IOC Report
Invoice#0036473 .xlsx

loading gif

Files

File Path
Type
Category
Malicious
Invoice#0036473 .xlsx
Microsoft Excel 2007+
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\index[1].htm
HTML document, UTF-8 Unicode text, with CRLF line terminators
downloaded
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\index[1].htm
HTML document, UTF-8 Unicode text, with CRLF line terminators
downloaded
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\1aa1e2ae-a008-48f2-9a00-950f13de6f16.tmp
SysEx File -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\25f44532-3c2e-40b6-b226-70d49123bf36.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\426d4312-aea0-4881-af65-3e2d056b80e7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\645b6acd-32ef-46c5-b04e-45becdcbdc09.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\7ba9cb53-984a-4699-8353-58f189a93a72.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\81c675b7-7c7a-479c-ac72-9efc226a8ad9.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\8a1a20b3-f5e6-4fe3-9a63-ad9192746343.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\95b1abdd-d52f-4cbc-b086-3ae19d1e8029.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2bb8be48-7e72-4290-bb6b-6ab5f3a98207.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4071c3c0-9bab-4e09-96cb-097a690243fb.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\71b843c2-4b70-4ce2-95c8-13f810853f15.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\85ab7ce1-3258-4e9b-a0e3-3e50db926871.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\93422060-12de-434b-bf87-254d0ffca119.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\962ced69-1c12-40da-8cbb-f3f48e7b42c7.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\6e83c16a-0f9f-4ba7-9421-b3a33db95024.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7e11f068-5877-44c9-9e16-a0421d08125b.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c78cfa55-e1b4-4010-b1c1-a509d5123b73.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d9b6f731-7f0c-4e5e-a34d-e1509d6c291d.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dd213049-8a25-4006-9a0f-1b60de69be5e.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e087d5d6-61a6-4968-a1d6-b478e27ef5d7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f52ec09a-4950-4b99-81cc-a00db2867efe.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\GrShaderCache\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\c31c0479-e4e4-4ded-825b-2ae50e1d6e8d.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\e8b91c13-687e-4a5b-90e8-7c0373992032.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\ec3a40c3-1400-4f01-815d-b48d30faaa73.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\231C2286-1237-4321-A2E6-258BBA83D8CD
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\1A5C2F1B.tmp
Composite Document File V2 Document, Cannot read section info
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\FBE12F02.png
PNG image data, 1140 x 1281, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
C:\Users\user\AppData\Local\Temp\1828_1378596767\manifest.fingerprint
ASCII text, with no line terminators
modified
C:\Users\user\AppData\Local\Temp\1828_1378596767\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\1828_877695470\Recovery.crx3
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\1828_877695470\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1828_877695470\manifest.fingerprint
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1828_877695470\manifest.json
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\3a6ddb19-0e1b-45fc-b970-e7ff4e6406ca.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\cfba26a0-2d5f-46ad-b890-a1b6725a941d.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1828_1251794979\cfba26a0-2d5f-46ad-b890-a1b6725a941d.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\~DF3005FED378034CC9.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Users\user\AppData\Local\Temp\~DF82F1E915A6B871DD.TMP
data
dropped
C:\Users\user\Desktop\~$Invoice#0036473 .xlsx
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\0f9da6dd-02d1-4716-bb65-0ecc794f8349.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\24bfe171-efe7-4072-8cd7-5dd0ecaef267.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\26d44847-f29b-44b4-83c5-a4e6cc440bf9.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\31067a2a-5ce7-4ec9-98cd-89c86b9b1309.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\3a1d6b1f-342a-4802-8123-4b45d21f9eab.tmp
PGP symmetric key encrypted data - Plaintext or unencrypted data salted -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\51a627a5-22fb-4a4b-9790-73b801998960.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\51b2f774-2252-48f6-923d-fd7fac7b6110.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\8658dadd-071f-4fed-a194-d19faaa6b86c.tmp
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\055edf99-becc-45c4-be14-4dc525a5432e.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0a6c3045-da8d-47a3-8153-9afce256711f.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0eb7fe35-30bc-48b6-8257-0982ee1a4890.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1f2324ab-adab-45fc-a3ab-9367bc32878e.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2277d4eb-77ab-4279-9966-ee1e49db086b.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\262f10db-b419-4f57-98ae-ce9fa3a50196.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\61c8e5c5-f16b-4c38-9921-56f055e52cd4.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index
ISO-8859 text, with no line terminators, with escape sequences
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index
ISO-8859 text, with no line terminators, with escape sequences
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Code Cache\wasm\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_2
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_3
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\index
FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\MANIFEST-000001
PGP\011Secret Key -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\MANIFEST-000001
PGP\011Secret Key -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\MANIFEST-000001
PGP\011Secret Key -
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\dbf751fd-7169-44d5-bc18-7d3260ccc2c2.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ae88f5b9-6052-479d-9cbb-f68142e85df6.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c30600a5-0365-44d0-9fe1-ffaca26edf6a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d3ab0dfa-11f4-433d-9005-94d12dd095d7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000008.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e0720955-3d9c-4af0-bd4a-8510afe9a7c7.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ef55ff91-ca42-48c2-8615-538469a3af8b.tmp
ASCII text, with very long lines, with no line terminators
modified
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\ab0bf9f2-309c-4bce-bd9c-e4ac34748242.tmp
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Google\Chrome\User Data\b4fa85b6-444c-425f-a911-93b415a035a5.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8B3464B5.png
PNG image data, 1140 x 1281, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\24CF.tmp
Composite Document File V2 Document, Cannot read section info
dropped
C:\Users\user\AppData\Local\Temp\55b2e026-228a-40a5-8bfd-0bdbd2ce629e.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\5b406153-e928-4185-97db-235773365636.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\5b406153-e928-4185-97db-235773365636.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1212_480453973\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\~DF600634D9D62A1024.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Users\user\AppData\Local\Temp\~DFBA9233580D836EA0.TMP
data
dropped
There are 225 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
"C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE" /automation -Embedding
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1572,2584016860965793630,9285400582768245070,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation -- "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1492,14547596045636120040,8967704105705094900,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
 malicious
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
 malicious
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1008,1868451693323365442,12850068766914001285,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1468 /prefetch:8
malicious
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation -- "https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
 malicious
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=980,3874853447565799984,15077386689876222862,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1380 /prefetch:8
malicious
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/images/office3651.png
69.49.244.155
 malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/images/gmail.png
69.49.244.155
 malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html2
unknown
 malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
69.49.244.155
 malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/css/hover.css
69.49.244.155
 malicious
https://shell.suite.office.com:1443
unknown
https://autodiscover-s.outlook.com/
unknown
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
unknown
https://cdn.entity.
unknown
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
unknown
https://rpsticket.partnerservices.getmicrosoftkey.com
unknown
https://lookup.onenote.com/lookup/geolocation/v1
unknown
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
unknown
https://api.aadrm.com/
unknown
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
unknown
https://api.microsoftstream.com/api/
unknown
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
unknown
https://cr.office.com
unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207
https://kit.fontawesome.com/585b051251.js
unknown
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
https://res.getmicrosoftkey.com/api/redemptionevents
unknown
https://tasks.office.com
unknown
https://officeci.azurewebsites.net/api/
unknown
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
https://store.office.cn/addinstemplate
unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.251.36.238
https://messaging.engagement.office.com/
unknown
https://payments.google.com/payments/v4/js/integrator.js
unknown
https://lh3.googleusercontent.com
unknown
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
http://www.w3.or
unknown
https://www.odwebp.svc.ms
unknown
https://api.powerbi.com/v1.0/myorg/groups
unknown
https://web.microsoftstream.com/video/
unknown
https://api.addins.store.officeppe.com/addinstemplate
unknown
https://graph.windows.net
unknown
https://www.google.com/images/dot2.gif
unknown
https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
unknown
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
unknown
https://ncus.contentsync.
unknown
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
unknown
http://weather.service.msn.com/data.aspx
unknown
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
unknown
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
unknown
https://wus2.contentsync.
unknown
https://clients.config.office.net/user/v1.0/ios
unknown
https://www.google.com/images/cleardot.gif
unknown
https://play.google.com
unknown
https://o365auditrealtimeingestion.manage.office.com
unknown
https://outlook.office365.com/api/v1.0/me/Activities
unknown
https://clients.config.office.net/user/v1.0/android/policies
unknown
https://entitlement.diagnostics.office.com
unknown
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
unknown
https://outlook.office.com/
unknown
https://accounts.google.com/MergeSession
unknown
https://storage.live.com/clientlogs/uploadlocation
unknown
https://substrate.office.com/search/api/v1/SearchHistory
unknown
http://www.w3.o
unknown
https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
unknown
https://graph.windows.net/
unknown
https://apis.google.com
unknown
https://devnull.onenote.com
unknown
http://schemas.microsoft.cA.
unknown
https://messaging.office.com/
unknown
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
unknown
https://skyapi.live.net/Activity/
unknown
https://www.google.com/intl/en-US/chrome/blank.html
unknown
https://api.cortana.ai
unknown
https://messaging.action.office.com/setcampaignaction
unknown
https://visio.uservoice.com/forums/368202-visio-on-devices
unknown
https://code.jquery.com/jquery-3.1.1.min.js
unknown
https://staging.cortana.ai
unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.251.36.205
https://onedrive.live.com/embed?
unknown
https://augloop.office.com
unknown
http://schemas.microsoft.
unknown
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
https://api.diagnosticssdf.office.com/v2/file
unknown
https://code.jquery.com/jquery-3.3.1.js
unknown
https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
unknown
https://api.diagnostics.office.com
unknown
https://store.office.de/addinstemplate
unknown
https://wus2.pagecontentsync.
unknown
https://api.powerbi.com/v1.0/myorg/datasets
unknown
https://cortana.ai/api
unknown
https://clients2.googleusercontent.com
unknown
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
unknown
https://clients2.google.com/service/update2/crx
unknown
https://api.diagnosticssdf.office.com
unknown
https://login.microsoftonline.com/
unknown
http://schemas.mic
unknown
https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
unknown
https://cdn.pixabay.com/photo/2018/03/10/12/00/paper-3213924_1280.jpg
172.64.150.12
https://roaming.edog.
