IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\unik[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\random[1].exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1009625001\unik.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1009635001\d4a6d0bce7.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1009636001\a01b32dfa9.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\DocumentsBGDBAKFCFH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\CFCFHJDBKJKEBFHJEHII
ASCII text, with very long lines (1769), with CRLF line terminators
dropped
C:\ProgramData\EGCBAFCF
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
dropped
C:\ProgramData\FHIEBKKFHIEGCAKECGHJ
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\GIJEBKECBAKFBGDGCBGD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\HIIIJDAAAAAAKECBFBAEBKJJJJ
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\IEHDBAAFIDGDAAAAAAAAKEBFHD
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\KEBKJDBA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2afd6050-c75f-465a-97d7-eeee01e515fc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2b0e07db-4fc1-41df-a66a-80f9497fddcc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3cd46f3f-043c-489c-aae5-80f04b2d20ab.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\487e7d84-aac5-42d0-a225-0caeacdccf11.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6b23bd89-500d-4134-89ec-73c5af5a06ed.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\0feb9ef2-cfd9-4eb3-9431-1b578223cd37.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-674757C5-6D4.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-674757C6-11A0.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\15d31450-55a5-4f47-9894-91dd6955a0d8.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1eef8147-a116-4b1d-bf85-1d6b52fa6d3b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3328a2bf-fa6d-4fda-b779-ffe476c7e8dc.tmp
Unicode text, UTF-8 text, with very long lines (17261), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4675557e-7211-46c3-a4a1-2284f3188d3a.tmp
Unicode text, UTF-8 text, with very long lines (17425), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\62d15007-01aa-486e-bee3-bbe8aae60a07.tmp
Unicode text, UTF-8 text, with very long lines (16483), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\650b2f96-b78d-4e5f-a76c-958069badb16.tmp
Unicode text, UTF-8 text, with very long lines (17426), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\6faf52f4-d9ed-4163-8d78-f116841307ba.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\76caba57-705a-4010-8ae7-02eb9489d125.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7c46a650-21ea-43da-ab34-c1b9d8ea3751.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0fcd231f-7319-4220-a091-2a3d1dec7a72.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\16cb726f-033d-406e-a522-1beddbf7676f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\378c0ae6-6fee-4cad-8e25-30ad5ffb1b34.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\41871895-7af0-4bc6-b3e5-884b38cc6fe9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4d67ed28-b2a7-4985-a2a5-f762f42d9f14.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF37168.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2645d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF27342.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d6cd01c3-3d63-48d1-80b7-bed7f7a23ac9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2a87b.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2d9db.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF30abf.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF35e0f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2a88a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2e778.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF2f2e2.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13377202377233379
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\040448ff-bacc-4066-8935-ad24a4ecc251.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7b1e8f37-1c1b-427c-a6ea-447dab957ea1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8dd5c931-0f4d-4284-91a1-0872385f2f04.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF27342.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c9f74d0f-b6ca-42f4-969d-49f5edb4f78c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c5fa8ee5-2055-46e8-a229-fdb5add4ff6b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ccfe3730-5d38-43f8-b024-30803b7cb49e.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24b38.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24b47.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24d4b.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF273bf.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2cec0.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35dff.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c228.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a3032c8d-8cd8-4993-b529-864b90f6b21e.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c38dea15-2117-4029-8b7e-1c3f7db4f760.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c53f18b8-f668-43b3-8beb-6a21c28adb90.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\download[1].htm
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\add[1].htm
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\download[1].htm
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\fuckingdllENCR[1].dll
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\download[1].htm
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\key[1].htm
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\3d695e91-438b-440f-844e-0db3b12e8b9a.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\5f7d7d9a-6a07-4c13-b862-6303a349056a.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\8f6140cf-b648-43bc-83f4-2780f183537f.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 135363
dropped
C:\Users\user\AppData\Local\Temp\a4260c30-85da-4775-aee3-466f9c005107.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\a5f79753-2a34-423d-a6b0-b8a436a4ff2e.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\ae0fea4b-6af7-44b3-8529-e8d99305e0ad.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\c2af21e8-48c3-4ede-89eb-345cc0edffdf.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_729620731\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_729620731\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_729620731\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_729620731\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_729620731\c2af21e8-48c3-4ede-89eb-345cc0edffdf.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3777)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3782)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir4512_9814312\ae0fea4b-6af7-44b3-8529-e8d99305e0ad.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite-shm
data
dropped
C:\Windows\Tasks\skotes.job
data
dropped
Chrome Cache Entry: 440
ASCII text, with very long lines (6235)
downloaded
Chrome Cache Entry: 441
ASCII text
downloaded
Chrome Cache Entry: 442
ASCII text, with very long lines (65531)
downloaded
There are 292 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 --field-trial-handle=1964,i,16722737202866624989,9051620058126732953,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2516 --field-trial-handle=2364,i,5434323620471502482,10851786949880937597,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2756 --field-trial-handle=2524,i,15866157190665186616,13992255775072579994,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6616 --field-trial-handle=2524,i,15866157190665186616,13992255775072579994,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6924 --field-trial-handle=2524,i,15866157190665186616,13992255775072579994,262144 /prefetch:8
malicious
C:\Users\user\DocumentsBGDBAKFCFH.exe
"C:\Users\user\DocumentsBGDBAKFCFH.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
"C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6876 --field-trial-handle=2524,i,15866157190665186616,13992255775072579994,262144 /prefetch:8
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Users\user\AppData\Local\Temp\1009625001\unik.exe
"C:\Users\user~1\AppData\Local\Temp\1009625001\unik.exe"
malicious
C:\Users\user\AppData\Local\Temp\1009635001\d4a6d0bce7.exe
"C:\Users\user~1\AppData\Local\Temp\1009635001\d4a6d0bce7.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsBGDBAKFCFH.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 8 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.156.72.65/dll/download
185.156.72.65
 malicious
http://185.156.72.65/dll/key
185.156.72.65
 malicious
http://185.156.72.65/add?substr=mixtwo&s=three&sub=nosub
185.156.72.65
 malicious
http://185.156.72.65/files/download
185.156.72.65
 malicious
http://185.215.113.206/68b591d6548ec281/softokn3.dll
185.215.113.206
http://185.215.113.16/6122658-3693405117-2476756634-1003
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://c.msn.com/
unknown
https://duckduckgo.com/ac/?q=
unknown
http://185.215.113.206/
185.215.113.206
http://185.156.72.65/dll/downloadn9
unknown
https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732728800368&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://ntp.msn.com/_default
unknown
http://185.156.72.65/add?substr=mixtwo&s=three&sub=nosubl
unknown
https://www.last.fm/
unknown
http://185.215.113.16/0ac02b4ded8abeee1fbd97e9c4543b31de15441#
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732728792494&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://ntp.msn.cn/edge/ntp
unknown
https://sb.scorecardresearch.com/
unknown
http://185.215.113.16/luma/random.exerlencodeda
unknown
https://www.youtube.com
unknown
https://curl.se/docs/hsts.html
unknown
http://185.215.113.43/Zu7JuNko/index.php
185.215.113.43
https://www.instagram.com
unknown
https://web.skype.com/?browsername=edge_canary_shoreline
unknown
http://185.215.113.206dF;
unknown
http://185.215.113.206/c4becf79229cb002.phpation
unknown
http://185.215.113.206/68b591d6548ec281/freebl3.dll
185.215.113.206
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
unknown
http://185.215.113.16/luma/random.exe009636001
