Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Downloads\01d4b013-d88f-40bb-bbdd-8c81fb0d0bb5.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\Downloads\Unconfirmed 785912.crdownload (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\13de1015-eb55-49ee-8e24-9687f1f28087.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2263eb8f-cc35-4474-b5be-00cd2139fda4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2cea663c-50bc-4125-bd8a-8d4beac6f02b.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\51ff9caa-7cd4-43d6-a297-8e38c852eeec.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\718721dc-a02b-4297-a11c-5bd9801f4bfd.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\29a8e80b-4836-4cd5-8a77-8218d862620d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\30ed5235-fc1a-4e73-a680-e28cf8138a6a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\430e6edc-9322-472f-8450-51eaeb317458.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\5ebedbc5-8324-415f-810e-bdccca02a2f2.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\70ae4b8b-86a1-4792-a396-e959cf351fc0.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9ec2c04c-864c-419f-8f6e-1db52b46d921.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e76e5f58-8137-4468-a91b-afbd3fb806f7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\5d8cc7b9-22cf-48dc-a70a-12082da06faa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\adc8fc66-f67d-4ceb-a249-b0671c0a50e2.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d07c8280-d433-46fa-a42b-fcd5516d4353.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f9a242a7-fee2-4d96-9470-812c934f4b59.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir3164_449884916\Ruleset Data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b49a07d1-52a7-4239-a26c-e17846265f84.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c4db53c0-21e0-412d-ada5-c93710d4a138.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ce1b7f2f-b235-4661-903f-f816b7fb2896.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\cee2b62b-eb3d-4a8c-b877-641ed3cb203d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f0c2b3ae-2609-4932-a3e1-f84b436e3ed6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\272b5c23-6848-44e1-b68d-2d5384b71222.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_1115682417\Recovery.crx3
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_1115682417\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_1115682417\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_1115682417\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_52630715\Filtering Rules
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_52630715\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_52630715\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_52630715\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_52630715\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3164_680376054\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\f61d4d57-1c24-4fc9-a362-698c9e507649.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3164_2004874898\f61d4d57-1c24-4fc9-a362-698c9e507649.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\Downloads\5KTBNfeiooEoB5hVODet6aFqK.dll:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 119 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1944 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "http://nazreghadir.ir/wp-includes/kaiSEoHGa/
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=5224 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=5284 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=5296 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=5308 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=none --enable-audio-service-sandbox --mojo-platform-channel-handle=4396 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=4424 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=4068 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=4428 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1528,2648788650366635705,2566219028776313381,131072
--lang=en-US --service-sandbox-type=icon_reader --enable-audio-service-sandbox --mojo-platform-channel-handle=4832 /prefetch:8
