IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\DocumentsDGCFHIDAKE.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\BAAFIJKKEHJDHJKFIECA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\BAEGCGCGIEGDHIDHJJEHDGHIEB
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\CAKKJKKECFIDGDHIJEGD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\CBGCGDBK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\DHJECFCGHIDGHIDHDHIE
ASCII text, with very long lines (1743), with CRLF line terminators
dropped
C:\ProgramData\DHJJEGHIIDAFIDHJDHJEBAEGHC
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\IECGIEBA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\102a42c5-efd3-43f0-b76e-c6d6ad5960fc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6a96a8d9-73ad-4ced-8002-583ca875d72c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\76e26a31-1b4e-448e-ae6e-1ea275196cb8.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8d34a2fa-ef43-479c-b19a-8a42b8f55c5e.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\fa5d698e-1b01-4574-a107-4a7a4d1a8387.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-673D1CF1-1C88.pma
DIY-Thermocam raw data (Lepton 3.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 1, calibration: offset -144119586122366976.000000, slope 68694245376.000000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\21288b0d-ab92-482f-8f04-f614e4add15e.tmp
Unicode text, UTF-8 text, with very long lines (17520), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\260d1cd5-f910-4e08-ba0a-502491d200c3.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5a987581-2a08-418a-89f9-1e2c04de7803.tmp
Unicode text, UTF-8 text, with very long lines (17356), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\70dd13d5-76ac-49d9-978e-27f43f0b7b1a.tmp
Unicode text, UTF-8 text, with very long lines (13804), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8094664b-6c26-4430-b03d-0f192c3804de.tmp
Unicode text, UTF-8 text, with very long lines (17520), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1157b7a7-140d-408b-a22c-4d269b928aa6.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\789dd527-26d9-4d8e-99b4-4204b8455e36.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF376e6.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF380aa.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c8366317-7454-43a6-8121-a8ee71a88f3a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cb6904ab-9ea5-402d-bdd3-4ec7aa33cc73.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ff6cd562-ac9f-4099-96be-a95f4088c0f1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
Unicode text, UTF-8 text, with very long lines (13804), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3abf1.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13804), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3f945.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13804), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF46e85.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13804), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3abf1.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3d3eb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF3d504.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376531956618310
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3b585b0f-3efe-4bc7-a42d-ea12546a0670.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5f69c34b-f6cb-454d-a088-6ecfe3c5db95.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8a9249d7-adc1-416f-8b5a-78b952ddd8fc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF380aa.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b087f7f8-f554-4886-93d4-11a4bc818f96.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b9299721-278d-4cc5-b1c1-6566e7d36914.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c80d318a-74df-404d-9906-79a657fe4b2b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\eb73bce3-ed62-40a3-b48b-c27766356b89.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f270297d-aec8-4c48-b2d8-985bd46cb760.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35bae.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35bcd.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35d92.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38415.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF46e56.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4c996.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a7843265-9969-41f7-9c0b-8482eadf0710.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\acbebecf-cdb7-47d3-b3f7-028d90d7457b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c030e142-dd1e-496a-b807-bbb01eeb1ae1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\02303875-56ee-47a4-a4bd-cd73da114a12.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\0a165dda-724e-4c9c-b116-b8b162fb7d67.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\5382cb75-5ec9-4ffc-a387-c7676495fe38.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
dropped
C:\Users\user\AppData\Local\Temp\6078f2f1-8956-4b30-8fc8-4797ff05f6f0.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\86c696e6-98d1-4f7c-96f5-f3c7e960ebbb.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\cb9cfff2-5606-45f5-a6d2-72e846ea4c99.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7304_143004570\6078f2f1-8956-4b30-8fc8-4797ff05f6f0.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7304_143004570\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7304_143004570\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7304_143004570\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7304_143004570\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Nov 19 22:19:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Nov 19 22:19:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Nov 19 22:19:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Nov 19 22:19:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Nov 19 22:19:07 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm
data
dropped
C:\Windows\Tasks\skotes.job
data
dropped
Chrome Cache Entry: 391
ASCII text, with very long lines (3349)
downloaded
Chrome Cache Entry: 392
ASCII text, with very long lines (2586)
downloaded
Chrome Cache Entry: 393
ASCII text
downloaded
Chrome Cache Entry: 394
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 395
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 396
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 397
SVG Scalable Vector Graphics image
downloaded
There are 194 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2444 --field-trial-handle=2388,i,16510555146849537744,13459730630800446723,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=2220,i,7239485134690088343,7052541673815001243,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2800 --field-trial-handle=2088,i,2698788590352089467,13579413817608931526,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6860 --field-trial-handle=2088,i,2698788590352089467,13579413817608931526,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7148 --field-trial-handle=2088,i,2698788590352089467,13579413817608931526,262144 /prefetch:8
