Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\10119ee3-a144-411f-ab01-72a3caa91104.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\41639d3a-990d-414c-9b3f-8247225434da.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5bab75b8-f2c6-4b59-b416-c97e7e4d7e51.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\5f3a979d-957a-4949-8a44-963c6aa23254.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0fac5b34-485c-42c2-a060-56fcd31f5c06.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\192f5edb-f073-4943-b274-cf89f7d393a0.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c897c13-c220-4ba7-8fcd-752e90e75d38.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\31a4c9ed-468b-4dc6-9f20-0b089d02b4cd.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\80b2943b-4a89-4da1-be2e-c285ae85fdf4.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old" (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old8. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State3} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.T (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\* (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.. (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesK (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesTM (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\9d642841-b840-4057-a741-6d6a466feca8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\cf94fa1d-db80-41ec-8b33-8cfd52805868.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a56b87ed-1b3d-460c-8ad3-a014d6df7423.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d01351f6-43de-4244-81bd-2d78db08b295.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d2414eef-1727-42f9-9f93-a1bd0bffdf18.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\de80c147-512b-4fbe-8532-6acc3631063c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f1402b5f-71d4-4dbd-b506-6e014845ea6c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f8df1fca-2173-448d-9a1c-57ba1d32dd59.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8 (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local States (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\s (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachecs (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cacheec (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache~RF2d76a.TMP. (copy)
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a76d1e2d-7ebc-4378-b121-a8df75dc2837.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b9ce15a2-52d7-4a2e-8fba-7b08dd8c0d24.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bd682fce-9133-4f12-8404-1747dfaa5669.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c082a94a-6e93-4ccb-ae0c-2bd8a7d76522.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d11c65c7-eb4c-44be-876c-b262da8557aa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d87a4949-078c-4a86-84be-2a7787b333fe.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\df52d7e0-4139-46da-83cc-ef1e3df522d4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\004dc817-276b-4e50-9c03-9a191ca72b86.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0ebaf065-297b-4f01-965b-5a5e9cdef594.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5528_1344797983\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\70ec42d3-4a61-4bb1-bdb6-008637bb1911.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\838501dc-566c-496a-a4b7-1793f60398f0.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\0ebaf065-297b-4f01-965b-5a5e9cdef594.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_1094426447\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\70ec42d3-4a61-4bb1-bdb6-008637bb1911.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5528_300980947\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 249 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiinshaaaaadsjiceocrerejoeijbhce.html#maggier@dwotc.com
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1512,4624898125248874679,17202284550238200618,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1912 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiinshaaaaadsjiceocrerejoeijbhce.html#maggier@dwotc.com
|
 |
||
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiinshaaaaadsjiceocrerejoeijbhce.html#maggier@dwotc.com
|
|
||
|
https://www.google.com/s2/favicons?domain=dwotc.comd
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jskf
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2ChIKBw1TVYG1GgAKBw2MV9u3GgA=2
|
unknown
|
|
|
|
https://www.google.com/s2/favicons?domain=dwotc.com
|
142.250.185.132
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/favicon.ico
|
199.36.158.100
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.181.225
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.7.0/css/all.css
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.10.207
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/css/hover.css
|
199.36.158.100
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=ZJjxwrsttFjk%2BFYuse11oxcwr7MMFa14Rt%2F5qK%2B5RVL9x3bqrLhXM
