Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QRT_4_377305.htm
|
HTML document, ASCII text, with very long lines, with no line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3c36203c-67b3-4bdf-93f7-640026c9a8e0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4ff47ea1-b811-4efe-835f-cf25a5a1fc4c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5ad4eff4-20e7-4f9d-b90f-c2a5ee6a783b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\667df2c3-7592-44cc-83fb-4c710a8f0336.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7194bf18-3432-46dd-af1c-cb6aece88f28.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\75ffb792-a586-4010-b728-d32f031d052f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\85ce2104-ee51-4f2b-a17e-b89de9958a39.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\872330a3-50d3-4707-a342-1b1e609f80a2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\99a16861-d017-49be-b59f-241acd4928bc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\21ecc498-fa24-4abd-a5b5-5f5b15666e3e.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\34703649-87c2-4e8b-9244-e89f2d9ce88b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\397a7632-6d99-4f39-8148-39624b93485c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\61c791c2-37be-4098-83f6-d2aa19fb928e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6faa0a8b-decb-4554-8889-2652df47096b.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\78c4c022-80e6-4d67-a665-93269714df9e.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\829b1baa-f00a-42e9-a381-a4ca62c93cf8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9f65837f-796c-4a05-aef0-f0e031c0d607.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldNT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old.. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Sessiond (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.olddl (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesv\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferenceswe (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\b7c29d9a-8096-430b-9575-6e0a5d7fab1d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\33a0ea3d-075a-478b-b011-58c509a6d20b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldx
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldpt
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b8818aef-24b7-43bc-a0cd-a3a2726d64f3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be931715-8074-4b6f-88c6-d6a8a8c48e64.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT0 (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f07b0551-59ca-4235-b7b8-2244e853cbb6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8 (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State5 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache/l (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheW (copy)
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5080_381033223\Ruleset Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a5492ca0-6b35-43ab-ad81-1d9e5ff69eeb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e44763e2-6dc1-4b33-9b68-c7cab78c6e8b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ec92931b-527a-4fdc-8f75-a21fe7c6636a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f6f1fa16-c665-4d73-8027-6d55d90c2b88.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\359ea78a-9ae0-4bd0-8dbc-3eb1269f3722.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\39f8d8d9-2428-4226-a860-eca85476c6d1.