Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2da66a5f-ba0b-4880-8afe-39cbe4043ac9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5e6591ee-9b48-4447-81f4-ad9014c35dc0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6638f114-9843-43d7-a2db-6f9eea5375ba.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1e72ff7c-c4b7-4b6c-a4b0-ccb9cea6c1ce.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\51b56aef-bc0e-4c8e-91c1-9ae984b53510.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\58775c95-acc1-47cd-981c-9226e3ade8b1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\66f7d253-41ca-464e-8985-85c3f41d6551.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\732ae7f4-1032-4322-9aee-66ff9768d5b7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\d693300c-1bec-4840-9f99-434f4cfd170c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e24545c2-78bc-4592-a964-c9468851eb41.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\adf43f77-7463-4b4c-9061-13112e18541e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\efa2f41b-c958-4a6c-9e8f-9eb2486d4a7d.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\474d55fe-3037-443d-aa38-1f9ff105aa21.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fa3e0e3f-716d-4e28-b196-bc28d7875c7d.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\hi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\hu\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\ko\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\lv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\pl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\pt_BR\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\pt_PT\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\ro\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\ru\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\sk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\sl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\sr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\sv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\th\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\tr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\uk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_locales\zh_TW\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2760_1459883342\fa3e0e3f-716d-4e28-b196-bc28d7875c7d.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 77 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://click.email.wynnagency.net/?qs=53b380b0fd541e9470af0517499a31f65699a409d124804e8330be97f07a6be3d735f6164f2c53fcbd46ea195dd27c8ba03d2e27fad8c0d5
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1596,3351606549753181624,18422409383362218620,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://click.email.wynnagency.net/?qs=53b380b0fd541e9470af0517499a31f65699a409d124804e8330be97f07a6be3d735f6164f2c53fcbd46ea195dd27c8ba03d2e27fad8c0d5
|
|||
|
https://static.wufoo.com/scripts/public/dynamic.0647.js?language=english
|
13.224.103.57
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://www.dropbox.com/s/9vk309evf7zbfmp/warroom.css
|
162.125.69.18
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.110
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.184.205
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://hecp.wufoo.com/forms/z1a4he711y3vkj3/2
|
unknown
|
||
|
https://hecp.wufoo.com/forms/z1a4he711y3vkj3/
|
|||
|
http://click.email.wynnagency.net/?qs=53b380b0fd541e9470af0517499a31f65699a409d124804e8330be97f07a6b
|
unknown
|
||
|
https://hecp.wufoo.com/favicon.ico