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/images/1.png
|
199.36.158.100
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.181.238
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.18.109
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
|
104.18.11.207
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
104.18.10.207
|
|
|
|
https://code.jquery.com/jquery-3.3.1.js
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
104.16.19.94
|
|
|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiinshaaaaadsjiceocrerejoeijbhce.html
|
199.36.158.100
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiin
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.3.1.js&
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=vjiUX4z9ffHbMP6ZmmB9ajd1KcbLgnxh6VRmprteAfHh3dQUu8fT0X3v%2F
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 70 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.186.131
|
|
|
|
stackpath.bootstrapcdn.com
|
104.18.11.207
|
|
|
|
accounts.google.com
|
172.217.18.109
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
mailchkaaapphosinshaeeeauaaug3.web.app
|
199.36.158.100
|
|
|
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
|
|
|
www.google.com
|
142.250.185.132
|
|
|
|
clients.l.google.com
|
142.250.181.238
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.181.225
|
|
|
|
use.fontawesome.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
There are 3 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
|
|
|
142.250.181.238
|
clients.l.google.com
|
United States
|
|
|
|
142.250.186.131
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
142.250.185.132
|
www.google.com
|
United States
|
|
|
|
199.36.158.100
|
mailchkaaapphosinshaeeeauaaug3.web.app
|
United States
|
|
|
|
104.18.11.207
|
stackpath.bootstrapcdn.com
|
United States
|
|
|
|
142.250.181.225
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
172.217.18.109
|
accounts.google.com
|
United States
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
There are 2 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF50305A000
|
unkown image
|
page readonly
|
|
|
|
208FB730000
|
unkown
|
page read and write
|
|
|
|
1D19084C000
|
unkown
|
page read and write
|
|
|
|
5D38FD000
|
stack
|
page read and write
|
|
|
|
18B3724A000
|
unkown
|
page read and write
|
|
|
|
7DF5ABFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF502FEA000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF281000
|
unkown image
|
page readonly
|
|
|
|
133367E000
|
stack
|
page read and write
|
|
|
|
5D3BFF000
|
stack
|
page read and write
|
|
|
|
2BBF94DF000
|
unkown
|
page read and write
|
|
|
|
7FF4FF18F000
|
unkown image
|
page readonly
|
|
|
|
7DF510CE2000
|
unkown image
|
page readonly
|
|
|
|
7DF510CD0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF18D000
|
unkown image
|
page readonly
|
|
|
|
1686C430000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFC0000
|
unkown image
|
page readonly
|
|
|
|
208FB03C000
|
unkown
|
page read and write
|
|
|
|
18B37302000
|
unkown
|
page read and write
|
|
|
|
18B37B4E000
|
unkown
|
page read and write
|
|
|
|
18B372C0000
|
unkown
|
page read and write
|
|
|
|
1D19083C000
|
unkown
|
page read and write
|
|
|
|
7FF59E266000
|
unkown image
|
page readonly
|
|
|
|
7FF59E277000
|
unkown image
|
page readonly
|
|
|
|
7DF510CF0000
|
unkown image
|
page readonly
|
|
|
|
208FAFA0000
|
unkown image
|
page readonly
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
1D19084D000
|
unkown
|
page read and write
|
|
|
|
7FF502E40000
|
unkown image
|
page readonly
|
|
|
|
7FF518A97000
|
unkown image
|
page readonly
|
|
|
|
208FB650000
|
unkown image
|
page readonly
|
|
|
|
1D190610000
|
unkown image
|
page readonly
|
|
|
|
7FF538A76000
|
unkown image
|
page readonly
|
|
|
|
7FF502F93000
|
unkown image
|
page readonly
|
|
|
|
18B37BAA000
|
unkown
|
page read and write
|
|
|
|
7FF502FC3000
|
unkown image
|
page readonly
|
|
|
|
7FF538B61000
|
unkown image
|
page readonly
|
|
|
|
7FF502ECB000
|
unkown image
|
page readonly
|
|
|
|
7FF56467F000
|
unkown image
|
page readonly
|
|
|
|
4BBFE7B000
|
unkown
|
page read and write
|
|
|
|
1CBAD160000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2CA000
|
unkown image
|
page readonly
|
|
|
|
7FF5189A1000
|
unkown image
|
page readonly
|
|
|
|
18B37247000
|
unkown
|
page read and write
|
|
|
|
7FF5644F5000
|
unkown image
|
page readonly
|
|
|
|
1D190900000
|
unkown
|
page read and write
|
|
|
|
1686C520000
|
unkown
|
page read and write
|
|
|
|
5D3CFF000
|
stack
|
page read and write
|
|
|
|
1CBAD313000
|
unkown
|
page read and write
|
|
|
|
18B37BDD000
|
unkown
|
page read and write
|
|
|
|
7DF526782000
|
unkown image
|
page readonly
|
|
|
|
1CBAD253000
|
unkown
|
page read and write
|
|
|
|
7FF5189A5000
|
unkown image
|
page readonly
|
|
|
|
7D3D92E000
|
stack
|
page read and write
|
|
|
|
7FF59E329000
|
unkown image
|
page readonly
|
|
|
|
18B371B0000
|
unkown
|
page read and write
|
|
|
|
