D19000
unkown image
page readonly
 clean
7FF57B201000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
7FF5EFF43000
unkown image
page readonly
 clean
647AAFE000
stack
page read and write
 clean
7FF573F93000
unkown image
page readonly
 clean
175CAF00000
unkown image
page readonly
 clean
1F7C5869000
unkown
page read and write
 clean
175CB057000
unkown
page read and write
 clean
7FF582AC6000
unkown image
page readonly
 clean
7FF573FC3000
unkown image
page readonly
 clean
7FF53FAA0000
unkown image
page readonly
 clean
23D3DEC1000
heap default
page read and write
 clean
7FF57B147000
unkown image
page readonly
 clean
7DF5909A0000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
7FF5EFE71000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
23EDD580000
unkown image
page readonly
 clean
7FF51105D000
unkown image
page readonly
 clean
175CB054000
unkown
page read and write
 clean
7FF54204E000
unkown image
page readonly
 clean
7FF57B0FE000
unkown image
page readonly
 clean
1E18363C000
unkown
page read and write
 clean
1E183613000
unkown
page read and write
 clean
175CB113000
unkown
page read and write
 clean
175CB9C1000
unkown
page read and write
 clean
7FF57AEE2000
unkown image
page readonly
 clean
175CB969000
unkown
page read and write
 clean
7DF54D7F0000
unkown image
page readonly
 clean
7DF5FDC52000
unkown image
page readonly
 clean
175CB9B5000
unkown
page read and write
 clean
175CB95B000
unkown
page read and write
 clean
7FF57143F000
unkown image
page readonly
 clean
1B91D8F5000
heap private
page read and write
 clean
7FF573EEB000
unkown image
page readonly
 clean
7DF581CE2000
unkown image
page readonly
 clean
D90CCFD000
stack
page read and write
 clean
175CB04A000
unkown
page read and write
 clean
175CB04E000
unkown
page read and write
 clean
175CB0BC000
unkown
page read and write
 clean
1E183702000
unkown
page read and write
 clean
7FF57AE95000
unkown image
page readonly
 clean
D90CE7C000
stack
page read and write
 clean
7FF542006000
unkown image
page readonly
 clean
7FF54E2C5000
unkown image
page readonly
 clean
7FF5EFE5C000
unkown image
page readonly
 clean
28EC31C0000
unkown
page read and write
 clean
175CB9AF000
unkown
page read and write
 clean
1B91D560000
unkown image
page readonly
 clean
7FF57B16E000
unkown image
page readonly
 clean
2093CE6C000
unkown
page read and write
 clean
28EC3190000
heap default
page read and write
 clean
7FF582C67000
unkown image
page readonly
 clean
7FF5EF77F000
unkown image
page readonly
 clean
260C2E29000
unkown
page read and write
 clean
7FF5EFDFF000
unkown image
page readonly
 clean
7FF5420F1000
unkown image
page readonly
 clean
7FF54206D000
unkown image
page readonly
 clean
1F306102000
unkown
page read and write
 clean
260C3460000
unkown image
page readonly
 clean
7FF57B137000
unkown image
page readonly
 clean
7FF57B1E2000
unkown image
page readonly
 clean
23EDCDB0000
unkown image
page readonly
 clean
23D3DDF0000
unkown image
page readonly
 clean
7FF5BFD2B000
unkown image
page readonly
 clean
7FF5110E1000
unkown image
page readonly
 clean
7DF54D7F2000
unkown image
page readonly
 clean
7FF582C63000
unkown image
page readonly
 clean
2093CE67000
unkown
page read and write
 clean
2093CE85000
unkown
page read and write
 clean
7FF5BFDB4000
unkown image
page readonly
 clean
1F306087000
unkown
page read and write
 clean
175CB4D0000
unkown image
page readonly
 clean
7FF5BFE2D000
unkown image
page readonly
 clean
7DF5909C0000
unkown image
page readonly
 clean
7FF5713B2000
unkown image
page readonly
 clean
7FF5EFDBD000
unkown image
page readonly
 clean
7FF5BFC0F000
unkown image
page readonly
 clean
7FF5BFDBD000
unkown image
page readonly
 clean
7FF5110E1000
unkown image
page readonly
 clean
7DF5CDB30000
unkown image
page readonly
 clean
7FF5110DA000
unkown image
page readonly
 clean
7FF57B065000
unkown image
page readonly
 clean
175CB9AF000
unkown
page read and write
 clean
7FF57B20A000
unkown image
page readonly
 clean
7FF57AFB5000
unkown image
page readonly
 clean
175CB979000
unkown
page read and write
 clean
1861C7E000
stack
page read and write
 clean
7FF53FACB000
unkown image
page readonly
 clean
7DF5909B0000
unkown image
page readonly
 clean
260C2E86000
unkown
page read and write
 clean
2093CE40000
unkown
page read and write
 clean
7FF5EFEFF000
unkown image
page readonly
 clean
2093CE63000
unkown
page read and write
 clean
175CB977000
unkown
page read and write
 clean
7FF5715ED000
unkown image
page readonly
 clean
7FF5BF9F9000
unkown image
page readonly
 clean
1E183550000
unkown image
page readonly
 clean
7FF582A00000
unkown image
page readonly
 clean
7DF5FDC70000
unkown image
page readonly
 clean
7DF54FD50000
unkown image
page readonly
 clean
23D3EAC0000
unkown
page read and write
 clean
1B91D626000
heap default
page read and write
 clean
175CBF02000
unkown
page read and write
 clean
2093CE65000
unkown
page read and write
 clean
23D3E080000
unkown image
page readonly
 clean
23D3ED00000
unkown
page read and write
 clean
7FF573F83000
unkown image
page readonly
 clean
175CAEF0000
heap private
page read and write
 clean
1F7C5913000
unkown
page read and write
 clean
2093CE61000
unkown
page read and write
 clean
7FF53F997000
unkown image
page readonly
 clean
D90C67B000
unkown
page read and write
 clean
2093CD70000
unkown image
page readonly
 clean
FDECFFB000
stack
page read and write
 clean
7FF5EFF03000