|
13.224.103.9
|
||
|
https://hecp.wufoo.com/forms/z1a4he711y3vkj3/
|
13.224.103.9
|
||
|
https://static.wufoo.com/stylesheets/public/forms/css/index.0647.css
|
13.224.103.57
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://hecp.s3.amazonaws.com/Exclusive.png
|
52.216.248.212
|
||
|
https://accounts.google.com
|
unknown
|
||
|
http://click.email.wynnagency.net/?qs=53b380b0fd541e9470af0517499a31f65699a409d124804e8330be97f07a6be3d735f6164f2c53fcbd46ea195dd27c8ba03d2e27fad8c0d5
|
13.111.71.11
|
||
|
https://hecp.wufoo.com/css/custom/6/theme.css
|
13.224.103.9
|
||
|
https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
|
13.224.103.44
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://hecp.wufoo.com/images/themes/logos/none.png
|
13.224.103.9
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s3-w.us-east-1.amazonaws.com
|
52.216.248.212
|
||
|
click.virt.s11.exacttarget.com
|
13.111.71.11
|
||
|
d19zzur8741aig.cloudfront.net
|
13.224.103.9
|
||
|
accounts.google.com
|
142.250.184.205
|
||
|
www-env.dropbox-dns.com
|
162.125.69.18
|
||
|
cdn.signalfx.com
|
13.224.103.44
|
||
|
clients.l.google.com
|
142.250.185.110
|
||
|
click.email.wynnagency.net
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
hecp.s3.amazonaws.com
|
unknown
|
||
|
hecp.wufoo.com
|
unknown
|
||
|
static.wufoo.com
|
unknown
|
||
|
js-agent.newrelic.com
|
unknown
|
||
|
www.dropbox.com
|
unknown
|
||
|
bam-cell.nr-data.net
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
13.111.71.11
|
click.virt.s11.exacttarget.com
|
United States
|
||
|
142.250.185.110
|
clients.l.google.com
|
United States
|
||
|
162.125.69.18
|
www-env.dropbox-dns.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.216.248.212
|
s3-w.us-east-1.amazonaws.com
|
United States
|
||
|
13.224.103.57
|
unknown
|
United States
|
||
|
142.250.184.205
|
accounts.google.com
|
United States
|
||
|
13.224.103.44
|
cdn.signalfx.com
|
United States
|
||
|
13.224.103.9
|
d19zzur8741aig.cloudfront.net
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 32 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
CDB50FE000
|
stack
|
page read and write
|
||
|
218FE67D000
|
heap
|
page read and write
|
||
|
20F018FD000
|
heap
|
page read and write
|
||
|
CDB4DFE000
|
stack
|
page read and write
|
||
|
14C35657000
|
heap
|
page read and write
|
||
|
20F06DD4000
|
trusted library allocation
|
page read and write
|
||
|
20F06DC0000
|
trusted library allocation
|
page read and write
|
||
|
16DFD288000
|
heap
|
page read and write
|
||
|
1E69C310000
|
heap
|
page read and write
|
||
|
1E69C463000
|
heap
|
page read and write
|
||
|
20F01FD0000
|
trusted library section
|
page readonly
|
||
|
20F01FA0000
|
trusted library section
|
page readonly
|
||
|
20F02002000
|
heap
|
page read and write
|
||
|
14C355F0000
|
trusted library allocation
|
page read and write
|
||
|
20F06F02000
|
heap
|
page read and write
|
||
|
1E69C457000
|
heap
|
page read and write
|
||
|
20F06C00000
|
trusted library allocation
|
page read and write
|
||
|
3DDCEFD000
|
stack
|
page read and write
|
||
|
20F06DA0000
|
trusted library allocation
|
page read and write
|
||
|
46359FF000
|
stack
|
page read and write
|
||
|
1E69C413000
|
heap
|
page read and write
|
||
|
20F017D1000
|
trusted library allocation
|
page read and write
|
||
|
518BB7F000
|
stack
|
page read and write
|
||
|
20F06ECD000
|
heap
|
page read and write
|
||
|
1E69C47F000
|
heap
|
page read and write
|
||
|
20F06EAF000
|
heap
|
page read and write
|
||
|
1E69C43B000
|
heap
|
page read and write
