IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\BAAAAKJKJEBGHJKFHIDG
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\BAAFBFBA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\BKKJKFBK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\CGCFIIEBKEGHJJJJJJDA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\GCAEHDBAAECBFHJKFCFBFIDHIJ
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\HIIIDAKKJJJKKECAKKJE
ASCII text, with very long lines (1717), with CRLF line terminators
dropped
C:\ProgramData\KEHCGCGCFHIDBFHIIJKJKKEGII
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\chrome.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\06d146e9-560e-4597-8f65-29ae2bd62f8f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2a48d049-9a53-4335-84ee-e034ff814b7f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\42e70bee-1f97-42f4-8b38-9de247bc9cc4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\909f726e-37f5-4346-ac4e-dbded7a19105.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6721A943-1F08.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1480aa01-b68e-4e9f-b5a8-dd7f9f310329.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\49edbdaf-c000-451c-9301-ed10cc5f5057.tmp
Unicode text, UTF-8 text, with very long lines (17320), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5ee75ad0-2e9f-4d13-ae33-834c97a433c8.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\65f5ecf1-3651-4db0-aa15-0acc116e6545.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7c935076-339c-4eca-894d-00ccebe3ecd2.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9901935f-d8de-4bbd-8666-03ce5481bfc9.tmp
Unicode text, UTF-8 text, with very long lines (17155), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\12c3a6c6-8fae-4904-b0ab-9937dfd302c1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\3488b69a-dbd6-480d-914c-065ac35ec26e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\3bbff737-fee1-4f86-8c03-01c1324bf772.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7e7c4381-19ed-4df1-9930-be7dfee9487e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF4c792.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 9
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3b77a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3ca46.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3ce3e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a48f4126-e4d6-45fa-88b2-29d078f62188.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\aa7d496d-d6be-4e89-b5b0-90b850d4d0a4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\bd7e206a-07fe-44e4-a80f-a18f01e7b8b1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3f3b8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF43e5d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4b39d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3f127.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF42845.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374732870589234
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\1474fb2b-ef5e-41e6-b66c-aabfa95b6f13.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\1c8e2e8c-7bb5-46be-8745-a1ecb2934a7f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\411b8e37-d539-4482-87c9-2f9b7c7fbce2.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\9cb75f9c-8323-40f4-8c3d-44fc6cf0c656.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3ca46.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3ce3e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d50683b9-7f06-4c18-b96c-b5e79dc78298.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c284e24c-c265-49b9-ae88-cd748581bd90.tmp
Unicode text, UTF-8 text, with very long lines (17320), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e107fd91-3219-4235-b0a5-44ffbf9b65d3.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fac64d7b-5a23-41c0-ad82-72415a820d4c.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3a0e4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3a133.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3a2e8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c95c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40423.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4b37d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF50fd6.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\aa395365-bf4f-4824-b6a2-b259e7cb1a0c.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b112552e-fd18-4e50-9331-611a7a8399d4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b3b3f965-640c-41f1-a5f4-e354c791533a.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c162308f-3640-4606-92bb-88cf54827776.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d0c88adb-822c-47d3-8b13-f3398debb21d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\1cb2f0ed-6aa0-4e68-89d6-10a5fff50dc2.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\319a8914-092c-4ff5-8b69-d93c70ab254f.tmp
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\49d1f00d-ead4-42cb-b087-0e33d44ab6a6.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\5914a1af-fa98-402f-a488-254ea87994a4.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\69a50da5-ef88-4862-b715-d53db29b9f49.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\b2409fb0-3872-4479-8f6a-245597112adf.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41924
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\d6e95aee-0643-4091-9898-bab6749ea70d.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_2127225288\5914a1af-fa98-402f-a488-254ea87994a4.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_2127225288\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_2127225288\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_2127225288\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_2127225288\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\69a50da5-ef88-4862-b715-d53db29b9f49.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3700)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7944_378368955\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3705)
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
data
dropped
Chrome Cache Entry: 447
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 448
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 449
ASCII text, with very long lines (2777)
downloaded
Chrome Cache Entry: 450
ASCII text
downloaded
Chrome Cache Entry: 451
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 452
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 453
SVG Scalable Vector Graphics image
downloaded
There are 278 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2840 --field-trial-handle=2604,i,16310004041728458876,8717839349625017858,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7192 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7344 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6084 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6084 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7388 --field-trial-handle=1984,i,10115348211612690469,17519687364744320367,262144 /prefetch:8
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 --field-trial-handle=2328,i,13610718325922863357,13994508100536033247,262144 /prefetch:8
There are 2 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.206/
185.215.113.206
 malicious
http://185.215.113.206/6c4adf523b719729.php
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/softokn3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/freebl3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/mozglue.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/nss3.dll
185.215.113.206
 malicious
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://permanently-removed.invalid/oauth2/v2/tokeninfo
unknown
https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhone
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730259282014&w=0&anoncknm=app_anon&NoResponseBody=true
52.182.143.208
http://anglebug.com/4633
unknown
https://anglebug.com/7382
unknown
https://issuetracker.google.com/284462263
unknown
https://google-ohttp-relay-join.fastly-edge.com/j~
unknown
https://deff.nelreports.net/api/report?cat=msn
23.218.232.154
https://google-ohttp-relay-join.fastly-edge.com/I~
unknown
https://ntp.msn.cn/edge/ntp
unknown
https://publickeyservice.gcp.privacysandboxservices.com
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730259282025&w=0&anoncknm=app_anon&NoResponseBody=true
52.182.143.208
http://polymer.github.io/AUTHORS.txt
unknown
https://docs.google.com/
unknown
https://google-ohttp-relay-join.fastly-edge.com/F
unknown
https://publickeyservice.pa.aws.privacysandboxservices.com
unknown
https://www.youtube.com
unknown
https://photos.google.com/settings?referrer=CHROME_NTP
unknown
https://anglebug.com/7714
unknown
https://www.instagram.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/7z
unknown
https://google-ohttp-relay-join.fastly-edge.com/M
unknown
https://photos.google.com?referrer=CHROME_NTP
unknown
https://google-ohttp-relay-join.fastly-edge.com/W
unknown
https://www.google.com/chrome/tips/
unknown
http://anglebug.com/6248
unknown
https://ogs.google.com/widget/callout?eom=1
unknown
https://google-ohttp-relay-join.fastly-edge.com/Z
unknown
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
http://anglebug.com/6929
unknown
http://anglebug.com/5281
unknown
https://google-ohttp-relay-join.fastly-edge.com/a
unknown
https://i.y.qq.com/n2/m/index.html
unknown
https://www.deezer.com/
unknown
https://google-ohttp-relay-join.fastly-edge.com/:z
unknown
https://issuetracker.google.com/255411748
unknown
https://web.telegram.org/
unknown
http://185.215.113.206/746f34465cf17784/freebl3.dll:
unknown
https://permanently-removed.invalid/oauth2/v4/token
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
http://185.215.113.206/746f34465cf17784/freebl3.dllB
unknown
https://chrome.google.com/webstore
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730259281026&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
52.182.143.208
https://drive-daily-2.corp.google.com/
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
http://polymer.github.io/PATENTS.txt
unknown
http://185.215.113.206j
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.ico
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://185.215.113.206/746f34465cf17784/mozglue.dllT
unknown
https://issuetracker.google.com/161903006
unknown
https://www.ecosia.org/newtab/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://drive-daily-5.corp.google.com/
unknown
http://185.215.113.206/746f34465cf17784/nss3.dll.
