Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0b54ba55-ab82-4edf-8e2f-34600270354c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\26a9c252-eb7f-4425-a911-15038babc3c1.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2ffd22f9-791a-4983-b7cb-adb083aa59e4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3fcca6c7-f2c5-45c1-9224-5f26850784a5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\61a147da-504b-4bfd-8cdc-777c4eb08f8a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8467aee1-fbf3-4425-9fa3-f8b7e918dbd4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0aa66bb9-512f-48e6-9ecd-fa27306c894f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0c7b6a08-52c1-45da-9f5b-b8cfacd0e550.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\14b31685-0638-4481-b99a-834634a3f2c1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\537467c7-424f-4a5e-841c-69fe9ae4fee5.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\53d6c4ed-f4fb-41ee-a784-60a6a8336369.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\80615c65-f40d-483f-8ea7-90388670f931.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8527777e-c6ff-40be-92f4-963c97340f24.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.oldB (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsNT (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.olddl (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State11 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldLn (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesat (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\00125274-ca32-4318-9a4f-de509fb9aba7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
Statemp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\7d80aa1b-bff9-4557-839d-a94194eb84d7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c25da668-5f3e-4148-80dd-8696e4ecdafa.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ca2e2a6c-c6d4-484d-aedc-422a8fcce768.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d140b4bc-8203-459a-b494-dc4a665c8425.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENTMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3438e72-ad97-461c-a460-d1807059e079.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldN (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info CacheMP (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachen (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Caches (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\abc0e0d4-4f70-4f05-9912-6bfc6b9fc88c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d7830598-c20d-43a1-a44c-77c999e7925b.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f741db7d-1b5b-4c1f-b8cd-7bb809794ed4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f7cb7d4a-2a36-4bbd-a066-50d5efd0f681.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0ab6b3b8-2e46-42aa-89c3-7259023067be.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6756_2048536318\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\8defc9fd-310d-4014-8d21-56178df91b7f.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\934d50c2-2b33-4661-a855-8a2a64e61ad3.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\9cbe598d-9f0b-49dd-87d8-b934bd987e8c.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\934d50c2-2b33-4661-a855-8a2a64e61ad3.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1374817696\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\0ab6b3b8-2e46-42aa-89c3-7259023067be.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6756_1561707931\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 241 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://shade-kaput-fender.glitch.me/indexmarcus.html
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1608,14276013863885005134,224190286264762725,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1940 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://shade-kaput-fender.glitch.me/indexmarcus.html
|
 |
||
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jskf
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://ka-f.fontawesome.com
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
http://glitch.com/help
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=bZUdHbl%2BZojwX%2BCbCsDJcBpr5ve397jWcNwkh4YdMzgK7sNWqhIO4LC
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://i.ibb.co/1Rvzzk8/gmail1.png
|
152.228.223.13
|
|
|
|
https://shade-kaput-fender.glitch.me/indexmarcus.htmlShare
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
216.58.212.161
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=1xXaXv4DoSSs%2Fg9OGXLtXyk9LdTYI85sYLKCm5lfpPNxxi3TYYgIdMZOd
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/css/hover.css/
|
unknown
|
|
|
|
https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.10.207
|
|
|
|
