Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Purchase_Order.html
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\15629ad9-7a25-4453-b7a5-63adc39a41f9.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1d367d86-c9f7-4dc0-8812-f2674cd2958c.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1f22300f-820c-4c55-8b8e-fd660b1a8d89.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\24f18242-4ea6-48e2-bb15-1171f3bf8ee5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2bafccba-aeae-456e-b2a2-b4dc8014d722.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2c765641-b2d5-483a-a97f-b3f12f4a5fd4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e9808c1-6345-4a07-a6c7-116bbe580c1e.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\240a8cad-7973-4c42-b470-df0ba6747dc8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2df451b2-5e8b-4c04-bc0e-74528288d4a0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59fa8107-0add-4996-9ba7-72b3dff01fbb.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5f31331d-5cb4-4adf-8c01-ae52a0781427.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\80120ee8-7c94-4706-94df-69aac86e5105.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\98cd6bfc-5ffb-4475-a8e3-9681e41fe1a5.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\868cb552-c630-4332-95b1-5ea2363f0cf4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\4d8da041-e247-4ca7-8733-90098c4f5123.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bd0dec2a-8986-4f5c-af0e-49b1acc41705.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cd054b5d-732b-48ec-bc65-57bbbb7baa21.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\da5da47b-1dfe-41d6-868e-edf1cc6c4e18.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fde6d00f-578e-421d-b080-2e28db7f4737.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bb43333a-29f4-44c9-b46a-a8b0df388827.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e3789e53-1aac-4bd5-8518-089082934dd4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f193cb4b-e5e7-44e1-b4e5-4984db1f5255.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0daf7b22-1102-4ab2-882e-749d881cdbbe.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1a13b429-5648-465a-ae3d-470c7d40c65a.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3076_663717991\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\0daf7b22-1102-4ab2-882e-749d881cdbbe.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3076_51284398\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 104 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\Purchase_Order.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1516,15318958304467380805,2454794286047497187,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.203.109
|
||
|
urldefense.com
|
52.6.56.188
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
52.6.56.188
|
urldefense.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
19CD4F20000
|
heap
|
page read and write
|
||
|
4C10AFB000
|
stack
|
page read and write
|
||
|
1F435E2A000
|
heap
|
page read and write
|
||
|
271977E0000
|
remote allocation
|
page read and write
|
||
|
287DBA40000
|
heap
|
page read and write
|
||
|
287DBA25000
|
heap
|
page read and write
|
||
|
40A84F9000
|
stack
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
198C5B02000
|
heap
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
94E6FF7000
|
stack
|
page read and write
|
||
|
1954B1F0000
|
trusted library allocation
|
page read and write
|
||
|
20E8B3F0000
|
trusted library allocation
|
page read and write
|
||
|
251727C000
|
stack
|
page read and write
|
||
|
27197E03000
|
heap
|
page read and write
|
||
|
2719790C000
|
heap
|
page read and write
|
||
|
1954B27C000
|
heap
|
page read and write
|
||
|
27197013000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
20E90904000
|
trusted library allocation
|
page read and write
|
||
|
20E908CE000
|
trusted library allocation
|
page read and write
|
||
|
1954B308000
|
heap
|
page read and write
|
||
|
11DF5100000
|
heap
|
page read and write
|
||
|
29B68413000
|
heap
|
page read and write
