Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0b40cece-6ea1-42b8-9952-e1c607e08c5c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0c4cb572-e112-48c7-8141-c75c4874ff74.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1633a349-15b4-4905-bb60-057b7722b5e0.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\20f78ce5-b1f0-425e-a5b6-5308132c2437.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\43774da9-e6cf-48a7-acd8-4eeda09a1db2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\70abcb1d-57d8-4ca5-8453-80cc78c636ff.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7a14bfe3-6f05-4d93-ba73-5ecfb54f9701.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\83232444-9d07-423d-94de-62c5e39a6abc.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\87df421f-8224-49e7-9c4a-70b320747bcb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9e82d62e-76d5-434e-87e2-535fadad951e.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1a42d105-4e84-4af2-8d75-016bbc07589a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2f3cf12e-f490-4d4f-97e6-957f9be7801c.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\38447083-a872-4400-a981-6a561b0f4ffa.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\45c94d5c-a639-4bbf-91ca-5956979e1c82.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\609edaf5-8488-4915-8cb5-e4fd3a3aeb62.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\630909ca-19a2-4542-bf47-63b5c203b820.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\65d1d3dc-7b3b-48dc-818f-2ef38102d12f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\66e5e969-f6ad-4881-92a5-340c37bbb063.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\739ffcc2-b411-4a5e-80e4-dea366b78215.tmp
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\914eb07b-0302-4737-ac1c-5763e5e65a35.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9d4b08a7-956f-4782-9d6f-2b8583dbcc2f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldp (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old;. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldd (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\CURRENT
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_onenote.officeapps.live.com_0.indexeddb.leveldb\MANIFEST-000001
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsT (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldew (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences=A (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\abd30e09-56c9-4ed1-a7bb-028ea9083481\index
|
ISO-8859 text, with no line terminators, with escape sequences
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\abd30e09-56c9-4ed1-a7bb-028ea9083481\index-dir\temp-index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\cd34f4de589b0f51b41c88a82a638ef94e7af727\index.txt.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\d4530721-f181-4df1-a2c6-ed1a3f15b0c8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\006a602e-5399-4480-908f-6b1157b1b6f8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldp. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\be647211-ebfa-4469-9d84-27f8e7ac33d8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c227e6f5-3b97-4718-8691-ce563c9a5ecb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c756786c-f339-4973-b24c-09c0a2c0dea7.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d8959078-39cd-4897-9b09-78cc91d6138e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldol (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statep (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6920_161226201\Ruleset Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c9774405-a35b-40d6-a187-4c7bb80d695e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f6717bb3-cb7f-428a-b2c0-1ec5453dca39.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\1bd54b7a-3f3f-4e37-b61c-8f8f24402269.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\520e8901-d123-497c-9286-d31a8e6782fa.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_1519426903\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_456829785\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_456829785\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_456829785\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_456829785\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_456829785\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_817434746\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_817434746\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_817434746\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_817434746\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6920_817434746\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\72a0e26a-127b-42a2-8d5e-b7eb5f42ebd8.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\93a1c698-030f-420a-a85f-a378c5e067e8.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\72a0e26a-127b-42a2-8d5e-b7eb5f42ebd8.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_1064476069\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\1bd54b7a-3f3f-4e37-b61c-8f8f24402269.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6920_749879839\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 260 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1628,8635849486097007892,2611066637864603376,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1916 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&wdo=2&authkey=!AJzT10c65dPX7EI
|
 |
||
|
https://rollingproductions.co/form/vendor/
|
|
||
|
https://rollingproductions.co/form/vendor/
|
192.95.39.145
|
|
|
|
https://ttucorp.com/
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.13
|
192.124.249.68
|
|
|
|
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kcXVPRWG7fMILHmzon0--fD3
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/linear-icons/fonts/Linearicons-Free.woff2?w118d
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.7.0
|
192.124.249.68
|
|
|
|
http://tonda.select-themes.com
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/jquery.waitforimages.jspr
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.s
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/modules-responsive.min.css
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/parallax.min.js
|
192.124.249.68
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://p.sfx.ms/is/invis.gif
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/apps-themes
|
unknown
|
|
|
|
https://ttucorp.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
|
192.124.249.68
|
|
|
|
https://csp.withgoogle.com/csp/recaptcha
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kcXVPRWG7fMILHmzon0--fD3I
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.3.0
|
192.124.249.68
|
|
|
|
http://api.jqueryui.com/jQuery.widget/
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woochimp/assets/css/skins/woochimp_skin_2.css
|
192.124.249.68
|
|
|
|
http://www.opensource.org/licenses/mit-license.php
|
unknown
|
|
|
|
https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190502234305/footer-cards.png
|
18.66.188.202
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/js/modules.min.jss
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.8
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/custom-font/assets/js/plugins/typed.js
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/counter/assets/js/plugins/absoluteCount
|
unknown
|
|
|
|
http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=3.7.
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-includes/js/wp-emoji-release.min.js
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.sl
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/tonda-membership/assets/js/membership.min.js
|
192.124.249.68
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7528776-1&cid=2067470840.1636384772&jid=1552750421&_v=5.7.2&z=115544500
|
142.250.145.154
|
|
|
|
https://ttucorp.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
|
192.124.249.68
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
|
152.199.23.37
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/recaptcha_
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0P
|
unknown
|
|
|
|
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss1-11
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
|
152.199.23.37
|
|
|
|
https://ttucorp.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.7
|
192.124.249.68
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver
|
unknown
|
|
|
|
https://ttucorp.com/wp-includes/js/underscore.min.js?ver=1.8.3
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=5.7
|
192.124.249.68
|
|
|
|
https://www.google.com/recaptcha/api.js?render=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&ver=3.0
|
172.217.168.68
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://ttucorp.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
|
192.124.249.68
|
|
|
|
http://api.jqueryui.com/category/ui-core/
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
|
192.124.249.68
|
|
|
|
https://spoprod-a.akamaihd.net/files/fabric/assets/icons/fabricmdl2icons.woff
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/ion-icons/fonts/ionicons.ttf?v=2.0.0
|
192.124.249.68
|
|
|
|
https://pki.goog/repository/0
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3V
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7)
|
unknown
|
|
|
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0cHM6Ly93d3cudHR1Y29ycC5jb206NDQz&hl=en&v=kcXVPRWG7fMILHmzon0--fD3&size=invisible&cb=lh2pb45igvi
|
|
||
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.8
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/woocommerce.min.css
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
|
192.124.249.68
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://www.onenote.com/
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/owl.carousel.min.js
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce-gateway-authorize-net-aim/lib/skyverge/woocommerce/payment-gateway/assets/css/frontend/sv-wc-payment-gateway-payment-form.min.css?ver=4.7.1
|
192.124.249.68
|
|
|
|
http://www.opensource.org/licenses/mit-license.php)
|
unknown
|
|
|
|
https://apis.google.com/
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.13
|
192.124.249.68
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce-gateway-authorize-net-aim/lib/skyverge/woocommerc
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3c
|
unknown
|
|
|
|
http://malsup.com/jquery/block/
|
unknown
|
|
|
|
https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503060452/INT2969_WEBSITEIMAGES_23-630x3751.jpg
|
18.66.188.202
|
|
|
|
https://ttucorp.com/wp-includes/css/dist/block-library/style.min.css
|
192.124.249.68
|
|
|
|
http://www.ianlunn.co.uk/plugins/jquery-parallax/
|
unknown
|
|
|
|
https://apis.google.com/js/platform.js1
|
unknown
|
|
|
|
https://github.com/js-cookie/js-cookie
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/tonda-core/shortcodes/countdown/assets/js/plugins/jquery.coun
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.7.0
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
|
192.124.249.68
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/js/modules/plugins/packery-mode.pkgd.min.js
|
192.124.249.68
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/themes/tonda/assets/css/font-awesome/fonts/fontawesome-webfont.woff2?