unknown
https://api.addins.omex.office.net/appinfo/query
unknown
https://clients.config.office.net/user/v1.0/tenantassociationkey
unknown
https://powerlift.acompli.net
unknown
https://consent.google.com
unknown
https://ogs.google.com
unknown
http://www.gmail.com
unknown
https://adservice.google.com
unknown
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.11.207
https://lh3.googleusercontent.com/proxy/bATQDWurvLlY3z2KTwUlb1gMxwLZoCk7CvqzrLqN1JioLU4nXkElVj-rMrvN
unknown
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
https://www.google.com/images/x2.gif
unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
https://lh3.googleusercontent.com/proxy/bATQDWurvLlY3z2KTwUlb1gMxwLZoCk7CvqzrLqN1JioLU4nXkElVj-rMrvNZjuUXh3c1WhNOGX5_Cg18Wmltm3vvna-uZDqOkUISXU4XOYsUyt-4962tq2u0WiI358gef4ewWcVp0PA6YiTnICV2Cg7wLzdb0DlXw
172.217.16.161
https://www.google.com
unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.25.14
https://accounts.google.com
unknown
https://cdn.iconscout.com/icon/free/png-512/microsoft-sharepoint-3-599372.png
104.18.29.243
https://www.google.com/
unknown
https://www-googleapis-staging.sandbox.google.com
unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=84.0.4147.135&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.78
https://clients2.google.com
unknown
There are 109 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
eyecandylashcompany.com
69.49.244.155
 malicious
gstaticadssl.l.google.com
142.251.36.227
stackpath.bootstrapcdn.com
104.18.10.207
accounts.google.com
142.251.36.205
cdnjs.cloudflare.com
104.17.24.14
maxcdn.bootstrapcdn.com
104.18.10.207
clients.l.google.com
142.251.36.238
cdn.iconscout.com
104.18.28.243
cdn.pixabay.com
172.64.150.12
googlehosted.l.googleusercontent.com
172.217.16.161
clients2.google.com
unknown
ka-f.fontawesome.com
unknown
code.jquery.com
unknown
kit.fontawesome.com
unknown
lh3.googleusercontent.com
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
69.49.244.155
eyecandylashcompany.com
United States
malicious
104.17.24.14
cdnjs.cloudflare.com
United States
192.168.2.1
unknown
unknown
104.18.10.207
stackpath.bootstrapcdn.com
United States
142.251.36.205
accounts.google.com
United States
142.251.36.238
clients.l.google.com
United States
142.251.36.227
gstaticadssl.l.google.com
United States
239.255.255.250
unknown
Reserved
104.18.28.243
cdn.iconscout.com
United States
172.64.150.12
cdn.pixabay.com
United States
172.217.16.161
googlehosted.l.googleusercontent.com
United States
127.0.0.1
unknown
unknown
142.250.185.78
clients.l.google.com
United States
104.18.11.207
stackpath.bootstrapcdn.com
United States
104.18.29.243
cdn.iconscout.com
United States
192.168.2.255
unknown
unknown
104.17.25.14
cdnjs.cloudflare.com
United States
There are 7 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
p$:
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
$:
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
RemoteClearDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3
Last
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
FilePath
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
StartDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
EndDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
Properties
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
Url
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
LastClean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableWinHttpCertAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableIsOwnerRegex
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableSessionAwareHttpClose
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableADALForExtendedApps
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableADALSetSilentAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
msoridDisableGuestCredProvider
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
msoridDisableOstringReplace
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
LastBootTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
ReviewToken
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\2112D
2112D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
VBAFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
MSForms
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
MSComctlLib
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
"p:
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\35D16
35D16
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\37E0C
37E0C
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet
UseRWHlinkNavigation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General
FileFormatBallotBoxAppIDBootedOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
ProductFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-US
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-US
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
EXCELFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingConfigurableSettings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingLastSyncTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingLastWriteTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
LastBootTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents
LastPurgeTime
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
vf/
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
MTTT
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\67A2F
67A2F
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
4k/
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\742F9
742F9
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
LastPurgeTime
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\74DE2
74DE2
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet
UseRWHlinkNavigation
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
EXCELFiles
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-966771315-3019405637-367336477-1006
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
There are 146 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
3AB5000
heap
page read and write
3393000
heap
page read and write
3360000
trusted library allocation
page read and write
344F000
heap
page read and write
2EFC000
heap
page read and write
2688C000000
heap
page read and write
3A53000
heap
page read and write
21E0257F000
heap
page read and write
3A72000
heap
page read and write
334B000
heap
page read and write
2EFC000
heap
page read and write
1D022B45000
heap
page read and write
1A44A510000
heap
page read and write
21E02576000
heap
page read and write
3975000
heap
page read and write
79154FF000
stack
page read and write
BF0000
remote allocation
page read and write
3360000
heap
page read and write
3B10000
heap
page read and write
2D03000
heap
page read and write
2EF5000
heap
page read and write
83FEA7E000
stack
page read and write
21E02576000
heap
page read and write
2EB3000
heap
page read and write
3C20000
trusted library allocation
page read and write
1F17847A000
heap
page read and write
2688B340000
trusted library allocation
page read and write
268E57D000
stack
page read and write
340B000
heap
page read and write
342B000
heap
page read and write
3DB0000
trusted library allocation
page read and write
397D000
heap
page read and write
26885C71000
heap
page read and write
3A88000
heap
page read and write
1F178456000
heap
page read and write
342E000
heap
page read and write
337E000
heap
page read and write
3A63000
heap
page read and write
21E0257C000
heap
page read and write
26885CA1000
heap
page read and write
2688B244000
trusted library allocation
page read and write
2EAD000
heap
page read and write
21E02576000
heap
page read and write
2688B20E000
trusted library allocation
page read and write
3ABB000
heap
page read and write
101B000
heap
page read and write
FD0000
heap
page read and write
2EFA000
heap
page read and write
3503000
heap
page read and write
3960000
trusted library allocation
page read and write
1D022B50000
heap
page read and write
19220C29000
heap
page read and write
2E84000
heap
page read and write
104F000
heap
page read and write
FE7000
heap
page read and write
3B40000
trusted library allocation
page read and write
19220C66000
heap
page read and write
2EAD000
heap
page read and write
FE6000
heap
page read and write
338F000
heap
page read and write
21E02581000
heap
page read and write
2F15000
heap
page read and write
334A000
heap
page read and write
1E982089000
heap
page read and write
3A7F000
heap
page read and write
1F6AE648000
heap
page read and write
FFC000
heap
page read and write
3CB0000
trusted library allocation
page read and write
FEC000
heap
page read and write
2E95000
heap
page read and write
2E95000
heap
page read and write
21E0259C000
heap
page read and write
2F12000
heap
page read and write
2E57000
heap
page read and write
876597C000
stack
page read and write
3360000
trusted library allocation
page read and write
21E01CD4000
heap
page read and write
3360000
trusted library allocation
page read and write
2EA5000
heap
page read and write
3A52000
heap
page read and write
FBB000
heap
page read and write
3A67000
heap
page read and write
2E84000
heap
page read and write
3ABA000
heap
page read and write
3ADE000
heap
page read and write
268E47E000
stack
page read and write
39BA000
heap
page read and write
3384000
heap
page read and write
791517B000
stack
page read and write
E549B7B000
stack
page read and write
339F000
heap
page read and write
397D000
heap
page read and write
3360000
trusted library allocation
page read and write
1F6AE650000
heap
page read and write
FC8000
heap
page read and write
3CB1000
heap
page read and write
39BE000
heap
page read and write
1EBE07B000
stack
page read and write
36D0000
trusted library allocation
page read and write
2E72000
heap
page read and write
3AB7000
heap
page read and write
3ABB000
heap
page read and write
3974000
heap
page read and write
3960000
trusted library allocation
page read and write
21E0257C000
heap
page read and write
26BD9EA9000
heap
page read and write
3A66000
heap
page read and write
3A40000
trusted library allocation
page read and write
2688B4FB000
heap
page read and write
103B000
heap
page read and write
3978000
heap
page read and write
CAA1AFE000
stack
page read and write
399F000
heap
page read and write
3AAF000
heap
page read and write
3A42000
heap
page read and write
21E02576000
heap
page read and write
21E025A3000
heap
page read and write
ADB45FF000
stack
page read and write
2EBE000
heap
page read and write
FE7000
heap
page read and write
2F15000
heap
page read and write
2CD0000
heap
page read and write
26885CFD000
heap
page read and write
3987000
heap
page read and write
2EB3000
heap
page read and write
3343000
heap
page read and write
3770000
trusted library allocation
page read and write
343C000
heap
page read and write
3368000
heap
page read and write
3AB7000
heap
page read and write
2E9F000
heap
page read and write
ADB42FC000
stack
page read and write
2EB3000
heap
page read and write
21E02576000
heap
page read and write
21E0259A000
heap
page read and write
3A25000
heap
page read and write
2688B350000
trusted library allocation
page read and write
2EA6000
heap
page read and write
21E02A02000
heap
page read and write
272F4662000
heap
page read and write
2688B201000
trusted library allocation
page read and write
2E95000
heap
page read and write
352B000
heap
page read and write
1006000
heap
page read and write
87657FE000
stack
page read and write
334A000
heap
page read and write
7914A7B000
stack
page read and write
11D4000
heap
page read and write
3522000
heap
page read and write
2688B360000
trusted library allocation
page read and write
2EA3000
heap
page read and write
21E02A00000
heap
page read and write
2F06000
heap
page read and write
1D022DC5000
heap
page read and write
3A5A000
heap
page read and write
26886D10000
trusted library section
page readonly
39D2000
heap
page read and write
1A44A677000
heap
page read and write
21E02573000
heap
page read and write
26886CE0000
trusted library section
page readonly
3A40000
heap
page read and write
3487000
heap
page read and write
83FEC7E000
stack
page read and write
