IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 61414 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\1bdcf784-d0c6-4445-a0c2-3cd589a71517.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\29c1aed3-6f11-46de-8971-3f98797857c2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\35146283-e5b4-4197-8f29-756290d2384b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\545fe920-0292-4f58-92fa-94d11fecbd9b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7394b311-6c10-4fdf-aca6-acad4d02e878.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7cc397a7-17b2-4662-874e-dd8f5622ba84.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7f11920c-dfeb-4dce-82dd-c94f5d9a52f7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\82da8a74-db5c-4fbc-8152-53b7b5f1eaee.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8fa5eab1-d3be-4e75-ae91-2a38367dd082.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\415cd42e-38b5-4020-9545-f8ec5bd2899f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\47bcec55-60fb-462e-8d3f-c6eaff50419d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4edd4ed7-3bfc-463c-bd96-6f199645aa2d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6be9a45d-44d2-4835-91f6-e8b4c8797226.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\94dcb6ca-e66e-4808-bf0d-902cbff6b4bd.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\955fecb6-e304-425f-988d-fb108d92843d.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsG (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldx, (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\89fc1a87-2b71-459e-b401-82797fb694ce.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\1baadb3a-d633-4f49-b5c3-f72bcb086cea.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a0297f39-71a9-4fbf-94a4-5720abbe23d0.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d153b32c-5671-4cdf-bb27-cff0abe2fd1e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f0b865b8-c5b7-4d88-9ee5-54216dad23a9.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f1606f71-0358-46b1-989b-a4ee54799db9.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statel\ (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachea/ (copy)
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cacheja (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\a866ecc3-3f5d-47e2-9af7-dc7a164d0106.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\22662aea-b3db-4886-b5ff-f96805798d36.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\2ff31498-2707-44f5-a6f1-23b79469051d.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_pnacl_json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\6324_1957145557\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\7b06171f-b305-43c3-8508-47bcc41932ae.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\7edb5144-1590-47bf-9bfb-63e41187274c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\7edb5144-1590-47bf-9bfb-63e41187274c.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_346694601\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\7b06171f-b305-43c3-8508-47bcc41932ae.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
modified
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6324_794806165\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
There are 244 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://s.id/Iz3C6
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1548,8791539974300921910,13509635868977157649,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
clean

URLs

Name
IP
Malicious
https://s.id/Iz3C6
malicious
https://emiland.com/htmpx/unitedhealthcare.asp/M
unknown
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/css/hover.css
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/office3651.png
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/Share
