Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
osGcfBvGVu.pdf
|
PDF document, version 1.7, 1 pages
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
|
data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF52ad0a.TMP (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF5230f4.TMP (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230105074603Z-204.bmp
|
PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3024000, file counter 16, database pages 15, cookie 0x5, schema 4,
UTF-8, version-valid-for 16
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
|
data
|
dropped
|
There are 41 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\osGcfBvGVu.pdf
|
||
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://traffmen.ru/wb?keyword=eicar%20pdf%20test%20file
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB
--service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1784,i,17276974344343449179,18398132625013484821,131072
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://static.s123-cdn-static.com/uploads/4489441/normal_5fc8b59e7613e.pdf)
|
unknown
|
||
|
https://zawasofolebu.weebly.com/uploads/1/3/4/9/134902788/6a0ec8.pdf)
|
unknown
|
||
|
https://xuzufudoroxibu.weebly.com/uploads/1/3/4/7/134755415/fewonuviwinulewipa.pdf)
|
unknown
|
||
|
https://voxonevixes.weebly.com/uploads/1/3/4/3/134383310/3212069.pdf)
|
unknown
|
||
|
https://denasigetul.weebly.com/uploads/1/3/4/3/134332190/3aadf349f71.pdf)
|
unknown
|
||
|
https://traffmen.ru/wb?keyword=eicar%20pdf%20test%20file
|
104.21.19.149
|
||
|
https://jatorogerujew.weebly.com/uploads/1/3/2/7/132710569/5650151.pdf)
|
unknown
|
||
|
https://static1.squarespace.com/static/5fc2d06c1452f90b7ff1a516/t/5fc81fa34b97230d050097b8/160695082
|
unknown
|
||
|
https://static1.squarespace.com/static/5fc59785d49dd12447543100/t/5fc892132dd5737571b7b636/160698011
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.251.209.13
|
||
|
https://static.s123-cdn-static.com/uploads/4451565/normal_5fc4be3b76a1c.pdf)
|
unknown
|
||
|
https://vesumuzuvof.weebly.com/uploads/1/3/4/6/134685641/gewof.pdf)
|
unknown
|
||
|
https://cdn-cms.f-static.net/uploads/4498392/normal_5faf04625de48.pdf)
|
unknown
|
||
|
https://traffmen.ru/wb?keyword=eicar%20pdf%20test%20file
|
|||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.184.78
|
||
|
https://cdn-cms.f-static.net/uploads/4381737/normal_5f9c867fda2cc.pdf)
|
unknown
|
||
|
https://traffmen.ru/favicon.ico
|
104.21.19.149
|
||
|
https://cdn-cms.f-static.net/uploads/4376874/normal_5fa0c5cb1b909.pdf)
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v3?s=gMx5mUmwuq9TlZ9qKTp9%2F2xmk7yZ0efWtwpnhfwBZoaG8au4PoBBTHLZ%2FcCZtNwexk2p%2FndcEsHZuVXcqa45OLsm%2BSaJvf4C3J0D%2FZtJclcfBsADf5ZEGlU9o6IrXA%3D%3D
|
35.190.80.1
|
||
|
https://traffmen.ru/wb?keyword=eicar%20pdf%20test%20file)
|
unknown
|
||
|
https://static.s123-cdn-static.com/uploads/4479223/normal_5fc8ecf96736d.pdf)
|
unknown
|
||
|
https://a.nel.cloudflare.com/report/v3?s=sOH7aKZQs7HUmJ%2B%2BIpDazDd8U6kSBoRWr90OOINUwzQ6PDO6tOTlpT7hsiU%2F%2Flm7Mmoc82w9xaFVb7ORgr2CRA3wz2daEIcWiZsz1tp8VaBD76du9kWQg%2FV6l5uNug%3D%3D
|
35.190.80.1
|
||
|
https://cdn-cms.f-static.net/uploads/4365599/normal_5f9abc7d2f1a4.pdf)
|
unknown
|
||
|
https://daviwoza.weebly.com/uploads/1/3/4/6/134670821/rudaruzarafaw-nobokujiduv-nalegeji-regoresusa.
