Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\32af24b7-8e6b-4ca4-9f91-b71a9d7b1c26.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\63e60e49-df27-46d0-b3fa-02bfa03eedf3.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6b9537c1-fc51-4958-bf78-7feeb99aeb61.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7444ee2a-05c7-45c7-83c9-9501bf5c4091.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\753d683a-f3ce-47ee-ad69-d581352f32f8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7e175efc-c788-4101-beea-420bee86d477.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9f65ff68-23a7-412c-b484-e55f86cfb511.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\13e00e10-1d73-4edf-9ce0-bd19823476a6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3578e76a-d2d3-481d-be57-0aed749b631f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\48c45130-639c-4828-a432-e0717693726d.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\506a3c1e-1ce9-4269-b6b8-51c9115019eb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59c98ba8-b128-4ecc-974e-0f5b70752c6e.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\90474a84-0be1-4e22-bcf3-0c167e667cd3.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico (copy)
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\f5ec0849-d2be-414d-ab65-9445e79a95fc.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7948abcf-4021-4246-bb2c-8e9d62b142e1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\acab1f8c-1c3f-4644-b2e7-5b5b76bb3f39.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b88063cb-99b6-4aa6-804a-0500b8c11de8.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be02b404-dd80-45a4-bd51-918c2158f9c0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d32892a1-6b7b-470b-9c3b-8e1c733d765f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d895c22f-553c-41fb-8a27-1c6699ad33f0.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000006.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ea054e04-fadc-4154-80e1-772d19526ad1.tmp
|
MS Windows icon resource - 13 icons, 8x8, 32 bits/pixel, 10x10, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f846427d-3538-45ac-b8f9-d36db2162e23.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a7295b4e-3792-4917-9c7b-d1ff14b09763.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b8eabc65-6763-4a5c-a663-e88c664b9700.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bd089d7a-f5e4-4b36-92ba-a2767d0c8c0b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\29514609-4c43-46df-a7fc-71bb016d3386.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\384_1385954082\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_545073127\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_545073127\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_545073127\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\384_545073127\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6dfd551e-11a9-49b6-90f0-b4364e9dc17e.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8626be7f-30ff-4b8e-a6cb-295dd2124e1f.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8dd7d4c2-b729-453c-a9b5-aaeeba8df79f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a19d8b6a-92a5-4d06-8726-546c9974db6f.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ccabbbdb-8a56-480e-8c04-42f14bf04087.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e3cbcee6-42dd-4ba1-b3a4-cee430610f25.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\8dd7d4c2-b729-453c-a9b5-aaeeba8df79f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir384_2056930022\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.acl
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.exc
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
There are 122 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation --single-argument http://static.clarlity.com/
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1652,17050148873617410223,8877625412963403,131072
--lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://static.clarlity.com
|
 |
||
|
http://static.clarlity.com/
|
185.253.33.179
|
|
|
|
https://static.clarlity.com/
|
185.253.33.179
|
|
|
|
http://static.clarlity.com/26Microsoft
|
unknown
|
|
|
|
https://static.clarlity.com/26Microsoft
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=92.0.4515.107&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.186.142
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.181.237
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.181.237
|
||
|
part-0017.t-0009.fbs1-t-msedge.net
|
13.107.219.45
|
||
|
b-0005.b-msedge.net
|
13.107.6.158
|
||
|
clients.l.google.com
|
142.250.186.142
|
||
|
static.clarlity.com
|
185.253.33.179
|
||
|
clients2.google.com
|
unknown
|
||
|
www.clarity.ms
|
unknown
|
||
|
i.clarity.ms
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.6.158
|
b-0005.b-msedge.net
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
13.107.219.45
|
part-0017.t-0009.fbs1-t-msedge.net
|
United States
|
||
|
13.107.227.45
|
unknown
|
United States
|
||
|
185.253.33.179
|
static.clarlity.com
|
Russian Federation
|
||
|
142.250.181.237
|
accounts.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.142
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-2660496737-530772487-1027249058-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blocklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
version
|
There are 40 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
26EE6188000
|
heap
|
page read and write
|
||
|
12331C11000
|
trusted library allocation
|
page read and write
|
||
|
26EE6714000
|
heap
|
page read and write
|
||
|
26EE68B3000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
26EE6888000
|
heap
|
page read and write
|
||
|
1678EC59000
|
heap
|
page read and write
|
||
|
26EE6851000
|
heap
|
page read and write
|
||
|
1232C6F1000
|
heap
|
page read and write
|
||
|
26EE664B000
|
heap
|
page read and write
|
||
|
26EE1131000
|
heap
|
page read and write
|
||
|
26EE6813000
|
heap
|
page read and write
|
||
|
26EE6800000
|
heap
|
page read and write
|
||
|
1232D590000
|
trusted library section
|
page readonly
|
||