unknown
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/2
unknown
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/adobe.jpg
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/gmail.png
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/outlook1.png
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/other1.png
79.133.42.192
 malicious
https://emiland.com/htmpx/unitedhealthcare.asp/
malicious
https://emiland.com/htmpx/unitedhealthcare.asp/images/outlook1.pngG
unknown
 malicious
https://apis.google.com/js/client.js
unknown
 clean
https://emiland.com/favicon.icoChIKBw2DqFs9GgAKBw3OQUx6GgA==
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://emiland.com/htmpx/unitedhealthcare.aspShare
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://s.id/Iz3C6Share
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://www.google.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://tamilrockers9.com/vpy/xsm.htmShare
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207
 clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsy
unknown
 clean
https://www.google.com/tools/feedback
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://emiland.com/wp-includes/images/w-logo-blue-white-bg.png
79.133.42.192
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
https://tamilrockers9.com/vpy/xsm.htmReferrer-Policy:
unknown
 clean
https://s.id/Iz3C6
45.126.59.196
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.185.174
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushers
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
https://docs.google.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://clients6.google.com
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=sZ1igptl%2BGpS%2FC%2BPHwNDI8vmBK%2FvRJa00DAZdUiNAFOaBYms0PZ
unknown
 clean
https://emiland.com/htmpx/unitedhealthcare.asp
79.133.42.192
 clean
https://ka-f.fontawesome.com
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://play.google.com
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
unknown
 clean
https://emiland.com/wp-json/
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://tamilrockers9.com
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.203.97
 clean
https://emiland.com/htmpx/unitedhealthcare.asp2
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251kf
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
https://emiland.com/htmpx/unitedhealthcare.aspD
unknown
 clean
http://angularjs.org
unknown
 clean
https://tamilrockers9.com/vpy/xsm.htm
107.189.2.191
 clean
https://github.com/angular/material
unknown
 clean
https://s.id/Iz3C62
unknown
 clean
https://apis.google.com
unknown
 clean
https://s.id/Iz3C63
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://clients2.google.com
unknown
 clean
https://tamilrockers9.com/vpy/xsm.htm2
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://emiland.com/favicon.ico
79.133.42.192
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
 clean
https://api.w.org/
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js/
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207
 clean
https://code.jquery.com/jquery-3.3.1.js
unknown
 clean
http://llvm.org/):
unknown
 clean
https://kit.fontawesome.com
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry%s:
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.19.94
 clean
https://login.microsoftonline.com/common/login
unknown
 clean
https://code.google.com/p/nativeclient/issues/entry
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=VVIJJnVzHhrMw0jRx1MSuW7Cbcq9MDI5GtpLlXm5gxabNnISIeaZ1nNcUn3
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
emiland.com
79.133.42.192
 malicious
gstaticadssl.l.google.com
172.217.168.3
 clean
s.id
45.126.59.196
 clean
accounts.google.com
172.217.168.45
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
