IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\CFHIIJDB
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\DGHJEHJJDAAAKEBGCFCAAAAEHC
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\ECAKECAE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\GDAAKFIDGIEGDGDHIDAK
ASCII text, with very long lines (1743), with CRLF line terminators
dropped
C:\ProgramData\HJKJKKKJJJKJKFHJJJJECBFCGH
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\IECGHJKKJDHIEBFHCAKE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\JDHIEBFHCAKEHIDGHCBA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\chrome.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4c549b71-3f7c-4be6-ba39-455e45ac3d27.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\824de9c2-5b30-413b-a7d8-fe4a78338781.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8c3d8d32-d304-48be-9141-3ef9ac3de9ba.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8d81be77-b121-4203-942c-25633b101f05.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\b674c202-ea43-4136-befe-108991e28d46.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-672138ED-2D8.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\213016c3-757f-476e-ada2-19c8359c8a7e.tmp
Unicode text, UTF-8 text, with very long lines (17458), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7c24b909-bae5-49cd-b7c1-a5419a1b31cf.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8e2cf063-4481-4cb3-b992-1de4efa2fd3f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\90c4f671-eddc-46a7-8b98-d883dd46071a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9ce7475e-66cf-4c68-9d1b-0f82073d8d6c.tmp
Unicode text, UTF-8 text, with very long lines (17293), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\074fc30f-8df7-461b-9c44-7a9a3035feaa.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1c13fb3e-3d24-4316-81a3-4fe6fd8d6121.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2629d5d8-cd13-4550-8e95-b20ae04db19a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\541bfbb3-30eb-4387-b774-c54dafb359a7.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7e115c34-a7fc-400e-9ce4-4d30147e08d8.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF403e4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF4bd12.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3aff8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3bcd9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a279d403-3a24-4c75-bef5-394b364e4daf.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\fabf4fc4-5a9f-49d5-b876-39f23146014f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3e792.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF43360.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4a871.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3e9d4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4197f.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374704112052977
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\754baf6b-db61-40be-ab67-147c81cf7c9c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7ab7d476-ab23-48a5-8fb7-abf55fd91b55.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7f83709c-f2de-48a0-a5ed-c4c1b5498e48.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State~RF403e4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3bce8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b52c0344-c41a-4f7c-8607-adb60f16556d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c232aa0c-89d7-49a2-843d-21f39db4861f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\be5725b1-78c7-4b5a-baee-b2d260ce1949.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d8e3ab56-efeb-42c4-8faf-b345cb6f4124.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\df3ac458-1c72-4776-82f3-06bad2f737e7.tmp
Unicode text, UTF-8 text, with very long lines (17458), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fb87c77b-3069-414b-91f3-f89f860c15b9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39490.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF395b9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39730.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3be30.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3fc91.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4a7b6.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF505d3.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\af0768db-8965-46b5-ad3d-5a020dbeb1e7.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cf24d14a-9c24-4ce5-abd1-e04c4963b5cb.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f5540284-ef72-412d-a129-50c1762c32b2.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fe3f4aad-5998-4ab6-8e73-e4338643ca95.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\5c708f62-09d3-4f9a-bd97-737e4ba9634d.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\91c0b7d7-aecd-403e-afc9-4969434ad99f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\a18dfb7c-68e6-40dd-af39-48836a50a830.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\a6308168-846e-4d78-ae32-9ca54c532ee9.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\e2ea4a12-f6e8-42f1-ad73-f00ea561f929.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\e5ef11ce-e4cc-4b22-876c-5806573ecb50.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
dropped
C:\Users\user\AppData\Local\Temp\f3c650b4-379c-4c51-94f7-f133b593457a.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1699653336\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1699653336\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1699653336\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1699653336\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1699653336\e2ea4a12-f6e8-42f1-ad73-f00ea561f929.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3700)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3705)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir728_1777356720\f3c650b4-379c-4c51-94f7-f133b593457a.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:35:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:35:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:35:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:35:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 29 18:35:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm
data
dropped
Chrome Cache Entry: 468
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 469
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 470
ASCII text, with very long lines (2644)
downloaded
Chrome Cache Entry: 471
ASCII text
downloaded
Chrome Cache Entry: 472
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 473
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 474
SVG Scalable Vector Graphics image
downloaded
There are 285 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2692 --field-trial-handle=2548,i,8434431473266901981,1364443360911766042,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=2072,i,11562433093495282818,3155282962993123888,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7076 --field-trial-handle=2072,i,11562433093495282818,3155282962993123888,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7236 --field-trial-handle=2072,i,11562433093495282818,3155282962993123888,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7200 --field-trial-handle=2072,i,11562433093495282818,3155282962993123888,262144 /prefetch:8
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2840 --field-trial-handle=2088,i,1954043668539771639,8201722500257745172,262144 /prefetch:8

URLs

Name
IP
Malicious
http://185.215.113.206/
185.215.113.206
 malicious
http://185.215.113.206/6c4adf523b719729.php
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/softokn3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/freebl3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/mozglue.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/nss3.dll
185.215.113.206
 malicious
https://duckduckgo.com/chrome_newtab
unknown
https://google-ohttp-relay-join.fastly-edge.com/)
unknown
https://duckduckgo.com/ac/?q=
unknown
https://google-ohttp-relay-join.fastly-edge.com/3
unknown
https://permanently-removed.invalid/oauth2/v2/tokeninfo
unknown
https://google-ohttp-relay-join.fastly-edge.com/0
unknown
https://ntp.msn.com/0
unknown
http://anglebug.com/4633
unknown
http://185.215.113.206)
unknown
https://anglebug.com/7382
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
unknown
https://issuetracker.google.com/284462263
unknown
https://google-ohttp-relay-join.fastly-edge.com/:
unknown
https://deff.nelreports.net/api/report?cat=msn
23.218.232.154
https://google-ohttp-relay-join.fastly-edge.com/=
unknown
https://publickeyservice.gcp.privacysandboxservices.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/G
unknown
http://polymer.github.io/AUTHORS.txt
unknown
https://docs.google.com/
unknown
http://185.215.113.206/746f34465cf17784/nss3.dllOwBl
unknown
https://google-ohttp-relay-join.fastly-edge.com/E
unknown
https://publickeyservice.pa.aws.privacysandboxservices.com
unknown
https://www.youtube.com
unknown
https://photos.google.com/settings?referrer=CHROME_NTP
unknown
https://anglebug.com/7714
unknown
https://www.instagram.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/H
unknown
https://google-ohttp-relay-join.fastly-edge.com/O
unknown
https://google-ohttp-relay-join.fastly-edge.com/L
unknown
https://google-ohttp-relay-join.fastly-edge.com/R
unknown
https://photos.google.com?referrer=CHROME_NTP
unknown
http://185.215.113.206/6c4adf523b719729.php024
unknown
https://google-ohttp-relay-join.fastly-edge.com/V
unknown
https://drive.google.com/?lfhs=2
unknown
http://anglebug.com/6248
unknown
https://ogs.google.com/widget/callout?eom=1
unknown
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
https://google-ohttp-relay-join.fastly-edge.com/Y
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
http://anglebug.com/6929
unknown
https://google-ohttp-relay-join.fastly-edge.com/c
unknown
http://185.215.113.206/746f34465cf17784/softokn3.dll6phm
unknown
http://anglebug.com/5281
unknown
https://i.y.qq.com/n2/m/index.html
unknown
https://www.deezer.com/
unknown
https://www.youtube.com/?feature=ytca
unknown
https://google-ohttp-relay-join.fastly-edge.com/g
unknown
https://google-ohttp-relay-join.fastly-edge.com/f
unknown
https://issuetracker.google.com/255411748
unknown
https://web.telegram.org/
unknown
https://permanently-removed.invalid/oauth2/v4/token
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
https://duckduckgo.com/?q=
unknown
https://chrome.google.com/webstore
unknown
https://drive-daily-2.corp.google.com/
unknown
http://polymer.github.io/PATENTS.txt
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730230520716&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.23