|
||
|
2719791A000
|
heap
|
page read and write
|
||
|
1CEC8AE2000
|
heap
|
page read and write
|
||
|
20E90D13000
|
heap
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
20E90900000
|
trusted library allocation
|
page read and write
|
||
|
27197986000
|
heap
|
page read and write
|
||
|
1F435F02000
|
heap
|
page read and write
|
||
|
198C5A29000
|
heap
|
page read and write
|
||
|
129C583A000
|
heap
|
page read and write
|
||
|
129C5863000
|
heap
|
page read and write
|
||
|
20E90D0E000
|
heap
|
page read and write
|
||
|
A6A84FF000
|
stack
|
page read and write
|
||
|
20E90D06000
|
heap
|
page read and write
|
||
|
27197E00000
|
heap
|
page read and write
|
||
|
29B68402000
|
heap
|
page read and write
|
||
|
FDB2E7E000
|
stack
|
page read and write
|
||
|
20E8B200000
|
heap
|
page read and write
|
||
|
27197977000
|
heap
|
page read and write
|
||
|
198C5A5B000
|
heap
|
page read and write
|
||
|
27197E20000
|
heap
|
page read and write
|
||
|
F494C7E000
|
stack
|
page read and write
|
||
|
18323C13000
|
heap
|
page read and write
|
||
|
AC617B000
|
stack
|
page read and write
|
||
|
1954B300000
|
heap
|
page read and write
|
||
|
20E8BD9B000
|
heap
|
page read and write
|
||
|
2719706A000
|
heap
|
page read and write
|
||
|
BF7CBFF000
|
unkown
|
page read and write
|
||
|
1954B229000
|
heap
|
page read and write
|
||
|
29B68488000
|
heap
|
page read and write
|
||
|
11DF5102000
|
heap
|
page read and write
|
||
|
129C5800000
|
heap
|
page read and write
|
||
|
198C57F0000
|
heap
|
page read and write
|
||
|
129C55E0000
|
heap
|
page read and write
|
||
|
19CD5200000
|
trusted library allocation
|
page read and write
|
||
|
198C57E0000
|
heap
|
page read and write
|
||
|
FDB317A000
|
stack
|
page read and write
|
||
|
27197975000
|
heap
|
page read and write
|
||
|
1CEC9202000
|
heap
|
page read and write
|
||
|
20E8BD13000
|
heap
|
page read and write
|
||
|
1CEC8A43000
|
heap
|
page read and write
|
||
|
1954BA02000
|
trusted library allocation
|
page read and write
|
||
|
1F435DC0000
|
trusted library allocation
|
page read and write
|
||
|
AC637E000
|
stack
|
page read and write
|
||
|
AC607B000
|
stack
|
page read and write
|
||
|
1F435C60000
|
heap
|
page read and write
|
||
|
20E90C3C000
|
heap
|
page read and write
|
||
|
1F435E6E000
|
heap
|
page read and write
|
||
|
19CD5180000
|
heap
|
page read and write
|
||
|
27197116000
|
heap
|
page read and write
|
||
|
129C5845000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
287DBA2F000
|
heap
|
page read and write
|
||
|
271970A4000
|
heap
|
page read and write
|
||
|
20E90C49000
|
heap
|
page read and write
|
||
|
198C6202000
|
trusted library allocation
|
page read and write
|
||
|
27197987000
|
heap
|
page read and write
|
||
|
20E8B513000
|
heap
|
page read and write
|
||
|
20E90D06000
|
heap
|
page read and write
|
||
|
18323BD0000
|
heap
|
page read and write
|
||
|
2719791C000
|
heap
|
page read and write
|
||
|
198C5A6A000
|
heap
|
page read and write
|
||
|
20E8C3F0000
|
trusted library section
|
page readonly
|
||
|
3EFECFD000
|
stack
|
page read and write
|
||
|
BF7C877000
|
stack
|
page read and write
|
||
|
271970C9000
|
heap
|
page read and write
|
||
|
1954B200000
|
heap
|
page read and write
|
||
|
F494CFC000
|
stack
|
page read and write
|
||
|
A6A88FF000
|
stack
|
page read and write
|
||
|
11DF4F20000
|
heap
|
page read and write
|
||
|
198C5A41000
|
heap
|
page read and write
|
||
|
27197986000
|
heap
|
page read and write
|
||
|
129C5750000
|
trusted library allocation
|
page read and write
|
||
|
27197113000
|
heap
|
page read and write
|
||
|
2719798C000
|
heap
|
page read and write
|
||
|
20E908C4000
|
trusted library allocation
|
page read and write
|
||
|
20E8BC00000
|
heap
|
page read and write
|
||
|
1954B302000
|
heap
|
page read and write
|
||
|
27197972000
|
heap
|
page read and write
|
||
|
129C5869000
|
heap
|
page read and write
|
||
|
40A81DF000
|
stack
|
page read and write
|
||
|
2719799A000
|
heap
|
page read and write
|
||
|
1CEC8B02000
|
heap
|
page read and write
|
||
|
251777E000
|
stack
|