maxcdn.bootstrapcdn.com
104.18.11.207
 clean
clients.l.google.com
142.250.185.174
 clean
tamilrockers9.com
107.189.2.191
 clean
googlehosted.l.googleusercontent.com
142.250.203.97
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
code.jquery.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
79.133.42.192
emiland.com
Germany
malicious
192.168.2.1
unknown
unknown
clean
172.217.168.45
accounts.google.com
United States
clean
142.250.203.97
googlehosted.l.googleusercontent.com
United States
clean
172.217.168.3
gstaticadssl.l.google.com
United States
clean
45.126.59.196
s.id
Indonesia
clean
107.189.2.191
tamilrockers9.com
United States
clean
104.18.11.207
maxcdn.bootstrapcdn.com
United States
clean
239.255.255.250
unknown
Reserved
clean
142.250.185.174
clients.l.google.com
United States
clean
127.0.0.1
unknown
unknown
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
There are 2 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DAC9024F54D8F6DF94935FB1732638CA6AD77C13
Blob
 clean
There are 36 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF53A7BA000
unkown image
page readonly
 clean
7DF57F8A2000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
1F5FA050000
unkown
page read and write
 clean
7FF53A695000
unkown image
page readonly
 clean
1B5C035A000
unkown
page read and write
 clean
7FF571B60000
unkown image
page readonly
 clean
7DF5CFAE0000
unkown image
page readonly
 clean
1B323B92000
unkown
page read and write
 clean
176AB902000
unkown
page read and write
 clean
2478FA87000
unkown
page read and write
 clean
2478F8D0000
heap private
page read and write
 clean
7FF5273FA000
unkown image
page readonly
 clean
1B323BBC000
unkown
page read and write
 clean
7FF4FCE46000
unkown image
page readonly
 clean
1B323B92000
unkown
page read and write
 clean
7FF5C1CF5000
unkown image
page readonly
 clean
7FF571C41000
unkown image
page readonly
 clean
176AB790000
unkown image
page readonly
 clean
7DF5CFAF0000
unkown image
page readonly
 clean
7DF5350F2000
unkown image
page readonly
 clean
7FF5273AE000
unkown image
page readonly
 clean
1B5C01D0000
unkown image
page readonly
 clean
1B5C0371000
unkown
page read and write
 clean
7FF571BBD000
unkown image
page readonly
 clean
7FF5C1E42000
unkown image
page readonly
 clean
176AB848000
unkown
page read and write
 clean
1B323BAC000
unkown
page read and write
 clean
1B323BC9000
unkown
page read and write
 clean
1B323BD1000
unkown
page read and write
 clean
7FF4FD099000
unkown image
page readonly
 clean
7FF53A6C1000
unkown image
page readonly
 clean
7FF52747A000
unkown image
page readonly
 clean
2017A47F000
unkown
page read and write
 clean
1F5FA040000
unkown
page read and write
 clean
1B5C02C0000
unkown
page read and write
 clean
6E497B000
stack
page read and write
 clean
7DF535100000
unkown image
page readonly
 clean
1B323B7D000
unkown
page read and write
 clean
7FF58C7BD000
unkown image
page readonly
 clean
2478FB02000
unkown
page read and write
 clean
1B5C0320000
unkown image
page readonly
 clean
7FF53A777000
unkown image
page readonly
 clean
1B5C04B0000
heap private
page read and write
 clean
7FF53A4C5000
unkown image
page readonly
 clean
7FF527206000
unkown image
page readonly
 clean
1B323A02000
unkown
page read and write
 clean
7FF53A3B6000
unkown image
page readonly
 clean
3108DBE000
stack
page read and write
 clean
7FF5713B3000
unkown image
page readonly
 clean
1B323BA0000
unkown
page read and write
 clean
1B323302000
unkown
page read and write
 clean
1F5FA0C9000
heap private
page read and write
 clean
7FF4FCF15000
unkown image
page readonly
 clean
7FF571B4D000
unkown image
page readonly
 clean
7FF571B56000
unkown image
page readonly
 clean
D15ED2B000
unkown
page read and write
 clean
7FF571A52000
unkown image
page readonly
 clean
7FF5714CE000
unkown image
page readonly