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://api.msn.com/auth/cookie/appanon?apikey=1hYoJsIRvPEnSkk0hlnJF2092mHqiz7xFenIFKa9uc&ocid=authconstants-peregrine&activityId=8731449F-A998-4646-A5D1-482B211350CC&scn=app_anon
131.253.33.203
https://issuetracker.google.com/161903006
unknown
https://www.ecosia.org/newtab/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://drive-daily-5.corp.google.com/
unknown
https://duckduckgo.com/favicon.ico
unknown
https://docs.google.com/spreadsheets/
unknown
https://permanently-removed.invalid/chrome/blank.html
unknown
http://anglebug.com/3078
unknown
http://anglebug.com/7553
unknown
https://bzib.nelreports.net/api/report?cat=bingbusiness
23.218.232.170
http://anglebug.com/5375
unknown
https://permanently-removed.invalid/v1/issuetoken
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
142.250.181.238
http://anglebug.com/5371
unknown
http://anglebug.com/4722
unknown
https://permanently-removed.invalid/reauth/v1beta/users/
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
unknown
http://anglebug.com/7556
unknown
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
unknown
https://chromewebstore.google.com/
unknown
https://drive-preprod.corp.google.com/
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
unknown
https://chrome.google.com/webstore/
unknown
https://publickeyservice.pa.gcp.privacysandboxservices.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/&
unknown
https://permanently-removed.invalid/RotateBoundCookies
unknown
http://anglebug.com/6692
unknown
https://issuetracker.google.com/258207403
unknown
http://anglebug.com/3502
unknown
http://anglebug.com/3623
unknown
https://www.office.com
unknown
http://anglebug.com/3625
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
172.64.41.3
plus.l.google.com
142.250.181.238
play.google.com
142.250.185.110
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.244.18.38
www.google.com
142.250.185.228
googlehosted.l.googleusercontent.com
142.250.185.225
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
apis.google.com
unknown
api.msn.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.5
unknown
unknown
malicious
185.215.113.206
unknown
Portugal
malicious
23.222.241.154
unknown
United States
142.250.185.228
www.google.com
United States
142.250.185.225
googlehosted.l.googleusercontent.com
United States
20.125.209.212
unknown
United States
162.159.61.3
unknown
United States
23.47.50.133
unknown
United States
108.156.211.59
unknown
United States
23.198.7.25
unknown
United States
23.218.232.154
unknown
United States
142.250.185.110
play.google.com
United States
4.150.155.223
unknown
United States
23.222.241.140
unknown
United States
18.244.18.38
sb.scorecardresearch.com
United States
239.255.255.250
unknown
Reserved
20.75.60.91
unknown
United States
127.0.0.1
unknown
unknown
152.195.19.97
unknown
United States
131.253.33.203
unknown
United States
142.250.181.238
plus.l.google.com
United States
204.79.197.219
unknown
United States
172.64.41.3
chrome.cloudflare-dns.com
United States
13.107.246.57
unknown
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
20.189.173.23
unknown
United States
23.218.232.170
unknown
United States
There are 17 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263332
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263332
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263332
WindowTabManagerFileMappingId
There are 95 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
B51000
unkown
page execute and read and write
 malicious
13BE000
heap
page read and write
 malicious
4F20000
direct allocation
page read and write
 malicious
7BCC003E0000
trusted library allocation
page read and write
5BAC00848000
trusted library allocation
page read and write
7BCC0028C000
trusted library allocation
page read and write
12240258C000
trusted library allocation
page read and write
1D688000
heap
page read and write
1E6E9C7A000
heap
page read and write
7BCC001CC000
trusted library allocation
page read and write
122403F30000
trusted library allocation
page read and write
4724003C4000
trusted library allocation
page read and write
122404C44000
trusted library allocation
page read and write
5BAC0080C000
trusted library allocation
page read and write
4AB0000
heap
page read and write
371BBFE000
unkown
page read and write
1224037A4000
trusted library allocation
page read and write
373ABFE000
stack
page read and write
122403834000
trusted library allocation
page read and write
47240031C000
trusted library allocation
page read and write
7BCC002B0000
trusted library allocation
page read and write
1904B813000
heap
page read and write
122403B50000
trusted library allocation
page read and write
AB4000
heap
page read and write
122402494000
trusted library allocation
page read and write
122403CCC000
trusted library allocation
page read and write
1390000
direct allocation
page execute and read and write
122403C30000
trusted library allocation
page read and write
122402E94000
trusted library allocation
page read and write
4AA1000
heap
page read and write
5BAC00868000
trusted library allocation
page read and write
1224037A4000
trusted library allocation
page read and write
1224034F0000
trusted library allocation
page read and write
122403C8C000
trusted library allocation
page read and write
122403034000
trusted library allocation
page read and write
122403E14000
trusted library allocation
page read and write
238DB000
heap
page read and write
122400218000
trusted library allocation
page read and write
4AA1000
heap
page read and write
7BCC00224000
trusted library allocation
page read and write
122403900000
trusted library allocation
page read and write
1224031D8000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
19049A9F000
heap
page read and write
372DBFE000
stack
page read and write
373BBFE000
stack
page read and write
122403BEC000
trusted library allocation
page read and write
1224039C8000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
36DE000
stack
page read and write
1D6A0000
heap
page read and write
7BCC001D8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
137E000
stack
page read and write
1D694000
heap
page read and write
7BCC0024C000
trusted library allocation
page read and write
122403978000
trusted library allocation
page read and write
46DF000
stack
page read and write
5BAC006F4000
trusted library allocation
page read and write
122403B10000
trusted library allocation
page read and write
2E57000
heap
page read and write
122403860000
trusted library allocation
page read and write
122403547000
trusted library allocation
page read and write
19053C02000
heap
page read and write
3A9E000
stack
page read and write
122403E10000
trusted library allocation
page read and write
1904B987000
heap
page read and write
1E6E9CB0000
heap
page read and write
122402540000
trusted library allocation
page read and write
7BCC0041C000
trusted library allocation
page read and write
122403134000
trusted library allocation
page read and write
4BA0000
trusted library allocation
page read and write
19049B27000
heap
page read and write
122403D90000
trusted library allocation
page read and write
1D68F000
heap
page read and write
122403230000
trusted library allocation
page read and write
5F7000303000
direct allocation
page read and write
122403C3C000
trusted library allocation
page read and write
6CFE9000
unkown
page readonly
122403C60000
trusted library allocation
page read and write
1904C5C0000
unkown
page read and write
2D58002A4000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
37293FE000
unkown
page readonly
1224024A8000
trusted library allocation
page read and write
1E6E9653000
heap
page read and write
122403270000
trusted library allocation
page read and write
1224034C0000
trusted library allocation
page read and write
7BCC00390000
trusted library allocation
page read and write
12240258C000
trusted library allocation
page read and write
122403574000
trusted library allocation
page read and write
122402918000
trusted library allocation
page read and write
345E000
stack
page read and write
1E6E9C60000
heap
page read and write
4AA1000
heap
page read and write
122403574000
trusted library allocation
page read and write
1224034A8000
trusted library allocation
page read and write
61EB7000
direct allocation
page readonly
A8E000
stack
page read and write
2D58002B0000
trusted library allocation
page read and write
1904B9C3000
heap
page read and write
12240401C000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
122403FBC000
trusted library allocation
page read and write
1D0EE000
stack
page read and write
1D69E000
heap
page read and write
1224023F4000
trusted library allocation
page read and write
12240262C000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
7BCC0040C000
trusted library allocation
page read and write
1E6E9C53000
heap
page read and write
5BAC00974000
trusted library allocation
page read and write
122403CA4000
trusted library allocation
page read and write
122404C50000
trusted library allocation
page read and write
122403750000
trusted library allocation
page read and write
122403B98000
trusted library allocation
page read and write
7BCC00450000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
12240318A000
trusted library allocation
page read and write
5F7000316000
direct allocation
page read and write
472400358000
trusted library allocation
page read and write
2E5E000
heap
page read and write
122403F34000
trusted library allocation
page read and write
4AA1000
heap
page read and write
5F7000328000
direct allocation
page read and write
122403F48000
trusted library allocation
page read and write
122404140000
trusted library allocation
page read and write
122403FD8000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
1D6A3000
heap
page read and write
4AA1000
heap
page read and write
7BCC00294000
trusted library allocation
page read and write
3736BFD000
stack
page read and write
1904B90F000
heap
page read and write
19049B30000
heap
page read and write
19049AF9000
heap
page read and write
7278002A8000
trusted library allocation
page read and write
CBE000
unkown
page execute and read and write
19049AA1000
heap
page read and write
122403C74000
trusted library allocation
page read and write
122403B94000
trusted library allocation
page read and write
AB4000
heap
page read and write
1E6E9C65000
heap
page read and write
1E6E9C7A000
heap
page read and write
1904B940000
heap
page read and write
122404188000
trusted library allocation
page read and write
2D58002A0000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
37243FE000
unkown
page readonly
5F7000294000
direct allocation
page read and write
122403F5C000
trusted library allocation
page read and write