2BBF93D0000
|
unkown
|
page read and write
|
|
|
|
208FB077000
|
unkown
|
page read and write
|
|
|
|
1D190829000
|
unkown
|
page read and write
|
|
|
|
7FF5647A7000
|
unkown image
|
page readonly
|
|
|
|
F2CF5AF000
|
stack
|
page read and write
|
|
|
|
7FF518A33000
|
unkown image
|
page readonly
|
|
|
|
7DF510CD2000
|
unkown image
|
page readonly
|
|
|
|
18B37B9D000
|
unkown
|
page read and write
|
|
|
|
1CBAD24B000
|
unkown
|
page read and write
|
|
|
|
1CBAD130000
|
heap private
|
page read and write
|
|
|
|
7FF538AEA000
|
unkown image
|
page readonly
|
|
|
|
208FB013000
|
unkown
|
page read and write
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
1CBAD300000
|
unkown
|
page read and write
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
7FF502F97000
|
unkown image
|
page readonly
|
|
|
|
472B6F7000
|
stack
|
page read and write
|
|
|
|
18B37B8A000
|
unkown
|
page read and write
|
|
|
|
18B38102000
|
unkown
|
page read and write
|
|
|
|
7FF538B6A000
|
unkown image
|
page readonly
|
|
|
|
1CBAD4D0000
|
unkown image
|
page readonly
|
|
|
|
7FF59DB66000
|
unkown image
|
page readonly
|
|
|
|
7FF4FE678000
|
unkown image
|
page readonly
|
|
|
|
18B37308000
|
unkown
|
page read and write
|
|
|
|
F2CF87F000
|
stack
|
page read and write
|
|
|
|
1CBAD24E000
|
unkown
|
page read and write
|
|
|
|
7DF50CEE0000
|
unkown image
|
page readonly
|
|
|
|
7FF502F83000
|
unkown image
|
page readonly
|
|
|
|
7FF59E334000
|
unkown image
|
page readonly
|
|
|
|
1686C6F9000
|
heap private
|
page read and write
|
|
|
|
7DF5ABFD0000
|
unkown image
|
page readonly
|
|
|
|
7DF510CE2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF271000
|
unkown image
|
page readonly
|
|
|
|
7FF564842000
|
unkown image
|
page readonly
|
|
|
|
7FF518B0A000
|
unkown image
|
page readonly
|
|
|
|
7FF538B71000
|
unkown image
|
page readonly
|
|
|
|
7FF538AED000
|
unkown image
|
page readonly
|
|
|
|
7DF4A9E80000
|
unkown image
|
page readonly
|
|
|
|
2BBF9410000
|
unkown image
|
page read and write
|
|
|
|
2BBF94C1000
|
unkown
|
page read and write
|
|
|
|
18B379A0000
|
unkown
|
page read and write
|
|
|
|
18B37B8D000
|
unkown
|
page read and write
|
|
|
|
2BBF93C0000
|
heap private
|
page read and write
|
|
|
|
7DF5724E2000
|
unkown image
|
page readonly
|
|
|
|
7FF502F7D000
|
unkown image
|
page readonly
|
|
|
|
2BBF94D7000
|
unkown
|
page read and write
|
|
|
|
1CBAD6D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF189000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEF05000
|
unkown image
|
page readonly
|
|
|
|
1686D360000
|
unkown
|
page read and write
|
|
|
|
7FF502F90000
|
unkown image
|
page readonly
|
|
|
|
7FF5646F1000
|
unkown image
|
page readonly
|
|
|
|
18B37249000
|
unkown
|
page read and write
|
|
|
|
18B37150000
|
unkown image
|
page readonly
|
|
|
|
18B372E1000
|
unkown
|
page read and write
|
|
|
|
7FF4FED67000
|
unkown image
|
page readonly
|
|
|
|
18B37BB9000
|
unkown
|
page read and write
|
|
|
|
208FB04E000
|
unkown
|
page read and write
|
|
|
|
7FF4FEBFC000
|
unkown image
|
page readonly
|
|
|
|
7FF59E351000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF04D000
|
unkown image
|
page readonly
|
|
|
|
7FF518A29000
|
unkown image
|
page readonly
|
|
|
|
7FF502EF5000
|
unkown image
|
page readonly
|
|
|
|
4BC047F000
|
stack
|
page read and write
|
|
|
|
472BC78000
|
stack
|
page read and write
|
|
|
|
7DF50CF00000
|
unkown image
|
page readonly
|
|
|
|
18B37B00000
|
unkown
|
page read and write
|
|
|
|
18B37B78000
|
unkown
|
page read and write
|
|
|
|
1CBAD1C0000
|
unkown
|
page read and write
|
|
|
|
7FF564640000
|
unkown image
|
page readonly
|
|
|
|
1D190908000
|
unkown
|
page read and write
|
|
|
|
208FB000000
|
unkown
|
page read and write
|
|
|
|
F2CFA7A000
|
stack
|
page read and write
|
|
|
|
7FF4FF1FD000
|
unkown image
|
page readonly
|
|
|
|
7D3D8AB000
|
unkown
|
page read and write
|
|
|
|
18B37BAE000
|
unkown
|
page read and write
|
|
|
|
7FF518A73000
|
unkown image
|
page readonly
|
|
|
|
7FF518601000
|
unkown image
|
page readonly
|
|
|
|
7FF502F79000
|
unkown image
|
page readonly
|
|
|
|
1686C700000
|
unkown
|
page read and write
|
|
|
|
7FF502E7F000
|
unkown image
|
page readonly
|
|
|
|
1686D100000
|
unkown
|
page read and write
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
7FF51897B000
|
unkown image
|
page readonly
|
|
|
|
18B37B99000
|
unkown
|
page read and write
|
|
|
|
7FF5188A6000
|
unkown image
|
page readonly
|
|
|
|
1686C420000
|
unkown image
|
page readonly
|
|
|
|
7FF518AF2000
|
unkown image
|
page readonly
|
|
|
|
208FB113000
|
unkown
|
page read and write
|
|
|
|
7FF5188ED000
|
unkown image
|
page readonly
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
7FF5383FE000
|
unkown image
|
page readonly
|
|
|
|
7DF526790000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF050000
|
unkown image
|
page readonly
|
|
|
|
18B37B49000
|
unkown
|
page read and write
|
|
|
|
2BBF9280000
|
unkown image
|
page readonly
|
|
|
|
1686C565000
|
heap default
|
page read and write
|
|
|