unknown
https://permanently-removed.invalid/chrome/blank.html
unknown
http://anglebug.com/3078
unknown
http://anglebug.com/7553
unknown
http://anglebug.com/5375
unknown
https://permanently-removed.invalid/v1/issuetoken
unknown
http://185.215.113.206/746f34465cf17784/nss3.dll(
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
216.58.206.78
http://anglebug.com/5371
unknown
http://anglebug.com/4722
unknown
https://permanently-removed.invalid/reauth/v1beta/users/
unknown
http://anglebug.com/7556
unknown
https://chromewebstore.google.com/
unknown
https://drive-preprod.corp.google.com/
unknown
https://srtb.msn.cn/
unknown
http://185.215.113.206/746f34465cf17784/mozglue.dll4
unknown
https://assets.msn.cn/resolver/
unknown
https://publickeyservice.pa.gcp.privacysandboxservices.com
unknown
https://browser.events.data.msn.com/
unknown
https://c.msn.com/c.gif?rnd=1730259281028&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=1588ce342ab149c9a72735bcbeec80ff&activityId=1588ce342ab149c9a72735bcbeec80ff&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0
20.125.209.212
https://permanently-removed.invalid/RotateBoundCookies
unknown
http://anglebug.com/6692
unknown
https://issuetracker.google.com/258207403
unknown
http://anglebug.com/3502
unknown
http://anglebug.com/3623
unknown
https://www.office.com
unknown
http://anglebug.com/3625
unknown
https://outlook.live.com/mail/0/
unknown
http://anglebug.com/3624
unknown
http://anglebug.com/5007
unknown
https://c.msn.com/c.gif?rnd=1730259281028&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=1588ce342ab149c9a72735bcbeec80ff&activityId=1588ce342ab149c9a72735bcbeec80ff&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=DB5198AB21244D7CA4AE81CF9061EEB3&MUID=39831A78EF4B6A0708630F50EE1C6BA7
20.125.209.212
http://anglebug.com/3862
unknown
https://docs.rs/getrandom#nodejs-es-module-support
unknown
https://ntp.msn.com/edge/ntp
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
172.64.41.3
plus.l.google.com
216.58.206.78
play.google.com
142.250.181.238
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.244.18.32
www.google.com
142.250.185.228
googlehosted.l.googleusercontent.com
142.250.74.193
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
apis.google.com
unknown
api.msn.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.6
unknown
unknown
malicious
185.215.113.206
unknown
Portugal
malicious
142.250.185.228
www.google.com
United States
23.198.7.184
unknown
United States
216.58.206.78
plus.l.google.com
United States
152.195.19.97
unknown
United States
23.55.178.210
unknown
United States
23.198.7.180
unknown
United States
20.125.209.212
unknown
United States
142.250.181.238
play.google.com
United States
162.159.61.3
unknown
United States
18.245.113.41
unknown
United States
142.250.74.193
googlehosted.l.googleusercontent.com
United States
204.79.197.219
unknown
United States
172.64.41.3
chrome.cloudflare-dns.com
United States
23.221.22.209
unknown
United States
52.182.143.208
unknown
United States
13.107.246.57
unknown
United States
23.218.232.154
unknown
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
18.244.18.32
sb.scorecardresearch.com
United States
23.198.7.176
unknown
United States
239.255.255.250
unknown
Reserved
20.75.60.91
unknown
United States
127.0.0.1
unknown
unknown
There are 15 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263150
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263150
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018000DDABBE6B3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{C89E2069-AF13-46DB-9E39-216131494B87}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263150
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\263150
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
There are 98 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
571000
unkown
page execute and read and write
 malicious
4FF0000
direct allocation
page read and write
 malicious
12DE000
heap
page read and write
 malicious
6C9802414000
trusted library allocation
page read and write
184C00368000
trusted library allocation
page read and write
460401D34000
trusted library allocation
page read and write
1D63C000
heap
page read and write
184C00720000
trusted library allocation
page read and write
460401B84000
trusted library allocation
page read and write
1898DA9D000
heap
page read and write
5FC8002A4000
trusted library allocation
page read and write
6C98022A3000
trusted library allocation
page read and write
6C98024A0000
trusted library allocation
page read and write
59B800212000
direct allocation
page read and write
460401640000
trusted library allocation
page read and write
6C9800E01000
trusted library allocation
page read and write
4B71000
heap
page read and write
460400498000
trusted library allocation
page read and write
6C98024FC000
trusted library allocation
page read and write
2DCA6402000
heap
page read and write
1D61C000
heap
page read and write
18990FC4000
heap
page read and write
59B80026C000
direct allocation
page read and write
4B71000
heap
page read and write
6C98024C0000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
460401788000
trusted library allocation
page read and write
1D62F000
heap
page read and write
6C98023F0000
trusted library allocation
page read and write
1D61F000
heap
page read and write
6DE000
unkown
page execute and read and write
402F000
stack
page read and write
2DCA71C0000
unkown
page read and write
6C980248C000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
2DCA65B9000
heap
page read and write
18990FC3000
heap
page read and write
184C00734000
trusted library allocation
page read and write
2DCA4760000
heap
page read and write
460400344000
trusted library allocation
page read and write
5FC8002A4000
trusted library allocation
page read and write
1D606000
heap
page read and write
2DCA46F7000
heap
page read and write
DF0E7FE000
stack
page read and write
460400B98000
trusted library allocation
page read and write
4604013A4000
trusted library allocation
page read and write
1D606000
heap
page read and write
6C98024A4000
trusted library allocation
page read and write
460401D00000
trusted library allocation
page read and write
2DCA46BC000
heap
page read and write
4604017B4000
trusted library allocation
page read and write
1214000
heap
page read and write
18991481000
heap
page read and write
2DCA6577000
heap
page read and write
4604002A8000
trusted library allocation
page read and write
2DCA4680000
heap
page read and write
460400A0C000
trusted library allocation
page read and write
4604013A4000
trusted library allocation
page read and write
7AF400284000
trusted library allocation
page read and write
4604015EC000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
460401C68000
trusted library allocation
page read and write
59B800230000
direct allocation
page read and write
18991524000
heap
page read and write
184C002FC000
trusted library allocation
page read and write
460401840000
trusted library allocation
page read and write
2DCA45D0000
heap
page readonly
5F50002B4000
trusted library allocation
page read and write
6C980261C000
trusted library allocation
page read and write
6C9802450000
trusted library allocation
page read and write
460401890000
trusted library allocation
page read and write
460401D28000
trusted library allocation
page read and write
4B71000
heap
page read and write
5130000
direct allocation
page execute and read and write
1D614000
heap
page read and write
6C98024B0000
trusted library allocation
page read and write
2DCA65B4000
heap
page read and write
1D61F000
heap
page read and write
4B71000
heap
page read and write
2DCA46F0000
heap
page read and write
460401900000
trusted library allocation
page read and write
460400CAC000
trusted library allocation
page read and write
1D633000
heap
page read and write
4A6E000
stack
page read and write
4604002B4000
trusted library allocation
page read and write
656000
unkown
page execute and read and write
DF1EFFE000
unkown
page readonly
DF16FFE000
unkown
page readonly
2DCA4713000
heap
page read and write
6C9802490000
trusted library allocation
page read and write
5130000
direct allocation
page execute and read and write
2DCA467B000
heap
page read and write
1D63C000
heap
page read and write
1214000
heap
page read and write
4B71000
heap
page read and write
2DCA46F0000
heap
page read and write
1214000
heap
page read and write
7DE000
unkown
page execute and read and write
DF057FD000
stack
page read and write
460400304000
trusted library allocation
page read and write
1214000
heap
page read and write
7AF400360000
trusted library allocation
page read and write
7B8000
unkown
page execute and read and write
460400294000
trusted library allocation
page read and write
59B8002E0000
direct allocation
page read and write
DF7A3F3000
stack
page read and write
59B800316000
direct allocation
page read and write
1D620000
heap
page read and write
6C98023CC000
trusted library allocation
page read and write
460400F98000
trusted library allocation
page read and write
1210000
heap
page read and write
1214000
heap
page read and write
6C980249C000
trusted library allocation
page read and write
460401B5C000
trusted library allocation
page read and write
61ECD000
direct allocation
page readonly
6C98023E4000
trusted library allocation
page read and write
7AF400250000
trusted library allocation
page read and write
61ECC000
direct allocation
page read and write
460401A0C000
trusted library allocation
page read and write
5F50002B8000
trusted library allocation
page read and write
460401BA8000
trusted library allocation
page read and write
6C9802470000
trusted library allocation
page read and write
460400224000
trusted library allocation
page read and write
1D600000
heap
page read and write
139E000
heap
page read and write
460400FE0000
trusted library allocation
page read and write
46040140C000
trusted library allocation
page read and write
460401760000
trusted library allocation
page read and write
4B71000
heap
page read and write
460401D34000
trusted library allocation
page read and write
1D62D000
heap
page read and write
184C0033C000
trusted library allocation