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nazreghadir.ir/wp-includes/kaiSEoHGa/
|
|
||
|
http://nazreghadir.ir/wp-includes/kaiSEoHGa/
|
94.182.227.250
|
|
|
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://play.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.186.142
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.184.237
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
||
|
https://easylist.to/)
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
http://llvm.org/):
|
unknown
|
||
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://github.com/easylist)
|
unknown
|
||
|
https://creativecommons.org/.
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
||
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.184.237
|
||
|
clients.l.google.com
|
142.250.186.142
|
||
|
nazreghadir.ir
|
94.182.227.250
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.142
|
clients.l.google.com
|
United States
|
||
|
142.250.184.237
|
accounts.google.com
|
United States
|
||
|
94.182.227.250
|
nazreghadir.ir
|
Iran (ISLAMIC Republic Of)
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
There are 42 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1922E600000
|
heap
|
page read and write
|
||
|
21E06EBB000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
246A9C3C000
|
heap
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
9F3F47E000
|
stack
|
page read and write
|
||
|
21E0773A000
|
heap
|
page read and write
|
||
|
2104ED60000
|
trusted library allocation
|
page read and write
|
||
|
1C6A8E02000
|
trusted library allocation
|
page read and write
|
||
|
DAFA34B000
|
stack
|
page read and write
|
||
|
2B98C5C0000
|
trusted library allocation
|
page read and write
|
||
|
246AA58D000
|
heap
|
page read and write
|
||
|
246AA55F000
|
heap
|
page read and write
|
||
|
178D3420000
|
heap
|
page read and write
|
||
|
1918784E000
|
heap
|
page read and write
|
||
|
2104EF0D000
|
heap
|
page read and write
|
||
|
19187780000
|
trusted library allocation
|
page read and write
|
||
|
19187879000
|
heap
|
page read and write
|
||
|
21049FF0000
|
trusted library allocation
|
page read and write
|
||
|
2658EFD000
|
stack
|
page read and write
|
||
|
2104989E000
|
heap
|
page read and write
|
||
|
2A1D3E47000
|
heap
|
page read and write
|
||
|
21E06E00000
|
heap
|
page read and write
|
||
|
DF0A777000
|
stack
|
page read and write
|
||
|
1C6A8702000
|
heap
|
page read and write
|
||
|
19187875000
|
heap
|
page read and write
|
||
|
2104F024000
|
trusted library allocation
|
page read and write
|
||
|
1952E857000
|
heap
|
page read and write
|
||
|
1CBEDFB000
|
stack
|
page read and write
|
||
|
2104A870000
|
trusted library section
|
page readonly
|
||
|
2104F0C0000
|
trusted library allocation
|
page read and write
|
||
|
2104EE00000
|
heap
|
page read and write
|
||
|
21E06EE9000
|
heap
|
page read and write
|
||
|
1C6A85D0000
|
trusted library allocation
|
page read and write
|
||
|
C0E28FE000
|
stack
|
page read and write
|
||
|
7732CFF000
|
stack
|
page read and write
|
||
|
19187620000
|
heap
|
page read and write
|
||
|
1952F002000
|
trusted library allocation
|
page read and write
|
||
|
246AA5F4000
|
heap
|
page read and write
|
||
|
19187839000
|
heap
|
page read and write
|
||
|
C0E267A000
|
stack
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
1952E902000
|
heap
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
1952E6F0000
|
heap
|
page read and write
|
||
|
2A1D3E6B000
|
heap
|
page read and write
|
||
|
2B98C63C000
|
heap
|
page read and write
|
||
|
C0E2378000
|
stack
|
page read and write
|
||
|
210497F0000
|
trusted library allocation
|
page read and write
|
||
|
21049893000
|
heap
|
page read and write
|
||
|
2104F021000
|
trusted library allocation
|
page read and write
|
||
|
2A1D3E4E000
|
heap
|
page read and write
|
||
|
21049902000
|
heap
|
page read and write
|
||
|
1C6A867E000
|
heap
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
1922E629000
|
heap
|
page read and write
|
||
|
2104A860000
|
trusted library section
|
page readonly
|
||
|
246A9C71000
|
heap
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
2104A19A000
|
heap
|
page read and write
|
||
|
C0E20FE000
|
stack
|
page read and write
|
||
|
2A1D3E55000