malicious
C:\Users\user\DocumentsDGCFHIDAKE.exe
"C:\Users\user\DocumentsDGCFHIDAKE.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7120 --field-trial-handle=2088,i,2698788590352089467,13579413817608931526,262144 /prefetch:8
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsDGCFHIDAKE.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 5 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.206/68b591d6548ec281/softokn3.dll
185.215.113.206
https://duckduckgo.com/chrome_newtab
unknown
https://sb.scorecardresearch.com/b?rn=1732058361925&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=045B60278D93687D3610751B8C3B691E&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
13.32.110.123
https://c.msn.com/
unknown
https://duckduckgo.com/ac/?q=
unknown
http://185.215.113.206/
185.215.113.206
http://www.broofa.com
unknown
https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
unknown
https://ntp.msn.com/0
unknown
https://ntp.msn.com/_default
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
unknown
https://www.last.fm/
unknown
https://deff.nelreports.net/api/report?cat=msn
unknown
https://ntp.msn.cn/edge/ntp
unknown
http://185.215.113.43/Zu7JuNko/index.phpncoded
unknown
http://185.215.113.206/68b591d6548ec281/mozglue.dllU
unknown
https://sb.scorecardresearch.com/
unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
unknown
https://www.youtube.com
unknown
http://185.215.113.43/Zu7JuNko/index.php
185.215.113.43
https://www.instagram.com
unknown
https://web.skype.com/?browsername=edge_canary_shoreline
unknown
http://185.215.113.206/c4becf79229cb002.phpation
unknown
http://185.215.113.206/68b591d6548ec281/freebl3.dll
185.215.113.206
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
unknown
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
unknown
https://c.msn.com/c.gif?rnd=1732058361924&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=93ba126bd035450b89c4cab3de518f3d&activityId=93ba126bd035450b89c4cab3de518f3d&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=9E073CD59E374ED597FF7213122604B2&MUID=045B60278D93687D3610751B8C3B691E
20.110.205.119
http://185.215.113.206/68b591d6548ec281/nss3.dll
185.215.113.206
https://www.messenger.com
unknown
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
https://msn.comXIDv10M
unknown
http://185.215.113.43/Zu7JuNko/index.phpcoded
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
142.250.184.228
https://unitedstates4.ss.wd.microsoft.us/
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732058364933&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.10
https://i.y.qq.com/n2/m/index.html
unknown
https://www.deezer.com/
unknown
185.215.113.206/c4becf79229cb002.php
https://web.telegram.org/
unknown
http://www.mozilla.com/en-US/blocklist/
unknown
https://mozilla.org0/
unknown
https://vibe.naver.com/today
unknown
https://srtb.msn.com/
unknown
https://unitedstates1.ss.wd.microsoft.us/
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://www.ecosia.org/newtab/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
http://185.215.113.206/c4becf79229cb002.php7
unknown
http://185.215.113.206Z
unknown
https://plus.google.com
unknown
https://play.google.com/log?format=json&hasfast=true
142.250.185.174
http://185.215.113.16/mine/random.exe_
unknown
https://bzib.nelreports.net/api/report?cat=bingbusiness
unknown
https://www.google.com/chrome
unknown
https://www.tiktok.com/
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
142.250.185.174
http://185.215.113.206/c4becf79229cb002.phpA
unknown
https://www.msn.com/web-notification-icon-light.png
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
unknown
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
unknown
https://chromewebstore.google.com/
unknown
https://srtb.msn.cn/
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
unknown
http://185.215.113.43/Zu7JuNko/index.phpim
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
unknown
https://chrome.google.com/webstore/
unknown
https://y.music.163.com/m/
unknown
http://185.215.113.206/c4becf79229cb002.phpS
unknown
https://unitedstates2.ss.wd.microsoft.us/
unknown
https://bard.google.com/
unknown
https://assets.msn.cn/resolver/
unknown
https://clients6.google.com
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732058361922&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.10
http://185.215.113.43/Zu7JuNko/index.phpU
unknown
http://185.215.113.206/2
unknown
https://browser.events.data.msn.com/
unknown
http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
185.215.113.206
https://web.whatsapp.com
unknown
https://m.kugou.com/
unknown
http://185.215.113.206/c4becf79229cb002.phpd
unknown
https://www.office.com
unknown
https://outlook.live.com/mail/0/
unknown
http://185.215.113.43/Zu7JuNko/index.phpa
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
https://clients2.googleusercontent.com/crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx
142.251.40.161
https://ntp.msn.com/edge/ntp
unknown
https://assets.msn.com/resolver/
unknown
http://185.215.113.16/mine/random.exe
185.215.113.16
https://powerpoint.new?from=EdgeM365Shoreline
unknown
http://185.215.113.43/Zu7JuNko/index.phpI
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://185.215.113.43/Zu7JuNko/index.phpJ
unknown
http://185.215.113.206/68b591d6548ec281/sqlite3.dll
185.215.113.206
https://tidal.com/
unknown
https://ntp.msn.com
unknown
https://browser.events.data.msn.cn/
unknown
https://gaana.com/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
172.64.41.3
plus.l.google.com
142.250.185.174
play.google.com
142.250.185.174
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
13.32.110.123
www.google.com
142.250.184.228
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
apis.google.com
unknown
api.msn.com
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
185.215.113.43
unknown
Portugal
malicious
192.168.2.5
unknown
unknown
malicious
185.215.113.16
unknown
Portugal
malicious
185.215.113.206
unknown
Portugal
malicious
13.107.246.40
unknown
United States
152.195.19.97
unknown
United States
18.164.116.57
unknown
United States
20.189.173.10
unknown
United States
23.57.90.171
unknown
United States
162.159.61.3
unknown
United States
65.52.241.40
unknown
United States
104.117.182.9
unknown
United States
20.110.205.119
unknown
United States
142.250.184.228
www.google.com
United States
204.79.197.219
unknown
United States
172.64.41.3
chrome.cloudflare-dns.com
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
23.219.82.25
unknown
United States
239.255.255.250
unknown
Reserved
142.250.185.174
plus.l.google.com
United States
142.251.40.161
unknown
United States
20.96.153.111
unknown
United States
23.209.72.43
unknown
United States
127.0.0.1
unknown
unknown
13.32.110.123
sb.scorecardresearch.com
United States
There are 15 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197736
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197736