page read and write
460401BA4000
trusted library allocation
page read and write
7AF400364000
trusted library allocation
page read and write
DF1A7FE000
stack
page read and write
1D5FE000
heap
page read and write
460401624000
trusted library allocation
page read and write
2DCA4730000
heap
page read and write
59B8002AC000
direct allocation
page read and write
125D000
stack
page read and write
6CA9D000
unkown
page readonly
B06000
unkown
page execute and read and write
4604001B4000
trusted library allocation
page read and write
6C9802280000
trusted library allocation
page read and write
4604016B0000
trusted library allocation
page read and write
2DCA65B8000
heap
page read and write
2DCA652E000
heap
page read and write
460401D28000
trusted library allocation
page read and write
46040103C000
trusted library allocation
page read and write
3CAE000
stack
page read and write
2DCA65D8000
heap
page read and write
DF177FE000
stack
page read and write
4B71000
heap
page read and write
184C00330000
trusted library allocation
page read and write
6C9802644000
trusted library allocation
page read and write
71A000
unkown
page execute and read and write
7AF4002D0000
trusted library allocation
page read and write
59B8002A8000
direct allocation
page read and write
1D606000
heap
page read and write
1214000
heap
page read and write
61ED4000
direct allocation
page readonly
460401C80000
trusted library allocation
page read and write
184C00614000
trusted library allocation
page read and write
4B71000
heap
page read and write
38AF000
stack
page read and write
10FD000
stack
page read and write
460400344000
trusted library allocation
page read and write
1338000
heap
page read and write
2DCA46C6000
heap
page read and write
DF0B7FD000
stack
page read and write
2DCA46F7000
heap
page read and write
6C9802224000
trusted library allocation
page read and write
5130000
direct allocation
page execute and read and write
39EF000
stack
page read and write
3EEF000
stack
page read and write
6C9802294000
trusted library allocation
page read and write
2DAC000
stack
page read and write
1D616000
heap
page read and write
460401928000
trusted library allocation
page read and write
13AA000
heap
page read and write
492E000
stack
page read and write
6C980220C000
trusted library allocation
page read and write
4604013C8000
trusted library allocation
page read and write
460400328000
trusted library allocation
page read and write
2DCA65E3000
heap
page read and write
18995543000
heap
page read and write
1214000
heap
page read and write
684000
unkown
page execute and read and write
5150000
direct allocation
page execute and read and write
6C980257C000
trusted library allocation
page read and write
5F50002A0000
trusted library allocation
page read and write
460400E0C000
trusted library allocation
page read and write
DF0EFFE000
unkown
page readonly
460401844000
trusted library allocation
page read and write
46040179C000
trusted library allocation
page read and write
4B71000
heap
page read and write
460400498000
trusted library allocation
page read and write
46040178C000
trusted library allocation
page read and write
2DCA4702000
heap
page read and write
460400C40000
trusted library allocation
page read and write
1D620000
heap
page read and write
DF17FFE000
unkown
page readonly
4604014D4000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA65E7000
heap
page read and write
4604014F0000
trusted library allocation
page read and write
4604001AC000
trusted library allocation
page read and write
460401AEC000
trusted library allocation
page read and write
5F50002C8000
trusted library allocation
page read and write
59B800294000
direct allocation
page read and write
DF207FC000
stack
page read and write
5F5000294000
trusted library allocation
page read and write
460401520000
trusted library allocation
page read and write
4604002F0000
trusted library allocation
page read and write
4604014C4000
trusted library allocation
page read and write
1899552E000
heap
page read and write
5F5000210000
trusted library allocation
page read and write
5F50002A8000
trusted library allocation
page read and write
2E67000
heap
page read and write
2DCA4680000
heap
page read and write
2DCA46B7000
heap
page read and write
4B71000
heap
page read and write
7AF400401000
trusted library allocation
page read and write
7AF40027C000
trusted library allocation
page read and write
460401530000
trusted library allocation
page read and write
184C00754000
trusted library allocation
page read and write
2DCA6540000
heap
page read and write
5FC8002A0000
trusted library allocation
page read and write
460400390000
trusted library allocation
page read and write
6C980241C000
trusted library allocation
page read and write
2399B000
heap
page read and write
1214000
heap
page read and write
460401BA0000
trusted library allocation
page read and write
4A2F000
stack
page read and write
23680000
heap
page read and write
7AF40040C000
trusted library allocation
page read and write
4B71000
heap
page read and write
460401C20000
trusted library allocation
page read and write
59B800318000
direct allocation
page read and write
5F5000270000
trusted library allocation
page read and write
184C00668000
trusted library allocation
page read and write
61ED3000
direct allocation
page read and write
6C9802580000
trusted library allocation
page read and write
2DCA658B000
heap
page read and write
4B71000
heap
page read and write
184C006B4000
trusted library allocation
page read and write
7AF400230000
trusted library allocation
page read and write
4B71000
heap
page read and write
5F50002B4000
trusted library allocation
page read and write
7D8000
unkown
page execute and read and write
460400304000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
460401778000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
2DCA46F0000
heap
page read and write
2DCA65ED000
heap
page read and write
460401704000
trusted library allocation
page read and write
DF7C3FF000
stack
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
2DCA4702000
heap
page read and write
32AE000
stack
page read and write
5FC8002C0000
trusted library allocation
page read and write
2DCA465B000
heap
page read and write
61E01000
direct allocation
page execute read
4FB0000
heap
page read and write
460400C44000
trusted library allocation
page read and write
460401C84000
trusted library allocation
page read and write
5F5000238000
trusted library allocation
page read and write
4604016D8000
trusted library allocation
page read and write
184C00610000
trusted library allocation
page read and write
2DCA4727000
heap
page read and write
7AF400238000
trusted library allocation
page read and write
1D20E000
stack
page read and write
6C9802254000
trusted library allocation
page read and write
460400F98000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
460401AF4000
trusted library allocation
page read and write
4B71000
heap
page read and write
1D605000
heap
page read and write
6C980243C000
trusted library allocation
page read and write
2DCA6573000
heap
page read and write
460400294000
trusted library allocation
page read and write
460400F74000
trusted library allocation
page read and write
37AE000
stack
page read and write
4B71000
heap
page read and write
18991530000
heap
page read and write
2E6E000
heap
page read and write
59B800270000
direct allocation
page read and write
460401458000
trusted library allocation
page read and write
2DCA44F0000
heap
page read and write
2DCA4702000
heap
page read and write
2DCA4679000
heap
page read and write
4B71000
heap
page read and write
6C980244C000
trusted library allocation
page read and write
2DCA467B000
heap
page read and write
5F50002B4000
trusted library allocation
page read and write
DF237FE000
stack
page read and write
2DCA4679000
heap
page read and write
6C9801001000
trusted library allocation
page read and write
2DCA4679000
heap
page read and write
DF217FD000
stack
page read and write
184C00698000
trusted library allocation
page read and write
460401708000
trusted library allocation
page read and write
2DCA46F7000
heap
page read and write
4604017A4000
trusted library allocation
page read and write
4604014BC000
trusted library allocation
page read and write
460400EB0000
trusted library allocation
page read and write
6CC9F000
unkown
page write copy
4604014B4000
trusted library allocation
page read and write
6C9802430000
trusted library allocation
page read and write
4604018A0000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
460401B68000
trusted library allocation
page read and write
460400FA8000
trusted library allocation
page read and write
6C98023B8000
trusted library allocation
page read and write
4B71000
heap
page read and write
5F50002B8000
trusted library allocation
page read and write
59B800311000
direct allocation
page read and write
6C98022C0000
trusted library allocation
page read and write
306F000
stack
page read and write
4604001D8000
trusted library allocation
page read and write
376F000
stack
page read and write
6EB000
unkown
page execute and read and write
6C9800001000
trusted library allocation
page read and write
1214000
heap
page read and write
7AF400288000
trusted library allocation
page read and write
14CE000
stack
page read and write
6C9802434000
trusted library allocation
page read and write
DF05FFE000
unkown
page readonly
2DCA45F0000
heap
page read and write
184C006FC000
trusted library allocation
page read and write
59B80030A000
direct allocation
page read and write
DF01FFE000
unkown
page readonly
1D62D000
heap
page read and write
6C9802510000
trusted library allocation
page read and write
6C980239C000
trusted library allocation
page read and write
184C0039C000
trusted library allocation
page read and write
2DCA6529000
heap
page read and write
1D625000
heap
page read and write
46040033C000
trusted library allocation
page read and write
6C9802201000
trusted library allocation
page read and write
1D62F000
heap
page read and write
7AF40020C000
trusted library allocation
page read and write
D90000
heap
page read and write
460400F74000
trusted library allocation
page read and write
460401328000
trusted library allocation