3967000
heap
page read and write
3B40000
trusted library allocation
page read and write
3437000
heap
page read and write
2D0E000
heap
page read and write
3A5D000
heap
page read and write
2E99000
heap
page read and write
1F178439000
heap
page read and write
26886CD0000
trusted library section
page readonly
3384000
heap
page read and write
26098200000
heap
page read and write
2CC0000
heap
page read and write
268E07C000
stack
page read and write
3987000
heap
page read and write
3974000
heap
page read and write
3AA1000
heap
page read and write
36D0000
trusted library allocation
page read and write
19220B10000
heap
page read and write
3A5B000
heap
page read and write
21E025B3000
heap
page read and write
3372000
heap
page read and write
876557E000
stack
page read and write
2EF5000
heap
page read and write
21E01C64000
heap
page read and write
3960000
trusted library allocation
page read and write
272F4702000
heap
page read and write
3440000
heap
page read and write
105B000
heap
page read and write
3982000
heap
page read and write
3A4F000
heap
page read and write
2E95000
heap
page read and write
BB0000
unkown
page readonly
2E84000
heap
page read and write
11D0000
heap
page read and write
3A5B000
heap
page read and write
1E982000000
heap
page read and write
3A51000
heap
page read and write
2EBE000
heap
page read and write
3A5B000
heap
page read and write
3460000
trusted library allocation
page read and write
8E22E8A000
stack
page read and write
21E02270000
remote allocation
page read and write
3A9B000
heap
page read and write
3360000
trusted library allocation
page read and write
1F178455000
heap
page read and write
3AB4000
heap
page read and write
3360000
trusted library allocation
page read and write
3B0C000
heap
page read and write
26BDAC30000
trusted library allocation
page read and write
2D00000
heap
page read and write
21E02576000
heap
page read and write
21E02573000
heap
page read and write
3347000
heap
page read and write
3A68000
heap
page read and write
FD0000
heap
page read and write
3974000
heap
page read and write
21E025A0000
heap
page read and write
3360000
heap
page read and write
2688B4FE000
heap
page read and write
1EBDBBE000
stack
page read and write
3AE2000
heap
page read and write
26885C56000
heap
page read and write
BF0000
remote allocation
page read and write
26BDA950000
trusted library allocation
page read and write
2CE3000
heap
page read and write
3360000
trusted library allocation
page read and write
3360000
trusted library allocation
page read and write
3A93000
heap
page read and write
FD9000
heap
page read and write
3991000
heap
page read and write
2E95000
heap
page read and write
11DE000
heap
page read and write
3973000
heap
page read and write
CAA0D1C000
stack
page read and write
21E02270000
remote allocation
page read and write
21E02A02000
heap
page read and write
21E02581000
heap
page read and write
2E95000
heap
page read and write
1F6AE63C000
heap
page read and write
2CD0000
heap
page read and write
21E0257B000
heap
page read and write
2D0A000
heap
page read and write
21E019E0000
heap
page read and write
3B45000
heap
page read and write
1059000
heap
page read and write
3B04000
heap
page read and write
FCF000
heap
page read and write
2688B230000
trusted library allocation
page read and write
268E1FE000
stack
page read and write
19220D13000
heap
page read and write
26BD9F07000
heap
page read and write
3A41000
heap
page read and write
21E02571000
heap
page read and write
3384000
heap
page read and write
3A6F000
heap
page read and write
2EBE000
heap
page read and write
2EFE000
heap
page read and write
2688B4A7000
heap
page read and write
3770000
trusted library allocation
page read and write
2D0A000
heap
page read and write
3DB0000
trusted library allocation
page read and write
2688B507000
heap
page read and write
2EBE000
heap
page read and write
FBB000
heap
page read and write
3337000
heap
page read and write
1D022B42000
heap
page read and write
21E01CF8000
heap
page read and write
3960000
trusted library allocation
page read and write
2EF8000
heap
page read and write
21E02577000
heap
page read and write
2688B4DF000
heap
page read and write
21E0259A000
heap
page read and write
3446000
heap
page read and write
2EA0000
heap
page read and write
3972000
heap
page read and write
3984000
heap
page read and write
21E02581000
heap
page read and write
396C000
heap
page read and write
3A68000
heap
page read and write
2D04000
heap
page read and write
337B000
heap
page read and write
39C7000
heap
page read and write
3AEB000
heap
page read and write
3A7A000
heap
page read and write
3344000
heap
page read and write
1035000
heap
page read and write
1031000
heap
page read and write
21E025B4000
heap
page read and write
FD0000
heap
page read and write
2EBE000
heap
page read and write
3974000
heap
page read and write
1E981FE0000
trusted library allocation
page read and write
3A94000
heap
page read and write
3A68000
heap
page read and write
3C20000
trusted library allocation
page read and write
2EB0000
heap
page read and write
1006000
heap
page read and write
3968000
heap
page read and write
3375000
heap
page read and write
1039000
heap
page read and write
26885C77000
heap
page read and write
2EA6000
heap
page read and write
340E000
heap
page read and write
2E62000
heap
page read and write
83FEE7E000
stack
page read and write
39C0000
heap
page read and write
3BA0000
trusted library allocation
page read and write
2EB3000
heap
page read and write
3A55000
heap
page read and write
2F0B000
heap
page read and write
79155FA000
stack
page read and write
7914D7A000
stack
page read and write
2688B370000
trusted library allocation
page read and write
2EF5000
heap
page read and write
1EBDF7B000
stack
page read and write
21E02576000
heap
page read and write
26886518000
heap
page read and write
3A5F000
heap
page read and write
2EA3000
heap
page read and write
3978000
heap
page read and write
21E02A02000
heap
page read and write
36D0000
trusted library allocation
page read and write
2688B50C000
heap
page read and write
3391000
heap
page read and write
3347000
heap
page read and write
3A84000
heap
page read and write
3960000
trusted library allocation
page read and write
19220C2D000
heap
page read and write
21E0254D000
heap
page read and write
396C000
heap
page read and write
ADB3F0D000
stack
page read and write
19220AB0000
heap
page read and write
39C8000
heap
page read and write
2688B200000
trusted library allocation
page read and write
2EB3000
heap
page read and write
26BD9E25000
heap
page read and write
3A64000
heap
page read and write
272F4713000
heap
page read and write
14161202000
heap
page read and write
3AE7000
heap
page read and write
268E17F000
stack
page read and write
3402000
heap
page read and write
3527000
heap
page read and write
3437000
heap
page read and write
2688B4DA000
heap
page read and write
3770000
trusted library allocation
page read and write
1019000
heap
page read and write
3A93000
heap
page read and write
26886500000
heap
page read and write
103D000
heap
page read and write
3975000
heap
page read and write
2E95000
heap
page read and write
2688B411000
heap
page read and write
2CC0000
heap
page read and write
3AB2000
heap
page read and write
1F178413000
heap
page read and write
36D0000
trusted library allocation
page read and write
398F000
heap
page read and write
272F4676000
heap
page read and write
397B000
heap
page read and write
3510000
trusted library allocation
page read and write
342B000
heap
page read and write
342F000
heap
page read and write
3A45000
heap
page read and write
21E02576000
heap
page read and write
3AD7000
heap
page read and write
3B4E000
heap
page read and write
2EA3000
heap
page read and write
3ADE000
heap
page read and write
3AC4000
heap
page read and write
21E025A8000
heap
page read and write
397D000
heap
page read and write
3AF7000
heap
page read and write
3DB0000
trusted library allocation
page read and write
2EFC000
heap
page read and write
3B40000
trusted library allocation
page read and write
3A5E000
heap
page read and write
FED000
heap
page read and write
3434000
heap
page read and write
3960000
trusted library allocation
page read and write
2688B4FB000
heap
page read and write
1F17845E000
heap
page read and write
2E72000
heap
page read and write
3AE0000
trusted library allocation
page read and write
3B16000
heap
page read and write
3AFB000
heap
page read and write
E54987B000
stack
page read and write
2EA0000
heap
page read and write
21E02576000
heap
page read and write
FFC000
heap
page read and write
348B000
heap
page read and write
2E95000
heap
page read and write
1F178C02000
trusted library allocation
page read and write
14161257000
heap
page read and write
3B47000
heap
page read and write
2C40000
trusted library allocation
page read and write
2CE7000
heap
page read and write
3AC7000
heap
page read and write
1037000
heap
page read and write
FBB000
heap
page read and write
26098A02000
trusted library allocation
page read and write
3968000
heap
page read and write
1F17847E000
heap
page read and write
104F000
heap
page read and write
2F0B000
heap
page read and write
3375000
heap
page read and write
352A000
heap
page read and write
3A6C000
heap
page read and write
1035000
heap
page read and write
1A44A629000
heap
page read and write
3372000
heap
page read and write
3ABA000
heap
page read and write
3387000
heap
page read and write
2E84000
heap
page read and write
3A60000
heap
page read and write
3A50000
heap
page read and write
336C000
heap
page read and write
11D5000
heap
page read and write
FE6000
heap
page read and write
21E01C5C000
heap
page read and write
3AEA000
heap
page read and write
1E981E10000
heap
page read and write
21E02576000
heap
page read and write
3A81000
heap
page read and write
2688B20B000
trusted library allocation
page read and write
1D022B20000
heap
page read and write
3342000
heap
page read and write
2EA6000
heap
page read and write
2EFA000
heap
page read and write
3AEA000
heap
page read and write
104F000
heap
page read and write
336C000
heap
page read and write
3446000
heap
page read and write
2C40000
trusted library allocation
page read and write
3DB0000
trusted library allocation
page read and write
3974000
heap
page read and write
1035000
heap
page read and write
3B40000
trusted library allocation
page read and write
333A000
heap
page read and write
3ADD000
heap
page read and write
1F178445000
heap
page read and write
3ADA000
heap
page read and write
2E7C000
heap
page read and write
3960000
trusted library allocation
page read and write
2CC0000
heap
page read and write
2CC0000
heap
page read and write
1031000
heap
page read and write
3368000
heap
page read and write
2EBE000
heap
page read and write
3A9B000
heap
page read and write
2D05000
heap
page read and write
FE7000
heap
page read and write
3978000
heap
page read and write
21E0257C000
heap
page read and write
3387000
heap
page read and write
3960000
trusted library allocation
page read and write
21E02573000
heap
page read and write
39BA000
heap
page read and write
1F178429000
heap
page read and write
2D07000
heap
page read and write
51C5D7E000
stack
page read and write
3A81000
heap
page read and write
102A000
heap
page read and write
2688B350000
trusted library allocation
page read and write
21E0257D000
heap
page read and write
3AE7000
heap
page read and write
399F000
heap
page read and write
21E02574000
heap
page read and write
2F08000
heap
page read and write
21E0259E000
heap
page read and write
1006000
heap
page read and write
FD0000
heap
page read and write
21E01CAB000
heap
page read and write
2EB0000
heap
page read and write
3A67000
heap
page read and write
11DE000
heap
page read and write
3423000
heap
page read and write
21E02581000
heap
page read and write
26098264000
heap
page read and write
340A000
heap
page read and write
397D000
heap
page read and write
11DE000
heap
page read and write
26886518000
heap
page read and write
2EFC000
heap
page read and write
2688B502000
heap
page read and write
2EA8000
heap
page read and write
260980E0000
heap
page read and write
26886D00000