|
unknown
|
|
|
|
https://ttucorp.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.j
|
unknown
|
|
|
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
|
|
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0
|
unknown
|
|
|
|
https://www.google.com/recaptcha/api.js?render=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&ver=3.0U
|
unknown
|
|
|
|
https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg
|
152.199.23.37
|
|
|
|
https://d3v4i80726wzko.cloudfront.net/wp-content/uploads/20190503082942/INT2969_WEBSITEIMAGES_19-1890x1100.jpg
|
18.66.188.202
|
|
|
|
https://github.com/bas2k/jquery.appear/
|
unknown
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.3
|
|
|
|
cs1100.wpc.omegacdn.net
|
152.199.23.37
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
plus.l.google.com
|
172.217.168.78
|
|
|
|
d3v4i80726wzko.cloudfront.net
|
18.66.188.202
|
|
|
|
stats.l.doubleclick.net
|
142.250.145.154
|
|
|
|
i-am3p-cor002.api.p001.1drv.com
|
40.90.142.226
|
|
|
|
www.ttucorp.com
|
192.124.249.68
|
|
|
|
ttucorp.com
|
192.124.249.68
|
|
|
|
scontent.xx.fbcdn.net
|
157.240.17.15
|
|
|
|
i-am3p-cor003.api.p001.1drv.com
|
40.90.142.224
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
www.google.com
|
172.217.168.68
|
|
|
|
ssl-google-analytics.l.google.com
|
172.217.168.40
|
|
|
|
rollingproductions.co
|
192.95.39.145
|
|
|
|
clients.l.google.com
|
142.250.185.142
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
s.w.org
|
192.0.77.48
|
|
|
|
messaging.office.com
|
unknown
|
|
|
|
c.live.com
|
unknown
|
|
|
|
ajax.aspnetcdn.com
|
unknown
|
|
|
|
stats.g.doubleclick.net
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
onedrive.live.com
|
unknown
|
|
|
|
p.sfx.ms
|
unknown
|
|
|
|
amcdn.msftauth.net
|
unknown
|
|
|
|
www.onenote.com
|
unknown
|
|
|
|
onenoteonlinesync.onenote.com
|
unknown
|
|
|
|
aadcdn.msftauth.net
|
unknown
|
|
|
|
storage.live.com
|
unknown
|
|
|
|
connect.facebook.net
|
unknown
|
|
|
|
skyapi.onedrive.live.com
|
unknown
|
|
|
|
spoprod-a.akamaihd.net
|
unknown
|
|
|
|
apis.google.com
|
unknown
|
|
There are 26 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
18.66.188.202
|
d3v4i80726wzko.cloudfront.net
|
United States
|
|
|
|
172.217.168.40
|
ssl-google-analytics.l.google.com
|
United States
|
|
|
|
172.217.168.68
|
www.google.com
|
United States
|
|
|
|
157.240.17.15
|
scontent.xx.fbcdn.net
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
172.217.168.3
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
142.250.185.142
|
clients.l.google.com
|
United States
|
|
|
|
40.90.142.224
|
i-am3p-cor003.api.p001.1drv.com
|
United States
|
|
|
|
40.90.142.226
|
i-am3p-cor002.api.p001.1drv.com
|
United States
|
|
|
|
192.95.39.145
|
rollingproductions.co
|
Canada
|
|
|
|
192.124.249.68
|
www.ttucorp.com
|
United States
|
|
|
|
172.217.168.78
|
plus.l.google.com
|
United States
|
|
|
|
142.250.145.154
|
stats.l.doubleclick.net
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
152.199.23.37
|
cs1100.wpc.omegacdn.net
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
There are 9 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A11B1A0000
|
unkown
|
page read and write
|
|
|
|
A4ED47E000
|
stack
|
page read and write
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
7FF521FCE000
|
unkown image
|
page readonly
|
|
|
|
1DE3A2D0000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE9B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8D8C000
|
unkown image
|
page readonly
|
|
|
|
1A11B161000
|
unkown
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
25128800000
|
unkown
|
page read and write
|
|
|
|
7FF5C8DD7000
|
unkown image
|
page readonly
|
|
|
|
7FF5220B4000
|
unkown image
|
page readonly
|
|
|
|
7FF522038000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8D8A000
|
unkown image
|
page readonly
|
|
|
|
16472030000
|
unkown
|
page read and write
|
|
|
|
7FF51E35A000
|
unkown image
|
page readonly
|
|
|
|
16471ED7000
|
unkown
|
page read and write
|
|
|
|
7DF5F7150000
|
unkown image
|
page readonly
|
|
|
|
66465FF000
|
stack
|
page read and write
|
|
|
|
7FF51DF26000
|
unkown image
|
page readonly
|
|
|
|
7FF5220C1000
|
unkown image
|
page readonly
|
|
|
|
1A11A8E1000
|
unkown
|
page read and write
|
|
|
|
7DF555012000
|
unkown image
|
page readonly
|
|
|
|
664607B000
|
unkown
|
page read and write
|
|
|
|
7FF5C8E92000
|
unkown image
|
page readonly
|
|
|
|
1DE39D30000
|
heap default
|
page read and write
|
|
|
|
7FF521EB1000
|
unkown image
|
page readonly
|
|
|
|
7FF51DED2000
|
unkown image
|
page readonly
|
|
|
|
1E650A8D000
|
unkown
|
page read and write
|
|
|
|
7DF5F7160000
|
unkown image
|
page readonly
|
|
|
|
16471ED8000
|
unkown
|
page read and write
|
|
|
|
1E651202000
|
unkown
|
page read and write
|
|
|
|
7FF51E194000
|
unkown image
|
page readonly
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
1A11A848000
|
unkown
|
page read and write
|
|
|
|
7DF5F7150000
|
unkown image
|
page readonly
|
|
|
|
7DF537142000
|
unkown image
|
page readonly
|
|
|
|
216C0640000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8E1D000