page read and write
7AF400350000
trusted library allocation
page read and write
46040183C000
trusted library allocation
page read and write
46040166C000
trusted library allocation
page read and write
4B71000
heap
page read and write
184C006F0000
trusted library allocation
page read and write
59B8002C0000
direct allocation
page read and write
2DCA6530000
heap
page read and write
362F000
stack
page read and write
4604016E0000
trusted library allocation
page read and write
4604001F0000
trusted library allocation
page read and write
DF167FD000
stack
page read and write
2DCA65BC000
heap
page read and write
717000
unkown
page execute and read and write
460401D34000
trusted library allocation
page read and write
DA0000
heap
page read and write
460401888000
trusted library allocation
page read and write
6C98025C0000
trusted library allocation
page read and write
33EE000
stack
page read and write
6CAB2000
unkown
page readonly
460401BC4000
trusted library allocation
page read and write
460401924000
trusted library allocation
page read and write
2DCA462C000
heap
page read and write
18990FBA000
heap
page read and write
460401ABC000
trusted library allocation
page read and write
460400298000
trusted library allocation
page read and write
46040103C000
trusted library allocation
page read and write
6C9800801000
trusted library allocation
page read and write
3F2E000
stack
page read and write
4B71000
heap
page read and write
3B2F000
stack
page read and write
442E000
stack
page read and write
6C9802438000
trusted library allocation
page read and write
189954EB000
heap
page read and write
570000
unkown
page readonly
184C0040C000
trusted library allocation
page read and write
6C98024E4000
trusted library allocation
page read and write
5FC8002B0000
trusted library allocation
page read and write
460401CA8000
trusted library allocation
page read and write
460401620000
trusted library allocation
page read and write
18990FC4000
heap
page read and write
5F50002F0000
trusted library allocation
page read and write
2DCA46BC000
heap
page read and write
4B71000
heap
page read and write
5F5000201000
trusted library allocation
page read and write
460401770000
trusted library allocation
page read and write
6CCA5000
unkown
page readonly
452F000
stack
page read and write
18990FC6000
heap
page read and write
2DCA6532000
heap
page read and write
4604016F0000
trusted library allocation
page read and write
460401C54000
trusted library allocation
page read and write
1D44C000
stack
page read and write
460401754000
trusted library allocation
page read and write
5F50002B4000
trusted library allocation
page read and write
DF077FD000
stack
page read and write
460400210000
trusted library allocation
page read and write
DF017FE000
stack
page read and write
460401634000
trusted library allocation
page read and write
652800244000
direct allocation
page read and write
7AF400374000
trusted library allocation
page read and write
6C9802224000
trusted library allocation
page read and write
2DCA46DA000
heap
page read and write
460401D70000
trusted library allocation
page read and write
460400390000
trusted library allocation
page read and write
1CF3F000
stack
page read and write
4604001B4000
trusted library allocation
page read and write
7AF400310000
trusted library allocation
page read and write
18990FD1000
heap
page read and write
2DCA46F7000
heap
page read and write
460400A0C000
trusted library allocation
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
6C9802498000
trusted library allocation
page read and write
1214000
heap
page read and write
6C9802340000
trusted library allocation
page read and write
6C9802240000
trusted library allocation
page read and write
6C9802390000
trusted library allocation
page read and write
6C9802650000
trusted library allocation
page read and write
4604001AC000
trusted library allocation
page read and write
6CA21000
unkown
page execute read
4604003B4000
trusted library allocation
page read and write
184C00320000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
4604014D4000
trusted library allocation
page read and write
DF23FFE000
unkown
page readonly
1D719000
heap
page read and write
12C0000
direct allocation
page read and write
1D621000
heap
page read and write
460400218000
trusted library allocation
page read and write
1214000
heap
page read and write
460400C88000
trusted library allocation
page read and write
460401B8C000
trusted library allocation
page read and write
2DCA4702000
heap
page read and write
4B71000
heap
page read and write
2DCA4688000
heap
page read and write
DF21FFE000
unkown
page readonly
6C9802540000
trusted library allocation
page read and write
2DCA4613000
heap
page read and write
460400CF4000
trusted library allocation
page read and write
460401444000
trusted library allocation
page read and write
184C00320000
trusted library allocation
page read and write
4604014D4000
trusted library allocation
page read and write
2DCA65EF000
heap
page read and write
46040148C000
trusted library allocation
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
18995503000
heap
page read and write
1D62D000
heap
page read and write
DF19FFE000
unkown
page readonly
23780000
trusted library allocation
page read and write
4B71000
heap
page read and write
43EF000
stack
page read and write
6C98024D8000
trusted library allocation
page read and write
AEE000
unkown
page execute and read and write
460401C78000
trusted library allocation
page read and write
6C98024D8000
trusted library allocation
page read and write
184C006C8000
trusted library allocation
page read and write
6C9802514000
trusted library allocation
page read and write
4B71000
heap
page read and write
10F2000
stack
page read and write
4604013A4000
trusted library allocation
page read and write
237FE000
stack
page read and write
460401664000
trusted library allocation
page read and write
456E000
stack
page read and write
316F000
stack
page read and write
184C00694000
trusted library allocation
page read and write
2DCA65AE000
heap
page read and write
4604018A4000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
33AF000
stack
page read and write
4604018EC000
trusted library allocation
page read and write
DF15FFE000
unkown
page readonly
DF13FFE000
unkown
page readonly
2DCA65DB000
heap
page read and write
ACD000
unkown
page execute and read and write
46040104C000
trusted library allocation
page read and write
6C9802590000
trusted library allocation
page read and write
460400294000
trusted library allocation
page read and write
DF187FC000
stack
page read and write
239A3000
heap
page read and write
5F50002A8000
trusted library allocation
page read and write
1354000
heap
page read and write
236C1000
heap
page read and write
6C9802448000
trusted library allocation
page read and write
460400498000
trusted library allocation
page read and write
4B71000
heap
page read and write
1214000
heap
page read and write
2DCAD380000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
1D61F000
heap
page read and write
DF0C7FE000
stack
page read and write
460401C34000
trusted library allocation
page read and write
47AF000
stack
page read and write
460400330000
trusted library allocation
page read and write
184C00310000
trusted library allocation
page read and write
6C9802308000
trusted library allocation
page read and write
2E30000
direct allocation
page execute and read and write
460400498000
trusted library allocation
page read and write
6CC5F000
unkown
page readonly
460401700000
trusted library allocation
page read and write
1D620000
heap
page read and write
460401ABC000
trusted library allocation
page read and write
61EB7000
direct allocation
page readonly
4B71000
heap
page read and write
4604016A4000
trusted library allocation
page read and write
460401CB0000
trusted library allocation
page read and write
59B800290000
direct allocation
page read and write
1323000
heap
page read and write
7AF4002F1000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
184C00330000
trusted library allocation
page read and write
460400F4C000
trusted library allocation
page read and write
5F5000210000
trusted library allocation
page read and write
184C0069C000
trusted library allocation
page read and write
184C00630000
trusted library allocation
page read and write
46040020C000
trusted library allocation
page read and write
1D58D000
stack
page read and write
460400228000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
4B84000
heap
page read and write
460401068000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
184C00368000
trusted library allocation
page read and write
460401D28000
trusted library allocation
page read and write
9ED000
unkown
page execute and read and write
184C006B8000
trusted library allocation
page read and write
184C00354000
trusted library allocation
page read and write
46AE000
stack
page read and write
2DCA472B000
heap
page read and write
460401660000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
1D616000
heap
page read and write
4604012FC000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA6573000
heap
page read and write
460401774000
trusted library allocation
page read and write
460400F74000
trusted library allocation
page read and write
6C9802330000
trusted library allocation
page read and write
1214000
heap
page read and write
460401718000
trusted library allocation
page read and write
2DCA653D000
heap
page read and write
460400EC0000
trusted library allocation
page read and write
460400F98000
trusted library allocation
page read and write
570000
unkown
page read and write
460400ECC000
trusted library allocation
page read and write
4604001EC000
trusted library allocation
page read and write
7AF40032C000
trusted library allocation
page read and write
2DCA46F0000
heap
page read and write
1214000
heap
page read and write
1214000
heap
page read and write
1D0BE000
stack
page read and write
DF0AFFE000
unkown
page readonly
7AF400284000
trusted library allocation
page read and write
5F5000294000
trusted library allocation
page read and write
4604017E4000
trusted library allocation
page read and write
129E000
stack
page read and write
1D620000
heap
page read and write