|
26EE11BA000
|
heap
|
page read and write
|
||
|
17D46E53000
|
heap
|
page read and write
|
||
|
17D476F9000
|
heap
|
page read and write
|
||
|
26EE672C000
|
heap
|
page read and write
|
||
|
E91458F000
|
stack
|
page read and write
|
||
|
26EE6945000
|
heap
|
page read and write
|
||
|
26EE11AE000
|
heap
|
page read and write
|
||
|
12331D70000
|
remote allocation
|
page read and write
|
||
|
26EE11D3000
|
heap
|
page read and write
|
||
|
26EE66D6000
|
heap
|
page read and write
|
||
|
A0398FD000
|
stack
|
page read and write
|
||
|
1232C702000
|
heap
|
page read and write
|
||
|
26EE68D3000
|
heap
|
page read and write
|
||
|
26EE670D000
|
heap
|
page read and write
|
||
|
1232D9E2000
|
trusted library allocation
|
page read and write
|
||
|
1232DB02000
|
heap
|
page read and write
|
||
|
A03947F000
|
stack
|
page read and write
|
||
|
17D46DA3000
|
heap
|
page read and write
|
||
|
26EE602A000
|
heap
|
page read and write
|
||
|
26EE6881000
|
heap
|
page read and write
|
||
|
1232D9D0000
|
trusted library allocation
|
page read and write
|
||
|
26EE665D000
|
heap
|
page read and write
|
||
|
26EE602C000
|
heap
|
page read and write
|
||
|
26EE66E6000
|
heap
|
page read and write
|
||
|
26EE0FF0000
|
trusted library allocation
|
page read and write
|
||
|
17D46DC5000
|
heap
|
page read and write
|
||
|
1232DB27000
|
heap
|
page read and write
|
||
|
26EE0881000
|
heap
|
page read and write
|
||
|
26EE604A000
|
heap
|
page read and write
|
||
|
17D46DC5000
|
heap
|
page read and write
|
||
|
26EE5CAC000
|
trusted library allocation
|
page read and write
|
||
|
26EE6630000
|
heap
|
page read and write
|
||
|
26EE617F000
|
heap
|
page read and write
|
||
|
26EE110A000
|
heap
|
page read and write
|
||
|
1232C3B0000
|
heap
|
page read and write
|
||
|
26EE682D000
|
heap
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE5C77000
|
trusted library allocation
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE61F1000
|
heap
|
page read and write
|
||
|
26500E40000
|
heap
|
page read and write
|
||
|
26501088000
|
heap
|
page read and write
|
||
|
17D46E0E000
|
heap
|
page read and write
|
||
|
26EE662B000
|
heap
|
page read and write
|
||
|
26EE6659000
|
heap
|
page read and write
|
||
|
17D46E53000
|
heap
|
page read and write
|
||
|
26500E50000
|
heap
|
page read and write
|
||
|
26EE6110000
|
heap
|
page read and write
|
||
|
26EE61B3000
|
heap
|
page read and write
|
||
|
26EE5CAF000
|
trusted library allocation
|
page read and write
|
||
|
12331CA0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6824000
|
heap
|
page read and write
|
||
|
17D46DA3000
|
heap
|
page read and write
|
||
|
A039AFE000
|
stack
|
page read and write
|
||
|
E914AFE000
|
stack
|
page read and write
|
||
|
26B7E1E0000
|
heap
|
page read and write
|
||
|
26EE6026000
|
heap
|
page read and write
|
||
|
26EE666A000
|
heap
|
page read and write
|
||
|
26EE5CA4000
|
trusted library allocation
|
page read and write
|
||
|
26EE114A000
|
heap
|
page read and write
|
||
|
26EE1660000
|
trusted library section
|
page readonly
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
26EE6979000
|
heap
|
page read and write
|
||
|
26EE61DD000
|
heap
|
page read and write
|
||
|
26EE687D000
|
heap
|
page read and write
|
||
|
26EE0842000
|
heap
|
page read and write
|
||
|
26EE61A1000
|
heap
|
page read and write
|
||
|
26EE675F000
|
heap
|
page read and write
|
||
|
1232CD9C000
|
heap
|
page read and write
|
||
|
1678EC40000
|
heap
|
page read and write
|
||
|
1232C717000
|
heap
|
page read and write
|
||
|
26EE6912000
|
heap
|
page read and write
|
||
|
26B7E2E8000
|
heap
|
page read and write
|
||
|
26EE1670000
|
trusted library section
|
page readonly
|
||
|
26EE5C6C000
|
trusted library allocation
|
page read and write
|
||
|
26EE5C90000
|
trusted library allocation
|
page read and write
|
||
|
1232CF01000
|
trusted library allocation
|
page read and write
|
||
|
26EE694C000
|
heap
|
page read and write
|
||
|
26EE66D5000
|
heap
|
page read and write
|
||
|
26EE6621000
|
heap
|
page read and write
|
||
|
26EE67F3000
|
heap
|
page read and write
|
||
|
12331C10000
|
trusted library allocation
|
page read and write
|
||
|
52677F000
|
stack
|
page read and write
|
||
|
17D476D9000
|
heap
|
page read and write
|
||
|
26EE68C5000
|
heap
|
page read and write
|
||
|
17D46D7A000
|
heap
|
page read and write
|
||
|
26EE6672000
|
heap
|
page read and write
|
||
|
26EE6967000
|
heap
|
page read and write
|
||
|
17D47900000
|
heap
|
page read and write
|
||
|
26EE1540000
|
trusted library allocation
|
page read and write
|
||
|
26EE5D60000
|
remote allocation
|
page read and write
|
||
|
5261FB000
|
stack
|
page read and write
|
||
|
26EE115C000
|
heap
|
page read and write
|
||
|
1232D240000
|
trusted library allocation
|
page read and write
|
||
|
26EE11AF000
|
heap
|
page read and write
|
||
|
26EE6856000
|
heap
|
page read and write
|
||
|
26EE61FA000
|
heap
|
page read and write
|
||
|
1232D9E0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6900000
|
heap
|
page read and write
|
||
|
26EE619F000
|
heap
|
page read and write
|
||
|
26EE61F0000
|
heap
|
page read and write
|
||
|
6C020FB000
|
stack
|
page read and write
|
||
|
26EE68F2000
|
heap
|
page read and write
|
||
|
26EE5C67000
|
trusted library allocation
|
page read and write
|
||
|
17D46E2D000
|
heap
|
page read and write
|
||
|
26EE61AD000
|
heap
|
page read and write
|
||
|
26EE68E5000
|
heap
|
page read and write
|
||
|
26EE686C000
|
heap
|
page read and write
|
||
|
26EE5DC0000
|
trusted library allocation
|
page read and write
|
||
|
26EE61F3000
|
heap
|
page read and write
|
||
|
12331F90000
|
trusted library allocation
|
page read and write
|
||
|
26EE6729000
|
heap
|
page read and write
|
||
|
26EE6687000
|
heap
|
page read and write
|
||
|
26EE6700000
|
heap
|
page read and write
|
||
|
26EE6947000
|
heap
|
page read and write
|
||
|
1678F402000
|
heap
|
page read and write
|
||
|
17D46E2D000
|
heap
|
page read and write
|
||
|
26EE68EF000
|
heap
|
page read and write
|
||
|
26EE66D3000
|
heap
|
page read and write
|
||
|
26EE618B000
|
heap
|
page read and write
|
||
|
26EE6959000
