Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Invoice#0036473 .xlsx
|
Microsoft Excel 2007+
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\index[1].htm
|
HTML document, UTF-8 Unicode text, with CRLF line terminators
|
downloaded
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\index[1].htm
|
HTML document, UTF-8 Unicode text, with CRLF line terminators
|
downloaded
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\0c437755-473f-4122-97e4-4045c86f469d.tmp
|
SysEx File -
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\204f15aa-cd39-4bd6-bc6f-c02c1d133d38.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\4c84ccbd-83a1-4b1e-b2c4-e86a464b28a7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\50b08064-8803-462a-bc27-1183ed393096.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\6a7823d1-9ee1-4aaf-a95f-fefd99acc230.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\71f00045-b35a-43c4-8896-30fa85b85e29.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\84847969-5c87-4bb2-818e-b94b27003720.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2aa6bfef-82e7-41d8-b31e-a113c96e0570.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4448a291-c972-42d9-abe9-fc064e8a8c4f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\635b3ed0-db8c-4d2e-929d-c2c5032211c2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\75a425df-9ddd-4041-bdca-f8bc5f54de59.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\76659c36-8a81-4adf-89b4-c364184e7489.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9164e2a7-f0ee-4e6d-99de-697544cf8a95.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\7094d46a-0046-475b-bb34-1d7293eca4b5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c0f82db5-ad7f-4d81-9915-8744d398f9f3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d401b33d-9ce5-4417-85c9-4e59132f92d6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fbbd72ef-6390-4ce5-a738-5be3f83f701f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ffcafbd3-fd32-4f6a-bfa5-410720ecafa7.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\b57bc473-8f9e-46e9-93c7-774aa35c22a5.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\ceb21468-8458-44a7-b3b2-9282c71a9adb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\e9858284-c07c-44b7-b8b0-ce0f31e2368f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\ead0b8bd-a0fd-438e-b9bd-33505bd1b038.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7411BFF8-D245-4AA5-9494-FF51EE73FEE8
|
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\9B7EEB3A.tmp
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\A9669ADD.png
|
PNG image data, 1140 x 1281, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\6216_1284855047\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\6216_1284855047\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\6216_1284855047\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\6216_1284855047\manifest.json
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\bb63800f-610d-4a15-a8b8-0b061b19bfe7.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\c74542be-5229-4ca4-84da-1bdbe9ebb4f2.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\es\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\es_419\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\et\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\fi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\fr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\hi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\hu\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\ko\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\lv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\pl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\pt_BR\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\pt_PT\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\ro\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\ru\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\sk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\sl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\sr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\sv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\th\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\tr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\uk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_locales\zh_TW\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir6216_1129368496\bb63800f-610d-4a15-a8b8-0b061b19bfe7.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DF3092C3A49577FED5.TMP
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DF5413B9557D54C726.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Users\user\Desktop\~$Invoice#0036473 .xlsx
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\10a36c76-179f-4b6c-8570-4068d7b95038.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\2e7ae45e-292f-4c2c-8644-46887721f59e.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\32f73c54-cdaa-4123-8c7e-734a8f628d3d.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\462d2348-cde6-4394-b88d-3ef7a690546b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\5cc29f6a-f57d-4269-b4a5-b35882368e40.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\08bcfff1-5e8d-42bb-a394-0d3c1979af63.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\137e88e9-eb57-40f4-b989-72e2595c97aa.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1b81d574-d17f-43d8-b909-8aad5c117009.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1e6a7797-f867-41d1-8962-183f08016f0e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\23d6aa7d-ae0f-44fb-8098-8671aa3c36c0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4ffaf27a-581e-4744-82c7-561c030c5cfd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\68b69776-d590-40a8-9e70-f14c909f8c8d.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\28273922-1a26-4399-a23a-25fab8ef8ef9.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index
|
ISO-8859 text, with no line terminators, with escape sequences
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index
|
ISO-8859 text, with no line terminators, with escape sequences
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\index
|
FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a48514e2-257b-4ce9-a1b8-aa007209afbe.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ad7e2249-b97d-4442-a21f-a4067c98d52b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d5575abb-c188-4676-bc77-eb3ead99d0fa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000008.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fa57dafd-4e3d-4280-86ef-5f6b279f8fb2.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc72625b-ce6c-4e0e-9448-31cad2a3c0bd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\be60ccf5-e6d5-4124-a42c-7e04cc18673a.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\d4994c1e-e2a6-417a-8037-eef2f3c2f99e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\d696b02f-2025-4f67-a692-d8adde6b1278.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\d7c59152-eb3b-4827-aca1-e6afce5cc8c3.tmp
|
PGP symmetric key encrypted data - Plaintext or unencrypted data salted -
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\f00af8ef-12e7-45e4-b998-a92816026779.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\42098A23.png
|
PNG image data, 1140 x 1281, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\3054.tmp
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\347e43ed-9d19-441d-ac31-ab93e366f8d0.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\a4053014-91fa-4ea9-8dde-7cf0b34244b6.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir1688_252689295\a4053014-91fa-4ea9-8dde-7cf0b34244b6.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DF6AEEABD9704EA844.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\~DFCA3402021093D597.TMP
|
data
|
dropped
|
There are 207 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
|
"C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE" /automation -Embedding
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1516,13884780355783072861,325699125953972634,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation -- "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1508,16844756102088746549,18276088861922986992,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
|
||
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
|
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
|
||
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
|
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|
||
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
|
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--field-trial-handle=968,11663495452235836402,10867097982774653214,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox
--mojo-platform-channel-handle=1452 /prefetch:8
|
||
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
|
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation -- "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|
||
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
|
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--field-trial-handle=932,13148372515324661737,10505591573509331624,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox
--mojo-platform-channel-handle=1376 /prefetch:8
|
||
C:\Windows\splwow64.exe
|
C:\Windows\splwow64.exe 12288
|
There are 1 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|
|||
https://eyecandylashcompany.com/payment/frontend_paper_lantern/images/office3651.png
|
69.49.244.155
|
||
https://eyecandylashcompany.com/payment/frontend_paper_lantern/css/hover.css
|
69.49.244.155
|
||
https://eyecandylashcompany.com/payment/frontend_paper_lantern/images/gmail.png
|
69.49.244.155
|
||
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html2
|
unknown
|
||
https://api.diagnosticssdf.office.com
|
unknown
|
||
https://login.microsoftonline.com/
|
unknown
|
||
https://shell.suite.office.com:1443
|
unknown
|
||
https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
|
unknown
|
||
https://cdn.pixabay.com/photo/2018/03/10/12/00/paper-3213924_1280.jpg
|
172.64.150.12
|
||
https://autodiscover-s.outlook.com/
|
unknown
|
||
https://roaming.edog.
|
unknown
|
||
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
||
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
|
unknown
|
||
https://cdn.entity.
|
unknown
|
||
https://api.addins.omex.office.net/appinfo/query
|
unknown
|
||
https://clients.config.office.net/user/v1.0/tenantassociationkey
|
unknown
|
||
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
|
unknown
|
||
https://powerlift.acompli.net
|
unknown
|
||
https://rpsticket.partnerservices.getmicrosoftkey.com
|
unknown
|
||
https://lookup.onenote.com/lookup/geolocation/v1
|
unknown
|
||
https://cortana.ai
|
unknown
|
||
https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
||
https://cloudfiles.onenote.com/upload.aspx
|
unknown
|
||
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
|
unknown
|
||
https://entitlement.diagnosticssdf.office.com
|
unknown
|
||
https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
|
unknown
|
||
https://api.aadrm.com/
|
unknown
|
||
https://ofcrecsvcapi-int.azurewebsites.net/
|
unknown
|
||
https://www.google.com
|
unknown
|
||
http://schemas.microz
|
unknown
|
||
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
|
unknown
|
||
https://api.microsoftstream.com/api/
|
unknown
|
||
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
|
unknown
|
||
https://cr.office.com
|
unknown
|
||
https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
|
unknown
|
||
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.11.207
|
||
https://kit.fontawesome.com/585b051251.js
|
unknown
|
||
https://portal.office.com/account/?ref=ClientMeControl
|
unknown
|
||
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
http://schemas.microsof
|
unknown
|
||
https://graph.ppe.windows.net
|
unknown
|
||
https://res.getmicrosoftkey.com/api/redemptionevents
|
unknown
|
||
https://powerlift-frontdesk.acompli.net
|
unknown
|
||
https://tasks.office.com
|
unknown
|
||
https://officeci.azurewebsites.net/api/
|
unknown
|
||
https://sr.outlook.office.net/ws/speech/recognize/assistant/work
|
unknown
|
||
https://dns.google
|
unknown
|
||
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
https://store.office.cn/addinstemplate
|
unknown
|
||
https://api.aadrm.com
|
unknown
|
||
https://outlook.office.com/autosuggest/api/v1/init?cvid=
|
unknown
|
||
https://globaldisco.crm.dynamics.com
|
unknown
|
||
https://messaging.engagement.office.com/
|
unknown
|
||
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
https://lh3.googleusercontent.com
|
unknown
|
||
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
||
https://dev0-api.acompli.net/autodetect
|
unknown
|
||
https://www.odwebp.svc.ms
|
unknown
|
||
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
|
104.18.10.207
|
||
https://api.diagnosticssdf.office.com/v2/feedback
|
unknown
|
||
https://api.powerbi.com/v1.0/myorg/groups
|
unknown
|
||
https://web.microsoftstream.com/video/
|
unknown
|
||
https://api.addins.store.officeppe.com/addinstemplate
|
unknown
|
||
https://www.google.com/images/x2.gif
|
unknown
|
||
https://graph.windows.net
|
unknown
|
||
https://dataservice.o365filtering.com/
|
unknown
|
||
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.251.36.238
|
||
https://officesetup.getmicrosoftkey.com
|
unknown
|
||
https://analysis.windows.net/powerbi/api
|
unknown
|
||
https://prod-global-autodetect.acompli.net/autodetect
|
unknown
|
||
https://www.google.com/images/dot2.gif
|
unknown
|
||
https://outlook.office365.com/autodiscover/autodiscover.json
|
unknown
|
||
https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
|
unknown
|
||
https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
||
https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
|
unknown
|
||
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
|
unknown
|
||
https://ncus.contentsync.