page read and write
|
||
|
3EFEBFB000
|
stack
|
page read and write
|
||
|
11DF4F90000
|
heap
|
page read and write
|
||
|
20E90CE2000
|
heap
|
page read and write
|
||
|
18323B60000
|
heap
|
page read and write
|
||
|
20E8B479000
|
heap
|
page read and write
|
||
|
27197054000
|
heap
|
page read and write
|
||
|
29B683F0000
|
heap
|
page read and write
|
||
|
11DF5067000
|
heap
|
page read and write
|
||
|
271979C2000
|
heap
|
page read and write
|
||
|
2719791A000
|
heap
|
page read and write
|
||
|
20E8BD18000
|
heap
|
page read and write
|
||
|
271979C1000
|
heap
|
page read and write
|
||
|
20E8BD58000
|
heap
|
page read and write
|
||
|
11DF5053000
|
heap
|
page read and write
|
||
|
20E8BC15000
|
heap
|
page read and write
|
||
|
FDB2EFF000
|
stack
|
page read and write
|
||
|
FDB2A7A000
|
stack
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
11DF5071000
|
heap
|
page read and write
|
||
|
27197000000
|
heap
|
page read and write
|
||
|
94E6EFB000
|
stack
|
page read and write
|
||
|
20E90C00000
|
heap
|
page read and write
|
||
|
1CEC8AB9000
|
heap
|
page read and write
|
||
|
29B6843C000
|
heap
|
page read and write
|
||
|
19CD5229000
|
heap
|
page read and write
|
||
|
20E90900000
|
trusted library allocation
|
page read and write
|
||
|
1CEC8A00000
|
heap
|
page read and write
|
||
|
129C5886000
|
heap
|
page read and write
|
||
|
27197985000
|
heap
|
page read and write
|
||
|
1F435E85000
|
heap
|
page read and write
|
||
|
27197985000
|
heap
|
page read and write
|
||
|
129C587D000
|
heap
|
page read and write
|
||
|
20E8C100000
|
trusted library allocation
|
page read and write
|
||
|
1CEC8A88000
|
heap
|
page read and write
|
||
|
29B68469000
|
heap
|
page read and write
|
||
|
251757E000
|
stack
|
page read and write
|
||
|
20E8BD00000
|
heap
|
page read and write
|
||
|
198C5A02000
|
heap
|
page read and write
|
||
|
29B68380000
|
heap
|
page read and write
|
||
|
27196F60000
|
heap
|
page read and write
|
||
|
2719798A000
|
heap
|
page read and write
|
||
|
1F435E7A000
|
heap
|
page read and write
|
||
|
271977E0000
|
remote allocation
|
page read and write
|
||
|
20E90A10000
|
trusted library allocation
|
page read and write
|
||
|
271970B6000
|
heap
|
page read and write
|
||
|
287DBA24000
|
heap
|
page read and write
|
||
|
F494B79000
|
stack
|
page read and write
|
||
|
29B6847E000
|
heap
|
page read and write
|
||
|
271970FD000
|
heap
|
page read and write
|
||
|
29B6847C000
|
heap
|
page read and write
|
||
|
FDB2C7E000
|
stack
|
page read and write
|
||
|
287DBA2D000
|
heap
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
1954B257000
|
heap
|
page read and write
|
||
|
20E90C17000
|
heap
|
page read and write
|
||
|
11DF5802000
|
trusted library allocation
|
page read and write
|
||
|
129C6002000
|
trusted library allocation
|
page read and write
|
||
|
20E8BD9A000
|
heap
|
page read and write
|
||
|
11DF5002000
|
heap
|
page read and write
|
||
|
18323C40000
|
heap
|
page read and write
|
||
|
201CF7B000
|
stack
|
page read and write
|
||
|
18323C02000
|
heap
|
page read and write
|
||
|
11DF5000000
|
heap
|
page read and write
|
||
|
27197989000
|
heap
|
page read and write
|
||
|
27196FC0000
|
heap
|
page read and write
|
||
|
198C5B13000
|
heap
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
FDB2FFE000
|
stack
|
page read and write
|
||
|
1CEC8A65000
|
heap
|
page read and write
|
||
|
3EFEDFD000
|
stack
|
page read and write
|
||
|
271970AE000
|
heap
|
page read and write
|
||
|
1CEC8ACA000
|
heap
|
page read and write
|
||
|
1F435F13000
|
heap
|
page read and write
|
||
|
129C5829000
|
heap
|
page read and write
|
||
|
4C111FD000
|
stack
|
page read and write
|
||
|
1F435E2D000
|
heap
|
page read and write
|
||
|
129C586D000
|
heap
|
page read and write
|
||
|
BF7C97E000
|
stack
|
page read and write
|
||
|
40A80DB000
|
stack
|
page read and write
|
||
|
BABC077000
|
stack
|
page read and write
|
||
|
2719799C000
|
heap
|
page read and write
|
||
|
27196FF0000
|
trusted library allocation
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
94E6C7E000
|
stack