|
heap
|
page read and write
|
||
|
26EE114D000
|
heap
|
page read and write
|
||
|
17D46F20000
|
heap
|
page read and write
|
||
|
26EE6985000
|
heap
|
page read and write
|
||
|
26EE6849000
|
heap
|
page read and write
|
||
|
26EE68BA000
|
heap
|
page read and write
|
||
|
26501099000
|
heap
|
page read and write
|
||
|
A0395FF000
|
stack
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE6037000
|
heap
|
page read and write
|
||
|
1232D901000
|
trusted library allocation
|
page read and write
|
||
|
12331C00000
|
trusted library allocation
|
page read and write
|
||
|
525E7E000
|
stack
|
page read and write
|
||
|
6C01AFE000
|
stack
|
page read and write
|
||
|
1232D930000
|
trusted library allocation
|
page read and write
|
||
|
26EE617D000
|
heap
|
page read and write
|
||
|
1232DB23000
|
heap
|
page read and write
|
||
|
26EE6193000
|
heap
|
page read and write
|
||
|
A0397FC000
|
stack
|
page read and write
|
||
|
1232C6A4000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26EE67B9000
|
heap
|
page read and write
|
||
|
26EE6949000
|
heap
|
page read and write
|
||
|
26EE66C1000
|
heap
|
page read and write
|
||
|
5258F8000
|
stack
|
page read and write
|
||
|
26EE6990000
|
heap
|
page read and write
|
||
|
26EE0854000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26EE662C000
|
heap
|
page read and write
|
||
|
26EE6043000
|
heap
|
page read and write
|
||
|
26EE619D000
|
heap
|
page read and write
|
||
|
4E19AFE000
|
stack
|
page read and write
|
||
|
26EE6826000
|
heap
|
page read and write
|
||
|
26EE612C000
|
heap
|
page read and write
|
||
|
1232DB0F000
|
heap
|
page read and write
|
||
|
5259FF000
|
stack
|
page read and write
|
||
|
1232C67D000
|
heap
|
page read and write
|
||
|
26EE6100000
|
heap
|
page read and write
|
||
|
26EE618F000
|
heap
|
page read and write
|
||
|
26501054000
|
heap
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
26EE61C8000
|
heap
|
page read and write
|
||
|
1232C65E000
|
heap
|
page read and write
|
||
|
26EE603F000
|
heap
|
page read and write
|
||
|
26EE682C000
|
heap
|
page read and write
|
||
|
26EE67E7000
|
heap
|
page read and write
|
||
|
1232DB21000
|
heap
|
page read and write
|
||
|
1232C699000
|
heap
|
page read and write
|
||
|
1232CD5B000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
26EE6884000
|
heap
|
page read and write
|
||
|
26EE669E000
|
heap
|
page read and write
|
||
|
26EE67D5000
|
heap
|
page read and write
|
||
|
26EE5CB3000
|
trusted library allocation
|
page read and write
|
||
|
1232C680000
|
heap
|
page read and write
|
||
|
17D4790B000
|
heap
|
page read and write
|
||
|
26501013000
|
heap
|
page read and write
|
||
|
26EE0859000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE61F8000
|
heap
|
page read and write
|
||
|
12331C37000
|
trusted library allocation
|
page read and write
|
||
|
26EE6838000
|
heap
|
page read and write
|
||
|
26B7E090000
|
heap
|
page read and write
|
||
|
26EE68A6000
|
heap
|
page read and write
|
||
|
26EE6955000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
1232C5F0000
|
trusted library section
|
page read and write
|
||
|
26EE6975000
|
heap
|
page read and write
|
||
|
26EE6896000
|
heap
|
page read and write
|
||
|
26EE688A000
|
heap
|
page read and write
|
||
|
26EE61E1000
|
heap
|
page read and write
|
||
|
1678EC4C000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
526379000
|
stack
|
page read and write
|
||
|
26EE6799000
|
heap
|
page read and write
|
||
|
26EE683D000
|
heap
|
page read and write
|
||
|
26EE6850000
|
heap
|
page read and write
|
||
|
26EE68E3000
|
heap
|
page read and write
|
||
|
26EE113E000
|
heap
|
page read and write
|
||
|
26B7E2C8000
|
heap
|
page read and write
|
||
|
26EE5C6F000
|
trusted library allocation
|
page read and write
|
||
|
1232C677000
|
heap
|
page read and write
|
||
|
52607F000
|
stack
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
12332000000
|
heap
|
page read and write
|
||
|
26EE6716000
|
heap
|
page read and write
|
||
|
26EE6135000
|
heap
|
page read and write
|
||
|
26501802000
|
trusted library allocation
|
page read and write
|
||
|
26EE5D40000
|
trusted library allocation
|
page read and write
|
||
|
26EE0800000
|
heap
|
page read and write
|
||
|
1232D9E0000
|
trusted library allocation
|
page read and write
|
||
|
26EE610E000
|
heap
|
page read and write
|
||
|
26EE110C000
|
heap
|
page read and write
|
||
|
26EE61AA000
|
heap
|
page read and write
|
||
|
26EE6625000
|
heap
|
page read and write
|
||
|
26EE662E000
|
heap
|
page read and write
|
||
|
1678EB80000
|
heap
|
page read and write
|
||
|
26EE5D31000
|
trusted library allocation
|
page read and write
|
||
|
26EE661A000
|
heap
|
page read and write
|
||
|
1232D973000
|
trusted library allocation
|
page read and write
|
||
|
17D46E2D000
|
heap
|
page read and write
|
||
|
17D477D7000
|
heap
|
page read and write
|
||
|
26EE685E000
|
heap
|
page read and write
|
||
|
26EE086F000
|
heap
|
page read and write
|
||
|
17D47903000
|
heap
|
page read and write
|
||
|
2650109B000
|
heap
|
page read and write
|
||
|
26EE6002000
|
heap
|
page read and write
|
||
|
525BFB000
|
stack
|
page read and write
|
||
|
26EE6674000
|
heap
|
page read and write
|
||
|
1678EC2A000
|
heap
|
page read and write
|
||
|
26EE6943000
|
heap
|
page read and write
|
||
|
12331D20000
|
trusted library allocation
|
page read and write
|
||
|
26EE666E000
|
heap
|
page read and write
|
||
|
26EE6736000
|
heap
|
page read and write
|
||
|
26EE68E9000
|
heap
|
page read and write
|
||
|
26501040000
|
heap
|
page read and write
|
||
|
26EE6667000
|
heap
|
page read and write
|
||
|
26EE68B2000
|
heap
|
page read and write
|
||
|
1232DAF3000
|
heap
|
page read and write
|
||
|
17D476D9000
|
heap
|
page read and write
|
||
|
26EE113C000
|
heap
|
page read and write
|
||
|
17D46DD8000
|
heap
|
page read and write
|
||
|
26EE698C000
|
heap
|
page read and write
|
||
|
26EE6748000
|
heap
|
page read and write
|
||
|
240DEFE000
|
stack
|
page read and write
|
||
|
26EE1690000
|
trusted library section
|
page readonly
|
||
|
26EE61B4000
|
heap
|
page read and write
|
||
|
6C0178B000
|
stack
|
