Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\10800568-af91-407d-828e-eb646a0a330f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4a20728e-8766-4fd0-ad2c-2fe83e4e360d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\694f64ce-51c0-4c70-9a20-af66d75f3ecb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\89fbf4bb-c534-41d3-9519-71cce25462ac.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\960352ed-5c65-400d-a895-e7c020499115.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\20ed0e82-e7b1-4d97-8ba5-5cafdb9148c1.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\26789665-ada4-4262-b855-fc3456293fd8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\47d3061a-569d-4b1f-8113-81f7f987534c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5f9f2337-b36a-49d6-8a23-ea7729cc75fe.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\88f6babb-c055-43dc-8297-98e427269769.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\650f3d52-2cfd-4471-94e1-3484eb86d06a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\df3222a3-ee15-46d7-9b79-b03d8e658b4b.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a10b08c9-4e26-4b90-a87e-02212c065480.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b0bacd05-dce4-4c16-8c01-da3a4dedd499.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d3a47ecb-233d-49ac-bf22-d24cb8eb7228.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dc95976d-763e-46bc-8263-1c67096e3636.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e5f5e0da-8b23-430a-b626-553e401b06e4.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\af39cc69-159f-44f2-95ac-403bc88fc189.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c5e8cbca-fd01-43d3-9a2e-e1a5e60fb1da.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ce0da793-6d9c-4151-9cda-59d56c0e3db3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\cfca1793-0718-46ed-b154-c2ee7ca42360.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e29d082d-496a-4d1d-a512-70c10181b7a6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2591edc6-d347-4229-8847-7b46122d4791.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1130259742\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1594759286\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1594759286\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1594759286\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1594759286\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2956_1594759286\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\52e5565e-a741-4956-b6ca-b572a1efc3e2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6dcd900a-d8f9-4903-ae3a-b7d686d56c11.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8830ad4d-bbde-4e73-9a01-26cea6c6ce16.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\52e5565e-a741-4956-b6ca-b572a1efc3e2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\cs\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\da\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\de\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\el\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\en\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\es\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\et\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\fa\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\fi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\fil\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\fr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\gu\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\hi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\hr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\hu\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\id\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\it\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ja\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\kn\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ko\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\lt\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\lv\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ml\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\mr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ms\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\nb\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\nl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