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
accounts.google.com
|
142.251.209.13
|
||
|
traffmen.ru
|
172.67.186.133
|
||
|
www.google.com
|
142.250.184.36
|
||
|
clients.l.google.com
|
142.250.184.78
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.19.149
|
unknown
|
United States
|
||
|
142.250.184.78
|
clients.l.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
142.251.209.13
|
accounts.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.184.36
|
www.google.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blocklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
|
TraceTimeLast
|
There are 54 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
D7A8AFD000
|
stack
|
page read and write
|
||
|
1FD111D0000
|
trusted library section
|
page readonly
|
||
|
194FA402000
|
heap
|
page read and write
|
||
|
19256700000
|
heap
|
page read and write
|
||
|
21AD9E48000
|
heap
|
page read and write
|
||
|
100847A000
|
stack
|
page read and write
|
||
|
4A9017F000
|
stack
|
page read and write
|
||
|
1FD15620000
|
trusted library allocation
|
page read and write
|
||
|
1FD1582E000
|
heap
|
page read and write
|
||
|
25B7CE45000
|
heap
|
page read and write
|
||
|
1FD15A21000
|
trusted library allocation
|
page read and write
|
||
|
1FD15630000
|
trusted library allocation
|
page read and write
|
||
|
4A8F5EB000
|
stack
|
page read and write
|
||
|
5C51C7B000
|
stack
|
page read and write
|
||
|
140587B000
|
stack
|
page read and write
|
||
|
4A9057C000
|
stack
|
page read and write
|
||
|
1FD10072000
|
heap
|
page read and write
|
||
|
1DBF4A00000
|
trusted library allocation
|
page read and write
|
||
|
194FA45B000
|
heap
|
page read and write
|
||
|
D7A8DFC000
|
stack
|
page read and write
|
||
|
1FD02600000
|
heap
|
page read and write
|
||
|
194FA370000
|
trusted library allocation
|
page read and write
|
||
|
2C5A5102000
|
heap
|
page read and write
|
||
|
90A767C000
|
stack
|
page read and write
|
||
|
1FD10B18000
|
heap
|
page read and write
|
||
|
26B26702000
|
heap
|
page read and write
|
||
|
25B7CE4F000
|
heap
|
page read and write
|
||
|
1FD11593000
|
trusted library allocation
|
page read and write
|
||
|
1FD02560000
|
trusted library allocation
|
page read and write
|
||
|
F33F0FF000
|
stack
|
page read and write
|
||
|
21AD9D50000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE66000
|
heap
|
page read and write
|
||
|
1FD15780000
|
trusted library allocation
|
page read and write
|
||
|
194FA400000
|
heap
|
page read and write
|
||
|
1FD15822000
|
heap
|
page read and write
|
||
|
1FD03023000
|
heap
|
page read and write
|
||
|
1FD15AA0000
|
remote allocation
|
page read and write
|
||
|
1FD023E0000
|
heap
|
page read and write
|
||
|
21AD9E40000
|
heap
|
page read and write
|
||
|
2C5A504C000
|
heap
|
page read and write
|
||
|
1FD02E02000
|
heap
|
page read and write
|
||
|
1FD11590000
|
trusted library allocation
|
page read and write
|
||
|
25B7D602000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE7B000
|
heap
|
page read and write
|
||
|
194FA472000
|
heap
|
page read and write
|
||
|
1FD03002000
|
heap
|
page read and write
|
||
|
25B7CE32000
|
heap
|
page read and write
|
||
|
90A7BFF000
|
stack
|
page read and write
|
||
|
2C5A502A000
|
heap
|
page read and write
|
||
|