page read and write
|
||
|
26EE1113000
|
heap
|
page read and write
|
||
|
12331C14000
|
trusted library allocation
|
page read and write
|
||
|
26EE68A4000
|
heap
|
page read and write
|
||
|
26EE67D1000
|
heap
|
page read and write
|
||
|
1232DB0A000
|
heap
|
page read and write
|
||
|
26EE6887000
|
heap
|
page read and write
|
||
|
1232DA65000
|
heap
|
page read and write
|
||
|
26EE5C73000
|
trusted library allocation
|
page read and write
|
||
|
240DCFE000
|
stack
|
page read and write
|
||
|
26EE1BA1000
|
trusted library allocation
|
page read and write
|
||
|
1232C692000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
12331C00000
|
trusted library allocation
|
page read and write
|
||
|
26EE68D7000
|
heap
|
page read and write
|
||
|
12331CB0000
|
trusted library allocation
|
page read and write
|
||
|
26EE5D30000
|
trusted library allocation
|
page read and write
|
||
|
17D476DE000
|
heap
|
page read and write
|
||
|
26EE617A000
|
heap
|
page read and write
|
||
|
17D46DDC000
|
heap
|
page read and write
|
||
|
26EE684D000
|
heap
|
page read and write
|
||
|
26EE113F000
|
heap
|
page read and write
|
||
|
26EE06F0000
|
heap
|
page read and write
|
||
|
17D477E1000
|
heap
|
page read and write
|
||
|
26EE6000000
|
heap
|
page read and write
|
||
|
17D46DD6000
|
heap
|
page read and write
|
||
|
26EE68AA000
|
heap
|
page read and write
|
||
|
17D46D92000
|
heap
|
page read and write
|
||
|
17D46BD0000
|
heap
|
page read and write
|
||
|
17D46DC0000
|
heap
|
page read and write
|
||
|
1232D9EB000
|
trusted library allocation
|
page read and write
|
||
|
26EE617B000
|
heap
|
page read and write
|
||
|
26EE6173000
|
heap
|
page read and write
|
||
|
17D477D0000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26B7E265000
|
heap
|
page read and write
|
||
|
17D47905000
|
heap
|
page read and write
|
||
|
26EE66FC000
|
heap
|
page read and write
|
||
|
240E3FE000
|
stack
|
page read and write
|
||
|
26EE11B5000
|
heap
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE697B000
|
heap
|
page read and write
|
||
|
26EE66F7000
|
heap
|
page read and write
|
||
|
A039BFA000
|
stack
|
page read and write
|
||
|
17D46DC5000
|
heap
|
page read and write
|
||
|
17D46CF0000
|
heap
|
page read and write
|
||
|
1232D9D0000
|
trusted library allocation
|
page read and write
|
||
|
1232C6D6000
|
heap
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE68AC000
|
heap
|
page read and write
|
||
|
6C01F7E000
|
stack
|
page read and write
|
||
|
26EE5D4D000
|
trusted library allocation
|
page read and write
|
||
|
26EE66FE000
|
heap
|
page read and write
|
||
|
26EE0871000
|
heap
|
page read and write
|
||
|
1232D570000
|
trusted library section
|
page readonly
|
||
|
26EE5C68000
|
trusted library allocation
|
page read and write
|
||
|
26EE6026000
|
heap
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
1232DA81000
|
heap
|
page read and write
|
||
|
26EE6981000
|
heap
|
page read and write
|
||
|
26EE68E6000
|
heap
|
page read and write
|
||
|
26EE6877000
|
heap
|
page read and write
|
||
|
26EE684E000
|
heap
|
page read and write
|
||
|
26EE6961000
|
heap
|
page read and write
|
||
|
26EE61DD000
|
heap
|
page read and write
|
||
|
26EE07F0000
|
trusted library allocation
|
page read and write
|
||
|
26EE612E000
|
heap
|
page read and write
|
||
|
26EE119C000
|
heap
|
page read and write
|
||
|
1232D580000
|
trusted library section
|
page readonly
|
||
|
17D476FD000
|
heap
|
page read and write
|
||
|
2650108C000
|
heap
|
page read and write
|
||
|
26EE68F0000
|
heap
|
page read and write
|
||
|
26EE5D36000
|
trusted library allocation
|
page read and write
|
||
|
26EE6629000
|
heap
|
page read and write
|
||
|
1678ED13000
|
heap
|
page read and write
|
||
|
26EE688E000
|
heap
|
page read and write
|
||
|
1232DB0B000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
26EE6195000
|
heap
|
page read and write
|
||
|
1232DA47000
|
heap
|
page read and write
|
||
|
1232DAB5000
|
heap
|
page read and write
|
||
|
26EE5D3A000
|
trusted library allocation
|
page read and write
|
||
|
5254EC000
|
stack
|
page read and write
|
||
|
26EE1002000
|
heap
|
page read and write
|
||
|
26EE6632000
|
heap
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
26EE64D0000
|
trusted library allocation
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
525EFF000
|
stack
|
page read and write
|
||
|
12331FA0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6045000
|
heap
|
page read and write
|
||
|
26EE6038000
|
heap
|
page read and write
|
||
|
26EE612C000
|
heap
|
page read and write
|
||
|
1232DB32000
|
heap
|
page read and write
|
||
|
26EE11BE000
|
heap
|
page read and write
|
||
|
26EE1171000
|
heap
|
page read and write
|
||
|
26EE67C7000
|
heap
|
page read and write
|
||
|
26EE6651000
|
heap
|
page read and write
|
||
|
26501102000
|
heap
|
page read and write
|
||
|
26EE67A2000
|
heap
|
page read and write
|
||
|
26EE08A0000
|
heap
|
page read and write
|
||
|
26EE695B000
|
heap
|
page read and write
|
||
|
26501119000
|
heap
|
page read and write
|
||
|
26EE600F000
|
heap
|
page read and write
|
||
|
26501000000
|
heap
|
page read and write
|
||
|
26EE68C6000
|
heap
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
26EE5CA9000
|
trusted library allocation
|
page read and write
|
||
|
26EE6840000
|
heap
|
page read and write
|
||
|
26EE6989000
|
heap
|
page read and write
|
||
|
26EE61AF000
|
heap
|
page read and write
|
||
|
17D47907000
|
heap
|
page read and write
|
||
|
4E19C7B000
|
stack
|
page read and write
|
||
|
26EE6675000
|
heap
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE68D0000
|
heap
|
page read and write
|
||
|
1232DAFB000
|
heap
|
page read and write
|
||
|
26EE11BC000
|
heap
|
page read and write
|
||
|
26EE6870000
|
heap
|
page read and write
|
||
|
26EE5C69000
|
trusted library allocation
|
page read and write
|
||
|
26EE6842000
|
heap
|
page read and write
|
||
|
26EE114A000
|
heap
|
page read and write
|
||
|
26EE6645000
|
heap
|
page read and write
|
||
|
26EE6964000
|
heap
|
page read and write
|
||
|
240E2FE000
|
stack
|
page read and write
|
||
|
26EE082B000
|
heap
|
page read and write
|
||
|