|
page read and write
|
||
|
27197991000
|
heap
|
page read and write
|
||
|
27197900000
|
heap
|
page read and write
|
||
|
129C5849000
|
heap
|
page read and write
|
||
|
129C584A000
|
heap
|
page read and write
|
||
|
F494BF9000
|
stack
|
page read and write
|
||
|
BABC17F000
|
stack
|
page read and write
|
||
|
27197988000
|
heap
|
page read and write
|
||
|
271979AD000
|
heap
|
page read and write
|
||
|
20E8BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1954B23C000
|
heap
|
page read and write
|
||
|
271970FB000
|
heap
|
page read and write
|
||
|
29B68454000
|
heap
|
page read and write
|
||
|
20E90A30000
|
trusted library allocation
|
page read and write
|
||
|
18323D00000
|
heap
|
page read and write
|
||
|
287DBA2D000
|
heap
|
page read and write
|
||
|
F49479A000
|
stack
|
page read and write
|
||
|
18324330000
|
trusted library allocation
|
page read and write
|
||
|
1CEC8A13000
|
heap
|
page read and write
|
||
|
20E908E4000
|
trusted library allocation
|
page read and write
|
||
|
20E8BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
20E90CDD000
|
heap
|
page read and write
|
||
|
129C5864000
|
heap
|
page read and write
|
||
|
1CEC8AC0000
|
heap
|
page read and write
|
||
|
129C5848000
|
heap
|
page read and write
|
||
|
19CD5C30000
|
trusted library allocation
|
page read and write
|
||
|
1954B1C0000
|
heap
|
page read and write
|
||
|
A6A86FB000
|
stack
|
page read and write
|
||
|
F494AFF000
|
stack
|
page read and write
|
||
|
129C5842000
|
heap
|
page read and write
|
||
|
20E90D13000
|
heap
|
page read and write
|
||
|
29B68461000
|
heap
|
page read and write
|
||
|
40A857B000
|
stack
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
BF7C67E000
|
stack
|
page read and write
|
||
|
287DB7B0000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
2719798C000
|
heap
|
page read and write
|
||
|
1CEC8A83000
|
heap
|
page read and write
|
||
|
94E71FE000
|
stack
|
page read and write
|
||
|
201C6FB000
|
stack
|
page read and write
|
||
|
201D37F000
|
stack
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
287DBA3F000
|
heap
|
page read and write
|
||
|
20E8B3D1000
|
trusted library allocation
|
page read and write
|
||
|
94E6DFB000
|
stack
|
page read and write
|
||
|
1954B28B000
|
heap
|
page read and write
|
||
|
19CD5E90000
|
trusted library allocation
|
page read and write
|
||
|
20E908F0000
|
trusted library allocation
|
page read and write
|
||
|
FDB2DFE000
|
stack
|
page read and write
|
||
|
271979AB000
|
heap
|
page read and write
|
||
|
201CD7E000
|
stack
|
page read and write
|
||
|
27197980000
|
heap
|
page read and write
|
||
|
129C586B000
|
heap
|
page read and write
|
||
|
BABBCFE000
|
stack
|
page read and write
|
||
|
129C55F0000
|
heap
|
page read and write
|
||
|
201CDFC000
|
stack
|
page read and write
|
||
|
1CEC9300000
|
heap
|
page read and write
|
||
|
201CAFB000
|
stack
|
page read and write
|
||
|
1954B24C000
|
heap
|
page read and write
|
||
|
18324360000
|
remote allocation
|
page read and write
|
||
|
20E90CA4000
|
heap
|
page read and write
|
||
|
1F435E64000
|
heap
|
page read and write
|
||
|
20E907A0000
|
trusted library allocation
|
page read and write
|
||
|
2719798C000
|
heap
|
page read and write
|
||
|
2719798E000
|
heap
|
page read and write
|
||
|
20E8C760000
|
trusted library allocation
|
page read and write
|
||
|
19CD5225000
|
heap
|
page read and write
|
||
|
19CD4FB0000
|
heap
|
page read and write
|
||
|
20E90CAE000
|
heap
|
page read and write
|
||
|
2719798E000
|
heap
|
page read and write
|
||
|
1F435E3C000
|
heap
|
page read and write
|
||
|
129C583E000
|
heap
|
page read and write
|
||
|
BF7C5FB000
|
stack
|
page read and write
|
||
|
A6A85FC000
|
stack
|
page read and write
|
||
|
29B68462000
|
heap
|
page read and write
|
||
|
BABBF7B000
|
stack
|
page read and write
|
||
|
FDB287E000
|
stack
|
page read and write
|
||
|
20E90C10000
|
heap
|
page read and write
|
||
|
29B6842A000
|
heap
|
page read and write
|
||
|
2719799C000
|
heap
|
page read and write
|
||
|
129C5880000
|
heap
|
page read and write
|
||
|
201CEFD000