unkown image
page readonly
 clean
7FF57B187000
unkown image
page readonly
 clean
7FF54201E000
unkown image
page readonly
 clean
1F306000000
unkown
page read and write
 clean
7FF573B51000
unkown image
page readonly
 clean
2093D380000
unkown image
page readonly
 clean
7FF510FD7000
unkown image
page readonly
 clean
7FF582CBD000
unkown image
page readonly
 clean
28EC327E000
unkown
page read and write
 clean
647ABFE000
stack
page read and write
 clean
7FF582C49000
unkown image
page readonly
 clean
1E1838D0000
unkown image
page readonly
 clean
175CAFF0000
unkown
page read and write
 clean
175CBE02000
unkown
page read and write
 clean
175CAFF0000
unkown
page read and write
 clean
175CB95B000
unkown
page read and write
 clean
175CB9B3000
unkown
page read and write
 clean
1F3060E1000
unkown
page read and write
 clean
23D3DEF4000
unkown
page read and write
 clean
7DF588E80000
unkown image
page readonly
 clean
7FF582C24000
unkown image
page readonly
 clean
1F306043000
unkown
page read and write
 clean
175CB97E000
unkown
page read and write
 clean
18617FD000
stack
page read and write
 clean
7FF541E95000
unkown image
page readonly
 clean
7DF5CDB30000
unkown image
page readonly
 clean
6094F2B000
unkown
page read and write
 clean
175CBE00000
unkown
page read and write
 clean
7FF5BFD81000
unkown image
page readonly
 clean
7FF5420F1000
unkown image
page readonly
 clean
7FF54DF57000
unkown image
page readonly
 clean
7FF5BFDD3000
unkown image
page readonly
 clean
1B91D63F000
unkown
page read and write
 clean
7FF582D35000
unkown image
page readonly
 clean
1B91D63F000
unkown
page read and write
 clean
1B91D890000
unkown image
page readonly
 clean
7FF53F409000
unkown image
page readonly
 clean
1F305FF0000
unkown
page read and write
 clean
23EDD590000
unkown
page read and write
 clean
2093CE7C000
unkown
page read and write
 clean
1B91D3E0000
unkown image
page read and write
 clean
7FF54E379000
unkown image
page readonly
 clean
7FF5BF700000
unkown image
page readonly
 clean
1B91D570000
unkown image
page readonly
 clean
7DF55C0D0000
unkown image
page readonly
 clean
7FF57AF56000
unkown image
page readonly
 clean
7DF5909C0000
unkown image
page readonly
 clean
28EC329B000
unkown
page read and write
 clean
175CBF02000
unkown
page read and write
 clean
FDED07E000
stack
page read and write
 clean
2093CE5A000
unkown
page read and write
 clean
7FF5107C9000
unkown image
page readonly
 clean
7FF5110D1000
unkown image
page readonly
 clean
7FF510E66000
unkown image
page readonly
 clean
7FF53FADE000
unkown image
page readonly
 clean
7DF5CDB20000
unkown image
page readonly
 clean
7FF573FEA000
unkown image
page readonly
 clean
7FF5715EF000
unkown image
page readonly
 clean
1F305EA0000
unkown image
page readonly
 clean
EA12B3E000
stack
page read and write
 clean
7FF5EFC75000
unkown image
page readonly
 clean
7FF57B163000
unkown image
page readonly
 clean
23D3DEB0000
heap default
page read and write
 clean
18616FC000
stack
page read and write
 clean
2093D602000
unkown
page read and write
 clean
1F306580000
unkown image
page readonly
 clean
175CB9C3000
unkown
page read and write
 clean
7DF51ED52000
unkown image
page readonly
 clean
1F3060BB000
unkown
page read and write
 clean
7FF5EFDA1000
unkown image
page readonly
 clean
7FF574049000
unkown image
page readonly
 clean
7DF54D7F2000
unkown image
page readonly
 clean
7FF5716DA000
unkown image
page readonly
 clean
7FF54E2F1000
unkown image
page readonly
 clean
5FB65FE000
stack
page read and write
 clean
28EC31A0000
unkown image
page readonly
 clean
7FF5BFE9A000
unkown image
page readonly
 clean
7FF57B0C1000
unkown image
page readonly
 clean
7FF573EF5000
unkown image
page readonly
 clean
23D3ED30000
unkown
page read and write
 clean
7DF57F360000
unkown image
page readonly
 clean
7FF52BA91000
unkown image
page readonly
 clean
7FF5BFDB9000
unkown image
page readonly
 clean
175CB049000
unkown
page read and write
 clean
7FF582C9E000
unkown image
page readonly
 clean
7FF57160E000
unkown image
page readonly
 clean
7FF5EFF6A000
unkown image
page readonly
 clean
C76A77B000
stack
page read and write
 clean
260C32D0000
unkown image
page readonly
 clean
7DF54FD70000
unkown image
page readonly
 clean
1F7C5660000
unkown image
page readonly
 clean
7FF57B211000
unkown image
page readonly
 clean
1F7C5780000
unkown
page read and write
 clean
2093CE47000
unkown
page read and write
 clean
7FF5EFF27000
unkown image
page readonly
 clean
23EDD590000
unkown
page read and write
 clean
7FF5EFFE1000
unkown image
page readonly
 clean
260C3602000
unkown
page read and write
 clean
1F306029000
unkown
page read and write
 clean
2093CF02000
unkown
page read and write
 clean
7DF588E90000
unkown image
page readonly
 clean
260C2DA0000
unkown image
page readonly
 clean
175CB04D000
unkown
page read and write
 clean
7FF53FB81000
unkown image
page readonly
 clean
2093CC70000
unkown image
page readonly
 clean
7FF5BF82C000
unkown image
page readonly
 clean
7FF57ACF1000
unkown image
page readonly
 clean
7FF510FED000
unkown image
page readonly
 clean
7FF5BFE89000
unkown image
page readonly
 clean
7FF5BFE02000
unkown image
page readonly
 clean
7FF5110CA000
unkown image
page readonly
 clean
23D3E169000
heap private
page read and write
 clean
7DF5FDC52000
unkown image
page readonly
 clean
7DF54FD52000
unkown image
page readonly
 clean
7FF542017000
unkown image
page readonly
 clean