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1224813920\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1394636995\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1394636995\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1394636995\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1394636995\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_1394636995\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_301201401\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_301201401\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_301201401\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_301201401\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_301201401\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_928993101\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_928993101\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_928993101\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_928993101\ssl_error_assistant.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_994888263\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_994888263\download_file_types.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_994888263\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5080_994888263\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5a825ffa-e3a9-4da1-b159-52895c1a6a50.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c8f896c9-0f87-4830-9462-7cb5ecf0847e.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\359ea78a-9ae0-4bd0-8dbc-3eb1269f3722.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_1640535706\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\5a825ffa-e3a9-4da1-b159-52895c1a6a50.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5080_2105753974\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
There are 268 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\QRT_4_377305.htm
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,16431921768330721865,9983142891932015525,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/QRT_4_377305.htm
|
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
|
104.18.10.207
|
||
|
https://www.google.com/s2/favicons?sz=64&domain_url=office.com
|
142.250.203.100
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
172.217.168.33
|
||
|
https://api-images.statvoo.com/favicon/?domain=office.com
|
172.67.159.15
|
||
|
https://www.google.com
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
|
104.18.10.207
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
http://office.com&size=64
|
unknown
|
||
|
https://hangouts.clients6.google.com
|
unknown
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/cr/report
|
unknown
|
||
|
http://angularjs.org
|
unknown
|
||
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
||
|
https://github.com/angular/material
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
|
104.18.10.207
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://meetings.clients6.google.com
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.cssCX
|
unknown
|
||
|
https://api.statvoo.com/favicon/?url=office.com
|
104.21.41.23
|
||
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
||
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
There are 55 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
216.58.215.227
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
www.google.com
|
142.250.203.100
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
api.statvoo.com
|
104.21.41.23
|
||
|
api-images.statvoo.com
|
172.67.159.15
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.168.33
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
216.58.215.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
172.67.159.15
|
api-images.statvoo.com
|
United States
|
||
|
142.250.203.100
|
www.google.com
|
United States
|
||
|
104.21.41.23
|
api.statvoo.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.217.168.33
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1D19A5CA000
|
unkown
|
page read and write
|
||
|
1CABB240000
|
heap
|
page read and write
|
||
|
1D19AA63000
|
unkown
|
page read and write
|
||
|
26FE9300000
|
heap
|
page read and write
|
||
|
1D1E373B000
|
unkown
|
page read and write
|
||
|
1D199C51000
|