|
unknown
|
||
https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
|
unknown
|
||
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
|
unknown
|
||
http://weather.service.msn.com/data.aspx
|
unknown
|
||
https://apis.live.net/v5.0/
|
unknown
|
||
https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
|
unknown
|
||
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
|
unknown
|
||
https://www.google.com/
|
unknown
|
||
https://messaging.lifecycle.office.com/
|
unknown
|
||
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
|
unknown
|
||
https://management.azure.com
|
unknown
|
||
https://outlook.office365.com
|
unknown
|
||
http://schemas.mi
|
unknown
|
||
https://wus2.contentsync.
|
unknown
|
||
https://incidents.diagnostics.office.com
|
unknown
|
||
https://clients.config.office.net/user/v1.0/ios
|
unknown
|
||
https://www.google.com/images/cleardot.gif
|
unknown
|
||
http://www.gmail.com
|
unknown
|
||
https://insertmedia.bing.office.net/odc/insertmedia
|
unknown
|
||
https://play.google.com
|
unknown
|
||
https://o365auditrealtimeingestion.manage.office.com
|
unknown
|
||
https://outlook.office365.com/api/v1.0/me/Activities
|
unknown
|
||
https://api.office.net
|
unknown
|
||
https://incidents.diagnosticssdf.office.com
|
unknown
|
||
https://asgsmsproxyapi.azurewebsites.net/
|
unknown
|
||
https://consent.google.com
|
unknown
|
||
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
https://ogs.google.com
|
unknown
|
||
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
||
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.251.36.205
|
||
https://adservice.google.com
|
unknown
|
||
https://lh3.googleusercontent.com/proxy/bATQDWurvLlY3z2KTwUlb1gMxwLZoCk7CvqzrLqN1JioLU4nXkElVj-rMrvN
|
unknown
|
||
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
104.18.11.207
|
||
https://code.jquery.com/jquery-3.3.1.js
|
unknown
|
||
https://accounts.google.com/MergeSession
|
unknown
|
||
https://lh3.googleusercontent.com/proxy/bATQDWurvLlY3z2KTwUlb1gMxwLZoCk7CvqzrLqN1JioLU4nXkElVj-rMrvNZjuUXh3c1WhNOGX5_Cg18Wmltm3vvna-uZDqOkUISXU4XOYsUyt-4962tq2u0WiI358gef4ewWcVp0PA6YiTnICV2Cg7wLzdb0DlXw
|
172.217.16.161
|
||
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
104.17.25.14
|
||
https://accounts.google.com
|
unknown
|
||
https://cdn.iconscout.com/icon/free/png-512/microsoft-sharepoint-3-599372.png
|
104.18.28.243
|
||
https://clients2.googleusercontent.com
|
unknown
|
||
https://apis.google.com
|
unknown
|
||
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.251.36.238
|
||
https://clients2.google.com
|
unknown
|
||
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 113 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
eyecandylashcompany.com
|
69.49.244.155
|
||
gstaticadssl.l.google.com
|
142.251.36.227
|
||
stackpath.bootstrapcdn.com
|
104.18.10.207
|
||
accounts.google.com
|
142.251.36.205
|
||
cdnjs.cloudflare.com
|
104.17.24.14
|
||
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
||
clients.l.google.com
|
142.251.36.238
|
||
cdn.iconscout.com
|
104.18.29.243
|
||
cdn.pixabay.com
|
172.64.150.12
|
||
googlehosted.l.googleusercontent.com
|
172.217.16.161
|
||
clients2.google.com
|
unknown
|
||
ka-f.fontawesome.com
|
unknown
|
||
code.jquery.com
|
unknown
|
||
kit.fontawesome.com
|
unknown
|
||
lh3.googleusercontent.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
69.49.244.155
|
eyecandylashcompany.com
|
United States
|
||
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
192.168.2.1
|
unknown
|
unknown
|
||
104.18.10.207
|
stackpath.bootstrapcdn.com
|
United States
|
||
142.251.36.205
|
accounts.google.com
|
United States
|
||
142.251.36.238
|
clients.l.google.com
|
United States
|
||
142.251.36.227
|
gstaticadssl.l.google.com
|
United States
|
||
104.18.11.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.18.29.243
|
cdn.iconscout.com
|
United States
|
||
172.64.150.12
|
cdn.pixabay.com
|
United States
|
||
172.217.16.161
|
googlehosted.l.googleusercontent.com
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|
||
192.168.2.4
|
unknown
|
unknown
|
||
104.18.37.244
|
cdn.pixabay.com
|
United States
|
||
192.168.2.22
|
unknown
|
unknown
|
||
104.18.28.243
|
cdn.iconscout.com
|
United States
|
||
192.168.2.255
|
unknown
|
unknown
|
||
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
There are 9 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
d>)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
#>)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
|
RemoteClearDate
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3
|
Last
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
FilePath
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
StartDate
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
EndDate
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
Properties
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
|
Url
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
|
LastClean
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableWinHttpCertAuth
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableIsOwnerRegex
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableSessionAwareHttpClose
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableADALForExtendedApps
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
DisableADALSetSilentAuth
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
msoridDisableGuestCredProvider
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
|
msoridDisableOstringReplace
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
|
LastBootTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
|
ReviewToken
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\22C28
|
22C28
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
VBAFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
|
MSForms
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
|
MSComctlLib
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
|
+0)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\37774
|
37774
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\39B29
|
39B29
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet
|
UseRWHlinkNavigation
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General
|
FileFormatBallotBoxAppIDBootedOnce
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
ProductFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-US
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-US
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
|
EXCELFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingConfigurableSettings
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastSyncTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
|
RoamingLastWriteTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
|
LastBootTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
'x)
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
|
MTTT
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\68536
|
68536
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
|
& )
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\73F03
|
73F03
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Max Display
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 1
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 2
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 3
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 4
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 5
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 6
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 7
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 8
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 9
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 10
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 11
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 12
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 13
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 14
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 15
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 16
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 17
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 18
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 19
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
|
Item 20
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\74E6E
|
74E6E
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
|
LastPurgeTime
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet
|
UseRWHlinkNavigation
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
EXCELFiles
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-966771315-3019405637-367336477-1006
|
||
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
version
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
There are 144 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
37B2000
|
heap
|
page read and write
|
||
2746D229000
|
heap
|
page read and write
|
||
1B6A1C2C000
|
heap
|
page read and write
|
||
30BA000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3765000
|
heap
|
page read and write
|
||
3766000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
37BE000
|
heap
|
page read and write
|
||
1DE85658000
|
heap
|
page read and write
|
||
30E4000
|
heap
|
page read and write
|
||
C58000
|
heap
|
page read and write
|
||
1B6A1926000
|
trusted library allocation
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
1B69C200000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
30B2000
|
heap
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
1B6A1927000
|
trusted library allocation
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
2FE8000
|
heap
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
1BD2477D000
|
heap
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
1BD247A0000
|
heap
|
page read and write
|
||
1A35E43F000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
265A59DC000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
3260000
|
trusted library allocation
|
page read and write
|
||
31A4000
|
heap
|
page read and write
|
||
1B69C23C000
|
heap
|
page read and write
|
||
1BD24787000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
1B69768A000
|
heap
|
page read and write
|
||
376E000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
2A40000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
9F8CA7E000
|
stack
|
page read and write
|
||
19DCEB00000
|
heap
|
page read and write
|
||
DEA000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
3751000
|
heap
|
page read and write
|
||
A34F7C000
|
stack
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3130000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
3690000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
1A35E44E000
|
heap
|
page read and write
|
||
37A8000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1BD24BB0000
|
remote allocation
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2A1C000
|
heap
|
page read and write
|
||
E05000
|
heap
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
300C000
|
heap
|
page read and write
|
||
37A0000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2073A2A0000
|
heap
|
page read and write
|
||
C9F000
|
heap
|
page read and write
|
||
C54000
|
heap
|
page read and write
|
||
382A000
|
heap
|
page read and write
|
||
1B6A1CA6000
|
heap
|
page read and write
|
||
6FC69FC000
|
stack
|
page read and write
|
||
1EDDE602000
|
trusted library allocation
|
page read and write
|
||
3817000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
C81000
|
heap
|
page read and write
|
||
377A000
|
heap
|
page read and write
|
||
2A42000
|
heap
|
page read and write
|
||
37FB000
|
heap
|
page read and write
|
||
1BD23E88000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
30C0000
|
heap
|
page read and write
|
||
3003000
|
heap
|
page read and write
|
||
1DBE77E000
|
stack
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
37D3000
|
heap
|
page read and write
|
||