175CB9BE000
unkown
page read and write
 clean
7FF5EFFC2000
unkown image
page readonly
 clean
2093CE13000
unkown
page read and write
 clean
23D3DDB0000
unkown image
page read and write
 clean
1E183530000
unkown image
page read and write
 clean
7FF53FA93000
unkown image
page readonly
 clean
7DF581CD0000
unkown image
page readonly
 clean
1E183649000
unkown
page read and write
 clean
7FF53FB75000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
3E502FE000
stack
page read and write
 clean
2093CC40000
unkown image
page readonly
 clean
260C2E54000
unkown
page read and write
 clean
175CB000000
unkown
page read and write
 clean
175CB0E0000
unkown
page read and write
 clean
28EC3300000
unkown
page read and write
 clean
7FF54E367000
unkown image
page readonly
 clean
1F305FD0000
unkown image
page readonly
 clean
7DF486D40000
unkown image
page readonly
 clean
175CBF9D000
unkown
page read and write
 clean
2093CE42000
unkown
page read and write
 clean
7FF5418E8000
unkown image
page readonly
 clean
7FF5EFEFD000
unkown image
page readonly
 clean
1E183E02000
unkown
page read and write
 clean
7DF54FD52000
unkown image
page readonly
 clean
23EDCDB0000
unkown image
page readonly
 clean
7DF55C0D2000
unkown image
page readonly
 clean
7DF57F342000
unkown image
page readonly
 clean
7DF51ED52000
unkown image
page readonly
 clean
7FF582C98000
unkown image
page readonly
 clean
7FF53FA8D000
unkown image
page readonly
 clean
60957FC000
stack
page read and write
 clean
C76A9FF000
stack
page read and write
 clean
7FF57B107000
unkown image
page readonly
 clean
175CB9BD000
unkown
page read and write
 clean
7DF54D7E0000
unkown image
page readonly
 clean
7DF54FD50000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
23D3E380000
unkown image
page readonly
 clean
7FF573FE7000
unkown image
page readonly
 clean
7DF581CE0000
unkown image
page readonly
 clean
7FF573FED000
unkown image
page readonly
 clean
7FF582D24000
unkown image
page readonly
 clean
175CB9C5000
unkown
page read and write
 clean
7FF53F40E000
unkown image
page readonly
 clean
7FF53FAA3000
unkown image
page readonly
 clean
1F7C5800000
unkown
page read and write
 clean
7FF57B13E000
unkown image
page readonly
 clean
7FF54E454000
unkown image
page readonly
 clean
7FF5BFE0E000
unkown image
page readonly
 clean
7DF5FDC60000
unkown image
page readonly
 clean
28EC323C000
unkown
page read and write
 clean
1B91D621000
unkown
page read and write
 clean
23EDD002000
unkown
page read and write
 clean
28EC3200000
unkown
page read and write
 clean
7DF54FD70000
unkown image
page readonly
 clean
7FF5EFE45000
unkown image
page readonly
 clean
2093CE64000
unkown
page read and write
 clean
1B91D400000
unkown image
page readonly
 clean
7FF5EFE4B000
unkown image
page readonly
 clean
7FF54E3A7000
unkown image
page readonly
 clean
7FF57AFFB000
unkown image
page readonly
 clean
1B91D610000
heap default
page read and write
 clean
7FF5BFB94000
unkown image
page readonly
 clean
7DF5FDC50000
unkown image
page readonly
 clean
7DF5909A0000
unkown image
page readonly
 clean
5FB6EFF000
stack
page read and write
 clean
7FF57AB7B000
unkown image
page readonly
 clean
28EC324D000
unkown
page read and write
 clean
7FF57AA08000
unkown image
page readonly
 clean
1F7C5902000
unkown
page read and write
 clean
7FF511000000
unkown image
page readonly
 clean
1861A7E000
stack
page read and write
 clean
18613FC000
stack
page read and write
 clean
7FF542013000
unkown image
page readonly
 clean
7FF511033000
unkown image
page readonly
 clean
7FF5715C3000
unkown image
page readonly
 clean
175CB0A6000
unkown
page read and write
 clean
7DF5909A2000
unkown image
page readonly
 clean
175CB9AF000
unkown
page read and write
 clean
175CB96B000
unkown
page read and write
 clean
1F306200000
unkown image
page readonly
 clean
5FB687E000
stack
page read and write
 clean
7FF57AED7000
unkown image
page readonly
 clean
175CB9BE000
unkown
page read and write
 clean
1E183688000
unkown
page read and write
 clean
7DF55C0E0000
unkown image
page readonly
 clean
7FF57AB77000
unkown image
page readonly
 clean
7DF55C0E0000
unkown image
page readonly
 clean
7FF573805000
unkown image
page readonly
 clean
175CB97E000
unkown
page read and write
 clean
175CB94C000
unkown
page read and write
 clean
23EDCE00000
heap default
page read and write
 clean
260C2E7C000
unkown
page read and write
 clean
7FF54E390000
unkown image
page readonly
 clean
7DF55C0E2000
unkown image
page readonly
 clean
23EDD040000
unkown
page read and write
 clean
1F7C585C000
unkown
page read and write
 clean
2093CC90000
heap default
page read and write
 clean
7FF57A9A5000
unkown image
page readonly
 clean
7FF57B0EE000
unkown image
page readonly
 clean
7DF5FDC62000
unkown image
page readonly
 clean
7DF54D7F0000
unkown image
page readonly
 clean
23D3DEFC000
unkown
page read and write
 clean
28EC3140000
unkown image
page readonly
 clean
175CB984000
unkown
page read and write
 clean
1F306013000
unkown
page read and write
 clean
1F305EF0000
heap default
page read and write
 clean
175CB0B0000
unkown
page read and write
 clean
7FF5EFF4E000
unkown image
page readonly
 clean
175CB90E000
unkown
page read and write
 clean
7FF5EFEF9000
unkown image
page readonly
 clean
7FF574054000
unkown image
page readonly
 clean
7FF5716B2000
unkown image
page readonly
 clean
FDED27F000
stack
page read and write
 clean
7DF57F350000
unkown image