unkown
|
page read and write
|
||
|
21460B00000
|
unkown
|
page read and write
|
||
|
1D199CF7000
|
unkown
|
page read and write
|
||
|
288CF402000
|
unkown
|
page read and write
|
||
|
288CD760000
|
unkown
|
page read and write
|
||
|
27D3926B000
|
unkown
|
page read and write
|
||
|
1DCD7056000
|
unkown
|
page read and write
|
||
|
1D19A597000
|
unkown
|
page read and write
|
||
|
288CD813000
|
unkown
|
page read and write
|
||
|
21460820000
|
heap
|
page read and write
|
||
|
288CD848000
|
unkown
|
page read and write
|
||
|
21460A55000
|
unkown
|
page read and write
|
||
|
24276602000
|
unkown
|
page read and write
|
||
|
26FE9331000
|
heap
|
page read and write
|
||
|
1D19AA63000
|
unkown
|
page read and write
|
||
|
1F5947C000
|
stack
|
page read and write
|
||
|
3FF767E000
|
stack
|
page read and write
|
||
|
1A956902000
|
unkown
|
page read and write
|
||
|
D5A4F7E000
|
stack
|
page read and write
|
||
|
27D39A02000
|
unkown
|
page read and write
|
||
|
96B9F7E000
|
stack
|
page read and write
|
||
|
1D199CA7000
|
unkown
|
page read and write
|
||
|
288CD840000
|
unkown
|
page read and write
|
||
|
96B99EB000
|
stack
|
page read and write
|
||
|
26FE9600000
|
heap
|
page read and write
|
||
|
21460A00000
|
unkown
|
page read and write
|
||
|
1D199C89000
|
unkown
|
page read and write
|
||
|
27D39200000
|
unkown
|
page read and write
|
||
|
1D199C49000
|
unkown
|
page read and write
|
||
|
1DCD6F90000
|
remote allocation
|
page read and write
|
||
|
1CABB500000
|
unkown
|
page read and write
|
||
|
1D199D02000
|
unkown
|
page read and write
|
||
|
288CD87C000
|
unkown
|
page read and write
|
||
|
24276667000
|
unkown
|
page read and write
|
||
|
E415ECB000
|
stack
|
page read and write
|
||
|
3FF807E000
|
stack
|
page read and write
|
||
|
3FF777C000
|
stack
|
page read and write
|
||
|
1CABB46E000
|
unkown
|
page read and write
|
||
|
1DCD6DF0000
|
heap
|
page read and write
|
||
|
27D39120000
|
heap
|
page read and write
|
||
|
1D1E3602000
|
unkown
|
page read and write
|
||
|
1F5997E000
|
stack
|
page read and write
|
||
|
1DCD6F60000
|
unkown
|
page read and write
|
||
|
27D39247000
|
unkown
|
page read and write
|
||
|
197780F0000
|
trusted library allocation
|
page read and write
|
||
|
96B9CFE000
|
stack
|
page read and write
|
||
|
197790B0000
|
trusted library allocation
|
page read and write
|
||
|
21461202000
|
unkown
|
page read and write
|
||
|
27D39250000
|
unkown
|
page read and write
|
||
|
288CD902000
|
unkown
|
page read and write
|
||
|
8F010F9000
|
stack
|
page read and write
|
||
|
19778384000
|
heap
|
page read and write
|
||
|
1D199CE2000
|
unkown
|
page read and write
|
||
|
288CD6C0000
|
heap
|
page read and write
|
||
|
3FF7D7F000
|
stack
|
page read and write
|
||
|
2C787FD0000
|
unkown
|
page read and write
|
||
|
1D1E30CD000
|
unkown
|
page read and write
|
||
|
D5A4E7F000
|
stack
|
page read and write
|
||
|
288CD889000
|
unkown
|
page read and write
|
||
|
E4166FE000
|
stack
|
page read and write
|
||
|
BE8A7B000
|
stack
|
page read and write
|
||
|
B16607F000
|
stack
|
page read and write
|
||
|
27D39269000
|
unkown
|
page read and write
|
||
|
B165AFE000
|
stack
|
page read and write
|
||
|
26FE9346000
|
heap
|
page read and write
|
||
|
3C00A7B000
|
stack
|
page read and write
|
||
|
1D19A5AA000
|
unkown
|
page read and write
|
||
|
27D39241000
|
unkown
|
page read and write
|
||
|
27D39242000
|
unkown
|
page read and write
|
||
|
288CD730000
|
heap
|
page read and write
|
||
|
1D19AB02000
|
unkown
|
page read and write
|
||
|
24276600000
|
unkown
|
page read and write
|
||
|
D5A527C000
|
stack
|
page read and write
|
||
|
242765F0000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
27D39246000
|
unkown
|
page read and write
|
||
|
19778590000
|
trusted library allocation
|
page read and write
|
||
|
2C788088000
|
unkown
|
page read and write
|
||
|
26FE932B000