122403DB8000
trusted library allocation
page read and write
5060000
direct allocation
page execute and read and write
7BCC0020C000
trusted library allocation
page read and write
13A0000
direct allocation
page execute and read and write
23930000
trusted library allocation
page read and write
5F7000250000
direct allocation
page read and write
1224039B8000
trusted library allocation
page read and write
1224040A8000
trusted library allocation
page read and write
5F70002D0000
direct allocation
page read and write
7278002F0000
trusted library allocation
page read and write
12240368C000
trusted library allocation
page read and write
122403D18000
trusted library allocation
page read and write
122402FD4000
trusted library allocation
page read and write
1224036E1000
trusted library allocation
page read and write
1904B934000
heap
page read and write
122403C4C000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
369F000
stack
page read and write
7BCC001F0000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122403900000
trusted library allocation
page read and write
122402E94000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
7BCC00040000
trusted library allocation
page read and write
472400424000
trusted library allocation
page read and write
1224023D4000
trusted library allocation
page read and write
122403540000
trusted library allocation
page read and write
3A5F000
stack
page read and write
1224040D0000
trusted library allocation
page read and write
1E6E9C4A000
heap
page read and write
23870000
heap
page read and write
1E6E9C96000
heap
page read and write
1E6E964F000
heap
page read and write
1904B932000
heap
page read and write
3745BFE000
stack
page read and write
7BCC000E8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D6A3000
heap
page read and write
122403E18000
trusted library allocation
page read and write
B40000
direct allocation
page read and write
5F7000244000
direct allocation
page read and write
122402FC8000
trusted library allocation
page read and write
122403B78000
trusted library allocation
page read and write
122403FEC000
trusted library allocation
page read and write
122403655000
trusted library allocation
page read and write
122403B20000
trusted library allocation
page read and write
AB4000
heap
page read and write
1CFAF000
stack
page read and write
5BAC007E4000
trusted library allocation
page read and write
7BCC00401000
trusted library allocation
page read and write
1E6E9C6C000
heap
page read and write
7278002B4000
trusted library allocation
page read and write
4AA1000
heap
page read and write
AB4000
heap
page read and write
4AA1000
heap
page read and write
472400350000
trusted library allocation
page read and write
1D694000
heap
page read and write
122403174000
trusted library allocation
page read and write
190499A0000
heap
page read and write
1E6E9CA1000
heap
page read and write
7BCC0040C000
trusted library allocation
page read and write
1D37D000
stack
page read and write
61ED3000
direct allocation
page read and write
6C7AF000
unkown
page readonly
122403DE8000
trusted library allocation
page read and write
122403B38000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
122403554000
trusted library allocation
page read and write
122403AFC000
trusted library allocation
page read and write
122403FF4000
trusted library allocation
page read and write
1D6A0000
heap
page read and write
12240242C000
trusted library allocation
page read and write
1E6E964A000
heap
page read and write
7278002B4000
trusted library allocation
page read and write
5F70002EC000
direct allocation
page read and write
1904B92B000
heap
page read and write
122404084000
trusted library allocation
page read and write
1904B9C4000
heap
page read and write
19049980000
heap
page readonly
4AA1000
heap
page read and write
5BAC0082C000
trusted library allocation
page read and write
122403D60000
trusted library allocation
page read and write
37253FE000
unkown
page readonly
4AA1000
heap
page read and write
5060000
direct allocation
page execute and read and write
122403834000
trusted library allocation
page read and write
122403088000
trusted library allocation
page read and write
122403DA4000
trusted library allocation
page read and write
32DF000
stack
page read and write
4AA1000
heap
page read and write
472400284000
trusted library allocation
page read and write
122403534000
trusted library allocation
page read and write
1224023F0000
trusted library allocation
page read and write
3D1E000
stack
page read and write
1904B9D3000
heap
page read and write
1904B930000
heap
page read and write
1E6E9659000
heap
page read and write
1D68A000
heap
page read and write
5F7000234000
direct allocation
page read and write
7278002A0000
trusted library allocation
page read and write
37303FE000
unkown
page readonly
7BCC002A4000
trusted library allocation
page read and write
122403676000
trusted library allocation
page read and write
122403088000
trusted library allocation
page read and write
122403CC8000
trusted library allocation
page read and write
1224039D4000
trusted library allocation
page read and write
1904B9AD000
heap
page read and write
1E6E964A000
heap
page read and write
1D693000
heap
page read and write
122404024000
trusted library allocation
page read and write
7278002A8000
trusted library allocation
page read and write
1E6E9C53000
heap
page read and write
122403FA8000
trusted library allocation
page read and write
372EBFE000
stack
page read and write
1E6E9CA5000
heap
page read and write
1E6E965F000
heap
page read and write
122403900000
trusted library allocation
page read and write
5BAC00878000
trusted library allocation
page read and write
1E6E9C60000
heap
page read and write
1904B96D000
heap
page read and write
AB4000
heap
page read and write
122402418000
trusted library allocation
page read and write
1D679000
heap
page read and write
5BAC00828000
trusted library allocation
page read and write
3728BFD000
stack
page read and write
19049B2B000
heap
page read and write
7BCC0026C000
trusted library allocation
page read and write
122403C0C000
trusted library allocation
page read and write
1224036E0000
trusted library allocation
page read and write
5BAC006AC000
trusted library allocation
page read and write
1D68A000
heap
page read and write
4AA1000
heap
page read and write
37213FE000
unkown
page readonly
AB4000
heap
page read and write
7BCC002F0000
trusted library allocation
page read and write
122403254000
trusted library allocation
page read and write
1224038DC000
trusted library allocation
page read and write
19052870000
trusted library allocation
page read and write
19053C00000
heap
page read and write
122403D14000
trusted library allocation
page read and write
7BCC000D8000
trusted library allocation
page read and write
1D6A2000
heap
page read and write
1E6E965B000
heap
page read and write
5060000
direct allocation
page execute and read and write
122403BC0000
trusted library allocation
page read and write
1224037B2000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
4AA1000
heap
page read and write
23850000
heap
page read and write
122403B9C000
trusted library allocation
page read and write
122403860000
trusted library allocation
page read and write
6C7F0000
unkown
page read and write
7BCC003A4000
trusted library allocation
page read and write
7BCC00214000
trusted library allocation
page read and write
4F5C000
stack
page read and write
122403A30000
trusted library allocation
page read and write
1D67A000
heap
page read and write
4AC0000
heap
page read and write
7BCC00368000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1904B9B8000
heap
page read and write
4AA1000
heap
page read and write
122403990000
trusted library allocation
page read and write
122402540000
trusted library allocation
page read and write
373D3FE000
unkown
page readonly
122403D28000
trusted library allocation
page read and write
122403F38000
trusted library allocation
page read and write
5BAC006E0000
trusted library allocation
page read and write
5BAC008A8000
trusted library allocation
page read and write
122403545000
trusted library allocation
page read and write
5BAC009C4000
trusted library allocation
page read and write
4AA1000
heap
page read and write
5BAC006C8000
trusted library allocation
page read and write
122402540000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
6C602000
unkown
page readonly
122403554000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1224037F8000
trusted library allocation
page read and write
122403C18000
trusted library allocation
page read and write
8FD000
stack
page read and write
122403B34000
trusted library allocation
page read and write
23B4E000
heap
page read and write
122402FC8000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
5BAC008E4000
trusted library allocation
page read and write
4724002F1000
trusted library allocation
page read and write
391F000
stack
page read and write
122402498000
trusted library allocation
page read and write
122404030000
trusted library allocation
page read and write
727800264000
trusted library allocation
page read and write
481F000
stack
page read and write
1224024A8000
trusted library allocation
page read and write
1224040A0000
trusted library allocation
page read and write
1224024F0000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122402EAC000
trusted library allocation
page read and write
1D55E000
stack
page read and write
2D58002A0000
trusted library allocation
page read and write
1D692000
heap
page read and write
371EBFE000
stack
page read and write
B7C000
unkown
page execute and read and write
6C571000
unkown
page execute read
1D6A3000
heap
page read and write
1E6E9C99000
heap
page read and write
61ECC000
direct allocation
page read and write
122403B3C000
trusted library allocation
page read and write
122403E48000
trusted library allocation
page read and write
1D682000
heap
page read and write
1D670000
heap
page read and write
727800201000
trusted library allocation
page read and write
4724003A0000
trusted library allocation
page read and write
727800248000
trusted library allocation
page read and write
122403615000
trusted library allocation
page read and write
1E6E9658000
heap
page read and write
37403FE000
unkown
page readonly
122402DCC000
trusted library allocation
page read and write
7BCC00240000
trusted library allocation
page read and write
5F7000230000
direct allocation
page read and write
6CFE7000
unkown
page read and write
6CF41000
unkown
page execute read
5BAC008C4000
trusted library allocation
page read and write
7278002B4000
trusted library allocation
page read and write
7BCC000A0000
trusted library allocation
page read and write
1E6E9CC6000
heap
page read and write
1D691000
heap
page read and write
122404070000
trusted library allocation
page read and write
12240320C000