page readonly
 clean
7FF582D2A000
unkown image
page readonly
 clean
7FF573B57000
unkown image
page readonly
 clean
23EDD400000
unkown image
page readonly
 clean
260C2DA0000
unkown image
page readonly
 clean
FDED37F000
stack
page read and write
 clean
C76A57E000
stack
page read and write
 clean
7FF54E1F6000
unkown image
page readonly
 clean
7FF573F90000
unkown image
page readonly
 clean
1F305ED0000
unkown image
page readonly
 clean
7FF53FB6A000
unkown image
page readonly
 clean
7DF4FBB20000
unkown image
page readonly
 clean
7FF57B11D000
unkown image
page readonly
 clean
5FB6A78000
stack
page read and write
 clean
7FF54E449000
unkown image
page readonly
 clean
7FF5EFD76000
unkown image
page readonly
 clean
175CAF50000
heap default
page read and write
 clean
175CB9BD000
unkown
page read and write
 clean
7FF57AFC9000
unkown image
page readonly
 clean
7FF57B0D2000
unkown image
page readonly
 clean
175CBF00000
unkown
page read and write
 clean
23D3E700000
unkown image
page readonly
 clean
7FF573F7D000
unkown image
page readonly
 clean
7FF57B18A000
unkown image
page readonly
 clean
7DF54D800000
unkown image
page readonly
 clean
7FF5BFE27000
unkown image
page readonly
 clean
7FF5716E1000
unkown image
page readonly
 clean
7FF57B119000
unkown image
page readonly
 clean
7FF57B210000
unkown image
page readonly
 clean
28EC3850000
unkown image
page readonly
 clean
7FF5715EA000
unkown image
page readonly
 clean
7FF573F9E000
unkown image
page readonly
 clean
175CB9B5000
unkown
page read and write
 clean
7DF51ED42000
unkown image
page readonly
 clean
175CAEE0000
unkown image
page read and write
 clean
C76A8F7000
stack
page read and write
 clean
175CB97E000
unkown
page read and write
 clean
23D3DF10000
unkown
page read and write
 clean
28EC3213000
unkown
page read and write
 clean
7DF5CDB22000
unkown image
page readonly
 clean
D90CB7D000
stack
page read and write
 clean
7DF5CDB10000
unkown image
page readonly
 clean
647A87B000
unkown
page read and write
 clean
3E506FF000
stack
page read and write
 clean
260C2D90000
heap private
page read and write
 clean
FDECBCE000
stack
page read and write
 clean
7DF54FD62000
unkown image
page readonly
 clean
2093CC60000
unkown image
page readonly
 clean
7FF51102B000
unkown image
page readonly
 clean
7FF57AD79000
unkown image
page readonly
 clean
1F7C5650000
unkown image
page readonly
 clean
7FF57B15B000
unkown image
page readonly
 clean
175CAF00000
unkown image
page readonly
 clean
23D3E150000
unkown
page read and write
 clean
260C2F08000
unkown
page read and write
 clean
7DF44DC20000
unkown image
page readonly
 clean
7FF54E240000
unkown image
page readonly
 clean
175CB9C1000
unkown
page read and write
 clean
2093CE62000
unkown
page read and write
 clean
7DF55C0E2000
unkown image
page readonly
 clean
7FF57B06B000
unkown image
page readonly
 clean
7FF5BFEB1000
unkown image
page readonly
 clean
260C2DF0000
heap default
page read and write
 clean
3E505FF000
stack
page read and write
 clean
1E18364E000
unkown
page read and write
 clean
23D3E580000
unkown image
page readonly
 clean
175CB0EB000
unkown
page read and write
 clean
2093CE59000
unkown
page read and write
 clean
7DF581CD0000
unkown image
page readonly
 clean
175CBE3C000
unkown
page read and write
 clean
7FF542003000
unkown image
page readonly
 clean
7FF571607000
unkown image
page readonly
 clean
7FF53FB81000
unkown image
page readonly
 clean
3E4FEFA000
stack
page read and write
 clean
1B91D420000
unkown image
page readonly
 clean
260C30D0000
unkown image
page readonly
 clean
7FF5EFDDB000
unkown image
page readonly
 clean
7DF588E70000
unkown image
page readonly
 clean
EA12EF9000
stack
page read and write
 clean
7FF5EFF3B000
unkown image
page readonly
 clean
3E504FF000
stack
page read and write
 clean
7FF5EFE75000
unkown image
page readonly
 clean
7FF53FA96000
unkown image
page readonly
 clean
1F7C5620000
heap private
page read and write
 clean
1B91D630000
unkown
page read and write
 clean
7FF5BFDD7000
unkown image
page readonly
 clean
7FF571617000
unkown image
page readonly
 clean
175CB988000
unkown
page read and write
 clean
1E183700000
unkown
page read and write
 clean
28EC3302000
unkown
page read and write
 clean
7DF51ED50000
unkown image
page readonly
 clean
175CB013000
unkown
page read and write
 clean
175CB99E000
unkown
page read and write
 clean
23D3DE40000
unkown
page read and write
 clean
7DF5909B2000
unkown image
page readonly
 clean
175CBF9D000
unkown
page read and write
 clean
2093CC40000
unkown image
page readonly
 clean
1F7C5A00000
unkown image
page readonly
 clean
7FF511003000
unkown image
page readonly
 clean
175CB086000
unkown
page read and write
 clean
2093CE2A000
unkown
page read and write
 clean
1E183C50000
unkown image
page readonly
 clean
260C2F00000
unkown
page read and write
 clean
7FF54E45A000
unkown image
page readonly
 clean
C76A47B000
unkown
page read and write
 clean
D90CBFF000
stack
page read and write
 clean
1F7C5829000
unkown
page read and write
 clean
1F7C5D90000
unkown image
page readonly
 clean
7DF51ED42000
unkown image
page readonly
 clean
7FF54E46A000
unkown image
page readonly
 clean
7FF5EFF17000
unkown image
page readonly
 clean
175CB97E000
unkown
page read and write
 clean
1F7C5813000
unkown
page read and write
 clean
23EDCDE0000
unkown image
page readonly
 clean
175CB0EA000
unkown
page read and write
 clean
7DF5FDC62000