unknown
http://185.215.113.16/luma/random.exedv
unknown
http://185.215.113.16/luma/random.exedp
unknown
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
unknown
http://185.215.113.206/68b591d6548ec281/nss3.dll
185.215.113.206
https://www.messenger.com
unknown
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
http://185.156.72.65/files/downloadt
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
142.250.181.100
https://i.y.qq.com/n2/m/index.html
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLK
unknown
https://www.deezer.com/
unknown
185.215.113.206/c4becf79229cb002.php
https://web.telegram.org/
unknown
http://www.mozilla.com/en-US/blocklist/
unknown
https://mozilla.org0/
unknown
http://185.156.72.65/dll/keyY
unknown
http://home.twentykm20sr.top/iYUeIWtRvzKHTkiRYPPG1732630737
unknown
https://vibe.naver.com/today
unknown
https://srtb.msn.com/
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://185.215.113.206/c4becf79229cb002.php/
unknown
http://185.215.113.206/c4becf79229cb002.php0
unknown
https://assets.msn.com
unknown
https://curl.se/docs/alt-svc.html
unknown
http://185.156.72.65/files/downloadX
unknown
https://www.ecosia.org/newtab/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
http://185.156.72.65/files/downloadR
unknown
https://httpbin.org/ipbefore
unknown
https://www.google.com/chrome
unknown
https://www.tiktok.com/
unknown
http://185.215.113.16/luma/random.exehpe
unknown
https://www.msn.com/web-notification-icon-light.png
unknown
http://185.215.113.16/luma/random.exe3
unknown
https://chromewebstore.google.com/
unknown
http://185.156.72.65/files/download65/files/download
unknown
http://31.41.244.11/files/random.exeEv(
unknown
http://185.215.113.16/luma/random.exe1
unknown
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
unknown
http://185.215.113.16/luma/random.exelencoded
unknown
https://srtb.msn.cn/
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
unknown
http://185.156.72.65/add?substr=mixtwo&s=three&sub=nosubsVF:
unknown
http://31.41.244.11/files/random.exe
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
unknown
https://chrome.google.com/webstore/
unknown
https://y.music.163.com/m/
unknown
https://c.msn.com/c.gif?rnd=1732728792496&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=221ec520250b43099d1fa8eff7ffc145&activityId=221ec520250b43099d1fa8eff7ffc145&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0
20.110.205.119
https://bard.google.com/
unknown
https://assets.msn.cn/resolver/
unknown
http://html4/loose.dtd
unknown
https://browser.events.data.msn.com/
unknown
http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
185.215.113.206
https://web.whatsapp.com
unknown
https://m.kugou.com/
unknown
http://185.215.113.206/c4becf79229cb002.phpd
unknown
https://www.office.com
unknown
https://outlook.live.com/mail/0/
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732728800372&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://clients2.googleusercontent.com/crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx
142.250.203.225
https://ntp.msn.com/edge/ntp
unknown
https://assets.msn.com/resolver/
unknown
http://185.215.113.16/mine/random.exe
185.215.113.16
https://powerpoint.new?from=EdgeM365Shoreline
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://185.215.113.206/68b591d6548ec281/sqlite3.dll
185.215.113.206
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
162.159.61.3
home.twentykm20sr.top
34.118.84.150
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.161.69.117
www.google.com
142.250.181.100
s-part-0035.t-0009.t-msedge.net
13.107.246.63
b-0005.b-dc-msedge.net
13.107.9.158
googlehosted.l.googleusercontent.com
142.250.203.225
httpbin.org
18.213.123.165
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
api.msn.com
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
185.215.113.43
unknown
Portugal
malicious
192.168.2.7
unknown
unknown
malicious
185.156.72.65
unknown
Russian Federation
malicious
185.215.113.206
unknown
Portugal
malicious
13.107.246.40
unknown
United States
108.138.106.4
unknown
United States
192.168.2.9
unknown
unknown
162.159.61.3
chrome.cloudflare-dns.com
United States
104.117.182.65
unknown
United States
20.110.205.119
unknown
United States
185.215.113.16
unknown
Portugal
13.91.96.185
unknown
United States
18.213.123.165
httpbin.org
United States
239.255.255.250
unknown
Reserved
23.44.203.14
unknown
United States
127.0.0.1
unknown
unknown
13.107.246.63
s-part-0035.t-0009.t-msedge.net
United States
18.161.69.117
sb.scorecardresearch.com
United States
152.195.19.97
unknown
United States
104.208.16.90
unknown
United States
204.79.197.219
unknown
United States
172.64.41.3
unknown
United States
13.107.9.158
b-0005.b-dc-msedge.net
United States
31.41.244.11
unknown
Russian Federation
142.250.203.225
googlehosted.l.googleusercontent.com
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
142.250.181.100
www.google.com
United States
23.44.203.70
unknown
United States
23.101.168.44
unknown
United States
There are 19 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197638
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197638
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197638
WindowTabManagerFileMappingId
There are 142 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
400000
unkown
page execute and read and write
 malicious
4A30000
direct allocation
page read and write
 malicious
381000
unkown
page execute and read and write
 malicious
11EE000
heap
page read and write
 malicious
381000
unkown
page execute and read and write
 malicious
4940000
direct allocation
page execute and read and write
 malicious
41000
unkown
page execute and read and write
 malicious
5D1000
unkown
page execute and read and write
 malicious
51D0000
direct allocation
page read and write
 malicious
4B70000
direct allocation
page read and write
 malicious
4F80000
direct allocation
page read and write
 malicious
4840000
direct allocation
page read and write
 malicious
4FE0000
direct allocation
page read and write
 malicious
381000
unkown
page execute and read and write
 malicious
8CC000
stack
page read and write
49FE000
stack
page read and write
7580000
direct allocation
page execute and read and write
359000
unkown
page execute and read and write
5D65000
heap
page read and write
4B51000
heap
page read and write
1D750000
heap
page read and write
310F000
stack
page read and write
5D1000
unkown
page execute and write copy
1D74D000
heap
page read and write
83D000
unkown
page execute and write copy
C1A000
heap
page read and write
3C0E000
stack
page read and write
3F8E000
stack
page read and write
477F000
stack
page read and write
1C90000
heap
page read and write
2790000
direct allocation
page read and write
7013E000
unkown
page read and write
390F000
stack
page read and write
C57000
unkown
page execute and read and write
1D735000
heap
page read and write
4AE1000
heap
page read and write
5FEF000
stack
page read and write
2F0F000
stack
page read and write
D80000
unkown
page readonly
136F000
stack
page read and write
A34000
heap
page read and write
A35000
heap
page read and write
4B51000
heap
page read and write
1D730000
heap
page read and write
46D1000
heap
page read and write
6DC1000
heap
page read and write
4AE1000
heap
page read and write
4B51000
heap
page read and write
2F4E000
stack
page read and write
482F000
stack
page read and write
61EB7000
direct allocation
page readonly
4AE1000
heap
page read and write
7520000
direct allocation
page execute and read and write
507F000
stack
page read and write
2E0E000
stack
page read and write
69A000
unkown
page execute and write copy
4B51000
heap
page read and write
E60000
direct allocation
page read and write
61E00000
direct allocation
page execute and read and write
4B51000
heap
page read and write
4371000
heap
page read and write
4AE1000
heap
page read and write
6DC1000
heap
page read and write
1D742000
heap
page read and write
B10000
heap
page read and write
545E000
heap
page read and write
6DC1000
heap
page read and write
4D50000
direct allocation
page execute and read and write
A34000
heap
page read and write
1249000
heap
page read and write
6DC1000
heap
page read and write
29BE000
stack
page read and write
23970000
heap
page read and write
699000
unkown
page execute and write copy
4B51000
heap
page read and write
38BE000
stack
page read and write
749F000
stack
page read and write
23790000
trusted library allocation
page read and write
4371000
heap
page read and write
26EE000
stack
page read and write
7200000
trusted library allocation
page read and write
74E0000
direct allocation
page execute and read and write
3AFF000
stack
page read and write
33CE000
stack
page read and write
2770000
direct allocation
page read and write
603F000
stack
page read and write
434F000
stack
page read and write
4B51000
heap
page read and write
470F000
stack
page read and write
B80000
direct allocation
page read and write
7985000
direct allocation
page read and write
6DC1000
heap
page read and write
4D8E000
stack
page read and write
5D0000
unkown
page read and write
1D737000
heap
page read and write
40CF000
stack
page read and write
49A0000
direct allocation
page execute and read and write
49AE000
stack
page read and write
4D30000
direct allocation
page read and write
49CE000
stack
page read and write
2DCB000
heap
page read and write
29AF000
stack
page read and write
4B51000
heap
page read and write
573000
unkown
page execute and read and write
81A000
unkown
page read and write
1264000
heap
page read and write
4D70000
direct allocation
page execute and read and write
E60000
direct allocation
page read and write
6DC1000
heap
page read and write
C18000
heap
page read and write
3B3E000
stack
page read and write
5370000
direct allocation
page execute and read and write
4D30000
direct allocation
page read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
11E0000
heap
page read and write
344F000
stack
page read and write
3A6F000
stack
page read and write
4D20000
direct allocation
page execute and read and write
1D735000
heap
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
4AE1000
heap
page read and write
238D0000
trusted library allocation
page read and write
74E0000
direct allocation