|
||
|
20F06E43000
|
heap
|
page read and write
|
||
|
8E2659F000
|
stack
|
page read and write
|
||
|
19970E3D000
|
heap
|
page read and write
|
||
|
24271028000
|
heap
|
page read and write
|
||
|
518B4FF000
|
stack
|
page read and write
|
||
|
1E69C446000
|
heap
|
page read and write
|
||
|
20F06E79000
|
heap
|
page read and write
|
||
|
518B1CB000
|
stack
|
page read and write
|
||
|
1E69C440000
|
heap
|
page read and write
|
||
|
1E69C47C000
|
heap
|
page read and write
|
||
|
24271102000
|
heap
|
page read and write
|
||
|
4635D7F000
|
stack
|
page read and write
|
||
|
14C35E02000
|
trusted library allocation
|
page read and write
|
||
|
20F0188B000
|
heap
|
page read and write
|
||
|
1E69C46B000
|
heap
|
page read and write
|
||
|
20F06E76000
|
heap
|
page read and write
|
||
|
16DFD170000
|
heap
|
page read and write
|
||
|
19970DE0000
|
heap
|
page read and write
|
||
|
B9E8A7C000
|
stack
|
page read and write
|
||
|
20F06E56000
|
heap
|
page read and write
|
||
|
16DFD213000
|
heap
|
page read and write
|
||
|
16DFD110000
|
heap
|
page read and write
|
||
|
20F01879000
|
heap
|
page read and write
|
||
|
46353DB000
|
stack
|
page read and write
|
||
|
3DDC29C000
|
stack
|
page read and write
|
||
|
20F070F0000
|
remote allocation
|
page read and write
|
||
|
20F027E0000
|
trusted library allocation
|
page read and write
|
||
|
20F06EEA000
|
heap
|
page read and write
|
||
|
518B9FA000
|
stack
|
page read and write
|
||
|
16DFD2CB000
|
heap
|
page read and write
|
||
|
518BDFF000
|
stack
|
page read and write
|
||
|
B9E907B000
|
stack
|
page read and write
|
||
|
16DFDB13000
|
heap
|
page read and write
|
||
|
1E69C476000
|
heap
|
page read and write
|
||
|
20F01870000
|
heap
|
page read and write
|
||
|
20F01877000
|
heap
|
page read and write
|
||
|
20F070B0000
|
trusted library allocation
|
page read and write
|
||
|
20F06D90000
|
trusted library allocation
|
page read and write
|
||
|
218FE460000
|
heap
|
page read and write
|
||
|
16DFD313000
|
heap
|
page read and write
|
||
|
20F02000000
|
heap
|
page read and write
|
||
|
20F02100000
|
heap
|
page read and write
|
||
|
3DDC39E000
|
stack
|
page read and write
|
||
|
20F02159000
|
heap
|
page read and write
|
||
|
20F06EFB000
|
heap
|
page read and write
|
||
|
14C35D50000
|
remote allocation
|
page read and write
|
||
|
24271013000
|
heap
|
page read and write
|
||
|
1E69C447000
|
heap
|
page read and write
|
||
|
1E69C502000
|
heap
|
page read and write
|
||
|
463567E000
|
stack
|
page read and write
|
||
|
24270E90000
|
heap
|
page read and write
|
||
|
16DFD2C4000
|
heap
|
page read and write
|
||
|
518C0FE000
|
stack
|
page read and write
|
||
|
1E69C473000
|
heap
|
page read and write
|
||
|
14C35550000
|
heap
|
page read and write
|
||
|
218FE63C000
|
heap
|
page read and write
|
||
|
CDB4FFE000
|
stack
|
page read and write
|
||
|
463577F000
|
stack
|
page read and write
|
||
|
20F01826000
|
heap
|
page read and write
|
||
|
1E69C426000
|
heap
|
page read and write
|
||
|
3DDCA7C000
|
stack
|
page read and write
|
||
|
24271023000
|
heap
|
page read and write
|
||
|
1E69C46E000
|
heap
|
page read and write
|
||
|
1E69C43E000
|
heap
|
page read and write
|
||
|
20F01FE0000
|
trusted library section
|
page readonly
|
||
|
518B6FB000
|
stack
|
page read and write
|
||
|
1E69C478000
|
heap
|
page read and write
|
||
|
1E69C467000
|
heap
|
page read and write
|
||
|
20F06E62000
|
heap
|
page read and write
|
||
|
20F070C0000
|
trusted library allocation
|
page read and write
|
||
|
20F02159000
|
heap
|