unkown image
page readonly
 clean
7FF5BFB85000
unkown image
page readonly
 clean
7FF54E3CE000
unkown image
page readonly
 clean
5FB697C000
stack
page read and write
 clean
28EC3313000
unkown
page read and write
 clean
7FF5EFFDA000
unkown image
page readonly
 clean
7DF4CB9E0000
unkown image
page readonly
 clean
1B91D63F000
unkown
page read and write
 clean
7DF55C0F0000
unkown image
page readonly
 clean
7FF54E2F5000
unkown image
page readonly
 clean
7FF5BFDE7000
unkown image
page readonly
 clean
23EDCEE0000
unkown image
page readonly
 clean
7DF588E72000
unkown image
page readonly
 clean
C76AAFF000
stack
page read and write
 clean
175CAF60000
unkown image
page readonly
 clean
7FF582A5A000
unkown image
page readonly
 clean
260C2E00000
unkown
page read and write
 clean
7FF5EFF6D000
unkown image
page readonly
 clean
7FF57AFC5000
unkown image
page readonly
 clean
7FF5713C4000
unkown image
page readonly
 clean
C76A4FE000
stack
page read and write
 clean
7FF5BFD31000
unkown image
page readonly
 clean
1B91D651000
unkown
page read and write
 clean
1F306400000
unkown image
page readonly
 clean
7DF41CC10000
unkown image
page readonly
 clean
175CB949000
unkown
page read and write
 clean
28EC3A02000
unkown
page read and write
 clean
C76A7FE000
stack
page read and write
 clean
23EDD055000
unkown
page read and write
 clean
7FF573EC5000
unkown image
page readonly
 clean
7FF542010000
unkown image
page readonly
 clean
D90CA7E000
stack
page read and write
 clean
7FF57AB8C000
unkown image
page readonly
 clean
175CB99E000
unkown
page read and write
 clean
175CB730000
unkown image
page write copy
 clean
175CB94A000
unkown
page read and write
 clean
7FF57155C000
unkown image
page readonly
 clean
175CB99A000
unkown
page read and write
 clean
175CB05A000
unkown
page read and write
 clean
23EDD800000
unkown
page read and write
 clean
5FB6B77000
stack
page read and write
 clean
2093CE58000
unkown
page read and write
 clean
7FF53FB52000
unkown image
page readonly
 clean
7FF53FAD2000
unkown image
page readonly
 clean
175CAFA0000
unkown image
page readonly
 clean
2093CE5F000
unkown
page read and write
 clean
2093CE46000
unkown
page read and write
 clean
7FF573E21000
unkown image
page readonly
 clean
7FF57B1FA000
unkown image
page readonly
 clean
3E507FE000
stack
page read and write
 clean
31C16FD000
stack
page read and write
 clean
1E183550000
unkown image
page readonly
 clean
23EDD000000
unkown
page read and write
 clean
7FF53F91A000
unkown image
page readonly
 clean
7DF5FDC60000
unkown image
page readonly
 clean
7DF51ED60000
unkown image
page readonly
 clean
1F305EC0000
unkown image
page readonly
 clean
7FF582C8B000
unkown image
page readonly
 clean
23D3E160000
heap private
page read and write
 clean
7FF582CB7000
unkown image
page readonly
 clean
7FF582C4F000
unkown image
page readonly
 clean
7FF582D31000
unkown image
page readonly
 clean
2093CE57000
unkown
page read and write
 clean
7DF5FDC70000
unkown image
page readonly
 clean
1F30606E000
unkown
page read and write
 clean
1861B7C000
stack
page read and write
 clean
7FF570B29000
unkown image
page readonly
 clean
1E18362A000
unkown
page read and write
 clean
28EC34D0000
unkown image
page readonly
 clean
1B91D900000
unkown image
page readonly
 clean
175CB04B000
unkown
page read and write
 clean
7FF54E471000
unkown image
page readonly
 clean
60955F7000
stack
page read and write
 clean
7FF5714A7000
unkown image
page readonly
 clean
1F7C5873000
unkown
page read and write
 clean
2093D000000
unkown image
page readonly
 clean
7FF5BFABD000
unkown image
page readonly
 clean
175CB051000
unkown
page read and write
 clean
7FF54E442000
unkown image
page readonly
 clean
609547B000
stack
page read and write
 clean
7FF5EFF1E000
unkown image
page readonly
 clean
1F7C5630000
unkown image
page readonly
 clean
7DF57F340000
unkown image
page readonly
 clean
7FF5EFE6B000
unkown image
page readonly
 clean
7FF571603000
unkown image
page readonly
 clean
175CAF30000
unkown image
page readonly
 clean
7DF581CF0000
unkown image
page readonly
 clean
7FF5715B1000
unkown image
page readonly
 clean
7DF54D7E2000
unkown image
page readonly
 clean
7FF5EFDC0000
unkown image
page readonly
 clean
7DF54D800000
unkown image
page readonly
 clean
7DF55C0D2000
unkown image
page readonly
 clean
1F7C6002000
unkown
page read and write
 clean
31C14FF000
stack
page read and write
 clean
7FF54E393000
unkown image
page readonly
 clean
175CBF3C000
unkown
page read and write
 clean
186197D000
stack
page read and write
 clean
1F3060CC000
unkown
page read and write
 clean
1F7C5802000
unkown
page read and write
 clean
7FF57ADE4000
unkown image
page readonly
 clean
7FF53F9EC000
unkown image
page readonly
 clean
7FF573F7F000
unkown image
page readonly
 clean
260C2DC0000
unkown image
page readonly
 clean
7DF581CF0000
unkown image
page readonly
 clean
7DF47D210000
unkown image
page readonly
 clean
7DF588E82000
unkown image
page readonly
 clean
7DF57F352000
unkown image
page readonly
 clean
7FF54206A000
unkown image
page readonly
 clean
7FF57B133000
unkown image
page readonly
 clean
2093CE44000
unkown
page read and write
 clean
23D3DEFC000
unkown
page read and write
 clean
7FF5BFE82000
unkown image
page readonly
 clean
7FF5420E5000
unkown image
page readonly
 clean
2093CE60000
unkown
page read and write
 clean
7DF5CDB12000
unkown image
page readonly
 clean
7FF542043000
unkown image