|
heap
|
page read and write
|
||
|
571B57E000
|
stack
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
2104A19D000
|
heap
|
page read and write
|
||
|
1952E900000
|
heap
|
page read and write
|
||
|
2C46C002000
|
trusted library allocation
|
page read and write
|
||
|
2658FFF000
|
stack
|
page read and write
|
||
|
2104ED6C000
|
trusted library allocation
|
page read and write
|
||
|
2A1D3E6B000
|
heap
|
page read and write
|
||
|
571B477000
|
stack
|
page read and write
|
||
|
2104EE5D000
|
heap
|
page read and write
|
||
|
7732C7F000
|
stack
|
page read and write
|
||
|
DF0A97F000
|
stack
|
page read and write
|
||
|
2104F070000
|
trusted library allocation
|
page read and write
|
||
|
9F3F2FB000
|
stack
|
page read and write
|
||
|
B776DAA000
|
stack
|
page read and write
|
||
|
2C46B800000
|
heap
|
page read and write
|
||
|
DAFA87E000
|
stack
|
page read and write
|
||
|
2A1D3E42000
|
heap
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
9F3FA7D000
|
stack
|
page read and write
|
||
|
178D365E000
|
heap
|
page read and write
|
||
|
2A1D3E37000
|
heap
|
page read and write
|
||
|
246AA5F4000
|
heap
|
page read and write
|
||
|
2104F000000
|
trusted library allocation
|
page read and write
|
||
|
19187830000
|
heap
|
page read and write
|
||
|
2A1D3D80000
|
heap
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
26592FF000
|
stack
|
page read and write
|
||
|
2C46B902000
|
heap
|
page read and write
|
||
|
2104EF15000
|
heap
|
page read and write
|
||
|
246A9CD9000
|
heap
|
page read and write
|
||
|
2A1D3E52000
|
heap
|
page read and write
|
||
|
2104EF30000
|
heap
|
page read and write
|
||
|
571B07E000
|
stack
|
page read and write
|
||
|
246AA58E000
|
heap
|
page read and write
|
||
|
B77707F000
|
stack
|
page read and write
|
||
|
2104EF30000
|
heap
|
page read and write
|
||
|
DAFAAFF000
|
stack
|
page read and write
|
||
|
21E06EE1000
|
heap
|
page read and write
|
||
|
21E06ECA000
|
heap
|
page read and write
|
||
|
2104EF0C000
|
heap
|
page read and write
|
||
|
1922E65B000
|
heap
|
page read and write
|
||
|
77331FC000
|
stack
|
page read and write
|
||
|
2C46BF80000
|
remote allocation
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
2104EC40000
|
trusted library allocation
|
page read and write
|
||
|
21049874000
|
heap
|
page read and write
|
||
|
2104ED50000
|
trusted library allocation
|
page read and write
|
||
|
2104EF42000
|
heap
|
page read and write
|
||
|
210498BC000
|
heap
|
page read and write
|
||
|
2104EF30000
|
heap
|
page read and write
|
||
|
2658A7B000
|
stack
|
page read and write
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
21049690000
|
heap
|
page read and write
|
||
|
21049FE3000
|
trusted library allocation
|
page read and write
|
||
|
246AAA20000
|
heap
|
page read and write
|
||
|
19187802000
|
heap
|
page read and write
|
||
|
246AA58F000
|
heap
|
page read and write
|
||
|
21E06E6E000
|
heap
|
page read and write
|
||
|
19187861000
|
heap
|
page read and write
|
||
|
9F3EECC000
|
stack
|
page read and write
|
||
|
19187863000
|
heap
|
page read and write
|
||
|
1DAA5FF000
|
stack
|
page read and write
|
||
|
1952E913000
|
heap
|
page read and write
|
||
|
DF0A5FB000
|
stack
|
page read and write
|
||
|
2104EEE7000
|
heap
|
page read and write
|
||
|
178D3688000
|
heap
|
page read and write
|
||
|
2104EE4C000
|
heap
|
page read and write
|
||
|
2104F0B0000
|
remote allocation
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
2104983F000
|
heap
|
page read and write
|
||
|
2104ABC0000
|
trusted library allocation
|
page read and write
|
||
|
19187845000
|
heap
|
page read and write
|
||
|
246A9CE0000
|
heap
|
page read and write
|
||
|
21E07700000
|
heap
|
page read and write
|
||
|
2104A840000
|
trusted library section
|
page readonly
|
||
|
19187844000
|
heap
|
page read and write
|
||
|
1C6A8688000
|
heap
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
2104F090000
|
trusted library allocation
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
246AA5B7000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
1C6A8713000
|
heap
|
page read and write
|
||
|
2104F00E000
|
trusted library allocation
|
page read and write
|
||
|
2104A159000
|
heap
|
page read and write
|
||
|
1918787D000