|
unkown image
|
page readonly
|
|
|
|
6BD287B000
|
stack
|
page read and write
|
|
|
|
7DF537152000
|
unkown image
|
page readonly
|
|
|
|
1E650A53000
|
unkown
|
page read and write
|
|
|
|
7FF53FCE1000
|
unkown image
|
page readonly
|
|
|
|
216C0660000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8A1E000
|
unkown image
|
page readonly
|
|
|
|
1E650A00000
|
unkown
|
page read and write
|
|
|
|
7DF555020000
|
unkown image
|
page readonly
|
|
|
|
1DE39D10000
|
unkown image
|
page readonly
|
|
|
|
7FF51E203000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8247000
|
unkown image
|
page readonly
|
|
|
|
1A11A8F4000
|
unkown
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
7FF5C8E91000
|
unkown image
|
page readonly
|
|
|
|
1647228D000
|
unkown
|
page read and write
|
|
|
|
7DF4F5010000
|
unkown image
|
page readonly
|
|
|
|
868EFC000
|
stack
|
page read and write
|
|
|
|
1A11A83C000
|
unkown
|
page read and write
|
|
|
|
7FF521FDB000
|
unkown image
|
page readonly
|
|
|
|
7DF5334D0000
|
unkown image
|
page readonly
|
|
|
|
66463FF000
|
stack
|
page read and write
|
|
|
|
16472030000
|
unkown
|
page read and write
|
|
|
|
7FF51E25B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8C9E000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEA7000
|
unkown image
|
page readonly
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
1647227E000
|
unkown
|
page read and write
|
|
|
|
7FF51E1B1000
|
unkown image
|
page readonly
|
|
|
|
DA46FE000
|
stack
|
page read and write
|
|
|
|
1DE39D40000
|
unkown image
|
page readonly
|
|
|
|
7FF51E444000
|
unkown image
|
page readonly
|
|
|
|
DA447B000
|
stack
|
page read and write
|
|
|
|
7FF53FEDA000
|
unkown image
|
page readonly
|
|
|
|
16471F14000
|
unkown
|
page read and write
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
7FF5C8E0E000
|
unkown image
|
page readonly
|
|
|
|
7FF5E204D000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7152000
|
unkown image
|
page readonly
|
|
|
|
216C0826000
|
heap default
|
page read and write
|
|
|
|
1A11B63C000
|
unkown
|
page read and write
|
|
|
|
7FF51E2B3000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8DB7000
|
unkown image
|
page readonly
|
|
|
|
1A11A8AF000
|
unkown
|
page read and write
|
|
|
|
7FF5C8E84000
|
unkown image
|
page readonly
|
|
|
|
1DE39F00000
|
unkown
|
page read and write
|
|
|
|
7FF51E2C4000
|
unkown image
|
page readonly
|
|
|
|
1646D318000
|
unkown
|
page read and write
|
|
|
|
216C084F000
|
unkown
|
page read and write
|
|
|
|
1E650860000
|
unkown image
|
page read and write
|
|
|
|
7FF53FEE4000
|
unkown image
|
page readonly
|
|
|
|
1A11A908000
|
unkown
|
page read and write
|
|
|
|
7FF5217FB000
|
unkown image
|
page readonly
|
|
|
|
7FF51DE3E000
|
unkown image
|
page readonly
|
|
|
|
7FF522014000
|
unkown image
|
page readonly
|
|
|
|
1A11B19C000
|
unkown
|
page read and write
|
|
|
|
7FF51E1A1000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7142000
|
unkown image
|
page readonly
|
|
|
|
1A11A7F0000
|
unkown
|
page read and write
|
|
|
|
7DF555010000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8DEA000
|
unkown image
|
page readonly
|
|
|
|
1E650A4C000
|
unkown
|
page read and write
|
|
|
|
25128650000
|
unkown image
|
page readonly
|
|
|
|
7FF5E20BA000
|
unkown image
|
page readonly
|
|
|
|
664617E000
|
stack
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
1646D318000
|
unkown
|
page read and write
|
|
|
|
7FF51E451000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE90000
|
unkown image
|
page readonly
|
|
|
|
1A11A800000
|
unkown
|
page read and write
|
|
|
|
16472020000
|
unkown
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
7DF5334D2000
|
unkown image
|
page readonly
|
|
|
|
1A11B620000
|
unkown
|
page read and write
|
|
|
|
7FF5C8DE4000
|
unkown image
|
page readonly
|
|
|
|
1A11B172000
|
unkown
|
page read and write
|
|
|
|
7FF5C8B17000
|
unkown image
|
page readonly
|
|
|
|
7FF51E397000
|
unkown image
|
page readonly
|
|
|
|
1E650880000
|
unkown image
|
page readonly
|
|
|
|
6BD2A7E000
|
stack
|
page read and write
|
|
|
|
7FF51E302000
|
unkown image
|
page readonly
|
|
|
|
1646D359000
|
unkown
|
page read and write
|
|
|
|
25128902000
|
unkown
|
page read and write
|
|
|
|
1A11B14A000
|
unkown
|
page read and write
|
|
|
|
1A11AF20000
|
unkown image
|
page read and write
|
|
|
|
1DE39E50000
|
unkown
|
page read and write
|
|
|
|
16472291000
|
unkown
|
page read and write
|
|
|
|
7FF53FE8E000
|
unkown image
|
page readonly
|
|
|
|
7FF54C542000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1FFC000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEF8000
|
unkown image
|
page readonly
|
|
|
|
7FF521FBA000
|
unkown image
|
page readonly
|
|
|
|
7FF53FF81000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8CF3000
|
unkown image
|
page readonly
|
|
|
|
1A11A813000
|
unkown
|
page read and write
|
|
|
|
7DF435010000
|
unkown image
|
page readonly
|
|
|
|
7FF521FD5000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8DA5000
|
unkown image
|
page readonly