page readonly
 clean
7FF53F2C6000
unkown image
page readonly
 clean
31C15FA000
stack
page read and write
 clean
23D3EA50000
unkown
page read and write
 clean
7FF57AF61000
unkown image
page readonly
 clean
2093CE70000
unkown
page read and write
 clean
609527E000
stack
page read and write
 clean
5FB6E77000
stack
page read and write
 clean
260C3550000
unkown
page read and write
 clean
7FF5EFF67000
unkown image
page readonly
 clean
175CB9B1000
unkown
page read and write
 clean
7FF57AF6F000
unkown image
page readonly
 clean
7FF5BFC4F000
unkown image
page readonly
 clean
7FF574071000
unkown image
page readonly
 clean
7FF57B1F4000
unkown image
page readonly
 clean
1B91D626000
unkown
page read and write
 clean
175CBE02000
unkown
page read and write
 clean
175CB055000
unkown
page read and write
 clean
2093CD90000
unkown
page read and write
 clean
175CAF80000
unkown
page read and write
 clean
EA1307F000
stack
page read and write
 clean
175CB052000
unkown
page read and write
 clean
7FF5BFEAA000
unkown image
page readonly
 clean
7FF5BFD35000
unkown image
page readonly
 clean
1F305E80000
unkown image
page read and write
 clean
175CB050000
unkown
page read and write
 clean
175CB963000
unkown
page read and write
 clean
2093CE41000
unkown
page read and write
 clean
7FF54E37F000
unkown image
page readonly
 clean
23D3DF11000
unkown
page read and write
 clean
D90C97E000
stack
page read and write
 clean
7DF5909B0000
unkown image
page readonly
 clean
7FF54E3EA000
unkown image
page readonly
 clean
7FF5107AE000
unkown image
page readonly
 clean
7FF582C93000
unkown image
page readonly
 clean
7FF5829F7000
unkown image
page readonly
 clean
23EDD05C000
unkown
page read and write
 clean
260C2E3C000
unkown
page read and write
 clean
7FF573CF5000
unkown image
page readonly
 clean
175CAFF0000
unkown
page read and write
 clean
7FF5420C2000
unkown image
page readonly
 clean
175CBF3C000
unkown
page read and write
 clean
175CB900000
unkown
page read and write
 clean
1E18367D000
unkown
page read and write
 clean
23EDCDD0000
unkown image
page readonly
 clean
7DF5FDC50000
unkown image
page readonly
 clean
7FF573F79000
unkown image
page readonly
 clean
23D3ED20000
unkown
page read and write
 clean
7FF541FFF000
unkown image
page readonly
 clean
260C2E13000
unkown
page read and write
 clean
1E1835A0000
heap default
page read and write
 clean
7FF57406A000
unkown image
page readonly
 clean
7FF54DF51000
unkown image
page readonly
 clean
EA12BBD000
stack
page read and write
 clean
7FF574042000
unkown image
page readonly
 clean
7FF574061000
unkown image
page readonly
 clean
23EDD013000
unkown
page read and write
 clean
2093D200000
unkown image
page readonly
 clean
7DF588E70000
unkown image
page readonly
 clean
1B91D617000
heap default
page read and write
 clean
7FF582D41000
unkown image
page readonly
 clean
647A97E000
stack
page read and write
 clean
7FF510D65000
unkown image
page readonly
 clean
7FF5420E1000
unkown image
page readonly
 clean
7DF57F342000
unkown image
page readonly
 clean
7FF573FBB000
unkown image
page readonly
 clean
7FF574071000
unkown image
page readonly
 clean
7FF57B0F3000
unkown image
page readonly
 clean
7FF5BFEA1000
unkown image
page readonly
 clean
1B91D510000
unkown
page read and write
 clean
7FF54E06F000
unkown image
page readonly
 clean
7FF54E221000
unkown image
page readonly
 clean
186167E000
stack
page read and write
 clean
7FF57163E000
unkown image
page readonly
 clean
1B91D710000
unkown image
page readonly
 clean
1F7C5760000
unkown image
page readonly
 clean
7FF5420D4000
unkown image
page readonly
 clean
7FF54E27F000
unkown image
page readonly
 clean
7FF53F878000
unkown image
page readonly
 clean
7DF588E90000
unkown image
page readonly
 clean
1F7C5680000
heap default
page read and write
 clean
7FF5EFAD7000
unkown image
page readonly
 clean
175CB962000
unkown
page read and write
 clean
7FF53FB59000
unkown image
page readonly
 clean
1E183713000
unkown
page read and write
 clean
2093CE00000
unkown
page read and write
 clean
175CB070000
unkown
page read and write
 clean
7FF53FA8F000
unkown image
page readonly
 clean
28EC36D0000
unkown image
page readonly
 clean
175CB03C000
unkown
page read and write
 clean
7FF5716D1000
unkown image
page readonly
 clean
1F306113000
unkown
page read and write
 clean
7FF573E5B000
unkown image
page readonly
 clean
1B91D636000
unkown
page read and write
 clean
7FF54203B000
unkown image
page readonly
 clean
7FF5110C4000
unkown image
page readonly
 clean
7FF573F67000
unkown image
page readonly
 clean
2093CE3D000
unkown
page read and write
 clean
175CBF02000
unkown
page read and write
 clean
1B91D64F000
unkown
page read and write
 clean
1F7C5610000
unkown image
page read and write
 clean
7FF54E383000
unkown image
page readonly
 clean
7FF510FF3000
unkown image
page readonly
 clean
1F306802000
unkown
page read and write
 clean
1F306690000
unkown image
page write copy
 clean
2093CE75000
unkown
page read and write
 clean
1E1835D0000
unkown
page read and write
 clean
FDECB4E000
stack
page read and write
 clean
7FF5BFB82000
unkown image
page readonly
 clean
7FF52BA91000
unkown image
page readonly
 clean
7FF573E7F000
unkown image
page readonly
 clean
1B91D400000
unkown image
page readonly
 clean
7FF573ECB000
unkown image
page readonly
 clean
7FF57405A000
unkown image
page readonly
 clean
7DF5CDB20000
unkown image
page readonly
 clean