2FAA000
|
heap
|
page read and write
|
||
30C2000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
3185000
|
heap
|
page read and write
|
||
9F8CBFF000
|
stack
|
page read and write
|
||
1BD24C20000
|
heap
|
page read and write
|
||
459C7F8000
|
stack
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
1BD23CA0000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
37F7000
|
heap
|
page read and write
|
||
2AB3000
|
heap
|
page read and write
|
||
BD092F9000
|
stack
|
page read and write
|
||
29F0000
|
trusted library allocation
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
1DC0BBF1000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
2A46000
|
heap
|
page read and write
|
||
1EDDDD00000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
3773000
|
heap
|
page read and write
|
||
D70000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
C55000
|
heap
|
page read and write
|
||
19DCEC13000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
BD08FDF000
|
stack
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
C58000
|
heap
|
page read and write
|
||
D00000
|
heap
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
1BD24792000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
37B9000
|
heap
|
page read and write
|
||
2FF8000
|
heap
|
page read and write
|
||
2686FB32000
|
heap
|
page read and write
|
||
D67000
|
heap
|
page read and write
|
||
3187000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
1EDDDB70000
|
heap
|
page read and write
|
||
DE0000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
2AA5000
|
heap
|
page read and write
|
||
2A32000
|
heap
|
page read and write
|
||
3673000
|
heap
|
page read and write
|
||
265A59D5000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1BD24798000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
1EDDDC7E000
|
heap
|
page read and write
|
||
37B2000
|
heap
|
page read and write
|
||
1B6A1CD3000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
3692000
|
heap
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
459BFDB000
|
stack
|
page read and write
|
||
2FA3000
|
heap
|
page read and write
|
||
B12407E000
|
stack
|
page read and write
|
||
1EDDDBD0000
|
heap
|
page read and write
|
||
37A3000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
1A35E44D000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
6FC6F7F000
|
stack
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
A7C000
|
stack
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
1BD2479E000
|
heap
|
page read and write
|
||
1DE85702000
|
heap
|
page read and write
|
||
3669000
|
heap
|
page read and write
|
||
2A48000
|
heap
|
page read and write
|
||
3016000
|
heap
|
page read and write
|
||
2073A513000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
265A5998000
|
heap
|
page read and write
|
||
1B697E02000
|
trusted library allocation
|
page read and write
|
||
1BD2475D000
|
heap
|
page read and write
|
||
1F1243B0000
|
heap
|
page read and write
|
||
31AA000
|
heap
|
page read and write
|
||
1BD23E7C000
|
heap
|
page read and write
|
||
C9F000
|
heap
|
page read and write
|
||
DE2000
|
heap
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
1B69C213000
|
heap
|
page read and write
|
||
2A55000
|
heap
|
page read and write
|
||
1F124425000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
19DCEB10000
|
heap
|
page read and write
|
||
6FC6E7D000
|
stack
|
page read and write
|
||
1A35E280000
|
heap
|
page read and write
|
||
B22BA7E000
|
stack
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
37A2000
|
heap
|
page read and write
|
||
3004000
|
heap
|
page read and write
|
||
39F0000
|
trusted library allocation
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
C62000
|
heap
|
page read and write
|
||
3180000
|
heap
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3761000
|
heap
|
page read and write
|
||
9F8CD7F000
|
stack
|
page read and write
|
||
1B69CD13000
|
heap
|
page read and write
|
||
B22B70B000
|
stack
|
page read and write
|
||
1EDDDC6B000
|
heap
|
page read and write
|
||
E662FF000
|
stack
|
page read and write
|
||
37DE000
|
heap
|
page read and write
|
||
3757000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
37B5000
|
heap
|
page read and write
|
||
265A59E1000
|
heap
|
page read and write
|
||
3743000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
30BA000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
1B6A1950000
|
trusted library allocation
|
page read and write
|
||
2A30000
|
heap
|
page read and write
|
||
1BD2477B000
|
heap
|
page read and write
|
||
30E6000
|
heap
|
page read and write
|
||
1B69CE00000
|
trusted library allocation
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
1BD2471D000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
1DE85560000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
E6627A000
|
stack
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2A46000
|
heap
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
1A35E47A000
|
heap
|
page read and write
|
||
4AA90BB000
|
stack
|
page read and write
|
||
37B4000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
3812000
|
heap
|
page read and write
|
||
1B6A1D07000
|
heap
|
page read and write
|
||
3745000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
30CA000
|
heap
|
page read and write
|
||
380D000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
2073A425000
|
heap
|
page read and write
|
||
1DC0BBE0000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
374B000
|
heap
|
page read and write
|
||
3023000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1A35E439000
|
heap
|
page read and write
|
||
1B6A1A80000
|
remote allocation
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
C81000
|
heap
|
page read and write
|
||
381B000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
1BD23EA4000
|
heap
|
page read and write
|
||
30C7000
|
heap
|
page read and write
|
||
2073C400000
|
remote allocation
|
page read and write
|
||
1DE85602000
|
heap
|
page read and write
|
||
30BE000
|
heap
|
page read and write
|
||
1DE85EA0000
|
remote allocation
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1BD23E65000
|
heap
|
page read and write
|
||
3671000
|
heap
|
page read and write
|
||
C55000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
1BD247A6000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
1DBEBFD000
|
stack
|
page read and write
|
||
2A17000
|
heap
|
page read and write
|
||
1BD23F08000
|
heap
|
page read and write
|
||
1BD24791000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
1F124481000
|
heap
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
1B69D3D0000
|
trusted library section
|
page readonly
|
||
2A4B000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
2A55000
|
heap
|
page read and write
|
||
2A40000
|
heap
|
page read and write
|
||
2073A310000
|
heap
|
page read and write
|
||
D74000
|
heap
|
page read and write
|
||
2FF0000
|
heap
|
page read and write
|
||
CB7000
|
heap
|
page read and write
|
||
37BA000
|
heap
|
page read and write
|
||
2F93000
|
heap
|
page read and write
|
||
4AA997E000
|
stack
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
2AA5000
|
heap
|
page read and write
|
||
1A35E450000
|
heap
|
page read and write
|
||
2A16000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
1A35E47D000
|
heap
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
1EDDDD02000
|
heap
|
page read and write
|
||
3794000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
379A000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
2FF0000
|
heap
|
page read and write
|
||
1BD2479C000
|
heap
|
page read and write
|
||
2A54000
|
heap
|
page read and write
|
||
2AAA000
|
heap
|
page read and write
|
||
1B69D3F0000
|
trusted library section
|
page readonly
|
||
D228E7E000
|
stack
|
page read and write
|
||
37BD000
|
heap
|
page read and write
|
||
37E9000
|
heap
|
page read and write
|
||
1B6A1A70000
|
trusted library allocation
|
page read and write
|
||
3A81000
|
heap
|
page read and write
|
||
1BD24790000
|
heap
|
page read and write
|
||
D228D7F000
|
stack
|
page read and write
|
||
C81000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
3016000
|
heap
|
page read and write
|
||
1F124340000
|
heap
|
page read and write
|
||
2073A42A000
|
heap
|
page read and write
|
||
376F000
|
heap
|
page read and write
|
||
E6637E000
|
stack
|
page read and write
|
||
C58000
|
heap
|
page read and write
|
||
9F8CCFF000
|
stack
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
2FE8000
|
heap
|
page read and write
|
||
1EDDDC91000
|
heap
|
page read and write
|
||
37AA000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3005000
|
heap
|
page read and write
|
||
375B000
|
heap
|
page read and write
|
||
300D000
|
heap
|
page read and write
|
||
C1E000
|
heap
|
page read and write
|
||
3669000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
3003000
|
heap
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
2A39000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
3A70000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
2A52000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
37AE000
|
heap
|
page read and write
|
||
C9F000
|
heap
|
page read and write
|
||
390E000
|
heap
|
page read and write
|
||
1BD24713000
|
heap
|
page read and write
|
||
3014000
|
heap
|
page read and write
|
||
30B5000
|
heap
|
page read and write
|
||
C49000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
31AE000
|
heap
|
page read and write
|
||
3816000
|
heap
|
page read and write
|
||
19DCED00000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
2FF5000
|
heap
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
375F000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
C4D000
|
heap
|
page read and write
|
||
265A5B95000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
376E000
|
heap
|
page read and write
|
||
2AA8000
|
heap
|
page read and write
|
||
C62000
|
heap
|
page read and write
|
||
C1F000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
7E0000
|
unkown
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
1BD2477B000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
2073A45A000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
1EDDDD13000
|
heap
|
page read and write
|
||
2FF5000
|
heap
|
page read and write
|
||
B22B78E000
|
stack
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2A17000
|
heap
|
page read and write
|
||
D7B000
|
heap
|
page read and write
|
||
265A6690000
|
trusted library allocation
|
page read and write
|
||
3795000
|
heap
|
page read and write
|
||
1B6A1920000
|
trusted library allocation
|
page read and write
|
||
3816000
|
heap
|
page read and write
|
||
3135000
|
heap
|
page read and write
|
||
DE0000
|
heap
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
4AA967E000
|
stack
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
2686F120000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1BD24790000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
7C0000
|
unkown
|
page readonly
|
||
C9F000
|
heap
|
page read and write
|
||
2746D213000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
3014000
|
heap
|
page read and write
|
||
39F0000
|
trusted library allocation
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
C4D000
|
heap
|
page read and write
|
||
2FA4000
|
heap
|
page read and write
|
||
7F0000
|
remote allocation
|
page read and write
|
||
D22897E000
|
stack
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
2A1C000
|
heap
|
page read and write
|
||
1F12445B000
|
heap
|
page read and write
|
||
28A9000
|
stack
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
3137000
|
heap
|
page read and write
|
||
2746D302000
|
heap
|
page read and write
|
||
1B6A1D02000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
1B6975E0000
|
trusted library allocation
|
page read and write
|
||
1EDDDC00000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
3B80000
|
trusted library allocation
|
page read and write