|
heap
|
page read and write
|
||
|
77326F7000
|
stack
|
page read and write
|
||
|
7732BFB000
|
stack
|
page read and write
|
||
|
2B98C600000
|
heap
|
page read and write
|
||
|
1C6A8613000
|
heap
|
page read and write
|
||
|
2104F080000
|
trusted library allocation
|
page read and write
|
||
|
2104ED80000
|
trusted library allocation
|
page read and write
|
||
|
C0E207C000
|
stack
|
page read and write
|
||
|
26591FE000
|
stack
|
page read and write
|
||
|
19187831000
|
heap
|
page read and write
|
||
|
178D35F0000
|
trusted library allocation
|
page read and write
|
||
|
2104ED60000
|
trusted library allocation
|
page read and write
|
||
|
77328F9000
|
stack
|
page read and write
|
||
|
178D3700000
|
heap
|
page read and write
|
||
|
246AAA44000
|
heap
|
page read and write
|
||
|
2104EF00000
|
heap
|
page read and write
|
||
|
2104A850000
|
trusted library section
|
page readonly
|
||
|
21E06CA0000
|
heap
|
page read and write
|
||
|
178D3665000
|
heap
|
page read and write
|
||
|
246A9C89000
|
heap
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
2104F0B0000
|
remote allocation
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
246AA550000
|
heap
|
page read and write
|
||
|
2B98C702000
|
heap
|
page read and write
|
||
|
2A1D3E55000
|
heap
|
page read and write
|
||
|
21049FE0000
|
trusted library allocation
|
page read and write
|
||
|
19187680000
|
heap
|
page read and write
|
||
|
19187862000
|
heap
|
page read and write
|
||
|
1918784D000
|
heap
|
page read and write
|
||
|
2B98CE02000
|
trusted library allocation
|
page read and write
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
21049829000
|
heap
|
page read and write
|
||
|
2104EBF0000
|
trusted library allocation
|
page read and write
|
||
|
1952E85F000
|
heap
|
page read and write
|
||
|
1952E802000
|
heap
|
page read and write
|
||
|
2C46BF80000
|
remote allocation
|
page read and write
|
||
|
178D3708000
|
heap
|
page read and write
|
||
|
178D365B000
|
heap
|
page read and write
|
||
|
246AA500000
|
heap
|
page read and write
|
||
|
2104EEE3000
|
heap
|
page read and write
|
||
|
2B98C708000
|
heap
|
page read and write
|
||
|
2104A500000
|
trusted library allocation
|
page read and write
|
||
|
2B98C653000
|
heap
|
page read and write
|
||
|
7732AFA000
|
stack
|
page read and write
|
||
|
246A9CF5000
|
heap
|
page read and write
|
||
|
246AA593000
|
heap
|
page read and write
|
||
|
2104EEFB000
|
heap
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
2A1D40C0000
|
heap
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
2A1D3E20000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
2104ED60000
|
trusted library allocation
|
page read and write
|
||
|
2104EF30000
|
heap
|
page read and write
|
||
|
9F3F6FD000
|
stack
|
page read and write
|
||
|
9F3F57E000
|
stack
|
page read and write
|
||
|
178D3702000
|
heap
|
page read and write
|
||
|
7732E7E000
|
stack
|
page read and write
|
||
|
1922E613000
|
heap
|
page read and write
|
||
|
2C46B802000
|
heap
|
page read and write
|
||
|
21049856000
|
heap
|
page read and write
|
||
|
246A9C13000
|
heap
|
page read and write
|
||
|
246AA5A5000
|
heap
|
page read and write
|
||
|
9F3F77B000
|
stack
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
2B98C661000
|
heap
|
page read and write
|
||
|
1918782D000
|
heap
|
page read and write
|
||
|
23989FE000
|
stack
|
page read and write
|
||
|
26590FE000
|
stack
|
page read and write
|
||
|
2104A200000
|
trusted library allocation
|
page read and write
|
||
|
1918787A000
|
heap
|
page read and write
|
||
|
246AA950000
|
remote allocation
|
page read and write
|
||
|
2C46B7F0000
|
heap
|
page read and write
|
||
|
178D3654000
|
heap
|
page read and write
|
||
|
19187874000
|
heap
|
page read and write
|
||
|
1922E624000
|
heap
|
page read and write
|
||
|
2104988D000
|
heap
|
page read and write
|
||
|
2A1D3E52000
|
heap
|
page read and write
|
||
|
246A9C29000
|
heap
|
page read and write
|
||
|
9F3FB7F000
|
stack
|
page read and write
|
||
|
1CBECFB000
|
stack
|
page read and write
|
||
|
2104F1D0000
|
trusted library allocation
|
page read and write
|
||
|
1922EE02000
|
trusted library allocation
|
page read and write
|
||
|
2A1D3E61000
|
heap
|
page read and write