1FD15800000
|
heap
|
page read and write
|
||
|
1FD15812000
|
heap
|
page read and write
|
||
|
25B7CE59000
|
heap
|
page read and write
|
||
|
19256430000
|
heap
|
page read and write
|
||
|
1FD1584D000
|
heap
|
page read and write
|
||
|
194FA46A000
|
heap
|
page read and write
|
||
|
28EB26BA000
|
heap
|
page read and write
|
||
|
90A77FB000
|
stack
|
page read and write
|
||
|
28EB26B8000
|
heap
|
page read and write
|
||
|
21AD9F13000
|
heap
|
page read and write
|
||
|
25B7CE7E000
|
heap
|
page read and write
|
||
|
194FA340000
|
heap
|
page read and write
|
||
|
2C5A4F30000
|
heap
|
page read and write
|
||
|
1FD02F6D000
|
heap
|
page read and write
|
||
|
1405A7E000
|
stack
|
page read and write
|
||
|
1FD15817000
|
heap
|
page read and write
|
||
|
9C126FD000
|
stack
|
page read and write
|
||
|
26B26540000
|
remote allocation
|
page read and write
|
||
|
4A900FF000
|
stack
|
page read and write
|
||
|
1FD1587E000
|
heap
|
page read and write
|
||
|
1FD0FFA0000
|
heap
|
page read and write
|
||
|
1FD15A50000
|
trusted library allocation
|
page read and write
|
||
|
1FD15751000
|
trusted library allocation
|
page read and write
|
||
|
2C5A5002000
|
heap
|
page read and write
|
||
|
1FD02F02000
|
heap
|
page read and write
|
||
|
1FD155B0000
|
trusted library allocation
|
page read and write
|
||
|
90A74FF000
|
stack
|
page read and write
|
||
|
1FD02F43000
|
heap
|
page read and write
|
||
|
26B26613000
|
heap
|
page read and write
|
||
|
25B7CE42000
|
heap
|
page read and write
|
||
|
4C7A8B000
|
stack
|
page read and write
|
||
|
4A8F9F7000
|
stack
|
page read and write
|
||
|
1FD10013000
|
heap
|
page read and write
|
||
|
25B7D5A0000
|
trusted library allocation
|
page read and write
|
||
|
21ADB802000
|
trusted library allocation
|
page read and write
|
||
|
4C80FF000
|
stack
|
page read and write
|
||
|
1DBF47A0000
|
trusted library allocation
|
page read and write
|
||
|
26B26629000
|
heap
|
page read and write
|
||
|
2C5A503B000
|
heap
|
page read and write
|
||
|
1FD02540000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE13000
|
heap
|
page read and write
|
||
|
21AD9E6F000
|
heap
|
page read and write
|
||
|
2C5A502F000
|
heap
|
page read and write
|
||
|
2C5A4F80000
|
heap
|
page read and write
|
||
|
1FD03030000
|
heap
|
page read and write
|
||
|
F33EFFF000
|
stack
|
page read and write
|
||
|
1FD15AA0000
|
remote allocation
|
page read and write
|
||
|
21AD9D70000
|
trusted library allocation
|
page read and write
|
||
|
1FD03000000
|
heap
|
page read and write
|
||
|
4A8F8FE000
|
stack
|
page read and write
|
||
|
26B26410000
|
heap
|
page read and write
|
||
|
9C125FE000
|
stack
|
page read and write
|
||
|
1FD115A0000
|
trusted library allocation
|
page read and write
|
||
|
19256656000
|
heap
|
page read and write
|
||
|
25B7CE7C000
|
heap
|
page read and write
|
||
|
1FD15A60000
|
trusted library allocation
|
page read and write
|
||
|
1FD0278E000
|
heap
|
page read and write
|
||
|
21AD9DE0000
|
remote allocation
|
page read and write
|
||
|
1FD15C10000
|
trusted library allocation
|
page read and write
|
||
|
4A9007E000
|
stack
|
page read and write
|
||
|
4A8FA7E000
|
stack
|
page read and write
|
||
|
1FD10A00000
|
heap
|
page read and write
|
||
|
90A7AFC000
|
stack
|
page read and write
|
||
|