trusted library allocation
page read and write
1224038B8000
trusted library allocation
page read and write
5BAC00818000
trusted library allocation
page read and write
37463FE000
unkown
page readonly
12240254C000
trusted library allocation
page read and write
5F7000220000
direct allocation
page read and write
B50000
unkown
page read and write
472400338000
trusted library allocation
page read and write
5BAC007A0000
trusted library allocation
page read and write
122403DBC000
trusted library allocation
page read and write
45DE000
stack
page read and write
122402FD4000
trusted library allocation
page read and write
37373FE000
unkown
page readonly
1D6B2000
heap
page read and write
3720BFE000
stack
page read and write
122403088000
trusted library allocation
page read and write
CF7000
unkown
page execute and read and write
122403BF0000
trusted library allocation
page read and write
1224039A8000
trusted library allocation
page read and write
1D67A000
heap
page read and write
371F3FE000
unkown
page readonly
1D6B2000
heap
page read and write
1224023F8000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403C20000
trusted library allocation
page read and write
122403834000
trusted library allocation
page read and write
122403E0C000
trusted library allocation
page read and write
A4E000
stack
page read and write
122403810000
trusted library allocation
page read and write
5F7000290000
direct allocation
page read and write
19049A9B000
heap
page read and write
373E3FE000
unkown
page readonly
E3A000
unkown
page execute and read and write
499E000
stack
page read and write
5BAC00778000
trusted library allocation
page read and write
37273FE000
unkown
page readonly
1D695000
heap
page read and write
5F70002D8000
direct allocation
page read and write
122402324000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
19049A9F000
heap
page read and write
5F0000
heap
page read and write
2F5F000
stack
page read and write
122403F14000
trusted library allocation
page read and write
122403998000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D691000
heap
page read and write
7BCC00230000
trusted library allocation
page read and write
12240240C000
trusted library allocation
page read and write
19049A5C000
heap
page read and write
1904B971000
heap
page read and write
12240254C000
trusted library allocation
page read and write
7BCC00314000
trusted library allocation
page read and write
472400288000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
122403CA0000
trusted library allocation
page read and write
7BCC00280000
trusted library allocation
page read and write
727800288000
trusted library allocation
page read and write
472400230000
trusted library allocation
page read and write
7BCC00190000
trusted library allocation
page read and write
1224028F8000
trusted library allocation
page read and write
122403320000
trusted library allocation
page read and write
7BCC001E4000
trusted library allocation
page read and write
61ED4000
direct allocation
page readonly
1224034F0000
trusted library allocation
page read and write
5BAC0078C000
trusted library allocation
page read and write
122403D50000
trusted library allocation
page read and write
DB8000
unkown
page execute and read and write
122403734000
trusted library allocation
page read and write
122403578000
trusted library allocation
page read and write
122403230000
trusted library allocation
page read and write
7BCC0016C000
trusted library allocation
page read and write
1904B943000
heap
page read and write
7BCC00254000
trusted library allocation
page read and write
5BAC0071C000
trusted library allocation
page read and write
1E6E9C65000
heap
page read and write
1D682000
heap
page read and write
1904B98D000
heap
page read and write
37223FE000
unkown
page readonly
122403CA8000
trusted library allocation
page read and write
7BCC00201000
trusted library allocation
page read and write
472400210000
trusted library allocation
page read and write
1224023E0000
trusted library allocation
page read and write
122403884000
trusted library allocation
page read and write
12240319C000
trusted library allocation
page read and write
7BCC001F8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
A90000
direct allocation
page read and write
7BCC00424000
trusted library allocation
page read and write
395E000
stack
page read and write
1D6B0000
heap
page read and write
5BAC00408000
trusted library allocation
page read and write
1904B930000
heap
page read and write
7BCC00094000
trusted library allocation
page read and write
122403834000
trusted library allocation
page read and write
5F7000284000
direct allocation
page read and write
5F7000212000
direct allocation
page read and write
1498000
heap
page read and write
7278002B4000
trusted library allocation
page read and write
122403A30000
trusted library allocation
page read and write
4AA1000
heap
page read and write
6C570000
unkown
page readonly
341F000
stack
page read and write
19049A9F000
heap
page read and write
AB4000
heap
page read and write
122402500000
trusted library allocation
page read and write
7BCC003D0000
trusted library allocation
page read and write
12240415C000
trusted library allocation
page read and write
122403CAC000
trusted library allocation
page read and write
7278002B4000
trusted library allocation
page read and write
122403888000
trusted library allocation
page read and write
3738BFE000
stack
page read and write
122403DD8000
trusted library allocation
page read and write
373CBFC000
stack
page read and write
2D58002A0000
trusted library allocation
page read and write
1E6E9CAA000
heap
page read and write
236F4000
heap
page read and write
1D687000
heap
page read and write
122402E94000
trusted library allocation
page read and write
7BCC000B0000
trusted library allocation
page read and write
3722BFE000
stack
page read and write
47240032C000
trusted library allocation
page read and write
23830000
trusted library allocation
page read and write
7BCC00394000
trusted library allocation
page read and write
37423FE000
unkown
page readonly
A0E000
stack
page read and write
472400430000
trusted library allocation
page read and write
1D780000
trusted library allocation
page read and write
7BCC00284000
trusted library allocation
page read and write
7278002B4000
trusted library allocation
page read and write
AB4000
heap
page read and write
1D68A000
heap
page read and write
10BD000
unkown
page execute and read and write
5BAC0070C000
trusted library allocation
page read and write
1904B9CF000
heap
page read and write
AB4000
heap
page read and write
7BCC001A8000
trusted library allocation
page read and write
122403DC8000
trusted library allocation
page read and write
FB8000
unkown
page execute and read and write
C64000
unkown
page execute and read and write
1E6E965F000
heap
page read and write
7BCC002C0000
trusted library allocation
page read and write
122403D78000
trusted library allocation
page read and write
12240380C000
trusted library allocation
page read and write
4724002D8000
trusted library allocation
page read and write
AB4000
heap
page read and write
1E6E964A000
heap
page read and write
1224040A4000
trusted library allocation
page read and write
1224040E4000
trusted library allocation
page read and write
1CD6E000
stack
page read and write
122403B90000
trusted library allocation
page read and write
449E000
stack
page read and write
1D699000
heap
page read and write
12240241C000
trusted library allocation
page read and write
6C7F5000
unkown
page readonly
122403D08000
trusted library allocation
page read and write
319F000
stack
page read and write
AB4000
heap
page read and write
5BAC008C8000
trusted library allocation
page read and write
4724002A4000
trusted library allocation
page read and write
12240254C000
trusted library allocation
page read and write
122404048000
trusted library allocation
page read and write
1CEAE000
stack
page read and write
1904B9D9000
heap
page read and write
409F000
stack
page read and write
1904B997000
heap
page read and write
122403174000
trusted library allocation
page read and write
7BCC00264000
trusted library allocation
page read and write
122403CC4000
trusted library allocation
page read and write
1D691000
heap
page read and write
5BAC0091C000
trusted library allocation
page read and write
122403C68000
trusted library allocation
page read and write
19049A2F000
heap
page read and write
122403C88000
trusted library allocation
page read and write
37DF000
stack
page read and write
1D6A3000
heap
page read and write
6C7EF000
unkown
page write copy
122402420000
trusted library allocation
page read and write
19049A2C000
heap
page read and write
1E6E9C60000
heap
page read and write
5BAC007AC000
trusted library allocation
page read and write
7BCC0037C000
trusted library allocation
page read and write
37353FE000
unkown
page readonly
1904B9C5000
heap
page read and write
122402524000
trusted library allocation
page read and write
7278002A8000
trusted library allocation
page read and write
4EE0000
heap
page read and write
3726BFE000
stack
page read and write
122402DCC000
trusted library allocation
page read and write
372BBFC000
stack
page read and write
12240406C000
trusted library allocation
page read and write
23B4E000
heap
page read and write
1E6E9CAA000
heap
page read and write
1224035AA000
trusted library allocation
page read and write
53C000
stack
page read and write
5F70002E0000
direct allocation
page read and write
6C5ED000
unkown
page readonly
2D58002C0000
trusted library allocation
page read and write
1D65D000
stack
page read and write
1D68A000
heap
page read and write
5BAC0079C000
trusted library allocation
page read and write
8F2000
stack
page read and write
7BCC0000C000
trusted library allocation
page read and write
122403D68000
trusted library allocation
page read and write
5BAC007C0000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403C7C000
trusted library allocation
page read and write
122403A0C000
trusted library allocation
page read and write
4AA1000
heap
page read and write
7BCC00054000
trusted library allocation
page read and write
122403F94000
trusted library allocation
page read and write
122403B8C000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
1224035A0000
trusted library allocation
page read and write
37233FE000
unkown
page readonly
373C3FE000
unkown
page readonly
1904B93B000
heap
page read and write
AB4000
heap
page read and write
122403270000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
5F7000318000
direct allocation
page read and write
19049B02000
heap
page read and write
1E6E965F000
heap
page read and write
1224026B0000
trusted library allocation
page read and write
7BCC00218000
trusted library allocation
page read and write
AB4000
heap
page read and write
19049AC5000
heap
page read and write