|
||
|
19187860000
|
heap
|
page read and write
|
||
|
77327FA000
|
stack
|
page read and write
|
||
|
246A9CC0000
|
heap
|
page read and write
|
||
|
246AA5F5000
|
heap
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
210496F0000
|
heap
|
page read and write
|
||
|
1952E828000
|
heap
|
page read and write
|
||
|
2C46B780000
|
heap
|
page read and write
|
||
|
1952E700000
|
heap
|
page read and write
|
||
|
19187867000
|
heap
|
page read and write
|
||
|
2104EE2D000
|
heap
|
page read and write
|
||
|
DAFA6FF000
|
stack
|
page read and write
|
||
|
2104EF32000
|
heap
|
page read and write
|
||
|
178D367E000
|
heap
|
page read and write
|
||
|
246AA402000
|
heap
|
page read and write
|
||
|
19187849000
|
heap
|
page read and write
|
||
|
2104A19D000
|
heap
|
page read and write
|
||
|
19187884000
|
heap
|
page read and write
|
||
|
2104ED65000
|
trusted library allocation
|
page read and write
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
C0E257E000
|
stack
|
page read and write
|
||
|
2104986F000
|
heap
|
page read and write
|
||
|
2104EE3F000
|
heap
|
page read and write
|
||
|
2104EEFF000
|
heap
|
page read and write
|
||
|
2A1D3E2B000
|
heap
|
page read and write
|
||
|
178D33B0000
|
heap
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
178D3629000
|
heap
|
page read and write
|
||
|
1952E83C000
|
heap
|
page read and write
|
||
|
7732DFE000
|
stack
|
page read and write
|
||
|
246A9CAB000
|
heap
|
page read and write
|
||
|
2B98C68A000
|
heap
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
DAFA7FE000
|
stack
|
page read and write
|
||
|
239877E000
|
stack
|
page read and write
|
||
|
77329FF000
|
stack
|
page read and write
|
||
|
246A9D02000
|
heap
|
page read and write
|
||
|
1952E800000
|
heap
|
page read and write
|
||
|
1918786B000
|
heap
|
page read and write
|
||
|
2C46B829000
|
heap
|
page read and write
|
||
|
1952E813000
|
heap
|
page read and write
|
||
|
571B27E000
|
stack
|
page read and write
|
||
|
26593FF000
|
stack
|
page read and write
|
||
|
2C46B858000
|
heap
|
page read and write
|
||
|
C0E2477000
|
stack
|
page read and write
|
||
|
19187840000
|
heap
|
page read and write
|
||
|
21E06E2A000
|
heap
|
page read and write
|
||
|
1C6A868A000
|
heap
|
page read and write
|
||
|
2104A830000
|
trusted library section
|
page readonly
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
178D363C000
|
heap
|
page read and write
|
||
|
246AA5F3000
|
heap
|
page read and write
|
||
|
21049913000
|
heap
|
page read and write
|
||
|
1C6A8600000
|
heap
|
page read and write
|
||
|
2104ED61000
|
trusted library allocation
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
1922E450000
|
heap
|
page read and write
|
||
|
2B98C649000
|
heap
|
page read and write
|
||
|
246AA5A5000
|
heap
|
page read and write
|
||
|
2104EEFF000
|
heap
|
page read and write
|
||
|
1952E879000
|
heap
|
page read and write
|
||
|
1922E4C0000
|
heap
|
page read and write
|
||
|
2A1D3E44000
|
heap
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
246A9B80000
|
heap
|
page read and write
|
||
|
21049858000
|
heap
|
page read and write
|
||
|
246AA950000
|
remote allocation
|
page read and write
|
||
|
2B98C700000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
19187831000
|
heap
|
page read and write
|
||
|
C0E26FF000
|
unkown
|
page read and write
|
||
|
C0E217E000
|
stack
|
page read and write
|
||
|
246AA58F000
|
heap
|
page read and write
|
||
|
2104ED50000
|
trusted library allocation
|
page read and write
|
||
|
1918786F000
|
heap
|
page read and write
|
||
|
2104EEFF000
|
heap
|
page read and write
|
||
|
21E06F13000
|
heap
|
page read and write
|
||
|
2104F200000
|
trusted library allocation
|
page read and write
|
||
|
2104EEAB000
|
heap
|
page read and write
|
||
|
2104F1A0000
|
trusted library allocation
|
page read and write
|
||
|
2B98C613000
|
heap
|
page read and write
|
||
|
DF0A0EB000
|
stack
|
page read and write
|
||
|
2104A100000
|
heap
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
2104EEEA000
|
heap
|
page read and write
|
||
|
1918787E000
|
heap
|
page read and write
|
||
|
178D3713000
|
heap
|
page read and write
|
||
|
19187813000
|
heap
|
page read and write
|
||
|
246AA570000
|
heap
|
page read and write