https://kit.fontawesome.com/585b051251.js
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/indexmarcus.html
|
|
||
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/favicon.ico
|
50.19.254.224
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.184.237
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://glitch.com
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/css/hover.css
|
50.19.254.224
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/indexmarcus.html2
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
104.18.10.207
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.110
|
|
|
|
https://shade-kaput-fender.glitch.me/favicon.icoChIKBw2DqFs9GgAKBw3OQUx6GgA=D
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://kit.fontawesome.com
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
104.16.18.94
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://shade-kaput-fender.glitch.me/indexmarcus.html
|
50.19.254.224
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js&
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.184.195
|
|
|
|
accounts.google.com
|
142.250.184.237
|
|
|
|
cdnjs.cloudflare.com
|
104.16.18.94
|
|
|
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
|
|
|
shade-kaput-fender.glitch.me
|
50.19.254.224
|
|
|
|
clients.l.google.com
|
142.250.185.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.212.161
|
|
|
|
i.ibb.co
|
152.228.223.13
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
ka-f.fontawesome.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
kit.fontawesome.com
|
unknown
|
|
There are 3 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.184.195
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
|
|
|
50.19.254.224
|
shade-kaput-fender.glitch.me
|
United States
|
|
|
|
142.250.185.110
|
clients.l.google.com
|
United States
|
|
|
|
152.228.223.13
|
i.ibb.co
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
142.250.184.237
|
accounts.google.com
|
United States
|
|
|
|
216.58.212.161
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
104.16.18.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF5CE7E0000
|
unkown image
|
page readonly
|
|
|
|
21FC3BC0000
|
unkown image
|
page readonly
|
|
|
|
4C25F4E000
|
stack
|
page read and write
|
|
|
|
7FF5CE84B000
|
unkown image
|
page readonly
|
|
|
|
27D33894000
|
unkown
|
page read and write
|
|
|
|
196C4E88000
|
unkown
|
page read and write
|
|
|
|
8A8107E000
|
stack
|
page read and write
|
|
|
|
7FF544C84000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE63F000
|
unkown image
|
page readonly
|
|
|
|
7FF57A48C000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39D0000
|
unkown image
|
page readonly
|
|
|
|
26D12A6F000
|
unkown
|
page read and write
|
|
|
|
27D33760000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD7A8000
|
unkown image
|
page readonly
|
|
|
|
196C4E29000
|
unkown
|
page read and write
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
21FC3BD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE840000
|
unkown image
|
page readonly
|
|
|
|
1C7EE99A000
|
unkown
|
page read and write
|
|
|
|
196C5000000
|
unkown image
|
page readonly
|
|
|
|
27D33780000
|
unkown
|
page read and write
|
|
|
|
7DF559DA0000
|
unkown image
|
page readonly
|
|
|
|
7FF57A484000
|
unkown image
|
page readonly
|
|
|
|
26D129A0000
|
unkown
|
page read and write
|
|
|
|
7DF559DA2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE496000
|
unkown image
|
page readonly
|
|
|
|
8A8137F000
|
stack
|
page read and write
|
|
|
|
7FF5CE61F000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE098000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35EF000
|
unkown image
|
page readonly
|
|
|
|
27D34C20000
|
unkown
|
page read and write
|
|
|
|
7FF57A41E000
|
unkown image
|
page readonly
|
|
|
|
26D12B13000
|
unkown
|
page read and write
|
|
|
|
7FF5CE89F000
|
unkown image
|
page readonly
|
|
|
|
21FC3BF0000
|
heap default
|
page read and write
|
|
|
|
21FC3C90000
|
unkown
|
page read and write
|
|
|
|
7FF5CE884000
|
unkown image
|
page readonly
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
27D38DE0000
|
unkown
|
page read and write
|
|
|
|
27D33720000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3451000
|
unkown image
|
page readonly
|
|
|
|
1C7EE9A4000
|
unkown
|
page read and write
|
|
|
|
7FF5CE888000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE676000
|
unkown image
|
page readonly
|
|
|
|
7FF544D22000
|
unkown image
|
page readonly
|
|
|
|
1558A440000
|
unkown image
|
page readonly
|
|
|
|
7FF5A357C000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3590000
|
unkown image
|
page readonly
|
|
|
|
1558A1D0000
|
unkown
|
page read and write
|
|
|
|
27D38F10000
|
unkown
|
page read and write
|
|
|
|
1C7EEF63000
|
unkown
|
page read and write
|
|
|
|