|
heap
|
page read and write
|
||
|
2C78805C000
|
unkown
|
page read and write
|
||
|
1CABB490000
|
unkown
|
page read and write
|
||
|
1D19A3C0000
|
remote allocation
|
page read and write
|
||
|
91D8AFB000
|
stack
|
page read and write
|
||
|
288CD7F0000
|
remote allocation
|
page read and write
|
||
|
1D19A599000
|
unkown
|
page read and write
|
||
|
2C787D90000
|
heap
|
page read and write
|
||
|
19778540000
|
heap
|
page readonly
|
||
|
2C788064000
|
unkown
|
page read and write
|
||
|
1D19A56F000
|
unkown
|
page read and write
|
||
|
1D1E30E5000
|
unkown
|
page read and write
|
||
|
1A956858000
|
unkown
|
page read and write
|
||
|
1D1E3085000
|
unkown
|
page read and write
|
||
|
2427665B000
|
unkown
|
page read and write
|
||
|
1D19A56B000
|
unkown
|
page read and write
|
||
|
1D199B30000
|
heap
|
page read and write
|
||
|
1D1E306E000
|
unkown
|
page read and write
|
||
|
3FF78F7000
|
stack
|
page read and write
|
||
|
1A95686A000
|
unkown
|
page read and write
|
||
|
26FE935E000
|
heap
|
page read and write
|
||
|
3C00B7B000
|
stack
|
page read and write
|
||
|
288CD7F0000
|
remote allocation
|
page read and write
|
||
|
21460A4C000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
1CABB44B000
|
unkown
|
page read and write
|
||
|
91D917F000
|
stack
|
page read and write
|
||
|
1D1E30C5000
|
unkown
|
page read and write
|
||
|
288CD780000
|
trusted library allocation
|
page read and write
|
||
|
D5A517C000
|
stack
|
page read and write
|
||
|
1D199C00000
|
unkown
|
page read and write
|
||
|
91D8F7F000
|
stack
|
page read and write
|
||
|
96B9C7E000
|
stack
|
page read and write
|
||
|
1A956802000
|
unkown
|
page read and write
|
||
|
3FF7CFC000
|
stack
|
page read and write
|
||
|
1D199C4C000
|
unkown
|
page read and write
|
||
|
1D19A5AA000
|
unkown
|
page read and write
|
||
|
288CD7F0000
|
remote allocation
|
page read and write
|
||
|
24276713000
|
unkown
|
page read and write
|
||
|
D5A4CFD000
|
stack
|
page read and write
|
||
|
27D39244000
|
unkown
|
page read and write
|
||
|
2C788061000
|
unkown
|
page read and write
|
||
|
8F011FE000
|
stack
|
page read and write
|
||
|
341577E000
|
stack
|
page read and write
|
||
|
3FF7AF8000
|
stack
|
page read and write
|
||
|
21460A7A000
|
unkown
|
page read and write
|
||
|
E415FCF000
|
stack
|
page read and write
|
||
|
2C788113000
|
unkown
|
page read and write
|
||
|
1F593FE000
|
stack
|
page read and write
|
||
|
19778580000
|
heap
|
page read and write
|
||
|
27D39263000
|
unkown
|
page read and write
|
||
|
1977838C000
|
heap
|
page read and write
|
||
|
1D19A513000
|
unkown
|
page read and write
|
||
|
288CD863000
|
unkown
|
page read and write
|
||
|
1A95687D000
|
unkown
|
page read and write
|
||
|
1A956913000
|
unkown
|
page read and write
|
||
|
3FF734C000
|
stack
|
page read and write
|
||
|
1D19A5CA000
|
unkown
|
page read and write
|
||
|
559997F000
|
stack
|
page read and write
|
||
|
1DCD6E00000
|
heap
|
page read and write
|
||
|
2C788027000
|
unkown
|
page read and write
|
||
|
BE8F7E000
|
stack
|
page read and write
|
||
|
3FF73CE000
|
stack
|
page read and write
|
||
|
1D1E2DD0000
|
heap
|
page read and write
|
||
|
1D1E3013000
|
unkown
|
page read and write
|
||
|
242763C0000
|
heap
|
page read and write
|
||
|
B165BFB000
|
stack
|
page read and write
|
||
|
1D19A578000
|
unkown
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
1D19AA00000
|
unkown
|
page read and write
|
||
|
1CABBC02000
|
unkown
|
page read and write
|
||
|
1D19A58B000
|
unkown
|
page read and write
|
||
|
1D19A58C000
|
unkown
|
page read and write
|
||
|
21460A13000
|
unkown
|
page read and write
|
||
|
2C787E00000
|
heap
|
page read and write
|
||
|
3C0087C000
|
stack
|
page read and write
|
||
|
1A956680000
|
heap
|
page read and write
|
||
|
27D3922E000
|
unkown
|
page read and write
|
||
|
2C78807B000
|
unkown
|
page read and write
|
||
|