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197736
WindowTabManagerFileMappingId
There are 141 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
C81000
unkown
page execute and read and write
 malicious
C11000
unkown
page execute and read and write
 malicious
361000
unkown
page execute and read and write
 malicious
4AB0000
direct allocation
page read and write
 malicious
C11000
unkown
page execute and read and write
 malicious
D9E000
heap
page read and write
 malicious
4850000
direct allocation
page read and write
 malicious
4DD0000
direct allocation
page read and write
 malicious
4ED0000
direct allocation
page read and write
 malicious
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
79B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
408E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
732000
heap
page read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
C10000
unkown
page readonly
594000
heap
page read and write
594000
heap
page read and write
2BFF000
stack
page read and write
76F000
heap
page read and write
1D25B000
heap
page read and write
594000
heap
page read and write
1D243000
heap
page read and write
594000
heap
page read and write
74F000
heap
page read and write
594000
heap
page read and write
4951000
heap
page read and write
594000
heap
page read and write
108E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
35E000
stack
page read and write
4611000
heap
page read and write
594000
heap
page read and write
7AF3000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3F8E000
stack
page read and write
C72000
unkown
page execute and read and write
594000
heap
page read and write
494F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
7BB000
heap
page read and write
F9E000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
4F90000
direct allocation
page execute and read and write
4611000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
380E000
stack
page read and write
366E000
stack
page read and write
594000
heap
page read and write
1D24B000
heap
page read and write
594000
heap
page read and write
456E000
stack
page read and write
594000
heap
page read and write
234D0000
heap
page read and write
594000
heap
page read and write
50D0000
direct allocation
page execute and read and write
594000
heap
page read and write
748000
heap
page read and write
7AD000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
2EEF000
stack
page read and write
595000
heap
page read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
43D1000
heap
page read and write
594000
heap
page read and write
2BA0000
direct allocation
page read and write
D30000
heap
page read and write
C7B000
unkown
page execute and read and write
23451000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D265000
heap
page read and write
4951000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
1D271000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
4FD0000
direct allocation
page execute and read and write
430F000
stack
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3EBE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
41CF000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2C0F000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
323E000
stack
page read and write
595000
heap
page read and write
4A00000
direct allocation
page execute and read and write
2D4F000
stack
page read and write
594000
heap
page read and write
376F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
282F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
10D1000
unkown
page execute and read and write
594000
heap
page read and write
3F2E000
stack
page read and write
4F40000
direct allocation
page execute and read and write
33EE000
stack
page read and write
790000
heap
page read and write
2372A000
heap
page read and write
2E7E000
stack
page read and write
4F20000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3BCE000
stack
page read and write
126B000
heap
page read and write
234B1000
heap
page read and write
397000
unkown
page execute and read and write
594000
heap
page read and write
4611000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
234D8000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3E7F000
stack
page read and write
798000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
1D263000
heap
page read and write
594000
heap
page read and write
3CAE000
stack
page read and write
594000
heap
page read and write
3CCF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
418E000
stack
page read and write
402F000
stack
page read and write
594000
heap
page read and write
C7B000
unkown
page execute and read and write
4A31000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1CBBE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
5060000
direct allocation
page execute and read and write
595000
heap
page read and write
C79000
unkown
page read and write
594000
heap
page read and write
2DBE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
23410000
trusted library allocation
page read and write
1CCFE000
stack
page read and write
595000
heap
page read and write
3B8F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
5040000
direct allocation
page execute and read and write
595000
heap
page read and write
4B34000
heap
page read and write
4A31000
heap
page read and write
47AF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
427E000
stack
page read and write
792000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D27B000
heap
page read and write
594000
heap
page read and write
37CF000
stack
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
4FE0000
direct allocation
page execute and read and write
594000
heap
page read and write
43BE000
stack
page read and write
6C581000
unkown
page execute read
595000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
44FE000
stack
page read and write
4AEB000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
C80000
unkown
page readonly
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
83B000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
7BB000
heap
page read and write
4AA0000
direct allocation
page read and write
43CF000
stack
page read and write
594000
heap
page read and write
23430000
heap
page read and write
3C6F000
stack
page read and write
594000
heap
page read and write
5020000
direct allocation
page execute and read and write
D34000
heap
page read and write
404E000
stack
page read and write
594000
heap
page read and write
292F000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
DDE000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
4A20000
direct allocation
page execute and read and write
364E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
599C000
stack
page read and write
595000
heap
page read and write
23454000
heap
page read and write
594000
heap
page read and write
5070000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
6760000
heap
page read and write
1D280000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
428F000
stack
page read and write
B4E000
stack
page read and write