\pl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\pt\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ro\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ru\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\sk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\sl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\sr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\sv\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\sw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\ta\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\te\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\th\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\tr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\uk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\vi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\zh\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_locales\zh_TW\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_1505521717\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\8830ad4d-bbde-4e73-9a01-26cea6c6ce16.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2956_2017327773\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 176 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://topfivedubai.com/atv
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,18204870535390972507,10787447930455822583,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://topfivedubai.com/atv
|
|||
|
http://topfivedubai.com/atv/2
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
http://topfivedubai.com/atv/
|
162.144.12.111
|
||
|
http://topfivedubai.com/atv2
|
unknown
|
||
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.185.65
|
||
|
https://www.google.com
|
unknown
|
||
|
https://hangouts.clients6.google.com
|
unknown
|
||
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/cr/report
|
unknown
|
||
|
http://angularjs.org
|
unknown
|
||
|
http://topfivedubai.com/atv
|
162.144.12.111
|
||
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
||
|
https://github.com/angular/material
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.184.238
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.185.205
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
http://topfivedubai.com/favicon.ico
|
162.144.12.111
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://meetings.clients6.google.com
|
unknown
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
||
|
http://topfivedubai.com/atv/2:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
http://topfivedubai.com/atv2:
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
||
|
https://clients6.google.com
|
unknown
|
There are 45 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
topfivedubai.com
|
162.144.12.111
|
||
|
accounts.google.com
|
142.250.185.205
|
||
|
clients.l.google.com
|
142.250.184.238
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.185.65
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
162.144.12.111
|
topfivedubai.com
|
United States
|
||
|
142.250.185.205
|
accounts.google.com
|
United States
|
||
|
192.168.2.3
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.184.238
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.185.65
|
googlehosted.l.googleusercontent.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 33 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
843B4FB000
|
stack
|
page read and write
|
||
|
1A8801E5000
|
heap
|
page read and write
|
||
|
2E1D4228000
|
heap
|
page read and write
|
||
|
1FA60AE2000
|
heap
|
page read and write
|
||
|
1FA608D0000
|
trusted library allocation
|
page read and write
|
||
|
1434AE52000
|
heap
|
page read and write
|
||
|
1FA60B11000
|
heap
|
page read and write
|
||
|
1FA5C250000
|
trusted library allocation
|
page read and write
|
||
|
1FA5C370000
|
trusted library section
|
page readonly
|
||
|
1A4E264E000
|
heap
|
page read and write
|
||
|
488E97A000
|
stack
|
page read and write
|
||
|
24A2770F000
|
heap
|
page read and write
|
||
|
2E1D4258000
|
heap
|
page read and write
|
||
|
1FA5BB13000
|
heap
|
page read and write
|
||
|
1FA60B04000
|
heap
|
page read and write
|
||
|
1FA60B1D000
|
heap
|
page read and write
|
||
|
2E1D4300000
|
heap
|
page read and write
|
||
|
24A276D0000
|
heap
|
page read and write
|
||
|
3FEA91B000
|
stack
|
page read and write
|
||
|
1FA60980000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3AC7000