|
208FAFD0000
|
heap default
|
page read and write
|
|
|
|
7FF5646DC000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEFE5000
|
unkown image
|
page readonly
|
|
|
|
208FB802000
|
unkown
|
page read and write
|
|
|
|
18B37B9B000
|
unkown
|
page read and write
|
|
|
|
7DF526780000
|
unkown image
|
page readonly
|
|
|
|
7FF518A2D000
|
unkown image
|
page readonly
|
|
|
|
7FF518A47000
|
unkown image
|
page readonly
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
18B372A1000
|
unkown
|
page read and write
|
|
|
|
1333879000
|
stack
|
page read and write
|
|
|
|
7DF50CEF0000
|
unkown image
|
page readonly
|
|
|
|
1D190620000
|
unkown image
|
page readonly
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
7FF56486A000
|
unkown image
|
page readonly
|
|
|
|
472B4FB000
|
stack
|
page read and write
|
|
|
|
18B37229000
|
unkown
|
page read and write
|
|
|
|
7DF526780000
|
unkown image
|
page readonly
|
|
|
|
7DF510CF0000
|
unkown image
|
page readonly
|
|
|
|
7FF563C68000
|
unkown image
|
page readonly
|
|
|
|
F2CF97F000
|
stack
|
page read and write
|
|
|
|
7FF56479E000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEFC4000
|
unkown image
|
page readonly
|
|
|
|
208FB049000
|
unkown
|
page read and write
|
|
|
|
1D190C00000
|
unkown image
|
page readonly
|
|
|
|
18B37B9D000
|
unkown
|
page read and write
|
|
|
|
18B37B18000
|
unkown
|
page read and write
|
|
|
|
7DF5467E0000
|
unkown image
|
page readonly
|
|
|
|
1686C59B000
|
heap default
|
page read and write
|
|
|
|
1CBAD200000
|
unkown
|
page read and write
|
|
|
|
7FF502FCE000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEF52000
|
unkown image
|
page readonly
|
|
|
|
7FF5383F9000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEFC6000
|
unkown image
|
page readonly
|
|
|
|
18B37B99000
|
unkown
|
page read and write
|
|
|
|
1D19088C000
|
unkown
|
page read and write
|
|
|
|
1686C400000
|
unkown image
|
page readonly
|
|
|
|
18B37B9B000
|
unkown
|
page read and write
|
|
|
|
7FF517F18000
|
unkown image
|
page readonly
|
|
|
|
7FF538B42000
|
unkown image
|
page readonly
|
|
|
|
7FF51892F000
|
unkown image
|
page readonly
|
|
|
|
4BC057E000
|
stack
|
page read and write
|
|
|
|
18B38100000
|
unkown
|
page read and write
|
|
|
|
18B37930000
|
unkown image
|
page write copy
|
|
|
|
7DF5724E0000
|
unkown image
|
page readonly
|
|
|
|
7FF502462000
|
unkown image
|
page readonly
|
|
|
|
7DF50CEF2000
|
unkown image
|
page readonly
|
|
|
|
208FAFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF131000
|
unkown image
|
page readonly
|
|
|
|
7DF50CF00000
|
unkown image
|
page readonly
|
|
|
|
7FF518A40000
|
unkown image
|
page readonly
|
|
|
|
13333EE000
|
stack
|
page read and write
|
|
|
|
7FF518B21000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF163000
|
unkown image
|
page readonly
|
|
|
|
7FF518B04000
|
unkown image
|
page readonly
|
|
|
|
472BA7A000
|
stack
|
page read and write
|
|
|
|
1D19087F000
|
unkown
|
page read and write
|
|
|
|
7FF53830C000
|
unkown image
|
page readonly
|
|
|
|
7DF5467D0000
|
unkown image
|
page readonly
|
|
|
|
7FF503061000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF031000
|
unkown image
|
page readonly
|
|
|
|
1CBAD285000
|
unkown
|
page read and write
|
|
|
|
4BC007B000
|
stack
|
page read and write
|
|
|
|
2BBF9260000
|
unkown image
|
page read and write
|
|
|
|
7DF5ABFB2000
|
unkown image
|
page readonly
|
|
|
|
2BBF94DF000
|
unkown
|
page read and write
|
|
|
|
7DF5267A0000
|
unkown image
|
page readonly
|
|
|
|
18B37B8A000
|
unkown
|
page read and write
|
|
|
|
7FF4FF1A3000
|
unkown image
|
page readonly
|
|
|
|
18B3724E000
|
unkown
|
page read and write
|
|
|
|
18B37B7D000
|
unkown
|
page read and write
|
|
|
|
18B379A0000
|
unkown
|
page read and write
|
|
|
|
7FF4FF259000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF15A000
|
unkown image
|
page readonly
|
|
|
|
2BBF94B0000
|
heap default
|
page read and write
|
|
|
|
7FF4FF1B7000
|
unkown image
|
page readonly
|
|
|
|
1CBAD229000
|
unkown
|
page read and write
|
|
|
|
7DF5724E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5646F5000
|
unkown image
|
page readonly
|
|
|
|
7FF518A4E000
|
unkown image
|
page readonly
|
|
|
|
472BB7D000
|
stack
|
page read and write
|
|
|
|
7FF5646C5000
|
unkown image
|
page readonly
|
|
|
|
7FF59E263000
|
unkown image
|
page readonly
|
|
|
|
7FF564351000
|
unkown image
|
page readonly
|
|
|
|
7FF502CF5000
|
unkown image
|
page readonly
|
|
|
|
208FB102000
|
unkown
|
page read and write
|
|
|
|
7FF564871000
|
unkown image
|
page readonly
|
|
|
|
7FF503071000
|
unkown image
|
page readonly
|
|
|
|
1686C6D0000
|
unkown
|
page read and write
|
|
|
|
2BBF9930000
|
unkown image
|
page readonly
|
|
|
|
7DF5467E0000
|
unkown image
|
page readonly
|
|
|
|
7FF59E345000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF252000
|
unkown image
|
page readonly
|
|
|
|
7FF518A7E000
|
unkown image
|
page readonly
|
|
|
|
208FAF60000
|
unkown image
|
page read and write
|
|
|
|
7FF502E21000
|
unkown image
|
page readonly