4C60000
direct allocation
page execute and read and write
1143000
unkown
page execute and write copy
1D254000
heap
page read and write
594000
heap
page read and write
34BE000
stack
page read and write
D80000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
5080000
direct allocation
page execute and read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
1D25E000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
4F0F000
stack
page read and write
595000
heap
page read and write
338F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
340F000
stack
page read and write
466F000
stack
page read and write
10D1000
unkown
page execute and read and write
1D265000
heap
page read and write
420000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
D90000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
F1F000
unkown
page execute and read and write
3C8E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
23491000
heap
page read and write
537E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4C00000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
23471000
heap
page read and write
76F000
heap
page read and write
594000
heap
page read and write
1141000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
5AA000
unkown
page read and write
594000
heap
page read and write
A80000
heap
page read and write
594000
heap
page read and write
45FF000
stack
page read and write
594000
heap
page read and write
4F50000
direct allocation
page execute and read and write
594000
heap
page read and write
2B5E000
stack
page read and write
675E000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
3E4E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
4611000
heap
page read and write
500F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
4C10000
direct allocation
page execute and read and write
7AD000
heap
page read and write
2ACF000
stack
page read and write
352E000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
4611000
heap
page read and write
2E8F000
stack
page read and write
594000
heap
page read and write
2E3F000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
4E31000
direct allocation
page read and write
1D263000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1CA3F000
stack
page read and write
1D27E000
heap
page read and write
354F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
B25000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
B6E000
stack
page read and write
570F000
stack
page read and write
5050000
direct allocation
page execute and read and write
2FEF000
stack
page read and write
5050000
direct allocation
page execute and read and write
595000
heap
page read and write
594000
heap
page read and write
38CE000
stack
page read and write
4F30000
direct allocation
page execute and read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
1220000
direct allocation
page read and write
5AC000
unkown
page execute and read and write
4A10000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
2D3F000
stack
page read and write
589D000
stack
page read and write
595000
heap
page read and write
437F000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
595000
heap
page read and write
1D236000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4F40000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
397F000
stack
page read and write
29FB000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D25B000
heap
page read and write
49C0000
direct allocation
page execute and read and write
1D24B000
heap
page read and write
594000
heap
page read and write
E73000
unkown
page execute and read and write
1D272000
heap
page read and write
61ECC000
direct allocation
page read and write
594000
heap
page read and write
4C30000
direct allocation
page execute and read and write
594000
heap
page read and write
4F40000
direct allocation
page execute and read and write
1D27E000
heap
page read and write
E03000
unkown
page execute and read and write
F2E000
unkown
page execute and write copy
1D271000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
37AE000
stack
page read and write
F9F000
unkown
page execute and write copy
594000
heap
page read and write
533F000
stack
page read and write
5B3E000
stack
page read and write
1D280000
heap
page read and write
23510000
trusted library allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
C50000
direct allocation
page read and write
3FFE000
stack
page read and write
595000
heap
page read and write
61ED0000
direct allocation
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
5090000
direct allocation
page execute and read and write
594000
heap
page read and write
62BE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
BEE000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
121E000
stack
page read and write
594000
heap
page read and write
4F0B000
stack
page read and write
594000
heap
page read and write
C79000
unkown
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
29FE000
heap
page read and write
4A31000
heap
page read and write
2AFF000
stack
page read and write
358E000
stack
page read and write
4A31000
heap
page read and write
852000
unkown
page execute and write copy
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
792000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
723000
heap
page read and write
43D1000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
F2F000
unkown
page execute and write copy
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D25D000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4FC0000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
30BF000
stack
page read and write
4A50000
trusted library allocation
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
27E000
stack
page read and write
594000
heap
page read and write
2346E000
heap
page read and write
594000
heap
page read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
1D230000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
61E01000
direct allocation
page execute read
594000
heap
page read and write
45CE000
stack
page read and write
594000
heap
page read and write
4F40000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4C7000
unkown
page execute and read and write
6C4E1000
unkown
page execute read
594000
heap
page read and write
2BA0000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
316E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
46AE000
stack
page read and write
4611000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
3FBF000
stack
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
627C000
stack
page read and write
3B2F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
C11000
unkown
page execute and write copy
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
79B000
heap
page read and write
594000
heap
page read and write
2FCF000
stack
page read and write
498F000
stack
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
2DCF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
39CF000
stack
page read and write
1D274000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
50F0000