|
heap
|
page read and write
|
||
|
1E8D3990000
|
heap
|
page read and write
|
||
|
1A880000000
|
heap
|
page read and write
|
||
|
1A4E264C000
|
heap
|
page read and write
|
||
|
1FA60A00000
|
heap
|
page read and write
|
||
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
1FA608A4000
|
trusted library allocation
|
page read and write
|
||
|
4BEFDFE000
|
stack
|
page read and write
|
||
|
1A4E2613000
|
heap
|
page read and write
|
||
|
1FA5B9A0000
|
trusted library allocation
|
page read and write
|
||
|
F611CFF000
|
stack
|
page read and write
|
||
|
1A880B80000
|
trusted library allocation
|
page read and write
|
||
|
E8A66AB000
|
stack
|
page read and write
|
||
|
1FA60D90000
|
trusted library allocation
|
page read and write
|
||
|
3FEAC7F000
|
stack
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1FA60ADF000
|
heap
|
page read and write
|
||
|
1E8D3A29000
|
heap
|
page read and write
|
||
|
1E8D3AD9000
|
heap
|
page read and write
|
||
|
1434ACD0000
|
heap
|
page read and write
|
||
|
1FA608C1000
|
trusted library allocation
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
F611D7C000
|
stack
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1FA60B0E000
|
heap
|
page read and write
|
||
|
1E8D4541000
|
heap
|
page read and write
|
||
|
24A278F0000
|
heap
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
1FA609D0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3ACA000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1A4E2700000
|
heap
|
page read and write
|
||
|
1FA5B2FC000
|
heap
|
page read and write
|
||
|
F611C79000
|
stack
|
page read and write
|
||
|
24A276F7000
|
heap
|
page read and write
|
||
|
1FA60AFD000
|
heap
|
page read and write
|
||
|
2E1D4240000
|
heap
|
page read and write
|
||
|
24A276F6000
|
heap
|
page read and write
|
||
|
1434AE70000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
843B37C000
|
stack
|
page read and write
|
||
|
1FA60A49000
|
heap
|
page read and write
|
||
|
1434AF00000
|
heap
|
page read and write
|
||
|
1434AE54000
|
heap
|
page read and write
|
||
|
1FA5C340000
|
trusted library section
|
page readonly
|
||
|
1434AE48000
|
heap
|
page read and write
|
||
|
24A276E7000
|
heap
|
page read and write
|
||
|
1434AE7E000
|
heap
|
page read and write
|
||
|
1434AE6A000
|
heap
|
page read and write
|
||
|
4BEFD7B000
|
stack
|
page read and write
|
||
|
24A276E2000
|
heap
|
page read and write
|
||
|
1A880020000
|
trusted library allocation
|
page read and write
|
||
|
1A4E262A000
|
heap
|
page read and write
|
||
|
2E1D4A02000
|
trusted library allocation
|
page read and write
|
||
|
1FA608A0000
|
trusted library allocation
|
page read and write
|
||
|
24A276A0000
|
heap
|
page read and write
|
||
|
24A276E6000
|
heap
|
page read and write
|
||
|
1FA60720000
|
trusted library allocation
|
page read and write
|
||
|
1A8801E9000
|
heap
|
page read and write
|
||
|
4BF027B000
|
stack
|
page read and write
|
||
|
2E1D4202000
|
heap
|
page read and write
|
||
|
1FA60B02000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1FA5B9B0000
|
trusted library section
|
page read and write
|
||
|
1E8D456F000
|
heap
|
page read and write
|
||
|
488EB7E000
|
stack
|
page read and write
|
||
|
1434AE13000
|
heap
|
page read and write
|
||
|
279DDFD000
|
stack
|
page read and write
|
||
|
1E8D4505000
|
heap
|
page read and write
|
||
|
1FA609B0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D39F0000
|
heap
|
page read and write
|
||
|
1A8FFE8D000
|
heap
|
page read and write
|
||
|
1E8D4350000
|
remote allocation
|
page read and write
|
||
|
1E8D4513000
|
heap
|
page read and write
|
||
|
488EA7A000
|
stack
|
page read and write
|
||
|
4BF007D000
|
stack
|
page read and write
|
||
|
1A8FFC40000
|
heap
|
page read and write
|
||
|
1FA5BB00000
|
heap
|
page read and write
|
||
|
843B7FE000
|
stack
|
page read and write
|
||
|
1434AF08000
|
heap
|
page read and write
|
||
|
1FA60710000
|
trusted library allocation
|
page read and write
|
||
|
843B978000
|
stack
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1434AE90000
|
heap
|
page read and write
|
||
|
24A27714000
|
heap
|
page read and write
|
||
|
1FA60AF4000
|
heap
|
page read and write
|
||
|
1FA5B100000
|
heap
|
page read and write
|
||
|
24A278F5000
|
heap
|
page read and write
|
||
|
1E8D4350000
|
remote allocation
|
page read and write
|
||
|
1FA60CF0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