trusted library section
page readonly
3387000
heap
page read and write
1D022B36000
heap
page read and write
3AE2000
heap
page read and write
3426000
heap
page read and write
3AE7000
heap
page read and write
11C0000
heap
page read and write
3967000
heap
page read and write
398C000
heap
page read and write
3428000
heap
page read and write
397B000
heap
page read and write
337B000
heap
page read and write
2E72000
heap
page read and write
3374000
heap
page read and write
26098225000
heap
page read and write
26BD9CC0000
trusted library allocation
page read and write
3B40000
trusted library allocation
page read and write
337B000
heap
page read and write
333A000
heap
page read and write
1A44A673000
heap
page read and write
2E99000
heap
page read and write
3ABF000
heap
page read and write
2EA3000
heap
page read and write
2688B360000
remote allocation
page read and write
FD0000
heap
page read and write
3395000
heap
page read and write
3CC1000
heap
page read and write
3A6F000
heap
page read and write
268E2FE000
stack
page read and write
2EFA000
heap
page read and write
26BD9E29000
heap
page read and write
11DB000
heap
page read and write
1F17846D000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3975000
heap
page read and write
1A44A5A0000
trusted library allocation
page read and write
21E02576000
heap
page read and write
26885C00000
heap
page read and write
3995000
heap
page read and write
3374000
heap
page read and write
2688B310000
trusted library allocation
page read and write
2EBE000
heap
page read and write
21E01C65000
heap
page read and write
397E000
heap
page read and write
FFA000
heap
page read and write
FBB000
heap
page read and write
3510000
trusted library allocation
page read and write
3A30000
heap
page read and write
3373000
heap
page read and write
FD8000
heap
page read and write
350A000
heap
page read and write
26098287000
heap
page read and write
2EA3000
heap
page read and write
3A2B000
heap
page read and write
21E01CEA000
heap
page read and write
1033000
heap
page read and write
2EF5000
heap
page read and write
2E71000
heap
page read and write
ADB46FE000
stack
page read and write
3A57000
heap
page read and write
3344000
heap
page read and write
3483000
heap
page read and write
2688B502000
heap
page read and write
2E95000
heap
page read and write
3B40000
trusted library allocation
page read and write
3A22000
heap
page read and write
3ADE000
heap
page read and write
39BB000
heap
page read and write
3A88000
heap
page read and write
1041000
heap
page read and write
2EA0000
heap
page read and write
3972000
heap
page read and write
3502000
heap
page read and write
26098170000
trusted library allocation
page read and write
3504000
heap
page read and write
26098229000
heap
page read and write
3368000
heap
page read and write
3460000
trusted library allocation
page read and write
3387000
heap
page read and write
2688B4F0000
heap
page read and write
3431000
heap
page read and write
3A74000
heap
page read and write
2D07000
heap
page read and write
2EA7000
heap
page read and write
3A70000
heap
page read and write
CAA117B000
stack
page read and write
FD9000
heap
page read and write
14161870000
remote allocation
page read and write
141611E0000
trusted library allocation
page read and write
21E02576000
heap
page read and write
3970000
heap
page read and write
2F01000
heap
page read and write
1A44A713000
heap
page read and write
21E02552000
heap
page read and write
3367000
heap
page read and write
104F000
heap
page read and write
11D7000
heap
page read and write
3507000
heap
page read and write
396C000
heap
page read and write
3A61000
heap
page read and write
1E9820CC000
heap
page read and write
3ABF000
heap
page read and write
342E000
heap
page read and write
3A4B000
heap
page read and write
2EAD000
heap
page read and write
21E02576000
heap
page read and write
FD0000
heap
page read and write
3372000
heap
page read and write
26885D26000
heap
page read and write
3407000
heap
page read and write
3ACB000
heap
page read and write
1031000
heap
page read and write
3A81000
heap
page read and write
1F6AEE02000
trusted library allocation
page read and write
2E62000
heap
page read and write
3360000
trusted library allocation
page read and write
3B4A000
heap
page read and write
272F4613000
heap
page read and write
397D000
heap
page read and write
1A44A602000
heap
page read and write
3967000
heap
page read and write
2EFF000
heap
page read and write
FBB000
heap
page read and write
36D0000
trusted library allocation
page read and write
3A8A000
heap
page read and write
2E84000
heap
page read and write
FE7000
heap
page read and write
337F000
heap
page read and write
2EBE000
heap
page read and write
272F465C000
heap
page read and write
26BD9F07000
heap
page read and write
103D000
heap
page read and write
3979000
heap
page read and write
3B40000
trusted library allocation
page read and write
3AE7000
heap
page read and write
21E02574000
heap
page read and write
1F17844F000
heap
page read and write
FED000
heap
page read and write
3500000
heap
page read and write
3AB8000
heap
page read and write
1019000
heap
page read and write
352A000
heap
page read and write
791567F000
stack
page read and write
3967000
heap
page read and write
3770000
trusted library allocation
page read and write
3DB0000
trusted library allocation
page read and write
1031000
heap
page read and write
39B2000
heap
page read and write
3A87000
heap
page read and write
3334000
heap
page read and write
3A5B000
heap
page read and write
21E02574000
heap
page read and write
3984000
heap
page read and write
21E02A02000
heap
page read and write
2CD0000
heap
page read and write
3AC0000
trusted library allocation
page read and write
3A7F000
heap
page read and write
2EB5000
heap
page read and write
2D07000
heap
page read and write
2EA3000
heap
page read and write
14161070000
heap
page read and write
3ABF000
heap
page read and write
3428000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3AC0000
trusted library allocation
page read and write
3BA0000
trusted library allocation
page read and write
3974000
heap
page read and write
3A56000
heap
page read and write
1A44A659000
heap
page read and write
2A3F000
stack
page read and write
11C0000
heap
page read and write
19220C61000
heap
page read and write
336C000
heap
page read and write
2EA9000
heap
page read and write
1E9820E4000
heap
page read and write
3A93000
heap
page read and write
272F463C000
heap
page read and write
19220C83000
heap
page read and write
21E02581000
heap
page read and write
26886518000
heap
page read and write
2F09000
heap
page read and write
3960000
trusted library allocation
page read and write
26886513000
heap
page read and write
3974000
heap
page read and write
2CC0000
heap
page read and write
339F000
heap
page read and write
36D0000
trusted library allocation
page read and write
19220D02000
heap
page read and write
272F4708000
heap
page read and write
CAA16FE000
stack
page read and write
2688B0A0000
trusted library allocation
page read and write
3485000
heap
page read and write
3433000
heap
page read and write
1003000
heap
page read and write
3360000
trusted library allocation
page read and write
343F000
heap
page read and write
26BDAC10000
heap
page readonly
272F44B0000
heap
page read and write
2E84000
heap
page read and write
FD9000
heap
page read and write
103B000
heap
page read and write
3384000
heap
page read and write
21E02A02000
heap
page read and write
3A75000
heap
page read and write
FE5000
heap
page read and write
B60000
heap
page read and write
1F178446000
heap
page read and write
3968000
heap
page read and write
2688B45F000
heap
page read and write
FC2C57E000
stack
page read and write
26886415000
heap
page read and write
21E025A8000
heap
page read and write
5CD317B000
stack
page read and write
3422000
heap
page read and write
3972000
heap
page read and write
21E01C13000
heap
page read and write
26885C94000
heap
page read and write
21E02575000
heap
page read and write
E549A7C000
stack
page read and write
397E000
heap
page read and write
3AE6000
heap
page read and write
3A93000
heap
page read and write
3978000
heap
page read and write
3374000
heap
page read and write
1416123D000
heap
page read and write
FE6000
heap
page read and write
1006000
heap
page read and write
CAA15FD000
stack
page read and write
21E01CC9000
heap
page read and write
348A000
heap
page read and write
1031000
heap
page read and write
2EF8000
heap
page read and write
350E000
heap
page read and write
3A4E000
heap
page read and write
2EF5000
heap
page read and write
2EF8000
heap
page read and write
3372000
heap
page read and write
FBB000
heap
page read and write
3ABE000
heap
page read and write
21E02576000
heap
page read and write
3347000
heap
page read and write
FD0000
heap
page read and write
2E8A000
heap
page read and write
340A000
heap
page read and write
2CEE000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3960000
trusted library allocation
page read and write
3AC7000
heap
page read and write
3ABA000
heap
page read and write
26BD9F0C000
heap
page read and write
FD0000
heap
page read and write
21E02576000
heap
page read and write
11DA000
heap
page read and write
2EA4000
heap
page read and write
3A87000
heap
page read and write
39B7000
heap
page read and write
3360000
heap
page read and write
3340000
heap
page read and write
21E025DB000
heap
page read and write
1006000
heap
page read and write
2688B670000
trusted library allocation
page read and write
FF4000
heap
page read and write
103B000
heap
page read and write
26886559000
heap
page read and write
1059000
heap
page read and write
26BDA9B0000
trusted library allocation
page read and write
3525000
heap
page read and write
2D0B000
heap
page read and write
2EAD000
heap
page read and write
2688B220000
trusted library allocation
page read and write
3A52000
heap
page read and write
3360000
trusted library allocation
page read and write
2D0E000
heap
page read and write
3375000
heap
page read and write
3AB2000
heap
page read and write
36D0000
trusted library allocation
page read and write
21E0257F000
heap
page read and write
3ABA000
heap
page read and write
3A2A000
heap
page read and write
21E0257C000
heap
page read and write
1EBE4FE000
stack
page read and write
3ADD000
heap
page read and write
2EA3000
heap
page read and write
3360000
trusted library allocation
page read and write
3A71000
heap
page read and write
21E02593000
heap
page read and write
3960000
trusted library allocation
page read and write
26BDA9C0000
trusted library allocation
page read and write
3A7A000
heap
page read and write
5CD327F000
stack
page read and write
3960000
trusted library allocation
page read and write
FD8000
heap
page read and write
1F178444000
heap
page read and write
3367000
heap
page read and write
1F1782C0000
heap
page read and write
2EBE000
heap
page read and write
3524000
heap
page read and write
2E95000
heap
page read and write
3770000
trusted library allocation
page read and write
3AB9000
heap
page read and write
2CEE000
heap
page read and write
21E02576000
heap
page read and write
791527E000
stack
page read and write
344F000
heap
page read and write
397D000
heap
page read and write
3974000
heap
page read and write
2E84000
heap
page read and write
2E7C000
heap
page read and write
3AAD000
heap
page read and write
3AA0000
heap
page read and write
2E98000
heap
page read and write
3AC7000
heap
page read and write
3372000
heap
page read and write
3A58000
heap
page read and write
2CE7000
heap
page read and write
2EFC000
heap
page read and write
2688B42D000
heap
page read and write
342F000
heap
page read and write
1035000
heap
page read and write
3967000
heap
page read and write
7914E7A000
stack
page read and write
1E9820BB000
heap
page read and write
26886701000
trusted library allocation
page read and write
3372000
heap
page read and write
1215000
heap
page read and write
2EBE000
heap
page read and write
2EA0000
heap
page read and write
3ADD000
heap
page read and write
2EA3000
heap
page read and write
1E982013000
heap
page read and write
3ABE000
heap
page read and write
1D022B61000
heap
page read and write