27D38DB0000
|
unkown
|
page read and write
|
|
|
|
7FF5A35A7000
|
unkown image
|
page readonly
|
|
|
|
7DF4B65D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD6A4000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE83A000
|
unkown image
|
page readonly
|
|
|
|
27D38EE0000
|
unkown
|
page read and write
|
|
|
|
196C5402000
|
unkown
|
page read and write
|
|
|
|
7FF544CAD000
|
unkown image
|
page readonly
|
|
|
|
7328D3E000
|
stack
|
page read and write
|
|
|
|
7FF57A56A000
|
unkown image
|
page readonly
|
|
|
|
1C7EE9BA000
|
unkown
|
page read and write
|
|
|
|
7FF5CE524000
|
unkown image
|
page readonly
|
|
|
|
27D3907A000
|
unkown
|
page read and write
|
|
|
|
732917E000
|
stack
|
page read and write
|
|
|
|
8A810FF000
|
stack
|
page read and write
|
|
|
|
7FF5BD621000
|
unkown image
|
page readonly
|
|
|
|
21FC3D00000
|
unkown
|
page read and write
|
|
|
|
1558A1B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8710000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE3A2000
|
unkown image
|
page readonly
|
|
|
|
1558A5E0000
|
heap private
|
page read and write
|
|
|
|
7FF5BD315000
|
unkown image
|
page readonly
|
|
|
|
27D34159000
|
unkown
|
page read and write
|
|
|
|
7DF5A3B70000
|
unkown image
|
page readonly
|
|
|
|
196C4E00000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
27D33730000
|
unkown image
|
page readonly
|
|
|
|
1558A230000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8702000
|
unkown image
|
page readonly
|
|
|
|
8A80E7A000
|
stack
|
page read and write
|
|
|
|
17AC979000
|
stack
|
page read and write
|
|
|
|
7FF5A35DA000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
7FF5A3681000
|
unkown image
|
page readonly
|
|
|
|
7FF57A525000
|
unkown image
|
page readonly
|
|
|
|
7DF5D28D0000
|
unkown image
|
page readonly
|
|
|
|
7DF4D0780000
|
unkown image
|
page readonly
|
|
|
|
7DF559DC0000
|
unkown image
|
page readonly
|
|
|
|
4C266FC000
|
stack
|
page read and write
|
|
|
|
1C7EEF02000
|
unkown
|
page read and write
|
|
|
|
7FF5CE455000
|
unkown image
|
page readonly
|
|
|
|
7FF57A57F000
|
unkown image
|
page readonly
|
|
|
|
21FC3C89000
|
unkown
|
page read and write
|
|
|
|
7FF5BD74B000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8712000
|
unkown image
|
page readonly
|
|
|
|
196C4E47000
|
unkown
|
page read and write
|
|
|
|
27D33813000
|
unkown
|
page read and write
|
|
|
|
7A36DFE000
|
stack
|
page read and write
|
|
|
|
27D38C20000
|
unkown
|
page read and write
|
|
|
|
7FF57A371000
|
unkown image
|
page readonly
|
|
|
|
7FF57A51E000
|
unkown image
|
page readonly
|
|
|
|
21FC3D13000
|
unkown
|
page read and write
|
|
|
|
8A80B7A000
|
stack
|
page read and write
|
|
|
|
7DF5B8702000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD6AC000
|
unkown image
|
page readonly
|
|
|
|
27D39048000
|
unkown
|
page read and write
|
|
|
|
17ACA7F000
|
stack
|
page read and write
|
|
|
|
7DF58F6B0000
|
unkown image
|
page readonly
|
|
|
|
4C25ECC000
|
unkown
|
page read and write
|
|
|
|
7FF5A35E4000
|
unkown image
|
page readonly
|
|
|
|
7FF57A54F000
|
unkown image
|
page readonly
|
|
|
|
27D38DBE000
|
unkown
|
page read and write
|
|
|
|
26D12850000
|
unkown image
|
page readonly
|
|
|
|
27D3388D000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF57A54C000
|
unkown image
|
page readonly
|
|
|
|
27D38F10000
|
unkown
|
page read and write
|
|
|
|
27D3389F000
|
unkown
|
page read and write
|
|
|
|
7FF5A2DE1000
|
unkown image
|
page readonly
|
|
|
|
732947F000
|
stack
|
page read and write
|
|
|
|
21FC4260000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3307000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE681000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE924000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7FF5A3595000
|
unkown image
|
page readonly
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
26D12A29000
|
unkown
|
page read and write
|
|
|
|
27D38DD0000
|
unkown
|
page read and write
|
|
|
|
7DF58F6A0000
|
unkown image
|
page readonly
|
|
|
|
1558A190000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE691000
|
unkown image
|
page readonly
|
|
|
|
17AC87F000
|
stack
|
page read and write
|
|
|
|
27D34301000
|
unkown
|
page read and write
|
|
|
|
27D33F90000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD78A000
|
unkown image
|
page readonly
|
|
|
|
7FF544C35000
|
unkown image
|
page readonly
|
|
|
|
7FF57A574000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD777000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7A36CF7000
|
stack
|
page read and write
|
|
|
|
196C4BB0000
|
unkown image
|
page readonly
|
|
|
|
1C7EE993000
|
unkown
|
page read and write
|
|
|
|
27D33FE0000
|
unkown image
|
page readonly
|
|
|
|
196C4E7C000
|
unkown
|
page read and write
|
|
|
|
7FF57A588000
|
unkown image
|
page readonly