1232C6E3000
|
heap
|
page read and write
|
||
|
26EE67F2000
|
heap
|
page read and write
|
||
|
525FFF000
|
stack
|
page read and write
|
||
|
26EE6650000
|
heap
|
page read and write
|
||
|
1678EC80000
|
heap
|
page read and write
|
||
|
26EE694E000
|
heap
|
page read and write
|
||
|
26EE5D5C000
|
trusted library allocation
|
page read and write
|
||
|
26EE694F000
|
heap
|
page read and write
|
||
|
17D4790A000
|
heap
|
page read and write
|
||
|
26EE61A7000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
26EE61D9000
|
heap
|
page read and write
|
||
|
26EE611E000
|
heap
|
page read and write
|
||
|
E9149FD000
|
stack
|
page read and write
|
||
|
26EE6614000
|
heap
|
page read and write
|
||
|
1678ED00000
|
heap
|
page read and write
|
||
|
26EE6041000
|
heap
|
page read and write
|
||
|
240E0F6000
|
stack
|
page read and write
|
||
|
26EE11CD000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
1232C660000
|
heap
|
page read and write
|
||
|
26EE6996000
|
heap
|
page read and write
|
||
|
26500EB0000
|
heap
|
page read and write
|
||
|
E91487F000
|
stack
|
page read and write
|
||
|
26EE0886000
|
heap
|
page read and write
|
||
|
26EE689C000
|
heap
|
page read and write
|
||
|
26EE687B000
|
heap
|
page read and write
|
||
|
26EE1650000
|
trusted library section
|
page readonly
|
||
|
17D46DC5000
|
heap
|
page read and write
|
||
|
26EE613B000
|
heap
|
page read and write
|
||
|
26EE5D56000
|
trusted library allocation
|
page read and write
|
||
|
26EE68BE000
|
heap
|
page read and write
|
||
|
17D46D10000
|
heap
|
page read and write
|
||
|
525AFC000
|
stack
|
page read and write
|
||
|
26EE6864000
|
heap
|
page read and write
|
||
|
26EE5CA0000
|
trusted library allocation
|
page read and write
|
||
|
1678F340000
|
trusted library allocation
|
page read and write
|
||
|
1232C713000
|
heap
|
page read and write
|
||
|
26EE615F000
|
heap
|
page read and write
|
||
|
26EE6830000
|
heap
|
page read and write
|
||
|
A0399FE000
|
stack
|
page read and write
|
||
|
17D46D60000
|
heap
|
page read and write
|
||
|
26EE6731000
|
heap
|
page read and write
|
||
|
26EE695E000
|
heap
|
page read and write
|
||
|
26EE112D000
|
heap
|
page read and write
|
||
|
1232DB34000
|
heap
|
page read and write
|
||
|
26EE1192000
|
heap
|
page read and write
|
||
|
26EE6891000
|
heap
|
page read and write
|
||
|
26B7E2CF000
|
heap
|
page read and write
|
||
|
26EE6676000
|
heap
|
page read and write
|
||
|
26EE685B000
|
heap
|
page read and write
|
||
|
26EE616B000
|
heap
|
page read and write
|
||
|
26EE6874000
|
heap
|
page read and write
|
||
|
26EE665F000
|
heap
|
page read and write
|
||
|
17D476E6000
|
heap
|
page read and write
|
||
|
26EE5DA0000
|
trusted library allocation
|
page read and write
|
||
|
26EE0690000
|
heap
|
page read and write
|
||
|
26EE612E000
|
heap
|
page read and write
|
||
|
1232C5E0000
|
trusted library allocation
|
page read and write
|
||
|
26EE1780000
|
trusted library allocation
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE6685000
|
heap
|
page read and write
|
||
|
17D46D93000
|
heap
|
page read and write
|
||
|
26EE6181000
|
heap
|
page read and write
|
||
|
12331C4C000
|
trusted library allocation
|
page read and write
|
||
|
26EE615C000
|
heap
|
page read and write
|
||
|
26EE6879000
|
heap
|
page read and write
|
||
|
26EE114A000
|
heap
|
page read and write
|
||
|
1232DB21000
|
heap
|
page read and write
|
||
|
240E1FE000
|
stack
|
page read and write
|
||
|
A03967E000
|
stack
|
page read and write
|
||
|
26EE6669000
|
heap
|
page read and write
|
||
|
26EE5C50000
|
trusted library allocation
|
page read and write
|
||
|
26EE679A000
|
heap
|
page read and write
|
||
|
26EE68A8000
|
heap
|
page read and write
|
||
|
1232D9E6000
|
trusted library allocation
|
page read and write
|
||
|
1232CC02000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26501082000
|
heap
|
page read and write
|
||
|
5260FF000
|
stack
|
page read and write
|
||
|
1678EBE0000
|
heap
|
page read and write
|
||
|
26EE682E000
|
heap
|
page read and write
|
||
|
52647A000
|
stack
|
page read and write
|
||
|
1232D970000
|
trusted library allocation
|
page read and write
|
||
|
26EE6859000
|
heap
|
page read and write
|
||
|
26EE11FB000
|
heap
|
page read and write
|
||
|
26EE6636000
|
heap
|
page read and write
|
||
|
26EE08E3000
|
heap
|
page read and write
|
||
|
1232DA83000
|
heap
|
page read and write
|
||
|
26EE698A000
|
heap
|
page read and write
|
||
|
26EE0940000
|
heap
|
page read and write
|
||
|
26EE5DB0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6759000
|
heap
|
page read and write
|
||
|
26EE61DB000
|
heap
|
page read and write
|
||
|
26EE66D1000
|
heap
|
page read and write
|
||
|
1232DAE4000
|
heap
|
page read and write
|
||
|
1678EC30000
|
heap
|
page read and write
|
||
|
26EE6769000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26501099000
|
heap
|
page read and write
|
||
|
26EE68CB000
|
heap
|
page read and write
|
||
|
26EE683C000
|
heap
|
page read and write
|
||
|
26EE6156000
|
heap
|
page read and write
|
||
|
1232DA58000
|
heap
|
page read and write
|
||
|
26EE6637000
|
heap
|
page read and write
|
||
|
26EE67F6000
|
heap
|
page read and write
|
||
|
26EE6713000
|
heap
|
page read and write
|
||
|
26EE6862000
|
heap
|
page read and write
|
||
|
26EE66B1000
|
heap
|
page read and write
|
||
|
26EE667A000
|
heap
|
page read and write
|
||
|
1232D480000
|
trusted library allocation
|
page read and write
|
||
|
26EE6653000
|
heap
|
page read and write
|
||
|
26EE5C65000
|
trusted library allocation
|
page read and write
|
||
|
26EE5C6D000
|
trusted library allocation
|
page read and write
|
||
|
26EE696D000
|
heap
|
page read and write
|
||
|
1232DAE4000
|
heap
|
page read and write
|
||
|
17D47904000
|
heap
|
page read and write
|
||
|
1232DB0A000
|
heap
|
page read and write
|
||
|
26EE6944000
|
heap
|
page read and write
|
||
|
12331D70000
|
remote allocation
|
page read and write
|
||
|
26EE61A4000
|
heap
|
page read and write
|
||
|
26EE677D000
|
heap
|
page read and write
|
||
|
26EE68DB000
|
heap
|
page read and write
|
||
|
26EE6046000
|
heap
|
page read and write
|
||
|