|
||
C8A000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
4AA9777000
|
stack
|
page read and write
|
||
2073A43D000
|
heap
|
page read and write
|
||
1BD247A0000
|
heap
|
page read and write
|
||
DE5000
|
heap
|
page read and write
|
||
1DBE7FE000
|
stack
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
1DE855D0000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
2A15000
|
heap
|
page read and write
|
||
1B697680000
|
heap
|
page read and write
|
||
3904000
|
heap
|
page read and write
|
||
1DBEAFF000
|
stack
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
3824000
|
heap
|
page read and write
|
||
1BD2478C000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
1BD24774000
|
heap
|
page read and write
|
||
1BD24602000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
2686F302000
|
heap
|
page read and write
|
||
1B69CD18000
|
heap
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
37AD000
|
heap
|
page read and write
|
||
CBF000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
CB3000
|
heap
|
page read and write
|
||
3016000
|
heap
|
page read and write
|
||
D60000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
1BD2477B000
|
heap
|
page read and write
|
||
2073C000000
|
trusted library allocation
|
page read and write
|
||
1DBE37B000
|
stack
|
page read and write
|
||
3758000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
6FC687E000
|
stack
|
page read and write
|
||
3797000
|
heap
|
page read and write
|
||
1A35E46A000
|
heap
|
page read and write
|
||
9613FFE000
|
stack
|
page read and write
|
||
313A000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
C48000
|
heap
|
page read and write
|
||
2A28000
|
heap
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
37AE000
|
heap
|
page read and write
|
||
2A4A000
|
heap
|
page read and write
|
||
9F8D37F000
|
stack
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
1F124513000
|
heap
|
page read and write
|
||
2AA1000
|
heap
|
page read and write
|
||
9F8C38D000
|
stack
|
page read and write
|
||
3689000
|
heap
|
page read and write
|
||
19DCEC23000
|
heap
|
page read and write
|
||
C81000
|
heap
|
page read and write
|
||
3679000
|
heap
|
page read and write
|
||
37A1000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
C43000
|
heap
|
page read and write
|
||
2A39000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
1BD23E6D000
|
heap
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
3823000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
3682000
|
heap
|
page read and write
|
||
1A35EC02000
|
trusted library allocation
|
page read and write
|
||
37B0000
|
heap
|
page read and write
|
||
31A3000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
31AB000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
1B6A1B90000
|
trusted library allocation
|
page read and write
|
||
1EDDDC48000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
30C4000
|
heap
|
page read and write
|
||
2F97000
|
heap
|
page read and write
|
||
1B69C290000
|
heap
|
page read and write
|
||
3903000
|
heap
|
page read and write
|
||
31AE000
|
heap
|
page read and write
|
||
C7B000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
459C2FE000
|
stack
|
page read and write
|
||
1BD24794000
|
heap
|
page read and write
|
||
1DC0BB55000
|
heap
|
page read and write
|
||
DEB000
|
heap
|
page read and write
|
||
2A40000
|
heap
|
page read and write
|
||
1DC0BC0E000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
2FF9000
|
heap
|
page read and write
|
||
2A4A000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
B123D7B000
|
stack
|
page read and write
|
||
1F124466000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
2FF8000
|
heap
|
page read and write
|
||
31AA000
|
heap
|
page read and write
|
||
1DE86002000
|
trusted library allocation
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
1DC0BC0E000
|
heap
|
page read and write
|
||
3810000
|
heap
|
page read and write
|
||
C4D000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
265A5BA0000
|
trusted library allocation
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
CB7000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3798000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
30BA000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
1A35E502000
|
heap
|
page read and write
|
||
30C7000
|
heap
|
page read and write
|
||
2073A2B0000
|
heap
|
page read and write
|
||
3676000
|
heap
|
page read and write
|
||
2A3E000
|
heap
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
C51000
|
heap
|
page read and write
|
||
B12417B000
|
stack
|
page read and write
|
||
2A59000
|
heap
|
page read and write
|
||
9F8D17A000
|
stack
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
BD0927E000
|
stack
|
page read and write
|
||
BD09379000
|
stack
|
page read and write
|
||
D72000
|
heap
|
page read and write
|
||
C8A000
|
heap
|
page read and write
|
||
313B000
|
heap
|
page read and write
|
||
367B000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
37D0000
|
heap
|
page read and write
|
||
318A000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
3772000
|
heap
|
page read and write
|
||
C7C000
|
heap
|
page read and write
|
||
D63000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
379E000
|
heap
|
page read and write
|
||
1BD24792000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
1B6A17C0000
|
trusted library allocation
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1B6A1964000
|
trusted library allocation
|
page read and write
|
||
3014000
|
heap
|
page read and write
|
||
3804000
|
heap
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
1BD23E5C000
|
heap
|
page read and write
|
||
3678000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3678000
|
heap
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
2FAE000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
3A91000
|
heap
|
page read and write
|
||
C45000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
1B69CD18000
|
heap
|
page read and write
|
||
318B000
|
heap
|
page read and write
|
||
368F000
|
heap
|
page read and write
|
||
C94000
|
heap
|
page read and write
|
||
2F9E000
|
heap
|
page read and write
|
||
2746D276000
|
heap
|
page read and write
|
||
1BD2475D000
|
heap
|
page read and write
|
||
2073BDD0000
|
trusted library allocation
|
page read and write
|
||
3907000
|
heap
|
page read and write
|
||
375E000
|
heap
|
page read and write
|
||
3767000
|
heap
|
page read and write
|
||
3740000
|
trusted library allocation
|
page read and write
|
||
2FF3000
|
heap
|
page read and write
|
||
1DBEA7D000
|
stack
|
page read and write
|
||
2A23000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
313A000
|
heap
|
page read and write
|
||
1B69CD02000
|
heap
|
page read and write
|
||
2A16000
|
heap
|
page read and write
|
||
381A000
|
heap
|
page read and write
|
||
6FC6C7D000
|
stack
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
1A35E220000
|
heap
|
page read and write
|
||
1B6A1950000
|
trusted library allocation
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
7E0000
|
unkown
|
page read and write
|
||
2FAA000
|
heap
|
page read and write
|
||
3184000
|
heap
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
2AAA000
|
heap
|
page read and write
|
||
A3557B000
|
stack
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
1DE85E70000
|
trusted library allocation
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
19DCEC28000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
375B000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
3183000
|
heap
|
page read and write
|
||
1BD247B4000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
3133000
|
heap
|
page read and write
|
||
1B69D761000
|
trusted library allocation
|
page read and write
|
||
DEA000
|
heap
|
page read and write
|
||
2686F2C6000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
9F8C879000
|
stack
|
page read and write
|
||
1B6A1790000
|
trusted library allocation
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
265A5990000
|
heap
|
page read and write
|
||
3B80000
|
trusted library allocation
|
page read and write
|
||
C7E000
|
heap
|
page read and write
|
||
30BE000
|
heap
|
page read and write
|
||
C47000
|
heap
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
2F94000
|
heap
|
page read and write
|
||
3682000
|
heap
|
page read and write
|
||
2FAE000
|
heap
|
page read and write
|
||
1BD23E00000
|
heap
|
page read and write
|
||
37A3000
|
heap
|
page read and write
|
||
281C000
|
stack
|
page read and write
|
||
3797000
|
heap
|
page read and write
|
||
2FE8000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
376D000
|
heap
|
page read and write
|
||
2686F313000
|
heap
|
page read and write
|
||
3792000
|
heap
|
page read and write
|
||
CB8000
|
heap
|
page read and write
|
||
2746D200000
|
heap
|
page read and write
|
||
2FF3000
|
heap
|
page read and write
|
||
3762000
|
heap
|
page read and write
|
||
37A7000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
2686F9C0000
|
trusted library allocation
|
page read and write
|
||
2A59000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
3817000
|
heap
|
page read and write
|
||
CC4000
|
heap
|
page read and write
|
||
3815000
|
heap
|
page read and write
|
||
382E000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
1B6A1A60000
|
trusted library allocation
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
1B6A1921000
|
trusted library allocation
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
2A5E000
|
heap
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
C7E000
|
heap
|
page read and write
|
||
1B69C180000
|
heap
|
page read and write
|
||
2AA1000
|
heap
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
C47000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
37AD000
|
heap
|
page read and write
|
||
1F124400000
|
heap
|
page read and write
|
||
3790000
|
heap
|
page read and write
|
||
1DE85613000
|
heap
|
page read and write
|
||
3766000
|
heap
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
31AA000
|
heap
|
page read and write
|
||
30CE000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
3002000
|
heap
|
page read and write
|
||
C5A000
|
heap
|
page read and write
|
||
1DE85600000
|
heap
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
3673000
|
heap
|
page read and write
|
||
1DC0BC20000
|
heap
|
page read and write
|
||
1DC0BC0E000
|
heap
|
page read and write
|
||
1BD23E2C000
|
heap
|
page read and write
|
||
1BD247C2000
|
heap
|
page read and write
|
||
30D0000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
1B69C325000
|
heap
|
page read and write
|
||
1B6A1A80000
|
remote allocation
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
1B6A1925000
|
trusted library allocation
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
3A81000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
30C3000
|
heap
|
page read and write
|
||
2A42000
|
heap
|
page read and write
|
||
C48000
|
heap
|
page read and write
|
||
37BA000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
37E7000
|
heap
|
page read and write
|
||
376F000
|
heap
|
page read and write
|
||
1B6A1CED000
|
heap
|
page read and write
|
||
3260000
|
trusted library allocation
|
page read and write
|
||
1B697622000
|
heap
|
page read and write
|
||
37DB000
|
heap
|
page read and write
|
||
390B000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1BD23EC0000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
36A1000
|
heap
|
page read and write
|
||
3788000
|
heap
|
page read and write
|
||
1B69C1B0000
|
trusted library allocation
|
page read and write
|
||
1B6A19F0000
|
trusted library allocation
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
1B6A1BE0000
|
trusted library allocation
|
page read and write
|
||
2FF1000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
382A000
|
heap
|
page read and write
|
||
1BD23EB0000
|
heap
|
page read and write
|
||
1BD23E3C000
|
heap
|
page read and write
|
