Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecovery.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecoveryCRX.crx
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61476 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0759b745-6ff1-4982-8800-edc977ae5b72.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\16077ec1-bb00-469d-b5df-4bdcd8e0a67e.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\298af2d3-aa17-4443-93f9-b346fc222585.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d2f77ec-0582-487d-b313-87da644e83c6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3fdd3811-ff4b-492c-acf4-1d02e144fdda.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\49996986-d7d7-41df-9b18-428ab74489a4.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\557d11ab-346e-4ead-9c60-6b4c45f063c9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e5e2a86-fea0-4e2f-9ac6-cebd53dea438.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\88edfec8-a8e4-4411-b332-f2884fb997fc.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\95fbdc4d-36d1-49ac-a585-7971f0b16bda.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1db2c452-2ff7-4dbf-ba38-abc98065c6ee.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1e193c6d-b39a-4ab6-815e-9c65934a80fa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\46e5f088-0d1a-4158-b735-5e87e4cc747d.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7a14fc07-ecc6-4902-824c-2d0a5290101a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9e61d1e6-e002-42ab-9f16-2495e9afe44b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\76a08e1b-f850-43ff-98b8-abad74e26e25.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\95a364d5-26f9-4ca9-adeb-c806278941d8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a13c8b74-6e05-4699-a045-65c609372f68.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ad8021df-c392-483e-a98f-826780bc171d.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1aa2759-9bd6-4978-b770-e1479d6b81be.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d1b627a8-bd66-48ff-9246-9c9ac8968020.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f52e71c0-9043-47b0-a259-d592085c61cc.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5164_283591160\Ruleset Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ec92b34f-b1a1-46b3-92f2-ab635cbacffe.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1606807745\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1606807745\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1606807745\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1606807745\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1892479222\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1892479222\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_1892479222\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5164_329640452\manifest.json~
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\55b6949c-382d-42a0-9862-3e9d4fa4ad79.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c2c2fb6c-f259-490b-ba8b-6ab0dd963234.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\55b6949c-382d-42a0-9862-3e9d4fa4ad79.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5164_463379134\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 110 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://www.extcovdoc125.org/
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,9165260210357532166,5390511694361261753,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
|
C:\Program Files\Google\Chrome\Application\85.0.4183.121\elevation_service.exe
|
||
|
C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecovery.exe
|
"C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir5484_1535481702\ChromeRecovery.exe" --appguid={8A69D345-D564-463c-AFF1-A69D9E530F96}
--browser-version=85.0.4183.121 --sessionid={dd012639-423b-4d94-869b-89f3badab017} --system
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.extcovdoc125.org/
|
 |
||
|
https://www.extcovdoc125.org/
|
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://www.extcovdoc125.org/
|
34.117.168.233
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://www.extcovdoc125.org/2
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://www.extcovdoc125.org
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.11.207
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pid=c1dmp&pn=1&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&st=2&ts=398&tts=2334&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_brandId=editorx
|
3.231.116.131
|
||
|
https://www.extcovdoc125.org/_api/tag-manager/api/v1/tags/sites/361b8621-7187-4e93-b748-a6b720cc5eed?wixSite=false&htmlsiteId=d2f95b4d-d274-49b1-b7ae-045e9f4850bf&language=en
|
34.117.168.233
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://frog.editorx.com/bpm?_msid=361b8621-7187-4e93-b748-a6b720cc5eed&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_av=thunderbolt-1.10130.0&isb=true&isbr=webdriver&ts=6004&tsn=7940&dc=84&caching=hit%2Chit&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&st=2&url=https%253A%252F%252Fwww.extcovdoc125.org%252F&ish=true&pn=1&pv=true&pageId=c1dmp&isServerSide=false&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.10130.0&_brandId=editorx&_siteBranchId=undefined&_ms=7941&_lv=2.0.985%7CC&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=16535821715601&tti=3441&tbt=89&iframes=0&screens=1&entryType=loaded&lcp=3154&lcpSize=529506&closestId=img-comp-l3imgj4o&lcpTag=PICTURE&lcpResourceType=png&lcpInLightbox=false&countScripts=22&startTimeScripts=1941&durationScripts=1935&mttfbScripts=29&attfbScripts=41&tbdScripts=1016138&countImages=2&startTimeImages=2452&durationImages=490&mttfbImages=256&attfbImages=256&tbdImages=135200&countFonts=2&startTimeFonts=2059&durationFonts=2476&mttfbFonts=9&attfbFonts=9&tbdFonts=18344&duration=3947&ttlb=1925&dcl=2374&transferSize=263842&decodedBodySize=262198&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&visitorId=97ac8d2d-0072-4f2c-8777-f8339eb78d25&btype=webdriver&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06%7C1&ssrDuration=41&ssrTimestamp=1653541541625µPop=euw3&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=0&countCls=0&clsOld=0&clientType=ugc&analytics=true