5599D7F000
|
stack
|
page read and write
|
||
|
1D1E2E40000
|
heap
|
page read and write
|
||
|
26FE935D000
|
heap
|
page read and write
|
||
|
1D19A5A2000
|
unkown
|
page read and write
|
||
|
BE8D7B000
|
stack
|
page read and write
|
||
|
1D199D16000
|
unkown
|
page read and write
|
||
|
1D1E3000000
|
unkown
|
page read and write
|
||
|
1D19A53A000
|
unkown
|
page read and write
|
||
|
5599C7E000
|
stack
|
page read and write
|
||
|
1D19A5FB000
|
unkown
|
page read and write
|
||
|
34158FF000
|
stack
|
page read and write
|
||
|
91D88FC000
|
stack
|
page read and write
|
||
|
27D3923E000
|
unkown
|
page read and write
|
||
|
1D19A3C0000
|
remote allocation
|
page read and write
|
||
|
21460B02000
|
unkown
|
page read and write
|
||
|
D5A537E000
|
stack
|
page read and write
|
||
|
1D199BA0000
|
heap
|
page read and write
|
||
|
19778585000
|
heap
|
page read and write
|
||
|
3FF77FF000
|
stack
|
page read and write
|
||
|
5599A7E000
|
stack
|
page read and write
|
||
|
341587A000
|
stack
|
page read and write
|
||
|
1A956800000
|
unkown
|
page read and write
|
||
|
1D199D13000
|
unkown
|
page read and write
|
||
|
24276C02000
|
unkown
|
page read and write
|
||
|
26FE934E000
|
heap
|
page read and write
|
||
|
1CABB449000
|
unkown
|
page read and write
|
||
|
E4163FB000
|
stack
|
page read and write
|
||
|
27D39264000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
1D19A58E000
|
unkown
|
page read and write
|
||
|
1A956813000
|
unkown
|
page read and write
|
||
|
24276613000
|
unkown
|
page read and write
|
||
|
288CD7B0000
|
trusted library allocation
|
page read and write
|
||
|
8F00CEA000
|
stack
|
page read and write
|
||
|
27D39213000
|
unkown
|
page read and write
|
||
|
27D39229000
|
unkown
|
page read and write
|
||
|
1D19A57C000
|
unkown
|
page read and write
|
||
|
24276629000
|
unkown
|
page read and write
|
||
|
1F596FF000
|
stack
|
page read and write
|
||
|
288CF270000
|
trusted library allocation
|
page read and write
|
||
|
1D199CBC000
|
unkown
|
page read and write
|
||
|
8F0117F000
|
stack
|
page read and write
|
||
|
27D3926F000
|
unkown
|
page read and write
|
||
|
1D199C52000
|
unkown
|
page read and write
|
||
|
26FE934E000
|
heap
|
page read and write
|
||
|
21460A29000
|
unkown
|
page read and write
|
||
|
1CABB413000
|
unkown
|
page read and write
|
||
|
91D8CFE000
|
stack
|
page read and write
|
||
|
27D39245000
|
unkown
|
page read and write
|
||
|
21460A89000
|
unkown
|
page read and write
|
||
|
27D3922F000
|
unkown
|
page read and write
|
||
|
1D199C29000
|
unkown
|
page read and write
|
||
|
1CABB44E000
|
unkown
|
page read and write
|
||
|
1DCD6F90000
|
remote allocation
|
page read and write
|
||
|
1DCD7102000
|
unkown
|
page read and write
|
||
|
1CABB46A000
|
unkown
|
page read and write
|
||
|
21460B08000
|
unkown
|
page read and write
|
||
|
B165E77000
|
stack
|
page read and write
|
||
|
288CD802000
|
unkown
|
page read and write
|
||
|
1D1E3029000
|
unkown
|
page read and write
|
||
|
1D19A5A7000
|
unkown
|
page read and write
|
||
|
1F597FD000
|
stack
|
page read and write
|
||
|
27D3923B000
|
unkown
|
page read and write
|
||
|
3FF7E78000
|
stack
|
page read and write
|
||
|
21460A71000
|
unkown
|
page read and write
|
||
|
1D199CB2000
|
unkown
|
page read and write
|
||
|
91D887F000
|
stack
|
page read and write
|
||
|
2C788102000
|
unkown
|
page read and write
|
||
|
1CABB42A000
|
unkown
|
page read and write
|
||
|
27D3924F000
|
unkown
|
page read and write
|
||
|
1CABB508000
|
unkown
|
page read and write
|
||
|
1D19A5F1000
|
unkown
|
page read and write
|
||
|
24276420000
|
heap
|
page read and write
|
||
|
19778E70000
|
trusted library allocation
|
page read and write
|
||
|
24276702000
|
unkown
|
page read and write
|
||
|
1977838C000
|
heap
|
page read and write
|
||
|
1D199C13000
|
unkown
|
page read and write
|
||
|
3415979000
|
stack
|