460401740000
trusted library allocation
page read and write
2DCA467B000
heap
page read and write
184C00684000
trusted library allocation
page read and write
70B000
unkown
page execute and read and write
460400390000
trusted library allocation
page read and write
7AF400300000
trusted library allocation
page read and write
1D62D000
heap
page read and write
366E000
stack
page read and write
460401D60000
trusted library allocation
page read and write
7AF4003AC000
trusted library allocation
page read and write
460401D40000
trusted library allocation
page read and write
18990FBF000
heap
page read and write
6C98023E8000
trusted library allocation
page read and write
460401478000
trusted library allocation
page read and write
460400294000
trusted library allocation
page read and write
460401670000
trusted library allocation
page read and write
1D5FB000
heap
page read and write
6B9000
unkown
page execute and read and write
10F8000
stack
page read and write
6C9802440000
trusted library allocation
page read and write
1D63C000
heap
page read and write
460401D18000
trusted library allocation
page read and write
59C000
unkown
page execute and read and write
460401D34000
trusted library allocation
page read and write
1D606000
heap
page read and write
5F50002B8000
trusted library allocation
page read and write
6C9802424000
trusted library allocation
page read and write
460400294000
trusted library allocation
page read and write
460401ABC000
trusted library allocation
page read and write
6C980236C000
trusted library allocation
page read and write
6CC9E000
unkown
page read and write
460401610000
trusted library allocation
page read and write
4604018D8000
trusted library allocation
page read and write
460401428000
trusted library allocation
page read and write
460400498000
trusted library allocation
page read and write
1D620000
heap
page read and write
6C98022F4000
trusted library allocation
page read and write
460400390000
trusted library allocation
page read and write
460401D40000
trusted library allocation
page read and write
6D3C0000
unkown
page readonly
2DCA46F7000
heap
page read and write
512F000
stack
page read and write
7AF400290000
trusted library allocation
page read and write
7AF4002AC000
trusted library allocation
page read and write
46040022C000
trusted library allocation
page read and write
4604016EC000
trusted library allocation
page read and write
184C00320000
trusted library allocation
page read and write
460401D40000
trusted library allocation
page read and write
4604017C8000
trusted library allocation
page read and write
1D63C000
heap
page read and write
4B71000
heap
page read and write
5F5000230000
trusted library allocation
page read and write
34EF000
stack
page read and write
460400304000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
59B800220000
direct allocation
page read and write
4604001E0000
trusted library allocation
page read and write
4B71000
heap
page read and write
4604013C8000
trusted library allocation
page read and write
460401674000
trusted library allocation
page read and write
2DCA6538000
heap
page read and write
7AF400408000
trusted library allocation
page read and write
460400EB0000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA462F000
heap
page read and write
460400294000
trusted library allocation
page read and write
1D622000
heap
page read and write
460401C24000
trusted library allocation
page read and write
6C98026A4000
trusted library allocation
page read and write
6C98022E8000
trusted library allocation
page read and write
6C9802314000
trusted library allocation
page read and write
DF0BFFE000
unkown
page readonly
5F5000288000
trusted library allocation
page read and write
460401950000
trusted library allocation
page read and write
46040153C000
trusted library allocation
page read and write
1D07F000
stack
page read and write
460400ECC000
trusted library allocation
page read and write
4604014E0000
trusted library allocation
page read and write
184C006D4000
trusted library allocation
page read and write
5F50002A8000
trusted library allocation
page read and write
1D62D000
heap
page read and write
460401644000
trusted library allocation
page read and write
6C98026B4000
trusted library allocation
page read and write
1399000
heap
page read and write
460401694000
trusted library allocation
page read and write
1D5F0000
heap
page read and write
4604017A8000
trusted library allocation
page read and write
6C98024A8000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
460400F98000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
5F50002B4000
trusted library allocation
page read and write
2DCA6512000
heap
page read and write
460401728000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
23900000
trusted library allocation
page read and write
460401690000
trusted library allocation
page read and write
1D63C000
heap
page read and write
7AF400344000
trusted library allocation
page read and write
7AF4003A8000
trusted library allocation
page read and write
4B71000
heap
page read and write
460401B88000
trusted library allocation
page read and write
2DCA6595000
heap
page read and write
184C00640000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
1D620000
heap
page read and write
2E50000
direct allocation
page execute and read and write
4604018AC000
trusted library allocation
page read and write
2DCAD260000
trusted library allocation
page read and write
184C00418000
trusted library allocation
page read and write
460401B3C000
trusted library allocation
page read and write
DF1FFFE000
unkown
page readonly
4B71000
heap
page read and write
4604013C8000
trusted library allocation
page read and write
460401D34000
trusted library allocation
page read and write
460400FD0000
trusted library allocation
page read and write
460400E0C000
trusted library allocation
page read and write
1214000
heap
page read and write
46040191C000
trusted library allocation
page read and write
59B80031C000
direct allocation
page read and write
46040192C000
trusted library allocation
page read and write
4604012BC000
trusted library allocation
page read and write
1214000
heap
page read and write
6C980260C000
trusted library allocation
page read and write
46040100C000
trusted library allocation
page read and write
460400AAC000
trusted library allocation
page read and write
4604018A8000
trusted library allocation
page read and write
1D710000
trusted library allocation
page read and write
23746000
heap
page read and write
DF1BFFE000
unkown
page readonly
4604016DC000
trusted library allocation
page read and write
4604017B0000
trusted library allocation
page read and write
6C9802568000
trusted library allocation
page read and write
4B6F000
stack
page read and write
184C006B0000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA4702000
heap
page read and write
460400F24000
trusted library allocation
page read and write
184C00390000
trusted library allocation
page read and write
12C0000
direct allocation
page read and write
6CA20000
unkown
page readonly
460400C7C000
trusted library allocation
page read and write
6C9802428000
trusted library allocation
page read and write
1214000
heap
page read and write
59B8002D0000
direct allocation
page read and write
2DCA65A0000
heap
page read and write
5F5000278000
trusted library allocation
page read and write
184C00688000
trusted library allocation
page read and write
5F50002F8000
trusted library allocation
page read and write
DF137FE000
stack
page read and write
406E000
stack
page read and write
4604013C8000
trusted library allocation
page read and write
1214000
heap
page read and write
460401D18000
trusted library allocation
page read and write
1D62D000
heap
page read and write
4B71000
heap
page read and write
1D1BF000
stack
page read and write
7AF400404000
trusted library allocation
page read and write
460401D28000
trusted library allocation
page read and write
184C00424000
trusted library allocation
page read and write
1898DA98000
heap
page read and write
1D61B000
heap
page read and write
18991513000
heap
page read and write
1D620000
heap
page read and write
460401C4C000
trusted library allocation
page read and write
2E2E000
stack
page read and write
6C98024F0000
trusted library allocation
page read and write
46040175C000
trusted library allocation
page read and write
6C98023D8000
trusted library allocation
page read and write
6C980260F000
trusted library allocation
page read and write
1D30F000
stack
page read and write
1214000
heap
page read and write
6C9802568000
trusted library allocation
page read and write
59B8002EC000
direct allocation
page read and write
189914BB000
heap
page read and write
5F50002A8000
trusted library allocation
page read and write
6C980235C000
trusted library allocation
page read and write
DF0D7FE000
stack
page read and write
460401748000
trusted library allocation
page read and write
18995543000
heap
page read and write
6C98024F0000
trusted library allocation
page read and write
4604001D0000
trusted library allocation
page read and write
2DCA4702000
heap
page read and write
460401854000
trusted library allocation
page read and write
460401BB4000
trusted library allocation
page read and write
2DCA46BA000
heap
page read and write
460401B2C000
trusted library allocation
page read and write
6C9802440000
trusted library allocation
page read and write
460401D28000
trusted library allocation
page read and write
1899552E000
heap
page read and write
5F5000294000
trusted library allocation
page read and write
6C9802578000
trusted library allocation
page read and write
6C9802454000
trusted library allocation
page read and write
460401628000
trusted library allocation
page read and write
460401D0C000
trusted library allocation
page read and write
6C9802458000
trusted library allocation
page read and write
6C9802474000
trusted library allocation
page read and write
4B71000
heap
page read and write
460400CFC000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
6D467000
unkown
page read and write
46040149C000
trusted library allocation
page read and write
184C00620000
trusted library allocation
page read and write
46040172C000
trusted library allocation