|
3.231.116.131
|
||
|
https://torch-rare-nerine.glitch.me/favicon.ico
|
52.203.39.37
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://static.wixstatic.com/media/02b81a_70fc0acae7884e1fa34a11a1711c102e~mv2.png/v1/fill/w_931,h_570,al_c,q_90,usm_0.66_1.00_0.01,enc_auto/Screenshot%202022.png
|
34.102.176.152
|
||
|
https://torch-rare-nerine.glitch.me/extdoc125index.html2
|
unknown
|
||
|
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
|
104.18.10.207
|
||
|
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pn=1&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&st=2&ts=18&tts=1954&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_brandId=editorx
|
3.231.116.131
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit&dc=84&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=361b8621-7187-4e93-b748-a6b720cc5eed&pid=c1dmp&pn=1&sar=1280x984&sessionId=81c9320b-2bae-438b-a0b9-134b38f115b3&siterev=5-__siteCacheRevision__&sr=1280x1024&st=2&ts=1994&tts=3930&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&v=1.10130.0&vid=97ac8d2d-0072-4f2c-8777-f8339eb78d25&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06|1&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&wor=1280x984&wr=1280x869&_brandId=editorx
|
3.231.116.131
|
||
|
https://torch-rare-nerine.glitch.me/extdoc125index.html
|
52.203.39.37
|
||
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
104.18.11.207
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://www.extcovdoc125.org/_api/v2/dynamicmodel
|
34.117.168.233
|
||
|
https://siteassets.parastorage.com
|
unknown
|
||
|
https://static.wixstatic.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
104.17.24.14
|
||
|
https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt-responsive&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=true&msid=361b8621-7187-4e93-b748-a6b720cc5eed&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&ish=true&isb=true&isbr=webdriver&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&caching=hit,hit&pv=visible&pn=1&v=1.10130.0&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&st=2&ts=13&tsn=1949
|
3.231.116.131
|
||
|
https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt-responsive&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=true&msid=361b8621-7187-4e93-b748-a6b720cc5eed&session_id=81c9320b-2bae-438b-a0b9-134b38f115b3&ish=true&isb=true&isbr=webdriver&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&caching=hit,hit&pv=visible&pn=1&v=1.10130.0&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&st=2&ts=13&tsn=1949&name=partially_visible&duration=1653582165943&pageId=c1dmp
|
3.231.116.131
|
||
|
https://frog.editorx.com/bpm
|
3.231.116.131
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://static.wixstatic.com/media/02b81a_70fc0acae7884e1fa34a11a1711c102e~mv2.png/v1/fill/w_245,h_126,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/Screenshot%202022.png
|
34.102.176.152
|
||
|
https://frog.editorx.com/pa?_msid=361b8621-7187-4e93-b748-a6b720cc5eed&vsi=6dfd68d1-a23a-4534-98f9-4366ecc38fe1&_av=thunderbolt-1.10130.0&isb=true&isbr=webdriver&_brandId=editorx&_siteBranchId=undefined&_ms=3898&_lv=2.0.985%7CC&_visitorId=97ac8d2d-0072-4f2c-8777-f8339eb78d25&_siteMemberId=undefined&bsi=4b670852-7e7a-4bc3-8324-43727fa80a06%7C1&src=76&evid=1109&pid=c1dmp&pn=1&viewer=TB&pt=static&pa=editor&pti=c1dmp&uuid=02b81a5a-1805-4b9f-83a2-e2f77f7ddb0b&url=https%3A%2F%2Fwww.extcovdoc125.org%2F&ref=&bot=true&bl=en-GB&pl=en-GB%2Cen-US%2Cen&_=16535821675170
|
3.231.116.131
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://torch-rare-nerine.glitch.me/extdoc125index.html
|
|||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 42 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
216.58.215.227
|
||
|
stackpath.bootstrapcdn.com
|
104.18.10.207
|
||
|
td-ccm-168-233.wixdns.net
|
34.117.168.233
|
||
|
td-static-34-96-106-200.parastorage.com
|
34.96.106.200
|
||
|
torch-rare-nerine.glitch.me
|
52.203.39.37
|
||
|
accounts.google.com
|
142.250.203.109
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
gcp.media-router.wixstatic.com
|
34.102.176.152
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
|
c-0001.c-msedge.net
|
13.107.4.50
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com
|
3.231.116.131
|
||
|
siteassets.parastorage.com
|
unknown
|
||
|
static.wixstatic.com
|
unknown
|
||
|
frog.editorx.com
|
unknown
|
||
|
www.extcovdoc125.org
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
code.jquery.com
|
unknown
|
||
|
frog.wix.com
|
unknown
|
||
|
static.parastorage.com
|
unknown
|
There are 10 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
3.231.116.131
|
bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.18.10.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
34.96.106.200
|
td-static-34-96-106-200.parastorage.com
|
United States