|
|
|
|
27D3383F000
|
unkown
|
page read and write
|
|
|
|
27D33E50000
|
unkown image
|
page readonly
|
|
|
|
7FF57A537000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD693000
|
unkown image
|
page readonly
|
|
|
|
26D13202000
|
unkown
|
page read and write
|
|
|
|
7DF5D28B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE78D000
|
unkown image
|
page readonly
|
|
|
|
7FF579D71000
|
unkown image
|
page readonly
|
|
|
|
196C4BE0000
|
unkown image
|
page readonly
|
|
|
|
7FF57A473000
|
unkown image
|
page readonly
|
|
|
|
1C7EE0A1000
|
unkown
|
page read and write
|
|
|
|
7FF5CE8B9000
|
unkown image
|
page readonly
|
|
|
|
7DF559DB2000
|
unkown image
|
page readonly
|
|
|
|
7DF5D28D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A358A000
|
unkown image
|
page readonly
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF5BD73E000
|
unkown image
|
page readonly
|
|
|
|
196C5380000
|
unkown image
|
page readonly
|
|
|
|
7DF5D28C0000
|
unkown image
|
page readonly
|
|
|
|
17AC51A000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF57A0E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3471000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD740000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE6EA000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE142000
|
unkown image
|
page readonly
|
|
|
|
1C7EE9BA000
|
unkown
|
page read and write
|
|
|
|
7DF48D560000
|
unkown image
|
page readonly
|
|
|
|
7FF544C7A000
|
unkown image
|
page readonly
|
|
|
|
27D34159000
|
unkown
|
page read and write
|
|
|
|
7FF57A520000
|
unkown image
|
page readonly
|
|
|
|
7DF4E1880000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD76F000
|
unkown image
|
page readonly
|
|
|
|
7DF58F692000
|
unkown image
|
page readonly
|
|
|
|
21FC3C00000
|
unkown
|
page read and write
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
1C7EEF02000
|
unkown
|
page read and write
|
|
|
|
26D12980000
|
unkown image
|
page readonly
|
|
|
|
21FC4350000
|
unkown
|
page read and write
|
|
|
|
8A8147C000
|
stack
|
page read and write
|
|
|
|
7DF5A3B62000
|
unkown image
|
page readonly
|
|
|
|
7DF5D28B2000
|
unkown image
|
page readonly
|
|
|
|
1558A5E5000
|
heap private
|
page read and write
|
|
|
|
27D38DB8000
|
unkown
|
page read and write
|
|
|
|
27D338FC000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF57A46D000
|
unkown image
|
page readonly
|
|
|
|
7FF57A612000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE814000
|
unkown image
|
page readonly
|
|
|
|
7FF5A358E000
|
unkown image
|
page readonly
|
|
|
|
1C7EE995000
|
unkown
|
page read and write
|
|
|
|
8A8087B000
|
unkown
|
page read and write
|
|
|
|
27D33858000
|
unkown
|
page read and write
|
|
|
|
27D38DF4000
|
unkown
|
page read and write
|
|
|
|
7FF5CE7AC000
|
unkown image
|
page readonly
|
|
|
|
26D12880000
|
unkown image
|
page readonly
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
7DF5D28C2000
|
unkown image
|
page readonly
|
|
|
|
7FF544C74000
|
unkown image
|
page readonly
|
|
|
|
8A80D7E000
|
stack
|
page read and write
|
|
|
|
1558A240000
|
unkown image
|
page read and write
|
|
|
|
27D33700000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE932000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE83E000
|
unkown image
|
page readonly
|
|
|
|
21FC3B80000
|
unkown image
|
page read and write
|
|
|
|
7FF57A596000
|
unkown image
|
page readonly
|
|
|
|
21FC3C29000
|
unkown
|
page read and write
|
|
|
|
26D12A8A000
|
unkown
|
page read and write
|
|
|
|
196C4E4D000
|
unkown
|
page read and write
|
|
|
|
7FF57A297000
|
unkown image
|
page readonly
|
|
|
|
1558A5F0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39C0000
|
unkown image
|
page readonly
|
|
|
|
27D33E60000
|
unkown image
|
page readonly
|
|
|
|
27D33829000
|
unkown
|
page read and write
|
|
|
|
26D12A13000
|
unkown
|
page read and write
|
|
|
|
7FF5BD306000
|
unkown image
|
page readonly
|
|
|
|
26D128A0000
|
heap default
|
page read and write
|
|
|
|
7FF5CE0C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3606000
|
unkown image
|
page readonly
|
|
|
|
7A36EFF000
|
stack
|
page read and write
|
|
|
|
7DF5D28C2000
|
unkown image
|
page readonly
|
|
|
|
26D12A49000
|
unkown
|
page read and write
|
|
|
|
21FC3C4D000
|
unkown
|
page read and write
|
|
|
|
7FF5BD7B6000
|
unkown image
|
page readonly
|
|
|
|
732957F000
|
stack
|
page read and write
|
|
|
|
7FF5CE674000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8720000
|
unkown image
|
page readonly
|
|
|
|
7DF559DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF57A3E1000
|
unkown image
|
page readonly
|
|
|
|
27D33FA0000
|
unkown image
|
page readonly
|
|
|
|
8A8117E000
|
stack
|
page read and write
|
|
|
|
7FF5BD73A000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE86C000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39C0000