direct allocation
page execute and read and write
785000
heap
page read and write
594000
heap
page read and write
5050000
direct allocation
page execute and read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
1D280000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
416E000
stack
page read and write
594000
heap
page read and write
374F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
387E000
stack
page read and write
43D1000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D22D000
stack
page read and write
594000
heap
page read and write
61EB7000
direct allocation
page readonly
594000
heap
page read and write
1D350000
trusted library allocation
page read and write
324F000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
4611000
heap
page read and write
278000
stack
page read and write
1D27D000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1CA7E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
413E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D12D000
stack
page read and write
5E35000
heap
page read and write
1D24B000
heap
page read and write
D34000
heap
page read and write
595000
heap
page read and write
617B000
stack
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4EAC000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2ECF000
stack
page read and write
50C0000
direct allocation
page execute and read and write
D34000
heap
page read and write
CE2000
unkown
page execute and read and write
78B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2FCF000
stack
page read and write
373E000
stack
page read and write
594000
heap
page read and write
EE8000
unkown
page execute and read and write
594000
heap
page read and write
38EE000
stack
page read and write
388F000
stack
page read and write
594000
heap
page read and write
1CB7F000
stack
page read and write
4611000
heap
page read and write
61EB4000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
B10000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
779000
heap
page read and write
23410000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
4611000
heap
page read and write
1D251000
heap
page read and write
594000
heap
page read and write
2A3C1000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3D3F000
stack
page read and write
347F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
4A30000
heap
page read and write
D34000
heap
page read and write
4A31000
heap
page read and write
1D268000
heap
page read and write
730000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
F8F000
unkown
page execute and read and write
4600000
direct allocation
page read and write
595000
heap
page read and write
594000
heap
page read and write
434E000
stack
page read and write
6750000
heap
page read and write
594000
heap
page read and write
1D263000
heap
page read and write
6C765000
unkown
page readonly
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
48EF000
stack
page read and write
594000
heap
page read and write
4630000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6DE000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
5050000
direct allocation
page execute and read and write
594000
heap
page read and write
D34000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
4C00000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
BAE000
stack
page read and write
1D280000
heap
page read and write
D9A000
heap
page read and write
4611000
heap
page read and write
300E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D261000
heap
page read and write
1D257000
heap
page read and write
78B000
heap
page read and write
594000
heap
page read and write
795000
heap
page read and write
1299000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
4951000
heap
page read and write
4B30000
trusted library allocation
page read and write
1D352000
heap
page read and write
C72000
unkown
page execute and read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
234A8000
heap
page read and write
1D242000
heap
page read and write
312F000
stack
page read and write
4611000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
11DF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D241000
heap
page read and write
594000
heap
page read and write
BF0000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
29CE000
stack
page read and write
1D270000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
29F7000
heap
page read and write
594000
heap
page read and write
61ED4000
direct allocation
page readonly
35BF000
stack
page read and write
594000
heap
page read and write
1D258000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
575D000
stack
page read and write
5E20000
heap
page read and write
3F0E000
stack
page read and write
1D280000
heap
page read and write
C4F000
stack
page read and write
1D280000
heap
page read and write
23456000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4BEF000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
5030000
direct allocation
page execute and read and write
594000
heap
page read and write
595000
heap
page read and write
4F60000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4AA0000
direct allocation
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
D34000
heap
page read and write
48B1000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4620000
heap
page read and write
C79000
unkown
page write copy
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
17C000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
273000
stack
page read and write
1D265000
heap
page read and write
4A31000
heap
page read and write
D7E000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
1D272000
heap
page read and write
594000
heap
page read and write
1220000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
44D0000
trusted library allocation
page read and write
5050000
direct allocation
page execute and read and write
4A31000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
4600000
direct allocation
page read and write
1D269000
heap
page read and write
E11000
heap
page read and write
4600000
direct allocation
page read and write
29AE000
stack
page read and write
6C760000
unkown
page read and write
4A31000
heap
page read and write
595000
heap
page read and write
1D26C000
heap
page read and write
1D25E000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
F8E000
stack
page read and write
2CFF000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
47EE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
51FB000
stack
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
7BB000
heap
page read and write
594000
heap
page read and write
56E000
stack
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2CCF000
stack
page read and write
594000
heap
page read and write
1D27C000
heap
page read and write
337E000
stack
page read and write
36CE000
stack
page read and write
2A3BC000
stack
page read and write
594000
heap
page read and write
1D25D000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
84F0000
heap
page read and write
594000
heap
page read and write
29F0000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