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
1A11B600000
|
unkown
|
page read and write
|
|
|
|
1DE39CE0000
|
unkown image
|
page readonly
|
|
|
|
1A11B175000
|
unkown
|
page read and write
|
|
|
|
16471ED0000
|
unkown
|
page read and write
|
|
|
|
1E650A7D000
|
unkown
|
page read and write
|
|
|
|
16472286000
|
unkown
|
page read and write
|
|
|
|
7FF521FFC000
|
unkown image
|
page readonly
|
|
|
|
16472286000
|
unkown
|
page read and write
|
|
|
|
7FF51DB85000
|
unkown image
|
page readonly
|
|
|
|
16472291000
|
unkown
|
page read and write
|
|
|
|
1E650F80000
|
unkown image
|
page readonly
|
|
|
|
7FF5E2024000
|
unkown image
|
page readonly
|
|
|
|
7DF555002000
|
unkown image
|
page readonly
|
|
|
|
1A11A829000
|
unkown
|
page read and write
|
|
|
|
1E6508D0000
|
heap default
|
page read and write
|
|
|
|
868DFF000
|
stack
|
page read and write
|
|
|
|
1A11A851000
|
unkown
|
page read and write
|
|
|
|
1A11AA00000
|
unkown image
|
page readonly
|
|
|
|
1A11A856000
|
unkown
|
page read and write
|
|
|
|
7FF51E221000
|
unkown image
|
page readonly
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
16472289000
|
unkown
|
page read and write
|
|
|
|
7FF53FD71000
|
unkown image
|
page readonly
|
|
|
|
A4ED27F000
|
stack
|
page read and write
|
|
|
|
7FF51E300000
|
unkown image
|
page readonly
|
|
|
|
1E650A78000
|
unkown
|
page read and write
|
|
|
|
1A11B16B000
|
unkown
|
page read and write
|
|
|
|
25128900000
|
unkown
|
page read and write
|
|
|
|
1A11A916000
|
unkown
|
page read and write
|
|
|
|
7FF521ECB000
|
unkown image
|
page readonly
|
|
|
|
25128760000
|
unkown image
|
page readonly
|
|
|
|
7FF53FDFC000
|
unkown image
|
page readonly
|
|
|
|
25128802000
|
unkown
|
page read and write
|
|
|
|
7FF51E3C8000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8E19000
|
unkown image
|
page readonly
|
|
|
|
7DF5334F0000
|
unkown image
|
page readonly
|
|
|
|
7FF521F23000
|
unkown image
|
page readonly
|
|
|
|
2512883C000
|
unkown
|
page read and write
|
|
|
|
6BD233B000
|
unkown
|
page read and write
|
|
|
|
7DF5334F0000
|
unkown image
|
page readonly
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
1A11A6D0000
|
unkown image
|
page readonly
|
|
|
|
1A11B17D000
|
unkown
|
page read and write
|
|
|
|
1A11A84E000
|
unkown
|
page read and write
|
|
|
|
7FF522049000
|
unkown image
|
page readonly
|
|
|
|
7FF51E126000
|
unkown image
|
page readonly
|
|
|
|
66464F7000
|
stack
|
page read and write
|
|
|
|
16471F10000
|
unkown
|
page read and write
|
|
|
|
216C0620000
|
unkown image
|
page read and write
|
|
|
|
7FF53FD51000
|
unkown image
|
page readonly
|
|
|
|
A4ED379000
|
stack
|
page read and write
|
|
|
|
216C0AC0000
|
heap private
|
page read and write
|
|
|
|
7FF521BA5000
|
unkown image
|
page readonly
|
|
|
|
DA3F9E000
|
stack
|
page read and write
|
|
|
|
7FF522007000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8C61000
|
unkown image
|
page readonly
|
|
|
|
7FF5E20B4000
|
unkown image
|
page readonly
|
|
|
|
7FF51E32B000
|
unkown image
|
page readonly
|
|
|
|
25128913000
|
unkown
|
page read and write
|
|
|
|
216C07C0000
|
unkown image
|
page read and write
|
|
|
|
7FF51DB8B000
|
unkown image
|
page readonly
|
|
|
|
216C0AC5000
|
heap private
|
page read and write
|
|
|
|
1646D318000
|
unkown
|
page read and write
|
|
|
|
1DE39E29000
|
unkown
|
page read and write
|
|
|
|
7DF5615D2000
|
unkown image
|
page readonly
|
|
|
|
1DE39F02000
|
unkown
|
page read and write
|
|
|
|
7DF5DDF20000
|
unkown image
|
page readonly
|
|
|
|
16472289000
|
unkown
|
page read and write
|
|
|
|
1E650880000
|
unkown image
|
page readonly
|
|
|
|
7FF51E365000
|
unkown image
|
page readonly
|
|
|
|
66466FF000
|
stack
|
page read and write
|
|
|
|
7DF537150000
|
unkown image
|
page readonly
|
|
|
|
216C0750000
|
unkown
|
page read and write
|
|
|
|
7FF51E35E000
|
unkown image
|
page readonly
|
|
|
|
16472030000
|
unkown
|
page read and write
|
|
|
|
7FF5C8C9B000
|
unkown image
|
page readonly
|
|
|
|
1A11A6A0000
|
unkown image
|
page readonly
|
|
|
|
7DF555000000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8CED000
|
unkown image
|
page readonly
|
|
|
|
1A11B1B2000
|
unkown
|
page read and write
|
|
|
|
868FFA000
|
stack
|
page read and write
|
|
|
|
16472286000
|
unkown
|
page read and write
|
|
|
|
7FF53FEBF000
|
unkown image
|
page readonly
|
|
|
|
7DF5334D0000
|
unkown image
|
page readonly
|
|
|
|
1A11B161000
|
unkown
|
page read and write
|
|
|
|
7FF51E2CC000
|
unkown image
|
page readonly
|
|
|
|
A4ED2FF000
|
stack
|
page read and write
|
|
|
|
7DF537142000
|
unkown image
|
page readonly
|
|
|
|
1E650A13000
|
unkown
|
page read and write
|
|
|
|
1A11B1BC000
|
unkown
|
page read and write
|
|
|
|
1A11B19C000
|
unkown
|
page read and write
|
|
|
|
1A11A690000
|
heap private
|
page read and write
|
|
|
|
7DF5334D2000
|
unkown image
|
page readonly
|
|
|
|
1A11A84D000
|
unkown
|
page read and write
|
|
|
|
216C083E000
|
unkown
|
page read and write
|
|
|
|
7FF51DCB7000
|
unkown image
|
page readonly
|
|
|
|
7DF555000000
|
unkown image
|
page readonly
|
|
|
|
216C0836000