7FF53F992000
unkown image
page readonly
 clean
7FF5BFEAE000
unkown image
page readonly
 clean
7FF54E2DC000
unkown image
page readonly
 clean
7FF57AFE0000
unkown image
page readonly
 clean
7FF57AF96000
unkown image
page readonly
 clean
7DF588E72000
unkown image
page readonly
 clean
60956FE000
stack
page read and write
 clean
7FF54E39E000
unkown image
page readonly
 clean
7FF5420EA000
unkown image
page readonly
 clean
3E4FFFF000
stack
page read and write
 clean
7DF5CDB12000
unkown image
page readonly
 clean
7FF582C53000
unkown image
page readonly
 clean
260C2D80000
unkown image
page read and write
 clean
7FF5EFFF1000
unkown image
page readonly
 clean
7FF54E0F5000
unkown image
page readonly
 clean
7FF5716CA000
unkown image
page readonly
 clean
D90C8FF000
stack
page read and write
 clean
7FF5420DA000
unkown image
page readonly
 clean
7FF57B095000
unkown image
page readonly
 clean
5FB657B000
unkown
page read and write
 clean
28EC3308000
unkown
page read and write
 clean
28EC3120000
unkown image
page read and write
 clean
7DF57F340000
unkown image
page readonly
 clean
7FF5BFD9E000
unkown image
page readonly
 clean
7FF57B022000
unkown image
page readonly
 clean
7FF5EFFC9000
unkown image
page readonly
 clean
1E18368F000
unkown
page read and write
 clean
7FF5BFCC7000
unkown image
page readonly
 clean
175CB9C1000
unkown
page read and write
 clean
7FF53FAFA000
unkown image
page readonly
 clean
175CB9B8000
unkown
page read and write
 clean
7FF57B18D000
unkown image
page readonly
 clean
7DF588E80000
unkown image
page readonly
 clean
1F7C5C00000
unkown image
page readonly
 clean
175CB9C5000
unkown
page read and write
 clean
7DF54FD62000
unkown image
page readonly
 clean
175CB97A000
unkown
page read and write
 clean
23EDD602000
unkown
page read and write
 clean
7FF57B123000
unkown image
page readonly
 clean
7FF5BFE2A000
unkown image
page readonly
 clean
7FF57ADE7000
unkown image
page readonly
 clean
2093CE4E000
unkown
page read and write
 clean
7FF51103E000
unkown image
page readonly
 clean
175CB650000
unkown image
page readonly
 clean
7FF5713D6000
unkown image
page readonly
 clean
7FF53FB7A000
unkown image
page readonly
 clean
1B91D530000
unkown
page read and write
 clean
7FF57AFC1000
unkown image
page readonly
 clean
7FF57B07C000
unkown image
page readonly
 clean
175CBE02000
unkown
page read and write
 clean
175CB913000
unkown
page read and write
 clean
31C1579000
stack
page read and write
 clean
31C167F000
stack
page read and write
 clean
7FF5EFFD4000
unkown image
page readonly
 clean
1E183708000
unkown
page read and write
 clean
7FF5714CB000
unkown image
page readonly
 clean
1E183540000
heap private
page read and write
 clean
175CB9BD000
unkown
page read and write
 clean
7FF5420C9000
unkown image
page readonly
 clean
7FF57A99F000
unkown image
page readonly
 clean
1B91D638000
unkown
page read and write
 clean
23D3DEB7000
heap default
page read and write
 clean
7FF54E3BB000
unkown image
page readonly
 clean
7FF57B08B000
unkown image
page readonly
 clean
7FF57B0EA000
unkown image
page readonly
 clean
7FF57B01F000
unkown image
page readonly
 clean
7DF581CD2000
unkown image
page readonly
 clean
2093CE68000
unkown
page read and write
 clean
23D3DF17000
unkown
page read and write
 clean
7FF54D894000
unkown image
page readonly
 clean
7FF571600000
unkown image
page readonly
 clean
1F3060C5000
unkown
page read and write
 clean
7FF57147F000
unkown image
page readonly
 clean
EA12E7B000
stack
page read and write
 clean
7FF5BFDBF000
unkown image
page readonly
 clean
7FF57AF1B000
unkown image
page readonly
 clean
23EDCDA0000
heap private
page read and write
 clean
7FF511057000
unkown image
page readonly
 clean
7DF51ED40000
unkown image
page readonly
 clean
1F305E90000
heap private
page read and write
 clean
7FF54E3C3000
unkown image
page readonly
 clean
7FF54E471000
unkown image
page readonly
 clean
7DF588E82000
unkown image
page readonly
 clean
7DF51ED60000
unkown image
page readonly
 clean
7DF47FBA0000
unkown image
page readonly
 clean
260C2DD0000
unkown image
page readonly
 clean
175CB977000
unkown
page read and write
 clean
7FF5BFE94000
unkown image
page readonly
 clean
7DF581CD2000
unkown image
page readonly
 clean
7FF51105A000
unkown image
page readonly
 clean
175CBF6A000
unkown
page read and write
 clean
23EDCD90000
unkown image
page read and write
 clean
175CB059000
unkown
page read and write
 clean
5FB6C78000
stack
page read and write
 clean
7FF5EF785000
unkown image
page readonly
 clean
7FF5BFDC3000
unkown image
page readonly
 clean
5FB71FF000
stack
page read and write
 clean
7FF5BFD93000
unkown image
page readonly
 clean
23D3E170000
unkown
page read and write
 clean
7FF541FFD000
unkown image
page readonly
 clean
7FF510FEF000
unkown image
page readonly
 clean
7FF54D89A000
unkown image
page readonly
 clean
1E183670000
unkown
page read and write
 clean
2093CE3B000
unkown
page read and write
 clean
175CB0E8000
unkown
page read and write
 clean
175CB0C3000
unkown
page read and write
 clean
260C32E0000
unkown image
page readonly
 clean
175CB029000
unkown
page read and write
 clean
7FF571466000
unkown image
page readonly
 clean
175CB9C2000
unkown
page read and write
 clean
175CB9B8000
unkown
page read and write
 clean
7DF44B6B0000
unkown image
page readonly
 clean
1F306900000
unkown
page read and write
 clean
23EDCEF0000
unkown image
page readonly
 clean
1E183654000