|
|
|
|
13337FF000
|
stack
|
page read and write
|
|
|
|
7FF564871000
|
unkown image
|
page readonly
|
|
|
|
7DF50CEF2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF27A000
|
unkown image
|
page readonly
|
|
|
|
7FF502DF6000
|
unkown image
|
page readonly
|
|
|
|
18B37B8D000
|
unkown
|
page read and write
|
|
|
|
7FF4FF0DB000
|
unkown image
|
page readonly
|
|
|
|
18B37316000
|
unkown
|
page read and write
|
|
|
|
472B7FE000
|
stack
|
page read and write
|
|
|
|
18B37B9B000
|
unkown
|
page read and write
|
|
|
|
7FF538ACE000
|
unkown image
|
page readonly
|
|
|
|
1CBAD190000
|
heap default
|
page read and write
|
|
|
|
7DF5724D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFB0000
|
unkown image
|
page readonly
|
|
|
|
7DF510CD2000
|
unkown image
|
page readonly
|
|
|
|
7DF5267A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5647CE000
|
unkown image
|
page readonly
|
|
|
|
7FF5382E4000
|
unkown image
|
page readonly
|
|
|
|
1CBAD140000
|
unkown image
|
page readonly
|
|
|
|
7DF5467D2000
|
unkown image
|
page readonly
|
|
|
|
7FF502EDC000
|
unkown image
|
page readonly
|
|
|
|
1686D330000
|
unkown
|
page read and write
|
|
|
|
1686C58F000
|
unkown
|
page read and write
|
|
|
|
18B37850000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEDE7000
|
unkown image
|
page readonly
|
|
|
|
7FF5646CB000
|
unkown image
|
page readonly
|
|
|
|
7FF538AC2000
|
unkown image
|
page readonly
|
|
|
|
5D3AF7000
|
stack
|
page read and write
|
|
|
|
7FF502886000
|
unkown image
|
page readonly
|
|
|
|
2BBF97B0000
|
unkown image
|
page readonly
|
|
|
|
7FF502EF1000
|
unkown image
|
page readonly
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
18B37B70000
|
unkown
|
page read and write
|
|
|
|
18B37BBC000
|
unkown
|
page read and write
|
|
|
|
472B8F8000
|
stack
|
page read and write
|
|
|
|
7DF50CEE2000
|
unkown image
|
page readonly
|
|
|
|
18B37B97000
|
unkown
|
page read and write
|
|
|
|
1CBAD140000
|
unkown image
|
page readonly
|
|
|
|
7FF53830E000
|
unkown image
|
page readonly
|
|
|
|
18B3806A000
|
unkown
|
page read and write
|
|
|
|
18B37110000
|
unkown image
|
page read and write
|
|
|
|
7FF502E3D000
|
unkown image
|
page readonly
|
|
|
|
7FF502F7F000
|
unkown image
|
page readonly
|
|
|
|
18B37B76000
|
unkown
|
page read and write
|
|
|
|
7FF4FF12F000
|
unkown image
|
page readonly
|
|
|
|
7FF503054000
|
unkown image
|
page readonly
|
|
|
|
7FF518A9A000
|
unkown image
|
page readonly
|
|
|
|
2BBF95B0000
|
unkown image
|
page readonly
|
|
|
|
7FF59DB85000
|
unkown image
|
page readonly
|
|
|
|
18B37B79000
|
unkown
|
page read and write
|
|
|
|
7FF502468000
|
unkown image
|
page readonly
|
|
|
|
7DF5467E2000
|
unkown image
|
page readonly
|
|
|
|
18B37180000
|
heap default
|
page read and write
|
|
|
|
1CBAD248000
|
unkown
|
page read and write
|
|
|
|
1686D340000
|
unkown
|
page readonly
|
|
|
|
7FF538ABB000
|
unkown image
|
page readonly
|
|
|
|
18B37251000
|
unkown
|
page read and write
|
|
|
|
7FF538B65000
|
unkown image
|
page readonly
|
|
|
|
18B37130000
|
unkown image
|
page readonly
|
|
|
|
18B3724D000
|
unkown
|
page read and write
|
|
|
|
7FF51890B000
|
unkown image
|
page readonly
|
|
|
|
208FB4D0000
|
unkown image
|
page readonly
|
|
|
|
7FF538A86000
|
unkown image
|
page readonly
|
|
|
|
7DF526792000
|
unkown image
|
page readonly
|
|
|
|
208FB2D0000
|
unkown image
|
page readonly
|
|
|
|
7FF59E351000
|
unkown image
|
page readonly
|
|
|
|
7FF53890A000
|
unkown image
|
page readonly
|
|
|
|
208FB053000
|
unkown
|
page read and write
|
|
|
|
7FF538A93000
|
unkown image
|
page readonly
|
|
|
|
7FF502FBB000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2A3000
|
unkown image
|
page readonly
|
|
|
|
18B37BBC000
|
unkown
|
page read and write
|
|
|
|
7FF4FF0D5000
|
unkown image
|
page readonly
|
|
|
|
7DF5724E0000
|
unkown image
|
page readonly
|
|
|
|
7FF518975000
|
unkown image
|
page readonly
|
|
|
|
18B38102000
|
unkown
|
page read and write
|
|
|
|
7FF59E29B000
|
unkown image
|
page readonly
|
|
|
|
18B37160000
|
unkown image
|
page readonly
|
|
|
|
1686C640000
|
unkown
|
page read and write
|
|
|
|
18B37B79000
|
unkown
|
page read and write
|
|
|
|
7FF5389DC000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1FA000
|
unkown image
|
page readonly
|
|
|
|
208FAF80000
|
unkown image
|
page readonly
|
|
|
|
18B38019000
|
unkown
|
page read and write
|
|
|
|
7FF5647C3000
|
unkown image
|
page readonly
|
|
|
|
7FF518336000
|
unkown image
|
page readonly
|
|
|
|
208FAF80000
|
unkown image
|
page readonly
|
|
|
|
1D190870000
|
unkown
|
page read and write
|
|
|
|
7FF563C62000
|
unkown image
|
page readonly
|
|
|
|
472B5F8000
|
stack
|
page read and write
|
|
|
|
18B37B6B000
|
unkown
|
page read and write
|
|
|
|
7FF538A90000
|
unkown image
|
page readonly
|
|
|
|
7DF510CE0000
|
unkown image
|
page readonly
|
|
|
|
1D190720000
|
unkown image
|
page readonly
|
|
|
|
7FF538A83000
|
unkown image
|
page readonly
|
|
|
|
7DF5724D2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1AE000
|