|
stack
|
page read and write
|
||
|
20E8BD59000
|
heap
|
page read and write
|
||
|
129C5850000
|
heap
|
page read and write
|
||
|
20E908C8000
|
trusted library allocation
|
page read and write
|
||
|
FDB327A000
|
stack
|
page read and write
|
||
|
BF7CB7C000
|
stack
|
page read and write
|
||
|
1F435CC0000
|
heap
|
page read and write
|
||
|
11DF5113000
|
heap
|
page read and write
|
||
|
1954B270000
|
heap
|
page read and write
|
||
|
129C5865000
|
heap
|
page read and write
|
||
|
20E90A20000
|
remote allocation
|
page read and write
|
||
|
20E90A20000
|
remote allocation
|
page read and write
|
||
|
27197988000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
20E8C3D0000
|
trusted library section
|
page readonly
|
||
|
27197974000
|
heap
|
page read and write
|
||
|
94E70FF000
|
stack
|
page read and write
|
||
|
2719799C000
|
heap
|
page read and write
|
||
|
BABBD7D000
|
stack
|
page read and write
|
||
|
29B68465000
|
heap
|
page read and write
|
||
|
40A8679000
|
stack
|
page read and write
|
||
|
20E90B30000
|
trusted library allocation
|
page read and write
|
||
|
20E908E1000
|
trusted library allocation
|
page read and write
|
||
|
1F435E59000
|
heap
|
page read and write
|
||
|
1F435C50000
|
heap
|
page read and write
|
||
|
129C5830000
|
heap
|
page read and write
|
||
|
129C584C000
|
heap
|
page read and write
|
||
|
A6A847E000
|
stack
|
page read and write
|
||
|
18323B70000
|
heap
|
page read and write
|
||
|
20E90990000
|
trusted library allocation
|
page read and write
|
||
|
FDB307F000
|
stack
|
page read and write
|
||
|
251737E000
|
stack
|
page read and write
|
||
|
FDB337F000
|
stack
|
page read and write
|
||
|
20E908C9000
|
trusted library allocation
|
page read and write
|
||
|
198C5A67000
|
heap
|
page read and write
|
||
|
27197081000
|
heap
|
page read and write
|
||
|
94E6CFE000
|
stack
|
page read and write
|
||
|
BABC27E000
|
stack
|
page read and write
|
||
|
20E8B43D000
|
heap
|
page read and write
|
||
|
20E909E0000
|
trusted library allocation
|
page read and write
|
||
|
27197057000
|
heap
|
page read and write
|
||
|
2719798A000
|
heap
|
page read and write
|
||
|
27197102000
|
heap
|
page read and write
|
||
|
27197802000
|
heap
|
page read and write
|
||
|
29B68500000
|
heap
|
page read and write
|
||
|
FDB2D7B000
|
stack
|
page read and write
|
||
|
19CD5EA0000
|
trusted library allocation
|
page read and write
|
||
|
129C587C000
|
heap
|
page read and write
|
||
|
20E8BD18000
|
heap
|
page read and write
|
||
|
198C5A13000
|
heap
|
page read and write
|
||
|
20E8C3E0000
|
trusted library section
|
page readonly
|
||
|
2719791C000
|
heap
|
page read and write
|
||
|
1954B273000
|
heap
|
page read and write
|
||
|
2719796F000
|
heap
|
page read and write
|
||
|
287DBA2F000
|
heap
|
page read and write
|
||
|
19CD4FFD000
|
heap
|
page read and write
|
||
|
19CD4F90000
|
heap
|
page read and write
|
||
|
1CEC8A6E000
|
heap
|
page read and write
|
||
|
2719703C000
|
heap
|
page read and write
|
||
|
20E8B455000
|
heap
|
page read and write
|
||
|
27197108000
|
heap
|
page read and write
|
||
|
19CD5E80000
|
heap
|
page readonly
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
271970AC000
|
heap
|
page read and write
|
||
|
11DF4FC0000
|
trusted library allocation
|
page read and write
|
||
|
20E8B370000
|
trusted library section
|
page read and write
|
||
|
129C5846000
|
heap
|
page read and write
|
||
|
4C10E7F000
|
stack
|
page read and write
|
||
|
19CD5E70000
|
trusted library allocation
|
page read and write
|
||
|
4C110FE000
|
stack
|
page read and write
|
||
|
40A847E000
|
stack
|
page read and write
|
||
|
20E90CB6000
|
heap
|
page read and write
|
||
|
25172FE000
|
stack
|
page read and write
|
||
|
20E90D04000
|
heap
|
page read and write
|
||
|
201D07C000
|
stack
|
page read and write
|
||
|
1CEC89F0000
|
trusted library allocation
|
page read and write
|
||
|
2719799E000
|
heap
|
page read and write
|
||
|
40A85FE000
|
stack
|
page read and write
|
||
|
20E90A20000
|
trusted library allocation
|
page read and write
|
||
|
129C5847000
|
heap
|