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
52.203.39.37
|
torch-rare-nerine.glitch.me
|
United States
|
||
|
216.58.215.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
34.117.168.233
|
td-ccm-168-233.wixdns.net
|
United States
|
||
|
104.18.11.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
34.102.176.152
|
gcp.media-router.wixstatic.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 5 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
There are 39 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
182377F000
|
stack
|
page read and write
|
||
|
124842CC000
|
heap
|
page read and write
|
||
|
2816FC60000
|
heap
|
page read and write
|
||
|
28C3864D000
|
heap
|
page read and write
|
||
|
28C3863C000
|
heap
|
page read and write
|
||
|
28C38650000
|
heap
|
page read and write
|
||
|
C43ABFE000
|
stack
|
page read and write
|
||
|
A9F3E7F000
|
stack
|
page read and write
|
||
|
DD7CA7F000
|
stack
|
page read and write
|
||
|
124842E1000
|
heap
|
page read and write
|
||
|
28C386E4000
|
heap
|
page read and write
|
||
|
1DB56E02000
|
trusted library allocation
|
page read and write
|
||
|
2C10B670000
|
trusted library allocation
|
page read and write
|
||
|
2C10B7F0000
|
trusted library allocation
|
page read and write
|
||
|
28C39196000
|
heap
|
page read and write
|
||
|
1C677641000
|
heap
|
page read and write
|
||
|
27EAA3C0000
|
remote allocation
|
page read and write
|
||
|
1823D7D000
|
stack
|
page read and write
|
||
|
2C10BA2B000
|
heap
|
page read and write
|
||
|
2C10BB15000
|
heap
|
page read and write
|
||
|
25C4A460000
|
heap
|
page read and write
|
||
|
2C1071E0000
|
trusted library allocation
|
page read and write
|
||
|
1B931F02000
|
heap
|
page read and write
|
||
|
1DB5666F000
|
heap
|
page read and write
|
||
|
28C386EB000
|
heap
|
page read and write
|
||
|
28C39187000
|
heap
|
page read and write
|
||
|
2C10BAD9000
|
heap
|
page read and write
|
||
|
2C106B9A000
|
heap
|
page read and write
|
||
|
C43A97E000
|
stack
|
page read and write
|
||
|
26C937A0000
|
trusted library allocation
|
page read and write
|
||
|
2C10B7F1000
|
trusted library allocation
|
page read and write
|
||
|
2486405F000
|
heap
|
page read and write
|
||
|
1B932602000
|
trusted library allocation
|
page read and write
|
||
|
15C8895E000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
15C88BF0000
|
heap
|
page read and write
|
||
|
28DE9A00000
|
heap
|
page read and write
|
||
|
26C91F00000
|
heap
|
page read and write
|
||
|
2C10626C000
|
heap
|
page read and write
|
||
|
2C106200000
|
heap
|
page read and write
|
||
|
1C677450000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2C10B7F8000
|
trusted library allocation
|
page read and write
|
||
|
28C39188000
|
heap
|
page read and write
|
||
|
2C10B814000
|
trusted library allocation
|
page read and write
|
||
|
2C10B8C0000
|
trusted library allocation
|
page read and write
|
||
|
2C106BDB000
|
heap
|
page read and write
|
||
|
12484B00000
|
heap
|
page read and write
|
||
|
24864066000
|
heap
|
page read and write
|
||
|
E78D87E000
|
stack
|
page read and write
|
||
|
DC7000
|
unkown
|
page readonly
|
||
|
1B931C20000
|
heap
|
page read and write
|
||
|
28C38702000
|
heap
|
page read and write
|
||
|
24864060000
|
heap
|
page read and write
|
||
|
28DEA202000
|
trusted library allocation
|
page read and write
|
||
|
28C38600000
|
heap
|
page read and write
|
||
|
CD7747B000
|
stack
|
page read and write
|
||
|
1DB5662C000
|
heap
|
page read and write
|
||
|
1C677663000
|
heap
|
page read and write
|
||
|
1B931E13000
|
heap
|
page read and write
|
||
|
28C391A0000
|
heap
|
page read and write
|
||
|
124841A0000
|
trusted library allocation
|
page read and write
|
||
|
DD7D17E000
|
stack
|
page read and write
|
||
|
25C4A330000
|
heap
|
page read and write
|
||
|
1DB56688000
|
heap
|
page read and write
|
||
|
28C38708000
|
heap
|
page read and write
|
||
|
28DE9B08000
|
heap
|
page read and write
|
||
|
2C1072E0000
|
trusted library section
|
page readonly
|
||
|
12484A02000
|
heap
|
page read and write
|
||
|
2C10BB04000
|
heap
|
page read and write
|
||
|
C43ADFF000
|
stack
|
page read and write
|
||
|
DD7CCFE000
|
stack
|
page read and write
|
||
|
28C391A2000
|
heap
|
page read and write
|
||
|
28C39185000
|
heap
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
1DB56708000
|
heap
|
page read and write
|
||
|
2C1062F8000
|
heap
|
page read and write
|
||
|
DC940FF000
|
unkown
|
page read and write
|
||
|
2C10B7FB000
|
trusted library allocation
|
page read and write
|
||
|
1B931E79000
|
heap
|
page read and write
|
||
|
28C39199000
|
heap
|
page read and write
|
||
|
2C10BCE0000
|
trusted library allocation
|
page read and write
|
||
|
1137000
|
stack
|
page read and write
|
||
|
26C91E2A000
|
heap
|
page read and write
|
||
|
F3E25FE000
|
stack
|
page read and write
|
||
|
2C10622A000
|
heap
|
page read and write
|
||
|
26C91E88000
|
heap
|
page read and write
|
||
|
9FD3B7F000
|
stack
|
page read and write
|
||
|
98213BF000
|
stack
|
page read and write
|
||
|
1B931D90000
|
trusted library allocation
|
page read and write
|
||
|
DD7C1ED000
|
stack
|
page read and write
|
||
|
1C677678000
|
heap
|
page read and write
|
||
|
1DB5664F000
|
heap
|
page read and write
|
||
|
25C4A502000
|
heap
|
page read and write
|
||
|
EE2CD6C000
|
stack
|
page read and write
|
||
|
DC7000
|
unkown
|
page readonly
|
||
|
2816FD47000
|
heap
|
page read and write
|
||
|
98216FC000
|
stack
|
page read and write
|
||
|
28C3918D000
|
heap
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