90A6F6B000
|
stack
|
page read and write
|
||
|
21AD9C50000
|
heap
|
page read and write
|
||
|
1FD11571000
|
trusted library allocation
|
page read and write
|
||
|
1FD111E0000
|
trusted library section
|
page readonly
|
||
|
25B7CE43000
|
heap
|
page read and write
|
||
|
1DBF3D75000
|
heap
|
page read and write
|
||
|
1FD10C81000
|
trusted library allocation
|
page read and write
|
||
|
1FD02692000
|
heap
|
page read and write
|
||
|
21AD9BF0000
|
heap
|
page read and write
|
||
|
25B7CE31000
|
heap
|
page read and write
|
||
|
1FD10B59000
|
heap
|
page read and write
|
||
|
194FA467000
|
heap
|
page read and write
|
||
|
19256713000
|
heap
|
page read and write
|
||
|
1FD11200000
|
trusted library section
|
page readonly
|
||
|
4A8FC7E000
|
stack
|
page read and write
|
||
|
25B7CE64000
|
heap
|
page read and write
|
||
|
19256663000
|
heap
|
page read and write
|
||
|
26B263A0000
|
heap
|
page read and write
|
||
|
194FA475000
|
heap
|
page read and write
|
||
|
194FA440000
|
heap
|
page read and write
|
||
|
25B7CE58000
|
heap
|
page read and write
|
||
|
1FD02658000
|
heap
|
page read and write
|
||
|
21AD9E58000
|
heap
|
page read and write
|
||
|
1FD02664000
|
heap
|
page read and write
|
||
|
D7A89FF000
|
stack
|
page read and write
|
||
|
9C120FF000
|
stack
|
page read and write
|
||
|
26B2665C000
|
heap
|
page read and write
|
||
|
1DBF3A90000
|
heap
|
page read and write
|
||
|
1FD15BB0000
|
trusted library allocation
|
page read and write
|
||
|
21AD9E62000
|
heap
|
page read and write
|
||
|
28EB2490000
|
heap
|
page read and write
|
||
|
1FD15AB0000
|
trusted library allocation
|
page read and write
|
||
|
4A8FB7A000
|
stack
|
page read and write
|
||
|
28EB2600000
|
heap
|
page read and write
|
||
|
D7A867C000
|
stack
|
page read and write
|
||
|
2C5A4FB0000
|
trusted library allocation
|
page read and write
|
||
|
1FD10056000
|
heap
|
page read and write
|
||
|
1DBF3AB0000
|
heap
|
page read and write
|
||
|
21ADB7A0000
|
trusted library allocation
|
page read and write
|
||
|
81EC07E000
|
stack
|
page read and write
|
||
|
19256702000
|
heap
|
page read and write
|
||
|
25B7CD00000
|
heap
|
page read and write
|
||
|
100857F000
|
stack
|
page read and write
|
||
|
25B7CE5A000
|
heap
|
page read and write
|
||
|
81EBF7E000
|
stack
|
page read and write
|
||
|
1FD15A0E000
|
trusted library allocation
|
page read and write
|
||
|
21AD9E48000
|
heap
|
page read and write
|
||
|
1FD15894000
|
heap
|
page read and write
|
||
|
21AD9DE0000
|
remote allocation
|
page read and write
|
||
|
26B26540000
|
remote allocation
|
page read and write
|
||
|
1FD02F00000
|
heap
|
page read and write
|
||
|
1FD10A02000
|
heap
|
page read and write
|
||
|
1FD02686000
|
heap
|
page read and write
|
||
|
26B26602000
|
heap
|
page read and write
|
||
|
28EB2E02000
|
heap
|
page read and write
|
||
|
1FD02440000
|
heap
|
page read and write
|
||
|
1FD02FB0000
|
heap
|
page read and write
|
||
|
5C5237E000
|
stack
|
page read and write
|
||
|
1FD03027000
|
heap
|
page read and write
|
||
|
1FD15A24000
|
trusted library allocation
|
page read and write
|
||
|
1405B7A000
|
stack
|
page read and write
|
||
|
9C1237E000
|
stack
|
page read and write
|
||
|
1FD02653000
|
heap
|
page read and write
|
||
|
81EBABB000
|
stack
|
page read and write