122402E94000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
122403B54000
trusted library allocation
page read and write
122403034000
trusted library allocation
page read and write
7BCC0019C000
trusted library allocation
page read and write
122403058000
trusted library allocation
page read and write
AB4000
heap
page read and write
2D58002A0000
trusted library allocation
page read and write
122402DCC000
trusted library allocation
page read and write
122402324000
trusted library allocation
page read and write
373A3FE000
unkown
page readonly
7BCC001E8000
trusted library allocation
page read and write
122403574000
trusted library allocation
page read and write
7BCC000CC000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
AB4000
heap
page read and write
1904B923000
heap
page read and write
1904B932000
heap
page read and write
7BCC00250000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
371CBFF000
stack
page read and write
122403894000
trusted library allocation
page read and write
7BCC00288000
trusted library allocation
page read and write
5BAC0081C000
trusted library allocation
page read and write
7BCC0014C000
trusted library allocation
page read and write
381E000
stack
page read and write
1E6E9C48000
heap
page read and write
1224030D4000
trusted library allocation
page read and write
1904B953000
heap
page read and write
12240402C000
trusted library allocation
page read and write
122402694000
trusted library allocation
page read and write
19049B02000
heap
page read and write
122403834000
trusted library allocation
page read and write
19049A9B000
heap
page read and write
1224040AC000
trusted library allocation
page read and write
122403B0C000
trusted library allocation
page read and write
1D682000
heap
page read and write
435E000
stack
page read and write
5F7000311000
direct allocation
page read and write
122404090000
trusted library allocation
page read and write
122403C48000
trusted library allocation
page read and write
122403B88000
trusted library allocation
page read and write
122403BC8000
trusted library allocation
page read and write
122403CF0000
trusted library allocation
page read and write
122403F60000
trusted library allocation
page read and write
1904B996000
heap
page read and write
1E6E964A000
heap
page read and write
122402E88000
trusted library allocation
page read and write
1E6E9CAF000
heap
page read and write
4AA1000
heap
page read and write
122403540000
trusted library allocation
page read and write
1D68A000
heap
page read and write
5BAC0039C000
trusted library allocation
page read and write
5F7000201000
direct allocation
page read and write
7BCC00368000
trusted library allocation
page read and write
1D68A000
heap
page read and write
122403568000
trusted library allocation
page read and write
1E6E9658000
heap
page read and write
19049ACD000
heap
page read and write
2E4F000
stack
page read and write
7BCC00314000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1904B9CF000
heap
page read and write
472400360000
trusted library allocation
page read and write
3E1F000
stack
page read and write
37343FE000
unkown
page readonly
3742BFE000
stack
page read and write
12240249E000
trusted library allocation
page read and write
122403CE8000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
1E6E9C7E000
heap
page read and write
1402000
heap
page read and write
122404020000
trusted library allocation
page read and write
12240380C000
trusted library allocation
page read and write
122403DDC000
trusted library allocation
page read and write
1E6E9CA5000
heap
page read and write
1E6E9C6C000
heap
page read and write
7BCC00444000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
7BCC001E0000
trusted library allocation
page read and write
B51000
unkown
page execute and write copy
5BAC00248000
trusted library allocation
page read and write
122403660000
trusted library allocation
page read and write
122402630000
trusted library allocation
page read and write
2D58002C0000
trusted library allocation
page read and write
122402E94000
trusted library allocation
page read and write
7278002B8000
trusted library allocation
page read and write
37393FE000
unkown
page readonly
C36000
unkown
page execute and read and write
122403094000
trusted library allocation
page read and write
727800260000
trusted library allocation
page read and write
1D67A000
heap
page read and write
AB4000
heap
page read and write
122403D8C000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122404190000
trusted library allocation
page read and write
12240340C000
trusted library allocation
page read and write
122402E94000
trusted library allocation
page read and write
19049AA8000
heap
page read and write
1224038B8000
trusted library allocation
page read and write
122403134000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
122403654000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
2D58002C0000
trusted library allocation
page read and write
145C000
heap
page read and write
2D58002C0000
trusted library allocation
page read and write
6C7EE000
unkown
page read and write
1D694000
heap
page read and write
122403CF4000
trusted library allocation
page read and write
7BCC00234000
trusted library allocation
page read and write
495F000
stack
page read and write
122402DD0000
trusted library allocation
page read and write
727800294000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
12240369A000
trusted library allocation
page read and write
7BCC002A0000
trusted library allocation
page read and write
1224040CC000
trusted library allocation
page read and write
5F7000270000
direct allocation
page read and write
5080000
direct allocation
page execute and read and write
7BCC00270000
trusted library allocation
page read and write
4AA1000
heap
page read and write
7BCC00140000
trusted library allocation
page read and write
7BCC00290000
trusted library allocation
page read and write
1E6E9C6C000
heap
page read and write
1D68D000
heap
page read and write
1D68E000
heap
page read and write
1904B900000
heap
page read and write
122402674000
trusted library allocation
page read and write
122403F84000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
122403F14000
trusted library allocation
page read and write
19049B58000
heap
page read and write
41DF000
stack
page read and write
6CFA1000
unkown
page readonly
AB4000
heap
page read and write
12240258E000
trusted library allocation
page read and write
12240254C000
trusted library allocation
page read and write
5BAC00890000
trusted library allocation
page read and write
122400990000
trusted library allocation
page read and write
7BCC00238000
trusted library allocation
page read and write
1904B99E000
heap
page read and write
3739BFE000
stack
page read and write
7BCC002C0000
trusted library allocation
page read and write
12240354A000
trusted library allocation
page read and write
122403AE4000
trusted library allocation
page read and write
122403E28000
trusted library allocation
page read and write
4A9F000
stack
page read and write
372FBFE000
stack
page read and write
12240396C000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
12240252C000
trusted library allocation
page read and write
122403CB0000
trusted library allocation
page read and write
7BCC00001000
trusted library allocation
page read and write
5F7000210000
direct allocation
page read and write
122403094000
trusted library allocation
page read and write
122403B14000
trusted library allocation
page read and write
727800220000
trusted library allocation
page read and write
19049AF9000
heap
page read and write
4724002B0000
trusted library allocation
page read and write
122403FA4000
trusted library allocation
page read and write
12240258C000
trusted library allocation
page read and write
472400374000
trusted library allocation
page read and write
7BCC00298000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
122402DCC000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
7278002B8000
trusted library allocation
page read and write
AB4000
heap
page read and write
1D22F000
stack
page read and write
1224023B4000
trusted library allocation
page read and write
4AA1000
heap
page read and write
7BCC0017C000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
1D694000
heap
page read and write
19049AB5000
heap
page read and write
122400BF8000
trusted library allocation
page read and write
727800294000
trusted library allocation
page read and write
7BCC0037C000
trusted library allocation
page read and write
7BCC001B8000
trusted library allocation
page read and write
1E6E9654000
heap
page read and write
1E6E9C65000
heap
page read and write
3723BFE000
stack
page read and write
1D78E000
heap
page read and write
122402674000
trusted library allocation
page read and write
23AB0000
trusted library allocation
page read and write
61ECD000
direct allocation
page readonly
122402674000
trusted library allocation
page read and write
122402540000
trusted library allocation
page read and write
2D58002A0000
trusted library allocation
page read and write
1E6E9659000
heap
page read and write
1904B936000
heap
page read and write
19049A13000
heap
page read and write
122403A2C000
trusted library allocation
page read and write
190499C0000
heap
page read and write
122402EAC000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
122403938000
trusted library allocation
page read and write
122403134000
trusted library allocation
page read and write
5F7000308000
direct allocation
page read and write
B50000
unkown
page readonly
19049AE3000
heap
page read and write
7278002A8000
trusted library allocation
page read and write
122402BB0000
trusted library allocation
page read and write
122403894000
trusted library allocation
page read and write
371ABF4000
stack
page read and write
1904B7C0000
trusted library section
page readonly
122403198000
trusted library allocation
page read and write
472400238000
trusted library allocation
page read and write
19049B30000
heap
page read and write
355F000
stack
page read and write
1224023D8000
trusted library allocation
page read and write
472400300000
trusted library allocation
page read and write
122403224000
trusted library allocation
page read and write
19049B60000
heap
page read and write
4AA1000
heap
page read and write
122403538000
trusted library allocation
page read and write
122403CE4000
trusted library allocation
page read and write
1E6E964F000
heap
page read and write
122403D74000
trusted library allocation
page read and write
1D69C000
heap
page read and write
472400408000
trusted library allocation
page read and write
126E000
unkown
page execute and read and write
373FBFE000
stack
page read and write
122402918000
trusted library allocation
page read and write
1E6E964A000
heap
page read and write
7BCC00268000
trusted library allocation
page read and write