page execute and read and write
1D722000
heap
page read and write
B80000
direct allocation
page read and write
3A4F000
stack
page read and write
3FFF000
stack
page read and write
10A4000
heap
page read and write
A34000
heap
page read and write
2DF0000
direct allocation
page read and write
4BD1000
direct allocation
page read and write
4B51000
heap
page read and write
2E1E000
stack
page read and write
4371000
heap
page read and write
69C000
unkown
page execute and read and write
454E000
stack
page read and write
1236000
heap
page read and write
FA0000
heap
page read and write
6DC1000
heap
page read and write
4D40000
direct allocation
page execute and read and write
69A000
unkown
page execute and write copy
5DFF000
stack
page read and write
36EE000
stack
page read and write
74E0000
direct allocation
page execute and read and write
8107000
heap
page read and write
1D750000
heap
page read and write
5100000
direct allocation
page execute and read and write
A35000
heap
page read and write
DE3000
stack
page read and write
4371000
heap
page read and write
4D30000
direct allocation
page read and write
A34000
heap
page read and write
4AE1000
heap
page read and write
40EF000
stack
page read and write
64BF000
stack
page read and write
6DC1000
heap
page read and write
4AE1000
heap
page read and write
1264000
heap
page read and write
4AE1000
heap
page read and write
2DF0000
direct allocation
page read and write
426E000
stack
page read and write
A34000
heap
page read and write
1C70000
direct allocation
page read and write
4FBB000
stack
page read and write
25D0000
direct allocation
page execute and read and write
4371000
heap
page read and write
460E000
stack
page read and write
4A20000
direct allocation
page execute and read and write
1264000
heap
page read and write
A34000
heap
page read and write
3CEF000
stack
page read and write
7250000
direct allocation
page read and write
4CF0000
direct allocation
page execute and read and write
40EE000
stack
page read and write
4AE0000
heap
page read and write
A34000
heap
page read and write
4371000
heap
page read and write
10A4000
heap
page read and write
83B000
unkown
page execute and read and write
A34000
heap
page read and write
3EBF000
stack
page read and write
A34000
heap
page read and write
6DC1000
heap
page read and write
5180000
direct allocation
page execute and read and write
41EF000
stack
page read and write
5EAF000
stack
page read and write
2B8E000
stack
page read and write
2DAF000
stack
page read and write
4371000
heap
page read and write
1C80000
heap
page read and write
314E000
stack
page read and write
4BAE000
stack
page read and write
A9000
unkown
page write copy
237FD000
heap
page read and write
3BCF000
stack
page read and write
A34000
heap
page read and write
1D731000
heap
page read and write
49A0000
direct allocation
page execute and read and write
4D30000
direct allocation
page read and write
4AE1000
heap
page read and write
6DC1000
heap
page read and write
5C2E000
stack
page read and write
C6F000
heap
page read and write
1C70000
direct allocation
page read and write
23877000
heap
page read and write
4371000
heap
page read and write
4AE1000
heap
page read and write
74E0000
direct allocation
page execute and read and write
5170000
direct allocation
page execute and read and write
6750000
heap
page read and write
4AE1000
heap
page read and write
4CF0000
direct allocation
page execute and read and write
607C000
stack
page read and write
3EFE000
stack
page read and write
6DC1000
heap
page read and write
E60000
direct allocation
page read and write
A34000
heap
page read and write
2ECF000
stack
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
4FB6000
direct allocation
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
1820000
unkown
page execute and read and write
C7E000
heap
page read and write
4ACF000
stack
page read and write
46D1000
heap
page read and write
35AF000
stack
page read and write
4AD0000
direct allocation
page read and write
A34000
heap
page read and write
498F000
stack
page read and write
4B51000
heap
page read and write
1B3B000
stack
page read and write
19F0000
heap
page read and write
32EF000
stack
page read and write
4373000
heap
page read and write
4371000
heap
page read and write
1D735000
heap
page read and write
E60000
direct allocation
page read and write
51E0000
direct allocation
page execute and read and write
4B51000
heap
page read and write
699000
unkown
page execute and read and write
434E000
stack
page read and write
404E000
stack
page read and write
4B70000
direct allocation
page read and write
4990000
direct allocation
page execute and read and write
BFB000
heap
page read and write
A34000
heap
page read and write
4AD0000
direct allocation
page read and write
324F000
stack
page read and write
1D48000
heap
page read and write
74E0000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
4B69000
heap
page read and write
1B65000
heap
page read and write
4B51000
heap
page read and write
1D31D000
stack
page read and write
2DF0000
direct allocation
page read and write
A34000
heap
page read and write
1D733000
heap
page read and write
358E000
stack
page read and write
54A2000
heap
page read and write
4B51000
heap
page read and write
3D2F000
stack
page read and write
A9E000
stack
page read and write
23890000
trusted library allocation
page read and write
1264000
heap
page read and write
55E3000
heap
page read and write
4B8F000
stack
page read and write
4D30000
direct allocation
page read and write
4AE1000
heap
page read and write
6DC1000
heap
page read and write
1D44000
heap
page read and write
4AD0000
direct allocation
page read and write
AE0000
heap
page read and write
34AE000
stack
page read and write
4371000
heap
page read and write
2DF0000
direct allocation
page read and write
4B51000
heap
page read and write
2770000
direct allocation
page read and write
1264000
heap
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
5DAE000
stack
page read and write
2BFF000
stack
page read and write
584F000
stack
page read and write
3EB000
unkown
page execute and read and write
484F000
stack
page read and write
1D735000
heap
page read and write
699000
unkown
page execute and write copy
3ECF000
stack
page read and write
487E000
stack
page read and write
428F000
stack
page read and write
61ECD000
direct allocation
page readonly
6DC1000
heap
page read and write
3F6F000
stack
page read and write
380000
unkown
page read and write
3EB000
unkown
page execute and read and write
34FE000
stack
page read and write
1D750000
heap
page read and write
1264000
heap
page read and write
4D41000
heap
page read and write
6DC1000
heap
page read and write
1264000
heap
page read and write
CA0000
heap
page read and write
A34000
heap
page read and write
14AD000
heap
page read and write
1264000
heap
page read and write
654000
unkown
page execute and read and write
28AF000
stack
page read and write
6DC0000
heap
page read and write
4AE1000
heap
page read and write
1D72D000
heap
page read and write
448F000
stack
page read and write
106F000
stack
page read and write
A34000
heap
page read and write
1D72E000
heap
page read and write
380000
unkown
page readonly
4AD0000
direct allocation
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
6DC1000
heap
page read and write
450F000
stack
page read and write
75C0000
direct allocation
page execute and read and write
4371000
heap
page read and write
A34000
heap
page read and write
1D1DE000
stack
page read and write
320E000
stack
page read and write
6DC1000
heap
page read and write
1D734000
heap
page read and write
10A4000
heap
page read and write
657000
unkown
page execute and read and write
346F000
stack
page read and write
2E60000
heap
page read and write
47F0000
direct allocation
page read and write
4B51000
heap
page read and write
C7E000
heap
page read and write
74D0000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
2E5E000
stack
page read and write
7012D000
unkown
page readonly
CEE000
stack
page read and write
3BAF000
stack
page read and write
C3E000
heap
page read and write
6DC1000
heap
page read and write
C5E000
heap
page read and write
1D74C000
heap
page read and write
553A000
heap
page read and write
D0F000
stack
page read and write
432F000
stack
page read and write
2DF0000
direct allocation
page read and write
612F000
stack
page read and write
1D56000
heap
page read and write
4F70000
direct allocation
page read and write
1454000
heap
page read and write
4B50000
heap
page read and write
14B9000
unkown
page read and write
5340000
direct allocation
page execute and read and write
46D1000
heap
page read and write
2A5BC000
stack
page read and write
6DC1000
heap
page read and write
3F8F000
stack
page read and write
1264000
heap
page read and write
1D748000
heap
page read and write
1001A000
direct allocation
page read and write
55E3000
heap
page read and write
A34000
heap
page read and write
B1E000
heap
page read and write
1264000
heap
page read and write
6DC1000
heap
page read and write
4371000
heap
page read and write
7500000
direct allocation
page execute and read and write
9C000
stack
page read and write
C6F000
heap
page read and write
E60000
direct allocation
page read and write
2CFE000
stack
page read and write
5130000
direct allocation
page execute and read and write
4F70000
direct allocation
page read and write
E60000
direct allocation
page read and write
46D0000
heap
page read and write
74B0000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
75F0000
direct allocation
page execute and read and write
3E9000
unkown
page write copy
559F000
stack
page read and write
1D731000
heap
page read and write
49F0000
direct allocation
page execute and read and write
7C1B000
stack
page read and write
440E000
stack
page read and write
4C50000
trusted library allocation
page read and write
1D742000
heap
page read and write
10A4000
heap
page read and write
6750000
heap
page read and write
3E9000
unkown
page write copy
4A8E000
stack
page read and write
1D731000
heap
page read and write
346E000
stack
page read and write
1D4F000
heap
page read and write
11D0000
heap
page read and write
2BAF000
stack
page read and write
308E000
stack
page read and write
2AFE000
stack
page read and write
83D000
unkown
page execute and write copy
45CF000
stack
page read and write