1039000
heap
page read and write
3A98000
heap
page read and write
2E58000
heap
page read and write
2EF5000
heap
page read and write
102D000
heap
page read and write
1D022B31000
heap
page read and write
342F000
heap
page read and write
2C40000
trusted library allocation
page read and write
2EAD000
heap
page read and write
3A64000
heap
page read and write
2688B499000
heap
page read and write
3AD4000
heap
page read and write
FC2C11D000
stack
page read and write
3A50000
heap
page read and write
39D4000
heap
page read and write
1F178A80000
trusted library allocation
page read and write
21E02517000
heap
page read and write
21E02563000
heap
page read and write
2688B330000
trusted library allocation
page read and write
3429000
heap
page read and write
3391000
heap
page read and write
FF9000
heap
page read and write
21E02574000
heap
page read and write
2E84000
heap
page read and write
3368000
heap
page read and write
3ADD000
heap
page read and write
3BA0000
trusted library allocation
page read and write
1A44A702000
heap
page read and write
2EF8000
heap
page read and write
FBB000
heap
page read and write
FBB000
heap
page read and write
36D0000
trusted library allocation
page read and write
3972000
heap
page read and write
2688B206000
trusted library allocation
page read and write
1D022B2B000
heap
page read and write
51C61FE000
stack
page read and write
2688B680000
trusted library allocation
page read and write
2E76000
heap
page read and write
3A5A000
heap
page read and write
2EAD000
heap
page read and write
2E5C000
heap
page read and write
2E9E000
heap
page read and write
26BD9EB1000
heap
page read and write
1F6AE713000
heap
page read and write
3A81000
heap
page read and write
3343000
heap
page read and write
3527000
heap
page read and write
FE7000
heap
page read and write
3AB0000
heap
page read and write
FC2C5FB000
stack
page read and write
2EF5000
heap
page read and write
3AC7000
heap
page read and write
21E02581000
heap
page read and write
3440000
heap
page read and write
FD0000
heap
page read and write
2E72000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3342000
heap
page read and write
1E981DB0000
heap
page read and write
2C40000
trusted library allocation
page read and write
26885B40000
heap
page read and write
1029000
heap
page read and write
83FED7E000
stack
page read and write
397D000
heap
page read and write
51C5C7C000
stack
page read and write
1F17846A000
heap
page read and write
21E025A4000
heap
page read and write
21E02575000
heap
page read and write
3A47000
heap
page read and write
2CD0000
heap
page read and write
2EBE000
heap
page read and write
3975000
heap
page read and write
26886558000
heap
page read and write
3A4C000
heap
page read and write
3960000
heap
page read and write
2688B44B000
heap
page read and write
3374000
heap
page read and write
3A3C000
heap
page read and write
3360000
trusted library allocation
page read and write
2EAD000
heap
page read and write
8765B7C000
stack
page read and write
3A6D000
heap
page read and write
1039000
heap
page read and write
26BD9EFB000
heap
page read and write
3AC4000
heap
page read and write
BA0000
unkown
page readonly
2EF7000
heap
page read and write
3A5B000
heap
page read and write
1037000
heap
page read and write
33A3000
heap
page read and write
3ADB000
heap
page read and write
2EFA000
heap
page read and write
2EAA000
heap
page read and write
1E982700000
heap
page read and write
3DB0000
trusted library allocation
page read and write
1EBDE7E000
stack
page read and write
3A42000
heap
page read and write
3A27000
heap
page read and write
2688B43E000
heap
page read and write
3403000
heap
page read and write
3A73000
heap
page read and write
3B40000
trusted library allocation
page read and write
83FEAFE000
stack
page read and write
791547F000
stack
page read and write
3368000
heap
page read and write
11D2000
heap
page read and write
397D000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3960000
trusted library allocation
page read and write
3367000
heap
page read and write
3A5B000
heap
page read and write
1EBE1F7000
stack
page read and write
2E95000
heap
page read and write
333E000
heap
page read and write
79152FF000
stack
page read and write
8E2337E000
stack
page read and write
397D000
heap
page read and write
11D0000
heap
page read and write
3AE0000
trusted library allocation
page read and write
3967000
heap
page read and write
2EA0000
heap
page read and write
2EBE000
heap
page read and write
2688B4AC000
heap
page read and write
268DCBB000
stack
page read and write
1F6AE629000
heap
page read and write
2BAC000
stack
page read and write
19220C3C000
heap
page read and write
2EB0000
heap
page read and write
3B43000
heap
page read and write
2EF7000
heap
page read and write
348E000
heap
page read and write
3AE9000
heap
page read and write
26886518000
heap
page read and write
334A000
heap
page read and write
3AB6000
heap
page read and write
3A81000
heap
page read and write
2E64000
heap
page read and write
350E000
heap
page read and write
2CE0000
heap
page read and write
3A2A000
heap
page read and write
FF8000
heap
page read and write
2EA3000
heap
page read and write
103B000
heap
page read and write
2EA5000
heap
page read and write
1F6AE480000
heap
page read and write
2EF8000
heap
page read and write
FE5000
heap
page read and write
1F178461000
heap
page read and write
3A2E000
heap
page read and write
2EAD000
heap
page read and write
3385000
heap
page read and write
3A75000
heap
page read and write
11D7000
heap
page read and write
3CB0000
trusted library allocation
page read and write
14161A02000
trusted library allocation
page read and write
21E0259A000
heap
page read and write
11DA000
heap
page read and write
3A72000
heap
page read and write
26885D13000
heap
page read and write
2F1E000
heap
page read and write
3972000
heap
page read and write
26885B30000
heap
page read and write
2F14000
heap
page read and write
3B40000
trusted library allocation
page read and write
3AA3000
heap
page read and write
FEE000
heap
page read and write
3A67000
heap
page read and write
51C6478000
stack
page read and write
3A38000
heap
page read and write
2688B4FB000
heap
page read and write
333B000
heap
page read and write
3A5D000
heap
page read and write
3B16000
heap
page read and write
2E9A000
heap
page read and write
1033000
heap
page read and write
26BD9E20000
heap
page read and write
1F6AE64D000
heap
page read and write
3368000
heap
page read and write
2688B200000
trusted library allocation
page read and write
26886559000
heap
page read and write
2E50000
heap
page read and write
2688B50C000
heap
page read and write
3A68000
heap
page read and write
3A2E000
heap
page read and write
2D0A000
heap
page read and write
1E9820C4000
heap
page read and write
397D000
heap
page read and write
3A45000
heap
page read and write
1EBE3FC000
stack
page read and write
21E02573000
heap
page read and write
3AB2000
heap
page read and write
21E02576000
heap
page read and write
21E02A20000
heap
page read and write
2688B4F6000
heap
page read and write
26886518000
heap
page read and write
19220AA0000
heap
page read and write
3375000
heap
page read and write
3A7A000
heap
page read and write
103D000
heap
page read and write
1F17844C000
heap
page read and write
2C40000
trusted library allocation
page read and write
3ABE000
heap
page read and write
21E0259A000
heap
page read and write
3A6C000
heap
page read and write
3ABB000
heap
page read and write
39CC000
heap
page read and write
1F6AE602000
heap
page read and write
FD0000
heap
page read and write
2EA3000
heap
page read and write
2E9F000
heap
page read and write
272F4654000
heap
page read and write
2E95000
heap
page read and write
1F178430000
heap
page read and write
3395000
heap
page read and write
36D0000
trusted library allocation
page read and write
2EA3000
heap
page read and write
3A93000
heap
page read and write
F50000
heap
page read and write
3770000
trusted library allocation
page read and write
399F000
heap
page read and write
3989000
heap
page read and write
2D0E000
heap
page read and write
1A44A613000
heap
page read and write
2D0A000
heap
page read and write
352E000
heap
page read and write
3A44000
heap
page read and write
11D4000
heap
page read and write
2688B50C000
heap
page read and write
51C5CFE000
stack
page read and write
39BE000
heap
page read and write
352A000
heap
page read and write
348A000
heap
page read and write
2F12000
heap
page read and write
14161229000
heap
page read and write
337E000
heap
page read and write
2EA4000
heap
page read and write
2ABE000
stack
page read and write
2E9B000
heap
page read and write
2EF8000
heap
page read and write
26886781000
trusted library allocation
page read and write
3417000
heap
page read and write
3960000
trusted library allocation
page read and write
1017000
heap
page read and write
3BA0000
trusted library allocation
page read and write
2EFA000
heap
page read and write
2E95000
heap
page read and write
3434000
heap
page read and write
3437000
heap
page read and write
3460000
trusted library allocation
page read and write
26BD9E30000
heap
page read and write
2688B400000
heap
page read and write
21E02576000
heap
page read and write
2EB3000
heap
page read and write
1031000
heap
page read and write
1033000
heap
page read and write
3A6A000
heap
page read and write
2EA3000
heap
page read and write
1F178448000
heap
page read and write
3B42000
heap
page read and write
1F6AE672000
heap
page read and write
26885BE0000
trusted library section
page read and write
791537F000
stack
page read and write
19220C79000
heap
page read and write
3A5A000
heap
page read and write
2EB0000
heap
page read and write
3A72000
heap
page read and write
FD8000
heap
page read and write
3437000
heap
page read and write
3360000
heap
page read and write
3A8B000
heap
page read and write
21E02592000
heap
page read and write
26886CF0000
trusted library section
page readonly
2CC0000
heap
page read and write
21E02576000
heap
page read and write
CAA12FE000
stack
page read and write
2688B2D0000
trusted library allocation
page read and write
21E01B50000
trusted library allocation
page read and write
3AC0000
trusted library allocation
page read and write
83FEF7F000
stack
page read and write
3AC4000
heap
page read and write
E549DFE000
stack
page read and write
21E0259D000
heap
page read and write
2E98000
heap
page read and write
3367000
heap
page read and write
3B44000
heap
page read and write
3AF5000
heap
page read and write
3CB0000
heap
page read and write
2EFA000
heap
page read and write
3A23000
heap
page read and write
21E02270000
remote allocation
page read and write
87656FC000
stack
page read and write
3387000
heap
page read and write
3CB1000
heap
page read and write
26BD9FA0000
trusted library allocation
page read and write
2D02000
heap
page read and write
3A8A000
heap
page read and write
2E87000
heap
page read and write
21E02594000
heap
page read and write
3A64000
heap
page read and write
26885BA0000
heap
page read and write
3B40000
trusted library allocation
page read and write
3369000
heap
page read and write
FE6000
heap
page read and write
3A6E000
heap
page read and write
1E981DA0000
heap
page read and write
3A57000
heap
page read and write
268863F0000
trusted library allocation
page read and write
5CD307B000
stack
page read and write
338C000
heap
page read and write
E549CF7000
stack
page read and write
1F6AE613000
heap
page read and write
334A000
heap
page read and write
BC0000
unkown
page read and write
397A000
heap
page read and write
F87000
heap
page read and write
3A48000
heap
page read and write
102E000
heap
page read and write
3560000
trusted library allocation
page read and write
3434000
heap
page read and write
FBB000
heap
page read and write
26BD9F01000
heap
page read and write
340A000
heap
page read and write
3984000
heap
page read and write
3AF4000
heap
page read and write
1030000
heap
page read and write
2EAA000
heap
page read and write
3AE0000
heap
page read and write
1A44A700000
heap
page read and write
3A5D000
heap
page read and write
2609825A000
heap
page read and write
337F000
heap
page read and write
3A72000
heap