|
unkown
|
page read and write
|
|
|
|
7FF53FF09000
|
unkown image
|
page readonly
|
|
|
|
216C083E000
|
unkown
|
page read and write
|
|
|
|
216C0821000
|
unkown
|
page read and write
|
|
|
|
1E6508A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7160000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE8A000
|
unkown image
|
page readonly
|
|
|
|
7FF521E21000
|
unkown image
|
page readonly
|
|
|
|
7FF53FD8E000
|
unkown image
|
page readonly
|
|
|
|
16471EF1000
|
unkown
|
page read and write
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
7FF5E201A000
|
unkown image
|
page readonly
|
|
|
|
7DF5DDF12000
|
unkown image
|
page readonly
|
|
|
|
7DF5DDF20000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1FD0000
|
unkown image
|
page readonly
|
|
|
|
1E650A55000
|
unkown
|
page read and write
|
|
|
|
1A11B16E000
|
unkown
|
page read and write
|
|
|
|
7DF5DDF10000
|
unkown image
|
page readonly
|
|
|
|
1647228D000
|
unkown
|
page read and write
|
|
|
|
7FF51E196000
|
unkown image
|
page readonly
|
|
|
|
7FF51E44A000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7142000
|
unkown image
|
page readonly
|
|
|
|
7FF5E203E000
|
unkown image
|
page readonly
|
|
|
|
7FF52201A000
|
unkown image
|
page readonly
|
|
|
|
7FF51E20A000
|
unkown image
|
page readonly
|
|
|
|
7FF521D84000
|
unkown image
|
page readonly
|
|
|
|
16471EDE000
|
unkown
|
page read and write
|
|
|
|
7FF5C8C43000
|
unkown image
|
page readonly
|
|
|
|
7FF51DEC2000
|
unkown image
|
page readonly
|
|
|
|
869178000
|
stack
|
page read and write
|
|
|
|
1A11B1BF000
|
unkown
|
page read and write
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
7DF5DDF22000
|
unkown image
|
page readonly
|
|
|
|
16472289000
|
unkown
|
page read and write
|
|
|
|
664637B000
|
stack
|
page read and write
|
|
|
|
1E6509D0000
|
unkown
|
page read and write
|
|
|
|
216C0640000
|
unkown image
|
page readonly
|
|
|
|
16471F00000
|
unkown
|
page read and write
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
7FF51E34A000
|
unkown image
|
page readonly
|
|
|
|
7FF5E202E000
|
unkown image
|
page readonly
|
|
|
|
216C0850000
|
unkown
|
page read and write
|
|
|
|
7FF5C8966000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8E16000
|
unkown image
|
page readonly
|
|
|
|
1DE39CC0000
|
unkown image
|
page read and write
|
|
|
|
1E650B02000
|
unkown
|
page read and write
|
|
|
|
7FF521F3C000
|
unkown image
|
page readonly
|
|
|
|
1E650C00000
|
unkown image
|
page readonly
|
|
|
|
25128630000
|
unkown image
|
page readonly
|
|
|
|
7FF53F6B5000
|
unkown image
|
page readonly
|
|
|
|
7FF51E452000
|
unkown image
|
page readonly
|
|
|
|
1A11B16F000
|
unkown
|
page read and write
|
|
|
|
7FF5C8960000
|
unkown image
|
page readonly
|
|
|
|
1A11A6A0000
|
unkown image
|
page readonly
|
|
|
|
7FF521FCA000
|
unkown image
|
page readonly
|
|
|
|
DA48FE000
|
stack
|
page read and write
|
|
|
|
1646C820000
|
unkown image
|
page readonly
|
|
|
|
7FF51E160000
|
unkown image
|
page readonly
|
|
|
|
1E650A88000
|
unkown
|
page read and write
|
|
|
|
1A11A680000
|
unkown image
|
page read and write
|
|
|
|
216C0810000
|
heap default
|
page read and write
|
|
|
|
7DF5DDF12000
|
unkown image
|
page readonly
|
|
|
|
25128610000
|
unkown image
|
page read and write
|
|
|
|
1E6509B0000
|
unkown image
|
page readonly
|
|
|
|
1E650B13000
|
unkown
|
page read and write
|
|
|
|
7FF51E3A4000
|
unkown image
|
page readonly
|
|
|
|
2512882A000
|
unkown
|
page read and write
|
|
|
|
1DE39E13000
|
unkown
|
page read and write
|
|
|
|
1DE39F13000
|
unkown
|
page read and write
|
|
|
|
1A11B1BD000
|
unkown
|
page read and write
|
|
|
|
1A11B177000
|
unkown
|
page read and write
|
|
|
|
1A11AF10000
|
unkown
|
page read and write
|
|
|
|
25128620000
|
heap private
|
page read and write
|
|
|
|
7FF51E313000
|
unkown image
|
page readonly
|
|
|
|
25128680000
|
heap default
|
page read and write
|
|
|
|
7FF5C8D0C000
|
unkown image
|
page readonly
|
|
|
|
7FF521FE7000
|
unkown image
|
page readonly
|
|
|
|
7FF51E114000
|
unkown image
|
page readonly
|
|
|
|
16471EF4000
|
unkown
|
page read and write
|
|
|
|
1A11A6F0000
|
heap default
|
page read and write
|
|
|
|
1A11B1CE000
|
unkown
|
page read and write
|
|
|
|
1A11B69D000
|
unkown
|
page read and write
|
|
|
|
1E650B08000
|
unkown
|
page read and write
|
|
|
|
7FF51E334000
|
unkown image
|
page readonly
|
|
|
|
1A11AF10000
|
unkown
|
page read and write
|
|
|
|
7FF521E73000
|
unkown image
|
page readonly
|
|
|
|
1646D359000
|
unkown
|
page read and write
|
|
|
|
7FF5C8E08000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7152000
|
unkown image
|
page readonly
|
|
|
|
1A11B16D000
|
unkown
|
page read and write
|
|
|
|
1DE39E7F000
|
unkown
|
page read and write
|
|
|
|
7DF555002000
|
unkown image
|
page readonly
|
|
|
|
1A11B1A0000
|
unkown
|
page read and write
|
|
|
|
7DF452ED0000
|
unkown image
|
page readonly
|
|
|
|
1E6508B0000
|
unkown image
|
page readonly
|
|
|
|
1E650A4E000
|
unkown
|
page read and write
|
|
|
|
1A11A8BE000
|
unkown
|
page read and write
|
|
|
|
7FF5C8DFF000
|
unkown image
|