unkown image
|
page readonly
|
|
|
|
18B379B0000
|
unkown image
|
page read and write
|
|
|
|
1686C58F000
|
unkown
|
page read and write
|
|
|
|
1D1905F0000
|
unkown image
|
page readonly
|
|
|
|
7DF5724D0000
|
unkown image
|
page readonly
|
|
|
|
7FF518A17000
|
unkown image
|
page readonly
|
|
|
|
7DF4703A0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEE57000
|
unkown image
|
page readonly
|
|
|
|
18B37254000
|
unkown
|
page read and write
|
|
|
|
1686CC90000
|
unkown image
|
page readonly
|
|
|
|
7FF5645F6000
|
unkown image
|
page readonly
|
|
|
|
4BC0277000
|
stack
|
page read and write
|
|
|
|
7FF564790000
|
unkown image
|
page readonly
|
|
|
|
7FF538982000
|
unkown image
|
page readonly
|
|
|
|
1333779000
|
stack
|
page read and write
|
|
|
|
1686C3F0000
|
unkown
|
page read and write
|
|
|
|
7FF4FF035000
|
unkown image
|
page readonly
|
|
|
|
4BC037C000
|
stack
|
page read and write
|
|
|
|
7FF4FF142000
|
unkown image
|
page readonly
|
|
|
|
18B37B97000
|
unkown
|
page read and write
|
|
|
|
1CBADA02000
|
unkown
|
page read and write
|
|
|
|
7FF4FF08F000
|
unkown image
|
page readonly
|
|
|
|
1CBAD23C000
|
unkown
|
page read and write
|
|
|
|
4BBFEFF000
|
stack
|
page read and write
|
|
|
|
F2CF52A000
|
unkown
|
page read and write
|
|
|
|
7DF5467E2000
|
unkown image
|
page readonly
|
|
|
|
18B37BDD000
|
unkown
|
page read and write
|
|
|
|
18B3724B000
|
unkown
|
page read and write
|
|
|
|
7DF526782000
|
unkown image
|
page readonly
|
|
|
|
4BC017B000
|
stack
|
page read and write
|
|
|
|
18B37BB6000
|
unkown
|
page read and write
|
|
|
|
18B37B99000
|
unkown
|
page read and write
|
|
|
|
18B372FB000
|
unkown
|
page read and write
|
|
|
|
1D190DA0000
|
unkown
|
page read and write
|
|
|
|
7DF526792000
|
unkown image
|
page readonly
|
|
|
|
7FF4FED61000
|
unkown image
|
page readonly
|
|
|
|
7FF538A7D000
|
unkown image
|
page readonly
|
|
|
|
18B3723C000
|
unkown
|
page read and write
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
7FF538B71000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF039000
|
unkown image
|
page readonly
|
|
|
|
7FF538B5A000
|
unkown image
|
page readonly
|
|
|
|
18B37B8D000
|
unkown
|
page read and write
|
|
|
|
2BBF93F0000
|
unkown image
|
page readonly
|
|
|
|
18B372BD000
|
unkown
|
page read and write
|
|
|
|
7FF4FF193000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF26A000
|
unkown image
|
page readonly
|
|
|
|
7FF502B51000
|
unkown image
|
page readonly
|
|
|
|
1CBAD213000
|
unkown
|
page read and write
|
|
|
|
7FF524A81000
|
unkown image
|
page readonly
|
|
|
|
208FB029000
|
unkown
|
page read and write
|
|
|
|
18B37A02000
|
unkown
|
page read and write
|
|
|
|
7FF502FA7000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2CD000
|
unkown image
|
page readonly
|
|
|
|
7FF518AF9000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1F7000
|
unkown image
|
page readonly
|
|
|
|
472B1CF000
|
stack
|
page read and write
|
|
|
|
18B372C7000
|
unkown
|
page read and write
|
|
|
|
2BBF94C6000
|
heap default
|
page read and write
|
|
|
|
1D190640000
|
heap default
|
page read and write
|
|
|
|
7FF518B1A000
|
unkown image
|
page readonly
|
|
|
|
208FB108000
|
unkown
|
page read and write
|
|
|
|
133336D000
|
stack
|
page read and write
|
|
|
|
7FF518A43000
|
unkown image
|
page readonly
|
|
|
|
7DF50CEE0000
|
unkown image
|
page readonly
|
|
|
|
18B372A8000
|
unkown
|
page read and write
|
|
|
|
7FF4FEF47000
|
unkown image
|
page readonly
|
|
|
|
1CBAD308000
|
unkown
|
page read and write
|
|
|
|
1686CCA0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1CB000
|
unkown image
|
page readonly
|
|
|
|
1CBAD850000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFB2000
|
unkown image
|
page readonly
|
|
|
|
7FF59E27E000
|
unkown image
|
page readonly
|
|
|
|
18B37B9B000
|
unkown
|
page read and write
|
|
|
|
7D3DEF7000
|
stack
|
page read and write
|
|
|
|
18B37B4B000
|
unkown
|
page read and write
|
|
|
|
7DF510CE0000
|
unkown image
|
page readonly
|
|
|
|
13332EB000
|
unkown
|
page read and write
|
|
|
|
1686C547000
|
heap default
|
page read and write
|
|
|
|
208FB081000
|
unkown
|
page read and write
|
|
|
|
18B37B9D000
|
unkown
|
page read and write
|
|
|
|
18B37B8D000
|
unkown
|
page read and write
|
|
|
|
7FF59E322000
|
unkown image
|
page readonly
|
|
|
|
18B37BBF000
|
unkown
|
page read and write
|
|
|
|
7FF4FF16E000
|
unkown image
|
page readonly
|
|
|
|
2BBF94D6000
|
unkown
|
page read and write
|
|
|
|
7FF4FF097000
|
unkown image
|
page readonly
|
|
|
|
18B37B73000
|
unkown
|
page read and write
|
|
|
|
7FF502FED000
|
unkown image
|
page readonly
|
|
|
|
7FF518B21000
|
unkown image
|
page readonly
|
|
|
|
7D3D9AE000
|
stack
|
page read and write
|
|
|
|
1686CB10000
|
unkown image
|
page readonly
|
|
|
|
18B37B99000
|
unkown
|
page read and write
|
|
|
|
7FF564767000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1A0000
|
unkown image
|
page readonly
|
|
|
|
7FF503049000
|
unkown image
|
page readonly
|
|
|
|
208FB100000
|
unkown
|
page read and write
|