page read and write
3AAD000
heap
page read and write
102A000
heap
page read and write
2EA8000
heap
page read and write
2EBE000
heap
page read and write
3527000
heap
page read and write
102C000
heap
page read and write
19220C4D000
heap
page read and write
21E02A03000
heap
page read and write
342B000
heap
page read and write
3480000
heap
page read and write
3AC0000
trusted library allocation
page read and write
342B000
heap
page read and write
3A6F000
heap
page read and write
3A97000
heap
page read and write
2E84000
heap
page read and write
FD0000
heap
page read and write
21E02A3E000
heap
page read and write
338A000
heap
page read and write
21E0257D000
heap
page read and write
3A42000
heap
page read and write
2CC0000
heap
page read and write
2EB0000
heap
page read and write
3A5A000
heap
page read and write
21E02574000
heap
page read and write
3974000
heap
page read and write
21E02576000
heap
page read and write
3360000
trusted library allocation
page read and write
2E84000
heap
page read and write
3991000
heap
page read and write
2EBE000
heap
page read and write
1D022A90000
heap
page read and write
3510000
trusted library allocation
page read and write
272F462A000
heap
page read and write
3360000
heap
page read and write
3AB4000
heap
page read and write
1EBE2FF000
stack
page read and write
2EFA000
heap
page read and write
334E000
heap
page read and write
1F178502000
heap
page read and write
21E02576000
heap
page read and write
3B4A000
heap
page read and write
26886558000
heap
page read and write
3A57000
heap
page read and write
3ADD000
heap
page read and write
21E02592000
heap
page read and write
399F000
heap
page read and write
26098302000
heap
page read and write
3A4E000
heap
page read and write
2E99000
heap
page read and write
26885C13000
heap
page read and write
3AD5000
heap
page read and write
2EAD000
heap
page read and write
2E9A000
heap
page read and write
3AC4000
heap
page read and write
2EAA000
heap
page read and write
3A62000
heap
page read and write
3984000
heap
page read and write
21E02573000
heap
page read and write
3AE4000
heap
page read and write
397D000
heap
page read and write
2EA3000
heap
page read and write
2688B070000
trusted library allocation
page read and write
21E02402000
heap
page read and write
397D000
heap
page read and write
3A7F000
heap
page read and write
3A9D000
heap
page read and write
3960000
trusted library allocation
page read and write
3A8A000
heap
page read and write
21E0259A000
heap
page read and write
21E025BF000
heap
page read and write
3BA0000
trusted library allocation
page read and write
FBB000
heap
page read and write
11D3000
heap
page read and write
21E02581000
heap
page read and write
101D000
heap
page read and write
1210000
heap
page read and write
352E000
heap
page read and write
337F000
heap
page read and write
1F178447000
heap
page read and write
BA0000
unkown
page readonly
2E84000
heap
page read and write
3BA0000
trusted library allocation
page read and write
3984000
heap
page read and write
333A000
heap
page read and write
14161080000
heap
page read and write
21E0257B000
heap
page read and write
3453000
heap
page read and write
FD0000
heap
page read and write
348E000
heap
page read and write
3A5E000
heap
page read and write
79157FE000
stack
page read and write
3525000
heap
page read and write
2EF5000
heap
page read and write
3CB0000
trusted library allocation
page read and write
FC0000
heap
page read and write
26BDAC00000
trusted library allocation
page read and write
FD9000
heap
page read and write
21E02576000
heap
page read and write
3387000
heap
page read and write
2E95000
heap
page read and write
2F0B000
heap
page read and write
3B10000
heap
page read and write
BF0000
remote allocation
page read and write
2E75000
heap
page read and write
21E0257C000
heap
page read and write
2EFA000
heap
page read and write
2D0B000
heap
page read and write
2F08000
heap
page read and write
26BD9F00000
heap
page read and write
3360000
trusted library allocation
page read and write
2EAD000
heap
page read and write
3770000
trusted library allocation
page read and write
FF1000
heap
page read and write
26885C3D000
heap
page read and write
2EA6000
heap
page read and write
2F09000
heap
page read and write
3BA0000
trusted library allocation
page read and write
3990000
heap
page read and write
3B04000
heap
page read and write
FED000
heap
page read and write
1039000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3989000
heap
page read and write
3BA0000
trusted library allocation
page read and write
2CE4000
heap
page read and write
19220D00000
heap
page read and write
2EAD000
heap
page read and write
2E72000
heap
page read and write
3450000
heap
page read and write
8765C7F000
stack
page read and write
2D02000
heap
page read and write
26098275000
heap
page read and write
1033000
heap
page read and write
2EFE000
heap
page read and write
336C000
heap
page read and write
1A44A570000
heap
page read and write
3522000
heap
page read and write
21E02576000
heap
page read and write
2E65000
heap
page read and write
21E02576000
heap
page read and write
3A67000
heap
page read and write
3A66000
heap
page read and write
26885C9F000
heap
page read and write
2688B205000
trusted library allocation
page read and write
FD0000
heap
page read and write
39A1000
heap
page read and write
3A50000
heap
page read and write
FE7000
heap
page read and write
2EAD000
heap
page read and write
3AA4000
heap
page read and write
3A52000
heap
page read and write
21E01A50000
heap
page read and write
3ABF000
heap
page read and write
3374000
heap
page read and write
36D0000
trusted library allocation
page read and write
3A93000
heap
page read and write
3390000
heap
page read and write
3387000
heap
page read and write
2EF5000
heap
page read and write
3560000
trusted library allocation
page read and write
3372000
heap
page read and write
FEE000
heap
page read and write
2E84000
heap
page read and write
2E75000
heap
page read and write
3990000
heap
page read and write
2C40000
trusted library allocation
page read and write
1F178477000
heap
page read and write
3360000
heap
page read and write
26885C8F000
heap
page read and write
2E50000
heap
page read and write
334A000
heap
page read and write
21E02A02000
heap
page read and write
ADB3F8E000
stack
page read and write
21E0257C000
heap
page read and write
21E025B3000
heap
page read and write
21E02576000
heap
page read and write
3A5B000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3372000
heap
page read and write
FE7000
heap
page read and write
3367000
heap
page read and write
3B4B000
heap
page read and write
3A27000
heap
page read and write
3435000
heap
page read and write
3360000
trusted library allocation
page read and write
3360000
trusted library allocation
page read and write
2E84000
heap
page read and write
21E025AB000
heap
page read and write
337B000
heap
page read and write
3A81000
heap
page read and write
791507A000
stack
page read and write
2688B50A000
heap
page read and write
21E02581000
heap
page read and write
2EF5000
heap
page read and write
21E025B4000
heap
page read and write
3973000
heap
page read and write
2CC0000
heap
page read and write
3507000
heap
page read and write
3770000
trusted library allocation
page read and write
3DB0000
trusted library allocation
page read and write
36D0000
trusted library allocation
page read and write
3376000
heap
page read and write
19221270000
trusted library allocation
page read and write
3B40000
heap
page read and write
3407000
heap
page read and write
337E000
heap
page read and write
3DB0000
trusted library allocation
page read and write
2EF5000
heap
page read and write
2609826C000
heap
page read and write
26098265000
heap
page read and write
2E84000
heap
page read and write
3345000
heap
page read and write
3C20000
trusted library allocation
page read and write
F80000
heap
page read and write
272F4520000
heap
page read and write
1035000
heap
page read and write
2EAD000
heap
page read and write
1EBE0FE000
stack
page read and write
3A72000
heap
page read and write
14161870000
remote allocation
page read and write
3387000
heap
page read and write
2B3E000
stack
page read and write
1F178431000
heap
page read and write
3ABF000
heap
page read and write
337E000
heap
page read and write
E549EFE000
stack
page read and write
3A6E000
heap
page read and write
3A6F000
heap
page read and write
272F4660000
heap
page read and write
2C40000
trusted library allocation
page read and write
3527000
heap
page read and write
3372000
heap
page read and write
2E72000
heap
page read and write
3960000
trusted library allocation
page read and write
2688B420000
heap
page read and write
336C000
heap
page read and write
3B4E000
heap
page read and write
FEE000
heap
page read and write
E5498FE000
stack
page read and write
2EB5000
heap
page read and write
21E02574000
heap
page read and write
1F17845E000
heap
page read and write
2EAA000
heap
page read and write
21E0257A000
heap
page read and write
1F178460000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3960000
heap
page read and write
350A000
heap
page read and write
26886BE0000
trusted library allocation
page read and write
2D0A000
heap
page read and write
3ACB000
heap
page read and write
333E000
heap
page read and write
3974000
heap
page read and write
19221402000
trusted library allocation
page read and write
2EF5000
heap
page read and write
1F178320000
heap
page read and write
19220C5E000
heap
page read and write
3CB0000
trusted library allocation
page read and write
FEA000
heap
page read and write
3B40000
trusted library allocation
page read and write
1019000
heap
page read and write
141610E0000
heap
page read and write
103D000
heap
page read and write
FD9000
heap
page read and write
26BD9E90000
trusted library allocation
page read and write
3B10000
heap
page read and write
2CC0000
heap
page read and write
1F178462000
heap
page read and write
1E982102000
heap
page read and write
350B000
heap
page read and write
3446000
heap
page read and write
2EFA000
heap
page read and write
2609823D000
heap
page read and write
21E02576000
heap
page read and write
2D00000
heap
page read and write
21E02576000
heap
page read and write
3367000
heap
page read and write
21E01C8A000
heap
page read and write
7914C77000
stack
page read and write
3BA0000
trusted library allocation
page read and write
3960000
trusted library allocation
page read and write
3437000
heap
page read and write
3524000
heap
page read and write
3CB0000
trusted library allocation
page read and write
3976000
heap
page read and write
3770000
trusted library allocation
page read and write
2E72000
heap
page read and write
2EB3000
heap
page read and write
1F178449000
heap
page read and write
2EA9000
heap
page read and write
1028000
heap
page read and write
21E01CB5000
heap
page read and write
334E000
heap
page read and write
2EFC000
heap
page read and write
2CC0000
heap
page read and write
2688B0F0000
trusted library allocation
page read and write
2C3A000
stack
page read and write
FC2C479000
stack
page read and write
3A55000
heap
page read and write
11DB000
heap
page read and write
3437000
heap
page read and write
87653FC000
stack
page read and write
2F06000
heap
page read and write
FD0000
heap
page read and write
3A64000
heap
page read and write
7914F7E000
stack
page read and write
3378000
heap
page read and write
26885C8B000
heap
page read and write
2EA5000
heap
page read and write
1D022A70000
heap
page read and write
3510000
trusted library allocation
page read and write
3AD0000
heap
page read and write
3A68000
heap
page read and write
21E0257F000
heap
page read and write
3976000
heap
page read and write
2CC0000
heap
page read and write
FED000
heap
page read and write
3ACB000
heap
page read and write
2E95000
heap
page read and write
3ADA000
heap
page read and write
3332000
heap
page read and write
1F6AE708000
heap
page read and write
26BDAC20000
trusted library allocation
page read and write
3523000
heap
page read and write
36D0000
trusted library allocation
page read and write
21E02500000
heap
page read and write
3482000
heap
page read and write
1006000