7BCC00430000
trusted library allocation
page read and write
1D4BC000
stack
page read and write
7278002A8000
trusted library allocation
page read and write
B3E000
stack
page read and write
12240254C000
trusted library allocation
page read and write
1E6E9C99000
heap
page read and write
5BAC007D0000
trusted library allocation
page read and write
7BCC00260000
trusted library allocation
page read and write
1224024B4000
trusted library allocation
page read and write
122403B64000
trusted library allocation
page read and write
3E5E000
stack
page read and write
7BCC00354000
trusted library allocation
page read and write
122403134000
trusted library allocation
page read and write
122403BAC000
trusted library allocation
page read and write
1904B92B000
heap
page read and write
305F000
stack
page read and write
8F8000
stack
page read and write
23830000
heap
page read and write
1224024F3000
trusted library allocation
page read and write
1E6E9653000
heap
page read and write
122403BC4000
trusted library allocation
page read and write
19049ABA000
heap
page read and write
7BCC00334000
trusted library allocation
page read and write
47240031C000
trusted library allocation
page read and write
122404088000
trusted library allocation
page read and write
AB0000
heap
page read and write
7278002A8000
trusted library allocation
page read and write
472400390000
trusted library allocation
page read and write
1E6E965F000
heap
page read and write
1D68A000
heap
page read and write
1D692000
heap
page read and write
4F4B000
direct allocation
page read and write
7BCC002A8000
trusted library allocation
page read and write
122402414000
trusted library allocation
page read and write
122403224000
trusted library allocation
page read and write
122403088000
trusted library allocation
page read and write
AB4000
heap
page read and write
1D68B000
heap
page read and write
122402E20000
trusted library allocation
page read and write
37433FE000
unkown
page readonly
7BCC0005F000
trusted library allocation
page read and write
19049AA1000
heap
page read and write
122403DAC000
trusted library allocation
page read and write
4724003C0000
trusted library allocation
page read and write
7BCC00334000
trusted library allocation
page read and write
505F000
stack
page read and write
122403F44000
trusted library allocation
page read and write
4AA6000
heap
page read and write
122402494000
trusted library allocation
page read and write
5BAC00830000
trusted library allocation
page read and write
47240025C000
trusted library allocation
page read and write
485E000
stack
page read and write
6C611000
unkown
page execute read
7BCC00074000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1224031B4000
trusted library allocation
page read and write
1D666000
heap
page read and write
4AA1000
heap
page read and write
122403F70000
trusted library allocation
page read and write
4AA1000
heap
page read and write
12240375E000
trusted library allocation
page read and write
40DE000
stack
page read and write
1904B953000
heap
page read and write
5BAC008EC000
trusted library allocation
page read and write
1E6E965F000
heap
page read and write
12240254C000
trusted library allocation
page read and write
1224038B8000
trusted library allocation
page read and write
122403FE0000
trusted library allocation
page read and write
12240262C000
trusted library allocation
page read and write
5BAC00864000
trusted library allocation
page read and write
4AA1000
heap
page read and write
472400404000
trusted library allocation
page read and write
7BCC00248000
trusted library allocation
page read and write
122403D2C000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
1D690000
heap
page read and write
122403180000
trusted library allocation
page read and write
727800230000
trusted library allocation
page read and write
4724002D0000
trusted library allocation
page read and write
122402BB0000
trusted library allocation
page read and write
5BAC00424000
trusted library allocation
page read and write
122403D4C000
trusted library allocation
page read and write
7BCC00210000
trusted library allocation
page read and write
7BCC00020000
trusted library allocation
page read and write
1D66F000
heap
page read and write
122402538000
trusted library allocation
page read and write
23830000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122402500000
trusted library allocation
page read and write
122403D0C000
trusted library allocation
page read and write
1E6E9658000
heap
page read and write
3BDE000
stack
page read and write
122403FC4000
trusted library allocation
page read and write
7BCC00310000
trusted library allocation
page read and write
7BCC002D8000
trusted library allocation
page read and write
1E6E9661000
heap
page read and write
5F7000217000
direct allocation
page read and write
1E6E9CA5000
heap
page read and write
1D697000
heap
page read and write
7BCC000F4000
trusted library allocation
page read and write
1E6E9656000
heap
page read and write
122403D7C000
trusted library allocation
page read and write
19052870000
trusted library allocation
page read and write
3724BFE000
stack
page read and write
1436000
heap
page read and write
1224035A9000
trusted library allocation
page read and write
5BAC00894000
trusted library allocation
page read and write
7BCC00380000
trusted library allocation
page read and write
1224023D0000
trusted library allocation
page read and write
1E6E9659000
heap
page read and write
4724003A8000
trusted library allocation
page read and write
6C5FE000
unkown
page read and write
122403544000
trusted library allocation
page read and write
372D3FE000
unkown
page readonly
122402434000
trusted library allocation
page read and write
31DE000
stack
page read and write
37283FE000
unkown
page readonly
5070000
direct allocation
page execute and read and write
1224031B4000
trusted library allocation
page read and write
372CBFD000
stack
page read and write
1D690000
heap
page read and write
1D68E000
heap
page read and write
19049AC3000
heap
page read and write
122402918000
trusted library allocation
page read and write
1D68A000
heap
page read and write
1419000
heap
page read and write
1D6B2000
heap
page read and write
1D694000
heap
page read and write
122403675000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
1224040B4000
trusted library allocation
page read and write
4724002C4000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
47240040C000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403270000
trusted library allocation
page read and write
122403244000
trusted library allocation
page read and write
472400308000
trusted library allocation
page read and write
472400401000
trusted library allocation
page read and write
1D697000
heap
page read and write
122402FC8000
trusted library allocation
page read and write
5BAC00898000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122402BB0000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403F80000
trusted library allocation
page read and write
1224035B8000
trusted library allocation
page read and write
15AF000
stack
page read and write
472400201000
trusted library allocation
page read and write
4AA1000
heap
page read and write
61EB4000
direct allocation
page read and write
421E000
stack
page read and write
7BCC002D8000
trusted library allocation
page read and write
122403BB0000
trusted library allocation
page read and write
1E6E9C60000
heap
page read and write
7BCC0043C000
trusted library allocation
page read and write
122403230000
trusted library allocation
page read and write
3727BFC000
stack
page read and write
122404074000
trusted library allocation
page read and write
122404134000
trusted library allocation
page read and write
122402674000
trusted library allocation
page read and write
47240020C000
trusted library allocation
page read and write
7BCC0049C000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
122403B24000
trusted library allocation
page read and write
19049950000
heap
page read and write
122403860000
trusted library allocation
page read and write
1D67A000
heap
page read and write
122403568000
trusted library allocation
page read and write
122402FD4000
trusted library allocation
page read and write
122403534000
trusted library allocation
page read and write
7278002D8000
trusted library allocation
page read and write
122403E64000
trusted library allocation
page read and write
12240354C000
trusted library allocation
page read and write
12240404C000
trusted library allocation
page read and write
5A0000
heap
page read and write
AB4000
heap
page read and write
122403DB0000
trusted library allocation
page read and write
5BAC00728000
trusted library allocation
page read and write
7BCC002E4000
trusted library allocation
page read and write
122403F98000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
1D671000
heap
page read and write
122403088000
trusted library allocation
page read and write
1224026C8000
trusted library allocation
page read and write
13B0000
heap
page read and write
5BAC0085C000
trusted library allocation
page read and write
1D6A3000
heap
page read and write
12240254C000
trusted library allocation
page read and write
4AA1000
heap
page read and write
19049ABB000
heap
page read and write
1224032A4000
trusted library allocation
page read and write
AB4000
heap
page read and write
1E6E61CE000
heap
page read and write
7BCC002D8000
trusted library allocation
page read and write
122403AE0000
trusted library allocation
page read and write
B40000
direct allocation
page read and write
7BCC00340000
trusted library allocation
page read and write
7BCC0022C000
trusted library allocation
page read and write
727800294000
trusted library allocation
page read and write
7BCC002F0000
trusted library allocation
page read and write
1D69C000
heap
page read and write
122403740000
trusted library allocation
page read and write
7278002B4000
trusted library allocation
page read and write
5F7000274000
direct allocation
page read and write
122403838000
trusted library allocation
page read and write
122403224000
trusted library allocation
page read and write
122403254000
trusted library allocation
page read and write
7278002E4000
trusted library allocation
page read and write
122403C78000
trusted library allocation
page read and write
4724003AC000
trusted library allocation
page read and write
7278002FC000
trusted library allocation
page read and write
1224023DC000
trusted library allocation
page read and write
5F70002A8000
direct allocation
page read and write
1D699000
heap
page read and write
1224039B8000
trusted library allocation
page read and write
1E6E9C7A000
heap
page read and write
372F3FE000
unkown
page readonly
23795000
heap
page read and write
7BCC0021C000
trusted library allocation
page read and write
5BAC0040C000
trusted library allocation