1BAE000
stack
page read and write
44CE000
stack
page read and write
6DC1000
heap
page read and write
4A30000
direct allocation
page execute and read and write
10A4000
heap
page read and write
1410000
heap
page read and write
10A4000
heap
page read and write
42CE000
stack
page read and write
4B51000
heap
page read and write
4371000
heap
page read and write
3C2E000
stack
page read and write
1CF9000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
19E9000
unkown
page execute and read and write
5160000
direct allocation
page execute and read and write
1C70000
direct allocation
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
543E000
heap
page read and write
380000
unkown
page readonly
4B51000
heap
page read and write
AB000
unkown
page execute and read and write
1350000
unkown
page execute and read and write
1D71B000
heap
page read and write
5489000
heap
page read and write
70142000
unkown
page readonly
74E0000
direct allocation
page execute and read and write
3DCE000
stack
page read and write
34BF000
stack
page read and write
1D735000
heap
page read and write
10018000
direct allocation
page read and write
4D0F000
stack
page read and write
304F000
stack
page read and write
74C0000
direct allocation
page execute and read and write
1D71B000
heap
page read and write
A34000
heap
page read and write
573000
unkown
page execute and read and write
3D0F000
stack
page read and write
1D735000
heap
page read and write
A34000
heap
page read and write
54FF000
stack
page read and write
3AAE000
stack
page read and write
1CE0E000
stack
page read and write
A34000
heap
page read and write
163E000
unkown
page execute and read and write
4B51000
heap
page read and write
41000
unkown
page execute and write copy
313E000
stack
page read and write
466000
unkown
page write copy
74E0000
direct allocation
page execute and read and write
A34000
heap
page read and write
2CEF000
stack
page read and write
4371000
heap
page read and write
237F7000
heap
page read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
433F000
stack
page read and write
1D72E000
heap
page read and write
1264000
heap
page read and write
25F7000
heap
page read and write
737000
unkown
page execute and read and write
CEC000
stack
page read and write
6DC1000
heap
page read and write
3D8F000
stack
page read and write
330E000
stack
page read and write
D81000
unkown
page execute and read and write
A34000
heap
page read and write
A34000
heap
page read and write
3D6E000
stack
page read and write
4AE1000
heap
page read and write
3B4E000
stack
page read and write
43C1000
heap
page read and write
2384C000
heap
page read and write
1D71B000
heap
page read and write
10001000
direct allocation
page execute read
6DC1000
heap
page read and write
31AF000
stack
page read and write
396E000
stack
page read and write
4371000
heap
page read and write
373F000
stack
page read and write
2D2E000
stack
page read and write
36AF000
stack
page read and write
4B51000
heap
page read and write
4B70000
direct allocation
page read and write
74E0000
direct allocation
page execute and read and write
23890000
trusted library allocation
page read and write
4371000
heap
page read and write
1264000
heap
page read and write
424E000
stack
page read and write
A35000
heap
page read and write
1D735000
heap
page read and write
336E000
stack
page read and write
4AE1000
heap
page read and write
5150000
direct allocation
page execute and read and write
10A4000
heap
page read and write
5489000
heap
page read and write
B80000
direct allocation
page read and write
496F000
stack
page read and write
5130000
direct allocation
page execute and read and write
1D742000
heap
page read and write
8FA000
stack
page read and write
3E2000
unkown
page execute and read and write
2385D000
heap
page read and write
26FF000
stack
page read and write
4371000
heap
page read and write
3BCE000
stack
page read and write
2CCE000
stack
page read and write
340F000
stack
page read and write
1D719000
heap
page read and write
3F0E000
stack
page read and write
50DD000
stack
page read and write
CF5000
heap
page read and write
4D30000
direct allocation
page read and write
8D0000
heap
page read and write
BFF000
heap
page read and write
68C000
unkown
page execute and read and write
4AD0000
direct allocation
page read and write
4970000
direct allocation
page execute and read and write
74E0000
direct allocation
page execute and read and write
318F000
stack
page read and write
1D18F000
stack
page read and write
2EBE000
stack
page read and write
5231000
direct allocation
page read and write
C6F000
heap
page read and write
10A4000
heap
page read and write
25BE000
stack
page read and write
2DCE000
heap
page read and write
6DC1000
heap
page read and write
2380F000
heap
page read and write
45AF000
stack
page read and write
1C70000
direct allocation
page read and write
6DC1000
heap
page read and write
3DBE000
stack
page read and write
6DC1000
heap
page read and write
497F000
stack
page read and write
46D1000
heap
page read and write
700B1000
unkown
page execute read
A34000
heap
page read and write
1837000
unkown
page execute and read and write
52FE000
stack
page read and write
1D71B000
heap
page read and write
1420000
heap
page read and write
4B51000
heap
page read and write
511E000
stack
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
516C000
stack
page read and write
141B000
heap
page read and write
350E000
stack
page read and write
237F3000
heap
page read and write
323F000
stack
page read and write
5D0000
unkown
page readonly
4CC0000
direct allocation
page execute and read and write
A34000
heap
page read and write
1D45D000
stack
page read and write
A34000
heap
page read and write
6DC1000
heap
page read and write
B80000
direct allocation
page read and write
BFC000
heap
page read and write
A34000
heap
page read and write
481B000
direct allocation
page read and write
BE6000
heap
page read and write
1D2DF000
stack
page read and write
10A4000
heap
page read and write
4B51000
heap
page read and write
54A2000
heap
page read and write
4D60000
direct allocation
page execute and read and write
6B7F000
stack
page read and write
74E0000
direct allocation
page execute and read and write
4AE1000
heap
page read and write
1C70000
direct allocation
page read and write
2E07000
heap
page read and write
536F000
stack
page read and write
ADC000
stack
page read and write
A34000
heap
page read and write
1D56000
heap
page read and write
3E4F000
stack
page read and write
4940000
direct allocation
page execute and read and write
3A8E000
stack
page read and write
A34000
heap
page read and write
6CF9E000
unkown
page read and write
A3B000
stack
page read and write
520E000
stack
page read and write
4B51000
heap
page read and write
1264000
heap
page read and write
5B2E000
stack
page read and write
1D74C000
heap
page read and write
1C6E000
stack
page read and write
4B51000
heap
page read and write
997000
unkown
page execute and read and write
48A1000
direct allocation
page read and write
5190000
direct allocation
page execute and read and write
5D60000
heap
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
4B51000
heap
page read and write
1CA0000
heap
page read and write
A34000
heap
page read and write
3A0E000
stack
page read and write
7D1C000
stack
page read and write
125E000
stack
page read and write
10A4000
heap
page read and write
A34000
heap
page read and write
45EE000
stack
page read and write
472E000
stack
page read and write
6DC1000
heap
page read and write
53B0000
heap
page read and write
1264000
heap
page read and write
C27000
heap
page read and write
1D750000
heap
page read and write
10A4000
heap
page read and write
C19000
heap
page read and write
4B51000
heap
page read and write
1D750000
heap
page read and write
4AD0000
direct allocation
page read and write
DDE000
stack
page read and write
4B4F000
stack
page read and write
31CE000
stack
page read and write
27A7000
heap
page read and write
C54000
heap
page read and write
51B0000
direct allocation
page execute and read and write
1D750000
heap
page read and write
2DCF000
stack
page read and write
360F000
stack
page read and write
8B6000
unkown
page execute and read and write
4371000
heap
page read and write
4AD0000
direct allocation
page read and write
4AE1000
heap
page read and write
380000
unkown
page readonly
1D74D000
heap
page read and write
5489000
heap
page read and write
306F000
stack
page read and write
14D3000
heap
page read and write
1264000
heap
page read and write
43C0000
heap
page read and write
74E0000
direct allocation
page execute and read and write
19E7000
unkown
page execute and read and write
6DC1000
heap
page read and write
46D1000
heap
page read and write
2DC7000
heap
page read and write
25C0000
direct allocation
page read and write
6DC1000
heap
page read and write
10A4000
heap
page read and write
1CF9000
heap
page read and write
1D723000
heap
page read and write
53A0000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
359000
unkown
page execute and write copy
607E000
stack
page read and write
BEF000
heap
page read and write
74E0000
direct allocation
page execute and read and write
4AE1000
heap
page read and write
74E0000
direct allocation
page execute and read and write
4D40000
heap
page read and write
3FEE000
stack
page read and write
10A4000
heap
page read and write
1B60000
heap
page read and write
330F000
stack
page read and write
58B000
stack
page read and write
598D000
stack
page read and write
5FC000
unkown
page execute and read and write
23790000
heap
page read and write
387F000
stack
page read and write
A35000
heap
page read and write
A34000
heap
page read and write
1D71B000
heap
page read and write
5160000
direct allocation
page execute and read and write
4AE1000
heap
page read and write
4B51000
heap
page read and write
C5B000
heap
page read and write
E50000
heap
page read and write
1C87000
heap
page read and write
5ACC000
stack
page read and write
530B000
stack
page read and write
4AE1000
heap
page read and write
B80000
direct allocation
page read and write
C00000
heap
page read and write
4371000
heap
page read and write
A34000
heap
page read and write
673E000
stack
page read and write
C9E000
stack
page read and write
1D735000
heap
page read and write
317000
unkown
page execute and read and write