page readonly
|
|
|
|
7FF522024000
|
unkown image
|
page readonly
|
|
|
|
6BD2B7F000
|
stack
|
page read and write
|
|
|
|
7FF53FC0F000
|
unkown image
|
page readonly
|
|
|
|
DA44FF000
|
stack
|
page read and write
|
|
|
|
7FF51E38C000
|
unkown image
|
page readonly
|
|
|
|
6BD2977000
|
stack
|
page read and write
|
|
|
|
7FF521B90000
|
unkown image
|
page readonly
|
|
|
|
1DE39D00000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7140000
|
unkown image
|
page readonly
|
|
|
|
7DF5DDF30000
|
unkown image
|
page readonly
|
|
|
|
1A11B19C000
|
unkown
|
page read and write
|
|
|
|
7FF5E1FD5000
|
unkown image
|
page readonly
|
|
|
|
1DE39E53000
|
unkown
|
page read and write
|
|
|
|
7DF5334E2000
|
unkown image
|
page readonly
|
|
|
|
1A11A84B000
|
unkown
|
page read and write
|
|
|
|
1A11B1BF000
|
unkown
|
page read and write
|
|
|
|
1A11B1B9000
|
unkown
|
page read and write
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
7FF51E360000
|
unkown image
|
page readonly
|
|
|
|
7FF51DF20000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1923000
|
unkown image
|
page readonly
|
|
|
|
1A11A84C000
|
unkown
|
page read and write
|
|
|
|
7FF51DF77000
|
unkown image
|
page readonly
|
|
|
|
7DF5615D0000
|
unkown image
|
page readonly
|
|
|
|
1A11B16D000
|
unkown
|
page read and write
|
|
|
|
7FF5C8D9E000
|
unkown image
|
page readonly
|
|
|
|
7FF51DECE000
|
unkown image
|
page readonly
|
|
|
|
25128845000
|
unkown
|
page read and write
|
|
|
|
25128630000
|
unkown image
|
page readonly
|
|
|
|
1DE39E4E000
|
unkown
|
page read and write
|
|
|
|
7FF53FD33000
|
unkown image
|
page readonly
|
|
|
|
1DE39E00000
|
unkown
|
page read and write
|
|
|
|
1A11B15E000
|
unkown
|
page read and write
|
|
|
|
7FF51DC62000
|
unkown image
|
page readonly
|
|
|
|
216C0910000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEEF000
|
unkown image
|
page readonly
|
|
|
|
1A11B1B7000
|
unkown
|
page read and write
|
|
|
|
7FF53FDDD000
|
unkown image
|
page readonly
|
|
|
|
7DF4313A0000
|
unkown image
|
page readonly
|
|
|
|
7FF522046000
|
unkown image
|
page readonly
|
|
|
|
1E650A56000
|
unkown
|
page read and write
|
|
|
|
7DF5334E0000
|
unkown image
|
page readonly
|
|
|
|
1A11A847000
|
unkown
|
page read and write
|
|
|
|
7DF5334E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E20C2000
|
unkown image
|
page readonly
|
|
|
|
25128A00000
|
unkown image
|
page readonly
|
|
|
|
869278000
|
stack
|
page read and write
|
|
|
|
7FF5C8E8A000
|
unkown image
|
page readonly
|
|
|
|
7FF51E3CE000
|
unkown image
|
page readonly
|
|
|
|
1647228D000
|
unkown
|
page read and write
|
|
|
|
1DE39E89000
|
unkown
|
page read and write
|
|
|
|
7FF51E3BF000
|
unkown image
|
page readonly
|
|
|
|
7FF51DF75000
|
unkown image
|
page readonly
|
|
|
|
16471ED5000
|
unkown
|
page read and write
|
|
|
|
1A11B118000
|
unkown
|
page read and write
|
|
|
|
A4ED4FE000
|
stack
|
page read and write
|
|
|
|
7DF537160000
|
unkown image
|
page readonly
|
|
|
|
1646D359000
|
unkown
|
page read and write
|
|
|
|
1A11B700000
|
unkown
|
page read and write
|
|
|
|
7FF5C8D04000
|
unkown image
|
page readonly
|
|
|
|
7DF537150000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8DAB000
|
unkown image
|
page readonly
|
|
|
|
25128660000
|
unkown image
|
page readonly
|
|
|
|
A4ED3FA000
|
stack
|
page read and write
|
|
|
|
7FF53FF7A000
|
unkown image
|
page readonly
|
|
|
|
1A11A913000
|
unkown
|
page read and write
|
|
|
|
7FF51DCB3000
|
unkown image
|
page readonly
|
|
|
|
7FF521ECE000
|
unkown image
|
page readonly
|
|
|
|
7FF51E38F000
|
unkown image
|
page readonly
|
|
|
|
1DE39F08000
|
unkown
|
page read and write
|
|
|
|
1A11A8C5000
|
unkown
|
page read and write
|
|
|
|
7FF5E2014000
|
unkown image
|
page readonly
|
|
|
|
7FF521E91000
|
unkown image
|
page readonly
|
|
|
|
1E650870000
|
heap private
|
page read and write
|
|
|
|
1A11A849000
|
unkown
|
page read and write
|
|
|
|
1A11A902000
|
unkown
|
page read and write
|
|
|
|
7FF51DF35000
|
unkown image
|
page readonly
|
|
|
|
7FF51E241000
|
unkown image
|
page readonly
|
|
|
|
7FF53FDF4000
|
unkown image
|
page readonly
|
|
|
|
1A11A8D8000
|
unkown
|
page read and write
|
|
|
|
7FF51E3B4000
|
unkown image
|
page readonly
|
|
|
|
1A11AE80000
|
unkown image
|
page readonly
|
|
|
|
A4ECFFA000
|
unkown
|
page read and write
|
|
|
|
7DF5DDF10000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEBC000
|
unkown image
|
page readonly
|
|
|
|
1A11B16E000
|
unkown
|
page read and write
|
|
|
|
1A11B165000
|
unkown
|
page read and write
|
|
|
|
1A11A888000
|
unkown
|
page read and write
|
|
|
|
7FF53FA65000
|
unkown image
|
page readonly
|
|
|
|
86937F000
|
stack
|
page read and write
|
|
|
|
7FF51E33F000
|
unkown image
|
page readonly
|
|
|
|
7FF5217F5000
|
unkown image
|
page readonly
|
|
|
|
1A11A8A5000
|
unkown
|
page read and write
|
|
|
|
7DF5615C2000
|
unkown image
|
page readonly
|
|
|
|
1E650A7F000
|
unkown
|
page read and write
|
|
|
|
1E650A6F000
|
unkown
|
page read and write
|
|
|
|
7FF521D47000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEC7000
|
unkown image