page read and write
|
||
|
1D19A57A000
|
unkown
|
page read and write
|
||
|
21460980000
|
unkown
|
page read and write
|
||
|
27D39252000
|
unkown
|
page read and write
|
||
|
1D19A5FA000
|
unkown
|
page read and write
|
||
|
1D199C4F000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
1D19A596000
|
unkown
|
page read and write
|
||
|
26FE9320000
|
heap
|
page read and write
|
||
|
1D19A5F0000
|
unkown
|
page read and write
|
||
|
1D199CC3000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
1CABB48B000
|
unkown
|
page read and write
|
||
|
27D39230000
|
unkown
|
page read and write
|
||
|
1F5957F000
|
stack
|
page read and write
|
||
|
91D84DC000
|
stack
|
page read and write
|
||
|
197780E0000
|
heap
|
page read and write
|
||
|
34156FE000
|
stack
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
1D19A5AA000
|
unkown
|
page read and write
|
||
|
27D391B0000
|
unkown
|
page read and write
|
||
|
21460A8E000
|
unkown
|
page read and write
|
||
|
1D19A589000
|
unkown
|
page read and write
|
||
|
1D19A599000
|
unkown
|
page read and write
|
||
|
27D39110000
|
heap
|
page read and write
|
||
|
1D199CA8000
|
unkown
|
page read and write
|
||
|
19778589000
|
heap
|
page read and write
|
||
|
1D199C48000
|
unkown
|
page read and write
|
||
|
341567B000
|
stack
|
page read and write
|
||
|
27D39302000
|
unkown
|
page read and write
|
||
|
26FE9358000
|
heap
|
page read and write
|
||
|
1DCD7040000
|
unkown
|
page read and write
|
||
|
27D3927E000
|
unkown
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
1D1E3712000
|
unkown
|
page read and write
|
||
|
1CABB49C000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
1A956900000
|
unkown
|
page read and write
|
||
|
27D39284000
|
unkown
|
page read and write
|
||
|
1D199D08000
|
unkown
|
page read and write
|
||
|
1D19A588000
|
unkown
|
page read and write
|
||
|
D5A507E000
|
stack
|
page read and write
|
||
|
1D19A55B000
|
unkown
|
page read and write
|
||
|
19778376000
|
heap
|
page read and write
|
||
|
1A956866000
|
unkown
|
page read and write
|
||
|
1D19AB00000
|
unkown
|
page read and write
|
||
|
1D1E30E0000
|
unkown
|
page read and write
|
||
|
2C788029000
|
unkown
|
page read and write
|
||
|
1F58F0B000
|
stack
|
page read and write
|
||
|
1DCD6F90000
|
remote allocation
|
page read and write
|
||
|
1D19A5EB000
|
unkown
|
page read and write
|
||
|
1A95683C000
|
unkown
|
page read and write
|
||
|
1D19A58C000
|
unkown
|
page read and write
|
||
|
2C788069000
|
unkown
|
page read and write
|
||
|
1F5967D000
|
stack
|
page read and write
|
||
|
197782B0000
|
trusted library allocation
|
page read and write
|
||
|
1D19A402000
|
unkown
|
page read and write
|
||
|
559967C000
|
stack
|
page read and write
|
||
|
1D19A5FD000
|
unkown
|
page read and write
|
||
|
288CD900000
|
unkown
|
page read and write
|
||
|
8F00DEF000
|
stack
|
page read and write
|
||
|
B165A7F000
|
stack
|
page read and write
|
||
|
2C788013000
|
unkown
|
page read and write
|
||
|
19778560000
|
trusted library allocation
|
page read and write
|
||
|
1D19A58E000
|
unkown
|
page read and write
|
||
|
D5A547C000
|
stack
|
page read and write
|
||
|
1D199CDA000
|
unkown
|
page read and write
|
||
|
26FE9359000
|
heap
|
page read and write
|
||
|
288CD918000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
288CD913000
|
unkown
|
page read and write
|
||
|
2C78803C000
|
unkown
|
page read and write
|
||
|
1D19A54A000
|
unkown
|
page read and write
|
||
|
1D1E30BC000
|
unkown
|
page read and write
|
||
|
19778240000
|
heap
|
page read and write
|
||
|
1D19A5F8000
|
unkown
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
96BA17F000
|
stack
|
page read and write
|
||
|
26FE92A0000
|
heap
|
page read and write
|
||
|
34157FC000
|
stack
|
page read and write
|
||
|
1A9567E0000
|
unkown
|
page read and write
|
||
|
1D199C4E000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