4BF0377000
|
stack
|
page read and write
|
||
|
1A4E2702000
|
heap
|
page read and write
|
||
|
1FA60A1F000
|
heap
|
page read and write
|
||
|
1E8D3A00000
|
heap
|
page read and write
|
||
|
1FA60A3C000
|
heap
|
page read and write
|
||
|
1434AD40000
|
heap
|
page read and write
|
||
|
1FA608A1000
|
trusted library allocation
|
page read and write
|
||
|
843AFFE000
|
stack
|
page read and write
|
||
|
1A4E2708000
|
heap
|
page read and write
|
||
|
1FA5BD80000
|
trusted library allocation
|
page read and write
|
||
|
E8A6DFB000
|
stack
|
page read and write
|
||
|
1434AE4B000
|
heap
|
page read and write
|
||
|
1FA5C6D1000
|
trusted library allocation
|
page read and write
|
||
|
1FA608C0000
|
trusted library allocation
|
page read and write
|
||
|
2E1D4302000
|
heap
|
page read and write
|
||
|
1A8FFD80000
|
heap
|
page read and write
|
||
|
1A4E2570000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3B02000
|
heap
|
page read and write
|
||
|
2E1D4200000
|
heap
|
page read and write
|
||
|
1FA5B28A000
|
heap
|
page read and write
|
||
|
1E8D4595000
|
heap
|
page read and write
|
||
|
24A27701000
|
heap
|
page read and write
|
||
|
1E8D458A000
|
heap
|
page read and write
|
||
|
843B6F7000
|
stack
|
page read and write
|
||
|
1FA609C0000
|
trusted library allocation
|
page read and write
|
||
|
F611A7A000
|
stack
|
page read and write
|
||
|
24A27620000
|
heap
|
page read and write
|
||
|
2E1D40A0000
|
heap
|
page read and write
|
||
|
488EDFE000
|
stack
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
2E1D40B0000
|
heap
|
page read and write
|
||
|
1A880E50000
|
heap
|
page readonly
|
||
|
1E8D3AAD000
|
heap
|
page read and write
|
||
|
1FA608A7000
|
trusted library allocation
|
page read and write
|
||
|
279D9FB000
|
stack
|
page read and write
|
||
|
1434AE3C000
|
heap
|
page read and write
|
||
|
1A4E2687000
|
heap
|
page read and write
|
||
|
1E8D45A4000
|
heap
|
page read and write
|
||
|
1A4E2713000
|
heap
|
page read and write
|
||
|
1434AE4C000
|
heap
|
page read and write
|
||
|
F611AFE000
|
stack
|
page read and write
|
||
|
1E8D4597000
|
heap
|
page read and write
|
||
|
1434B802000
|
trusted library allocation
|
page read and write
|
||
|
1FA5B257000
|
heap
|
page read and write
|
||
|
24A2770E000
|
heap
|
page read and write
|
||
|
1FA608E0000
|
trusted library allocation
|
page read and write
|
||
|
4BF017C000
|
stack
|
page read and write
|
||
|
1E8D3AF3000
|
heap
|
page read and write
|
||
|
1E8D3A13000
|
heap
|
page read and write
|
||
|
1434AE6A000
|
heap
|
page read and write
|
||
|
1FA60B13000
|
heap
|
page read and write
|
||
|
1A880E60000
|
trusted library allocation
|
page read and write
|
||
|
1FA5B270000
|
heap
|
page read and write
|
||
|
1A4E2400000
|
heap
|
page read and write
|
||
|
1FA5B2A1000
|
heap
|
page read and write
|
||
|
1E8D3ADF000
|
heap
|
page read and write
|
||
|
1E8D3980000
|
heap
|
page read and write
|
||
|
843B27E000
|
stack
|
page read and write
|
||
|
1E8D4563000
|
heap
|
page read and write
|
||
|
488EC7A000
|
stack
|
page read and write
|
||
|
1FA5C380000
|
trusted library section
|
page readonly
|
||
|
1E8D3A82000
|
heap
|
page read and write
|
||
|
1E8D3ACA000
|
heap
|
page read and write
|
||
|
24A276FC000
|
heap
|
page read and write
|
||
|
1FA60C00000
|
remote allocation
|
page read and write
|
||
|
4BF047E000
|
stack
|
page read and write
|
||
|
1E8D4580000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1E8D3ACB000
|
heap
|
page read and write
|
||
|
1E8D458A000
|
heap
|
page read and write
|
||
|
1A880B90000
|
trusted library allocation
|
page read and write
|
||
|
1FA5B313000
|
heap
|
page read and write
|
||
|
1E8D3AD9000
|
heap
|
page read and write
|
||
|
1434AE4F000
|
heap
|
page read and write
|
||
|
1FA5B23D000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1A8FFE48000
|
heap
|
page read and write
|
||
|
2E1D4313000
|
heap
|
page read and write
|
||
|
1FA60B11000
|
heap
|
page read and write
|
||
|
1FA60AA6000
|
heap
|
page read and write
|
||
|
1E8D4597000
|
heap
|
page read and write
|
||
|
1A4E2671000
|
heap
|
page read and write
|
||
|
1E8D3AD9000
|
heap
|
page read and write
|
||
|
1FA60A2D000
|
heap
|
page read and write
|
||
|
1FA5C000000
|
trusted library allocation
|
page read and write
|
||
|
1FA60700000
|
trusted library allocation
|
page read and write
|
||
|
24A27701000
|
heap
|
page read and write
|
||