17D476DF000
|
heap
|
page read and write
|
||
|
26EE6623000
|
heap
|
page read and write
|
||
|
26EE6987000
|
heap
|
page read and write
|
||
|
26EE68D9000
|
heap
|
page read and write
|
||
|
26EE6953000
|
heap
|
page read and write
|
||
|
26EE6192000
|
heap
|
page read and write
|
||
|
26EE6013000
|
heap
|
page read and write
|
||
|
26EE684B000
|
heap
|
page read and write
|
||
|
26EE666C000
|
heap
|
page read and write
|
||
|
17D477DE000
|
heap
|
page read and write
|
||
|
1678EC65000
|
heap
|
page read and write
|
||
|
26EE110D000
|
heap
|
page read and write
|
||
|
26EE689A000
|
heap
|
page read and write
|
||
|
1232C640000
|
heap
|
page read and write
|
||
|
1232DB35000
|
heap
|
page read and write
|
||
|
17D477E4000
|
heap
|
page read and write
|
||
|
17D46DD8000
|
heap
|
page read and write
|
||
|
26EE6661000
|
heap
|
page read and write
|
||
|
26EE5D30000
|
trusted library allocation
|
page read and write
|
||
|
26EE5C00000
|
trusted library allocation
|
page read and write
|
||
|
1678ED02000
|
heap
|
page read and write
|
||
|
E9148FF000
|
stack
|
page read and write
|
||
|
17D476EA000
|
heap
|
page read and write
|
||
|
12331CA0000
|
trusted library allocation
|
page read and write
|
||
|
26EE698E000
|
heap
|
page read and write
|
||
|
26EE6048000
|
heap
|
page read and write
|
||
|
17D46E2D000
|
heap
|
page read and write
|
||
|
26EE6707000
|
heap
|
page read and write
|
||
|
26EE114F000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
26EE1200000
|
trusted library allocation
|
page read and write
|
||
|
26EE6832000
|
heap
|
page read and write
|
||
|
26EE6978000
|
heap
|
page read and write
|
||
|
26EE61F2000
|
heap
|
page read and write
|
||
|
26EE0848000
|
heap
|
page read and write
|
||
|
17D46D7F000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE671C000
|
heap
|
page read and write
|
||
|
12331D70000
|
remote allocation
|
page read and write
|
||
|
26EE68B5000
|
heap
|
page read and write
|
||
|
26EE5FD0000
|
remote allocation
|
page read and write
|
||
|
26EE085E000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26EE0913000
|
heap
|
page read and write
|
||
|
26EE669B000
|
heap
|
page read and write
|
||
|
1232DACD000
|
heap
|
page read and write
|
||
|
26EE672D000
|
heap
|
page read and write
|
||
|
26EE092C000
|
heap
|
page read and write
|
||
|
26EE68B8000
|
heap
|
page read and write
|
||
|
12331D10000
|
trusted library allocation
|
page read and write
|
||
|
26EE613F000
|
heap
|
page read and write
|
||
|
E91497A000
|
stack
|
page read and write
|
||
|
26EE6540000
|
trusted library allocation
|
page read and write
|
||
|
52556D000
|
stack
|
page read and write
|
||
|
1232CD13000
|
heap
|
page read and write
|
||
|
26B7E2C0000
|
heap
|
page read and write
|
||
|
240DFFB000
|
stack
|
page read and write
|
||
|
26EE5C80000
|
trusted library allocation
|
page read and write
|
||
|
26EE68AD000
|
heap
|
page read and write
|
||
|
26EE697C000
|
heap
|
page read and write
|
||
|
26EE66D3000
|
heap
|
page read and write
|
||
|
1678EC39000
|
heap
|
page read and write
|
||
|
6C01DFC000
|
stack
|
page read and write
|
||
|
26EE11D1000
|
heap
|
page read and write
|
||
|
17D46E0E000
|
heap
|
page read and write
|
||
|
26EE5C71000
|
trusted library allocation
|
page read and write
|
||
|
17D47907000
|
heap
|
page read and write
|
||
|
17D476D0000
|
heap
|
page read and write
|
||
|
26EE5C40000
|
trusted library allocation
|
page read and write
|
||
|
26EE5C6A000
|
trusted library allocation
|
page read and write
|
||
|
A03927B000
|
stack
|
page read and write
|
||
|
26EE6167000
|
heap
|
page read and write
|
||
|
26EE665B000
|
heap
|
page read and write
|
||
|
26EE616C000
|
heap
|
page read and write
|
||
|
26EE699A000
|
heap
|
page read and write
|
||
|
26EE6734000
|
heap
|
page read and write
|
||
|
17D477D9000
|
heap
|
page read and write
|
||
|
26EE68BC000
|
heap
|
page read and write
|
||
|
1232C3A0000
|
heap
|
page read and write
|
||
|
26EE5D60000
|
remote allocation
|
page read and write
|
||
|
26B7E260000
|
heap
|
page read and write
|
||
|
26EE6854000
|
heap
|
page read and write
|
||
|
52667D000
|
stack
|
page read and write
|
||
|
1232D560000
|
trusted library section
|
page readonly
|
||
|
26EE5C75000
|
trusted library allocation
|
page read and write
|
||
|
26EE6998000
|
heap
|
page read and write
|
||
|
26EE688D000
|
heap
|
page read and write
|
||
|
26EE688C000
|
heap
|
page read and write
|
||
|
26EE5CBE000
|
trusted library allocation
|
page read and write
|
||
|
26EE68ED000
|
heap
|
page read and write
|
||
|
26EE67BF000
|
heap
|
page read and write
|
||
|
26EE6892000
|
heap
|
page read and write
|
||
|
26EE6055000
|
heap
|
page read and write
|
||
|
1232D940000
|
trusted library allocation
|
page read and write
|
||
|
26EE6600000
|
heap
|
page read and write
|
||
|
26EE6866000
|
heap
|
page read and write
|
||
|
26EE6965000
|
heap
|
page read and write
|
||
|
26EE6802000
|
heap
|
page read and write
|
||
|
E91450C000
|
stack
|
page read and write
|
||
|
26EE1015000
|
heap
|
page read and write
|
||
|
26EE61FE000
|
heap
|
page read and write
|
||
|
26EE6848000
|
heap
|
page read and write
|
||
|
12331D00000
|
trusted library allocation
|
page read and write
|
||
|
26EE6665000
|
heap
|
page read and write
|
||
|
26EE68DE000
|
heap
|
page read and write
|
||
|
26EE61A9000
|
heap
|
page read and write
|
||
|
26EE68D6000
|
heap
|
page read and write
|
||
|
17D46DDA000
|
heap
|
page read and write
|
||
|
26EE085C000
|
heap
|
page read and write
|
||
|
26EE1169000
|
heap
|
page read and write
|
||
|
26EE6151000
|
heap
|
page read and write
|
||
|
26EE0902000
|
heap
|
page read and write
|
||
|
26EE67D0000
|
heap
|
page read and write
|
||
|
26EE683F000
|
heap
|
page read and write
|
||
|
1232DACC000
|
heap
|
page read and write
|
||
|
1232C62B000
|
heap
|
page read and write
|
||
|
26EE5BC0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6530000
|
trusted library allocation
|
page read and write
|
||
|
26501088000
|
heap
|
page read and write
|
||
|
26EE6969000
|
heap
|
page read and write
|
||
|
26EE6902000
|
heap
|
page read and write
|
||
|
1232C6C1000
|
heap
|
page read and write
|
||