|
||
|
25B7CCA0000
|
heap
|
page read and write
|
||
|
194FA413000
|
heap
|
page read and write
|
||
|
10082FB000
|
stack
|
page read and write
|
||
|
25B7CE5B000
|
heap
|
page read and write
|
||
|
5C5267E000
|
stack
|
page read and write
|
||
|
19256668000
|
heap
|
page read and write
|
||
|
2C5A5013000
|
heap
|
page read and write
|
||
|
1DBF3AD0000
|
heap
|
page read and write
|
||
|
21AD9F00000
|
heap
|
page read and write
|
||
|
21AD9E58000
|
heap
|
page read and write
|
||
|
1FD15865000
|
heap
|
page read and write
|
||
|
1DBF4A60000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE69000
|
heap
|
page read and write
|
||
|
28EB2613000
|
heap
|
page read and write
|
||
|
19256625000
|
heap
|
page read and write
|
||
|
25B7CE3B000
|
heap
|
page read and write
|
||
|
26B263B0000
|
heap
|
page read and write
|
||
|
1DBF3D70000
|
heap
|
page read and write
|
||
|
2C5A5054000
|
heap
|
page read and write
|
||
|
D7A8BFC000
|
stack
|
page read and write
|
||
|
5C5277E000
|
stack
|
page read and write
|
||
|
1FD15A10000
|
trusted library allocation
|
page read and write
|
||
|
1FD02FC7000
|
heap
|
page read and write
|
||
|
1FD15840000
|
heap
|
page read and write
|
||
|
9C1207C000
|
stack
|
page read and write
|
||
|
90A737C000
|
stack
|
page read and write
|
||
|
1FD1007B000
|
heap
|
page read and write
|
||
|
1FD10113000
|
heap
|
page read and write
|
||
|
1FD02613000
|
heap
|
page read and write
|
||
|
28EB26C7000
|
heap
|
page read and write
|
||
|
25B7CE76000
|
heap
|
page read and write
|
||
|
1FD0FFD0000
|
trusted library allocation
|
page read and write
|
||
|
1FD1008B000
|
heap
|
page read and write
|
||
|
5C51F7F000
|
stack
|
page read and write
|
||
|
21AD9E02000
|
heap
|
page read and write
|
||
|
26B26540000
|
remote allocation
|
page read and write
|
||
|
25B7CE6B000
|
heap
|
page read and write
|
||
|
1FD023D0000
|
heap
|
page read and write
|
||
|
10080FA000
|
stack
|
page read and write
|
||
|
1925663C000
|
heap
|
page read and write
|
||
|
28EB24F0000
|
heap
|
page read and write
|
||
|
1FD15881000
|
heap
|
page read and write
|
||
|
25B7CE48000
|
heap
|
page read and write
|
||
|
90A79FE000
|
stack
|
page read and write
|
||
|
1FD1587B000
|
heap
|
page read and write
|
||
|
2C5A5045000
|
heap
|
page read and write
|
||
|
25B7CE68000
|
heap
|
page read and write
|
||
|
1FD10077000
|
heap
|
page read and write
|
||
|
1FD10B18000
|
heap
|
page read and write
|
||
|
21AD9BE0000
|
heap
|
page read and write
|
||
|
1FD10B00000
|
heap
|
page read and write
|
||
|
1FD10B02000
|
heap
|
page read and write
|
||
|
194FA502000
|
heap
|
page read and write
|
||
|
1FD027E5000
|
heap
|
page read and write
|
||
|
26B26600000
|
heap
|
page read and write
|
||
|
1FD15A08000
|
trusted library allocation
|
page read and write
|
||
|
1FD02F54000
|
heap
|
page read and write
|
||
|
1FD155A0000
|
trusted library allocation
|
page read and write
|
||
|
1007CAB000
|
stack
|
page read and write
|
||
|
1DBF49E0000
|
trusted library allocation
|
page read and write
|
||
|
194FA2D0000
|
heap
|
page read and write
|
||
|
1FD02713000
|
heap
|
page read and write
|
||
|
D7A87FF000
|
stack
|
page read and write
|
||
|
21AD9E00000
|
heap
|
page read and write
|
||
|
1008379000
|
stack
|
page read and write
|
||
|
1FD15863000
|
heap
|