 clean
8964EFC000
stack
page read and write
 clean
3108CBB000
unkown
page read and write
 clean
1B32413C000
unkown
page read and write
 clean
7FF58C894000
unkown image
page readonly
 clean
176AB870000
unkown
page read and write
 clean
7FF527471000
unkown image
page readonly
 clean
7FF5C1E61000
unkown image
page readonly
 clean
7FF53A652000
unkown image
page readonly
 clean
1B323600000
unkown image
page readonly
 clean
1B324102000
unkown
page read and write
 clean
6E4A77000
stack
page read and write
 clean
7DF59A522000
unkown image
page readonly
 clean
89651FD000
stack
page read and write
 clean
7FF5273A3000
unkown image
page readonly
 clean
7FF5273CB000
unkown image
page readonly
 clean
1B323BC6000
unkown
page read and write
 clean
6E4E77000
stack
page read and write
 clean
8964B1E000
stack
page read and write
 clean
7FF5C1DCE000
unkown image
page readonly
 clean
1B323267000
unkown
page read and write
 clean
7DF5350F0000
unkown image
page readonly
 clean
7FF53A5F9000
unkown image
page readonly
 clean
1B5C036A000
unkown
page read and write
 clean
1B3232F3000
unkown
page read and write
 clean
1B323268000
unkown
page read and write
 clean
7FF52726B000
unkown image
page readonly
 clean
7DF5CFAF0000
unkown image
page readonly
 clean
1B323BBA000
unkown
page read and write
 clean
1F5FA4E0000
unkown image
page readonly
 clean
2017A49E000
unkown
page read and write
 clean
176AB790000
unkown image
page readonly
 clean
7FF5C1D83000
unkown image
page readonly
 clean
7FF4FD03A000
unkown image
page readonly
 clean
1B3232E2000
unkown
page read and write
 clean
2478FA44000
unkown
page read and write
 clean
1B5C035F000
unkown
page read and write
 clean
1B5C06C0000
unkown image
page readonly
 clean
8964B9F000
stack
page read and write
 clean
1B32325B000
unkown
page read and write
 clean
7FF5272DB000
unkown image
page readonly
 clean
31090FB000
stack
page read and write
 clean
7FF527250000
unkown image
page readonly
 clean
1F5F9CF0000
unkown image
page readonly
 clean
A6EF27C000
unkown
page read and write
 clean
1B5C01B0000
unkown image
page readonly
 clean
7FF53A702000
unkown image
page readonly
 clean
1B323BA0000
unkown
page read and write
 clean
1B5C035A000
unkown
page read and write
 clean
7FF5273DE000
unkown image
page readonly
 clean
7DF50AD20000
unkown image
page readonly
 clean
1B3232AB000
unkown
page read and write
 clean
310927E000
stack
page read and write
 clean
1B323B7F000
unkown
page read and write
 clean
1B323B92000
unkown
page read and write
 clean
7FF53A74D000
unkown image
page readonly
 clean
1B5C0371000
unkown
page read and write
 clean
2478F910000
unkown image
page readonly
 clean
1B323B7B000
unkown
page read and write
 clean
1B5C036A000
unkown
page read and write
 clean
176AB7F0000
unkown image
page readonly
 clean
2017A2F0000
heap default
page read and write
 clean
7DF5484B2000
unkown image
page readonly
 clean
1B323400000
unkown image
page readonly
 clean
1B5C036A000
unkown
page read and write
 clean
2017A280000
unkown image
page read and write
 clean
7FF53A82A000
unkown image
page readonly
 clean
7DF57F8A0000
unkown image
page readonly
 clean
1B323313000
unkown
page read and write
 clean
2017A2A0000
unkown image
page readonly
 clean
1B3232ED000
unkown
page read and write
 clean
7DF50AD32000
unkown image
page readonly
 clean
7DF5484A0000
unkown image
page readonly
 clean
176AB84B000
unkown
page read and write
 clean
7FF527393000
unkown image
page readonly
 clean
1B32413C000
unkown
page read and write
 clean
7FF4FCFC9000
unkown image
page readonly
 clean
7FF5C1AF5000
unkown image
page readonly
 clean
7DF57F8B2000
unkown image
page readonly
 clean
7FF53A71A000
unkown image
page readonly
 clean
2017A470000
unkown
page read and write
 clean
497C6FF000
stack
page read and write
 clean
1B323B92000
unkown
page read and write
 clean