|
unkown image
|
page readonly
|
|
|
|
1C7EDF80000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE19000
|
unkown
|
page read and write
|
|
|
|
7FF5CE92A000
|
unkown image
|
page readonly
|
|
|
|
4C267FE000
|
stack
|
page read and write
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
1C7EE0EA000
|
unkown
|
page read and write
|
|
|
|
1C7EE9B0000
|
unkown
|
page read and write
|
|
|
|
7FF57A611000
|
unkown image
|
page readonly
|
|
|
|
1558A170000
|
unkown image
|
page read and write
|
|
|
|
7DF5A3B50000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE6D8000
|
unkown image
|
page readonly
|
|
|
|
27D3908E000
|
unkown
|
page read and write
|
|
|
|
7FF5CE4BB000
|
unkown image
|
page readonly
|
|
|
|
27D39020000
|
unkown
|
page read and write
|
|
|
|
7FF5A3609000
|
unkown image
|
page readonly
|
|
|
|
8A80F7B000
|
stack
|
page read and write
|
|
|
|
4C264F7000
|
stack
|
page read and write
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
1558A296000
|
unkown
|
page read and write
|
|
|
|
27D38CA0000
|
unkown
|
page read and write
|
|
|
|
7FF5A34DD000
|
unkown image
|
page readonly
|
|
|
|
27D33FF0000
|
unkown
|
page read and write
|
|
|
|
1558A270000
|
heap default
|
page read and write
|
|
|
|
7DF5E39B2000
|
unkown image
|
page readonly
|
|
|
|
26D12A48000
|
unkown
|
page read and write
|
|
|
|
7FF5CE457000
|
unkown image
|
page readonly
|
|
|
|
26D12A3C000
|
unkown
|
page read and write
|
|
|
|
196C4F00000
|
unkown
|
page read and write
|
|
|
|
7FF57A0E6000
|
unkown image
|
page readonly
|
|
|
|
7FF5A34F4000
|
unkown image
|
page readonly
|
|
|
|
26D12A00000
|
unkown
|
page read and write
|
|
|
|
7FF57A52B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD784000
|
unkown image
|
page readonly
|
|
|
|
7FF57A51A000
|
unkown image
|
page readonly
|
|
|
|
7DF559DB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35BC000
|
unkown image
|
page readonly
|
|
|
|
26D12840000
|
heap private
|
page read and write
|
|
|
|
7FF544C9E000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7FF57A50A000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE52A000
|
unkown image
|
page readonly
|
|
|
|
27D39063000
|
unkown
|
page read and write
|
|
|
|
26D12A54000
|
unkown
|
page read and write
|
|
|
|
7FF544587000
|
unkown image
|
page readonly
|
|
|
|
27D38DE0000
|
unkown
|
page read and write
|
|
|
|
7FF57A60A000
|
unkown image
|
page readonly
|
|
|
|
27D38DF0000
|
unkown
|
page read and write
|
|
|
|
27D33CD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE5EA000
|
unkown image
|
page readonly
|
|
|
|
8A8127E000
|
stack
|
page read and write
|
|
|
|
27D34C01000
|
unkown
|
page read and write
|
|
|
|
26D12E00000
|
unkown image
|
page readonly
|
|
|
|
196C4C00000
|
heap default
|
page read and write
|
|
|
|
196C4F13000
|
unkown
|
page read and write
|
|
|
|
196C4E4C000
|
unkown
|
page read and write
|
|
|
|
7FF5A35F8000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39B2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD794000
|
unkown image
|
page readonly
|
|
|
|
1558A29E000
|
unkown
|
page read and write
|
|
|
|
7DF5E39C2000
|
unkown image
|
page readonly
|
|
|
|
7FF54454C000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8700000
|
unkown image
|
page readonly
|
|
|
|
27D336F0000
|
heap private
|
page read and write
|
|
|
|
1558A281000
|
unkown
|
page read and write
|
|
|
|
1C7EEE3C000
|
unkown
|
page read and write
|
|
|
|
26D12870000
|
unkown image
|
page readonly
|
|
|
|
27D33AD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE8B6000
|
unkown image
|
page readonly
|
|
|
|
27D38DD4000
|
unkown
|
page read and write
|
|
|
|
7FF5CE857000
|
unkown image
|
page readonly
|
|
|
|
26D12F80000
|
unkown image
|
page readonly
|
|
|
|
7FF5A348B000
|
unkown image
|
page readonly
|
|
|
|
7FF57A557000
|
unkown image
|
page readonly
|
|
|
|
27D33750000
|
heap default
|
page read and write
|
|
|
|
7FF5CE00F000
|
unkown image
|
page readonly
|
|
|
|
21FC3D08000
|
unkown
|
page read and write
|
|
|
|
21FC40E0000
|
unkown image
|
page readonly
|
|
|
|
196C4F02000
|
unkown
|
page read and write
|
|
|
|
7FF5BD300000
|
unkown image
|
page readonly
|
|
|
|
196C4CE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD591000
|
unkown image
|
page readonly
|
|
|
|
26D12B08000
|
unkown
|
page read and write
|
|
|
|
7FF5CE530000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE82C000
|
unkown image
|
page readonly
|
|
|
|
7DF58F6A0000
|
unkown image
|
page readonly
|
|
|
|
1C7EE97E000
|
unkown
|
page read and write
|
|
|
|
27D39056000
|
unkown
|
page read and write
|
|
|
|
7FF5BD757000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39C2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE803000
|
unkown image
|
page readonly
|
|
|
|
7FF5A367A000
|
unkown image