page read and write
122403BDC000
trusted library allocation
page read and write
1D671000
heap
page read and write
122402428000
trusted library allocation
page read and write
1D68E000
heap
page read and write
7BCC0040F000
trusted library allocation
page read and write
4724003BC000
trusted library allocation
page read and write
727800270000
trusted library allocation
page read and write
122402FD4000
trusted library allocation
page read and write
61E01000
direct allocation
page execute read
122403554000
trusted library allocation
page read and write
D98000
unkown
page execute and read and write
1D67C000
heap
page read and write
122402538000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
78C400244000
direct allocation
page read and write
2D58002D8000
trusted library allocation
page read and write
727800238000
trusted library allocation
page read and write
1224040B0000
trusted library allocation
page read and write
5BAC00844000
trusted library allocation
page read and write
5F700021C000
direct allocation
page read and write
AB4000
heap
page read and write
1904B802000
heap
page read and write
5BAC008F0000
trusted library allocation
page read and write
12240394C000
trusted library allocation
page read and write
3F5F000
stack
page read and write
122403B4C000
trusted library allocation
page read and write
431F000
stack
page read and write
1E6E9C3F000
heap
page read and write
122402FC8000
trusted library allocation
page read and write
1224004FE000
trusted library allocation
page read and write
5F70002D0000
direct allocation
page read and write
122402E94000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122403074000
trusted library allocation
page read and write
12240391C000
trusted library allocation
page read and write
7BCC002E4000
trusted library allocation
page read and write
122403B60000
trusted library allocation
page read and write
122403B68000
trusted library allocation
page read and write
122402500000
trusted library allocation
page read and write
5BAC00860000
trusted library allocation
page read and write
122403DB4000
trusted library allocation
page read and write
37413FE000
unkown
page readonly
122402500000
trusted library allocation
page read and write
12240380C000
trusted library allocation
page read and write
7BCC00258000
trusted library allocation
page read and write
1D68F000
heap
page read and write
12240416C000
trusted library allocation
page read and write
472400320000
trusted library allocation
page read and write
1224039D4000
trusted library allocation
page read and write
2D58002C0000
trusted library allocation
page read and write
5BAC006AC000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D12E000
stack
page read and write
122403FDC000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
CEB000
unkown
page execute and read and write
122403C40000
trusted library allocation
page read and write
1CE6F000
stack
page read and write
5BAC0087C000
trusted library allocation
page read and write
12240366C000
trusted library allocation
page read and write
122402674000
trusted library allocation
page read and write
12240349C000
trusted library allocation
page read and write
2D58002C8000
trusted library allocation
page read and write
7BCC00084000
trusted library allocation
page read and write
122403DE0000
trusted library allocation
page read and write
1E6E9CAA000
heap
page read and write
37383FE000
unkown
page readonly
5BAC00850000
trusted library allocation
page read and write
1224023E4000
trusted library allocation
page read and write
10D5000
unkown
page execute and write copy
4AA1000
heap
page read and write
7BCC002D8000
trusted library allocation
page read and write
61ED0000
direct allocation
page read and write
12240354B000
trusted library allocation
page read and write
122403540000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
1224040C8000
trusted library allocation
page read and write
47240027C000
trusted library allocation
page read and write
47240039C000
trusted library allocation
page read and write
3741BFE000
stack
page read and write
37443FE000
unkown
page readonly
122402674000
trusted library allocation
page read and write
AB4000
heap
page read and write
1D67A000
heap
page read and write
1E6E9CA1000
heap
page read and write
1E6E9CAA000
heap
page read and write
122403980000
trusted library allocation
page read and write
10D4000
unkown
page execute and write copy
5F70002AC000
direct allocation
page read and write
4AA1000
heap
page read and write
CCB000
unkown
page execute and read and write
122400092000
trusted library allocation
page read and write
19049A6A000
heap
page read and write
AB4000
heap
page read and write
1224041F4000
trusted library allocation
page read and write
4AA1000
heap
page read and write
A90000
direct allocation
page read and write
122403568000
trusted library allocation
page read and write
47240032C000
trusted library allocation
page read and write
472400290000
trusted library allocation
page read and write
1D697000
heap
page read and write
122403568000
trusted library allocation
page read and write
5BAC007E0000
trusted library allocation
page read and write
372E3FE000
unkown
page readonly
122400094000
trusted library allocation
page read and write
1E6E9CA5000
heap
page read and write
2D5800248000
trusted library allocation
page read and write
122403540000
trusted library allocation
page read and write
7278002B8000
trusted library allocation
page read and write
7BCC00120000
trusted library allocation
page read and write
AB4000
heap
page read and write
7BCC00114000
trusted library allocation
page read and write
3743BFE000
stack
page read and write
5090000
direct allocation
page execute and read and write
122403CEC000
trusted library allocation
page read and write
5BAC007D4000
trusted library allocation
page read and write
AB4000
heap
page read and write
5BAC00788000
trusted library allocation
page read and write
122403660000
trusted library allocation
page read and write
122402430000
trusted library allocation
page read and write
5F70002C0000
direct allocation
page read and write
12240401C000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
5BAC008E8000
trusted library allocation
page read and write
3B9F000
stack
page read and write
1224034A9000
trusted library allocation
page read and write
1224036F5000
trusted library allocation
page read and write
19049AD2000
heap
page read and write
1D6AE000
heap
page read and write
122404068000
trusted library allocation
page read and write
AB4000
heap
page read and write
7BCC002AC000
trusted library allocation
page read and write
122403D64000
trusted library allocation
page read and write
4AA1000
heap
page read and write
122403F58000
trusted library allocation
page read and write
122404044000
trusted library allocation
page read and write
5BAC007BC000
trusted library allocation
page read and write
122403838000
trusted library allocation
page read and write
1E6E9CA1000
heap
page read and write
122403BE0000
trusted library allocation
page read and write
122403574000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1224039C8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
13BA000
heap
page read and write
7278002C8000
trusted library allocation
page read and write
373DBFD000
stack
page read and write
AB4000
heap
page read and write
122403C44000
trusted library allocation
page read and write
122403164000
trusted library allocation
page read and write
7278002A8000
trusted library allocation
page read and write
5BAC00790000
trusted library allocation
page read and write
1904B9A8000
heap
page read and write
1D6A0000
heap
page read and write
122403A2C000
trusted library allocation
page read and write
1904B938000
heap
page read and write
372B3FE000
unkown
page readonly
727800250000
trusted library allocation
page read and write
1224038DC000
trusted library allocation
page read and write
109C000
unkown
page execute and read and write
122403254000
trusted library allocation
page read and write
1D660000
heap
page read and write
12240349C000
trusted library allocation
page read and write
1D68A000
heap
page read and write
7BCC002F0000
trusted library allocation
page read and write
4AA1000
heap
page read and write
3733BFE000
stack
page read and write
122403FB8000
trusted library allocation
page read and write
2D58002A4000
trusted library allocation
page read and write
122403C1C000
trusted library allocation
page read and write
61E00000
direct allocation
page execute and read and write
1E6E964B000
heap
page read and write
727800278000
trusted library allocation
page read and write
122402918000
trusted library allocation
page read and write
122402E4C000
trusted library allocation
page read and write
1D674000
heap
page read and write
5BAC00418000
trusted library allocation
page read and write
1E6E9C53000
heap
page read and write
122403588000
trusted library allocation
page read and write
5BAC006C8000
trusted library allocation
page read and write
23B54000
heap
page read and write
1D670000
heap
page read and write
3734BFE000
stack
page read and write
1E6E9C99000
heap
page read and write
122402FD4000
trusted library allocation
page read and write
7BCC001F4000
trusted library allocation
page read and write
122403734000
trusted library allocation
page read and write
122403DA8000
trusted library allocation
page read and write
4AA0000
heap
page read and write
372C3FE000
unkown
page readonly
1D68D000
heap
page read and write
AB4000
heap
page read and write
122403FF8000
trusted library allocation
page read and write
19049B2B000
heap
page read and write
7BCC00228000
trusted library allocation
page read and write
122403088000
trusted library allocation
page read and write
1E6E9657000
heap
page read and write
AB4000
heap
page read and write
1224038DC000
trusted library allocation
page read and write
122403094000
trusted library allocation
page read and write
122402BB0000
trusted library allocation
page read and write
5BAC008F4000
trusted library allocation
page read and write
122403094000
trusted library allocation
page read and write
727800235000
trusted library allocation
page read and write
122403B08000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403D3C000
trusted library allocation
page read and write
AFC000
stack
page read and write
190499E0000
trusted library allocation
page read and write
1904B92E000
heap
page read and write
5F7000260000
direct allocation
page read and write
1380000
direct allocation
page execute and read and write
122403174000
trusted library allocation
page read and write
19049A43000
heap
page read and write
2D58002A0000
trusted library allocation
page read and write
1E6E9C53000
heap
page read and write
1E6E964A000
heap
page read and write
122403B7C000
trusted library allocation
page read and write
4AA1000
heap