7FF5C1D9E000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
1F5F9CC0000
unkown image
page readonly
 clean
1B3231B0000
unkown
page read and write
 clean
1B323B99000
unkown
page read and write
 clean
7FF5C1CC5000
unkown image
page readonly
 clean
7FF53A812000
unkown image
page readonly
 clean
7FF571C2A000
unkown image
page readonly
 clean
1B5C0430000
unkown image
page read and write
 clean
7FF58C7FB000
unkown image
page readonly
 clean
7FF5C1D90000
unkown image
page readonly
 clean
7FF53A62B000
unkown image
page readonly
 clean
7FF58C038000
unkown image
page readonly
 clean
1B323060000
unkown image
page readonly
 clean
7FF53A54B000
unkown image
page readonly
 clean
7FF53A657000
unkown image
page readonly
 clean
7DF4CD9A0000
unkown image
page readonly
 clean
7FF53A5F5000
unkown image
page readonly
 clean
1B32325A000
unkown
page read and write
 clean
176AB780000
heap private
page read and write
 clean
6E487B000
stack
page read and write
 clean
7FF4FCBA1000
unkown image
page readonly
 clean
1F5F9CB0000
unkown
page read and write
 clean
7DF50AD22000
unkown image
page readonly
 clean
7FF53A64F000
unkown image
page readonly
 clean
1B323860000
unkown image
page write copy
 clean
1B323B99000
unkown
page read and write
 clean
2017A500000
unkown
page read and write
 clean
7FF53A74F000
unkown image
page readonly
 clean
7FF52728F000
unkown image
page readonly
 clean
7FF53A760000
unkown image
page readonly
 clean
7FF58C889000
unkown image
page readonly
 clean
7FF4FD0C1000
unkown image
page readonly
 clean
176AB813000
unkown
page read and write
 clean
7FF58C8AA000
unkown image
page readonly
 clean
3109377000
stack
page read and write
 clean
7FF4FD0A4000
unkown image
page readonly
 clean
7FF53A6AC000
unkown image
page readonly
 clean
1B5C02E0000
unkown
page read and write
 clean
2478FA7B000
unkown
page read and write
 clean
7FF53A60D000
unkown image
page readonly
 clean
1F5F9DB7000
unkown
page read and write
 clean
7FF53A6F1000
unkown image
page readonly
 clean
7FF4FCF1B000
unkown image
page readonly
 clean
1B5C04B5000
heap private
page read and write
 clean
7FF4FD01E000
unkown image
page readonly
 clean
7FF53A512000
unkown image
page readonly
 clean
7FF53A76E000
unkown image
page readonly
 clean
1F5FABF0000
unkown
page read and write
 clean
2478FA70000
unkown
page read and write
 clean
2017A400000
unkown
page read and write
 clean
7FF4FCFE3000
unkown image
page readonly
 clean
1F5F9DBF000
unkown
page read and write
 clean
7DF50AD30000
unkown image
page readonly
 clean
1F5FA0C0000
heap private
page read and write
 clean
1B3238D0000
unkown
page read and write
 clean
7FF53A3A7000
unkown image
page readonly
 clean
7FF58C03C000
unkown image
page readonly
 clean
7FF5C1DA7000
unkown image
page readonly
 clean
2478F8E0000
unkown image
page readonly
 clean
7FF53A7B7000
unkown image
page readonly
 clean
1F5F9DB7000
unkown
page read and write
 clean
2017A800000
unkown image
page readonly
 clean
1B323190000
unkown image
page readonly
 clean
2478FA4B000
unkown
page read and write
 clean
7FF52738F000
unkown image
page readonly
 clean
7FF5273A0000
unkown image
page readonly
 clean
7FF4FCF41000
unkown image
page readonly
 clean
1B323B3D000
unkown
page read and write
 clean
7FF58C7C6000
unkown image
page readonly
 clean
7FF4FCECF000
unkown image
page readonly
 clean
1B32325C000
unkown
page read and write
 clean
1F5F9D70000
heap default
page read and write
 clean
7FF5C1D97000
unkown image
page readonly
 clean
1B323260000
unkown
page read and write
 clean
1B323B7F000
unkown
page read and write
 clean
2478FB00000
unkown
page read and write
 clean
7FF52724D000
unkown image
page readonly
 clean
7DF59A520000
unkown image
page readonly
 clean
7FF527481000
unkown image
page readonly
 clean
1B323040000
unkown image
page read and write
 clean
1B323B99000
unkown
page read and write
 clean