|
page readonly
|
|
|
|
26D12A4F000
|
unkown
|
page read and write
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
1C7EE7F0000
|
unkown
|
page read and write
|
|
|
|
21FC3BA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE845000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE64A000
|
unkown image
|
page readonly
|
|
|
|
1558A29E000
|
unkown
|
page read and write
|
|
|
|
27D3388A000
|
unkown
|
page read and write
|
|
|
|
1C7EE0E7000
|
unkown
|
page read and write
|
|
|
|
196C4B90000
|
unkown image
|
page read and write
|
|
|
|
1C7EE0A8000
|
unkown
|
page read and write
|
|
|
|
1C7EE9D0000
|
unkown
|
page read and write
|
|
|
|
27D3902E000
|
unkown
|
page read and write
|
|
|
|
27D33790000
|
unkown image
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
1C7EEF63000
|
unkown
|
page read and write
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
7329377000
|
stack
|
page read and write
|
|
|
|
27D38F00000
|
unkown
|
page read and write
|
|
|
|
27D3A000000
|
unkown
|
page read and write
|
|
|
|
27D38ED0000
|
unkown
|
page read and write
|
|
|
|
7FF5CE527000
|
unkown image
|
page readonly
|
|
|
|
7DF5B8710000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE877000
|
unkown image
|
page readonly
|
|
|
|
27D3A010000
|
unkown
|
page read and write
|
|
|
|
7DF5B8720000
|
unkown image
|
page readonly
|
|
|
|
8A80FFE000
|
stack
|
page read and write
|
|
|
|
7FF5CE18E000
|
unkown image
|
page readonly
|
|
|
|
1C7EE993000
|
unkown
|
page read and write
|
|
|
|
7FF5BD76C000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7DF457C70000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE51A000
|
unkown image
|
page readonly
|
|
|
|
8A8097E000
|
stack
|
page read and write
|
|
|
|
27D347E0000
|
unkown
|
page read and write
|
|
|
|
1C7EEE3C000
|
unkown
|
page read and write
|
|
|
|
73290FC000
|
stack
|
page read and write
|
|
|
|
196C4F08000
|
unkown
|
page read and write
|
|
|
|
7DF58F6A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD4C0000
|
unkown image
|
page readonly
|
|
|
|
27D33800000
|
unkown
|
page read and write
|
|
|
|
7FF5BD63E000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE8A8000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE86F000
|
unkown image
|
page readonly
|
|
|
|
27D39015000
|
unkown
|
page read and write
|
|
|
|
7DF5B8700000
|
unkown image
|
page readonly
|
|
|
|
1C7EE982000
|
unkown
|
page read and write
|
|
|
|
7FF5A3433000
|
unkown image
|
page readonly
|
|
|
|
7DF58F690000
|
unkown image
|
page readonly
|
|
|
|
1C7EE7F0000
|
unkown
|
page read and write
|
|
|
|
7DF5D28B2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3674000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39B0000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
7FF5CE4C1000
|
unkown image
|
page readonly
|
|
|
|
1558A286000
|
heap default
|
page read and write
|
|
|
|
8A811FF000
|
stack
|
page read and write
|
|
|
|
27D33FD0000
|
unkown image
|
page readonly
|
|
|
|
27D34600000
|
unkown
|
page read and write
|
|
|
|
7FF5A360D000
|
unkown image
|
page readonly
|
|
|
|
7A36BFB000
|
stack
|
page read and write
|
|
|
|
7FF5CE005000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35D4000
|
unkown image
|
page readonly
|
|
|
|
7FF544D1A000
|
unkown image
|
page readonly
|
|
|
|
7FF544C8E000
|
unkown image
|
page readonly
|
|
|
|
27D34700000
|
unkown image
|
page read and write
|
|
|
|
7FF5BD745000
|
unkown image
|
page readonly
|
|
|
|
27D33913000
|
unkown
|
page read and write
|
|
|
|
1558A29E000
|
unkown
|
page read and write
|
|
|
|
7FF5A34FC000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE631000
|
unkown image
|
page readonly
|
|
|
|
7FF544C30000
|
unkown image
|
page readonly
|
|
|
|
27D34102000
|
unkown
|
page read and write
|
|
|
|
21FC3B90000
|
heap private
|
page read and write
|
|
|
|
27D33FB0000
|
unkown image
|
page readonly
|
|
|
|
21FC3C46000
|
unkown
|
page read and write
|
|
|
|
21FC3C57000
|
unkown
|
page read and write
|
|
|
|
7FF5BD831000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE4D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE931000
|
unkown image
|
page readonly
|
|
|
|
7FF57A0F5000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD5E3000
|
unkown image
|
page readonly
|
|
|
|
27D34118000
|
unkown
|
page read and write
|
|
|
|
196C4BB0000
|
unkown image
|
page readonly
|
|
|
|
27D39000000
|
unkown
|
page read and write
|
|
|
|
27D34100000
|
unkown
|
page read and write
|
|
|
|
21FC3C53000
|
unkown
|
page read and write
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
1C7EE988000
|
unkown
|
page read and write
|
|
|
|
7FF5CE09D000
|
unkown image
|
page readonly
|
|
|
|
27D34015000
|
unkown
|
page read and write
|
|
|
|
21FC3C70000
|
unkown
|
page read and write
|
|
|
|
27D39200000
|
unkown
|
page read and write
|
|
|
|