26C91F02000
|
heap
|
page read and write
|
||
|
28C39115000
|
heap
|
page read and write
|
||
|
27EAA3C0000
|
remote allocation
|
page read and write
|
||
|
EE2CDEE000
|
stack
|
page read and write
|
||
|
2C106B9B000
|
heap
|
page read and write
|
||
|
2C10BB1D000
|
heap
|
page read and write
|
||
|
2816FD60000
|
heap
|
page read and write
|
||
|
1DB56430000
|
heap
|
page read and write
|
||
|
12484213000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
1C67765D000
|
heap
|
page read and write
|
||
|
24864102000
|
heap
|
page read and write
|
||
|
2C106B08000
|
heap
|
page read and write
|
||
|
2C1072D0000
|
trusted library section
|
page readonly
|
||
|
28C386C4000
|
heap
|
page read and write
|
||
|
28DE9A3C000
|
heap
|
page read and write
|
||
|
18235FC000
|
stack
|
page read and write
|
||
|
CD7797D000
|
stack
|
page read and write
|
||
|
DA1000
|
unkown
|
page execute read
|
||
|
DD7C9FF000
|
stack
|
page read and write
|
||
|
2C1061C1000
|
trusted library allocation
|
page read and write
|
||
|
15C88993000
|
heap
|
page read and write
|
||
|
DD7C97B000
|
stack
|
page read and write
|
||
|
25C4A440000
|
heap
|
page read and write
|
||
|
1C6775C0000
|
trusted library allocation
|
page read and write
|
||
|
27EAA290000
|
heap
|
page read and write
|
||
|
28DE98B0000
|
heap
|
page read and write
|
||
|
28C3919C000
|
heap
|
page read and write
|
||
|
28C39150000
|
heap
|
page read and write
|
||
|
28C39188000
|
heap
|
page read and write
|
||
|
176E000
|
stack
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
12484030000
|
heap
|
page read and write
|
||
|
2C106B58000
|
heap
|
page read and write
|
||
|
15C8895E000
|
heap
|
page read and write
|
||
|
2C107000000
|
trusted library allocation
|
page read and write
|
||
|
2C106B9B000
|
heap
|
page read and write
|
||
|
28C3919B000
|
heap
|
page read and write
|
||
|
28C39002000
|
heap
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
26C91E00000
|
heap
|
page read and write
|
||
|
EE2D07E000
|
stack
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
25C4A45F000
|
heap
|
page read and write
|
||
|
2816FD61000
|
heap
|
page read and write
|
||
|
2C1062A9000
|
heap
|
page read and write
|
||
|
27EAA230000
|
heap
|
page read and write
|
||
|
2C10BAAF000
|
heap
|
page read and write
|
||
|
26C91DC0000
|
trusted library allocation
|
page read and write
|
||
|
25C4A400000
|
heap
|
page read and write
|
||
|
28C3918C000
|
heap
|
page read and write
|
||
|
2C106256000
|
heap
|
page read and write
|
||
|
113C000
|
stack
|
page read and write
|
||
|
CD776FF000
|
stack
|
page read and write
|
||
|
1B931F13000
|
heap
|
page read and write
|
||
|
1B931E02000
|
heap
|
page read and write
|
||
|
DD8000
|
unkown
|
page write copy
|
||
|
2816FD00000
|
heap
|
page read and write
|
||
|
DD7CB7F000
|
stack
|
page read and write
|
||
|
28C38651000
|
heap
|
page read and write
|
||
|
2C10BB04000
|
heap
|
page read and write
|
||
|
2486405B000
|
heap
|
page read and write
|
||
|
DD7CE7F000
|
stack
|
page read and write
|
||
|
98219FE000
|
stack
|
page read and write
|
||
|
2816FD3F000
|
heap
|
page read and write
|
||
|
28C38613000
|
heap
|
page read and write
|
||
|
3C658FE000
|
stack
|
page read and write
|
||
|
28C39140000
|
heap
|
page read and write
|
||
|
26C91E13000
|
heap
|
page read and write
|
||
|
27EAA3C0000
|
remote allocation
|
page read and write
|
||
|
28C38EF0000
|
remote allocation
|
page read and write
|
||
|
25C4A46A000
|
heap
|
page read and write
|
||
|
15C889A0000
|
heap
|
page read and write
|
||
|
24864067000
|
heap
|
page read and write
|
||
|
15C8896C000
|
heap
|
page read and write
|
||
|
2C10B811000
|
trusted library allocation
|
page read and write
|
||
|
15C8895A000
|
heap
|
page read and write
|
||
|
DC9378E000
|
stack
|
page read and write
|
||
|
2C10B930000
|
trusted library allocation
|
page read and write
|
||
|
2C10BA00000
|
heap
|
page read and write
|
||
|
25C4A457000
|
heap
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
2C106B13000
|
heap
|
page read and write
|
||
|
1DD5000
|
heap
|
page read and write
|
||
|
28C38520000
|
heap
|
page read and write
|
||
|
12484229000
|
heap
|
page read and write
|
||
|
15C88963000
|
heap
|
page read and write
|
||
|
2C10628D000
|
heap
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
2C106288000
|
heap
|
page read and write
|
||
|
2C10BB0A000
|
heap
|
page read and write
|
||
|
2816FD44000
|
heap
|
page read and write
|
||
|
2C10B920000
|
trusted library allocation
|
page read and write
|
||
|
27EAA402000
|
heap
|
page read and write
|
||
|
28C39189000
|
heap
|
page read and write
|
||
|
2816FD37000
|
heap
|
page read and write
|
||
|
2C1061E0000
|
trusted library allocation
|
page read and write
|
||
|
28C386EE000
|
heap
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
24863ED0000
|
heap
|
page read and write
|
||
|
2816FD60000
|
heap
|
page read and write
|
||
|
12484313000
|
heap
|
page read and write
|
||
|
28C38657000
|
heap
|
page read and write
|
||
|
28C39113000
|
heap
|
page read and write
|
||
|
2C10B820000
|
trusted library allocation
|
page read and write
|
||
|
25C4A465000
|
heap
|
page read and write
|
||
|
2C10BB02000
|
heap
|
page read and write
|
||
|
E78D4EA000
|
stack
|
page read and write
|
||
|
24864108000
|
heap
|
page read and write
|
||
|
A9F36CB000
|
stack
|
page read and write
|
||
|
28DE9A13000
|
heap
|
page read and write
|
||
|
15C88780000
|
heap
|
page read and write
|
||
|
25C4A463000
|
heap
|
page read and write
|
||
|
EE2D6FF000
|
stack
|
page read and write
|