|
1FA60B0C000
|
heap
|
page read and write
|
||
|
1FA5B275000
|
heap
|
page read and write
|
||
|
1434AE49000
|
heap
|
page read and write
|
||
|
1A880E40000
|
trusted library allocation
|
page read and write
|
||
|
1FA60B0B000
|
heap
|
page read and write
|
||
|
1A4E2653000
|
heap
|
page read and write
|
||
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
1A8FFE40000
|
heap
|
page read and write
|
||
|
1434AE29000
|
heap
|
page read and write
|
||
|
1FA5C360000
|
trusted library section
|
page readonly
|
||
|
1434AD70000
|
trusted library allocation
|
page read and write
|
||
|
1A880C00000
|
trusted library allocation
|
page read and write
|
||
|
1434AE7F000
|
heap
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1E8D3A3C000
|
heap
|
page read and write
|
||
|
1E8D4588000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
488ED7B000
|
stack
|
page read and write
|
||
|
1FA60A00000
|
trusted library allocation
|
page read and write
|
||
|
1FA609F0000
|
trusted library allocation
|
page read and write
|
||
|
1FA608E4000
|
trusted library allocation
|
page read and write
|
||
|
1434AE88000
|
heap
|
page read and write
|
||
|
1E8D458A000
|
heap
|
page read and write
|
||
|
1FA608AE000
|
trusted library allocation
|
page read and write
|
||
|
F611B7F000
|
stack
|
page read and write
|
||
|
1FA5B0A0000
|
heap
|
page read and write
|
||
|
1FA60B08000
|
heap
|
page read and write
|
||
|
1FA60970000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3AB2000
|
heap
|
page read and write
|
||
|
1FA60C00000
|
remote allocation
|
page read and write
|
||
|
1FA5B27A000
|
heap
|
page read and write
|
||
|
1FA5B277000
|
heap
|
page read and write
|
||
|
1E8D4583000
|
heap
|
page read and write
|
||
|
1A880E70000
|
trusted library allocation
|
page read and write
|
||
|
4BF057F000
|
stack
|
page read and write
|
||
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1FA608A8000
|
trusted library allocation
|
page read and write
|
||
|
2E1D4272000
|
heap
|
page read and write
|
||
|
3FEAEFB000
|
stack
|
page read and write
|
||
|
3FEB0F7000
|
stack
|
page read and write
|
||
|
1FA5BB02000
|
heap
|
page read and write
|
||
|
2E1D4110000
|
heap
|
page read and write
|
||
|
24A27701000
|
heap
|
page read and write
|
||
|
1A4E2602000
|
heap
|
page read and write
|
||
|
1FA60780000
|
trusted library allocation
|
page read and write
|
||
|
1A8FFE85000
|
heap
|
page read and write
|
||
|
1A880BF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA608D0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D4402000
|
heap
|
page read and write
|
||
|
1E8D3A88000
|
heap
|
page read and write
|
||
|
1FA60B22000
|
heap
|
page read and write
|
||
|
488F07F000
|
stack
|
page read and write
|
||
|
24A276FC000
|
heap
|
page read and write
|
||
|
279DEF9000
|
stack
|
page read and write
|
||
|
488E67B000
|
stack
|
page read and write
|
||
|
1434AE00000
|
heap
|
page read and write
|
||
|
1FA5B090000
|
heap
|
page read and write
|
||
|
1A8801F0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3A70000
|
heap
|
page read and write
|
||
|
1FA608E0000
|
trusted library allocation
|
page read and write
|
||
|
488F17D000
|
stack
|
page read and write
|
||
|
279DD79000
|
stack
|
page read and write
|
||
|
24A27680000
|
heap
|
page read and write
|
||
|
1434AF02000
|
heap
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
843B87F000
|
unkown
|
page read and write
|
||
|
1434AF13000
|
heap
|
page read and write
|
||
|
E8A6CFB000
|
stack
|
page read and write
|
||
|
1FA60B0D000
|
heap
|
page read and write
|
||
|
1E8D4350000
|
remote allocation
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
1A880EC0000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3AAB000
|
heap
|
page read and write
|
||
|
1E8D4595000
|
heap
|
page read and write
|
||
|
488E77E000
|
stack
|
page read and write
|
||
|
1A4E2600000
|
heap
|
page read and write
|
||
|
1A4E2682000
|
heap
|
page read and write
|
||
|
1FA5B200000
|
heap
|
page read and write
|
||
|
1E8D4550000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1FA5BA02000
|
heap
|
page read and write
|
||
|
1FA60970000
|
trusted library allocation
|
page read and write
|
||
|
1FA5C350000
|
trusted library section
|
page readonly
|
||
|
24A276F4000
|
heap
|
page read and write
|
||
|
3FEAD7C000
|
stack
|
page read and write
|
||
|
1FA60C10000
|
trusted library allocation
|
page read and write
|
||
|
1A4E2E02000