page read and write
|
||
|
1954B275000
|
heap
|
page read and write
|
||
|
A6A81EC000
|
stack
|
page read and write
|
||
|
287DBA2D000
|
heap
|
page read and write
|
||
|
129C584F000
|
heap
|
page read and write
|
||
|
287DBA22000
|
heap
|
page read and write
|
||
|
11DF5067000
|
heap
|
page read and write
|
||
|
201CC7F000
|
stack
|
page read and write
|
||
|
20E8B4AE000
|
heap
|
page read and write
|
||
|
19CD5EF0000
|
trusted library allocation
|
page read and write
|
||
|
251767E000
|
stack
|
page read and write
|
||
|
198C5850000
|
heap
|
page read and write
|
||
|
29B6845E000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
129C587B000
|
heap
|
page read and write
|
||
|
20E8B400000
|
heap
|
page read and write
|
||
|
20E8C410000
|
trusted library section
|
page readonly
|
||
|
19CD4FF6000
|
heap
|
page read and write
|
||
|
20E90A10000
|
trusted library allocation
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
11DF5079000
|
heap
|
page read and write
|
||
|
29B68474000
|
heap
|
page read and write
|
||
|
201D17E000
|
stack
|
page read and write
|
||
|
29B68390000
|
heap
|
page read and write
|
||
|
27197E19000
|
heap
|
page read and write
|
||
|
27197966000
|
heap
|
page read and write
|
||
|
94E699B000
|
stack
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
20E90A00000
|
trusted library allocation
|
page read and write
|
||
|
20E90D0C000
|
heap
|
page read and write
|
||
|
287DBA16000
|
heap
|
page read and write
|
||
|
27197089000
|
heap
|
page read and write
|
||
|
27197988000
|
heap
|
page read and write
|
||
|
198C5950000
|
trusted library allocation
|
page read and write
|
||
|
20E8BE81000
|
trusted library allocation
|
page read and write
|
||
|
20E8B260000
|
heap
|
page read and write
|
||
|
20E90CF3000
|
heap
|
page read and write
|
||
|
20E8B492000
|
heap
|
page read and write
|
||
|
1954B313000
|
heap
|
page read and write
|
||
|
20E90D06000
|
heap
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
287DBCE0000
|
heap
|
page read and write
|
||
|
3EFF1FF000
|
stack
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
3EFEFFD000
|
stack
|
page read and write
|
||
|
19CD4FFD000
|
heap
|
page read and write
|
||
|
BF7C4FE000
|
stack
|
page read and write
|
||
|
20E90CDD000
|
heap
|
page read and write
|
||
|
3EFF0FF000
|
stack
|
page read and write
|
||
|
287DBA26000
|
heap
|
page read and write
|
||
|
20E8BD59000
|
heap
|
page read and write
|
||
|
287DBCE5000
|
heap
|
page read and write
|
||
|
20E90A20000
|
remote allocation
|
page read and write
|
||
|
27197E03000
|
heap
|
page read and write
|
||
|
20E8C2E0000
|
trusted library allocation
|
page read and write
|
||
|
287DBA11000
|
heap
|
page read and write
|
||
|
29B68474000
|
heap
|
page read and write
|
||
|
27197081000
|
heap
|
page read and write
|
||
|
40A86FE000
|
stack
|
page read and write
|
||
|
271970C2000
|
heap
|
page read and write
|
||
|
20E90D04000
|
heap
|
page read and write
|
||
|
29B6847C000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
20E8B489000
|
heap
|
page read and write
|
||
|
287DB900000
|
heap
|
page read and write
|
||
|
1954B281000
|
heap
|
page read and write
|
||
|
BF7C19C000
|
stack
|
page read and write
|
||
|
27197977000
|
heap
|
page read and write
|
||
|
FDB2F7F000
|
stack
|
page read and write
|
||
|
AC5B7B000
|
stack
|
page read and write
|
||
|
20E8BC02000
|
heap
|
page read and write
|
||
|
20E90CB5000
|
heap
|
page read and write
|
||
|
20E90CA0000
|
heap
|
page read and write
|
||
|
4C10FFE000
|
stack
|
page read and write
|
||
|
A6A87F7000
|
stack
|
page read and write
|
||
|
BABBC7B000
|
stack
|
page read and write
|
||
|
1954B150000
|
heap
|
page read and write
|
||
|
20E908C0000
|
trusted library allocation
|
page read and write
|
||
|
20E8B360000
|
trusted library allocation
|
page read and write
|
||
|
1954B160000
|
heap
|
page read and write
|
||
|
19CD4FB8000
|
heap
|
page read and write
|
||
|
1CEC8890000
|
heap
|
page read and write
|
||
|
18324402000
|
trusted library allocation
|
page read and write
|
||
|
1CEC8880000
|
heap
|
page read and write
|
||
|