|
||
|
2104ED6A000
|
trusted library allocation
|
page read and write
|
||
|
246AA5F4000
|
heap
|
page read and write
|
||
|
178D3613000
|
heap
|
page read and write
|
||
|
1C6A863C000
|
heap
|
page read and write
|
||
|
1C6A8670000
|
heap
|
page read and write
|
||
|
2B98C713000
|
heap
|
page read and write
|
||
|
DF0A16E000
|
stack
|
page read and write
|
||
|
DAFACFD000
|
stack
|
page read and write
|
||
|
2104A19D000
|
heap
|
page read and write
|
||
|
1C6A85A0000
|
heap
|
page read and write
|
||
|
246A9CD0000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
2A1D3E32000
|
heap
|
page read and write
|
||
|
1C6A868E000
|
heap
|
page read and write
|
||
|
246A9B90000
|
heap
|
page read and write
|
||
|
2104F020000
|
trusted library allocation
|
page read and write
|
||
|
19187842000
|
heap
|
page read and write
|
||
|
246A9CC8000
|
heap
|
page read and write
|
||
|
246AA58D000
|
heap
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
2104EC30000
|
trusted library allocation
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
2104EF0C000
|
heap
|
page read and write
|
||
|
2B98C64B000
|
heap
|
page read and write
|
||
|
2104EF1F000
|
heap
|
page read and write
|
||
|
DAFA97F000
|
stack
|
page read and write
|
||
|
1918783A000
|
heap
|
page read and write
|
||
|
2C46BF50000
|
trusted library allocation
|
page read and write
|
||
|
1C6A8708000
|
heap
|
page read and write
|
||
|
2658CFB000
|
stack
|
page read and write
|
||
|
178D33C0000
|
heap
|
page read and write
|
||
|
21E06E87000
|
heap
|
page read and write
|
||
|
DAFABFD000
|
stack
|
page read and write
|
||
|
1922E460000
|
heap
|
page read and write
|
||
|
1DAA2FB000
|
stack
|
page read and write
|
||
|
2C46B790000
|
heap
|
page read and write
|
||
|
246AA58F000
|
heap
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
21E06DA0000
|
trusted library allocation
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
246AA574000
|
heap
|
page read and write
|
||
|
2C46B813000
|
heap
|
page read and write
|
||
|
1918786D000
|
heap
|
page read and write
|
||
|
19187848000
|
heap
|
page read and write
|
||
|
1C6A8653000
|
heap
|
page read and write
|
||
|
178D3C02000
|
trusted library allocation
|
page read and write
|
||
|
2104A108000
|
heap
|
page read and write
|
||
|
2104A113000
|
heap
|
page read and write
|
||
|
246A9C00000
|
heap
|
page read and write
|
||
|
1922E659000
|
heap
|
page read and write
|
||
|
210498FE000
|
heap
|
page read and write
|
||
|
2104F0B0000
|
remote allocation
|
page read and write
|
||
|
1952E790000
|
trusted library allocation
|
page read and write
|
||
|
246AA569000
|
heap
|
page read and write
|
||
|
2A1D40C5000
|
heap
|
page read and write
|
||
|
21E06ECC000
|
heap
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
1C6A864D000
|
heap
|
page read and write
|
||
|
246AA58D000
|
heap
|
page read and write
|
||
|
1918782E000
|
heap
|
page read and write
|
||
|
DF0A67E000
|
stack
|
page read and write
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
2104ED90000
|
trusted library allocation
|
page read and write
|
||
|
2104EF32000
|
heap
|
page read and write
|
||
|
2104A000000
|
heap
|
page read and write
|
||
|
1922E702000
|
heap
|
page read and write
|
||
|
21049F60000
|
trusted library section
|
page read and write
|
||
|
19187864000
|
heap
|
page read and write
|
||
|
773239E000
|
stack
|
page read and write
|
||
|
2104EF1F000
|
heap
|
page read and write
|
||
|
246AA593000
|
heap
|
page read and write
|
||
|
1922E677000
|
heap
|
page read and write
|
||
|
2104EF0A000
|
heap
|
page read and write
|
||
|
1C6A8540000
|
heap
|
page read and write
|
||
|
2B98C661000
|
heap
|
page read and write
|
||
|
246AA581000
|
heap
|
page read and write
|
||
|
2104A002000
|
heap
|
page read and write
|
||
|
1922E660000
|
heap
|
page read and write
|
||
|
2B98C629000
|
heap
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
2A1D3E6B000
|
heap
|
page read and write
|
||
|
1922E713000
|
heap
|
page read and write
|
||
|
DF0A87F000
|
stack
|
page read and write
|
||
|
21050000000
|
heap
|
page read and write
|
||
|
246A9CFD000
|
heap
|
page read and write
|
||
|
246AA58E000
|
heap
|
page read and write
|
||
|
1CBEFFE000
|
stack
|
page read and write
|
||
|
19187610000