page read and write
1214000
heap
page read and write
1214000
heap
page read and write
2DCA65E3000
heap
page read and write
460400344000
trusted library allocation
page read and write
460401C50000
trusted library allocation
page read and write
4B71000
heap
page read and write
460401338000
trusted library allocation
page read and write
23680000
trusted library allocation
page read and write
46040160C000
trusted library allocation
page read and write
460401D40000
trusted library allocation
page read and write
460401B78000
trusted library allocation
page read and write
6C98023F8000
trusted library allocation
page read and write
352E000
stack
page read and write
2DCA65F6000
heap
page read and write
42AE000
stack
page read and write
DF0A7FE000
stack
page read and write
460401CAC000
trusted library allocation
page read and write
1D62F000
heap
page read and write
4604017B8000
trusted library allocation
page read and write
2399D000
heap
page read and write
2DCA65E7000
heap
page read and write
460401194000
trusted library allocation
page read and write
1D616000
heap
page read and write
6C9802304000
trusted library allocation
page read and write
5F5000294000
trusted library allocation
page read and write
4604001D4000
trusted library allocation
page read and write
460400EC0000
trusted library allocation
page read and write
59B800217000
direct allocation
page read and write
184C006CC000
trusted library allocation
page read and write
2DCA65F7000
heap
page read and write
1214000
heap
page read and write
184C00758000
trusted library allocation
page read and write
2DCA46F7000
heap
page read and write
2DCA654D000
heap
page read and write
5F5000260000
trusted library allocation
page read and write
6C9802624000
trusted library allocation
page read and write
DF197FE000
stack
page read and write
7AF4003CC000
trusted library allocation
page read and write
460400474000
trusted library allocation
page read and write
7AF400220000
trusted library allocation
page read and write
DF257FD000
stack
page read and write
239A9000
heap
page read and write
4604002A8000
trusted library allocation
page read and write
184C00678000
trusted library allocation
page read and write
1D630000
heap
page read and write
4604014A4000
trusted library allocation
page read and write
571000
unkown
page execute and write copy
460401BEC000
trusted library allocation
page read and write
4604017A0000
trusted library allocation
page read and write
DF7E3FE000
stack
page read and write
184C00644000
trusted library allocation
page read and write
5FC8002C0000
trusted library allocation
page read and write
460400E0C000
trusted library allocation
page read and write
1D34D000
stack
page read and write
460401194000
trusted library allocation
page read and write
326F000
stack
page read and write
460401D40000
trusted library allocation
page read and write
460401904000
trusted library allocation
page read and write
1D63C000
heap
page read and write
59B800328000
direct allocation
page read and write
1D61F000
heap
page read and write
460401510000
trusted library allocation
page read and write
2DCA46F0000
heap
page read and write
1898DAAC000
heap
page read and write
4B71000
heap
page read and write
460401848000
trusted library allocation
page read and write
23780000
trusted library allocation
page read and write
4604010EC000
trusted library allocation
page read and write
1D613000
heap
page read and write
59B800280000
direct allocation
page read and write
7AF400424000
trusted library allocation
page read and write
1214000
heap
page read and write
460401668000
trusted library allocation
page read and write
2DEE000
stack
page read and write
460400E0C000
trusted library allocation
page read and write
18991507000
heap
page read and write
2DCA4643000
heap
page read and write
6C9802410000
trusted library allocation
page read and write
6D421000
unkown
page readonly
1D639000
heap
page read and write
460400ECC000
trusted library allocation
page read and write
DF18FFE000
unkown
page readonly
2DCA46F7000
heap
page read and write
2DCA655D000
heap
page read and write
4604018FC000
trusted library allocation
page read and write
7AF400430000
trusted library allocation
page read and write
460401C48000
trusted library allocation
page read and write
6C98024D8000
trusted library allocation
page read and write
7AF40031C000
trusted library allocation
page read and write
4B71000
heap
page read and write
1D616000
heap
page read and write
6C98025E0000
trusted library allocation
page read and write
2DCA4702000
heap
page read and write
1D633000
heap
page read and write
460401B38000
trusted library allocation
page read and write
1D618000
heap
page read and write
7AF400248000
trusted library allocation
page read and write
184C00788000
trusted library allocation
page read and write
4604013C8000
trusted library allocation
page read and write
6C9802418000
trusted library allocation
page read and write
DF25FFE000
unkown
page readonly
18995502000
heap
page read and write
6C9800A01000
trusted library allocation
page read and write
1899551A000
heap
page read and write
184C00624000
trusted library allocation
page read and write
4604012B4000
trusted library allocation
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
189914FE000
heap
page read and write
189914DD000
heap
page read and write
460400344000
trusted library allocation
page read and write
7AF4002A0000
trusted library allocation
page read and write
2DCA4675000
heap
page read and write
1898DAA4000
heap
page read and write
59B8002D8000
direct allocation
page read and write
6C9802640000
trusted library allocation
page read and write
2DCA46F7000
heap
page read and write
2DCA4600000
heap
page read and write
38EE000
stack
page read and write
184C0033C000
trusted library allocation
page read and write
7AF40025C000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
6C980260C000
trusted library allocation
page read and write
2F6F000
stack
page read and write
4B71000
heap
page read and write
DF00FFE000
unkown
page readonly
18990FCB000
heap
page read and write
460401828000
trusted library allocation
page read and write
5F5000250000
trusted library allocation
page read and write
B06000
unkown
page execute and write copy
460401878000
trusted library allocation
page read and write
184C006D0000
trusted library allocation
page read and write
1D623000
heap
page read and write
4604003B4000
trusted library allocation
page read and write
460400304000
trusted library allocation
page read and write
460400F74000
trusted library allocation
page read and write
460401BB0000
trusted library allocation
page read and write
1D637000
heap
page read and write
12DA000
heap
page read and write
18991507000
heap
page read and write
6C9802514000
trusted library allocation
page read and write
7AF400358000
trusted library allocation
page read and write
4B70000
heap
page read and write
184C00760000
trusted library allocation
page read and write
1D615000
heap
page read and write
23680000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA65A3000
heap
page read and write
DF047FE000
stack
page read and write
4604001E8000
trusted library allocation
page read and write
46040129C000
trusted library allocation
page read and write
DF07FFE000
unkown
page readonly
5F5000264000
trusted library allocation
page read and write
1214000
heap
page read and write
236E1000
heap
page read and write
460400390000
trusted library allocation
page read and write
460401908000
trusted library allocation
page read and write
6C98024CC000
trusted library allocation
page read and write
DF0CFFE000
unkown
page readonly
6C9802534000
trusted library allocation
page read and write
184C00750000
trusted library allocation
page read and write
6C98025B0000
trusted library allocation
page read and write
DF1D7FE000
stack
page read and write
6C98024F0000
trusted library allocation
page read and write
3DAF000
stack
page read and write
46040109C000
trusted library allocation
page read and write
5FC8002C8000
trusted library allocation
page read and write
7AF40031C000
trusted library allocation
page read and write
460401B54000
trusted library allocation
page read and write
18990FCB000
heap
page read and write
4B71000
heap
page read and write
184C00248000
trusted library allocation
page read and write
2E60000
heap
page read and write
460401AF0000
trusted library allocation
page read and write
1898DA95000
heap
page read and write
460401920000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
5F50002D8000
trusted library allocation
page read and write
184C00408000
trusted library allocation
page read and write
460401C18000
trusted library allocation
page read and write
460401144000
trusted library allocation
page read and write
2DCA65A7000
heap
page read and write
120E000
stack
page read and write
5F50002E4000
trusted library allocation
page read and write
184C00730000
trusted library allocation
page read and write
1D63C000
heap
page read and write
18991524000
heap
page read and write
46040021C000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
3A2E000
stack
page read and write
5F50002B4000
trusted library allocation
page read and write
501B000
direct allocation
page read and write
4604001F8000
trusted library allocation
page read and write
1898DAA9000
heap
page read and write
460400294000
trusted library allocation
page read and write
CA9000
unkown
page execute and read and write
7AF4002F4000
trusted library allocation
page read and write
41AE000
stack
page read and write
46040182C000
trusted library allocation
page read and write
6C9800601000
trusted library allocation
page read and write
4604017F0000
trusted library allocation
page read and write
2DCA46BC000
heap
page read and write
460401D34000
trusted library allocation
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
1214000
heap
page read and write
2E6B000
heap
page read and write
DF087FC000
stack
page read and write
6CAAE000
unkown
page read and write
1D61A000
heap
page read and write
2DCA6535000
heap
page read and write
2DCA4758000
heap
page read and write
59B800210000
direct allocation
page read and write
2DCA46F7000
heap
page read and write
59B800308000
direct allocation