||
|
28C39195000
|
heap
|
page read and write
|
||
|
2C106271000
|
heap
|
page read and write
|
||
|
DD7C0EC000
|
stack
|
page read and write
|
||
|
1DB56654000
|
heap
|
page read and write
|
||
|
2C106313000
|
heap
|
page read and write
|
||
|
1B931E55000
|
heap
|
page read and write
|
||
|
71CB71B000
|
stack
|
page read and write
|
||
|
2C10B7F5000
|
trusted library allocation
|
page read and write
|
||
|
28C39195000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
2C10B6D0000
|
trusted library allocation
|
page read and write
|
||
|
28DEA1C0000
|
trusted library allocation
|
page read and write
|
||
|
DD7CDFF000
|
stack
|
page read and write
|
||
|
24863F60000
|
trusted library allocation
|
page read and write
|
||
|
28C38629000
|
heap
|
page read and write
|
||
|
CD779FE000
|
stack
|
page read and write
|
||
|
27EAA413000
|
heap
|
page read and write
|
||
|
2C10B6E0000
|
trusted library allocation
|
page read and write
|
||
|
F3E26FD000
|
stack
|
page read and write
|
||
|
1DB56590000
|
trusted library allocation
|
page read and write
|
||
|
DD7CC7A000
|
stack
|
page read and write
|
||
|
28C391A0000
|
heap
|
page read and write
|
||
|
26C91E02000
|
heap
|
page read and write
|
||
|
2C10BAFD000
|
heap
|
page read and write
|
||
|
71CC17F000
|
stack
|
page read and write
|
||
|
2C10BAFB000
|
heap
|
page read and write
|
||
|
24864054000
|
heap
|
page read and write
|
||
|
18238FC000
|
stack
|
page read and write
|
||
|
2C106160000
|
trusted library section
|
page read and write
|
||
|
71CC27F000
|
stack
|
page read and write
|
||
|
2C106150000
|
trusted library allocation
|
page read and write
|
||
|
DC9370E000
|
stack
|
page read and write
|
||
|
3C659FF000
|
stack
|
page read and write
|
||
|
1C677E02000
|
trusted library allocation
|
page read and write
|
||
|
2816FD50000
|
heap
|
page read and write
|
||
|
A9F374E000
|
stack
|
page read and write
|
||
|
2C10BA89000
|
heap
|
page read and write
|
||
|
1C677613000
|
heap
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
28C39196000
|
heap
|
page read and write
|
||
|
28DE9A64000
|
heap
|
page read and write
|
||
|
2816FD2B000
|
heap
|
page read and write
|
||
|
2C107300000
|
trusted library section
|
page readonly
|
||
|
28DE9A55000
|
heap
|
page read and write
|
||
|
1823E7F000
|
stack
|
page read and write
|
||
|
2486408C000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
28C39196000
|
heap
|
page read and write
|
||
|
1B931E00000
|
heap
|
page read and write
|
||
|
28C391A0000
|
heap
|
page read and write
|
||
|
25C4A464000
|
heap
|
page read and write
|
||
|
12484287000
|
heap
|
page read and write
|
||
|
25C4A47B000
|
heap
|
page read and write
|
||
|
E78D9FC000
|
stack
|
page read and write
|
||
|
28DE98C0000
|
heap
|
page read and write
|
||
|
2C107660000
|
trusted library allocation
|
page read and write
|
||
|
15C8896D000
|
heap
|
page read and write
|
||
|
2816FC40000
|
heap
|
page read and write
|
||
|
2816FD40000
|
heap
|
page read and write
|
||
|
182318B000
|
stack
|
page read and write
|
||
|
1DB56700000
|
heap
|
page read and write
|
||
|
1DB56420000
|
heap
|
page read and write
|
||
|
24864069000
|
heap
|
page read and write
|
||
|
DD8000
|
unkown
|
page read and write
|
||
|
28C391B1000
|
heap
|
page read and write
|
||
|
2816FD50000
|
heap
|
page read and write
|
||
|
28C39192000
|
heap
|
page read and write
|
||
|
2C10BA1D000
|
heap
|
page read and write
|
||
|
2486405C000
|
heap
|
page read and write
|
||
|
28C39171000
|
heap
|
page read and write
|
||
|
15C8898F000
|
heap
|
page read and write
|
||
|
18239FD000
|
stack
|
page read and write
|
||
|
15C8895A000
|
heap
|
page read and write
|
||
|
EE2D3F7000
|
stack
|
page read and write
|
||
|
2C106B00000
|
heap
|
page read and write
|
||
|
28C38EF0000
|
remote allocation
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
2C10B7FE000
|
trusted library allocation
|
page read and write
|
||
|
1248426E000
|
heap
|
page read and write
|
||
|
15C8898D000
|
heap
|
page read and write
|
||
|
2C106B58000
|
heap
|
page read and write
|
||
|
1B931C90000
|
heap
|
page read and write
|
||
|
26C91C00000
|
heap
|
page read and write
|
||
|
DA0000
|
unkown
|
page readonly
|
||
|
2C10B7F0000
|
trusted library allocation
|
page read and write
|
||
|
DC9407A000
|
stack
|
page read and write
|
||
|
2C10BAF8000
|
heap
|
page read and write
|
||
|
2C10B660000
|
trusted library allocation
|
page read and write
|
||
|
26C91D70000
|
trusted library allocation
|
page read and write
|
||
|
1D10000
|
heap
|
page read and write
|
||
|
12484040000
|
heap
|
page read and write
|
||
|
28C3918B000
|
heap
|
page read and write
|
||
|
24864062000
|
heap
|
page read and write
|
||
|
2C10BB26000
|
heap
|
page read and write
|
||
|
E78D5EF000
|
stack
|
page read and write
|
||
|
28C386B6000
|
heap
|
page read and write
|
||
|
15C8898A000
|
heap
|
page read and write
|
||
|
25C4A461000
|
heap
|
page read and write
|
||
|
12484200000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
124842CA000
|
heap
|
page read and write
|
||
|
25C4A3D0000
|
trusted library allocation
|
page read and write
|
||
|
2816FD32000
|
heap
|
page read and write
|
||
|
15C8898F000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
26C91E47000
|
heap
|
page read and write
|
||
|
26C91E46000
|
heap
|
page read and write
|
||
|
F3E21FE000
|
stack
|
page read and write
|
||
|
2C10B830000
|
trusted library allocation
|
page read and write
|
||
|
26C91F18000
|
heap
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
28C386DC000
|
heap
|
page read and write
|