7FF57A41B000
|
unkown image
|
page readonly
|
|
|
|
27D38EF0000
|
unkown
|
page read and write
|
|
|
|
21FC3C7F000
|
unkown
|
page read and write
|
|
|
|
7FF5BD72A000
|
unkown image
|
page readonly
|
|
|
|
7FF544D21000
|
unkown image
|
page readonly
|
|
|
|
196C4DD0000
|
unkown
|
page read and write
|
|
|
|
26D12A7E000
|
unkown
|
page read and write
|
|
|
|
7FF5A35C7000
|
unkown image
|
page readonly
|
|
|
|
21FC3C3C000
|
unkown
|
page read and write
|
|
|
|
7FF5BD7B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD82A000
|
unkown image
|
page readonly
|
|
|
|
7A367DF000
|
stack
|
page read and write
|
|
|
|
7DF5D28C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD68D000
|
unkown image
|
page readonly
|
|
|
|
27D337F0000
|
unkown
|
page read and write
|
|
|
|
7FF5A3682000
|
unkown image
|
page readonly
|
|
|
|
7DF559DA0000
|
unkown image
|
page readonly
|
|
|
|
21FC3BA0000
|
unkown image
|
page readonly
|
|
|
|
1C7EE978000
|
unkown
|
page read and write
|
|
|
|
7FF5BD4B7000
|
unkown image
|
page readonly
|
|
|
|
8A80A77000
|
stack
|
page read and write
|
|
|
|
26D12830000
|
unkown image
|
page read and write
|
|
|
|
7DF58F692000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE19000
|
unkown
|
page read and write
|
|
|
|
21FC3ED0000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7FF5CE618000
|
unkown image
|
page readonly
|
|
|
|
7FF57A599000
|
unkown image
|
page readonly
|
|
|
|
27D33902000
|
unkown
|
page read and write
|
|
|
|
1558A5C0000
|
unkown image
|
page readonly
|
|
|
|
27D3388F000
|
unkown
|
page read and write
|
|
|
|
1C7EE9D3000
|
unkown
|
page read and write
|
|
|
|
196C4BA0000
|
heap private
|
page read and write
|
|
|
|
21FC3C13000
|
unkown
|
page read and write
|
|
|
|
17AC59F000
|
stack
|
page read and write
|
|
|
|
1C7EEE20000
|
unkown
|
page read and write
|
|
|
|
7FF5A34E3000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE8AE000
|
unkown image
|
page readonly
|
|
|
|
196C4E02000
|
unkown
|
page read and write
|
|
|
|
7FF57A50C000
|
unkown image
|
page readonly
|
|
|
|
27D38DB0000
|
unkown
|
page read and write
|
|
|
|
196C4E13000
|
unkown
|
page read and write
|
|
|
|
17AC9FE000
|
stack
|
page read and write
|
|
|
|
26D12B00000
|
unkown
|
page read and write
|
|
|
|
27D38E80000
|
unkown
|
page read and write
|
|
|
|
1C7EE9D0000
|
unkown
|
page read and write
|
|
|
|
7FF544C5C000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD7BD000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3156000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35FE000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE894000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE6EF000
|
unkown image
|
page readonly
|
|
|
|
7FF57A604000
|
unkown image
|
page readonly
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
27D38EC0000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
1C7EE96B000
|
unkown
|
page read and write
|
|
|
|
7DF5D28B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD79F000
|
unkown image
|
page readonly
|
|
|
|
196C4E70000
|
unkown
|
page read and write
|
|
|
|
1558A220000
|
unkown image
|
page readonly
|
|
|
|
4C25FCF000
|
stack
|
page read and write
|
|
|
|
27D38DB1000
|
unkown
|
page read and write
|
|
|
|
7FF5CE606000
|
unkown image
|
page readonly
|
|
|
|
27D38C90000
|
unkown
|
page read and write
|
|
|
|
7FF5A357A000
|
unkown image
|
page readonly
|
|
|
|
27D3903B000
|
unkown
|
page read and write
|
|
|
|
27D34000000
|
unkown
|
page read and write
|
|
|
|
7FF5CE7F3000
|
unkown image
|
page readonly
|
|
|
|
27D38F00000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
7FF544583000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3150000
|
unkown image
|
page readonly
|
|
|
|
27D337F3000
|
unkown
|
page read and write
|
|
|
|
7FF544C3B000
|
unkown image
|
page readonly
|
|
|
|
1558A1F0000
|
unkown
|
page read and write
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
7FF5CE786000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2EB0000
|
unkown image
|
page readonly
|
|
|
|
7FF57A564000
|
unkown image
|
page readonly
|
|
|
|
26D12850000
|
unkown image
|
page readonly
|
|
|
|
7A3675F000
|
stack
|
page read and write
|
|
|
|
732927B000
|
stack
|
page read and write
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
7DF5B8712000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE7FF000
|
unkown image
|
page readonly
|
|
|
|
7DF5E39D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE6D2000
|
unkown image
|
page readonly
|
|
|
|
21FC4402000
|
unkown
|
page read and write
|
|
|
|
7FF5BD824000
|
unkown image
|
page readonly
|
|
|
|
7FF5A348E000
|
unkown image
|
page readonly
|
|
|
|
7A366DB000
|
unkown
|
page read and write
|
|
|
|
7FF5BD63B000
|
unkown image
|
page readonly
|
|
|
|
27D34118000
|
unkown
|
page read and write
|
|
|
|