|
|
|
7FF5383A9000
|
unkown image
|
page readonly
|
|
|
|
7FF502EC5000
|
unkown image
|
page readonly
|
|
|
|
7FF564779000
|
unkown image
|
page readonly
|
|
|
|
2BBF92A0000
|
unkown image
|
page readonly
|
|
|
|
7FF502F67000
|
unkown image
|
page readonly
|
|
|
|
1D190D80000
|
unkown image
|
page readonly
|
|
|
|
18B37200000
|
unkown
|
page read and write
|
|
|
|
7FF4FEDE9000
|
unkown image
|
page readonly
|
|
|
|
1686C400000
|
unkown image
|
page readonly
|
|
|
|
7FF59E34A000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEFD1000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF0EC000
|
unkown image
|
page readonly
|
|
|
|
7DF5467F0000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFC2000
|
unkown image
|
page readonly
|
|
|
|
7FF538B49000
|
unkown image
|
page readonly
|
|
|
|
7FF59E2AE000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF06B000
|
unkown image
|
page readonly
|
|
|
|
7FF59E25D000
|
unkown image
|
page readonly
|
|
|
|
5D3DFE000
|
stack
|
page read and write
|
|
|
|
1CBAD26F000
|
unkown
|
page read and write
|
|
|
|
18B371D0000
|
unkown image
|
page readonly
|
|
|
|
7FF538313000
|
unkown image
|
page readonly
|
|
|
|
7FF518A9D000
|
unkown image
|
page readonly
|
|
|
|
18B37213000
|
unkown
|
page read and write
|
|
|
|
7FF4FEE54000
|
unkown image
|
page readonly
|
|
|
|
1D190853000
|
unkown
|
page read and write
|
|
|
|
7FF59E270000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEFDF000
|
unkown image
|
page readonly
|
|
|
|
7DF40ADB0000
|
unkown image
|
page readonly
|
|
|
|
1CBAD27A000
|
unkown
|
page read and write
|
|
|
|
7FF59E341000
|
unkown image
|
page readonly
|
|
|
|
18B37120000
|
heap private
|
page read and write
|
|
|
|
18B37B55000
|
unkown
|
page read and write
|
|
|
|
472B0CC000
|
unkown
|
page read and write
|
|
|
|
7FF518A2F000
|
unkown image
|
page readonly
|
|
|
|
18B37BA4000
|
unkown
|
page read and write
|
|
|
|
7FF518A57000
|
unkown image
|
page readonly
|
|
|
|
5D377E000
|
stack
|
page read and write
|
|
|
|
2BBF94F2000
|
unkown
|
page read and write
|
|
|
|
472B14F000
|
stack
|
page read and write
|
|
|
|
18B37248000
|
unkown
|
page read and write
|
|
|
|
18B38163000
|
unkown
|
page read and write
|
|
|
|
7DF5ABFD0000
|
unkown image
|
page readonly
|
|
|
|
7DF424650000
|
unkown image
|
page readonly
|
|
|
|
7FF59E25F000
|
unkown image
|
page readonly
|
|
|
|
7FF503071000
|
unkown image
|
page readonly
|
|
|
|
7DF50CEF0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF264000
|
unkown image
|
page readonly
|
|
|
|
7FF564357000
|
unkown image
|
page readonly
|
|
|
|
2BBF9400000
|
unkown image
|
page readonly
|
|
|
|
18B37B70000
|
unkown
|
page read and write
|
|
|
|
18B37BAA000
|
unkown
|
page read and write
|
|
|
|
7FF4FEAB5000
|
unkown image
|
page readonly
|
|
|
|
18B37BBA000
|
unkown
|
page read and write
|
|
|
|
7D3E0FF000
|
stack
|
page read and write
|
|
|
|
1686C660000
|
unkown image
|
page readonly
|
|
|
|
7FF518607000
|
unkown image
|
page readonly
|
|
|
|
7FF503042000
|
unkown image
|
page readonly
|
|
|
|
208FB04B000
|
unkown
|
page read and write
|
|
|
|
18B3806A000
|
unkown
|
page read and write
|
|
|
|
2BBF9390000
|
unkown
|
page read and write
|
|
|
|
7FF518B11000
|
unkown image
|
page readonly
|
|
|
|
1CBAD170000
|
unkown image
|
page readonly
|
|
|
|
1686C588000
|
unkown
|
page read and write
|
|
|
|
2BBF9280000
|
unkown image
|
page readonly
|
|
|
|
18B374D0000
|
unkown image
|
page readonly
|
|
|
|
7FF502F9E000
|
unkown image
|
page readonly
|
|
|
|
18B37B95000
|
unkown
|
page read and write
|
|
|
|
7FF502E5B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEBEB000
|
unkown image
|
page readonly
|
|
|
|
7FF56477D000
|
unkown image
|
page readonly
|
|
|
|
7DF50CEE2000
|
unkown image
|
page readonly
|
|
|
|
7FF59E273000
|
unkown image
|
page readonly
|
|
|
|
5D39FB000
|
stack
|
page read and write
|
|
|
|
18B372B0000
|
unkown
|
page read and write
|
|
|
|
7FF4FF1D3000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEBE7000
|
unkown image
|
page readonly
|
|
|
|
5D367B000
|
unkown
|
page read and write
|
|
|
|
7FF4FF101000
|
unkown image
|
page readonly
|
|
|
|
1CBAD120000
|
unkown image
|
page read and write
|
|
|
|
4BBFF7F000
|
stack
|
page read and write
|
|
|
|
18B372A8000
|
unkown
|
page read and write
|
|
|
|
7FF538987000
|
unkown image
|
page readonly
|
|
|
|
2BBF94DF000
|
unkown
|
page read and write
|
|
|
|
7FF4FF092000
|
unkown image
|
page readonly
|
|
|
|
F2CF8F9000
|
stack
|
page read and write
|
|
|
|
208FB06A000
|
unkown
|
page read and write
|
|
|
|
1CBAD302000
|
unkown
|
page read and write
|
|
|
|
7FF4FF1A7000
|
unkown image
|
page readonly
|
|
|
|
1D190913000
|
unkown
|
page read and write
|
|
|
|
1686D350000
|
unkown
|
page read and write
|
|
|
|
7FF564797000
|
unkown image
|
page readonly
|
|
|
|
18B37190000
|
unkown image
|
page readonly
|
|
|
|
7FF5187A5000
|
unkown image
|
page readonly
|
|
|
|
18B37130000
|
unkown image
|
page readonly
|
|
|
|
7FF5188F0000
|
unkown image
|
page readonly
|
|
|
|
2BBF94F1000
|
unkown