1D1E3113000
|
unkown
|
page read and write
|
||
|
1DCD7802000
|
unkown
|
page read and write
|
||
|
E4162FB000
|
stack
|
page read and write
|
||
|
1D19A568000
|
unkown
|
page read and write
|
||
|
1977837E000
|
heap
|
page read and write
|
||
|
5599B7F000
|
stack
|
page read and write
|
||
|
26FE94F0000
|
heap
|
page read and write
|
||
|
19778338000
|
heap
|
page read and write
|
||
|
3FF79F7000
|
stack
|
page read and write
|
||
|
288CD858000
|
unkown
|
page read and write
|
||
|
E4164FE000
|
stack
|
page read and write
|
||
|
1D19A588000
|
unkown
|
page read and write
|
||
|
1D19A5F4000
|
unkown
|
page read and write
|
||
|
19778373000
|
heap
|
page read and write
|
||
|
1D1E3040000
|
unkown
|
page read and write
|
||
|
1D199C4A000
|
unkown
|
page read and write
|
||
|
26FE9347000
|
heap
|
page read and write
|
||
|
21460B13000
|
unkown
|
page read and write
|
||
|
1D19A58C000
|
unkown
|
page read and write
|
||
|
27D3924B000
|
unkown
|
page read and write
|
||
|
559927B000
|
stack
|
page read and write
|
||
|
288CD800000
|
unkown
|
page read and write
|
||
|
3C00EFE000
|
stack
|
page read and write
|
||
|
2C788054000
|
unkown
|
page read and write
|
||
|
1CABB502000
|
unkown
|
page read and write
|
||
|
1DCD7029000
|
unkown
|
page read and write
|
||
|
96B9E7F000
|
stack
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
27D3926D000
|
unkown
|
page read and write
|
||
|
8F00D6F000
|
stack
|
page read and write
|
||
|
27D3922D000
|
unkown
|
page read and write
|
||
|
1CABB43C000
|
unkown
|
page read and write
|
||
|
2C788063000
|
unkown
|
page read and write
|
||
|
26FE932D000
|
heap
|
page read and write
|
||
|
8F0107C000
|
stack
|
page read and write
|
||
|
2C788108000
|
unkown
|
page read and write
|
||
|
1D19A598000
|
unkown
|
page read and write
|
||
|
19778330000
|
heap
|
page read and write
|
||
|
1DCD7000000
|
unkown
|
page read and write
|
||
|
1CABB3B0000
|
unkown
|
page read and write
|
||
|
1D19A500000
|
unkown
|
page read and write
|
||
|
197783A4000
|
heap
|
page read and write
|
||
|
26FE9336000
|
heap
|
page read and write
|
||
|
3FF7F78000
|
stack
|
page read and write
|
||
|
1D19A510000
|
unkown
|
page read and write
|
||
|
91D8BFF000
|
stack
|
page read and write
|
||
|
19778550000
|
trusted library allocation
|
page read and write
|
||
|
24276677000
|
unkown
|
page read and write
|
||
|
3C00DFE000
|
stack
|
page read and write
|
||
|
1D1E3024000
|
unkown
|
page read and write
|
||
|
1DCD705C000
|
unkown
|
page read and write
|
||
|
1D19A568000
|
unkown
|
page read and write
|
||
|
1A9566E0000
|
heap
|
page read and write
|
||
|
1CABB45D000
|
unkown
|
page read and write
|
||
|
1DCD7013000
|
unkown
|
page read and write
|
||
|
1D19A5B8000
|
unkown
|
page read and write
|
||
|
3C00CF7000
|
stack
|
page read and write
|
||
|
1D1E3102000
|
unkown
|
page read and write
|
||
|
1D199C4B000
|
unkown
|
page read and write
|
||
|
288CD848000
|
unkown
|
page read and write
|
||
|
1D199C71000
|
unkown
|
page read and write
|
||
|
1D19A582000
|
unkown
|
page read and write
|
||
|
559987D000
|
stack
|
page read and write
|
||
|
1D199CEE000
|
unkown
|
page read and write
|
||
|
27D39274000
|
unkown
|
page read and write
|
||
|
1D19A58E000
|
unkown
|
page read and write
|
||
|
1D199B40000
|
heap
|
page read and write
|
||
|
1CABB513000
|
unkown
|
page read and write
|
||
|
2C788100000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
21460A4F000
|
unkown
|
page read and write
|
||
|
19778320000
|
trusted library allocation
|
page read and write
|
||
|
27D3927B000
|
unkown
|
page read and write
|
||
|
91D907D000
|
stack
|
page read and write
|
||
|
288CD858000
|
unkown
|
page read and write
|
||
|
1D19A584000
|
unkown
|
page read and write
|
||
|
2C78805D000
|
unkown
|
page read and write
|
||
|
26FE934E000
|
heap
|
page read and write
|
||
|
2C788067000
|
unkown
|
page read and write
|