1C7EEF02000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
26D12B02000
|
unkown
|
page read and write
|
|
|
|
1C7EE9D3000
|
unkown
|
page read and write
|
|
|
|
7FF5A33E1000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE20000
|
unkown
|
page read and write
|
|
|
|
7FF57A59D000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE62B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD72C000
|
unkown image
|
page readonly
|
|
|
|
7FF544D14000
|
unkown image
|
page readonly
|
|
|
|
7FF579E40000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE376000
|
unkown image
|
page readonly
|
|
|
|
21FC3D02000
|
unkown
|
page read and write
|
|
|
|
27D38C50000
|
unkown
|
page read and write
|
|
|
|
7DF5A3B52000
|
unkown image
|
page readonly
|
|
|
|
196C4E46000
|
unkown
|
page read and write
|
|
|
|
27D33700000
|
unkown image
|
page readonly
|
|
|
|
4C265FF000
|
stack
|
page read and write
|
|
|
|
1C7EE96E000
|
unkown
|
page read and write
|
|
|
|
7FF5CE81F000
|
unkown image
|
page readonly
|
|
|
|
196C5200000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE82A000
|
unkown image
|
page readonly
|
|
|
|
7DF5A3B60000
|
unkown image
|
page readonly
|
|
|
|
1C7EE98D000
|
unkown
|
page read and write
|
|
|
|
27D39080000
|
unkown
|
page read and write
|
|
|
|
27D38CB0000
|
unkown
|
page read and write
|
|
|
|
7FF5BCBE3000
|
unkown image
|
page readonly
|
|
|
|
196C4E4B000
|
unkown
|
page read and write
|
|
|
|
27D34002000
|
unkown
|
page read and write
|
|
|
|
1C7EEF6A000
|
unkown
|
page read and write
|
|
|
|
21FC3C52000
|
unkown
|
page read and write
|
|
|
|
1C7EE96D000
|
unkown
|
page read and write
|
|
|
|
7328DBE000
|
stack
|
page read and write
|
|
|
|
1C7EE98F000
|
unkown
|
page read and write
|
|
|
|
21FC40D0000
|
unkown image
|
page readonly
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AC000
|
unkown
|
page read and write
|
|
|
|
7FF5BD832000
|
unkown image
|
page readonly
|
|
|
|
7FF5CE6E5000
|
unkown image
|
page readonly
|
|
|
|
7FF57A58E000
|
unkown image
|
page readonly
|
|
|
|
7FF57A3C3000
|
unkown image
|
page readonly
|
|
|
|
4C263FB000
|
stack
|
page read and write
|
|
|
|
26D12C00000
|
unkown image
|
page readonly
|
|
|
|
7DF58F6A2000
|
unkown image
|
page readonly
|
|
|
|
27D33FC0000
|
unkown image
|
page readonly
|
|
|
|
196C4E4F000
|
unkown
|
page read and write
|
|
|
|
1C7EE97C000
|
unkown
|
page read and write
|
|
|
|
7FF544C68000
|
unkown image
|
page readonly
|
|
|
|
17AC8FF000
|
stack
|
page read and write
|
|
|
|
1558A190000
|
unkown image
|
page readonly
|
|
|
|
27D38DD1000
|
unkown
|
page read and write
|
|
|
|
7DF559DB2000
|
unkown image
|
page readonly
|
|
|
|
7DF559DA2000
|
unkown image
|
page readonly
|
|
|
|
27D39086000
|
unkown
|
page read and write
|
|
|
|
7FF5BCBE9000
|
unkown image
|
page readonly
|
|
|
|
1C7EEE02000
|
unkown
|
page read and write
|
|
|
|
7DF58F6B0000
|
unkown image
|
page readonly
|
|
|
|
1558A295000
|
unkown
|
page read and write
|
|
|
|
1C7EE9AF000
|
unkown
|
page read and write
|
|
|
|
1C7EE971000
|
unkown
|
page read and write
|
|
|
|
196C4BD0000
|
unkown image
|
page readonly
|
|
|
|
7FF544C98000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD601000
|
unkown image
|
page readonly
|
|
|
|
27D38F10000
|
unkown
|
page read and write
|
|
|
|
7FF544CA9000
|
unkown image
|
page readonly
|
|
|
|
7328CBB000
|
unkown
|
page read and write
|
|
|
|
7FF5CE5FB000
|
unkown image
|
page readonly
|
|
|
|
27D3386F000
|
unkown
|
page read and write
|
|
|
|
7FF5A359B000
|
unkown image
|
page readonly
|
|
|
|
7DF58F690000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD7AE000
|
unkown image
|
page readonly
|
|
|
|
7FF544C5F000
|
unkown image
|
page readonly
|
|
|
|
27D34113000
|
unkown
|
page read and write
|
|
|
|
7DF559DB0000
|
unkown image
|
page readonly
|
|
|
|
8A80C7B000
|
stack
|
page read and write
|
|
|
|
196C4E3C000
|
unkown
|
page read and write
|
|
|
|
7FF57A401000
|
unkown image
|
page readonly
|
|
|
|
1C7EE7F0000
|
unkown
|
page read and write
|
|
|
|
7FF58EAD2000
|
unkown image
|
page readonly
|
|
|
|
27D39086000
|
unkown
|
page read and write
|
|
|
|
7FF5CE701000
|
unkown image
|
page readonly
|
|
|
|
27D33874000
|
unkown
|
page read and write
|
|
|
|
27D38F10000
|
unkown
|
page read and write
|
|
|
|
27D38DB4000
|
unkown
|
page read and write
|
|
|
|
27D336E0000
|
unkown image
|
page read and write
|
|
|
|
7FF5CE63D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A35BF000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3165000
|
unkown image
|
page readonly
|
|
|
|
27D38F20000
|
unkown
|
page read and write
|
|
|
|
27D33878000
|
unkown
|
page read and write
|
|
|
|
26D12A47000
|
unkown
|
page read and write
|
|
There are 604 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://shade-kaput-fender.glitch.me/indexmarcus.html
|
|