page read and write
|
||
|
26B2663D000
|
heap
|
page read and write
|
||
|
1DBF3D79000
|
heap
|
page read and write
|
||
|
26B26626000
|
heap
|
page read and write
|
||
|
1DBF49F0000
|
heap
|
page readonly
|
||
|
10081FE000
|
stack
|
page read and write
|
||
|
1FD0268D000
|
heap
|
page read and write
|
||
|
1FD02691000
|
heap
|
page read and write
|
||
|
21AD9F18000
|
heap
|
page read and write
|
||
|
28EB2670000
|
heap
|
page read and write
|
||
|
1FD15A00000
|
trusted library allocation
|
page read and write
|
||
|
26B26510000
|
trusted library allocation
|
page read and write
|
||
|
14059F9000
|
stack
|
page read and write
|
||
|
1FD15BA0000
|
trusted library allocation
|
page read and write
|
||
|
1FD15750000
|
trusted library allocation
|
page read and write
|
||
|
10087FF000
|
stack
|
page read and write
|
||
|
4A9027F000
|
stack
|
page read and write
|
||
|
1FD10B18000
|
heap
|
page read and write
|
||
|
1FD1575A000
|
trusted library allocation
|
page read and write
|
||
|
1FD15770000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE5E000
|
heap
|
page read and write
|
||
|
9C122FC000
|
stack
|
page read and write
|
||
|
1DBF4790000
|
trusted library allocation
|
page read and write
|
||
|
9C1257D000
|
stack
|
page read and write
|
||
|
1FD02F90000
|
heap
|
page read and write
|
||
|
1FD155E0000
|
trusted library allocation
|
page read and write
|
||
|
2C5A5A02000
|
trusted library allocation
|
page read and write
|
||
|
1FD0FF30000
|
heap
|
page read and write
|
||
|
19256E02000
|
trusted library allocation
|
page read and write
|
||
|
1405AFE000
|
stack
|
page read and write
|
||
|
1FD0266E000
|
heap
|
page read and write
|
||
|
4C82FE000
|
stack
|
page read and write
|
||
|
81EBBBE000
|
stack
|
page read and write
|
||
|
1FD10B59000
|
heap
|
page read and write
|
||
|
81EC17F000
|
stack
|
page read and write
|
||
|
25B7CF02000
|
heap
|
page read and write
|
||
|
1FD02643000
|
heap
|
page read and write
|
||
|
28EB263E000
|
heap
|
page read and write
|
||
|
1FD1588E000
|
heap
|
page read and write
|
||
|
19256440000
|
heap
|
page read and write
|
||
|
1FD15885000
|
heap
|
page read and write
|
||
|
1FD10B59000
|
heap
|
page read and write
|
||
|
21AD9E57000
|
heap
|
page read and write
|
||
|
1DBF4720000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE85000
|
heap
|
page read and write
|
||
|
81EBB3E000
|
stack
|
page read and write
|
||
|
28EB2480000
|
heap
|
page read and write
|
||
|
1FD02FBC000
|
heap
|
page read and write
|
||
|
19256613000
|
heap
|
page read and write
|
||
|
1FD0268A000
|
heap
|
page read and write
|
||
|
1FD0FFE0000
|
trusted library section
|
page read and write
|
||
|
1FD100BC000
|
heap
|
page read and write
|
||
|
1FD10A15000
|
heap
|
page read and write
|
||
|
1FD0263D000
|
heap
|
page read and write
|
||
|
1FD1003F000
|
heap
|
page read and write
|
||
|
26B26654000
|
heap
|
page read and write
|
||
|
19256679000
|
heap
|
page read and write
|
||
|
194FA454000
|
heap
|
page read and write
|
||
|
1FD15AA0000
|
remote allocation
|
page read and write
|
||
|
4A8FD7F000
|
stack
|
page read and write
|
||
|
1FD15770000
|
trusted library allocation
|
page read and write
|
||
|
1DBF4A10000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE6C000
|
heap
|
page read and write
|
||
|
21AD9DE0000