heap
page read and write
2E72000
heap
page read and write
1A44A682000
heap
page read and write
BD0000
heap
page read and write
3ACB000
heap
page read and write
21E01CE7000
heap
page read and write
26BD9EEA000
heap
page read and write
26098275000
heap
page read and write
3AEA000
heap
page read and write
3A54000
heap
page read and write
21E01D08000
heap
page read and write
21E02581000
heap
page read and write
2D0A000
heap
page read and write
39B3000
heap
page read and write
2EBE000
heap
page read and write
CAA19FF000
stack
page read and write
11C0000
heap
page read and write
21E01CEA000
heap
page read and write
2E9E000
heap
page read and write
2E95000
heap
page read and write
3A61000
heap
page read and write
2EFF000
heap
page read and write
11DA000
heap
page read and write
268863D1000
trusted library allocation
page read and write
2688B509000
heap
page read and write
3CC4000
heap
page read and write
2CC0000
heap
page read and write
1A44A500000
heap
page read and write
21E01D13000
heap
page read and write
2EF6000
heap
page read and write
8E22F8E000
stack
page read and write
3AA3000
heap
page read and write
1A44A63D000
heap
page read and write
2EBE000
heap
page read and write
3AB7000
heap
page read and write
3968000
heap
page read and write
2BB9000
stack
page read and write
3A9B000
heap
page read and write
2D05000
heap
page read and write
3960000
heap
page read and write
3969000
heap
page read and write
1039000
heap
page read and write
3A53000
heap
page read and write
8E233FC000
stack
page read and write
105B000
heap
page read and write
3A44000
heap
page read and write
33A3000
heap
page read and write
3CA0000
heap
page read and write
21E02515000
heap
page read and write
1F17847B000
heap
page read and write
26885D02000
heap
page read and write
336C000
heap
page read and write
21E01C00000
heap
page read and write
2EF8000
heap
page read and write
51C62F8000
stack
page read and write
21E0254D000
heap
page read and write
2E9F000
heap
page read and write
3982000
heap
page read and write
39B5000
heap
page read and write
2688B221000
trusted library allocation
page read and write
21E02576000
heap
page read and write
3367000
heap
page read and write
3770000
trusted library allocation
page read and write
352E000
heap
page read and write
2CEB000
heap
page read and write
352A000
heap
page read and write
3DB0000
trusted library allocation
page read and write
348A000
heap
page read and write
1F6AE470000
heap
page read and write
3487000
heap
page read and write
3B0C000
heap
page read and write
272F4600000
heap
page read and write
3360000
trusted library allocation
page read and write
342E000
heap
page read and write
342B000
heap
page read and write
3B40000
trusted library allocation
page read and write
3CB0000
trusted library allocation
page read and write
2688B230000
trusted library allocation
page read and write
19220C00000
heap
page read and write
2EA6000
heap
page read and write
3437000
heap
page read and write
102A000
heap
page read and write
3360000
trusted library allocation
page read and write
FD9000
heap
page read and write
1033000
heap
page read and write
1006000
heap
page read and write
FF5000
heap
page read and write
3978000
heap
page read and write
3973000
heap
page read and write
3A37000
heap
page read and write
2F00000
heap
page read and write
1F178442000
heap
page read and write
3770000
trusted library allocation
page read and write
E54997D000
stack
page read and write
21E025A4000
heap
page read and write
2688B320000
trusted library allocation
page read and write
3A5E000
heap
page read and write
2EF5000
heap
page read and write
3770000
trusted library allocation
page read and write
26885C24000
heap
page read and write
337F000
heap
page read and write
3372000
heap
page read and write
2EA9000
heap
page read and write
1D022B50000
heap
page read and write
FBB000
heap
page read and write
51C60F7000
stack
page read and write
FBB000
heap
page read and write
3A95000
heap
page read and write
FEE000
heap
page read and write
ADB44F7000
stack
page read and write
3AC4000
heap
page read and write
3330000
heap
page read and write
51C5EFE000
stack
page read and write
336C000
heap
page read and write
2D0E000
heap
page read and write
3410000
heap
page read and write
1F17846B000
heap
page read and write
3AD2000
heap
page read and write
FED000
heap
page read and write
1F178467000
heap
page read and write
2E9F000
heap
page read and write
3A48000
heap
page read and write
21E02574000
heap
page read and write
1D022B36000
heap
page read and write
39B4000
heap
page read and write
2688B50C000
heap
page read and write
21E01CE1000
heap
page read and write
26BD9EEA000
heap
page read and write
2EA9000
heap
page read and write
3A68000
heap
page read and write
1D022B62000
heap
page read and write
2F14000
heap
page read and write
21E02576000
heap
page read and write
51C5FF7000
stack
page read and write
3400000
heap
page read and write
3460000
trusted library allocation
page read and write
3A52000
heap
page read and write
344F000
heap
page read and write
3372000
heap
page read and write
11D2000
heap
page read and write
2E7C000
heap
page read and write
3A68000
heap
page read and write
272F4682000
heap
page read and write
397E000
heap
page read and write
3770000
trusted library allocation
page read and write
1F6AE600000
heap
page read and write
21E02593000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3A20000
heap
page read and write
2D07000
heap
page read and write
350A000
heap
page read and write
1F1782B0000
heap
page read and write
2EF7000
heap
page read and write
2E95000
heap
page read and write
3345000
heap
page read and write
FD9000
heap
page read and write
3960000
heap
page read and write
21E019F0000
heap
page read and write
3360000
heap
page read and write
1F178450000
heap
page read and write
2E9D000
heap
page read and write
CAA13FB000
stack
page read and write
11DA000
heap
page read and write
102A000
heap
page read and write
FFB000
heap
page read and write
3770000
trusted library allocation
page read and write
2E72000
heap
page read and write
1006000
heap
page read and write
2EA9000
heap
page read and write
3A24000
heap
page read and write
3974000
heap
page read and write
2609826F000
heap
page read and write
3ABB000
heap
page read and write
336C000
heap
page read and write
2688B20A000
trusted library allocation
page read and write
2688B224000
trusted library allocation
page read and write
3A81000
heap
page read and write
39B0000
heap
page read and write
3CB0000
trusted library allocation
page read and write
352A000
heap
page read and write
2688B208000
trusted library allocation
page read and write
1E982023000
heap
page read and write
14161302000
heap
page read and write
3360000
trusted library allocation
page read and write
ADB43FB000
stack
page read and write
21E02577000
heap
page read and write
3374000
heap
page read and write
1F178440000
heap
page read and write
2C40000
trusted library allocation
page read and write
26886400000
heap
page read and write
26886502000
heap
page read and write
3A94000
heap
page read and write
3A6D000
heap
page read and write
21E01CC2000
heap
page read and write
79153FE000
stack
page read and write
2688B240000
trusted library allocation
page read and write
FBB000
heap
page read and write
2688B060000
trusted library allocation
page read and write
3AAC000
heap
page read and write
3B10000
heap
page read and write
3B0D000
heap
page read and write
1D022B46000
heap
page read and write
26885BD0000
trusted library allocation
page read and write
1019000
heap
page read and write
1D022DC0000
heap
page read and write
1033000
heap
page read and write
3AA8000
heap
page read and write
3395000
heap
page read and write
3AB3000
heap
page read and write
2EA0000
heap
page read and write
21E02576000
heap
page read and write
2EB0000
heap
page read and write
21E01D02000
heap
page read and write
39B7000
heap
page read and write
3560000
trusted library allocation
page read and write
3AB7000
heap
page read and write
3337000
heap
page read and write
19220C92000
heap
page read and write
2EA6000
heap
page read and write
2E80000
heap
page read and write
FED000
heap
page read and write
1A44A600000
heap
page read and write
1F178441000
heap
page read and write
2EFA000
heap
page read and write
3378000
heap
page read and write
3A9B000
heap
page read and write
3ABF000
heap
page read and write
11D7000
heap
page read and write
3A68000
heap
page read and write
FC2C09B000
stack
page read and write
FEE000
heap
page read and write
1F17843D000
heap
page read and write
2EFE000
heap
page read and write
397D000
heap
page read and write
11D3000
heap
page read and write
1006000
heap
page read and write
339F000
heap
page read and write
103B000
heap
page read and write
21E025A0000
heap
page read and write
2688B080000
trusted library allocation
page read and write
1D022B50000
heap
page read and write
FD0000
heap
page read and write
3960000
trusted library allocation
page read and write
3971000
heap
page read and write
3A72000
heap
page read and write
5CD2B4C000
stack
page read and write
1F6AE627000
heap
page read and write
36D0000
trusted library allocation
page read and write
2F0B000
heap
page read and write
3A74000
heap
page read and write
3B16000
heap
page read and write
3BA0000
trusted library allocation
page read and write
342F000
heap
page read and write
26BD9EE3000
heap
page read and write
21E0257B000
heap
page read and write
3973000
heap
page read and write
26BD9CB0000
heap
page read and write
2E95000
heap
page read and write
2CE5000
heap
page read and write
CAA18FF000
stack
page read and write
FD0000
heap
page read and write
1061000
heap
page read and write
104F000
heap
page read and write
334B000
heap
page read and write
26098313000
heap
page read and write
21E02581000
heap
page read and write
3AC7000
heap
page read and write
260980D0000
heap
page read and write
272F44C0000
heap
page read and write
2E9F000
heap
page read and write
3460000
trusted library allocation
page read and write
3372000
heap
page read and write
2CC0000
heap
page read and write
FBE000
heap
page read and write
FBB000
heap
page read and write
39D6000
heap
page read and write
3560000
trusted library allocation
page read and write
2688B50A000
heap
page read and write
3AB5000
heap
page read and write
2EF5000
heap
page read and write
3B40000
trusted library allocation
page read and write
2EF5000
heap
page read and write
396C000
heap
page read and write
2E95000
heap
page read and write
1D022B44000
heap
page read and write
2CE2000
heap
page read and write
2E83000
heap
page read and write
3A48000
heap
page read and write
3ADA000
heap
page read and write
2E9B000
heap
page read and write
3434000
heap
page read and write
3379000
heap
page read and write
33A0000
heap
page read and write
26BDAC80000
trusted library allocation
page read and write
103D000
heap
page read and write
2EB3000
heap
page read and write
21E01D16000
heap
page read and write
3419000
heap
page read and write
3374000
heap
page read and write
2EF8000
heap
page read and write
3423000
heap
page read and write
21E02576000
heap
page read and write
26887060000
trusted library allocation
page read and write
1050000
heap
page read and write
21E01C69000
heap
page read and write
1F6AE652000
heap
page read and write
104F000
heap
page read and write
21E0257B000
heap
page read and write
1E98206E000
heap
page read and write
3960000
heap
page read and write
39A1000
heap
page read and write
3AE0000
trusted library allocation
page read and write
3A68000
heap
page read and write
3AE5000
heap
page read and write
26098140000
heap
page read and write
1E982712000
heap
page read and write
1F17845E000
heap
page read and write
3B40000
trusted library allocation
page read and write
3980000
heap
page read and write
FD0000
heap
page read and write
334E000
heap
page read and write
1F178484000
heap
page read and write
39BA000
heap
page read and write
3335000
heap
page read and write
26885C29000
heap
page read and write
1D022B4E000
heap
page read and write
3381000
heap
page read and write
3960000
trusted library allocation
page read and write
1D022B4E000