unkown
page read and write
 clean
7FF510C51000
unkown image
page readonly
 clean
1860F8C000
unkown
page read and write
 clean
23D3DF1B000
unkown
page read and write
 clean
23D3DE20000
unkown
page read and write
 clean
2093CE32000
unkown
page read and write
 clean
7FF5716E0000
unkown image
page readonly
 clean
7FF5BF9FD000
unkown image
page readonly
 clean
175CBE26000
unkown
page read and write
 clean
1E183AD0000
unkown image
page readonly
 clean
175CB2D0000
unkown image
page readonly
 clean
23D3DE00000
unkown image
page readonly
 clean
7DF54FD60000
unkown image
page readonly
 clean
7FF57AF75000
unkown image
page readonly
 clean
7DF5CDB22000
unkown image
page readonly
 clean
7FF57B027000
unkown image
page readonly
 clean
175CB0A7000
unkown
page read and write
 clean
1F7C5630000
unkown image
page readonly
 clean
7FF57B1E9000
unkown image
page readonly
 clean
1E183570000
unkown image
page readonly
 clean
7DF581CE2000
unkown image
page readonly
 clean
7FF571402000
unkown image
page readonly
 clean
3E4FAAB000
unkown
page read and write
 clean
7FF5EFF10000
unkown image
page readonly
 clean
7FF5BFDA7000
unkown image
page readonly
 clean
23D3ED10000
unkown
page readonly
 clean
7FF582CBA000
unkown image
page readonly
 clean
2093CC20000
unkown image
page read and write
 clean
2093CE7F000
unkown
page read and write
 clean
7FF5BFDD0000
unkown image
page readonly
 clean
186187B000
stack
page read and write
 clean
7DF54D7E2000
unkown image
page readonly
 clean
28EC326F000
unkown
page read and write
 clean
175CB9BD000
unkown
page read and write
 clean
7FF511017000
unkown image
page readonly
 clean
EA12ABC000
unkown
page read and write
 clean
7FF5714A1000
unkown image
page readonly
 clean
260C2E4E000
unkown
page read and write
 clean
23EDCFD0000
unkown
page read and write
 clean
7FF573F97000
unkown image
page readonly
 clean
175CB802000
unkown
page read and write
 clean
7FF54E2CB000
unkown image
page readonly
 clean
175CB116000
unkown
page read and write
 clean
7FF5715CE000
unkown image
page readonly
 clean
2093CC30000
heap private
page read and write
 clean
7FF582178000
unkown image
page readonly
 clean
7FF5715F3000
unkown image
page readonly
 clean
1F7C5841000
unkown
page read and write
 clean
260C2F13000
unkown
page read and write
 clean
7FF57B0BF000
unkown image
page readonly
 clean
260C2E70000
unkown
page read and write
 clean
175CB102000
unkown
page read and write
 clean
23D3DDD0000
unkown image
page readonly
 clean
7DF55C0D0000
unkown image
page readonly
 clean
7FF53F2CE000
unkown image
page readonly
 clean
23D3DDC0000
unkown
page read and write
 clean
7FF5BFDFB000
unkown image
page readonly
 clean
1F305EA0000
unkown image
page readonly
 clean
23D3DEFC000
unkown
page read and write
 clean
2093CE45000
unkown
page read and write
 clean
2093CE6A000
unkown
page read and write
 clean
7DF5CDB10000
unkown image
page readonly
 clean
31C11AA000
unkown
page read and write
 clean
647A8FE000
stack
page read and write
 clean
1F7C5D80000
unkown image
page readonly
 clean
FDECACB000
unkown
page read and write
 clean
7FF54E23D000
unkown image
page readonly
 clean
175CB9D0000
unkown
page read and write
 clean
7FF57162B000
unkown image
page readonly
 clean
175CB957000
unkown
page read and write
 clean
7FF573EDC000
unkown image
page readonly
 clean
7FF511007000
unkown image
page readonly
 clean
7FF5EFF13000
unkown image
page readonly
 clean
7FF582C0E000
unkown image
page readonly
 clean
7FF573DF6000
unkown image
page readonly
 clean
1F7C586C000
unkown
page read and write
 clean
1B91D62F000
unkown
page read and write
 clean
7FF571657000
unkown image
page readonly
 clean
28EC3140000
unkown image
page readonly
 clean
7FF5BFC36000
unkown image
page readonly
 clean
1F7C5879000
unkown
page read and write
 clean
647ADFE000
stack
page read and write
 clean
7FF582C4D000
unkown image
page readonly
 clean
7FF5737FF000
unkown image
page readonly
 clean
7FF57165A000
unkown image
page readonly
 clean
7FF582D41000
unkown image
page readonly
 clean
7FF5715D7000
unkown image
page readonly
 clean
175CB958000
unkown
page read and write
 clean
3E500FD000
stack
page read and write
 clean
7FF53FB64000
unkown image
page readonly
 clean
7FF57165D000
unkown image
page readonly
 clean
175CB780000
unkown image
page read and write
 clean
28EC3160000
unkown image
page readonly
 clean
7FF573E40000
unkown image
page readonly
 clean
7FF582D3A000
unkown image
page readonly
 clean
1F306932000
unkown
page read and write
 clean
7FF53FB71000
unkown image
page readonly
 clean
7FF582C6E000
unkown image
page readonly
 clean
7FF53FAFD000
unkown image
page readonly
 clean
175CB9C1000
unkown
page read and write
 clean
23EDD029000
unkown
page read and write
 clean
7FF571633000
unkown image
page readonly
 clean
7FF54E3E7000
unkown image
page readonly
 clean
1F306590000
unkown image
page readonly
 clean
175CB108000
unkown
page read and write
 clean
7DF581CE0000
unkown image
page readonly
 clean
28EC3170000
unkown image
page readonly
 clean
6094FAF000
stack
page read and write
 clean
7FF5EFFF1000
unkown image
page readonly
 clean
7FF57B11F000
unkown image
page readonly
 clean
647ACFF000
stack
page read and write
 clean
There are 990 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
file:///C:/Users/user/Desktop/%23Ud83d%23UdcdeAudio-File%20Islandhealth.htm#cGF1bGEueW91bmdAaXNsYW5kaGVhbHRoLmNh
 malicious