F494A7F000
|
stack
|
page read and write
|
||
|
20E8B475000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
129C5876000
|
heap
|
page read and write
|
||
|
20E908F0000
|
trusted library allocation
|
page read and write
|
||
|
129C586F000
|
heap
|
page read and write
|
||
|
29B68513000
|
heap
|
page read and write
|
||
|
271979A0000
|
heap
|
page read and write
|
||
|
19CD4FFF000
|
heap
|
page read and write
|
||
|
29B68502000
|
heap
|
page read and write
|
||
|
20E90B10000
|
trusted library allocation
|
page read and write
|
||
|
19CD4FFD000
|
heap
|
page read and write
|
||
|
2719790A000
|
heap
|
page read and write
|
||
|
129C5868000
|
heap
|
page read and write
|
||
|
18323C2A000
|
heap
|
page read and write
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
3EFE7BB000
|
stack
|
page read and write
|
||
|
19CD5210000
|
trusted library allocation
|
page read and write
|
||
|
2719796F000
|
heap
|
page read and write
|
||
|
20E90760000
|
trusted library allocation
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
20E8B429000
|
heap
|
page read and write
|
||
|
129C5877000
|
heap
|
page read and write
|
||
|
FDB347F000
|
stack
|
page read and write
|
||
|
2719799E000
|
heap
|
page read and write
|
||
|
BABBE7B000
|
stack
|
page read and write
|
||
|
129C5813000
|
heap
|
page read and write
|
||
|
271979C3000
|
heap
|
page read and write
|
||
|
29B68C02000
|
trusted library allocation
|
page read and write
|
||
|
20E908C0000
|
trusted library allocation
|
page read and write
|
||
|
4C1137D000
|
stack
|
page read and write
|
||
|
1CEC8B13000
|
heap
|
page read and write
|
||
|
129C5825000
|
heap
|
page read and write
|
||
|
27197952000
|
heap
|
page read and write
|
||
|
20E90C1D000
|
heap
|
page read and write
|
||
|
2719798C000
|
heap
|
page read and write
|
||
|
1954B24A000
|
heap
|
page read and write
|
||
|
11DF5013000
|
heap
|
page read and write
|
||
|
29B68B50000
|
trusted library allocation
|
page read and write
|
||
|
271977E0000
|
remote allocation
|
page read and write
|
||
|
27197923000
|
heap
|
page read and write
|
||
|
27197992000
|
heap
|
page read and write
|
||
|
20E90CE2000
|
heap
|
page read and write
|
||
|
2719799C000
|
heap
|
page read and write
|
||
|
2719799E000
|
heap
|
page read and write
|
||
|
20E909D0000
|
trusted library allocation
|
page read and write
|
||
|
18323C54000
|
heap
|
page read and write
|
||
|
20E8BD58000
|
heap
|
page read and write
|
||
|
271970AE000
|
heap
|
page read and write
|
||
|
27196F50000
|
heap
|
page read and write
|
||
|
FDB254B000
|
stack
|
page read and write
|
||
|
20E908C7000
|
trusted library allocation
|
page read and write
|
||
|
1954B254000
|
heap
|
page read and write
|
||
|
27197986000
|
heap
|
page read and write
|
||
|
27197973000
|
heap
|
page read and write
|
||
|
1F435F08000
|
heap
|
page read and write
|
||
|
27197987000
|
heap
|
page read and write
|
||
|
19CD4F30000
|
trusted library allocation
|
page read and write
|
||
|
129C5879000
|
heap
|
page read and write
|
||
|
20E909F0000
|
trusted library allocation
|
page read and write
|
||
|
20E8B48B000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
11DF506B000
|
heap
|
page read and write
|
||
|
27197990000
|
heap
|
page read and write
|
||
|
29B68508000
|
heap
|
page read and write
|
||
|
20E90B70000
|
trusted library allocation
|
page read and write
|
||
|
27197988000
|
heap
|
page read and write
|
||
|
198C5A00000
|
heap
|
page read and write
|
||
|
4C1127F000
|
stack
|
page read and write
|
||
|
201D27C000
|
stack
|
page read and write
|
||
|
BF7C777000
|
stack
|
page read and write
|
||
|
1F436602000
|
trusted library allocation
|
page read and write
|
||
|
27197064000
|
heap
|
page read and write
|
||
|
27197027000
|
heap
|
page read and write
|
||
|
1F435E00000
|
heap
|
page read and write
|
||
|
20E8B1F0000
|
heap
|
page read and write
|
||
|
287DB8E0000
|
heap
|
page read and write
|
||
|
129C5902000
|
heap
|
page read and write
|
||
|
AC627B000
|
stack
|
page read and write
|
||
|
FDB2978000
|
stack
|
page read and write
|
||
|
1F435E7A000
|
heap
|