||
3794000
|
heap
|
page read and write
|
||
37A8000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1B697600000
|
heap
|
page read and write
|
||
37DA000
|
heap
|
page read and write
|
||
C8A000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3687000
|
heap
|
page read and write
|
||
1BD24792000
|
heap
|
page read and write
|
||
1B6A1960000
|
trusted library allocation
|
page read and write
|
||
1D046FE000
|
stack
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3679000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
1BD247AF000
|
heap
|
page read and write
|
||
30D2000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
1B69CBF3000
|
trusted library allocation
|
page read and write
|
||
2686F0C0000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
1A35E380000
|
trusted library allocation
|
page read and write
|
||
37AC000
|
heap
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
2A38000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
39F0000
|
trusted library allocation
|
page read and write
|
||
31A7000
|
heap
|
page read and write
|
||
382B000
|
heap
|
page read and write
|
||
2A47000
|
heap
|
page read and write
|
||
380C000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
2FA2000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1BD23E13000
|
heap
|
page read and write
|
||
379A000
|
heap
|
page read and write
|
||
C46000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
CC1000
|
heap
|
page read and write
|
||
3673000
|
heap
|
page read and write
|
||
376F000
|
heap
|
page read and write
|
||
375D000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
1DE85629000
|
heap
|
page read and write
|
||
B22BFFC000
|
stack
|
page read and write
|
||
374B000
|
heap
|
page read and write
|
||
D60000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
B1244FE000
|
stack
|
page read and write
|
||
3180000
|
heap
|
page read and write
|
||
1B69D400000
|
trusted library section
|
page readonly
|
||
1EDDE470000
|
trusted library allocation
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
3810000
|
heap
|
page read and write
|
||
1BD247AD000
|
heap
|
page read and write
|
||
30D8000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
3260000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
1B6A1928000
|
trusted library allocation
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
D65000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
BE0000
|
heap
|
page read and write
|
||
1BD23CB0000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
3740000
|
trusted library allocation
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
3813000
|
heap
|
page read and write
|
||
30CA000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
1BD2479A000
|
heap
|
page read and write
|
||
3797000
|
heap
|
page read and write
|
||
3692000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
37BE000
|
heap
|
page read and write
|
||
30C0000
|
heap
|
page read and write
|
||
37BB000
|
heap
|
page read and write
|
||
9613BFE000
|
stack
|
page read and write
|
||
3134000
|
heap
|
page read and write
|
||
CB8000
|
heap
|
page read and write
|
||
1BD23EE1000
|
heap
|
page read and write
|
||
2A45000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
30D7000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
CE0000
|
heap
|
page read and write
|
||
29F0000
|
trusted library allocation
|
page read and write
|
||
3021000
|
heap
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
3742000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1DBE97E000
|
stack
|
page read and write
|
||
37A7000
|
heap
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
376C000
|
heap
|
page read and write
|
||
2746D264000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
2073A400000
|
heap
|
page read and write
|
||
1BD247C3000
|
heap
|
page read and write
|
||
1A35E413000
|
heap
|
page read and write
|
||
9F8C6F7000
|
stack
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
1D043AC000
|
stack
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
367E000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
368F000
|
heap
|
page read and write
|
||
265A5850000
|
trusted library allocation
|
page read and write
|
||
2073A458000
|
heap
|
page read and write
|
||
1F124477000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
B22BEFF000
|
stack
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
19DCEC3C000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
2A15000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
1B69C110000
|
heap
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
1BD24750000
|
heap
|
page read and write
|
||
37D2000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
1BD24776000
|
heap
|
page read and write
|
||
37F4000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
2FAA000
|
heap
|
page read and write
|
||
D6A000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
2686F213000
|
heap
|
page read and write
|
||
7F0000
|
remote allocation
|
page read and write
|
||
2AA1000
|
heap
|
page read and write
|
||
381E000
|
heap
|
page read and write
|
||
3004000
|
heap
|
page read and write
|
||
1B69C25E000
|
heap
|
page read and write
|
||
459C4F8000
|
stack
|
page read and write
|
||
3758000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
1A35E210000
|
heap
|
page read and write
|
||
1A35E444000
|
heap
|
page read and write
|
||
1B6A1960000
|
trusted library allocation
|
page read and write
|
||
1BD23E6E000
|
heap
|
page read and write
|
||
3767000
|
heap
|
page read and write
|
||
9F8C28B000
|
stack
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
E66478000
|
stack
|
page read and write
|
||
2AAB000
|
heap
|
page read and write
|
||
37A4000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
2073A413000
|
heap
|
page read and write
|
||
1A35E44B000
|
heap
|
page read and write
|
||
2073A45C000
|
heap
|
page read and write
|
||
3770000
|
heap
|
page read and write
|
||
2FFE000
|
heap
|
page read and write
|
||
1B6A1A80000
|
remote allocation
|
page read and write
|
||
1B697677000
|
heap
|
page read and write
|
||
37AC000
|
heap
|
page read and write
|
||
376F000
|
heap
|
page read and write
|
||
1B6A1944000
|
trusted library allocation
|
page read and write
|
||
CBF000
|
heap
|
page read and write
|
||
2FFE000
|
heap
|
page read and write
|
||
2AAB000
|
heap
|
page read and write
|
||
1A35E464000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
2A1A000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
2FE9000
|
heap
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
369F000
|
heap
|
page read and write
|
||
1B69C313000
|
heap
|
page read and write
|
||
1A35E479000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
3004000
|
heap
|
page read and write
|
||
2F95000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
1BD24772000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
1BD24783000
|
heap
|
page read and write
|
||
368C000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
1BD24775000
|
heap
|
page read and write
|
||
1B6A1D15000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
1BD24C00000
|
heap
|
page read and write
|
||
2746D1E0000
|
trusted library allocation
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
B22C0FE000
|
stack
|
page read and write
|
||
37BB000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
CBA000
|
heap
|
page read and write
|
||
1BD24782000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
780000
|
heap
|
page read and write
|
||
3766000
|
heap
|
page read and write
|
||
6FC6AFE000
|
stack
|
page read and write
|
||
6FC62DB000
|
stack
|
page read and write
|
||
2746D0E0000
|
heap
|
page read and write
|
||
2FF9000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
D77000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
1EDDDC3C000
|
heap
|
page read and write
|
||
7D0000
|
unkown
|
page readonly
|
||
C84000
|
heap
|
page read and write
|
||
375C000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
2F97000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
4AA987F000
|
stack
|
page read and write
|
||
9F8CE7A000
|
stack
|
page read and write
|
||
1BD23E64000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
1BD24792000
|
heap
|
page read and write
|
||
2FD0000
|
heap
|
page read and write
|
||
2A51000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
30CE000
|
heap
|
page read and write
|
||
2073C400000
|
remote allocation
|
page read and write
|
||
C49000
|
heap
|
page read and write
|
||
37BB000
|
heap
|
page read and write
|
||
2828000
|
stack
|
page read and write
|
||
3014000
|
heap
|
page read and write
|
||
313A000
|
heap
|
page read and write
|
||
D60000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
1BD23F13000
|
heap
|
page read and write
|
||
2A37000
|
heap
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
1B69D3E0000
|
trusted library section
|
page readonly
|
||
318A000
|
heap
|
page read and write
|
||
1DC0BB60000
|
heap
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
D7A000
|
heap
|
page read and write
|
||
2686F2BD000
|
heap
|
page read and write
|
||
D7E000
|
heap
|
page read and write
|
||
1A35E400000
|
heap
|
page read and write
|
||
4AA91BE000
|
stack
|
page read and write
|
||
30C7000
|
heap
|
page read and write
|
||
C5A000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
19DCF602000
|
trusted library allocation
|
page read and write
|
||
2686F200000
|
heap
|
page read and write
|
||
3187000
|
heap
|
page read and write
|
||
1DE85652000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
1B6A2000000
|
heap
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
D73000
|
heap
|
page read and write
|
||
1B69CD18000
|
heap
|
page read and write
|
||
C4D000
|
heap
|
page read and write
|
||
C43000
|
heap
|
page read and write
|
||
2073A464000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
C29000
|
heap
|
page read and write
|
||
265A6950000
|
trusted library allocation
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
318A000
|
heap
|
page read and write
|
||
1B69D3C0000
|
trusted library section
|
page readonly
|
||
2FE7000
|
heap
|
page read and write
|
||
374B000
|
heap
|
page read and write
|
||
C7C000
|
heap
|
page read and write
|
||
C46000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
E664FF000
|
stack
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
2FF5000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
265A59C0000
|
heap
|
page read and write
|
||
1B6A1D07000
|
heap
|
page read and write
|
||
1BD24772000
|
heap
|
page read and write
|
||
2A3B000
|
heap
|
page read and write
|
||
37D7000
|
heap
|
page read and write
|
||
37B3000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
1B6A192A000
|
trusted library allocation
|
page read and write
|
||
37C7000
|
heap
|
page read and write
|
||
3745000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3740000
|
heap
|
page read and write
|
||
2073A500000
|
heap
|
page read and write
|
||
26AF000
|
stack
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3758000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
37FB000
|
heap
|
page read and write
|
||
2686F23E000
|
heap
|
page read and write
|
||
265A59DC000
|
heap
|
page read and write
|
||
3752000
|
heap
|
page read and write
|
||
1B6A1CD5000
|
heap
|
page read and write
|
||
1B6A1C13000
|
heap
|
page read and write
|
||
1BD23E7D000
|
heap
|
page read and write
|
||
3016000
|
heap
|
page read and write
|
||
37BA000
|
heap
|
page read and write
|
||
1DC0BC05000
|
heap
|
page read and write
|
||
B12427B000
|
stack
|
page read and write
|
||
1B69C263000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
1BD23E61000
|
heap
|
page read and write
|
||
2686F26D000
|
heap
|
page read and write
|
||
390A000
|
heap
|
page read and write
|
||
377A000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
3788000
|
heap
|
page read and write
|
||
1B6A1A70000
|
trusted library allocation
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
1B697480000