||
|
197783AC000
|
heap
|
page read and write
|
||
|
B16579B000
|
stack
|
page read and write
|
||
|
1CABB45D000
|
unkown
|
page read and write
|
||
|
2C788000000
|
unkown
|
page read and write
|
||
|
27D3924A000
|
unkown
|
page read and write
|
||
|
D5A48CC000
|
stack
|
page read and write
|
||
|
197782C0000
|
trusted library allocation
|
page read and write
|
||
|
1CABB250000
|
heap
|
page read and write
|
||
|
24276641000
|
unkown
|
page read and write
|
||
|
21460880000
|
heap
|
page read and write
|
||
|
288CD82A000
|
unkown
|
page read and write
|
||
|
21460A52000
|
unkown
|
page read and write
|
||
|
3C0097D000
|
stack
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
1D19A58C000
|
unkown
|
page read and write
|
||
|
1D19A5FE000
|
unkown
|
page read and write
|
||
|
27D39275000
|
unkown
|
page read and write
|
||
|
1D199C3C000
|
unkown
|
page read and write
|
||
|
1D19A582000
|
unkown
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
288CD857000
|
unkown
|
page read and write
|
||
|
27D39249000
|
unkown
|
page read and write
|
||
|
1D1E2DE0000
|
heap
|
page read and write
|
||
|
1D19A5F4000
|
unkown
|
page read and write
|
||
|
288CD881000
|
unkown
|
page read and write
|
||
|
19778530000
|
trusted library allocation
|
page read and write
|
||
|
1D1E35A0000
|
unkown
|
page read and write
|
||
|
91D8E7C000
|
stack
|
page read and write
|
||
|
27D3924E000
|
unkown
|
page read and write
|
||
|
26FE9605000
|
heap
|
page read and write
|
||
|
3FF7BFF000
|
stack
|
page read and write
|
||
|
1D19A586000
|
unkown
|
page read and write
|
||
|
E415F4F000
|
stack
|
page read and write
|
||
|
91D8D7C000
|
stack
|
page read and write
|
||
|
2C788602000
|
unkown
|
page read and write
|
||
|
288CD847000
|
unkown
|
page read and write
|
||
|
BE8E7F000
|
stack
|
page read and write
|
||
|
1D199BD0000
|
unkown
|
page read and write
|
||
|
1CABB453000
|
unkown
|
page read and write
|
||
|
19778220000
|
heap
|
page read and write
|
||
|
559947A000
|
stack
|
page read and write
|
||
|
1977838C000
|
heap
|
page read and write
|
||
|
242763B0000
|
heap
|
page read and write
|
||
|
1A957002000
|
unkown
|
page read and write
|
||
|
1D199C54000
|
unkown
|
page read and write
|
||
|
B165D7B000
|
stack
|
page read and write
|
||
|
3C00BFE000
|
stack
|
page read and write
|
||
|
3C008FE000
|
stack
|
page read and write
|
||
|
1CABB400000
|
unkown
|
page read and write
|
||
|
1CABB2B0000
|
heap
|
page read and write
|
||
|
21460810000
|
heap
|
page read and write
|
||
|
1DCD6E60000
|
heap
|
page read and write
|
||
|
27D3927D000
|
unkown
|
page read and write
|
||
|
1D19AA02000
|
unkown
|
page read and write
|
||
|
559957F000
|
stack
|
page read and write
|
||
|
1D19A3C0000
|
remote allocation
|
page read and write
|
||
|
27D39180000
|
heap
|
page read and write
|
||
|
1DCD7002000
|
unkown
|
page read and write
|
||
|
2C787DA0000
|
heap
|
page read and write
|
||
|
27D39230000
|
unkown
|
page read and write
|
||
|
27D39267000
|
unkown
|
page read and write
|
||
|
1D19A594000
|
unkown
|
page read and write
|
||
|
27D3924D000
|
unkown
|
page read and write
|
||
|
27D39251000
|
unkown
|
page read and write
|
||
|
1D19A58A000
|
unkown
|
page read and write
|
||
|
24276675000
|
unkown
|
page read and write
|
||
|
E4165F7000
|
stack
|
page read and write
|
||
|
27D3922C000
|
unkown
|
page read and write
|
||
|
1D19A5FD000
|
unkown
|
page read and write
|
||
|
1D1E3700000
|
unkown
|
page read and write
|
||
|
96BA07E000
|
stack
|
page read and write
|
||
|
1A956828000
|
unkown
|
page read and write
|
||
|
288CD6D0000
|
heap
|
page read and write
|
||
|
21460A3C000
|
unkown
|
page read and write
|
||
|
B165C7F000
|
stack
|
page read and write
|
||
|
1A956670000
|
heap
|
page read and write
|
||
|
B165F7F000
|
stack
|
page read and write
|
There are 470 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/QRT_4_377305.htm
|