|
remote allocation
|
page read and write
|
||
|
1FD100A0000
|
heap
|
page read and write
|
||
|
5C5227D000
|
stack
|
page read and write
|
||
|
1FD111F0000
|
trusted library section
|
page readonly
|
||
|
1FD10094000
|
heap
|
page read and write
|
||
|
25B7CE61000
|
heap
|
page read and write
|
||
|
25B7CE2A000
|
heap
|
page read and write
|
||
|
1FD10B18000
|
heap
|
page read and write
|
||
|
1FD02F22000
|
heap
|
page read and write
|
||
|
28EB2702000
|
heap
|
page read and write
|
||
|
28EB2F00000
|
heap
|
page read and write
|
||
|
1FD10102000
|
heap
|
page read and write
|
||
|
1DBF3B16000
|
heap
|
page read and write
|
||
|
1FD15A70000
|
trusted library allocation
|
page read and write
|
||
|
F33EDFE000
|
stack
|
page read and write
|
||
|
21AD9F02000
|
heap
|
page read and write
|
||
|
1DBF3B1E000
|
heap
|
page read and write
|
||
|
4C7FFB000
|
stack
|
page read and write
|
||
|
25B7CE41000
|
heap
|
page read and write
|
||
|
90A75FF000
|
stack
|
page read and write
|
||
|
25B7CE6E000
|
heap
|
page read and write
|
||
|
1FD15A90000
|
trusted library allocation
|
page read and write
|
||
|
1FD15780000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE3E000
|
heap
|
page read and write
|
||
|
28EB26C9000
|
heap
|
page read and write
|
||
|
25B7CE62000
|
heap
|
page read and write
|
||
|
1FD15740000
|
trusted library allocation
|
page read and write
|
||
|
1DBF3B1E000
|
heap
|
page read and write
|
||
|
4A8FFFE000
|
stack
|
page read and write
|
||
|
1DBF4730000
|
trusted library allocation
|
page read and write
|
||
|
28EB26E1000
|
heap
|
page read and write
|
||
|
4A8F87E000
|
stack
|
page read and write
|
||
|
4A9047A000
|
stack
|
page read and write
|
||
|
F33E9DB000
|
stack
|
page read and write
|
||
|
1DBF3D80000
|
trusted library allocation
|
page read and write
|
||
|
19256600000
|
heap
|
page read and write
|
||
|
2C5A4F20000
|
heap
|
page read and write
|
||
|
28EB2F14000
|
heap
|
page read and write
|
||
|
25B7CE75000
|
heap
|
page read and write
|
||
|
194FA513000
|
heap
|
page read and write
|
||
|
1FD10C00000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE2E000
|
heap
|
page read and write
|
||
|
1FD03013000
|
heap
|
page read and write
|
||
|
25B7CE26000
|
heap
|
page read and write
|
||
|
21AD9E2A000
|
heap
|
page read and write
|
||
|
25B7CE46000
|
heap
|
page read and write
|
||
|
1FD10000000
|
heap
|
page read and write
|
||
|
21AD9E47000
|
heap
|
page read and write
|
||
|
25B7CE63000
|
heap
|
page read and write
|
||
|
1FD0FF40000
|
heap
|
page read and write
|
||
|
1FD15A80000
|
trusted library allocation
|
page read and write
|
||
|
1FD15A27000
|
trusted library allocation
|
page read and write
|
||
|
1FD02629000
|
heap
|
page read and write
|
||
|
1FD0262F000
|
heap
|
page read and write
|
||
|
1FD027B9000
|
heap
|
page read and write
|
||
|
1FD155C0000
|
trusted library allocation
|
page read and write
|
||
|
90A777C000
|
stack
|
page read and write
|
||
|
90A78FF000
|
stack
|
page read and write
|
||
|
1FD10029000
|
heap
|
page read and write
|
||
|
194FA429000
|
heap
|
page read and write
|
||
|
1DBF3950000
|
heap
|
page read and write
|
||
|
1FD100FE000
|
heap
|
page read and write
|
||
|
28EB25F0000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE5D000
|
heap
|
page read and write