1B3238E0000
unkown image
page read and write
 clean
6E5078000
stack
page read and write
 clean
7FF58C8B1000
unkown image
page readonly
 clean
1B323B9F000
unkown
page read and write
 clean
7FF58C80E000
unkown image
page readonly
 clean
2478F960000
unkown
page read and write
 clean
1B323B9F000
unkown
page read and write
 clean
1B5C0372000
unkown
page read and write
 clean
2478FA29000
unkown
page read and write
 clean
1B323B92000
unkown
page read and write
 clean
7DF50AD22000
unkown image
page readonly
 clean
1B323B7D000
unkown
page read and write
 clean
7FF53A5F1000
unkown image
page readonly
 clean
1B5C0330000
heap default
page read and write
 clean
1B323060000
unkown image
page readonly
 clean
7FF4FCFEE000
unkown image
page readonly
 clean
2017A44D000
unkown
page read and write
 clean
7FF4FCF2C000
unkown image
page readonly
 clean
2478FA4C000
unkown
page read and write
 clean
176AB770000
unkown image
page read and write
 clean
1B323BD1000
unkown
page read and write
 clean
7DF59A522000
unkown image
page readonly
 clean
7FF53A753000
unkown image
page readonly
 clean
1B323B82000
unkown
page read and write
 clean
7FF539FCC000
unkown image
page readonly
 clean
7DF57F8A2000
unkown image
page readonly
 clean
1B323229000
unkown
page read and write
 clean
1B323B88000
unkown
page read and write
 clean
7DF50AD30000
unkown image
page readonly
 clean
7FF5C14FA000
unkown image
page readonly
 clean
7FF4FCBA7000
unkown image
page readonly
 clean
176AB87A000
unkown
page read and write
 clean
7FF5273D3000
unkown image
page readonly
 clean
310947F000
stack
page read and write
 clean
310957F000
stack
page read and write
 clean
7FF4FCE8D000
unkown image
page readonly
 clean
7FF4FD092000
unkown image
page readonly
 clean
7FF53A69B000
unkown image
page readonly
 clean
7FF53A71E000
unkown image
page readonly
 clean
497C579000
stack
page read and write
 clean
1B32323C000
unkown
page read and write
 clean
7FF5C1E71000
unkown image
page readonly
 clean
1F5F9CA0000
unkown image
page read and write
 clean
1B3231D0000
unkown image
page readonly
 clean
2017A449000
unkown
page read and write
 clean
7FF5C1D7D000
unkown image
page readonly
 clean
2478FED0000
unkown image
page readonly
 clean
7FF53A749000
unkown image
page readonly
 clean
1F5FAC70000
unkown
page read and write
 clean
1F5F9D78000
heap default
page read and write
 clean
1B324100000
unkown
page read and write
 clean
2478FA4D000
unkown
page read and write
 clean
7FF52746A000
unkown image
page readonly
 clean
1B32406A000
unkown
page read and write
 clean
1B32419D000
unkown
page read and write
 clean
176AB900000
unkown
page read and write
 clean
2017A451000
unkown
page read and write
 clean
7FF5C1C7F000
unkown image
page readonly
 clean
497C5FA000
stack
page read and write
 clean
A6EF2FD000
stack
page read and write
 clean
7FF53A6EF000
unkown image
page readonly
 clean
7FF571C12000
unkown image
page readonly
 clean
7FF58C7D0000
unkown image
page readonly
 clean
7DF5CFAD0000
unkown image
page readonly
 clean
1B32326B000
unkown
page read and write
 clean
7FF4FD03D000
unkown image
page readonly
 clean
7FF5C1C21000
unkown image
page readonly
 clean
6E517F000
stack
page read and write
 clean
7FF55DB51000
unkown image
page readonly
 clean
1F5F9CE0000
unkown image
page readonly
 clean
1B323B99000
unkown
page read and write
 clean
7FF53A586000
unkown image
page readonly
 clean
1B323BBD000
unkown
page read and write
 clean
1F5F9DBF000
unkown
page read and write
 clean
2478FA4F000
unkown
page read and write
 clean
A6EF5F9000
stack
page read and write
 clean
7FF53A5A5000
unkown image
page readonly
 clean
7FF4FCE90000
unkown image
page readonly
 clean
D15F17C000
stack
page read and write
 clean
2478F900000
unkown image
page readonly
 clean
1B3232DD000
unkown
page read and write
 clean
7FF5C1DEA000
unkown image
page readonly