heap
page read and write
2EFC000
heap
page read and write
3A6B000
heap
page read and write
21E025B3000
heap
page read and write
FC2C4F9000
stack
page read and write
2EBE000
heap
page read and write
FBB000
heap
page read and write
21E02576000
heap
page read and write
3A6D000
heap
page read and write
3ACB000
heap
page read and write
11DE000
heap
page read and write
2E95000
heap
page read and write
3A54000
heap
page read and write
2EF5000
heap
page read and write
2F09000
heap
page read and write
1033000
heap
page read and write
3368000
heap
page read and write
26098202000
heap
page read and write
26886A00000
trusted library allocation
page read and write
3333000
heap
page read and write
3AE0000
trusted library allocation
page read and write
2CEA000
heap
page read and write
3360000
heap
page read and write
341C000
heap
page read and write
FC2C67E000
stack
page read and write
14161213000
heap
page read and write
3A9B000
heap
page read and write
21E01C29000
heap
page read and write
268E3FD000
stack
page read and write
3AE3000
heap
page read and write
3405000
heap
page read and write
11DA000
heap
page read and write
1006000
heap
page read and write
3960000
trusted library allocation
page read and write
21E0251D000
heap
page read and write
21E02576000
heap
page read and write
3AC0000
trusted library allocation
page read and write
83FE79B000
stack
page read and write
1F17844D000
heap
page read and write
1019000
heap
page read and write
3383000
heap
page read and write
3960000
trusted library allocation
page read and write
36D0000
trusted library allocation
page read and write
3960000
trusted library allocation
page read and write
2CF0000
heap
page read and write
19220C5A000
heap
page read and write
2EBE000
heap
page read and write
3B47000
heap
page read and write
3372000
heap
page read and write
103D000
heap
page read and write
2EB5000
heap
page read and write
FEE000
heap
page read and write
3972000
heap
page read and write
268863F3000
trusted library allocation
page read and write
3995000
heap
page read and write
21E02A02000
heap
page read and write
2EAD000
heap
page read and write
398F000
heap
page read and write
1F6AE702000
heap
page read and write
3510000
trusted library allocation
page read and write
3523000
heap
page read and write
3DB0000
trusted library allocation
page read and write
2EB3000
heap
page read and write
1060000
heap
page read and write
352B000
heap
page read and write
3969000
heap
page read and write
3AAC000
heap
page read and write
CAA17FF000
stack
page read and write
2688B360000
remote allocation
page read and write
21E02576000
heap
page read and write
8764FAB000
stack
page read and write
2688C010000
heap
page read and write
340E000
heap
page read and write
2EFC000
heap
page read and write
21E02592000
heap
page read and write
3A5A000
heap
page read and write
3AE0000
trusted library allocation
page read and write
26886402000
heap
page read and write
3340000
heap
page read and write
2EA3000
heap
page read and write
FE7000
heap
page read and write
3960000
trusted library allocation
page read and write
2EF8000
heap
page read and write
2F0B000
heap
page read and write
3484000
heap
page read and write
3A88000
heap
page read and write
11D7000
heap
page read and write
2688B360000
remote allocation
page read and write
2E9A000
heap
page read and write
3ADD000
heap
page read and write
26BD9EA0000
heap
page read and write
FFC000
heap
page read and write
19220C13000
heap
page read and write
1017000
heap
page read and write
2D03000
heap
page read and write
3A50000
heap
page read and write
3BA0000
trusted library allocation
page read and write
26885C7B000
heap
page read and write
3460000
trusted library allocation
page read and write
3B16000
heap
page read and write
2EAD000
heap
page read and write
3ABA000
heap
page read and write
21E0254D000
heap
page read and write
2F12000
heap
page read and write
2EF8000
heap
page read and write
2D04000
heap
page read and write
3973000
heap
page read and write
3AD3000
heap
page read and write
3978000
heap
page read and write
2EFA000
heap
page read and write
3A5A000
heap
page read and write
337B000
heap
page read and write
E549BFF000
stack
page read and write
2F14000
heap
page read and write
396C000
heap
page read and write
2688B4FF000
heap
page read and write
3A57000
heap
page read and write
21E0259E000
heap
page read and write
11D5000
heap
page read and write
BB0000
unkown
page readonly
103D000
heap
page read and write
3AB7000
heap
page read and write
3B4A000
heap
page read and write
1F6AE657000
heap
page read and write
3A60000
heap
page read and write
3A6C000
heap
page read and write
3350000
heap
page read and write
3ACB000
heap
page read and write
2EBE000
heap
page read and write
272F4700000
heap
page read and write
3AAD000
heap
page read and write
26886CC0000
trusted library section
page readonly
21E01CAB000
heap
page read and write
11DA000
heap
page read and write
3390000
heap
page read and write
397E000
heap
page read and write
3CB0000
trusted library allocation
page read and write
352E000
heap
page read and write
26886518000
heap
page read and write
3960000
trusted library allocation
page read and write
3A52000
heap
page read and write
21E025C7000
heap
page read and write
272F4E02000
trusted library allocation
page read and write
3972000
heap
page read and write
343A000
heap
page read and write
3B16000
heap
page read and write
3960000
trusted library allocation
page read and write
3AE0000
trusted library allocation
page read and write
2EB3000
heap
page read and write
5CD337E000
stack
page read and write
3988000
heap
page read and write
FF6000
heap
page read and write
3DB0000
trusted library allocation
page read and write
1A44AE02000
trusted library allocation
page read and write
2EF5000
heap
page read and write
3AEE000
heap
page read and write
3A60000
heap
page read and write
2688B464000
heap
page read and write
3453000
heap
page read and write
3AD7000
heap
page read and write
3960000
trusted library allocation
page read and write
3360000
trusted library allocation
page read and write
3A61000
heap
page read and write
876567F000
stack
page read and write
3391000
heap
page read and write
396C000
heap
page read and write
3387000
heap
page read and write
3A40000
trusted library allocation
page read and write
1E982602000
heap
page read and write
1F6AE4E0000
heap
page read and write
3C20000
trusted library allocation
page read and write
1F6AE5E0000
trusted library allocation
page read and write
3360000
trusted library allocation
page read and write
2688B502000
heap
page read and write
FD0000
heap
page read and write
1F6AE66A000
heap
page read and write
3360000
trusted library allocation
page read and write
3A5E000
heap
page read and write
102A000
heap
page read and write
2EAF000
heap
page read and write
3DB0000
trusted library allocation
page read and write
2EA6000
heap
page read and write
2EFE000
heap
page read and write
3A88000
heap
page read and write
21E02592000
heap
page read and write
26886559000
heap
page read and write
2EBE000
heap
page read and write
2EA3000
heap
page read and write
FEE000
heap
page read and write
ADB3E8C000
stack
page read and write
2E95000
heap
page read and write
2688B4FD000
heap
page read and write
102D000
heap
page read and write
1F6AE68C000
heap
page read and write
2E73000
heap
page read and write
3373000
heap
page read and write
3A88000
heap
page read and write
3ABD000
heap
page read and write
1F6AE66A000
heap
page read and write
14161200000
heap
page read and write
3BA0000
trusted library allocation
page read and write
19220D08000
heap
page read and write
3A5E000
heap
page read and write
876587B000
stack
page read and write
51C637E000
unkown
page read and write
3375000
heap
page read and write
FE7000
heap
page read and write
1EBDB3B000
stack
page read and write
21E02576000
heap
page read and write
2EAD000
heap
page read and write
2EF5000
heap
page read and write
397D000
heap
page read and write
3520000
heap
page read and write
2CEA000
heap
page read and write
3A81000
heap
page read and write
1035000
heap
page read and write
21E0259D000
heap
page read and write
3AC0000
trusted library allocation
page read and write
3437000
heap
page read and write
26BD9DF0000
heap
page read and write
3375000
heap
page read and write
14161870000
remote allocation
page read and write
FF9000
heap
page read and write
3979000
heap
page read and write
3520000
heap
page read and write
3975000
heap
page read and write
21E02576000
heap
page read and write
3980000
heap
page read and write
FE5000
heap
page read and write
334E000
heap
page read and write
103B000
heap
page read and write
3372000
heap
page read and write
1F6AE681000
heap
page read and write
E7C000
stack
page read and write
3375000
heap
page read and write
21E01C60000
heap
page read and write
1006000
heap
page read and write
8E2327F000
stack
page read and write
3510000
trusted library allocation
page read and write
3BA0000
trusted library allocation
page read and write
3AFB000
heap
page read and write
21E02576000
heap
page read and write
3960000
heap
page read and write
3360000
trusted library allocation
page read and write
FC2C19E000
stack
page read and write
3A68000
heap
page read and write
3A2A000
heap
page read and write
337B000
heap
page read and write
3367000
heap
page read and write
2CEA000
heap
page read and write
7914B7E000
unkown
page read and write
3505000
heap
page read and write
3AB2000
heap
page read and write
3984000
heap
page read and write
1D022B4E000
heap
page read and write
3960000
trusted library allocation
page read and write
3A6D000
heap
page read and write
51C5E7C000
stack
page read and write
19220C5C000
heap
page read and write
342B000
heap
page read and write
1E982044000
heap
page read and write
2EB0000
heap
page read and write
BC0000
unkown
page read and write
1F6AE700000
heap
page read and write
3AEB000
heap
page read and write
FC9000
heap
page read and write
FF9000
heap
page read and write
3437000
heap
page read and write
8E232F8000
stack
page read and write
26BD9EEC000
heap
page read and write
3BA0000
trusted library allocation
page read and write
2688B502000
heap
page read and write
21E01C57000
heap
page read and write
3A58000
heap
page read and write
1E982029000
heap
page read and write
3404000
heap
page read and write
2EAA000
heap
page read and write
21E02593000
heap
page read and write
19220C54000
heap
page read and write
352A000
heap
page read and write
2EA3000
heap
page read and write
2EFF000
heap
page read and write
3970000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3393000
heap
page read and write
1F178400000
heap
page read and write
2E72000
heap
page read and write
2688B507000
heap
page read and write
104F000
heap
page read and write
3960000
trusted library allocation
page read and write
3A68000
heap
page read and write
FCA000
heap
page read and write
3CC1000
heap
page read and write
FE7000
heap
page read and write
3AC7000
heap
page read and write
1031000
heap
page read and write
21E02592000
heap
page read and write
26098213000
heap
page read and write
FD8000
heap
page read and write
3372000
heap
page read and write
FD0000
heap
page read and write
1D022940000
heap
page read and write
2EB3000
heap
page read and write
1E982113000
heap
page read and write
8E22F0F000
stack
page read and write
26BD9EEA000
heap
page read and write
3DB0000
trusted library allocation
page read and write
3CB0000
trusted library allocation
page read and write
3AB7000
heap
page read and write
8765A7E000
stack
page read and write
2688B0E0000
trusted library allocation
page read and write
3AC4000
heap
page read and write
398C000
heap
page read and write
21E02580000
heap
page read and write
21E02593000
heap
page read and write
FF4000
heap
page read and write
3AEE000
heap
page read and write
21E01C3C000
heap
page read and write
103B000
heap
page read and write
272F4C80000
trusted library allocation
page read and write
272F465E000
heap
page read and write
There are 2119 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://eyecandylashcompany.com/payment/frontend_paper_lantern/index.html
 malicious