page read and write
1214000
heap
page read and write
DF1CFFE000
unkown
page readonly
DF12FFE000
unkown
page readonly
2DCA4680000
heap
page read and write
12A0000
direct allocation
page read and write
460400304000
trusted library allocation
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
460401D28000
trusted library allocation
page read and write
460401AD0000
trusted library allocation
page read and write
2DCAE800000
heap
page read and write
460400F4C000
trusted library allocation
page read and write
61EB4000
direct allocation
page read and write
1214000
heap
page read and write
460401820000
trusted library allocation
page read and write
2DCA65A2000
heap
page read and write
DF1F7FE000
stack
page read and write
61E00000
direct allocation
page execute and read and write
46040033C000
trusted library allocation
page read and write
6C9802444000
trusted library allocation
page read and write
460401D7C000
trusted library allocation
page read and write
6C98024CC000
trusted library allocation
page read and write
6C98024C0000
trusted library allocation
page read and write
1D613000
heap
page read and write
239A5000
heap
page read and write
1D63C000
heap
page read and write
460400C40000
trusted library allocation
page read and write
59B800234000
direct allocation
page read and write
460401D40000
trusted library allocation
page read and write
502C000
stack
page read and write
DF127FD000
stack
page read and write
1899150B000
heap
page read and write
460401484000
trusted library allocation
page read and write
46040190C000
trusted library allocation
page read and write
4604001DC000
trusted library allocation
page read and write
2DCA472B000
heap
page read and write
4604017EC000
trusted library allocation
page read and write
7AF4003BC000
trusted library allocation
page read and write
4604018B4000
trusted library allocation
page read and write
5F5000220000
trusted library allocation
page read and write
6C9802484000
trusted library allocation
page read and write
7AF4002D8000
trusted library allocation
page read and write
460401348000
trusted library allocation
page read and write
460401860000
trusted library allocation
page read and write
2DCA461E000
heap
page read and write
184C00320000
trusted library allocation
page read and write
4604018B0000
trusted library allocation
page read and write
4B71000
heap
page read and write
460401B04000
trusted library allocation
page read and write
6C98024E4000
trusted library allocation
page read and write
6C9802230000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA6310000
trusted library allocation
page read and write
5F50002A8000
trusted library allocation
page read and write
1CE3E000
stack
page read and write
6C9800C01000
trusted library allocation
page read and write
2DCA6413000
heap
page read and write
59B800284000
direct allocation
page read and write
1D63C000
heap
page read and write
4604001B4000
trusted library allocation
page read and write
460401B90000
trusted library allocation
page read and write
1D62D000
heap
page read and write
6C98025D0000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
460401C1C000
trusted library allocation
page read and write
6C9802401000
trusted library allocation
page read and write
2DCA6340000
trusted library section
page readonly
46040193C000
trusted library allocation
page read and write
CAA000
unkown
page execute and write copy
6C9802630000
trusted library allocation
page read and write
85A000
unkown
page execute and read and write
460401724000
trusted library allocation
page read and write
460400220000
trusted library allocation
page read and write
18991530000
heap
page read and write
6C9802254000
trusted library allocation
page read and write
6C98025BC000
trusted library allocation
page read and write
460401C64000
trusted library allocation
page read and write
2DCA4671000
heap
page read and write
46040188C000
trusted library allocation
page read and write
4604018C4000
trusted library allocation
page read and write
7AF40039C000
trusted library allocation
page read and write
4604018C8000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
6C98023F4000
trusted library allocation
page read and write
460401638000
trusted library allocation
page read and write
1D61D000
heap
page read and write
1395000
heap
page read and write
B07000
unkown
page execute and write copy
46040163C000
trusted library allocation
page read and write
4B71000
heap
page read and write
59B8002D0000
direct allocation
page read and write
184C00700000
trusted library allocation
page read and write
4604001F4000
trusted library allocation
page read and write
460400344000
trusted library allocation
page read and write
460401758000
trusted library allocation
page read and write
5F5000274000
trusted library allocation
page read and write
184C00380000
trusted library allocation
page read and write
1D620000
heap
page read and write
189914DD000
heap
page read and write
1D61F000
heap
page read and write
46040104C000
trusted library allocation
page read and write
13B0000
heap
page read and write
DF1C7FD000
stack
page read and write
460401520000
trusted library allocation
page read and write
4604016C4000
trusted library allocation
page read and write
184C0075C000
trusted library allocation
page read and write
59B800215000
direct allocation
page read and write
6C9802460000
trusted library allocation
page read and write
5FC8002E4000
trusted library allocation
page read and write
460400F74000
trusted library allocation
page read and write
1214000
heap
page read and write
460401D28000
trusted library allocation
page read and write
460401530000
trusted library allocation
page read and write
1D63C000
heap
page read and write
1D61B000
heap
page read and write
AF7000
unkown
page execute and read and write
5160000
direct allocation
page execute and read and write
6C9802534000
trusted library allocation
page read and write
2DCA6500000
heap
page read and write
460401BF8000
trusted library allocation
page read and write
1D48E000
stack
page read and write
4604017D4000
trusted library allocation
page read and write
6C9802488000
trusted library allocation
page read and write
2DCA6585000
heap
page read and write
460401AF8000
trusted library allocation
page read and write
460400350000
trusted library allocation
page read and write
DF7EBFE000
unkown
page readonly
184C00648000
trusted library allocation
page read and write
6C98025A4000
trusted library allocation
page read and write
7AF400338000
trusted library allocation
page read and write
3C6F000
stack
page read and write
460400234000
trusted library allocation
page read and write
2DCA46F0000
heap
page read and write
5F50002B4000
trusted library allocation
page read and write
6C9802464000
trusted library allocation
page read and write
460401730000
trusted library allocation
page read and write
2DCA44D0000
heap
page read and write
6C980242C000
trusted library allocation
page read and write
46040100C000
trusted library allocation
page read and write
184C00664000
trusted library allocation
page read and write
DF157FE000
stack
page read and write
1D633000
heap
page read and write
12A0000
direct allocation
page read and write
460401BC0000
trusted library allocation
page read and write
6C980234C000
trusted library allocation
page read and write
184C006EC000
trusted library allocation
page read and write
1D606000
heap
page read and write
460400C40000
trusted library allocation
page read and write
5F50002B4000
trusted library allocation
page read and write
DF7CBFE000
unkown
page readonly
460400A0C000
trusted library allocation
page read and write
6C980246C000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
2DCA46F0000
heap
page read and write
1D616000
heap
page read and write
1D639000
heap
page read and write
1D61C000
heap
page read and write
6CCA0000
unkown
page read and write
3DEE000
stack
page read and write
1CF7E000
stack
page read and write
59B800250000
direct allocation
page read and write
184C003EC000
trusted library allocation
page read and write
4C70000
trusted library allocation
page read and write
460401BF4000
trusted library allocation
page read and write
2DCA650F000
heap
page read and write
4B71000
heap
page read and write
47EE000
stack
page read and write
59B800201000
direct allocation
page read and write
2DCA62F0000
heap
page read and write
6D3C1000
unkown
page execute read
184C006E4000
trusted library allocation
page read and write
460401B58000
trusted library allocation
page read and write
1D63C000
heap
page read and write
460401784000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
18991513000
heap
page read and write
59B80024C000
direct allocation
page read and write
460401BD8000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA65F5000
heap
page read and write
460401D00000
trusted library allocation
page read and write
184C0080C000
trusted library allocation
page read and write
7AF4002C4000
trusted library allocation
page read and write
18990FBF000
heap
page read and write
2DCA65F7000
heap
page read and write
7AF400390000
trusted library allocation
page read and write
4604016C0000
trusted library allocation
page read and write
13B4000
heap
page read and write
4604017C4000
trusted library allocation
page read and write
48EF000
stack
page read and write
6CAC1000
unkown
page execute read
184C0060C000
trusted library allocation
page read and write
2E40000
direct allocation
page execute and read and write
5F50002A8000
trusted library allocation
page read and write
5F50002FC000
trusted library allocation
page read and write
460400AAC000
trusted library allocation
page read and write
460401B18000
trusted library allocation
page read and write
12D0000
heap
page read and write
1214000
heap
page read and write
1D61F000
heap
page read and write
460400F98000
trusted library allocation
page read and write
5FC8002D8000
trusted library allocation
page read and write
460400A0C000
trusted library allocation
page read and write
DF20FFE000
unkown
page readonly
DF1DFFE000
unkown
page readonly
6C98024B0000
trusted library allocation
page read and write
1214000
heap
page read and write
460400CFC000
trusted library allocation
page read and write