page read and write
|
||
|
14C35600000
|
heap
|
page read and write
|
||
|
20F0184E000
|
heap
|
page read and write
|
||
|
218FEE02000
|
trusted library allocation
|
page read and write
|
||
|
20F06D90000
|
trusted library allocation
|
page read and write
|
||
|
19971540000
|
trusted library allocation
|
page read and write
|
||
|
65EECC000
|
stack
|
page read and write
|
||
|
16DFD2CE000
|
heap
|
page read and write
|
||
|
1E69C44E000
|
heap
|
page read and write
|
||
|
3DDCDFE000
|
stack
|
page read and write
|
||
|
B9E8D7B000
|
stack
|
page read and write
|
||
|
16DFD2BD000
|
heap
|
page read and write
|
||
|
65FBFE000
|
stack
|
page read and write
|
||
|
20F017F3000
|
trusted library allocation
|
page read and write
|
||
|
16DFD23E000
|
heap
|
page read and write
|
||
|
8E2651B000
|
stack
|
page read and write
|
||
|
218FE600000
|
heap
|
page read and write
|
||
|
518BEFC000
|
stack
|
page read and write
|
||
|
518B47E000
|
stack
|
page read and write
|
||
|
65EF4E000
|
stack
|
page read and write
|
||
|
8E26D7E000
|
stack
|
page read and write
|
||
|
46356FE000
|
stack
|
page read and write
|
||
|
1E69C470000
|
heap
|
page read and write
|
||
|
518BBFE000
|
stack
|
page read and write
|
||
|
65EFCD000
|
stack
|
page read and write
|
||
|
20F02118000
|
heap
|
page read and write
|
||
|
8E26C7F000
|
stack
|
page read and write
|
||
|
3DDC6FC000
|
stack
|
page read and write
|
||
|
1E69C45F000
|
heap
|
page read and write
|
||
|
20F01813000
|
heap
|
page read and write
|
||
|
20F017F0000
|
trusted library allocation
|
page read and write
|
||
|
20F06C80000
|
trusted library allocation
|
page read and write
|
||
|
B9E8F7F000
|
stack
|
page read and write
|
||
|
CDB4EFE000
|
stack
|
page read and write
|
||
|
1E69C3A0000
|
trusted library allocation
|
page read and write
|
||
|
19970F02000
|
heap
|
page read and write
|
||
|
20F06E00000
|
heap
|
page read and write
|
||
|
14C35640000
|
heap
|
page read and write
|
||
|
20F0183D000
|
heap
|
page read and write
|
||
|
20F070F0000
|
remote allocation
|
page read and write
|
||
|
20F0700E000
|
trusted library allocation
|
page read and write
|
||
|
20F01760000
|
trusted library allocation
|
page read and write
|
||
|
20F06DD0000
|
trusted library allocation
|
page read and write
|
||
|
20F06E2D000
|
heap
|
page read and write
|
||
|
1E69C43D000
|
heap
|
page read and write
|
||
|
20F01872000
|
heap
|
page read and write
|
||
|
14C35629000
|
heap
|
page read and write
|
||
|
218FE613000
|
heap
|
page read and write
|
||
|
24271075000
|
heap
|
page read and write
|
||
|
218FE713000
|
heap
|
page read and write
|
||
|
1E69C300000
|
heap
|
page read and write
|
||
|
1E69C485000
|
heap
|
page read and write
|
||
|
65F3FD000
|
stack
|
page read and write
|
||
|
24271000000
|
heap
|
page read and write
|
||
|
65F2FB000
|
stack
|
page read and write
|
||
|
20F070D0000
|
trusted library allocation
|
page read and write
|
||
|
24271113000
|
heap
|
page read and write
|
||
|
19970E75000
|
heap
|
page read and write
|
||
|
14C35602000
|
heap
|
page read and write
|
||
|
20F07021000
|
trusted library allocation
|
page read and write
|
||
|
3DDC77E000
|
stack
|
page read and write
|
||
|
14C35D50000
|
remote allocation
|
page read and write
|
||
|
20F06E20000
|
heap
|
page read and write
|
||
|
4635AFD000
|
stack
|
page read and write
|
||
|
16DFD100000
|
heap
|
page read and write
|
||
|
20F01829000
|
heap
|
page read and write
|
||
|
20F01730000
|
heap
|
page read and write
|
||
|
14C35613000
|
heap
|
page read and write
|
||
|
20F06EE3000
|
heap