|
heap
|
page read and write
|
||
318B000
|
heap
|
page read and write
|
||
1BD24782000
|
heap
|
page read and write
|
||
3750000
|
heap
|
page read and write
|
||
1BD2479B000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
E00000
|
heap
|
page read and write
|
||
BE8000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
1BD24C3E000
|
heap
|
page read and write
|
||
1BD24772000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
1B69D780000
|
trusted library allocation
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
265A5B90000
|
heap
|
page read and write
|
||
2073C400000
|
remote allocation
|
page read and write
|
||
CC9000
|
heap
|
page read and write
|
||
265A5B10000
|
trusted library allocation
|
page read and write
|
||
2073C040000
|
trusted library allocation
|
page read and write
|
||
D228C7D000
|
stack
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
37DE000
|
heap
|
page read and write
|
||
1EDDDC50000
|
heap
|
page read and write
|
||
2073A448000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
C49000
|
heap
|
page read and write
|
||
C59000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
3004000
|
heap
|
page read and write
|
||
3001000
|
heap
|
page read and write
|
||
2F9B000
|
heap
|
page read and write
|
||
3744000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3758000
|
heap
|
page read and write
|
||
2AB4000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
376D000
|
heap
|
page read and write
|
||
3010000
|
heap
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
19DCEC68000
|
heap
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
30DC000
|
heap
|
page read and write
|
||
C46000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
C59000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
1BD2477D000
|
heap
|
page read and write
|
||
1B69C1C0000
|
trusted library section
|
page read and write
|
||
7C0000
|
unkown
|
page readonly
|
||
379D000
|
heap
|
page read and write
|
||
1BD23E29000
|
heap
|
page read and write
|
||
1BD24BB0000
|
remote allocation
|
page read and write
|
||
1B697661000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
1BD24BB0000
|
remote allocation
|
page read and write
|
||
C53000
|
heap
|
page read and write
|
||
1BD2479E000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
1A35E42F000
|
heap
|
page read and write
|
||
37AA000
|
heap
|
page read and write
|
||
2FF3000
|
heap
|
page read and write
|
||
3009000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3184000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
1B697708000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2A27000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
2A3C000
|
heap
|
page read and write
|
||
3822000
|
heap
|
page read and write
|
||
1A35E46C000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
377F000
|
heap
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
1BD2478A000
|
heap
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
3810000
|
heap
|
page read and write
|
||
37D4000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
E6657C000
|
stack
|
page read and write
|
||
D22917F000
|
stack
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
1A35E429000
|
heap
|
page read and write
|
||
1BD2477D000
|
heap
|
page read and write
|
||
1F124350000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
31A2000
|
heap
|
page read and write
|
||
2F9E000
|
heap
|
page read and write
|
||
1BD247B4000
|
heap
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
1A35E483000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
313E000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
2A4D000
|
heap
|
page read and write
|
||
1B69C29B000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
C75000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
1D0467E000
|
stack
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
2A3E000
|
heap
|
page read and write
|
||
3762000
|
heap
|
page read and write
|
||
37DE000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
3772000
|
heap
|
page read and write
|
||
382E000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
1B69762A000
|
heap
|
page read and write
|
||
3740000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
1BD23E5A000
|
heap
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
C49000
|
heap
|
page read and write
|
||
1F124500000
|
heap
|
page read and write
|
||
1B6A1941000
|
trusted library allocation
|
page read and write
|
||
300F000
|
heap
|
page read and write
|
||
29F0000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1B6A1780000
|
trusted library allocation
|
page read and write
|
||
3689000
|
heap
|
page read and write
|
||
2A46000
|
heap
|
page read and write
|
||
368C000
|
heap
|
page read and write
|
||
380C000
|
heap
|
page read and write
|
||
1BD23E5F000
|
heap
|
page read and write
|
||
1B69CD18000
|
heap
|
page read and write
|
||
1DE85EA0000
|
remote allocation
|
page read and write
|
||
30E2000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
30E4000
|
heap
|
page read and write
|
||
CC8000
|
heap
|
page read and write
|
||
37AB000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
1BD2479E000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
2FF8000
|
heap
|
page read and write
|
||
1EDDDC13000
|
heap
|
page read and write
|
||
B1243F7000
|
stack
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
30B4000
|
heap
|
page read and write
|
||
1DC0BC10000
|
heap
|
page read and write
|
||
1BD23E67000
|
heap
|
page read and write
|
||
2AA3000
|
heap
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
4AA913E000
|
stack
|
page read and write
|
||
265A5B80000
|
trusted library allocation
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
2686F28A000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
3750000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
6FC6D7E000
|
stack
|
page read and write
|
||
3678000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
3744000
|
heap
|
page read and write
|
||
1BD24779000
|
heap
|
page read and write
|
||
30B3000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
3820000
|
heap
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
1BD23D10000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
265A5A90000
|
heap
|
page read and write
|
||
1B6A1920000
|
trusted library allocation
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
2073A459000
|
heap
|
page read and write
|
||
D62000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
2AAB000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1B6A1A80000
|
trusted library allocation
|
page read and write
|
||
1B6A1940000
|
trusted library allocation
|
page read and write
|
||
C47000
|
heap
|
page read and write
|
||
1A35E446000
|
heap
|
page read and write
|
||
1DBE87E000
|
stack
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
1A35E449000
|
heap
|
page read and write
|
||
318A000
|
heap
|
page read and write
|
||
B1245FD000
|
stack
|
page read and write
|
||
D75000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
1B6A1800000
|
trusted library allocation
|
page read and write
|
||
3769000
|
heap
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
3769000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
CBB000
|
heap
|
page read and write
|
||
3741000
|
heap
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
1B6A1BE0000
|
trusted library allocation
|
page read and write
|
||
3182000
|
heap
|
page read and write
|
||
2073BE02000
|
trusted library allocation
|
page read and write
|
||
265A59FC000
|
heap
|
page read and write
|
||
3743000
|
heap
|
page read and write
|
||
1BD2477D000
|
heap
|
page read and write
|
||
379A000
|
heap
|
page read and write
|
||
2A33000
|
heap
|
page read and write
|
||
1B6A1CFE000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
1B69C256000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
1B697677000
|
heap
|
page read and write
|
||
3742000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
36A1000
|
heap
|
page read and write
|
||
1B6A1CFB000
|
heap
|
page read and write
|
||
2FE9000
|
heap
|
page read and write
|
||
369F000
|
heap
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
1BD24716000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
2AAB000
|
heap
|
page read and write
|
||
1BD23E5D000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
1B69765B000
|
heap
|
page read and write
|
||
1BD2478E000
|
heap
|
page read and write
|
||
3020000
|
heap
|
page read and write
|
||
6FC6B7B000
|
stack
|
page read and write
|
||
9613DFC000
|
stack
|
page read and write
|
||
1B69C302000
|
heap
|
page read and write
|
||
1EDDDC49000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
265A59FC000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
1A35E441000
|
heap
|
page read and write
|
||
1B6A1CF8000
|
heap
|
page read and write
|
||
1B69C229000
|
heap
|
page read and write
|
||
1B6A1D02000
|
heap
|
page read and write
|
||
2AAB000
|
heap
|
page read and write
|
||
3260000
|
trusted library allocation
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
1BD2479E000
|
heap
|
page read and write
|
||
1B69763C000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
3827000
|
heap
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
3001000
|
heap
|
page read and write
|
||
1D0487F000
|
stack
|
page read and write
|
||
1BD23EC7000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
369F000
|
heap
|
page read and write
|
||
265A5B99000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
3010000
|
heap
|
page read and write
|
||
1BD23EF6000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
1B697613000
|
heap
|
page read and write
|
||
381A000
|
heap
|
page read and write
|
||
375B000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
37AA000
|
heap
|
page read and write
|
||
1BD23ED4000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3794000
|
heap
|
page read and write
|
||
1BD23E5B000
|
heap
|
page read and write
|
||
D7E000
|
heap
|
page read and write
|
||
2A51000
|
heap
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
D7A000
|
heap
|
page read and write
|
||
C4D000
|
heap
|
page read and write
|
||
1BD2478D000
|
heap
|
page read and write
|
||
DE7000
|
heap
|
page read and write
|
||
30C8000
|
heap
|
page read and write
|
||
1A35E447000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3752000
|
heap
|
page read and write
|
||
19DCEC57000
|
heap
|
page read and write
|
||
3132000
|
heap
|
page read and write
|
||
2746D265000
|
heap
|
page read and write
|
||
30BB000
|
heap
|
page read and write
|
||
1B6A1A50000
|
trusted library allocation
|
page read and write
|
||
1DC0BC10000
|
heap
|
page read and write
|
||
3744000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1BD23E60000
|
heap
|
page read and write
|
||
1B6A1C3D000
|
heap
|
page read and write
|
||
1DC0BBF6000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
1BD23EAB000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
C55000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
37AF000
|
heap
|
page read and write
|
||
2746D26F000
|
heap
|
page read and write
|
||
37B2000
|
heap
|
page read and write
|
||
37A3000
|
heap
|
page read and write
|
||
3814000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
9F8D1FF000
|
stack
|
page read and write
|
||
D228A7C000
|
stack
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
37AD000
|
heap
|
page read and write
|
||
3690000
|
heap
|
page read and write
|
||
2A16000
|
heap
|
page read and write
|
||
1BD23EE8000
|
heap
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
9613AFE000
|
stack
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
2A37000
|
heap
|
page read and write
|
||
9613CFC000
|
stack
|
page read and write
|
||
A3567E000
|
stack
|
page read and write
|
||
1BD24779000
|
heap
|
page read and write
|
||
377A000
|
heap
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
1BD2477B000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