|
page read and write
|
|
|
|
1686C6F5000
|
heap private
|
page read and write
|
|
|
|
7FF5647EA000
|
unkown image
|
page readonly
|
|
|
|
7FF59E33A000
|
unkown image
|
page readonly
|
|
|
|
18B37BBE000
|
unkown
|
page read and write
|
|
|
|
7DF5467D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5647BB000
|
unkown image
|
page readonly
|
|
|
|
7FF564861000
|
unkown image
|
page readonly
|
|
|
|
18B379A0000
|
unkown
|
page read and write
|
|
|
|
7FF502B57000
|
unkown image
|
page readonly
|
|
|
|
7DF510CD0000
|
unkown image
|
page readonly
|
|
|
|
18B376D0000
|
unkown image
|
page readonly
|
|
|
|
7FF564621000
|
unkown image
|
page readonly
|
|
|
|
7FF564849000
|
unkown image
|
page readonly
|
|
|
|
18B38000000
|
unkown
|
page read and write
|
|
|
|
7FF4FE672000
|
unkown image
|
page readonly
|
|
|
|
7FF56485A000
|
unkown image
|
page readonly
|
|
|
|
7FF502FE7000
|
unkown image
|
page readonly
|
|
|
|
1D190802000
|
unkown
|
page read and write
|
|
|
|
1686C3E0000
|
unkown image
|
page read and write
|
|
|
|
1CBAD1A0000
|
unkown image
|
page readonly
|
|
|
|
18B37B9D000
|
unkown
|
page read and write
|
|
|
|
1686C540000
|
heap default
|
page read and write
|
|
|
|
18B37270000
|
unkown
|
page read and write
|
|
|
|
7FF518A6B000
|
unkown image
|
page readonly
|
|
|
|
18B37B24000
|
unkown
|
page read and write
|
|
|
|
7FF56477F000
|
unkown image
|
page readonly
|
|
|
|
1D190850000
|
unkown
|
page read and write
|
|
|
|
1686C58F000
|
unkown
|
page read and write
|
|
|
|
7FF564783000
|
unkown image
|
page readonly
|
|
|
|
18B37288000
|
unkown
|
page read and write
|
|
|
|
472B97F000
|
stack
|
page read and write
|
|
|
|
F2CF9FE000
|
stack
|
page read and write
|
|
|
|
7DF5467F0000
|
unkown image
|
page readonly
|
|
|
|
1D1905E0000
|
heap private
|
page read and write
|
|
|
|
1686C6F0000
|
heap private
|
page read and write
|
|
|
|
5D36FE000
|
stack
|
page read and write
|
|
|
|
1D190902000
|
unkown
|
page read and write
|
|
|
|
7FF4FF105000
|
unkown image
|
page readonly
|
|
|
|
7FF5188D1000
|
unkown image
|
page readonly
|
|
|
|
1686C6B0000
|
unkown
|
page read and write
|
|
|
|
7FF4FEDF6000
|
unkown image
|
page readonly
|
|
|
|
208FAFE0000
|
unkown image
|
page readonly
|
|
|
|
7FF51898C000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF177000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF280000
|
unkown image
|
page readonly
|
|
|
|
1D1905F0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF1DE000
|
unkown image
|
page readonly
|
|
|
|
7FF56465B000
|
unkown image
|
page readonly
|
|
|
|
7FF538A7F000
|
unkown image
|
page readonly
|
|
|
|
7FF4FF15E000
|
unkown image
|
page readonly
|
|
|
|
18B37313000
|
unkown
|
page read and write
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
7DF5724D2000
|
unkown image
|
page readonly
|
|
|
|
1D19084A000
|
unkown
|
page read and write
|
|
|
|
7FF56463D000
|
unkown image
|
page readonly
|
|
|
|
7DF5467D0000
|
unkown image
|
page readonly
|
|
|
|
18B37B55000
|
unkown
|
page read and write
|
|
|
|
208FAF70000
|
heap private
|
page read and write
|
|
|
|
472BD7E000
|
stack
|
page read and write
|
|
|
|
7D3DDFB000
|
stack
|
page read and write
|
|
|
|
7FF5647E7000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEF8B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FEA96000
|
unkown image
|
page readonly
|
|
|
|
7D3DFFF000
|
stack
|
page read and write
|
|
|
|
7FF4FF006000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFB0000
|
unkown image
|
page readonly
|
|
|
|
1D190A00000
|
unkown image
|
page readonly
|
|
|
|
1D1905D0000
|
unkown image
|
page read and write
|
|
|
|
7DF40EBA0000
|
unkown image
|
page readonly
|
|
|
|
1D190E02000
|
unkown
|
page read and write
|
|
|
|
7FF538B54000
|
unkown image
|
page readonly
|
|
|
|
7DF5724F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5647ED000
|
unkown image
|
page readonly
|
|
|
|
7FF53837E000
|
unkown image
|
page readonly
|
|
|
|
7FF564086000
|
unkown image
|
page readonly
|
|
|
|
7DF5ABFC2000
|
unkown image
|
page readonly
|
|
|
|
1D190813000
|
unkown
|
page read and write
|
|
|
|
1686C910000
|
unkown image
|
page readonly
|
|
|
|
7DF526790000
|
unkown image
|
page readonly
|
|
|
|
18B37B9E000
|
unkown
|
page read and write
|
|
|
|
7FF564854000
|
unkown image
|
page readonly
|
|
|
|
7DF5724F0000
|
unkown image
|
page readonly
|
|
|
|
7FF524A81000
|
unkown image
|
page readonly
|
|
|
|
13336FC000
|
stack
|
page read and write
|
|
|
|
2BBF93C5000
|
heap private
|
page read and write
|
|
|
|
18B37B5E000
|
unkown
|
page read and write
|
|
|
|
18B38002000
|
unkown
|
page read and write
|
|
|
|
7FF564793000
|
unkown image
|
page readonly
|
|
|
|
7DF4446A0000
|
unkown image
|
page readonly
|
|
|
|
7FF50306A000
|
unkown image
|
page readonly
|
|
|
|
1D190800000
|
unkown
|
page read and write
|
|
There are 620 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://mailchkaaapphosinshaeeeauaaug3.web.app/mailserver.dwotc.com-emailrecover=domain=dwotc.comiinshaaaaadsjiceocrerejoeijbhce.html#maggier@dwotc.com
|
|