|
page read and write
|
||
|
16DFDA02000
|
heap
|
page read and write
|
||
|
24271068000
|
heap
|
page read and write
|
||
|
16DFD302000
|
heap
|
page read and write
|
||
|
65F8FE000
|
stack
|
page read and write
|
||
|
20F06C70000
|
trusted library allocation
|
page read and write
|
||
|
1E69C458000
|
heap
|
page read and write
|
||
|
20F02C00000
|
trusted library allocation
|
page read and write
|
||
|
20F06ECB000
|
heap
|
page read and write
|
||
|
20F02113000
|
heap
|
page read and write
|
||
|
CDB49DE000
|
stack
|
page read and write
|
||
|
1E69C431000
|
heap
|
page read and write
|
||
|
20F01891000
|
heap
|
page read and write
|
||
|
19970D70000
|
heap
|
page read and write
|
||
|
16DFD229000
|
heap
|
page read and write
|
||
|
1E69C462000
|
heap
|
page read and write
|
||
|
20F01FF0000
|
trusted library allocation
|
page read and write
|
||
|
24271057000
|
heap
|
page read and write
|
||
|
20F07024000
|
trusted library allocation
|
page read and write
|
||
|
518BCFF000
|
stack
|
page read and write
|
||
|
218FE3F0000
|
heap
|
page read and write
|
||
|
19970E29000
|
heap
|
page read and write
|
||
|
20F06E4A000
|
heap
|
page read and write
|
||
|
46358FE000
|
stack
|
page read and write
|
||
|
19970E00000
|
heap
|
page read and write
|
||
|
20F06F08000
|
heap
|
page read and write
|
||
|
65F7FE000
|
stack
|
page read and write
|
||
|
19970F13000
|
heap
|
page read and write
|
||
|
24271002000
|
heap
|
page read and write
|
||
|
24271802000
|
trusted library allocation
|
page read and write
|
||
|
1E69C465000
|
heap
|
page read and write
|
||
|
1E69C460000
|
heap
|
page read and write
|
||
|
20F01913000
|
heap
|
page read and write
|
||
|
20F01F90000
|
trusted library section
|
page readonly
|
||
|
16DFD1A0000
|
trusted library allocation
|
page read and write
|
||
|
20F06E11000
|
heap
|
page read and write
|
||
|
14C35D50000
|
remote allocation
|
page read and write
|
||
|
463587E000
|
stack
|
page read and write
|
||
|
518B8FF000
|
stack
|
page read and write
|
||
|
24270F00000
|
heap
|
page read and write
|
||
|
20F01770000
|
trusted library section
|
page read and write
|
||
|
20F06F04000
|
heap
|
page read and write
|
||
|
CDB495B000
|
stack
|
page read and write
|
||
|
1E69C43F000
|
heap
|
page read and write
|
||
|
20F07060000
|
trusted library allocation
|
page read and write
|
||
|
19970E5A000
|
heap
|
page read and write
|
||
|
1E69C432000
|
heap
|
page read and write
|
||
|
1E69C45C000
|
heap
|
page read and write
|
||
|
3DDCB7E000
|
stack
|
page read and write
|
||
|
24271660000
|
trusted library allocation
|
page read and write
|
||
|
3DDCFFF000
|
stack
|
page read and write
|
||
|
218FE702000
|
heap
|
page read and write
|
||
|
3DDC8FF000
|
stack
|
page read and write
|
||
|
4635C7D000
|
stack
|
page read and write
|
||
|
20F01800000
|
heap
|
page read and write
|
||
|
20F01FB0000
|
trusted library section
|
page readonly
|
||
|
218FE560000
|
trusted library allocation
|
page read and write
|
||
|
20F06F00000
|
heap
|
page read and write
|
||
|
20F06DC0000
|
trusted library allocation
|
page read and write
|
||
|
16DFD2E2000
|
heap
|
page read and write
|
||
|
B9E8E7F000
|
stack
|
page read and write
|
||
|
20F07008000
|
trusted library allocation
|
page read and write
|
||
|
16DFD200000
|
heap
|
page read and write
|
||
|
24271100000
|
heap
|
page read and write
|
||
|
1E69C370000
|
heap
|
page read and write
|
||
|
24270EA0000
|
heap
|
page read and write
|
||
|
20F02118000
|
heap
|
page read and write
|
||
|
B9E8B7E000
|
stack
|
page read and write
|
||
|