6C71F000
unkown
page readonly
1D269000
heap
page read and write
594000
heap
page read and write
4AA0000
direct allocation
page read and write
6C55D000
unkown
page readonly
594000
heap
page read and write
594000
heap
page read and write
3E0F000
stack
page read and write
594000
heap
page read and write
2372A000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
333F000
stack
page read and write
1264000
heap
page read and write
594000
heap
page read and write
298F000
stack
page read and write
1CF4D000
stack
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4AE6000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
4EC0000
direct allocation
page read and write
9EF000
unkown
page execute and write copy
F2E000
unkown
page execute and read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
E82000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
1D241000
heap
page read and write
6C580000
unkown
page readonly
1D25C000
heap
page read and write
55BF000
stack
page read and write
1D25E000
heap
page read and write
54BE000
stack
page read and write
523E000
stack
page read and write
D34000
heap
page read and write
594000
heap
page read and write
1D271000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4F31000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4C40000
direct allocation
page execute and read and write
595000
heap
page read and write
7AF5000
heap
page read and write
732000
heap
page read and write
8517000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3A2E000
stack
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
1D243000
heap
page read and write
2DED000
heap
page read and write
6760000
heap
page read and write
90F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
394E000
stack
page read and write
811000
unkown
page execute and read and write
484E000
stack
page read and write
33CE000
stack
page read and write
2D7C000
stack
page read and write
1CE4D000
stack
page read and write
80E000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
595000
heap
page read and write
594000
heap
page read and write
6C4E0000
unkown
page readonly
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D24B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
F16000
unkown
page execute and read and write
594000
heap
page read and write
72E000
heap
page read and write
594000
heap
page read and write
1D271000
heap
page read and write
4990000
direct allocation
page execute and read and write
6A0000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
383F000
stack
page read and write
7AF0000
heap
page read and write
1CCBF000
stack
page read and write
74C000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
1CF8E000
stack
page read and write
2F7F000
stack
page read and write
594000
heap
page read and write
585E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4951000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
4A31000
heap
page read and write
49B0000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
23510000
trusted library allocation
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4F40000
direct allocation
page execute and read and write
4A31000
heap
page read and write
77A000
heap
page read and write
74D000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2880000
heap
page read and write
594000
heap
page read and write
7BB000
heap
page read and write
378E000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
3B4E000
stack
page read and write
1D259000
heap
page read and write
758000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
5AA000
unkown
page write copy
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
792000
heap
page read and write
595000
heap
page read and write
23690000
trusted library allocation
page read and write
594000
heap
page read and write
E8A000
heap
page read and write
595000
heap
page read and write
1D24B000
heap
page read and write
46CF000
stack
page read and write
23732000
heap
page read and write
4A31000
heap
page read and write
4B30000
heap
page read and write
29EE000
stack
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
7B0000
heap
page read and write
368F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
79B000
heap
page read and write
5E1E000
stack
page read and write
4950000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
4F80000
direct allocation
page execute and read and write
4611000
heap
page read and write
4A40000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4C20000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
4C30000
direct allocation
page execute and read and write
1D25D000
heap
page read and write
2BC7000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2A2BC000
stack
page read and write
594000
heap
page read and write
1200000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
732000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
BB000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
AEE000
stack
page read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
1D272000
heap
page read and write
4A31000
heap
page read and write
1D25E000
heap
page read and write
594000
heap
page read and write
10D3000
unkown
page execute and write copy
595000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
F86000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
4F70000
direct allocation
page execute and read and write
1CDFF000
stack
page read and write
594000
heap
page read and write
3DEE000
stack
page read and write
4A31000
heap
page read and write
3D8F000
stack
page read and write
594000
heap
page read and write
2B0E000
stack
page read and write
2F0000
heap
page read and write
594000
heap
page read and write
C10000
unkown
page read and write
2DC0000
heap
page read and write
4A31000
heap
page read and write
4C50000
direct allocation
page execute and read and write
4611000
heap
page read and write
40FF000
stack
page read and write
594000
heap
page read and write
61ECD000
direct allocation
page readonly
594000
heap
page read and write
F9E000
unkown
page execute and write copy
594000
heap
page read and write
5A3E000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D27E000
heap
page read and write
4A50000
trusted library allocation
page read and write
32AE000
stack
page read and write
492E000
stack
page read and write
594000
heap
page read and write
4611000
heap
page read and write
CEB000
unkown
page execute and read and write
F1F000
unkown
page execute and read and write
4A2F000
stack
page read and write
594000
heap
page read and write
44BF000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
3ECF000
stack
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2ECE000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
D34000
heap
page read and write
1D25E000
heap
page read and write
594000
heap
page read and write
2C3E000
stack
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
42C000
unkown
page execute and read and write
1220000
direct allocation
page read and write
3B6E000
stack
page read and write
5050000
direct allocation