|
page readonly
|
|
|
|
868BF8000
|
stack
|
page read and write
|
|
|
|
1A11B66A000
|
unkown
|
page read and write
|
|
|
|
7DF555010000
|
unkown image
|
page readonly
|
|
|
|
1DE39E91000
|
unkown
|
page read and write
|
|
|
|
1E650A3C000
|
unkown
|
page read and write
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
25128908000
|
unkown
|
page read and write
|
|
|
|
7DF5334E2000
|
unkown image
|
page readonly
|
|
|
|
1A11A6C0000
|
unkown image
|
page readonly
|
|
|
|
7DF4DBDE0000
|
unkown image
|
page readonly
|
|
|
|
16471FA0000
|
unkown
|
page read and write
|
|
|
|
1A11B69D000
|
unkown
|
page read and write
|
|
|
|
1DE39E71000
|
unkown
|
page read and write
|
|
|
|
1A11B1CE000
|
unkown
|
page read and write
|
|
|
|
16472289000
|
unkown
|
page read and write
|
|
|
|
1A11B63C000
|
unkown
|
page read and write
|
|
|
|
16471EDA000
|
unkown
|
page read and write
|
|
|
|
66460FE000
|
stack
|
page read and write
|
|
|
|
1A11A86A000
|
unkown
|
page read and write
|
|
|
|
1A11B002000
|
unkown
|
page read and write
|
|
|
|
7FF5220C2000
|
unkown image
|
page readonly
|
|
|
|
1DE39E4D000
|
unkown
|
page read and write
|
|
|
|
7DF537140000
|
unkown image
|
page readonly
|
|
|
|
7DF5DDF22000
|
unkown image
|
page readonly
|
|
|
|
7DF537152000
|
unkown image
|
page readonly
|
|
|
|
1A11B18E000
|
unkown
|
page read and write
|
|
|
|
7FF5C8DA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5E2049000
|
unkown image
|
page readonly
|
|
|
|
7FF53FDE3000
|
unkown image
|
page readonly
|
|
|
|
1A11B165000
|
unkown
|
page read and write
|
|
|
|
1DE39CE0000
|
unkown image
|
page readonly
|
|
|
|
216C07A0000
|
unkown image
|
page readonly
|
|
|
|
1A11B1A7000
|
unkown
|
page read and write
|
|
|
|
1646D318000
|
unkown
|
page read and write
|
|
|
|
7FF53FC07000
|
unkown image
|
page readonly
|
|
|
|
1A11A8EB000
|
unkown
|
page read and write
|
|
|
|
86897E000
|
stack
|
page read and write
|
|
|
|
1E650A49000
|
unkown
|
page read and write
|
|
|
|
DA45F7000
|
stack
|
page read and write
|
|
|
|
7FF51E263000
|
unkown image
|
page readonly
|
|
|
|
1A11B113000
|
unkown
|
page read and write
|
|
|
|
1A11B1A8000
|
unkown
|
page read and write
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
1DE3A0D0000
|
unkown image
|
page readonly
|
|
|
|
7FF51E3AA000
|
unkown image
|
page readonly
|
|
|
|
1A11B702000
|
unkown
|
page read and write
|
|
|
|
7FF53FF82000
|
unkown image
|
page readonly
|
|
|
|
7FF51E268000
|
unkown image
|
page readonly
|
|
|
|
7FF53FF74000
|
unkown image
|
page readonly
|
|
|
|
25128883000
|
unkown
|
page read and write
|
|
|
|
216C0770000
|
unkown
|
page read and write
|
|
|
|
1DE39E4C000
|
unkown
|
page read and write
|
|
|
|
7FF51E377000
|
unkown image
|
page readonly
|
|
|
|
1A11B19E000
|
unkown
|
page read and write
|
|
|
|
7FF51E0D7000
|
unkown image
|
page readonly
|
|
|
|
1A11B198000
|
unkown
|
page read and write
|
|
|
|
7FF51E34C000
|
unkown image
|
page readonly
|
|
|
|
86887C000
|
unkown
|
page read and write
|
|
|
|
DA47FD000
|
stack
|
page read and write
|
|
|
|
25128D80000
|
unkown image
|
page readonly
|
|
|
|
2512886C000
|
unkown
|
page read and write
|
|
|
|
7FF53FA56000
|
unkown image
|
page readonly
|
|
|
|
7FF53FEFE000
|
unkown image
|
page readonly
|
|
|
|
7FF51E2AD000
|
unkown image
|
page readonly
|
|
|
|
1E650E00000
|
unkown image
|
page readonly
|
|
|
|
1A11B19E000
|
unkown
|
page read and write
|
|
|
|
25128780000
|
unkown
|
page read and write
|
|
|
|
7FF5C8D9A000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1927000
|
unkown image
|
page readonly
|
|
|
|
1E650A4B000
|
unkown
|
page read and write
|
|
|
|
7FF53F6BB000
|
unkown image
|
page readonly
|
|
|
|
7FF5220BA000
|
unkown image
|
page readonly
|
|
|
|
1A11AF10000
|
unkown
|
page read and write
|
|
|
|
1DE3A602000
|
unkown
|
page read and write
|
|
|
|
7FF521F34000
|
unkown image
|
page readonly
|
|
|
|
7FF51E3D6000
|
unkown image
|
page readonly
|
|
|
|
8688FE000
|
stack
|
page read and write
|
|
|
|
16472289000
|
unkown
|
page read and write
|
|
|
|
1DE39E51000
|
unkown
|
page read and write
|
|
|
|
1A11B196000
|
unkown
|
page read and write
|
|
|
|
7FF5C8DF4000
|
unkown image
|
page readonly
|
|
|
|
1E650A92000
|
unkown
|
page read and write
|
|
|
|
25128C00000
|
unkown image
|
page readonly
|
|
|
|
1647228D000
|
unkown
|
page read and write
|
|
|
|
1DE39E6C000
|
unkown
|
page read and write
|
|
|
|
7FF51E11B000
|
unkown image
|
page readonly
|
|
|
|
2512888D000
|
unkown
|
page read and write
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
7FF51E36B000
|
unkown image
|
page readonly
|
|
|
|
16471ED1000
|
unkown
|
page read and write
|
|
|
|
7FF521B96000
|
unkown image
|
page readonly
|
|
|
|
25128855000
|
unkown
|
page read and write
|
|
|
|
1DE39D60000
|
unkown
|
page read and write
|
|
|
|
16471ED6000
|
unkown
|
page read and write
|
|
|
|
DA427E000
|
stack
|
page read and write
|
|
|
|
7FF51E25E000
|
unkown image
|
page readonly
|
|
|
|
25129002000
|
unkown
|
page read and write
|
|
|
|
1A11B620000
|
unkown
|
page read and write
|
|
|
|
7FF53FD8B000
|
unkown image
|