|
17D4790E000
|
heap
|
page read and write
|
||
|
E914A7D000
|
stack
|
page read and write
|
||
|
26EE660E000
|
heap
|
page read and write
|
||
|
26EE6658000
|
heap
|
page read and write
|
||
|
26EE68C0000
|
heap
|
page read and write
|
||
|
26EE5BD0000
|
trusted library allocation
|
page read and write
|
||
|
26EE11CA000
|
heap
|
page read and write
|
||
|
1678EC13000
|
heap
|
page read and write
|
||
|
26EE6783000
|
heap
|
page read and write
|
||
|
26EE682A000
|
heap
|
page read and write
|
||
|
26EE6835000
|
heap
|
page read and write
|
||
|
26EE6634000
|
heap
|
page read and write
|
||
|
26EE6747000
|
heap
|
page read and write
|
||
|
1678EB70000
|
heap
|
page read and write
|
||
|
26EE6183000
|
heap
|
page read and write
|
||
|
1232C410000
|
heap
|
page read and write
|
||
|
26EE5D70000
|
trusted library allocation
|
page read and write
|
||
|
52627E000
|
stack
|
page read and write
|
||
|
1232D9B0000
|
trusted library allocation
|
page read and write
|
||
|
26EE61F4000
|
heap
|
page read and write
|
||
|
26EE0813000
|
heap
|
page read and write
|
||
|
26EE68CE000
|
heap
|
page read and write
|
||
|
26EE6656000
|
heap
|
page read and write
|
||
|
26EE5D4A000
|
trusted library allocation
|
page read and write
|
||
|
A0396FE000
|
stack
|
page read and write
|
||
|
26EE7010000
|
heap
|
page read and write
|
||
|
17D46DD6000
|
heap
|
page read and write
|
||
|
26EE614D000
|
heap
|
page read and write
|
||
|
26EE5C6B000
|
trusted library allocation
|
page read and write
|
||
|
240DD7E000
|
stack
|
page read and write
|
||
|
1232CD00000
|
heap
|
page read and write
|
||
|
1232DA00000
|
heap
|
page read and write
|
||
|
17D46D68000
|
heap
|
page read and write
|
||
|
1232DAB7000
|
heap
|
page read and write
|
||
|
1232DB21000
|
heap
|
page read and write
|
||
|
26EE686A000
|
heap
|
page read and write
|
||
|
26EE68D4000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
26EE68B6000
|
heap
|
page read and write
|
||
|
4E19D7E000
|
stack
|
page read and write
|
||
|
26EE6973000
|
heap
|
page read and write
|
||
|
26EE67AA000
|
heap
|
page read and write
|
||
|
26EE6758000
|
heap
|
page read and write
|
||
|
1232C613000
|
heap
|
page read and write
|
||
|
26EE619A000
|
heap
|
page read and write
|
||
|
1232D9C0000
|
trusted library allocation
|
page read and write
|
||
|
26EE6857000
|
heap
|
page read and write
|
||
|
17D46DA3000
|
heap
|
page read and write
|
||
|
26EE667F000
|
heap
|
page read and write
|
||
|
26EE612E000
|
heap
|
page read and write
|
||
|
240DC7B000
|
stack
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26EE68A1000
|
heap
|
page read and write
|
||
|
1232D5B0000
|
trusted library section
|
page readonly
|
||
|
26EE671B000
|
heap
|
page read and write
|
||
|
26EE1157000
|
heap
|
page read and write
|
||
|
6C01FFE000
|
stack
|
page read and write
|
||
|
17D476F1000
|
heap
|
page read and write
|
||
|
26EE6702000
|
heap
|
page read and write
|
||
|
4E19B7C000
|
stack
|
page read and write
|
||
|
26EE6604000
|
heap
|
page read and write
|
||
|
26EE6683000
|
heap
|
page read and write
|
||
|
525F7F000
|
stack
|
page read and write
|
||
|
26EE61EB000
|
heap
|
page read and write
|
||
|
26EE6846000
|
heap
|
page read and write
|
||
|
525DFB000
|
stack
|
page read and write
|
||
|
26EE6982000
|
heap
|
page read and write
|
||
|
26EE6844000
|
heap
|
page read and write
|
||
|
26EE68C9000
|
heap
|
page read and write
|
||
|
26EE1680000
|
trusted library section
|
page readonly
|
||
|
26EE6670000
|
heap
|
page read and write
|
||
|
1232C600000
|
heap
|
page read and write
|
||
|
26EE6883000
|
heap
|
page read and write
|
||
|
26EE677C000
|
heap
|
page read and write
|
||
|
12331C08000
|
trusted library allocation
|
page read and write
|
||
|
26EE67F5000
|
heap
|
page read and write
|
||
|
26EE696F000
|
heap
|
page read and write
|
||
|
1232DACC000
|
heap
|
page read and write
|
||
|
26EE669C000
|
heap
|
page read and write
|
||
|
12331D40000
|
trusted library allocation
|
page read and write
|
||
|
26EE668B000
|
heap
|
page read and write
|
||
|
17D46EF0000
|
heap
|
page read and write
|
||
|
12331C14000
|
trusted library allocation
|
page read and write
|
||
|
1232CD02000
|
heap
|
page read and write
|
||
|
26EE6880000
|
heap
|
page read and write
|
||
|
26EE5D90000
|
trusted library allocation
|
page read and write
|
||
|
1232CC00000
|
heap
|
page read and write
|
||
|
26EE0875000
|
heap
|
page read and write
|
||
|
A039C7F000
|
stack
|
page read and write
|
||
|
26EE660C000
|
heap
|
page read and write
|
||
|
26EE11A8000
|
heap
|
page read and write
|
||
|
26EE667B000
|
heap
|
page read and write
|
||
|
26EE6663000
|
heap
|
page read and write
|
||
|
26EE612C000
|
heap
|
page read and write
|
||
|
26EE668D000
|
heap
|
page read and write
|
||
|
26EE67BF000
|
heap
|
page read and write
|
||
|
6C01CFB000
|
stack
|
page read and write
|
||
|
26EE6894000
|
heap
|
page read and write
|
||
|
17D476DF000
|
heap
|
page read and write
|
||
|
26EE696B000
|
heap
|
page read and write
|
||
|
26EE117E000
|
heap
|
page read and write
|
||
|
26EE67FA000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
17D4790E000
|
heap
|
page read and write
|
||
|
26EE1100000
|
heap
|
page read and write
|
||
|
4E19CFF000
|
stack
|
page read and write
|
||
|
26EE5DB0000
|
trusted library allocation
|
page read and write
|
||
|
26EE113E000
|
heap
|
page read and write
|
||
|
26EE689E000
|
heap
|
page read and write
|
||
|
26EE1640000
|
trusted library section
|
page readonly
|
||
|
26EE6971000
|
heap
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
26EE6860000
|
heap
|
page read and write
|
||
|
17D46DEC000
|
heap
|
page read and write
|
||
|
26EE68EC000
|
heap
|
page read and write
|
||
|
26501100000
|
heap
|
page read and write
|
||
|
26EE61D5000
|
heap
|
page read and write
|
||
|
12331C7B000
|
trusted library allocation
|
page read and write
|
||
|
26EE6190000
|
heap
|
page read and write
|
||
|
26EE6178000
|
heap
|
page read and write
|
||
|
26EE6124000
|
heap
|
page read and write
|
||
|
26EE67AE000
|
heap
|
page read and write
|
||
|
26500FB0000
|
trusted library allocation
|
page read and write
|
||
|
1232C690000
|
heap