page execute and read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
1D25E000
heap
page read and write
595000
heap
page read and write
DE4000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D265000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
390F000
stack
page read and write
6B0000
direct allocation
page read and write
594000
heap
page read and write
452F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2A3C0000
heap
page read and write
1D265000
heap
page read and write
3AFE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4FA0000
direct allocation
page execute and read and write
4A31000
heap
page read and write
594000
heap
page read and write
43EF000
stack
page read and write
C79000
unkown
page write copy
595000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
4A40000
heap
page read and write
594000
heap
page read and write
F58000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
4611000
heap
page read and write
4611000
heap
page read and write
1D27E000
heap
page read and write
3C4F000
stack
page read and write
D34000
heap
page read and write
4951000
heap
page read and write
EE8000
unkown
page execute and read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
42EE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A50000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2B9E000
stack
page read and write
330E000
stack
page read and write
23465000
heap
page read and write
3D7E000
stack
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
595000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
361000
unkown
page execute and write copy
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
232C1000
heap
page read and write
2E0000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1C93E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
1D25D000
heap
page read and write
D0E000
stack
page read and write
594000
heap
page read and write
1D268000
heap
page read and write
1D265000
heap
page read and write
302E000
stack
page read and write
594000
heap
page read and write
39BE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
3F4F000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
2DE0000
heap
page read and write
7F0000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
124A000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
4E0E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
2A270000
heap
page read and write
23410000
trusted library allocation
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
C81000
unkown
page execute and write copy
594000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
595000
heap
page read and write
4611000
heap
page read and write
326F000
stack
page read and write
D34000
heap
page read and write
3DCE000
stack
page read and write
400F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
49E0000
direct allocation
page execute and read and write
30CF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
50B0000
direct allocation
page execute and read and write
595000
heap
page read and write
594000
heap
page read and write
1D25E000
heap
page read and write
594000
heap
page read and write
34CF000
stack
page read and write
7CF0000
trusted library allocation
page read and write
DF6000
heap
page read and write
594000
heap
page read and write
1D25D000
heap
page read and write
122B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
30FE000
stack
page read and write
6B0000
direct allocation
page read and write
360000
unkown
page readonly
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
63BE000
stack
page read and write
594000
heap
page read and write
41AE000
stack
page read and write
4611000
heap
page read and write
2BC0000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
4EC0000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
31FF000
stack
page read and write
D34000
heap
page read and write
594000
heap
page read and write
35FE000
stack
page read and write
1D25E000
heap
page read and write
1D265000
heap
page read and write
595000
heap
page read and write
C11000
unkown
page execute and write copy
F2F000
unkown
page execute and write copy
5F3F000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4FB0000
direct allocation
page execute and read and write
5E36000
heap
page read and write
286E000
stack
page read and write
272B000
stack
page read and write
6C75F000
unkown
page write copy
38AF000
stack
page read and write
595000
heap
page read and write
350E000
stack
page read and write
594000
heap
page read and write
34EF000
stack
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
127E000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
76F000
heap
page read and write
594000
heap
page read and write
598000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
613F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
3B0F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D25E000
heap
page read and write
730000
heap
page read and write
F16000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
71F000
heap
page read and write
7AF8000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D25B000
heap
page read and write
590000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
D34000
heap
page read and write
D34000
heap
page read and write
76F000
heap
page read and write
594000
heap
page read and write
7CEC000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
CE9000
unkown
page read and write
1D24B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
124E000
heap
page read and write
4611000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
23468000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2887000
heap
page read and write
594000
heap
page read and write
C50000
direct allocation
page read and write
594000
heap
page read and write
2368E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
72E000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
6D0000
heap
page read and write
594000
heap
page read and write
360F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
756000
heap
page read and write
362F000
stack
page read and write
6C56E000
unkown
page read and write
500000
heap
page read and write
C70000
direct allocation
page execute and read and write
594000
heap
page read and write
448E000
stack
page read and write
4A31000
heap
page read and write
31CF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
603F000
stack
page read and write
83C000
stack
page read and write
2C4E000
stack
page read and write
4A31000
heap
page read and write
595000
heap
page read and write
42AF000
stack
page read and write
3EEF000
stack
page read and write
3DAF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
49A0000
direct allocation
page execute and read and write
594000
heap
page read and write
488B000
stack
page read and write
594000
heap
page read and write
CE9000
unkown
page write copy
39EF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D280000
heap
page read and write
3A0E000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
4A30000
direct allocation
page execute and read and write
D34000
heap
page read and write
595000
heap