6DC1000
heap
page read and write
1D72E000
heap
page read and write
4B51000
heap
page read and write
4B51000
heap
page read and write
83B000
unkown
page execute and read and write
4AF0000
heap
page read and write
F2C000
stack
page read and write
5433000
heap
page read and write
1264000
heap
page read and write
729C000
stack
page read and write
2DF0000
direct allocation
page read and write
4B51000
heap
page read and write
396F000
stack
page read and write
683000
unkown
page execute and read and write
1D742000
heap
page read and write
945000
heap
page read and write
74E0000
direct allocation
page execute and read and write
174D000
unkown
page execute and read and write
4470000
trusted library allocation
page read and write
53C0000
direct allocation
page execute and read and write
4371000
heap
page read and write
1264000
heap
page read and write
4B51000
heap
page read and write
55E3000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
2E00000
heap
page read and write
1D44000
heap
page read and write
297F000
stack
page read and write
4BC0000
heap
page read and write
2E6E000
stack
page read and write
11EA000
heap
page read and write
4B51000
heap
page read and write
4371000
heap
page read and write
49D0000
direct allocation
page execute and read and write
13BE000
stack
page read and write
1D750000
heap
page read and write
6DC1000
heap
page read and write
1D29000
heap
page read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
74E0000
direct allocation
page execute and read and write
2DC0000
heap
page read and write
337F000
stack
page read and write
388F000
stack
page read and write
2396B000
heap
page read and write
A34000
heap
page read and write
40000
unkown
page readonly
38CE000
stack
page read and write
10A0000
heap
page read and write
2E0C000
heap
page read and write
1D72D000
heap
page read and write
4371000
heap
page read and write
1D731000
heap
page read and write
6DC1000
heap
page read and write
1D750000
heap
page read and write
19C000
stack
page read and write
A34000
heap
page read and write
1D735000
heap
page read and write
4B51000
heap
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
FF0000
heap
page read and write
A34000
heap
page read and write
53B0000
direct allocation
page execute and read and write
1D750000
heap
page read and write
3ACE000
stack
page read and write
C05000
heap
page read and write
4371000
heap
page read and write
1D32000
heap
page read and write
4960000
direct allocation
page execute and read and write
43D0000
heap
page read and write
657000
unkown
page execute and read and write
400F000
stack
page read and write
30AE000
stack
page read and write
448E000
stack
page read and write
59CD000
stack
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
410E000
stack
page read and write
6DC1000
heap
page read and write
55E3000
heap
page read and write
50F0000
direct allocation
page execute and read and write
51D0000
direct allocation
page read and write
5160000
direct allocation
page execute and read and write
607000
unkown
page execute and read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
66FF000
stack
page read and write
1D71B000
heap
page read and write
4990000
direct allocation
page execute and read and write
2770000
direct allocation
page read and write
4371000
heap
page read and write
4371000
heap
page read and write
5F0000
heap
page read and write
3EB000
unkown
page execute and read and write
74E0000
direct allocation
page execute and read and write
501B000
stack
page read and write
6DC1000
heap
page read and write
283F000
stack
page read and write
A34000
heap
page read and write
2A4E000
stack
page read and write
81A000
unkown
page write copy
1D72E000
heap
page read and write
A34000
heap
page read and write
342F000
stack
page read and write
1D40000
heap
page read and write
287E000
stack
page read and write
382E000
stack
page read and write
6DC1000
heap
page read and write
4AD0000
direct allocation
page read and write
C6F000
heap
page read and write
4D90000
heap
page read and write
4AE1000
heap
page read and write
6DC1000
heap
page read and write
4B51000
heap
page read and write
4B51000
heap
page read and write
6DC1000
heap
page read and write
332E000
stack
page read and write
56DF000
stack
page read and write
4CF0000
direct allocation
page execute and read and write
4990000
direct allocation
page execute and read and write
5350000
direct allocation
page execute and read and write
ABB000
unkown
page execute and write copy
41CF000
stack
page read and write
4371000
heap
page read and write
A34000
heap
page read and write
3D4E000
stack
page read and write
4AF0000
heap
page read and write
30FF000
stack
page read and write
413F000
stack
page read and write
381000
unkown
page execute and write copy
C69000
heap
page read and write
4371000
heap
page read and write
1D742000
heap
page read and write
1264000
heap
page read and write
C81000
heap
page read and write
327E000
stack
page read and write
2770000
direct allocation
page read and write
A30000
heap
page read and write
1D735000
heap
page read and write
1D719000
heap
page read and write
1D735000
heap
page read and write
393F000
stack
page read and write
4A00000
direct allocation
page execute and read and write
1D2C000
heap
page read and write
1D48000
heap
page read and write
E60000
direct allocation
page read and write
23832000
heap
page read and write
70C000
unkown
page execute and read and write
A2000
unkown
page execute and read and write
4D30000
direct allocation
page read and write
4371000
heap
page read and write
5160000
direct allocation
page execute and read and write
7250000
direct allocation
page read and write
A34000
heap
page read and write
4AE1000
heap
page read and write
B80000
direct allocation
page read and write
430F000
stack
page read and write
394F000
stack
page read and write
A34000
heap
page read and write
2770000
direct allocation
page read and write
A34000
heap
page read and write
1264000
heap
page read and write
10A4000
heap
page read and write
697E000
stack
page read and write
10A4000
heap
page read and write
1D56000
heap
page read and write
AF0000
heap
page read and write
CDE000
stack
page read and write
BA0000
heap
page read and write
530F000
stack
page read and write
1D72E000
heap
page read and write
35A000
unkown
page execute and write copy
10A4000
heap
page read and write
4B51000
heap
page read and write
1D48000
heap
page read and write
1D750000
heap
page read and write
4990000
direct allocation
page execute and read and write
25C0000
direct allocation
page read and write
146D000
heap
page read and write
4371000
heap
page read and write
4AE1000
heap
page read and write
10A4000
heap
page read and write
49E0000
direct allocation
page execute and read and write
1C70000
direct allocation
page read and write
6DC1000
heap
page read and write
49BF000
stack
page read and write
457E000
stack
page read and write
2E7F000
stack
page read and write
3E9000
unkown
page write copy
3B0F000
stack
page read and write
627F000
stack
page read and write
1BEE000
stack
page read and write
25F0000
heap
page read and write
1D5FD000
stack
page read and write
6DC1000
heap
page read and write
6DC1000
heap
page read and write
470000
unkown
page execute and read and write
E8C000
heap
page read and write
4AE1000
heap
page read and write
A34000
heap
page read and write
2D3F000
stack
page read and write
699000
unkown
page execute and read and write
4CE0000
direct allocation
page execute and read and write
3F3F000
stack
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
237F5000
heap
page read and write
10000000
direct allocation
page read and write
4B51000
heap
page read and write
4AE1000
heap
page read and write
8C0000
heap
page read and write
4B51000
heap
page read and write
1D71B000
heap
page read and write
724E000
stack
page read and write
2770000
direct allocation
page read and write
4371000
heap
page read and write
273C000
stack
page read and write
2A5C0000
heap
page read and write
7600000
heap
page read and write
2C3E000
stack
page read and write
4D30000
direct allocation
page execute and read and write
151E000
stack
page read and write
4AE1000
heap
page read and write
2DF0000
direct allocation
page read and write
BFF000
heap
page read and write
1D48000
heap
page read and write
4390000
heap
page read and write
64FE000
stack
page read and write
3C3F000
stack
page read and write
4B00000
heap
page read and write
1C70000
direct allocation
page read and write
6DC1000
heap
page read and write
4371000
heap
page read and write
1D750000
heap
page read and write
40CE000
stack
page read and write
2FBF000
stack
page read and write
A34000
heap
page read and write
2DEE000
stack
page read and write
2F0F000
stack
page read and write
4D30000
direct allocation
page read and write
70C000
unkown
page execute and write copy
488E000
stack
page read and write
10A4000
heap
page read and write
4CAF000
stack
page read and write
5350000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
116F000
stack
page read and write
10A4000
heap
page read and write
4B51000
heap
page read and write
466000
unkown
page read and write
10A4000
heap
page read and write
400000
unkown
page readonly
34CF000
stack
page read and write
1D72A000
heap
page read and write
27AD000
heap
page read and write
1400000
heap
page read and write
8106000
heap
page read and write
4371000
heap
page read and write
420E000
stack
page read and write
A34000
heap
page read and write
1CAA000
heap
page read and write
4AD0000
direct allocation
page read and write
3AAF000
stack
page read and write
328E000
stack
page read and write
344E000
stack
page read and write
A34000
heap
page read and write
1D56000
heap
page read and write
6840000
heap
page read and write
1D727000
heap
page read and write
4AE1000
heap
page read and write
4E7E000
stack
page read and write
5350000
direct allocation
page execute and read and write
26AF000
stack
page read and write
1C70000
direct allocation
page read and write
6DC1000
heap
page read and write
1C70000
direct allocation
page read and write
6CDC1000
unkown
page execute read
A34000
heap
page read and write
4371000
heap
page read and write
69A000
unkown
page execute and write copy
A34000
heap
page read and write
44AE000
stack
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