||
|
28C39600000
|
heap
|
page read and write
|
||
|
25C4A447000
|
heap
|
page read and write
|
||
|
27EAAC02000
|
trusted library allocation
|
page read and write
|
||
|
1823B7D000
|
stack
|
page read and write
|
||
|
EE2D5FC000
|
stack
|
page read and write
|
||
|
1DB56490000
|
heap
|
page read and write
|
||
|
26C91E62000
|
heap
|
page read and write
|
||
|
26C91E57000
|
heap
|
page read and write
|
||
|
DC93BF8000
|
stack
|
page read and write
|
||
|
71CBD7C000
|
stack
|
page read and write
|
||
|
27EAA440000
|
heap
|
page read and write
|
||
|
15C8898F000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
1B931C30000
|
heap
|
page read and write
|
||
|
28C39188000
|
heap
|
page read and write
|
||
|
CD775FE000
|
stack
|
page read and write
|
||
|
28C39198000
|
heap
|
page read and write
|
||
|
2C10BC70000
|
trusted library allocation
|
page read and write
|
||
|
E78D56E000
|
stack
|
page read and write
|
||
|
134E000
|
stack
|
page read and write
|
||
|
1C677713000
|
heap
|
page read and write
|
||
|
DD7C4F7000
|
stack
|
page read and write
|
||
|
24864A02000
|
trusted library allocation
|
page read and write
|
||
|
C43A8FE000
|
stack
|
page read and write
|
||
|
124840A0000
|
heap
|
page read and write
|
||
|
1C677460000
|
heap
|
page read and write
|
||
|
1DB56600000
|
heap
|
page read and write
|
||
|
27EAA220000
|
heap
|
page read and write
|
||
|
28C38713000
|
heap
|
page read and write
|
||
|
2C10B7F0000
|
trusted library allocation
|
page read and write
|
||
|
28C39181000
|
heap
|
page read and write
|
||
|
DD7D07C000
|
stack
|
page read and write
|
||
|
26C91E40000
|
heap
|
page read and write
|
||
|
2C10BB13000
|
heap
|
page read and write
|
||
|
DC93D7E000
|
stack
|
page read and write
|
||
|
15C88938000
|
heap
|
page read and write
|
||
|
2C106050000
|
heap
|
page read and write
|
||
|
28C38652000
|
heap
|
page read and write
|
||
|
28C39194000
|
heap
|
page read and write
|
||
|
DD7CF7A000
|
stack
|
page read and write
|
||
|
28C3919E000
|
heap
|
page read and write
|
||
|
26C91C10000
|
heap
|
page read and write
|
||
|
2C106302000
|
heap
|
page read and write
|
||
|
DA1000
|
unkown
|
page execute read
|
||
|
1248423E000
|
heap
|
page read and write
|
||
|
98217FB000
|
stack
|
page read and write
|
||
|
25C4A458000
|
heap
|
page read and write
|
||
|
182387E000
|
stack
|
page read and write
|
||
|
F3E1F7F000
|
stack
|
page read and write
|
||
|
2C10B950000
|
remote allocation
|
page read and write
|
||
|
25C4A45C000
|
heap
|
page read and write
|
||
|
2C10BB02000
|
heap
|
page read and write
|
||
|
2C10BADD000
|
heap
|
page read and write
|
||
|
28C3864B000
|
heap
|
page read and write
|
||
|
26C91E72000
|
heap
|
page read and write
|
||
|
26C937E0000
|
remote allocation
|
page read and write
|
||
|
1DB56657000
|
heap
|
page read and write
|
||
|
2C10B940000
|
trusted library allocation
|
page read and write
|
||
|
2C106B9B000
|
heap
|
page read and write
|
||
|
28C38654000
|
heap
|
page read and write
|
||
|
15C888C0000
|
heap
|
page read and write
|
||
|
2C106299000
|
heap
|
page read and write
|
||
|
25C4A462000
|
heap
|
page read and write
|
||
|
2C10B834000
|
trusted library allocation
|
page read and write
|
||
|
CD77AFD000
|
stack
|
page read and write
|
||
|
124842BB000
|
heap
|
page read and write
|
||
|
2816FD05000
|
heap
|
page read and write
|
||
|
9FD3A7B000
|
stack
|
page read and write
|
||
|
2C10BC80000
|
trusted library allocation
|
page read and write
|
||
|
2C105FE0000
|
heap
|
page read and write
|
||
|
2C10BA3F000
|
heap
|
page read and write
|
||
|
25C4A442000
|
heap
|
page read and write
|
||
|
15C8898F000
|
heap
|
page read and write
|
||
|
28C38590000
|
heap
|
page read and write
|
||
|
DC93AFC000
|
stack
|
page read and write
|
||
|
24864100000
|
heap
|
page read and write
|
||
|
1B931E28000
|
heap
|
page read and write
|
||
|
2C106273000
|
heap
|
page read and write
|
||
|
2C1061E3000
|
trusted library allocation
|
page read and write
|
||
|
71CBE7F000
|
stack
|
page read and write
|
||
|
2C106213000
|
heap
|
page read and write
|
||
|
24864068000
|
heap
|
page read and write
|
||
|
103D000
|
stack
|
page read and write
|
||
|
DC93CF7000
|
stack
|
page read and write
|
||
|
15C888E0000
|
heap
|
page read and write
|
||
|
28C391A2000
|
heap
|
page read and write
|
||
|
3C656FF000
|
stack
|
page read and write
|
||
|
1C6774C0000
|
heap
|
page read and write
|
||
|
3C656FC000
|
stack
|
page read and write
|
||
|
2C10B950000
|
remote allocation
|
page read and write
|
||
|
DC93E7F000
|
stack
|
page read and write
|
||
|
1C67762A000
|
heap
|
page read and write
|
||
|
25C4A47C000
|
heap
|
page read and write
|
||
|
9FD367B000
|
stack
|
page read and write
|
||
|
28DE9A5F000
|
heap
|
page read and write
|
||
|
28C38EF0000
|
remote allocation
|
page read and write
|
||
|
27EAA502000
|
heap
|
page read and write
|
||
|
2816FD20000
|
heap
|
page read and write
|
||
|
98212BB000
|
stack
|
page read and write
|
||
|
2C10BA4C000
|
heap
|
page read and write
|
||
|
28C391D6000
|
heap
|
page read and write
|
||
|
2C10B910000
|
trusted library allocation
|
page read and write
|
||
|
EE2D17B000
|
stack
|
page read and write
|
||
|
71CBF7D000
|
stack
|
page read and write
|
||
|
2C106B9B000
|
heap
|
page read and write
|
||
|
28C3864C000
|
heap
|
page read and write
|
||
|
1378000
|
heap
|
page read and write
|
||
|
1C67767A000
|
heap
|
page read and write
|
||
|
28C386CB000
|
heap
|
page read and write
|
||
|
1B931F00000
|
heap
|
page read and write
|
||
|
A9F3C7E000
|
stack
|
page read and write
|
||
|