page read and write
50E0000
direct allocation
page execute and read and write
594000
heap
page read and write
6B0000
direct allocation
page read and write
D34000
heap
page read and write
594000
heap
page read and write
4951000
heap
page read and write
594000
heap
page read and write
2D3E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4F10000
direct allocation
page execute and read and write
B20000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
4A31000
heap
page read and write
1D24F000
heap
page read and write
594000
heap
page read and write
444F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
F2E000
unkown
page execute and read and write
42CE000
stack
page read and write
4610000
heap
page read and write
594000
heap
page read and write
4EC0000
direct allocation
page read and write
3BFF000
stack
page read and write
328E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
61E00000
direct allocation
page execute and read and write
61ED3000
direct allocation
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6751000
heap
page read and write
595000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
E03000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
796000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
730000
unkown
page execute and read and write
4A31000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
93D000
stack
page read and write
594000
heap
page read and write
1D257000
heap
page read and write
3A8E000
stack
page read and write
1D271000
heap
page read and write
2BA0000
direct allocation
page read and write
594000
heap
page read and write
76F000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D272000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
23452000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
2DE7000
heap
page read and write
594000
heap
page read and write
F2E000
unkown
page execute and write copy
594000
heap
page read and write
AFD000
stack
page read and write
23732000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
458F000
stack
page read and write
9EE000
unkown
page execute and read and write
4F40000
direct allocation
page execute and read and write
851000
unkown
page execute and write copy
78B000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
314E000
stack
page read and write
1D24A000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D272000
heap
page read and write
1D262000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
1D265000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6C572000
unkown
page readonly
594000
heap
page read and write
4A31000
heap
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3C3D000
stack
page read and write
3D0E000
stack
page read and write
798000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
D34000
heap
page read and write
3E4000
unkown
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
5DDE000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
49D0000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
7C0000
heap
page read and write
6C75E000
unkown
page read and write
4616000
heap
page read and write
2358E000
stack
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
1D08C000
stack
page read and write
842000
unkown
page execute and read and write
4611000
heap
page read and write
595000
heap
page read and write
1220000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
43D1000
heap
page read and write
470E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
360000
unkown
page read and write
32CF000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
1210000
direct allocation
page read and write
594000
heap
page read and write
594000
heap
page read and write
C80000
unkown
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
2870000
direct allocation
page execute and read and write
2B1E000
stack
page read and write
296B000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
414F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
5D9E000
stack
page read and write
2345C000
heap
page read and write
3A4F000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
480F000
stack
page read and write
594000
heap
page read and write
50A0000
direct allocation
page execute and read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
40CE000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
547F000
stack
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
6DA000
heap
page read and write
594000
heap
page read and write
420E000
stack
page read and write
D34000
heap
page read and write
43D0000
heap
page read and write
594000
heap
page read and write
1D24B000
heap
page read and write
1240000
heap
page read and write
594000
heap
page read and write
442E000
stack
page read and write
2336D000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
595000
heap
page read and write
415000
unkown
page execute and read and write
9A0000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
1D2E4000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
69E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
3ABF000
stack
page read and write
423F000
stack
page read and write
344E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4611000
heap
page read and write
594000
heap
page read and write
2D8E000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
33AF000
stack
page read and write
595000
heap
page read and write
1D257000
heap
page read and write
C50000
direct allocation
page read and write
732000
heap
page read and write
595000
heap
page read and write
560E000
stack
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
594000
heap
page read and write
1D24B000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
49F0000
direct allocation
page execute and read and write
10D3000
unkown
page execute and write copy
594000
heap
page read and write
23738000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
1D25D000
heap
page read and write
36FF000
stack
page read and write
594000
heap
page read and write
594000
heap
page read and write
406D000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
595000
heap
page read and write
C10000
unkown
page readonly
594000
heap
page read and write
594000
heap
page read and write
1D271000
heap
page read and write
5E30000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
4600000
direct allocation
page read and write
594000
heap
page read and write
4A31000
heap
page read and write
C10000
unkown
page read and write
4A31000
heap
page read and write
1BA000
stack
page read and write
594000
heap
page read and write
595000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
594000
heap
page read and write
234DF000
heap
page read and write
785000
heap
page read and write
1D23F000
heap
page read and write
594000
heap
page read and write
654C000
stack
page read and write
2FBE000
stack
page read and write
594000
heap
page read and write
851000
unkown
page execute and read and write
594000
heap
page read and write
D34000
heap
page read and write
594000
heap
page read and write
310F000
stack
page read and write
There are 1988 hidden memdumps, click here to show them.