page readonly
|
|
|
|
7FF53FF06000
|
unkown image
|
page readonly
|
|
|
|
7FF5E1FFF000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8DCF000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE95000
|
unkown image
|
page readonly
|
|
|
|
25128813000
|
unkown
|
page read and write
|
|
|
|
7FF51DE96000
|
unkown image
|
page readonly
|
|
|
|
1A11B162000
|
unkown
|
page read and write
|
|
|
|
1E650B00000
|
unkown
|
page read and write
|
|
|
|
1A11A8A5000
|
unkown
|
page read and write
|
|
|
|
7FF53FA50000
|
unkown image
|
page readonly
|
|
|
|
7FF521FD0000
|
unkown image
|
page readonly
|
|
|
|
868AFE000
|
stack
|
page read and write
|
|
|
|
1DE39E2C000
|
unkown
|
page read and write
|
|
|
|
1A11B1A9000
|
unkown
|
page read and write
|
|
|
|
1A11B100000
|
unkown
|
page read and write
|
|
|
|
216C0835000
|
unkown
|
page read and write
|
|
|
|
1DE39E3C000
|
unkown
|
page read and write
|
|
|
|
6BD2C7F000
|
stack
|
page read and write
|
|
|
|
1A11B177000
|
unkown
|
page read and write
|
|
|
|
7DF5615C0000
|
unkown image
|
page readonly
|
|
|
|
7DF5F7140000
|
unkown image
|
page readonly
|
|
|
|
1A11AEA0000
|
unkown image
|
page write copy
|
|
|
|
7FF5C8DCC000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8BF1000
|
unkown image
|
page readonly
|
|
|
|
7FF5E2038000
|
unkown image
|
page readonly
|
|
|
|
7DF537160000
|
unkown image
|
page readonly
|
|
|
|
7FF51E3D9000
|
unkown image
|
page readonly
|
|
|
|
1A11B602000
|
unkown
|
page read and write
|
|
|
|
7FF5E2008000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8975000
|
unkown image
|
page readonly
|
|
|
|
7FF53FED4000
|
unkown image
|
page readonly
|
|
|
|
7FF5C8C81000
|
unkown image
|
page readonly
|
|
|
|
86907F000
|
stack
|
page read and write
|
|
|
|
1A11A853000
|
unkown
|
page read and write
|
|
|
|
1A11B1BF000
|
unkown
|
page read and write
|
|
|
|
7FF5E1FDB000
|
unkown image
|
page readonly
|
|
|
|
216C083E000
|
unkown
|
page read and write
|
|
|
|
DA3F1C000
|
unkown
|
page read and write
|
|
|
|
1DE39E6C000
|
unkown
|
page read and write
|
|
|
|
16471ED0000
|
unkown
|
page read and write
|
|
|
|
1E650A51000
|
unkown
|
page read and write
|
|
|
|
7FF51E32F000
|
unkown image
|
page readonly
|
|
|
|
6BD267F000
|
stack
|
page read and write
|
|
|
|
7DF555012000
|
unkown image
|
page readonly
|
|
|
|
1E650A29000
|
unkown
|
page read and write
|
|
|
|
1A11AC00000
|
unkown image
|
page readonly
|
|
|
|
7FF521FFF000
|
unkown image
|
page readonly
|
|
|
|
7FF52202F000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE7C000
|
unkown image
|
page readonly
|
|
|
|
1A11B115000
|
unkown
|
page read and write
|
|
|
|
7FF52204D000
|
unkown image
|
page readonly
|
|
|
|
1646D359000
|
unkown
|
page read and write
|
|
|
|
7FF52203E000
|
unkown image
|
page readonly
|
|
|
|
1DE3A450000
|
unkown image
|
page readonly
|
|
|
|
7DF5DDF30000
|
unkown image
|
page readonly
|
|
|
|
7FF5E20C1000
|
unkown image
|
page readonly
|
|
|
|
1A11AD80000
|
unkown image
|
page readonly
|
|
|
|
1A11A854000
|
unkown
|
page read and write
|
|
|
|
216C07B0000
|
unkown image
|
page readonly
|
|
|
|
7DF537140000
|
unkown image
|
page readonly
|
|
|
|
7DF555020000
|
unkown image
|
page readonly
|
|
|
|
7FF521FBC000
|
unkown image
|
page readonly
|
|
|
|
2512884F000
|
unkown
|
page read and write
|
|
|
|
6BD23BF000
|
stack
|
page read and write
|
|
|
|
16472030000
|
unkown
|
page read and write
|
|
|
|
7FF53FF0D000
|
unkown image
|
page readonly
|
|
|
|
7DF5615E0000
|
unkown image
|
page readonly
|
|
|
|
1A11A7D0000
|
unkown image
|
page readonly
|
|
|
|
7FF521F1D000
|
unkown image
|
page readonly
|
|
|
|
216C0AD0000
|
unkown image
|
page readonly
|
|
|
|
216C0A90000
|
unkown image
|
page readonly
|
|
|
|
868CF7000
|
stack
|
page read and write
|
|
|
|
7FF5E1B06000
|
unkown image
|
page readonly
|
|
|
|
7FF53FE7A000
|
unkown image
|
page readonly
|
|
|
|
1DE39CD0000
|
heap private
|
page read and write
|
|
There are 595 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://rollingproductions.co/form/vendor/
|
|
|
|
https://onedrive.live.com/view.aspx?resid=DEE5B7E6B473EA8!297&authkey=!AJzT10c65dPX7EI
|
|
|
|
https://onenote.officeapps.live.com/o/onenoteframe.aspx?edit=0&ui=en-GB&rs=en-US&hid=G%2BisbB6Yckeezt%2BiyLsGkw.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffolders%2FDEE5B7E6B473EA8!297&wdo=2&sc=host%3D%26qt%3DFolders&wdp=7&uih=OneDrive&wdorigin=Unknown&wdhostclicktime=1636384741255&jsapi=1&jsapiver=v1&newsession=1&corrid=bbb5aa22-1a67-4a19-934d-d571f855c69e&usid=bbb5aa22-1a67-4a19-934d-d571f855c69e&sftc=1&readonly=1&wdredirectionreason=Force_SingleStepBoot
|
|
|
|
https://onedrive.live.com/redir?resid=DEE5B7E6B473EA8%21297&authkey=%21AJzT10c65dPX7EI&page=View&wd=target%28Quick%20Notes.one%7Cdae4515d-1fad-4794-ba15-9ed30915b9e1%2FTableTops%20Unlimited%202021%7Cda5c4bfd-33bd-403e-a141-aa9e59f4f25d%2F%29
|
|
|
|
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdB1ugUAAAAAB1Et-FDaYGbmKyWVLMkviNHi7e2&co=aHR0cHM6Ly93d3cudHR1Y29ycC5jb206NDQz&hl=en&v=kcXVPRWG7fMILHmzon0--fD3&size=invisible&cb=lh2pb45igvi
|
|
|
|
https://www.ttucorp.com/
|
|