46040169C000
trusted library allocation
page read and write
DF007FE000
stack
page read and write
5F5000235000
trusted library allocation
page read and write
61ED0000
direct allocation
page read and write
6C980257C000
trusted library allocation
page read and write
1D61F000
heap
page read and write
6C9800201000
trusted library allocation
page read and write
460401698000
trusted library allocation
page read and write
6C98022D8000
trusted library allocation
page read and write
6C9800401000
trusted library allocation
page read and write
460401194000
trusted library allocation
page read and write
1D63C000
heap
page read and write
6C9802320000
trusted library allocation
page read and write
7AF40032C000
trusted library allocation
page read and write
1214000
heap
page read and write
6CAC0000
unkown
page readonly
460401B1C000
trusted library allocation
page read and write
4B71000
heap
page read and write
1214000
heap
page read and write
460400A0C000
trusted library allocation
page read and write
460400EC0000
trusted library allocation
page read and write
184C00354000
trusted library allocation
page read and write
6D469000
unkown
page readonly
46040033C000
trusted library allocation
page read and write
4B71000
heap
page read and write
2DCA4702000
heap
page read and write
12A0000
direct allocation
page read and write
416F000
stack
page read and write
460401D40000
trusted library allocation
page read and write
DF08FFE000
unkown
page readonly
1D613000
heap
page read and write
2DCA6555000
heap
page read and write
460401B14000
trusted library allocation
page read and write
6C98024D8000
trusted library allocation
page read and write
5FC8002C0000
trusted library allocation
page read and write
1D63C000
heap
page read and write
460400214000
trusted library allocation
page read and write
460400CC8000
trusted library allocation
page read and write
6C98023EC000
trusted library allocation
page read and write
6C98023E0000
trusted library allocation
page read and write
460400EC0000
trusted library allocation
page read and write
6C9802494000
trusted library allocation
page read and write
460400294000
trusted library allocation
page read and write
59B80025C000
direct allocation
page read and write
5FC800248000
trusted library allocation
page read and write
6C98024CC000
trusted library allocation
page read and write
1214000
heap
page read and write
5F50002A8000
trusted library allocation
page read and write
6C98022AD000
trusted library allocation
page read and write
D3C000
stack
page read and write
5FC8002A0000
trusted library allocation
page read and write
2DCAE802000
heap
page read and write
42EE000
stack
page read and write
46040029C000
trusted library allocation
page read and write
7AF4003C0000
trusted library allocation
page read and write
460400230000
trusted library allocation
page read and write
1D5F2000
heap
page read and write
7AF4003A0000
trusted library allocation
page read and write
46040120C000
trusted library allocation
page read and write
189914BB000
heap
page read and write
2DCA6573000
heap
page read and write
6C9802594000
trusted library allocation
page read and write
1214000
heap
page read and write
6C98024E4000
trusted library allocation
page read and write
5F5000248000
trusted library allocation
page read and write
460400498000
trusted library allocation
page read and write
460401BCC000
trusted library allocation
page read and write
189914C4000
heap
page read and write
5F50002A8000
trusted library allocation
page read and write
DF1B7FE000
unkown
page readonly
460400E78000
trusted library allocation
page read and write
1898DA9F000
heap
page read and write
4B71000
heap
page read and write
2DCA659C000
heap
page read and write
4B90000
heap
page read and write
DF1E7FD000
stack
page read and write
184C00704000
trusted library allocation
page read and write
460401B40000
trusted library allocation
page read and write
1D61A000
heap
page read and write
6C98023DC000
trusted library allocation
page read and write
460401BF0000
trusted library allocation
page read and write
6C980245C000
trusted library allocation
page read and write
1D63C000
heap
page read and write
5FC8002C0000
trusted library allocation
page read and write
2DCA46F0000
heap
page read and write
4604017AC000
trusted library allocation
page read and write
59B800244000
direct allocation
page read and write
460400498000
trusted library allocation
page read and write
2DCA652C000
heap
page read and write
4604018E8000
trusted library allocation
page read and write
2DCA4682000
heap
page read and write
4604015EC000
trusted library allocation
page read and write
DF04FFE000
unkown
page readonly
46040033C000
trusted library allocation
page read and write
7AF400308000
trusted library allocation
page read and write
6C9802264000
trusted library allocation
page read and write
2DCA46DF000
heap
page read and write
1899148E000
heap
page read and write
460400EC0000
trusted library allocation
page read and write
2DCA4702000
heap
page read and write
2DCA46CF000
heap
page read and write
460401B50000
trusted library allocation
page read and write
6C9802601000
trusted library allocation
page read and write
1899150B000
heap
page read and write
5140000
direct allocation
page execute and read and write
4604013A4000
trusted library allocation
page read and write
4604017E8000
trusted library allocation
page read and write
1D636000
heap
page read and write
1898DA7D000
heap
page read and write
59B80021C000
direct allocation
page read and write
4604016A0000
trusted library allocation
page read and write
189914C4000
heap
page read and write
184C0035C000
trusted library allocation
page read and write
460400EC0000
trusted library allocation
page read and write
DF1AFFE000
stack
page read and write
7AF400418000
trusted library allocation
page read and write
4604001E4000
trusted library allocation
page read and write
2DCA65DC000
heap
page read and write
2DCA65F9000
heap
page read and write
1899551A000
heap
page read and write
236A0000
heap
page read and write
3B6E000
stack
page read and write
DF0000
heap
page read and write
6C980237C000
trusted library allocation
page read and write
460401D40000
trusted library allocation
page read and write
46040170C000
trusted library allocation
page read and write
460401864000
trusted library allocation
page read and write
4604012E4000
trusted library allocation
page read and write
4604015F8000
trusted library allocation
page read and write
460401D6C000
trusted library allocation
page read and write
6C98024AC000
trusted library allocation
page read and write
460401744000
trusted library allocation
page read and write
2DCA65FF000
heap
page read and write
4B71000
heap
page read and write
4B71000
heap
page read and write
466F000
stack
page read and write
2DCA4730000
heap
page read and write
460401BC8000
trusted library allocation
page read and write
460400344000
trusted library allocation
page read and write
5F50002B8000
trusted library allocation
page read and write
7AF400380000
trusted library allocation
page read and write
6C9802270000
trusted library allocation
page read and write
59B8002D8000
direct allocation
page read and write
189954EB000
heap
page read and write
2DCA4675000
heap
page read and write
238FF000
stack
page read and write
2DCA46F0000
heap
page read and write
1D637000
heap
page read and write
1D605000
heap
page read and write
460401684000
trusted library allocation
page read and write
1D61B000
heap
page read and write
460401C7C000
trusted library allocation
page read and write
6C9802230000
trusted library allocation
page read and write
4B80000
heap
page read and write
460400298000
trusted library allocation
page read and write
46040181C000
trusted library allocation
page read and write
460401C94000
trusted library allocation
page read and write
18991487000
heap
page read and write
460400B58000
trusted library allocation
page read and write
4604004C4000
trusted library allocation
page read and write
6C9802468000
trusted library allocation
page read and write
460400AAC000
trusted library allocation
page read and write
6C9802420000
trusted library allocation
page read and write
6C9802554000
trusted library allocation
page read and write
460400AAC000
trusted library allocation
page read and write
DF0DFFE000
unkown
page readonly
460400E0C000
trusted library allocation
page read and write
460401194000
trusted library allocation
page read and write
13A3000
heap
page read and write
DF7B3FE000
unkown
page read and write
460400F24000
trusted library allocation
page read and write
1214000
heap
page read and write
59B800303000
direct allocation
page read and write
4604018F8000
trusted library allocation
page read and write
460401C38000
trusted library allocation
page read and write
5FC8002A0000
trusted library allocation
page read and write
460401BD0000
trusted library allocation
page read and write
7AF400210000
trusted library allocation
page read and write
6C980240C000
trusted library allocation
page read and write
460400CFC000
trusted library allocation
page read and write
4604014C4000
trusted library allocation
page read and write
460401368000
trusted library allocation
page read and write
15CE000
stack
page read and write
2DCA46D9000
heap
page read and write
4B71000
heap
page read and write
1214000
heap
page read and write
1D633000
heap
page read and write
460400C40000
trusted library allocation
page read and write
18990FC3000
heap
page read and write
6C98023A8000
trusted library allocation
page read and write
6C9802524000
trusted library allocation
page read and write
460400FE0000
trusted library allocation
page read and write
7AF400201000
trusted library allocation
page read and write
189914FE000
heap
page read and write
184C00658000
trusted library allocation
page read and write
1D623000
heap
page read and write
6C98023C4000
trusted library allocation
page read and write
6C98026A8000
trusted library allocation
page read and write
12A0000
direct allocation
page read and write
460400F24000
trusted library allocation
page read and write
46040033C000
trusted library allocation
page read and write
There are 1382 hidden memdumps, click here to show them.