page read and write
|
||
|
129C5841000
|
heap
|
page read and write
|
||
|
287DBA00000
|
heap
|
page read and write
|
||
|
20E8B4FB000
|
heap
|
page read and write
|
||
|
1F435E6E000
|
heap
|
page read and write
|
||
|
20E8B470000
|
heap
|
page read and write
|
||
|
287DBA16000
|
heap
|
page read and write
|
||
|
11DF5028000
|
heap
|
page read and write
|
||
|
18324360000
|
remote allocation
|
page read and write
|
||
|
2719799A000
|
heap
|
page read and write
|
||
|
20E8C400000
|
trusted library section
|
page readonly
|
||
|
3EFF4FE000
|
stack
|
page read and write
|
||
|
4C10F7C000
|
stack
|
page read and write
|
||
|
129C5861000
|
heap
|
page read and write
|
||
|
1F435E5E000
|
heap
|
page read and write
|
||
|
1954B251000
|
heap
|
page read and write
|
||
|
20E90D0A000
|
heap
|
page read and write
|
||
|
20E90C2B000
|
heap
|
page read and write
|
||
|
20E8BBE0000
|
trusted library allocation
|
page read and write
|
||
|
BF7C47F000
|
stack
|
page read and write
|
||
|
1954B213000
|
heap
|
page read and write
|
||
|
1CEC8A29000
|
heap
|
page read and write
|
||
|
29B68466000
|
heap
|
page read and write
|
||
|
3EFF2FF000
|
stack
|
page read and write
|
||
|
20E8B413000
|
heap
|
page read and write
|
||
|
20E8B3F3000
|
trusted library allocation
|
page read and write
|
||
|
271970E6000
|
heap
|
page read and write
|
||
|
20E8B526000
|
heap
|
page read and write
|
||
|
18323C00000
|
heap
|
page read and write
|
||
|
27197977000
|
heap
|
page read and write
|
||
|
29B68400000
|
heap
|
page read and write
|
||
|
20E908C1000
|
trusted library allocation
|
page read and write
|
||
|
20E8C3C0000
|
trusted library section
|
page readonly
|
||
|
2719799D000
|
heap
|
page read and write
|
||
|
19CD5230000
|
trusted library allocation
|
page read and write
|
||
|
A6A89FF000
|
stack
|
page read and write
|
||
|
11DF5040000
|
heap
|
page read and write
|
||
|
3EFF3FF000
|
stack
|
page read and write
|
||
|
2719796F000
|
heap
|
page read and write
|
||
|
198C5A50000
|
heap
|
page read and write
|
||
|
19CD51F0000
|
trusted library allocation
|
page read and write
|
||
|
271970D9000
|
heap
|
page read and write
|
||
|
20E90D02000
|
heap
|
page read and write
|
||
|
18324360000
|
remote allocation
|
page read and write
|
||
|
129C5843000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
129C5862000
|
heap
|
page read and write
|
||
|
27197E02000
|
heap
|
page read and write
|
||
|
20E8B457000
|
heap
|
page read and write
|
||
|
20E90CFB000
|
heap
|
page read and write
|
||
|
129C5866000
|
heap
|
page read and write
|
||
|
18323D02000
|
heap
|
page read and write
|
||
|
1F435E7A000
|
heap
|
page read and write
|
||
|
20E907B0000
|
trusted library allocation
|
page read and write
|
||
|
1CEC88F0000
|
heap
|
page read and write
|
||
|
1F435E13000
|
heap
|
page read and write
|
||
|
2719798A000
|
heap
|
page read and write
|
||
|
198C5A76000
|
heap
|
page read and write
|
||
|
20E8B48D000
|
heap
|
page read and write
|
||
|
20E8BD18000
|
heap
|
page read and write
|
||
|
2719799E000
|
heap
|
page read and write
|
||
|
19CD4FE2000
|
heap
|
page read and write
|
||
|
20E8BD18000
|
heap
|
page read and write
|
||
|
20E908C6000
|
trusted library allocation
|
page read and write
|
||
|
BF7CA78000
|
stack
|
page read and write
|
||
|
287DBA2F000
|
heap
|
page read and write
|
||
|
20E8B502000
|
heap
|
page read and write
|
||
|
271979D3000
|
heap
|
page read and write
|
||
|
27197029000
|
heap
|
page read and write
|
||
|
129C5650000
|
heap
|
page read and write
|
||
|
FDB2B7A000
|
stack
|
page read and write
|
||
|
11DF4F30000
|
heap
|
page read and write
|
||
|
20E8BE01000
|
trusted library allocation
|
page read and write
|
||
|
1954B249000
|
heap
|
page read and write
|
||
|
20E908E0000
|
trusted library allocation
|
page read and write
|
||
|
1F435F00000
|
heap
|
page read and write
|
||
|
20E90C5F000
|
heap
|
page read and write
|
||
|
20E8B49D000
|
heap
|
page read and write
|
||
|
19CD5220000
|
heap
|
page read and write
|
||
|
1954B24F000
|
heap
|
page read and write
|
There are 588 hidden memdumps, click here to show them.