1C677600000
|
heap
|
page read and write
|
||
|
2C10B960000
|
trusted library allocation
|
page read and write
|
||
|
26C91E56000
|
heap
|
page read and write
|
||
|
2486403C000
|
heap
|
page read and write
|
||
|
28C39602000
|
heap
|
page read and write
|
||
|
12484224000
|
heap
|
page read and write
|
||
|
15C8898D000
|
heap
|
page read and write
|
||
|
25C4A47F000
|
heap
|
page read and write
|
||
|
2816FD36000
|
heap
|
page read and write
|
||
|
C43A87C000
|
stack
|
page read and write
|
||
|
28C39620000
|
heap
|
page read and write
|
||
|
CD7787E000
|
stack
|
page read and write
|
||
|
1DB5662A000
|
heap
|
page read and write
|
||
|
2C10B820000
|
trusted library allocation
|
page read and write
|
||
|
2C106B18000
|
heap
|
page read and write
|
||
|
2C10623F000
|
heap
|
page read and write
|
||
|
15C8898D000
|
heap
|
page read and write
|
||
|
2C107310000
|
trusted library section
|
page readonly
|
||
|
71CC07F000
|
stack
|
page read and write
|
||
|
2C10BA62000
|
heap
|
page read and write
|
||
|
2C106A00000
|
heap
|
page read and write
|
||
|
2816FB10000
|
heap
|
page read and write
|
||
|
26C91E47000
|
heap
|
page read and write
|
||
|
28C3918D000
|
heap
|
page read and write
|
||
|
2C10B950000
|
remote allocation
|
page read and write
|
||
|
DD7CAFE000
|
stack
|
page read and write
|
||
|
28DE9920000
|
heap
|
page read and write
|
||
|
28C39163000
|
heap
|
page read and write
|
||
|
EE2D4FE000
|
stack
|
page read and write
|
||
|
15C88955000
|
heap
|
page read and write
|
||
|
12484B32000
|
heap
|
page read and write
|
||
|
C43AB7B000
|
stack
|
page read and write
|
||
|
28C391A2000
|
heap
|
page read and write
|
||
|
2C10BAEE000
|
heap
|
page read and write
|
||
|
15C88963000
|
heap
|
page read and write
|
||
|
28C386AC000
|
heap
|
page read and write
|
||
|
CD7777E000
|
stack
|
page read and write
|
||
|
28C391CE000
|
heap
|
page read and write
|
||
|
CD77BFD000
|
stack
|
page read and write
|
||
|
DC93F78000
|
stack
|
page read and write
|
||
|
F3E20FF000
|
stack
|
page read and write
|
||
|
1DB5663C000
|
heap
|
page read and write
|
||
|
2C10BAAC000
|
heap
|
page read and write
|
||
|
25C4A413000
|
heap
|
page read and write
|
||
|
2C10B693000
|
trusted library allocation
|
page read and write
|
||
|
F3E22FF000
|
stack
|
page read and write
|
||
|
25C4A46E000
|
heap
|
page read and write
|
||
|
26C91C70000
|
heap
|
page read and write
|
||
|
CD7767F000
|
stack
|
page read and write
|
||
|
1C677671000
|
heap
|
page read and write
|
||
|
28C39185000
|
heap
|
page read and write
|
||
|
24863F30000
|
heap
|
page read and write
|
||
|
25C4A431000
|
heap
|
page read and write
|
||
|
25C4A456000
|
heap
|
page read and write
|
||
|
28C39188000
|
heap
|
page read and write
|
||
|
25C4A46C000
|
heap
|
page read and write
|
||
|
2C10BB15000
|
heap
|
page read and write
|
||
|
25C4A468000
|
heap
|
page read and write
|
||
|
1DB5664D000
|
heap
|
page read and write
|
||
|
15C8895E000
|
heap
|
page read and write
|
||
|
28DE9A29000
|
heap
|
page read and write
|
||
|
28C38672000
|
heap
|
page read and write
|
||
|
28C39195000
|
heap
|
page read and write
|
||
|
A9F37CE000
|
stack
|
page read and write
|
||
|
2C10B810000
|
trusted library allocation
|
page read and write
|
||
|
1DB5664B000
|
heap
|
page read and write
|
||
|
28C3919C000
|
heap
|
page read and write
|
||
|
24864013000
|
heap
|
page read and write
|
||
|
EE2D27B000
|
stack
|
page read and write
|
||
|
28C391B6000
|
heap
|
page read and write
|
||
|
28C38682000
|
heap
|
page read and write
|
||
|
24864113000
|
heap
|
page read and write
|
||
|
2C10B7FC000
|
trusted library allocation
|
page read and write
|
||
|
1DB5664C000
|
heap
|
page read and write
|
||
|
28C391A3000
|
heap
|
page read and write
|
||
|
2C10BB08000
|
heap
|
page read and write
|
||
|
C43AA7B000
|
stack
|
page read and write
|
||
|
71CBC7F000
|
stack
|
page read and write
|
||
|
25C4AE02000
|
trusted library allocation
|
page read and write
|
||
|
2C10B940000
|
trusted library allocation
|
page read and write
|
||
|
1C677602000
|
heap
|
page read and write
|
||
|
E78D97F000
|
stack
|
page read and write
|
||
|
DD7C77A000
|
stack
|
page read and write
|
||
|
9821AFD000
|
stack
|
page read and write
|
||
|
9FD3C7F000
|
stack
|
page read and write
|
||
|
71CC47F000
|
stack
|
page read and write
|
||
|
28C391A9000
|
heap
|
page read and write
|
||
|
1823A7C000
|
stack
|
page read and write
|
||
|
25C4A485000
|
heap
|
page read and write
|
||
|
25C4A45A000
|
heap
|
page read and write
|
||
|
1DB56702000
|
heap
|
page read and write
|
||
|
2C10B900000
|
trusted library allocation
|
page read and write
|
||
|
25C4A3A0000
|
heap
|
page read and write
|
||
|
2C106A15000
|
heap
|
page read and write
|
||
|
28C391AD000
|
heap
|
page read and write
|
||
|
A9F3B7E000
|
stack
|
page read and write
|
||
|
2816FD46000
|
heap
|
page read and write
|
||
|
25C4A455000
|
heap
|
page read and write
|
||
|
2C10B830000
|
trusted library allocation
|
page read and write
|
||
|
28C38716000
|
heap
|
page read and write
|
||
|
28DE9B00000
|
heap
|
page read and write
|
||
|
DD7C87F000
|
stack
|
page read and write
|
||
|
24864064000
|
heap
|
page read and write
|
||
|
2C10BB00000
|
heap
|
page read and write
|
||
|
25C4A429000
|
heap
|
page read and write
|
||
|
28C38655000
|
heap
|
page read and write
|
||
|
26C91F13000
|
heap
|
page read and write
|
||
|
2C1061F0000
|
trusted library allocation
|
page read and write
|
||
|
982133F000
|
stack
|
page read and write
|
||
|
15C88961000
|
heap
|
page read and write
|
||
|
221F000
|
stack
|