|
heap
|
page read and write
|
||
|
2A1D3E4E000
|
heap
|
page read and write
|
||
|
2104A19D000
|
heap
|
page read and write
|
||
|
C0E27F9000
|
stack
|
page read and write
|
||
|
246AAA03000
|
heap
|
page read and write
|
||
|
2104EE14000
|
heap
|
page read and write
|
||
|
265887C000
|
stack
|
page read and write
|
||
|
2104EBC0000
|
trusted library allocation
|
page read and write
|
||
|
2104F060000
|
trusted library allocation
|
page read and write
|
||
|
2B98C4C0000
|
heap
|
page read and write
|
||
|
2B98C460000
|
heap
|
page read and write
|
||
|
2104EF06000
|
heap
|
page read and write
|
||
|
19187846000
|
heap
|
page read and write
|
||
|
178D365F000
|
heap
|
page read and write
|
||
|
21E07602000
|
heap
|
page read and write
|
||
|
773229B000
|
stack
|
page read and write
|
||
|
9F3F5FC000
|
stack
|
page read and write
|
||
|
1CBE7AB000
|
stack
|
page read and write
|
||
|
2A1D3DE0000
|
heap
|
page read and write
|
||
|
2104A158000
|
heap
|
page read and write
|
||
|
246AAA02000
|
heap
|
page read and write
|
||
|
21E06C40000
|
heap
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
21E07712000
|
heap
|
page read and write
|
||
|
1922E602000
|
heap
|
page read and write
|
||
|
2104EEFF000
|
heap
|
page read and write
|
||
|
1922E5C0000
|
trusted library allocation
|
page read and write
|
||
|
246AA5CC000
|
heap
|
page read and write
|
||
|
B77717E000
|
stack
|
page read and write
|
||
|
1918783D000
|
heap
|
page read and write
|
||
|
2104EF0C000
|
heap
|
page read and write
|
||
|
246AA51C000
|
heap
|
page read and write
|
||
|
1918787B000
|
heap
|
page read and write
|
||
|
2104EBF3000
|
trusted library allocation
|
page read and write
|
||
|
1CBEEFF000
|
stack
|
page read and write
|
||
|
2A1D3E36000
|
heap
|
page read and write
|
||
|
246A9C27000
|
heap
|
page read and write
|
||
|
2104A1DD000
|
heap
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
2104EF15000
|
heap
|
page read and write
|
||
|
1C6A8648000
|
heap
|
page read and write
|
||
|
2104EE4A000
|
heap
|
page read and write
|
||
|
21E06E13000
|
heap
|
page read and write
|
||
|
2A1D3E46000
|
heap
|
page read and write
|
||
|
23988FE000
|
stack
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
2C46B83D000
|
heap
|
page read and write
|
||
|
2104EE8D000
|
heap
|
page read and write
|
||
|
2104ED94000
|
trusted library allocation
|
page read and write
|
||
|
2104F008000
|
trusted library allocation
|
page read and write
|
||
|
1C6A8700000
|
heap
|
page read and write
|
||
|
246AA593000
|
heap
|
page read and write
|
||
|
246AA950000
|
remote allocation
|
page read and write
|
||
|
19187847000
|
heap
|
page read and write
|
||
|
21E06C30000
|
heap
|
page read and write
|
||
|
2104F0A0000
|
trusted library allocation
|
page read and write
|
||
|
7732D7E000
|
stack
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
B77727E000
|
stack
|
page read and write
|
||
|
246AA5F3000
|
heap
|
page read and write
|
||
|
246AA515000
|
heap
|
page read and write
|
||
|
246AA5F4000
|
heap
|
page read and write
|
||
|
21049813000
|
heap
|
page read and write
|
||
|
19187800000
|
heap
|
page read and write
|
||
|
2A1D3E4E000
|
heap
|
page read and write
|
||
|
2A1D3E52000
|
heap
|
page read and write
|
||
|
2C46BF80000
|
remote allocation
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
23986FE000
|
stack
|
page read and write
|
||
|
21049680000
|
heap
|
page read and write
|
||
|
DAFAA7D000
|
stack
|
page read and write
|
||
|
178D3600000
|
heap
|
page read and write
|
||
|
246A9BF0000
|
heap
|
page read and write
|
||
|
178D368D000
|
heap
|
page read and write
|
||
|
571B0FE000
|
stack
|
page read and write
|
||
|
246AA56D000
|
heap
|
page read and write
|
||
|
246AA58D000
|
heap
|
page read and write
|
||
|
246AA350000
|
trusted library allocation
|
page read and write
|
||
|
19187902000
|
heap
|
page read and write
|
||
|
246AA5A0000
|
heap
|
page read and write
|
||
|
19187829000
|
heap
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
2104EF37000
|
heap
|
page read and write
|
||
|
B7771F9000
|
stack
|
page read and write
|
||
|
B7770FE000
|
stack
|
page read and write
|
||
|
1DA9FDF000
|
stack
|
page read and write
|
||
|
2A1D3E62000
|
heap
|
page read and write
|
||
|
1DAA4F7000