|
trusted library allocation
|
page read and write
|
||
|
1A4E263C000
|
heap
|
page read and write
|
||
|
1434ACE0000
|
heap
|
page read and write
|
||
|
1FA5C6F3000
|
trusted library allocation
|
page read and write
|
||
|
1FA60B04000
|
heap
|
page read and write
|
||
|
1E8D4597000
|
heap
|
page read and write
|
||
|
1A8FFE8D000
|
heap
|
page read and write
|
||
|
1E8D45B8000
|
heap
|
page read and write
|
||
|
488EFFF000
|
stack
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
3FEB2FE000
|
stack
|
page read and write
|
||
|
1E8D4290000
|
trusted library allocation
|
page read and write
|
||
|
E8A6EFE000
|
stack
|
page read and write
|
||
|
1FA5C700000
|
trusted library allocation
|
page read and write
|
||
|
1E8D3AA4000
|
heap
|
page read and write
|
||
|
1FA5BA00000
|
heap
|
page read and write
|
||
|
1FA609F0000
|
trusted library allocation
|
page read and write
|
||
|
1FA5C330000
|
trusted library section
|
page readonly
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
24A276F2000
|
heap
|
page read and write
|
||
|
1A4E2410000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
1FA60A1B000
|
heap
|
page read and write
|
||
|
1FA60B0D000
|
heap
|
page read and write
|
||
|
1E8D3AB5000
|
heap
|
page read and write
|
||
|
24A276DB000
|
heap
|
page read and write
|
||
|
3FEA99E000
|
stack
|
page read and write
|
||
|
1A4E267B000
|
heap
|
page read and write
|
||
|
843B3FE000
|
stack
|
page read and write
|
||
|
1FA60C00000
|
remote allocation
|
page read and write
|
||
|
1434AE51000
|
heap
|
page read and write
|
||
|
1A8801E0000
|
heap
|
page read and write
|
||
|
1E8D4511000
|
heap
|
page read and write
|
||
|
1E8D4A00000
|
heap
|
page read and write
|
||
|
1E8D3AC2000
|
heap
|
page read and write
|
||
|
488EF7F000
|
stack
|
page read and write
|
||
|
2E1D49B0000
|
trusted library allocation
|
page read and write
|
||
|
1FA60790000
|
trusted library allocation
|
page read and write
|
||
|
1FA60B04000
|
heap
|
page read and write
|
||
|
1E8D4589000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
1E8D4585000
|
heap
|
page read and write
|
||
|
2E1D4213000
|
heap
|
page read and write
|
||
|
1A8FFE50000
|
heap
|
page read and write
|
||
|
1A4E2470000
|
heap
|
page read and write
|
||
|
1FA5BA15000
|
heap
|
page read and write
|
||
|
1E8D4587000
|
heap
|
page read and write
|
||
|
488E878000
|
stack
|
page read and write
|
||
|
1A4E2648000
|
heap
|
page read and write
|
||
|
1FA5BB18000
|
heap
|
page read and write
|
||
|
3FEAFFD000
|
stack
|
page read and write
|
||
|
488EE7F000
|
stack
|
page read and write
|
||
|
1E8D4587000
|
heap
|
page read and write
|
||
|
1FA5B291000
|
heap
|
page read and write
|
||
|
3FEB1FF000
|
stack
|
page read and write
|
||
|
1E8D3AD9000
|
heap
|
page read and write
|
||
|
1E8D4500000
|
heap
|
page read and write
|
||
|
1E8D45BC000
|
heap
|
page read and write
|
||
|
1E8D4586000
|
heap
|
page read and write
|
||
|
24A27715000
|
heap
|
page read and write
|
||
|
1E8D3B13000
|
heap
|
page read and write
|
||
|
1FA5BB59000
|
heap
|
page read and write
|
||
|
1FA608C4000
|
trusted library allocation
|
page read and write
|
||
|
1FA60ADC000
|
heap
|
page read and write
|
||
|
F611BF9000
|
stack
|
page read and write
|
||
|
1FA5B213000
|
heap
|
page read and write
|
||
|
843AF7C000
|
stack
|
page read and write
|
||
|
1FA5C6F0000
|
trusted library allocation
|
page read and write
|
||
|
1FA5B302000
|
heap
|
page read and write
|
||
|
1434AE4E000
|
heap
|
page read and write
|
||
|
1E8D4A02000
|
heap
|
page read and write
|
||
|
24A276FC000
|
heap
|
page read and write
|
||
|
E8A6BFB000
|
stack
|
page read and write
|
||
|
488F27F000
|
stack
|
page read and write
|
||
|
1FA608A0000
|
trusted library allocation
|
page read and write
|
||
|
3FEADFF000
|
stack
|
page read and write
|
||
|
1FA60AAE000
|
heap
|
page read and write
|
||
|
1434AE55000
|
heap
|
page read and write
|
||
|
1E8D4584000
|
heap
|
page read and write
|
||
|
488EEFF000
|
stack
|
page read and write
|
||
|
1FA60A6E000
|
heap
|
page read and write
|
||
|
1E8D4585000
|
heap
|
page read and write
|
||
|
1FA5B229000
|
heap
|
page read and write
|
||
|
1A8FFE8D000
|
heap
|
page read and write
|
||
|
1FA609E0000
|
trusted library allocation
|
page read and write
|
||
|
279DE7F000
|
stack
|
page read and write
|
||
|
843B5F9000
|
stack
|
page read and write
|
There are 365 hidden memdumps, click here to show them.