7601000
heap
page read and write
2FFE000
stack
page read and write
1D41C000
stack
page read and write
1264000
heap
page read and write
4D30000
direct allocation
page read and write
2A0F000
stack
page read and write
4371000
heap
page read and write
2790000
direct allocation
page read and write
81C000
unkown
page execute and read and write
1A5E000
stack
page read and write
10FD000
stack
page read and write
2B4F000
stack
page read and write
1AFE000
stack
page read and write
46D1000
heap
page read and write
C69000
heap
page read and write
368F000
stack
page read and write
A34000
heap
page read and write
31EE000
stack
page read and write
4AE1000
heap
page read and write
C3B000
stack
page read and write
A34000
heap
page read and write
2DF0000
direct allocation
page read and write
4B51000
heap
page read and write
68C000
unkown
page execute and read and write
B80000
direct allocation
page read and write
2770000
direct allocation
page read and write
4CD0000
direct allocation
page execute and read and write
4AE1000
heap
page read and write
1D72E000
heap
page read and write
338F000
stack
page read and write
4D41000
heap
page read and write
3D3F000
stack
page read and write
12FD000
stack
page read and write
1D72E000
heap
page read and write
7540000
direct allocation
page execute and read and write
2770000
direct allocation
page read and write
A34000
heap
page read and write
2D7E000
stack
page read and write
74E0000
direct allocation
page execute and read and write
163F000
stack
page read and write
394E000
stack
page read and write
C5F000
heap
page read and write
4371000
heap
page read and write
4371000
heap
page read and write
1498000
heap
page read and write
674E000
heap
page read and write
1D40000
heap
page read and write
5E3E000
stack
page read and write
4D4E000
stack
page read and write
5160000
direct allocation
page execute and read and write
46EF000
stack
page read and write
4980000
direct allocation
page execute and read and write
3E6F000
stack
page read and write
E60000
direct allocation
page read and write
23790000
trusted library allocation
page read and write
4AE1000
heap
page read and write
1D40000
heap
page read and write
49E0000
direct allocation
page execute and read and write
23812000
heap
page read and write
E60000
direct allocation
page read and write
A34000
heap
page read and write
781F000
direct allocation
page read and write
6DC1000
heap
page read and write
4B51000
heap
page read and write
474E000
stack
page read and write
1D750000
heap
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
3C8E000
stack
page read and write
272E000
stack
page read and write
386E000
stack
page read and write
7990000
heap
page read and write
A34000
heap
page read and write
5350000
direct allocation
page execute and read and write
2790000
direct allocation
page read and write
55E3000
heap
page read and write
10A4000
heap
page read and write
1D750000
heap
page read and write
2DF0000
direct allocation
page read and write
3D0E000
stack
page read and write
1264000
heap
page read and write
6DC1000
heap
page read and write
6740000
heap
page read and write
BBC000
heap
page read and write
322E000
stack
page read and write
233000
unkown
page execute and read and write
1D711000
heap
page read and write
4B51000
heap
page read and write
1264000
heap
page read and write
1D722000
heap
page read and write
657000
unkown
page execute and read and write
43BF000
stack
page read and write
1D820000
trusted library allocation
page read and write
43CF000
stack
page read and write
2DF0000
direct allocation
page read and write
1264000
heap
page read and write
1D72E000
heap
page read and write
A34000
heap
page read and write
1D71B000
heap
page read and write
588D000
stack
page read and write
7210000
trusted library allocation
page read and write
4371000
heap
page read and write
7250000
direct allocation
page read and write
A34000
heap
page read and write
2FAE000
stack
page read and write
33BE000
stack
page read and write
1CF0F000
stack
page read and write
418E000
stack
page read and write
6DC1000
heap
page read and write
1D735000
heap
page read and write
1D825000
heap
page read and write
50BF000
stack
page read and write
553E000
stack
page read and write
490E000
stack
page read and write
1D72D000
heap
page read and write
602E000
stack
page read and write
6DC1000
heap
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
39BF000
stack
page read and write
545F000
stack
page read and write
6DC1000
heap
page read and write
1D48000
heap
page read and write
42BE000
stack
page read and write
372E000
stack
page read and write
A20000
heap
page read and write
10A4000
heap
page read and write
36CF000
stack
page read and write
46D1000
heap
page read and write
6DC1000
heap
page read and write
2DF0000
direct allocation
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
4FE0000
direct allocation
page read and write
4371000
heap
page read and write
2A460000
heap
page read and write
7983000
direct allocation
page read and write
23806000
heap
page read and write
1837000
unkown
page execute and write copy
808000
unkown
page execute and read and write
2D7E000
stack
page read and write
14B6000
unkown
page execute and read and write
1264000
heap
page read and write
A34000
heap
page read and write
30AF000
stack
page read and write
6DC1000
heap
page read and write
4371000
heap
page read and write
1D72E000
heap
page read and write
2BEE000
stack
page read and write
4F20000
trusted library allocation
page read and write
4AE1000
heap
page read and write
47BE000
stack
page read and write
23968000
heap
page read and write
535E000
stack
page read and write
13DF000
stack
page read and write
4F90000
heap
page read and write
3A8F000
stack
page read and write
3FCE000
stack
page read and write
14BB000
unkown
page execute and read and write
CA0000
heap
page read and write
4A4E000
stack
page read and write
23852000
heap
page read and write
1D742000
heap
page read and write
1D72B000
heap
page read and write
1D72C000
heap
page read and write
55DE000
stack
page read and write
546B000
heap
page read and write
4AE1000
heap
page read and write
363E000
stack
page read and write
54A2000
heap
page read and write
59BE000
stack
page read and write
427F000
stack
page read and write
74E0000
direct allocation
page execute and read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
35AE000
stack
page read and write
6DC1000
heap
page read and write
4B51000
heap
page read and write
3D2E000
stack
page read and write
398E000
stack
page read and write
3D7F000
stack
page read and write
E2E000
stack
page read and write
420F000
stack
page read and write
1264000
heap
page read and write
45CE000
stack
page read and write
4F9F000
stack
page read and write
4AE1000
heap
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
3AEE000
stack
page read and write
A34000
heap
page read and write
4AD0000
direct allocation
page read and write
A34000
heap
page read and write
446F000
stack
page read and write
444F000
stack
page read and write
4D10000
direct allocation
page execute and read and write
49C0000
direct allocation
page execute and read and write
4B51000
heap
page read and write
14B9000
unkown
page write copy
4AE1000
heap
page read and write
6FD000
unkown
page execute and read and write
693F000
stack
page read and write
1264000
heap
page read and write
43C1000
heap
page read and write
3E0F000
stack
page read and write
49D0000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
1D735000
heap
page read and write
546B000
heap
page read and write
49C0000
direct allocation
page execute and read and write
C7E000
heap
page read and write
4D30000
direct allocation
page read and write
6DC1000
heap
page read and write
B80000
direct allocation
page read and write
1D748000
heap
page read and write
6DC1000
heap
page read and write
4371000
heap
page read and write
381000
unkown
page execute and write copy
1264000
heap
page read and write
4D30000
direct allocation
page read and write
381000
unkown
page execute and write copy
1050000
heap
page read and write
ABA000
unkown
page execute and read and write
573000
unkown
page execute and read and write
4AE1000
heap
page read and write
10A4000
heap
page read and write
4B51000
heap
page read and write
A34000
heap
page read and write
75A0000
direct allocation
page execute and read and write
1D733000
heap
page read and write
4371000
heap
page read and write
685000
unkown
page execute and read and write
4B51000
heap
page read and write
50D0000
direct allocation
page execute and read and write
4D30000
direct allocation
page read and write
1264000
heap
page read and write
B80000
direct allocation
page read and write
B80000
direct allocation
page read and write
332F000
stack
page read and write
10A4000
heap
page read and write
DC0000
heap
page read and write
4B51000
heap
page read and write
4AE1000
heap
page read and write
4371000
heap
page read and write
2770000
direct allocation
page read and write
2D3B000
stack
page read and write
1D727000
heap
page read and write
10A4000
heap
page read and write
4AE1000
heap
page read and write
478F000
stack
page read and write
3E8E000
stack
page read and write
3E4E000
stack
page read and write
1D74C000
heap
page read and write
D80000
unkown
page read and write
5489000
heap
page read and write
1264000
heap
page read and write
4371000
heap
page read and write
11BE000
stack
page read and write
6CFA0000
unkown
page read and write
36CE000
stack
page read and write
4C2E000
stack
page read and write
10011000
direct allocation
page readonly
4371000
heap
page read and write
4B60000
heap
page read and write
2FCF000
stack
page read and write
699000
unkown
page execute and write copy
CF0000
heap
page read and write
3E9000
unkown
page write copy
1264000
heap
page read and write
51D0000
direct allocation
page execute and read and write
47D0000
heap
page read and write
5120000
direct allocation
page execute and read and write
4B51000
heap
page read and write
492F000
stack
page read and write
417E000
stack
page read and write
37EF000
stack
page read and write
4B51000
heap
page read and write
19E8000
unkown
page execute and write copy
683000
unkown
page execute and read and write
2DF0000
direct allocation
page read and write
4AE1000
heap
page read and write