|
page read and write
|
||
|
26EE67A7000
|
heap
|
page read and write
|
||
|
1678F415000
|
heap
|
page read and write
|
||
|
17D46DD6000
|
heap
|
page read and write
|
||
|
4E19BFF000
|
stack
|
page read and write
|
||
|
26EE6956000
|
heap
|
page read and write
|
||
|
1232D9E8000
|
trusted library allocation
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
17D46E53000
|
heap
|
page read and write
|
||
|
26EE67E2000
|
heap
|
page read and write
|
||
|
26EE68AF000
|
heap
|
page read and write
|
||
|
26EE68E1000
|
heap
|
page read and write
|
||
|
26EE61BD000
|
heap
|
page read and write
|
||
|
26EE6520000
|
trusted library allocation
|
page read and write
|
||
|
4E19A7E000
|
stack
|
page read and write
|
||
|
1678F400000
|
heap
|
page read and write
|
||
|
12331C92000
|
trusted library allocation
|
page read and write
|
||
|
17D4790A000
|
heap
|
page read and write
|
||
|
1232D5A0000
|
trusted library section
|
page readonly
|
||
|
26EE66DA000
|
heap
|
page read and write
|
||
|
26501029000
|
heap
|
page read and write
|
||
|
240DE78000
|
stack
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE604F000
|
heap
|
page read and write
|
||
|
26EE605F000
|
heap
|
page read and write
|
||
|
26EE67F8000
|
heap
|
page read and write
|
||
|
26EE6174000
|
heap
|
page read and write
|
||
|
1232DC00000
|
trusted library allocation
|
page read and write
|
||
|
26EE68C3000
|
heap
|
page read and write
|
||
|
26501113000
|
heap
|
page read and write
|
||
|
6C01E7B000
|
stack
|
page read and write
|
||
|
4E197B6000
|
stack
|
page read and write
|
||
|
17D46E2D000
|
heap
|
page read and write
|
||
|
1678EC00000
|
heap
|
page read and write
|
||
|
17D46DD6000
|
heap
|
page read and write
|
||
|
26EE66F9000
|
heap
|
page read and write
|
||
|
A039E7E000
|
stack
|
page read and write
|
||
|
26EE6198000
|
heap
|
page read and write
|
||
|
26EE6703000
|
heap
|
page read and write
|
||
|
26EE1000000
|
heap
|
page read and write
|
||
|
26EE68C2000
|
heap
|
page read and write
|
||
|
26EE5D43000
|
trusted library allocation
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
1232DAE4000
|
heap
|
page read and write
|
||
|
26EE66D3000
|
heap
|
page read and write
|
||
|
26EE68EA000
|
heap
|
page read and write
|
||
|
17D4790A000
|
heap
|
page read and write
|
||
|
26EE11AD000
|
heap
|
page read and write
|
||
|
17D46DFF000
|
heap
|
page read and write
|
||
|
26EE61CD000
|
heap
|
page read and write
|
||
|
1232D9E1000
|
trusted library allocation
|
page read and write
|
||
|
1232CD5A000
|
heap
|
page read and write
|
||
|
26EE6873000
|
heap
|
page read and write
|
||
|
1232DAF0000
|
heap
|
page read and write
|
||
|
26EE61B4000
|
heap
|
page read and write
|
||
|
1232CD5B000
|
heap
|
page read and write
|
||
|
26EE61B1000
|
heap
|
page read and write
|
||
|
1232CC15000
|
heap
|
page read and write
|
||
|
26EE67E1000
|
heap
|
page read and write
|
||
|
26EE605B000
|
heap
|
page read and write
|
||
|
1232CD19000
|
heap
|
page read and write
|
||
|
17D46E0E000
|
heap
|
page read and write
|
||
|
26EE6177000
|
heap
|
page read and write
|
||
|
26EE660A000
|
heap
|
page read and write
|
||
|
26EE61EF000
|
heap
|
page read and write
|
||
|
26EE67AF000
|
heap
|
page read and write
|
||
|
26EE6829000
|
heap
|
page read and write
|
||
|
26EE0680000
|
heap
|
page read and write
|
||
|
12331C44000
|
trusted library allocation
|
page read and write
|
||
|
26EE6161000
|
heap
|
page read and write
|
||
|
17D476E3000
|
heap
|
page read and write
|
||
|
26EE5C60000
|
trusted library allocation
|
page read and write
|
||
|
26EE6951000
|
heap
|
page read and write
|
||
|
26EE68DD000
|
heap
|
page read and write
|
||
|
26EE61A6000
|
heap
|
page read and write
|
||
|
17D476F9000
|
heap
|
page read and write
|
||
|
525CFC000
|
stack
|
page read and write
|
||
|
1232DB23000
|
heap
|
page read and write
|
||
|
26EE610C000
|
heap
|
page read and write
|
||
|
26EE667D000
|
heap
|
page read and write
|
||
|
26EE663A000
|
heap
|
page read and write
|
||
|
A03957C000
|
stack
|
page read and write
|
||
|
A038DEB000
|
stack
|
page read and write
|
||
|
26EE603D000
|
heap
|
page read and write
|
||
|
26EE6957000
|
heap
|
page read and write
|
||
|
12331FF0000
|
trusted library allocation
|
page read and write
|
||
|
17D477DC000
|
heap
|
page read and write
|
||
|
26EE697F000
|
heap
|
page read and write
|
||
|
26EE61FB000
|
heap
|
page read and write
|
||
|
26EE66AC000
|
heap
|
page read and write
|
||
|
12331C73000
|
trusted library allocation
|
page read and write
|
||
|
26EE5D10000
|
trusted library allocation
|
page read and write
|
||
|
26EE5DC0000
|
trusted library allocation
|
page read and write
|
||
|
17D46E45000
|
heap
|
page read and write
|
||
|
1232DB0F000
|
heap
|
page read and write
|
||
|
26EE6627000
|
heap
|
page read and write
|
||
|
26EE5CB5000
|
trusted library allocation
|
page read and write
|
||
|
26EE618C000
|
heap
|
page read and write
|
||
|
26EE5C65000
|
trusted library allocation
|
page read and write
|
||
|
26EE6834000
|
heap
|
page read and write
|
||
|
26EE6170000
|
heap
|
page read and write
|
||
|
26EE686F000
|
heap
|
page read and write
|
||
|
26EE5C90000
|
trusted library allocation
|
page read and write
|
||
|
26B7E1C0000
|
heap
|
page read and write
|
||
|
26EE5C60000
|
trusted library allocation
|
page read and write
|
||
|
17D47902000
|
heap
|
page read and write
|
||
|
26EE6149000
|
heap
|
page read and write
|
||
|
26EE5C61000
|
trusted library allocation
|
page read and write
|
||
|
A03937B000
|
stack
|
page read and write
|
||
|
26EE0920000
|
heap
|
page read and write
|
||
|
26EE674A000
|
heap
|
page read and write
|
||
|
17D46F25000
|
heap
|
page read and write
|
||
|
26EE6106000
|
heap
|
page read and write
|
||
|
17D477E6000
|
heap
|
page read and write
|
||
|
1232C694000
|
heap
|
page read and write
|
||
|
26EE1BC0000
|
trusted library allocation
|
page read and write
|
||
|
26EE114F000
|
heap
|
page read and write
|
||
|
26EE6112000
|
heap
|
page read and write
|
||
|
12331C00000
|
trusted library allocation
|
page read and write
|
There are 866 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://clarity.microsoft.com/
|