D6A000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
2FF5000
|
heap
|
page read and write
|
||
BD093FE000
|
stack
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
2F90000
|
heap
|
page read and write
|
||
CCC000
|
heap
|
page read and write
|
||
2A39000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
37A5000
|
heap
|
page read and write
|
||
3804000
|
heap
|
page read and write
|
||
D2287FB000
|
stack
|
page read and write
|
||
1BD245B0000
|
trusted library allocation
|
page read and write
|
||
2A5D000
|
heap
|
page read and write
|
||
9F8C97B000
|
stack
|
page read and write
|
||
C49000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
3687000
|
heap
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
1EDDDC89000
|
heap
|
page read and write
|
||
1B6A1C8D000
|
heap
|
page read and write
|
||
1BD247A0000
|
heap
|
page read and write
|
||
37BE000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2FF8000
|
heap
|
page read and write
|
||
2073A449000
|
heap
|
page read and write
|
||
D7A000
|
heap
|
page read and write
|
||
1B6A1CF2000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
1B6A1CD3000
|
heap
|
page read and write
|
||
30C5000
|
heap
|
page read and write
|
||
1BD247A0000
|
heap
|
page read and write
|
||
379E000
|
heap
|
page read and write
|
||
C55000
|
heap
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
1DC0BAD0000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
2A51000
|
heap
|
page read and write
|
||
37B5000
|
heap
|
page read and write
|
||
318E000
|
heap
|
page read and write
|
||
1BD2478E000
|
heap
|
page read and write
|
||
B1242FE000
|
stack
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2073BDB0000
|
trusted library allocation
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
3902000
|
heap
|
page read and write
|
||
D228F7E000
|
stack
|
page read and write
|
||
1B6A1D04000
|
heap
|
page read and write
|
||
3694000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
2A4B000
|
heap
|
page read and write
|
||
1DE85570000
|
heap
|
page read and write
|
||
C48000
|
heap
|
page read and write
|
||
1F12443C000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
7D0000
|
unkown
|
page readonly
|
||
265A6900000
|
trusted library allocation
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
2A11000
|
heap
|
page read and write
|
||
265A68D0000
|
trusted library allocation
|
page read and write
|
||
37E7000
|
heap
|
page read and write
|
||
3788000
|
heap
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
9F8CB7B000
|
stack
|
page read and write
|
||
3788000
|
heap
|
page read and write
|
||
3757000
|
heap
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
1B69CD18000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
1DC0BBF6000
|
heap
|
page read and write
|
||
1DC0BC06000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1B69765C000
|
heap
|
page read and write
|
||
961367B000
|
stack
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
1F12445E000
|
heap
|
page read and write
|
||
9F8CFFA000
|
stack
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
1BD2479C000
|
heap
|
page read and write
|
||
37BB000
|
heap
|
page read and write
|
||
1EDDDC4D000
|
heap
|
page read and write
|
||
3742000
|
heap
|
page read and write
|
||
30B7000
|
heap
|
page read and write
|
||
2FF5000
|
heap
|
page read and write
|
||
3680000
|
heap
|
page read and write
|
||
DEE000
|
heap
|
page read and write
|
||
B123DFE000
|
stack
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
2FFA000
|
heap
|
page read and write
|
||
C7D000
|
heap
|
page read and write
|
||
3756000
|
heap
|
page read and write
|
||
3185000
|
heap
|
page read and write
|
||
3187000
|
heap
|
page read and write
|
||
3187000
|
heap
|
page read and write
|
||
C8A000
|
heap
|
page read and write
|
||
366C000
|
heap
|
page read and write
|
||
37D7000
|
heap
|
page read and write
|
||
2073A44A000
|
heap
|
page read and write
|
||
1EDDDB60000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
2A40000
|
heap
|
page read and write
|
||
1B697666000
|
heap
|
page read and write
|
||
30CA000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
3183000
|
heap
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
1D04A7E000
|
stack
|
page read and write
|
||
1DE85EA0000
|
remote allocation
|
page read and write
|
||
1B69C28A000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
2FF6000
|
heap
|
page read and write
|
||
2A34000
|
heap
|
page read and write
|
||
DE7000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
376D000
|
heap
|
page read and write
|
||
1A35E466000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
459C8F7000
|
stack
|
page read and write
|
||
2A15000
|
heap
|
page read and write
|
||
1B69CC15000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
1BD24777000
|
heap
|
page read and write
|
||
2FFE000
|
heap
|
page read and write
|
||
D77000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
1DBE6FC000
|
stack
|
page read and write
|
||
19DCEC64000
|
heap
|
page read and write
|
||
1BD24C02000
|
heap
|
page read and write
|
||
2FF3000
|
heap
|
page read and write
|
||
2AB4000
|
heap
|
page read and write
|
||
1F124502000
|
heap
|
page read and write
|
||
1B69CD00000
|
heap
|
page read and write
|
||
2F92000
|
heap
|
page read and write
|
||
1B697602000
|
heap
|
page read and write
|
||
1BD24775000
|
heap
|
page read and write
|
||
318A000
|
heap
|
page read and write
|
||
19DCED02000
|
heap
|
page read and write
|
||
19DCEC02000
|
heap
|
page read and write
|
||
30B0000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1BD24791000
|
heap
|
page read and write
|
||
459C5F7000
|
stack
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
1A35E44F000
|
heap
|
page read and write
|
||
3340000
|
trusted library allocation
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2F9A000
|
heap
|
page read and write
|
||
3A80000
|
heap
|
page read and write
|
||
A3547B000
|
stack
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1DC0BB50000
|
heap
|
page read and write
|
||
3816000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
369F000
|
heap
|
page read and write
|
||
2073A402000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
9613EFF000
|
stack
|
page read and write
|
||
1DC0BC07000
|
heap
|
page read and write
|
||
367E000
|
heap
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
37DA000
|
heap
|
page read and write
|
||
D67000
|
heap
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
1A35E445000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
265A59E0000
|
heap
|
page read and write
|
||
2FAB000
|
heap
|
page read and write
|
||
96139FF000
|
stack
|
page read and write
|
||
2073A502000
|
heap
|
page read and write
|
||
37DD000
|
heap
|
page read and write
|
||
376F000
|
heap
|
page read and write
|
||
D64000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
3750000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
265A68F0000
|
trusted library allocation
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
265A5B20000
|
trusted library allocation
|
page read and write
|
||
1B6974E0000
|
heap
|
page read and write
|
||
1B69C120000
|
heap
|
page read and write
|
||
2A5E000
|
heap
|
page read and write
|
||
1EDDDC65000
|
heap
|
page read and write
|
||
2AA0000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
1BD24700000
|
heap
|
page read and write
|
||
37E6000
|
heap
|
page read and write
|
||
A3577E000
|
stack
|
page read and write
|
||
2A40000
|
heap
|
page read and write
|
||
C2B000
|
heap
|
page read and write
|
||
390A000
|
heap
|
page read and write
|
||
1BD23EB5000
|
heap
|
page read and write
|
||
1BD23E68000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
3760000
|
heap
|
page read and write
|
||
3675000
|
heap
|
page read and write
|
||
2FFB000
|
heap
|
page read and write
|
||
1B697702000
|
heap
|
page read and write
|
||
3137000
|
heap
|
page read and write
|
||
D60000
|
heap
|
page read and write
|
||
2FA5000
|
heap
|
page read and write
|
||
B22BB7C000
|
stack
|
page read and write
|
||
1B6A1810000
|
trusted library allocation
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
4AA95FB000
|
stack
|
page read and write
|
||
1EDDDC29000
|
heap
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
3816000
|
heap
|
page read and write
|
||
2A55000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
C7B000
|
heap
|
page read and write
|
||
3762000
|
heap
|
page read and write
|
||
19DCEC00000
|
heap
|
page read and write
|
||
3810000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
2073A47F000
|
heap
|
page read and write
|
||
3761000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2746D070000
|
heap
|
page read and write
|
||
1B69D410000
|
trusted library section
|
page readonly
|
||
1B6A1C4A000
|
heap
|
page read and write
|
||
1BD24775000
|
heap
|
page read and write
|
||
C9E000
|
heap
|
page read and write
|
||
390E000
|
heap
|
page read and write
|
||
3005000
|
heap
|
page read and write
|
||
1B6A1C60000
|
heap
|
page read and write
|
||
2A39000
|
heap
|
page read and write
|
||
3003000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
1B69C268000
|
heap
|
page read and write
|
||
30D4000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
1B69765E000
|
heap
|
page read and write
|
||
C81000
|
heap
|
page read and write
|
||
D22907E000
|
stack
|
page read and write
|
||
1BD24C03000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
2A46000
|
heap
|
page read and write
|
||
3752000
|
heap
|
page read and write
|
||
1B69C2FA000
|
heap
|
page read and write
|
||
1B6A1C00000
|
heap
|
page read and write
|
||
375B000
|
heap
|
page read and write
|
||
30B7000
|
heap
|
page read and write
|
||
1BD24774000
|
heap
|
page read and write
|
||
313E000
|
heap
|
page read and write
|
||
CB7000
|
heap
|
page read and write
|
||
C51000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
9F8CEFF000
|
stack
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
377F000
|
heap
|
page read and write
|
||
375D000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
BD08EDC000
|
stack
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
3784000
|
heap
|
page read and write
|
||
1BD23F02000
|
heap
|
page read and write
|
||
2686FB00000
|
heap
|
page read and write
|
||
3005000
|
heap
|
page read and write
|
||
1F1243E0000
|
trusted library allocation
|
page read and write
|
||
3750000
|
heap
|
page read and write
|
||
DEE000
|
heap
|
page read and write
|
||
C51000
|
heap
|
page read and write
|
||
2746D202000
|
heap
|
page read and write
|
||
1EDDDC4E000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1B69CC02000
|
heap
|
page read and write
|
||
2F9A000
|
heap
|
page read and write
|
||
375D000
|
heap
|
page read and write
|
||
31A5000
|
heap
|
page read and write
|
||
3795000
|
heap
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
2A42000
|
heap
|
page read and write
|
||
1BD24775000
|
heap
|
page read and write
|
||
37BA000
|
heap
|
page read and write
|
||
1B697470000
|
heap
|
page read and write
|
||
375C000
|
heap
|
page read and write
|
||
2686F2CE000
|
heap
|
page read and write
|
||
D6B000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
C4E000
|
heap
|
page read and write
|
||
37BA000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
381E000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2A44000
|
heap
|
page read and write
|
||
1A35E43D000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
1A35E469000
|
heap
|
page read and write
|
||
30CC000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
7F0000
|
remote allocation
|
page read and write
|
||
1B69C254000
|
heap
|
page read and write
|
||
4AA94FB000
|
stack
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
D6A000
|
heap
|
page read and write
|
||
2A1C000
|
heap
|
page read and write
|
||
2A13000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
459C97F000
|
unkown
|
page read and write
|
||
3678000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
374A000
|
heap