page read and write
|
||
|
2C106A02000
|
heap
|
page read and write
|
||
|
2C10BB18000
|
heap
|
page read and write
|
||
|
26C937E0000
|
remote allocation
|
page read and write
|
||
|
2486402A000
|
heap
|
page read and write
|
||
|
27EAA400000
|
heap
|
page read and write
|
||
|
28C38530000
|
heap
|
page read and write
|
||
|
2C10BB05000
|
heap
|
page read and write
|
||
|
2C106B59000
|
heap
|
page read and write
|
||
|
2C10B690000
|
trusted library allocation
|
page read and write
|
||
|
26C91E57000
|
heap
|
page read and write
|
||
|
24864057000
|
heap
|
page read and write
|
||
|
26C91D90000
|
trusted library allocation
|
page read and write
|
||
|
2C106325000
|
heap
|
page read and write
|
||
|
1C677702000
|
heap
|
page read and write
|
||
|
2C10B7F1000
|
trusted library allocation
|
page read and write
|
||
|
DDB000
|
unkown
|
page readonly
|
||
|
9FD397B000
|
stack
|
page read and write
|
||
|
15C88BF5000
|
heap
|
page read and write
|
||
|
1DB56647000
|
heap
|
page read and write
|
||
|
25C4A43C000
|
heap
|
page read and write
|
||
|
2486405E000
|
heap
|
page read and write
|
||
|
3C65BFD000
|
stack
|
page read and write
|
||
|
28DE9A81000
|
heap
|
page read and write
|
||
|
15C88991000
|
heap
|
page read and write
|
||
|
71CC37E000
|
stack
|
page read and write
|
||
|
25C4A43A000
|
heap
|
page read and write
|
||
|
25C4A459000
|
heap
|
page read and write
|
||
|
26C937E0000
|
remote allocation
|
page read and write
|
||
|
2C10B950000
|
trusted library allocation
|
page read and write
|
||
|
27EAA390000
|
trusted library allocation
|
page read and write
|
||
|
2C10BA13000
|
heap
|
page read and write
|
||
|
2C10BB19000
|
heap
|
page read and write
|
||
|
9821BFE000
|
stack
|
page read and write
|
||
|
27EAA45C000
|
heap
|
page read and write
|
||
|
98218F7000
|
stack
|
page read and write
|
||
|
2C106B59000
|
heap
|
page read and write
|
||
|
1DB56646000
|
heap
|
page read and write
|
||
|
71CBB7B000
|
stack
|
page read and write
|
||
|
F3E24FC000
|
stack
|
page read and write
|
||
|
28DE9A74000
|
heap
|
page read and write
|
||
|
28C391C6000
|
heap
|
page read and write
|
||
|
1DD0000
|
heap
|
page read and write
|
||
|
28C3868A000
|
heap
|
page read and write
|
||
|
1D6E000
|
stack
|
page read and write
|
||
|
28C39603000
|
heap
|
page read and write
|
||
|
28C385C0000
|
trusted library allocation
|
page read and write
|
||
|
166F000
|
stack
|
page read and write
|
||
|
28C39181000
|
heap
|
page read and write
|
||
|
C43ACF7000
|
stack
|
page read and write
|
||
|
DD7C67A000
|
stack
|
page read and write
|
||
|
28C3864F000
|
heap
|
page read and write
|
||
|
A9F3D7E000
|
stack
|
page read and write
|
||
|
DA0000
|
unkown
|
page readonly
|
||
|
2816FD42000
|
heap
|
page read and write
|
||
|
DDB000
|
unkown
|
page readonly
|
||
|
1DB56613000
|
heap
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
28C38627000
|
heap
|
page read and write
|
||
|
2816FD62000
|
heap
|
page read and write
|
||
|
1DB5667F000
|
heap
|
page read and write
|
||
|
25C4A441000
|
heap
|
page read and write
|
||
|
124842C4000
|
heap
|
page read and write
|
||
|
2C106276000
|
heap
|
page read and write
|
||
|
2C105FF0000
|
heap
|
page read and write
|
||
|
2816FD60000
|
heap
|
page read and write
|
||
|
1B931E3C000
|
heap
|
page read and write
|
||
|
28C39100000
|
heap
|
page read and write
|
||
|
15C88930000
|
heap
|
page read and write
|
||
|
1DB56713000
|
heap
|
page read and write
|
||
|
DC9368C000
|
stack
|
page read and write
|
||
|
3C657FE000
|
stack
|
page read and write
|
||
|
27EAA429000
|
heap
|
page read and write
|
||
|
28DE9B02000
|
heap
|
page read and write
|
||
|
2C106BDB000
|
heap
|
page read and write
|
||
|
2C106D01000
|
trusted library allocation
|
page read and write
|
||
|
1B931E64000
|
heap
|
page read and write
|
||
|
28DE9B13000
|
heap
|
page read and write
|
||
|
15C88790000
|
heap
|
page readonly
|
||
|
28C391A2000
|
heap
|
page read and write
|
||
|
28C386EE000
|
heap
|
page read and write
|
||
|
25C4A44E000
|
heap
|
page read and write
|
||
|
28C386B1000
|
heap
|
page read and write
|
||
|
F3E23FC000
|
stack
|
page read and write
|
||
|
26C93802000
|
trusted library allocation
|
page read and write
|
||
|
C43AEFE000
|
stack
|
page read and write
|
||
|
1823C7E000
|
stack
|
page read and write
|
||
|
15C88948000
|
heap
|
page read and write
|
||
|
25C4A478000
|
heap
|
page read and write
|
||
|
28C386F6000
|
heap
|
page read and write
|
||
|
12484302000
|
heap
|
page read and write
|
||
|
25C4A340000
|
heap
|
page read and write
|
||
|
1B931E68000
|
heap
|
page read and write
|
||
|
2C10B7F7000
|
trusted library allocation
|
page read and write
|
||
|
2C1072F0000
|
trusted library section
|
page readonly
|
||
|
E78D8F8000
|
stack
|
page read and write
|
||
|
2C10BB05000
|
heap
|
page read and write
|
||
|
11CD000
|
stack
|
page read and write
|
||
|
EE2D2FF000
|
stack
|
page read and write
|
||
|
15C88963000
|
heap
|
page read and write
|
||
|
3C65CF9000
|
stack
|
page read and write
|
||
|
28C3918D000
|
heap
|
page read and write
|
||
|
24863EC0000
|
heap
|
page read and write
|
||
|
15C8898A000
|
heap
|
page read and write
|
||
|
F3E1B3B000
|
stack
|
page read and write
|
||
|
2C106BDB000
|
heap
|
page read and write
|
||
|
24864000000
|
heap
|
page read and write
|
||
|
2C1072C0000
|
trusted library section
|
page readonly
|
||
|
3C65DFE000
|
stack
|
page read and write
|
There are 647 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://torch-rare-nerine.glitch.me/extdoc125index.html
|
|
|
|
https://www.extcovdoc125.org/
|