|
stack
|
page read and write
|
||
|
7732FFF000
|
stack
|
page read and write
|
||
|
246A9CEA000
|
heap
|
page read and write
|
||
|
571B37B000
|
stack
|
page read and write
|
||
|
239867B000
|
stack
|
page read and write
|
||
|
19187869000
|
heap
|
page read and write
|
||
|
246AA58B000
|
heap
|
page read and write
|
||
|
246AA581000
|
heap
|
page read and write
|
||
|
2104EF16000
|
heap
|
page read and write
|
||
|
1DAA3FB000
|
stack
|
page read and write
|
||
|
21E06E3E000
|
heap
|
page read and write
|
||
|
2398AFE000
|
stack
|
page read and write
|
||
|
2104EF02000
|
heap
|
page read and write
|
||
|
C0E227C000
|
stack
|
page read and write
|
||
|
246AA5A0000
|
heap
|
page read and write
|
||
|
1DAA6FF000
|
stack
|
page read and write
|
||
|
2B98C64D000
|
heap
|
page read and write
|
||
|
246AA58F000
|
heap
|
page read and write
|
||
|
21049879000
|
heap
|
page read and write
|
||
|
178D3662000
|
heap
|
page read and write
|
||
|
1C6A8649000
|
heap
|
page read and write
|
||
|
246AA5CC000
|
heap
|
page read and write
|
||
|
2B98C450000
|
heap
|
page read and write
|
||
|
2104EF15000
|
heap
|
page read and write
|
||
|
1918784B000
|
heap
|
page read and write
|
||
|
2B98C68E000
|
heap
|
page read and write
|
||
|
2104ED6B000
|
trusted library allocation
|
page read and write
|
||
|
21049FC1000
|
trusted library allocation
|
page read and write
|
||
|
1C6A8530000
|
heap
|
page read and write
|
||
|
1922E63D000
|
heap
|
page read and write
|
||
|
19188002000
|
trusted library allocation
|
page read and write
|
||
|
571AD8B000
|
stack
|
page read and write
|
||
|
B7772FC000
|
stack
|
page read and write
|
||
|
2658DFF000
|
stack
|
page read and write
|
||
|
246AA56F000
|
heap
|
page read and write
|
||
|
1C6A8650000
|
heap
|
page read and write
|
||
|
1C6A8629000
|
heap
|
page read and write
|
||
|
2104EEFF000
|
heap
|
page read and write
|
||
|
571B67F000
|
stack
|
page read and write
|
||
|
2104EF30000
|
heap
|
page read and write
|
||
|
246A9D13000
|
heap
|
page read and write
|
||
|
2104EF32000
|
heap
|
page read and write
|
||
|
7732F7B000
|
stack
|
page read and write
|
||
|
246AA5A2000
|
heap
|
page read and write
|
||
|
2104EF0E000
|
heap
|
page read and write
|
||
|
2104ED80000
|
trusted library allocation
|
page read and write
|
||
|
2658BFE000
|
stack
|
page read and write
|
||
|
246AA58F000
|
heap
|
page read and write
|
||
|
2398BFE000
|
stack
|
page read and write
|
||
|
2104ED90000
|
trusted library allocation
|
page read and write
|
||
|
21E06F02000
|
heap
|
page read and write
|
||
|
246AAA00000
|
heap
|
page read and write
|
||
|
2104A820000
|
trusted library section
|
page readonly
|
||
|
DF0A1EE000
|
stack
|
page read and write
|
||
|
77330FB000
|
stack
|
page read and write
|
||
|
2B98C66A000
|
heap
|
page read and write
|
||
|
9F3F87D000
|
stack
|
page read and write
|
||
|
2A1D3E00000
|
heap
|
page read and write
|
||
|
21E07714000
|
heap
|
page read and write
|
||
|
2104A015000
|
heap
|
page read and write
|
||
|
1922E670000
|
heap
|
page read and write
|
||
|
19187841000
|
heap
|
page read and write
|
||
|
1922E669000
|
heap
|
page read and write
|
||
|
9F3F97F000
|
stack
|
page read and write
|
||
|
2A1D3E55000
|
heap
|
page read and write
|
||
|
2B98C650000
|
heap
|
page read and write
|
||
|
77332FF000
|
stack
|
page read and write
|
||
|
2104F1E0000
|
trusted library allocation
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
246AA5F8000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
1952E865000
|
heap
|
page read and write
|
||
|
21E06EDE000
|
heap
|
page read and write
|
||
|
2104EF10000
|
heap
|
page read and write
|
||
|
2104A740000
|
trusted library allocation
|
page read and write
|
||
|
1DA9EDC000
|
stack
|
page read and write
|
||
|
1952E760000
|
heap
|
page read and write
|
||
|
2104A118000
|
heap
|
page read and write
|
||
|
246AA587000
|
heap
|
page read and write
|
||
|
21049800000
|
heap
|
page read and write
|
||
|
1DA9F5E000
|
stack
|
page read and write
|
||
|
246A9CA4000
|
heap
|
page read and write
|
||
|
2104EEAE000
|
heap
|
page read and write
|
||
|
2A1D3E6B000
|
heap
|
page read and write
|
||
|
2104EE20000
|
heap
|
page read and write
|
There are 575 hidden memdumps, click here to show them.