AA4000
unkown
page execute and read and write
A34000
heap
page read and write
683000
unkown
page execute and read and write
1D750000
heap
page read and write
1C70000
direct allocation
page read and write
C6F000
heap
page read and write
6DC1000
heap
page read and write
37CF000
stack
page read and write
1D711000
heap
page read and write
74E0000
direct allocation
page execute and read and write
2F6F000
stack
page read and write
2770000
direct allocation
page read and write
4B51000
heap
page read and write
62BE000
stack
page read and write
43C1000
heap
page read and write
49B0000
direct allocation
page execute and read and write
C54000
heap
page read and write
4AE0000
heap
page read and write
DF0000
heap
page read and write
B80000
direct allocation
page read and write
A34000
heap
page read and write
13FC000
stack
page read and write
1D71B000
heap
page read and write
F90000
heap
page read and write
6CDC0000
unkown
page readonly
700B0000
unkown
page readonly
36EF000
stack
page read and write
1264000
heap
page read and write
74E0000
direct allocation
page execute and read and write
3BEE000
stack
page read and write
A34000
heap
page read and write
1D74C000
heap
page read and write
5360000
direct allocation
page execute and read and write
1264000
heap
page read and write
53E0000
direct allocation
page execute and read and write
1D738000
heap
page read and write
300F000
stack
page read and write
54A2000
heap
page read and write
4371000
heap
page read and write
1D750000
heap
page read and write
74E0000
direct allocation
page execute and read and write
51D0000
direct allocation
page read and write
4D41000
heap
page read and write
4371000
heap
page read and write
1CAE000
heap
page read and write
1AAE000
stack
page read and write
6DC1000
heap
page read and write
1D750000
heap
page read and write
75D0000
direct allocation
page execute and read and write
1C70000
direct allocation
page read and write
4AE1000
heap
page read and write
32CF000
stack
page read and write
364E000
stack
page read and write
1264000
heap
page read and write
C6F000
heap
page read and write
1D731000
heap
page read and write
7530000
direct allocation
page execute and read and write
6CF9F000
unkown
page write copy
4371000
heap
page read and write
4AE1000
heap
page read and write
7510000
direct allocation
page execute and read and write
49B0000
direct allocation
page execute and read and write
B80000
direct allocation
page read and write
4AE1000
heap
page read and write
10A4000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
412E000
stack
page read and write
51A0000
direct allocation
page execute and read and write
10A4000
heap
page read and write
1300000
heap
page read and write
4B41000
heap
page read and write
7AE0000
heap
page read and write
141E000
stack
page read and write
4371000
heap
page read and write
8106000
heap
page read and write
422E000
stack
page read and write
4E3F000
stack
page read and write
4371000
heap
page read and write
68C000
unkown
page execute and read and write
4C3E000
stack
page read and write
70D000
unkown
page execute and write copy
6BBE000
stack
page read and write
482C000
stack
page read and write
1D729000
heap
page read and write
380000
unkown
page read and write
A34000
heap
page read and write
2C8F000
stack
page read and write
A34000
heap
page read and write
1260000
heap
page read and write
31CF000
stack
page read and write
23963000
heap
page read and write
E0F000
stack
page read and write
4AE1000
heap
page read and write
4371000
heap
page read and write
1493000
heap
page read and write
5E90000
heap
page read and write
380E000
stack
page read and write
4AF4000
heap
page read and write
A7E000
stack
page read and write
14B4000
unkown
page execute and read and write
3C4F000
stack
page read and write
1D32000
heap
page read and write
4BEF000
stack
page read and write
1B40000
heap
page read and write
1D750000
heap
page read and write
A34000
heap
page read and write
4980000
direct allocation
page execute and read and write
48CF000
stack
page read and write
8B2000
unkown
page execute and read and write
3B8F000
stack
page read and write
C55000
heap
page read and write
4B51000
heap
page read and write
4FDE000
stack
page read and write
4B51000
heap
page read and write
83B000
unkown
page execute and read and write
5F7C000
stack
page read and write
1320000
heap
page read and write
1264000
heap
page read and write
BAA000
heap
page read and write
4990000
direct allocation
page execute and read and write
1D750000
heap
page read and write
46CF000
stack
page read and write
5390000
direct allocation
page execute and read and write
3B3F000
stack
page read and write
4B51000
heap
page read and write
3FAE000
stack
page read and write
699000
unkown
page execute and read and write
3E9000
unkown
page write copy
A34000
heap
page read and write
1264000
heap
page read and write
458F000
stack
page read and write
5160000
direct allocation
page execute and read and write
51C0000
direct allocation
page execute and read and write
1C2E000
stack
page read and write
4B51000
heap
page read and write
39AE000
stack
page read and write
7250000
direct allocation
page read and write
354F000
stack
page read and write
E60000
direct allocation
page read and write
4371000
heap
page read and write
35CE000
stack
page read and write
1D6FD000
stack
page read and write
A34000
heap
page read and write
10A4000
heap
page read and write
75E0000
direct allocation
page execute and read and write
B80000
direct allocation
page read and write
25E0000
direct allocation
page execute and read and write
4B51000
heap
page read and write
4A00000
direct allocation
page execute and read and write
1D706000
heap
page read and write
546B000
heap
page read and write
374F000
stack
page read and write
A34000
heap
page read and write
4B51000
heap
page read and write
9D0000
heap
page read and write
4B51000
heap
page read and write
237D1000
heap
page read and write
61ED3000
direct allocation
page read and write
4AE1000
heap
page read and write
4371000
heap
page read and write
403E000
stack
page read and write
511F000
stack
page read and write
A5E000
stack
page read and write
4371000
heap
page read and write
1CE3000
heap
page read and write
2A4BB000
stack
page read and write
1D735000
heap
page read and write
10A4000
heap
page read and write
408F000
stack
page read and write
E70000
heap
page read and write
2A5C1000
heap
page read and write
4B51000
heap
page read and write
2DF0000
direct allocation
page read and write
1D74C000
heap
page read and write
521B000
stack
page read and write
91E000
stack
page read and write
1F9F000
stack
page read and write
43C1000
heap
page read and write
10A4000
heap
page read and write
A34000
heap
page read and write
546B000
heap
page read and write
A34000
heap
page read and write
1264000
heap
page read and write
19EA000
unkown
page execute and write copy
1264000
heap
page read and write
384E000
stack
page read and write
2E2F000
stack
page read and write
1D40000
heap
page read and write
A34000
heap
page read and write
61ECC000
direct allocation
page read and write
27A0000
heap
page read and write
ABA000
unkown
page execute and write copy
6DC1000
heap
page read and write
4371000
heap
page read and write
1838000
unkown
page execute and write copy
D5C000
stack
page read and write
4D30000
direct allocation
page read and write
377E000
stack
page read and write
61ED0000
direct allocation
page read and write
10A4000
heap
page read and write
356F000
stack
page read and write
4371000
heap
page read and write
C3E000
heap
page read and write
E60000
direct allocation
page read and write
4371000
heap
page read and write
4AE1000
heap
page read and write
6DC1000
heap
page read and write
1264000
heap
page read and write
145A000
heap
page read and write
1264000
heap
page read and write
4990000
direct allocation
page execute and read and write
A34000
heap
page read and write
3E6E000
stack
page read and write
2770000
direct allocation
page read and write
1264000
heap
page read and write
BAE000
heap
page read and write
5BFE000
stack
page read and write
237B0000
heap
page read and write
4BFF000
stack
page read and write
10A4000
heap
page read and write
DE8000
stack
page read and write
6DC1000
heap
page read and write
7550000
direct allocation
page execute and read and write
1D71B000
heap
page read and write
5BBF000
stack
page read and write
A34000
heap
page read and write
6741000
heap
page read and write
1D727000
heap
page read and write
4B51000
heap
page read and write
74E0000
direct allocation
page execute and read and write
4D30000
direct allocation
page read and write
464F000
stack
page read and write
80F0000
heap
page read and write
7FEC000
stack
page read and write
52BF000
stack
page read and write
6DC1000
heap
page read and write
4F70000
direct allocation
page read and write
1D723000
heap
page read and write
10A4000
heap
page read and write
39FD000
stack
page read and write
2AAF000
stack
page read and write
12D7000
heap
page read and write
A34000
heap
page read and write
4AD0000
direct allocation
page read and write
C02000
heap
page read and write
A7C000
unkown
page execute and read and write
A34000
heap
page read and write
4B51000
heap
page read and write
D81000
unkown
page execute and write copy
7560000
direct allocation
page execute and read and write
2E67000
heap
page read and write
5489000
heap
page read and write
4371000
heap
page read and write
1D56000
heap
page read and write
C5D000
heap
page read and write
4D2F000
stack
page read and write
3E9000
unkown
page write copy
A34000
heap
page read and write
A34000
heap
page read and write
74E0000
direct allocation
page execute and read and write
1264000
heap
page read and write
4B51000
heap
page read and write
3E2F000
stack
page read and write
7D5D000
stack
page read and write
A34000
heap
page read and write
1D72E000
heap
page read and write
1D733000
heap
page read and write
A35000
heap
page read and write
4FB000
unkown
page execute and read and write
1264000
heap
page read and write
7570000
direct allocation
page execute and read and write
1D55D000
stack
page read and write
4AE1000
heap
page read and write
2770000
direct allocation
page read and write
47B0000
direct allocation
page execute and read and write
940000
heap
page read and write