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
2A5E000
|
heap
|
page read and write
|
||
3761000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
1BD24776000
|
heap
|
page read and write
|
||
DEA000
|
heap
|
page read and write
|
||
31A7000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
1DC0BC10000
|
heap
|
page read and write
|
||
1B6A192E000
|
trusted library allocation
|
page read and write
|
||
CB7000
|
heap
|
page read and write
|
||
3684000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
1A35E440000
|
heap
|
page read and write
|
||
381A000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
2746D313000
|
heap
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
2A4C000
|
heap
|
page read and write
|
||
2A45000
|
heap
|
page read and write
|
||
2A1C000
|
heap
|
page read and write
|
||
C7B000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
3672000
|
heap
|
page read and write
|
||
31A0000
|
heap
|
page read and write
|
||
3825000
|
heap
|
page read and write
|
||
3900000
|
heap
|
page read and write
|
||
C8C000
|
heap
|
page read and write
|
||
1B6A1A30000
|
trusted library allocation
|
page read and write
|
||
37EB000
|
heap
|
page read and write
|
||
37B2000
|
heap
|
page read and write
|
||
2A3B000
|
heap
|
page read and write
|
||
3A91000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
265A59DC000
|
heap
|
page read and write
|
||
2746DA02000
|
trusted library allocation
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
30D5000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
D6E000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
3740000
|
heap
|
page read and write
|
||
3763000
|
heap
|
page read and write
|
||
1B69D100000
|
trusted library allocation
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
2746D241000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
377F000
|
heap
|
page read and write
|
||
3747000
|
heap
|
page read and write
|
||
1BD247A0000
|
heap
|
page read and write
|
||
2746D080000
|
heap
|
page read and write
|
||
1A35E44A000
|
heap
|
page read and write
|
||
1B69CD59000
|
heap
|
page read and write
|
||
B22BC7B000
|
stack
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
3668000
|
heap
|
page read and write
|
||
3694000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3771000
|
heap
|
page read and write
|
||
3816000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
9F8CC7F000
|
stack
|
page read and write
|
||
2FE8000
|
heap
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
C7B000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
2A3A000
|
heap
|
page read and write
|
||
3003000
|
heap
|
page read and write
|
||
DE4000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
1B6A1C1E000
|
heap
|
page read and write
|
||
300A000
|
heap
|
page read and write
|
||
3781000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
1D04B7F000
|
stack
|
page read and write
|
||
1BD24799000
|
heap
|
page read and write
|
||
3674000
|
heap
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
1B69CBF0000
|
trusted library allocation
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
C2C000
|
heap
|
page read and write
|
||
1B6A1CD5000
|
heap
|
page read and write
|
||
19DCEC49000
|
heap
|
page read and write
|
||
1BD24791000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
2F9A000
|
heap
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
37B8000
|
heap
|
page read and write
|
||
B22BD77000
|
stack
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
37DA000
|
heap
|
page read and write
|
||
1EDDDC4C000
|
heap
|
page read and write
|
||
37F5000
|
heap
|
page read and write
|
||
3B80000
|
trusted library allocation
|
page read and write
|
||
1B69D2E0000
|
trusted library allocation
|
page read and write
|
||
3182000
|
heap
|
page read and write
|
||
1B6A1C53000
|
heap
|
page read and write
|
||
1B697700000
|
heap
|
page read and write
|
||
1BD2475D000
|
heap
|
page read and write
|
||
30E0000
|
trusted library allocation
|
page read and write
|
||
1F124413000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
265A59FD000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
C28000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
37A0000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
301F000
|
heap
|
page read and write
|
||
2A49000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
2A9F000
|
heap
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
265A5AB0000
|
heap
|
page read and write
|
||
367B000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
1DC0BB30000
|
heap
|
page read and write
|
||
C1B000
|
heap
|
page read and write
|
||
376B000
|
heap
|
page read and write
|
||
374F000
|
heap
|
page read and write
|
||
378B000
|
heap
|
page read and write
|
||
37B4000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
C9F000
|
heap
|
page read and write
|
||
1A35E442000
|
heap
|
page read and write
|
||
1F124461000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
32A0000
|
trusted library allocation
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
3748000
|
heap
|
page read and write
|
||
2686FA02000
|
heap
|
page read and write
|
||
1BD2478E000
|
heap
|
page read and write
|
||
367E000
|
heap
|
page read and write
|
||
2FA7000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
1F124451000
|
heap
|
page read and write
|
||
3014000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
3830000
|
trusted library allocation
|
page read and write
|
||
1B69CD59000
|
heap
|
page read and write
|
||
1B6A1A40000
|
trusted library allocation
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
2A5D000
|
heap
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
459C3FB000
|
stack
|
page read and write
|
||
39F0000
|
trusted library allocation
|
page read and write
|
||
6FC66FC000
|
stack
|
page read and write
|
||
318A000
|
heap
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
2FA7000
|
heap
|
page read and write
|
||
3745000
|
heap
|
page read and write
|
||
2A41000
|
heap
|
page read and write
|
||
2A4E000
|
heap
|
page read and write
|
||
367D000
|
heap
|
page read and write
|
||
2A1D000
|
heap
|
page read and write
|
||
1F124508000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
376D000
|
heap
|
page read and write
|
||
3023000
|
heap
|
page read and write
|
||
265A68E0000
|
heap
|
page readonly
|
||
1BD24790000
|
heap
|
page read and write
|
||
1F124429000
|
heap
|
page read and write
|
||
3787000
|
heap
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
1BD24784000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1DE85640000
|
heap
|
page read and write
|
||
2746D25B000
|
heap
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
37C2000
|
heap
|
page read and write
|
||
C88000
|
heap
|
page read and write
|
||
3660000
|
heap
|
page read and write
|
||
3748000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
BD09479000
|
stack
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
374C000
|
heap
|
page read and write
|
||
374E000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
265A5840000
|
heap
|
page read and write
|
||
1B6A1A90000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
379B000
|
heap
|
page read and write
|
||
367E000
|
heap
|
page read and write
|
||
272E000
|
stack
|
page read and write
|
||
2FA0000
|
heap
|
page read and write
|
||
2686F229000
|
heap
|
page read and write
|
||
3764000
|
heap
|
page read and write
|
||
1B6A1CA4000
|
heap
|
page read and write
|
||
B22BDFF000
|
stack
|
page read and write
|
||
3748000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
D2283AC000
|
stack
|
page read and write
|
||
2A52000
|
heap
|
page read and write
|
||
1EDDDC67000
|
heap
|
page read and write
|
||
1F124E02000
|
trusted library allocation
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
37B7000
|
heap
|
page read and write
|
||
2A43000
|
heap
|
page read and write
|
||
9F8D07F000
|
stack
|
page read and write
|
||
2FF4000
|
heap
|
page read and write
|
||
375B000
|
heap
|
page read and write
|
||
382A000
|
heap
|
page read and write
|
||
2A4A000
|
heap
|
page read and write
|
||
3B80000
|
trusted library allocation
|
page read and write
|
||
3827000
|
heap
|
page read and write
|
||
37C0000
|
trusted library allocation
|
page read and write
|
||
2FF6000
|
heap
|
page read and write
|
||
1BD24779000
|
heap
|
page read and write
|
||
3762000
|
heap
|
page read and write
|
||
C84000
|
heap
|
page read and write
|
||
3680000
|
heap
|
page read and write
|
||
2073A518000
|
heap
|
page read and write
|
||
C7B000
|
heap
|
page read and write
|
||
C86000
|
heap
|
page read and write
|
||
1BD23F16000
|
heap
|
page read and write
|
||
C82000
|
heap
|
page read and write
|
||
C80000
|
heap
|
page read and write
|
||
37E2000
|
heap
|
page read and write
|
||
37C9000
|
heap
|
page read and write
|
||
459C27D000
|
stack
|
page read and write
|
||
1B697713000
|
heap
|
page read and write
|
||
2FF2000
|
heap
|
page read and write
|
||
BF2000
|
heap
|
page read and write
|
||
2FFF000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
1A35E476000
|
heap
|
page read and write
|
||
C43000
|
heap
|
page read and write
|
||
19DCED13000
|
heap
|
page read and write
|
||
3667000
|
heap
|
page read and write
|
||
2FEC000
|
heap
|
page read and write
|
||
1EDDDD08000
|
heap
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
3793000
|
heap
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
2A55000
|
heap
|
page read and write
|
||
3670000
|
heap
|
page read and write
|
||
2FE8000
|
heap
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
1BD23E54000
|
heap
|
page read and write
|
||
E663FE000
|
stack
|
page read and write
|
||
3905000
|
heap
|
page read and write
|
||
19DCEBA0000
|
trusted library allocation
|
page read and write
|
||
3021000
|
heap
|
page read and write
|
||
1DC0BC1F000
|
heap
|
page read and write
|
||
2A35000
|
heap
|
page read and write
|
||
1BD23E6A000
|
heap
|
page read and write
|
||
3673000
|
heap
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
CB7000
|
heap
|
page read and write
|
||
961387C000
|
stack
|
page read and write
|
||
2A50000
|
heap
|
page read and write
|
||
1B6A1BA0000
|
trusted library allocation
|
page read and write
|
||
1B69CC00000
|
heap
|
page read and write
|
||
3768000
|
heap
|
page read and write
|
||
30D2000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
459C6FF000
|
stack
|
page read and write
|
||
37CB000
|
heap
|
page read and write
|
||
28B0000
|
trusted library allocation
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
3007000
|
heap
|
page read and write
|
||
1D0497E000
|
stack
|
page read and write
|
||
3660000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
heap
|
page read and write
|
||
37B6000
|
heap
|
page read and write
|
||
3012000
|
heap
|
page read and write
|
||
30CB000
|
heap
|
page read and write
|
||
2A53000
|
heap
|
page read and write
|
||
3A80000
|
trusted library allocation
|
page read and write
|
||
1DC0BC03000
|
heap
|
page read and write
|
||
1BD247BC000
|
heap
|
page read and write
|
||
3910000
|
trusted library allocation
|
page read and write
|
||
300A000
|
heap
|
page read and write
|
||
2686F0B0000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
38A0000
|
trusted library allocation
|
page read and write
|
||
D6E000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
37D5000
|
heap
|
page read and write
|
||
1BD24790000
|
heap
|
page read and write
|
||
DC0000
|
heap
|
page read and write
|
||
19DCEB70000
|
heap
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
3810000
|
heap
|
page read and write
|
||
DE3000
|
heap
|
page read and write
|
||
37A4000
|
heap
|
page read and write
|
||
27A9000
|
stack
|
page read and write
|
||
6FC697F000
|
stack
|
page read and write
|
||
376A000
|
heap
|
page read and write
|
||
3673000
|
heap
|
page read and write
|
||
19DCEC79000
|
heap
|
page read and write
|
There are 2103 hidden memdumps, click here to show them.
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
|