page read and write
23B56000
heap
page read and write
7BCC002E4000
trusted library allocation
page read and write
12240319C000
trusted library allocation
page read and write
5BAC00884000
trusted library allocation
page read and write
4AA1000
heap
page read and write
4AA1000
heap
page read and write
10D4000
unkown
page execute and read and write
122403AE0000
trusted library allocation
page read and write
10C6000
unkown
page execute and read and write
5BAC006AC000
trusted library allocation
page read and write
19049A00000
heap
page read and write
6CF40000
unkown
page readonly
122403174000
trusted library allocation
page read and write
1D682000
heap
page read and write
238DD000
heap
page read and write
7BCC00076000
trusted library allocation
page read and write
472400364000
trusted library allocation
page read and write
1E6E9CCE000
heap
page read and write
122403900000
trusted library allocation
page read and write
5BAC006E8000
trusted library allocation
page read and write
122403684000
trusted library allocation
page read and write
122403AF8000
trusted library allocation
page read and write
7BCC00240000
trusted library allocation
page read and write
C99000
unkown
page execute and read and write
5BAC0039C000
trusted library allocation
page read and write
122402918000
trusted library allocation
page read and write
7BCC003B0000
trusted library allocation
page read and write
122403094000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
1E6E9C45000
heap
page read and write
122403594000
trusted library allocation
page read and write
122403244000
trusted library allocation
page read and write
472400284000
trusted library allocation
page read and write
239AE000
stack
page read and write
1D6B2000
heap
page read and write
1D68A000
heap
page read and write
122403D38000
trusted library allocation
page read and write
122402DD0000
trusted library allocation
page read and write
1224039B0000
trusted library allocation
page read and write
122403568000
trusted library allocation
page read and write
7BCC001C4000
trusted library allocation
page read and write
1904B99B000
heap
page read and write
23B46000
heap
page read and write
1224039C8000
trusted library allocation
page read and write
122403034000
trusted library allocation
page read and write
122403549000
trusted library allocation
page read and write
1224032C8000
trusted library allocation
page read and write
5F7000280000
direct allocation
page read and write
727800294000
trusted library allocation
page read and write
1D6A3000
heap
page read and write
1D67A000
heap
page read and write
5F7000215000
direct allocation
page read and write
4AA1000
heap
page read and write
331E000
stack
page read and write
122404134000
trusted library allocation
page read and write
12240408C000
trusted library allocation
page read and write
12240386C000
trusted library allocation
page read and write
1D6A3000
heap
page read and write
4AA1000
heap
page read and write
122404034000
trusted library allocation
page read and write
1E6E9CA1000
heap
page read and write
7BCC001EC000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
1904B958000
heap
page read and write
122403088000
trusted library allocation
page read and write
4AA1000
heap
page read and write
12240319C000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
7BCC00220000
trusted library allocation
page read and write
7BCC004A8000
trusted library allocation
page read and write
1D68A000
heap
page read and write
122403AE8000
trusted library allocation
page read and write
7BCC00108000
trusted library allocation
page read and write
19049B13000
heap
page read and write
7BCC002CC000
trusted library allocation
page read and write
23930000
trusted library allocation
page read and write
122402410000
trusted library allocation
page read and write
122404204000
trusted library allocation
page read and write
1D6B2000
heap
page read and write
1224023B4000
trusted library allocation
page read and write
1D684000
heap
page read and write
1224030D4000
trusted library allocation
page read and write
1E6E965F000
heap
page read and write
1224040E0000
trusted library allocation
page read and write
727800294000
trusted library allocation
page read and write
7BCC002CC000
trusted library allocation
page read and write
472400380000
trusted library allocation
page read and write
122403D40000
trusted library allocation
page read and write
7BCC00130000
trusted library allocation
page read and write
AB4000
heap
page read and write
122403088000
trusted library allocation
page read and write
2D58002E4000
trusted library allocation
page read and write
A90000
direct allocation
page read and write
359E000
stack
page read and write
122403C9C000
trusted library allocation
page read and write
122402918000
trusted library allocation
page read and write
472400418000
trusted library allocation
page read and write
122403D94000
trusted library allocation
page read and write
1D67A000
heap
page read and write
5F700024C000
direct allocation
page read and write
7BCC002FC000
trusted library allocation
page read and write
122402FC8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D6B1000
heap
page read and write
7278002A8000
trusted library allocation
page read and write
471E000
stack
page read and write
1D6AA000
heap
page read and write
7278002B4000
trusted library allocation
page read and write
122403BB4000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
2E5B000
heap
page read and write
122402500000
trusted library allocation
page read and write
727800274000
trusted library allocation
page read and write
12240340C000
trusted library allocation
page read and write
7278002F8000
trusted library allocation
page read and write
3F9E000
stack
page read and write
1904B9CF000
heap
page read and write
DBE000
unkown
page execute and read and write
472400344000
trusted library allocation
page read and write
122403876000
trusted library allocation
page read and write
122402EAC000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
7BCC00068000
trusted library allocation
page read and write
122402538000
trusted library allocation
page read and write
5BAC0060C000
trusted library allocation
page read and write
122402494000
trusted library allocation
page read and write
373B3FE000
unkown
page readonly
727800210000
trusted library allocation
page read and write
122403C50000
trusted library allocation
page read and write
12240254C000
trusted library allocation
page read and write
5F700030A000
direct allocation
page read and write
122402E94000
trusted library allocation
page read and write
6C610000
unkown
page readonly
7BCC002B0000
trusted library allocation
page read and write
12240257C000
trusted library allocation
page read and write
1D693000
heap
page read and write
1D699000
heap
page read and write
1D687000
heap
page read and write
122402E48000
trusted library allocation
page read and write
1E6E9C65000
heap
page read and write
1E6E964A000
heap
page read and write
4AA1000
heap
page read and write
12240254C000
trusted library allocation
page read and write
7BCC0025C000
trusted library allocation
page read and write
7BCC00244000
trusted library allocation
page read and write
3721BFE000
stack
page read and write
5F70002D8000
direct allocation
page read and write
590000
heap
page read and write
1D690000
heap
page read and write
A90000
direct allocation
page read and write
7BCC00104000
trusted library allocation
page read and write
1224023EC000
trusted library allocation
page read and write
4AA1000
heap
page read and write
7BCC001DC000
trusted library allocation
page read and write
3CDF000
stack
page read and write
1D3BE000
stack
page read and write
4AA1000
heap
page read and write
122402496000
trusted library allocation
page read and write
7BCC0015C000
trusted library allocation
page read and write
1D6A3000
heap
page read and write
1E6E9C6C000
heap
page read and write
3740BFE000
stack
page read and write
459F000
stack
page read and write
12240319C000
trusted library allocation
page read and write
122402EB1000
trusted library allocation
page read and write
122403089000
trusted library allocation
page read and write
19049AA1000
heap
page read and write
122403C64000
trusted library allocation
page read and write
7BCC00324000
trusted library allocation
page read and write
7BCC002CC000
trusted library allocation
page read and write
122403254000
trusted library allocation
page read and write
472400220000
trusted library allocation
page read and write
372ABFD000
stack
page read and write
1D687000
heap
page read and write
1224031D8000
trusted library allocation
page read and write
122402424000
trusted library allocation
page read and write
122403D10000
trusted library allocation
page read and write
1224038DC000
trusted library allocation
page read and write
23AAF000
stack
page read and write
122403594000
trusted library allocation
page read and write
7BCC0023C000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D68A000
heap
page read and write
4724002F4000
trusted library allocation
page read and write
7BCC003C0000
trusted library allocation
page read and write
1224023E8000
trusted library allocation
page read and write
4AA1000
heap
page read and write
1D68A000
heap
page read and write
4AA1000
heap
page read and write
1CFEE000
stack
page read and write
445F000
stack
page read and write
122402540000
trusted library allocation
page read and write
1904B92E000
heap
page read and write
122402540000
trusted library allocation
page read and write
472400248000
trusted library allocation
page read and write
5F700031C000
direct allocation
page read and write
7BCC00378000
trusted library allocation
page read and write
2E50000
heap
page read and write
122403AE0000
trusted library allocation
page read and write
472400310000
trusted library allocation
page read and write
472400250000
trusted library allocation
page read and write
12240258C000
trusted library allocation
page read and write
7BCC0029C000
trusted library allocation
page read and write
122403164000
trusted library allocation
page read and write
12240254C000
trusted library allocation
page read and write
5BAC002FC000
trusted library allocation
page read and write
7BCC003BC000
trusted library allocation
page read and write
309E000
stack
page read and write
122403508000
trusted library allocation
page read and write
1224040B8000
trusted library allocation
page read and write
19049970000
heap
page read and write
CFA000
unkown
page execute and read and write
AB4000
heap
page read and write
122403F64000
trusted library allocation
page read and write
122403BCC000
trusted library allocation
page read and write
1D27E000
stack
page read and write
3737BFE000
stack
page read and write
19049A8F000
heap
page read and write
There are 1484 hidden memdumps, click here to show them.