47D0000
trusted library allocation
page read and write
A34000
heap
page read and write
5EEE000
stack
page read and write
10A4000
heap
page read and write
2ABF000
stack
page read and write
6DC1000
heap
page read and write
50BE000
stack
page read and write
1D56000
heap
page read and write
1D33000
heap
page read and write
AAB000
unkown
page execute and read and write
4990000
direct allocation
page execute and read and write
A34000
heap
page read and write
E60000
direct allocation
page read and write
436E000
stack
page read and write
4B51000
heap
page read and write
422F000
stack
page read and write
4D41000
heap
page read and write
4A10000
direct allocation
page execute and read and write
3E2000
unkown
page execute and read and write
10A4000
heap
page read and write
4371000
heap
page read and write
1264000
heap
page read and write
4371000
heap
page read and write
51F0000
direct allocation
page execute and read and write
5320000
direct allocation
page execute and read and write
1D74B000
heap
page read and write
6DC1000
heap
page read and write
10A4000
heap
page read and write
5110000
direct allocation
page execute and read and write
5380000
direct allocation
page execute and read and write
7E5E000
stack
page read and write
44C0000
trusted library allocation
page read and write
4FE0000
direct allocation
page read and write
1D735000
heap
page read and write
47CE000
stack
page read and write
4AE1000
heap
page read and write
132E000
heap
page read and write
30CF000
stack
page read and write
A34000
heap
page read and write
6CFA5000
unkown
page readonly
3E2000
unkown
page execute and read and write
4371000
heap
page read and write
1748000
unkown
page execute and read and write
468E000
stack
page read and write
E57000
heap
page read and write
1060000
heap
page read and write
53D0000
direct allocation
page execute and read and write
574E000
stack
page read and write
5330000
direct allocation
page execute and read and write
55E4000
heap
page read and write
A34000
heap
page read and write
30EE000
stack
page read and write
4371000
heap
page read and write
6DC1000
heap
page read and write
4E40000
trusted library allocation
page read and write
A34000
heap
page read and write
1264000
heap
page read and write
4380000
heap
page read and write
43C1000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
577E000
stack
page read and write
1D72A000
heap
page read and write
6DC1000
heap
page read and write
1D74C000
heap
page read and write
414F000
stack
page read and write
E78000
heap
page read and write
1D04F000
stack
page read and write
6DC1000
heap
page read and write
10A4000
heap
page read and write
A34000
heap
page read and write
526E000
stack
page read and write
34C000
unkown
page execute and read and write
358F000
stack
page read and write
75B0000
direct allocation
page execute and read and write
4B51000
heap
page read and write
C30000
heap
page read and write
334E000
stack
page read and write
4B51000
heap
page read and write
5489000
heap
page read and write
45F000
unkown
page execute and read and write
A34000
heap
page read and write
E30000
heap
page read and write
4B51000
heap
page read and write
1D713000
heap
page read and write
1D44000
heap
page read and write
23971000
heap
page read and write
40AF000
stack
page read and write
35EE000
stack
page read and write
153E000
stack
page read and write
413F000
stack
page read and write
1D742000
heap
page read and write
5140000
direct allocation
page execute and read and write
1D712000
heap
page read and write
343000
unkown
page execute and read and write
6DC1000
heap
page read and write
2770000
direct allocation
page read and write
A34000
heap
page read and write
1D742000
heap
page read and write
132A000
heap
page read and write
4A20000
direct allocation
page execute and read and write
4CF0000
direct allocation
page execute and read and write
4B51000
heap
page read and write
10A4000
heap
page read and write
6CF5F000
unkown
page readonly
9CD000
stack
page read and write
3CCF000
stack
page read and write
453F000
stack
page read and write
2DF0000
direct allocation
page read and write
1D72C000
heap
page read and write
A34000
heap
page read and write
3EAE000
stack
page read and write
4AE1000
heap
page read and write
4AE1000
heap
page read and write
120E000
stack
page read and write
4AAF000
stack
page read and write
4AD0000
direct allocation
page read and write
1C70000
direct allocation
page read and write
380000
unkown
page read and write
74F0000
direct allocation
page execute and read and write
4371000
heap
page read and write
10A4000
heap
page read and write
2770000
direct allocation
page read and write
1D70F000
heap
page read and write
4AD0000
direct allocation
page read and write
A34000
heap
page read and write
5100000
direct allocation
page execute and read and write
78FF000
stack
page read and write
2F6F000
stack
page read and write
A34000
heap
page read and write
80EC000
stack
page read and write
4E9F000
stack
page read and write
436F000
stack
page read and write
A34000
heap
page read and write
BF2000
heap
page read and write
549E000
stack
page read and write
5200000
direct allocation
page execute and read and write
E60000
direct allocation
page read and write
4371000
heap
page read and write
A34000
heap
page read and write
A34000
heap
page read and write
1D750000
heap
page read and write
4CF0000
direct allocation
page execute and read and write
C5C000
heap
page read and write
4B51000
heap
page read and write
B7F000
stack
page read and write
10A4000
heap
page read and write
50E0000
direct allocation
page execute and read and write
A34000
heap
page read and write
3FAF000
stack
page read and write
1D742000
heap
page read and write
2DBE000
stack
page read and write
1264000
heap
page read and write
378E000
stack
page read and write
A9000
unkown
page write copy
6DC1000
heap
page read and write
35FF000
stack
page read and write
6DC1000
heap
page read and write
49F0000
direct allocation
page execute and read and write
BD0000
heap
page read and write
1D712000
heap
page read and write
6DC1000
heap
page read and write
10A4000
heap
page read and write
4AE1000
heap
page read and write
74E0000
direct allocation
page execute and read and write
573F000
stack
page read and write
5041000
direct allocation
page read and write
4A0F000
stack
page read and write
7AE3000
heap
page read and write
4A10000
direct allocation
page execute and read and write
54A2000
heap
page read and write
C56000
heap
page read and write
4AE1000
heap
page read and write
1D44000
heap
page read and write
A34000
heap
page read and write
1C70000
direct allocation
page read and write
1D750000
heap
page read and write
4B51000
heap
page read and write
4B51000
heap
page read and write
4950000
direct allocation
page execute and read and write
4371000
heap
page read and write
40000
unkown
page read and write
A34000
heap
page read and write
6DC1000
heap
page read and write
1D08E000
stack
page read and write
4FD000
unkown
page execute and write copy
4AE1000
heap
page read and write
4B51000
heap
page read and write
4AE1000
heap
page read and write
1D750000
heap
page read and write
1426000
heap
page read and write
4AE1000
heap
page read and write
A35000
heap
page read and write
438E000
stack
page read and write
392F000
stack
page read and write
4CF0000
direct allocation
page execute and read and write
1264000
heap
page read and write
380F000
stack
page read and write
1CF4E000
stack
page read and write
E60000
direct allocation
page read and write
370E000
stack
page read and write
4370000
heap
page read and write
A34000
heap
page read and write
23809000
heap
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
5350000
direct allocation
page execute and read and write
237F1000
heap
page read and write
10A4000
heap
page read and write
1264000
heap
page read and write
1264000
heap
page read and write
61EB4000
direct allocation
page read and write
A34000
heap
page read and write
1D750000
heap
page read and write
1264000
heap
page read and write
B80000
direct allocation
page read and write
A34000
heap
page read and write
61E01000
direct allocation
page execute read
C3E000
heap
page read and write
4AD0000
direct allocation
page read and write
6DC1000
heap
page read and write
A34000
heap
page read and write
348E000
stack
page read and write
1264000
heap
page read and write
597F000
stack
page read and write
1D700000
heap
page read and write
A34000
heap
page read and write
8B7000
unkown
page execute and write copy
7590000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
4AE1000
heap
page read and write
4AE1000
heap
page read and write
4D41000
heap
page read and write
C54000
heap
page read and write
1827000
unkown
page execute and read and write
5350000
direct allocation
page execute and read and write
10A4000
heap
page read and write
1D738000
heap
page read and write
39CF000
stack
page read and write
A34000
heap
page read and write
50D0000
heap
page read and write
4AE4000
heap
page read and write
6DBF000
stack
page read and write
4D41000
heap
page read and write
4D00000
direct allocation
page execute and read and write
1C70000
direct allocation
page read and write
B1A000
heap
page read and write
61ED4000
direct allocation
page readonly
5D66000
heap
page read and write
546B000
heap
page read and write
1D71C000
heap
page read and write
1D750000
heap
page read and write
4B51000
heap
page read and write
3BEF000
stack
page read and write
4C0E000
stack
page read and write
4371000
heap
page read and write
1264000
heap
page read and write
A34000
heap
page read and write
DEE000
stack
page read and write
401000
unkown
page execute and write copy
31EF000
stack
page read and write
276E000
stack
page read and write
4371000
heap
page read and write
3F4F000
stack
page read and write
8B3000
unkown
page execute and write copy
6DC1000
heap
page read and write
382F000
stack
page read and write
BDB000
heap
page read and write
1D750000
heap
page read and write
486E000
stack
page read and write
83D000
unkown
page execute and write copy
A34000
heap
page read and write
4D80000
direct allocation
page execute and read and write
6DC1000
heap
page read and write
3C7E000
stack
page read and write
4AEE000
stack
page read and write
There are 1804 hidden memdumps, click here to show them.