8E2697C000
|
stack
|
page read and write
|
||
|
20F016D0000
|
heap
|
page read and write
|
||
|
3DDCCFD000
|
stack
|
page read and write
|
||
|
2427103E000
|
heap
|
page read and write
|
||
|
20F06EFF000
|
heap
|
page read and write
|
||
|
14C355C0000
|
heap
|
page read and write
|
||
|
20F0188F000
|
heap
|
page read and write
|
||
|
B9E8AFE000
|
stack
|
page read and write
|
||
|
20F02015000
|
heap
|
page read and write
|
||
|
218FE68D000
|
heap
|
page read and write
|
||
|
19971602000
|
trusted library allocation
|
page read and write
|
||
|
CDB4C7E000
|
stack
|
page read and write
|
||
|
218FE657000
|
heap
|
page read and write
|
||
|
14C35560000
|
heap
|
page read and write
|
||
|
4635B7F000
|
stack
|
page read and write
|
||
|
218FE652000
|
heap
|
page read and write
|
||
|
8E26A7B000
|
stack
|
page read and write
|
||
|
20F06DA0000
|
trusted library allocation
|
page read and write
|
||
|
1E69CC02000
|
trusted library allocation
|
page read and write
|
||
|
218FE629000
|
heap
|
page read and write
|
||
|
65F5FF000
|
stack
|
page read and write
|
||
|
518B7FA000
|
stack
|
page read and write
|
||
|
20F01858000
|
heap
|
page read and write
|
||
|
20F018A1000
|
heap
|
page read and write
|
||
|
65F9FF000
|
stack
|
page read and write
|
||
|
1E69C429000
|
heap
|
page read and write
|
||
|
20F070A0000
|
trusted library allocation
|
page read and write
|
||
|
65FAFF000
|
stack
|
page read and write
|
||
|
19970D80000
|
heap
|
page read and write
|
||
|
19970E02000
|
heap
|
page read and write
|
||
|
218FE602000
|
heap
|
page read and write
|
||
|
1E69C47B000
|
heap
|
page read and write
|
||
|
20F01902000
|
heap
|
page read and write
|
||
|
24271079000
|
heap
|
page read and write
|
||
|
1E69C43A000
|
heap
|
page read and write
|
||
|
1E69C46C000
|
heap
|
page read and write
|
||
|
518BD7F000
|
stack
|
page read and write
|
||
|
1E69C446000
|
heap
|
page read and write
|
||
|
20F06E3D000
|
heap
|
page read and write
|
||
|
20F01FC0000
|
trusted library section
|
page readonly
|
||
|
518BFFC000
|
stack
|
page read and write
|
||
|
518BC7E000
|
stack
|
page read and write
|
||
|
19970E13000
|
heap
|
page read and write
|
||
|
16DFD266000
|
heap
|
page read and write
|
||
|
1E69C445000
|
heap
|
page read and write
|
||
|
20F070F0000
|
remote allocation
|
page read and write
|
||
|
218FE400000
|
heap
|
page read and write
|
||
|
8E2687F000
|
stack
|
page read and write
|
||
|
16DFD26E000
|
heap
|
page read and write
|
||
|
1E69C46A000
|
heap
|
page read and write
|
||
|
518BAFB000
|
stack
|
page read and write
|
||
|
1E69C400000
|
heap
|
page read and write
|
||
|
20F06F02000
|
heap
|
page read and write
|
||
|
20F02102000
|
heap
|
page read and write
|
||
|
65F4FF000
|
stack
|
page read and write
|
||
|
16DFDB00000
|
heap
|
page read and write
|
||
|
20F01896000
|
heap
|
page read and write
|
||
|
20F016C0000
|
heap
|
page read and write
|
||
|
20F07000000
|
trusted library allocation
|
page read and write
|
||
|
1E69C442000
|
heap
|
page read and write
|
||
|
3DDCBFB000
|
stack
|
page read and write
|
||
|
14C35702000
|
heap
|
page read and write
|
||
|
20F0188D000
|
heap
|
page read and write
|
||
|
3DDC9FF000
|
stack
|
page read and write
|
||
|
65F6FD000
|
stack
|
page read and write
|
||
|
8E26B77000
|
stack
|
page read and write
|
||
|
3DDC31D000
|
stack
|
page read and write
|
||
|
1E69C45A000
|
heap
|
page read and write
|
||
|
518B5F7000
|
stack
|
page read and write
|
There are 292 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://hecp.wufoo.com/forms/z1a4he711y3vkj3/
|