|
||
|
D7A88FF000
|
stack
|
page read and write
|
||
|
2C5A5000000
|
heap
|
page read and write
|
||
|
194FA43D000
|
heap
|
page read and write
|
||
|
4A902FF000
|
stack
|
page read and write
|
||
|
192565A0000
|
trusted library allocation
|
page read and write
|
||
|
194FAE02000
|
trusted library allocation
|
page read and write
|
||
|
28EB2687000
|
heap
|
page read and write
|
||
|
25B7CE32000
|
heap
|
page read and write
|
||
|
28EB2713000
|
heap
|
page read and write
|
||
|
1FD10B13000
|
heap
|
page read and write
|
||
|
19256628000
|
heap
|
page read and write
|
||
|
25B7CC90000
|
heap
|
page read and write
|
||
|
4A9037F000
|
stack
|
page read and write
|
||
|
F33EEF9000
|
stack
|
page read and write
|
||
|
1FD10B59000
|
heap
|
page read and write
|
||
|
D7A847B000
|
stack
|
page read and write
|
||
|
1FD02F22000
|
heap
|
page read and write
|
||
|
100867E000
|
stack
|
page read and write
|
||
|
25B7CE5F000
|
heap
|
page read and write
|
||
|
1FD15740000
|
trusted library allocation
|
page read and write
|
||
|
25B7CE3C000
|
heap
|
page read and write
|
||
|
1FD10F00000
|
trusted library allocation
|
page read and write
|
||
|
28EB2629000
|
heap
|
page read and write
|
||
|
21AD9DA0000
|
trusted library allocation
|
page read and write
|
||
|
1FD15C10000
|
trusted library allocation
|
page read and write
|
||
|
4C81FB000
|
stack
|
page read and write
|
||
|
25B7CE78000
|
heap
|
page read and write
|
||
|
194FA2E0000
|
heap
|
page read and write
|
||
|
25B7CE30000
|
heap
|
page read and write
|
||
|
1DBF3960000
|
trusted library allocation
|
page read and write
|
||
|
21AD9E13000
|
heap
|
page read and write
|
||
|
25B7CE47000
|
heap
|
page read and write
|
||
|
2C5A503E000
|
heap
|
page read and write
|
||
|
5C51E7A000
|
stack
|
page read and write
|
||
|
4A8FF7B000
|
stack
|
page read and write
|
||
|
81EC27E000
|
stack
|
page read and write
|
||
|
1FD1008F000
|
heap
|
page read and write
|
||
|
192564A0000
|
heap
|
page read and write
|
||
|
25B7CE00000
|
heap
|
page read and write
|
||
|
1FD11210000
|
trusted library section
|
page readonly
|
||
|
21AD9E89000
|
heap
|
page read and write
|
||
|
25B7CE65000
|
heap
|
page read and write
|
||
|
5C5247E000
|
stack
|
page read and write
|
||
|
10086FF000
|
stack
|
page read and write
|
||
|
26B26E02000
|
trusted library allocation
|
page read and write
|
||
|
1FD11220000
|
trusted library section
|
page readonly
|
||
|
1FD15757000
|
trusted library allocation
|
page read and write
|
||
|
1FD15755000
|
trusted library allocation
|
page read and write
|
||
|
5C5207C000
|
stack
|
page read and write
|
||
|
1FD15784000
|
trusted library allocation
|
page read and write
|
||
|
1FD15C10000
|
trusted library allocation
|
page read and write
|
||
|
1FD0266B000
|
heap
|
page read and write
|
||
|
5C5257F000
|
stack
|
page read and write
|
||
|
1FD15750000
|
trusted library allocation
|
page read and write
|
||
|
4A8FE7A000
|
stack
|
page read and write
|
||
|
19256602000
|
heap
|
page read and write
|
||
|
1FD110F0000
|
trusted library allocation
|
page read and write
|
||
|
21AD9E3E000
|
heap
|
page read and write
|
||
|
1DBF3B1E000
|
heap
|
page read and write
|
There are 417 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://traffmen.ru/wb?keyword=eicar%20pdf%20test%20file
|