 clean
7FF58C82A000
unkown image
page readonly
 clean
1B323B3F000
unkown
page read and write
 clean
7FF4FD0BA000
unkown image
page readonly
 clean
7FF571A57000
unkown image
page readonly
 clean
7FF58C882000
unkown image
page readonly
 clean
7FF53A79E000
unkown image
page readonly
 clean
A6EF57E000
stack
page read and write
 clean
7FF571C3A000
unkown image
page readonly
 clean
7DF50AD20000
unkown image
page readonly
 clean
7FF571B63000
unkown image
page readonly
 clean
1B5C0341000
unkown
page read and write
 clean
1B323B8D000
unkown
page read and write
 clean
7DF5484C0000
unkown image
page readonly
 clean
7DF535100000
unkown image
page readonly
 clean
7FF5C1D79000
unkown image
page readonly
 clean
A6EF4FE000
stack
page read and write
 clean
1B323B99000
unkown
page read and write
 clean
7FF5C1CF1000
unkown image
page readonly
 clean
7DF5484C0000
unkown image
page readonly
 clean
7DF59A520000
unkown image
page readonly
 clean
1B3232AF000
unkown
page read and write
 clean
1B5C035A000
unkown
page read and write
 clean
7DF57F8B0000
unkown image
page readonly
 clean
1B32325D000
unkown
page read and write
 clean
1B323BAC000
unkown
page read and write
 clean
7DF59A530000
unkown image
page readonly
 clean
1B323B75000
unkown
page read and write
 clean
1B323B97000
unkown
page read and write
 clean
24790050000
unkown image
page readonly
 clean
1B323BA6000
unkown
page read and write
 clean
7FF53A59F000
unkown image
page readonly
 clean
7FF571B46000
unkown image
page readonly
 clean
1B323316000
unkown
page read and write
 clean
7FF53A5C6000
unkown image
page readonly
 clean
2478FCD0000
unkown image
page readonly
 clean
D15F2FE000
stack
page read and write
 clean
1B32406A000
unkown
page read and write
 clean
7FF5C1C40000
unkown image
page readonly
 clean
2017A508000
unkown
page read and write
 clean
8964FFB000
stack
page read and write
 clean
1F5F9D50000
unkown image
page readonly
 clean
7DF5CFAD2000
unkown image
page readonly
 clean
1B323200000
unkown
page read and write
 clean
7FF58C7C3000
unkown image
page readonly
 clean
7FF571BBA000
unkown image
page readonly
 clean
7DF5350E2000
unkown image
page readonly
 clean
7DF5CFAE0000
unkown image
page readonly
 clean
7DF5484B0000
unkown image
page readonly
 clean
7FF4FCFB7000
unkown image
page readonly
 clean
7FF527464000
unkown image
page readonly
 clean
7FF53A83A000
unkown image
page readonly
 clean
1B3238D0000
unkown
page read and write
 clean
7FF4FD0B1000
unkown image
page readonly
 clean
1B323BBE000
unkown
page read and write
 clean
7FF5C1DC3000
unkown image
page readonly
 clean
1B323289000
unkown
page read and write
 clean
7FF58C803000
unkown image
page readonly
 clean
6E4B7F000
stack
page read and write
 clean
1B5C0190000
unkown image
page read and write
 clean
6E467B000
unkown
page read and write
 clean
7FF571C31000
unkown image
page readonly
 clean
D15F5FF000
stack
page read and write
 clean
2017A3D0000
unkown image
page readonly
 clean
1B323B80000
unkown
page read and write
 clean
7FF527389000
unkown image
page readonly
 clean
1B5C0310000
unkown image
page readonly
 clean
1B323B9B000
unkown
page read and write
 clean
1B323B9F000
unkown
page read and write
 clean
1B323B92000
unkown
page read and write
 clean
7FF58C82D000
unkown image
page readonly
 clean
176ABE50000
unkown image
page readonly
 clean
7FF4FCFD3000
unkown image
page readonly
 clean
2017A43C000
unkown
page read and write
 clean
1F5F9D82000
heap default
page read and write
 clean
7DF5484A2000
unkown image
page readonly
 clean
7FF58C7D3000
unkown image
page readonly
 clean
7FF5C1DE7000
unkown image
page readonly
 clean
7FF53A824000
unkown image
page readonly
 clean
1B323BAA000
unkown
page read and write
 clean
7DF57F8B0000
unkown image
page readonly
 clean
1B32419D000
unkown
page read and write
 clean
7DF59A510000
unkown image
page readonly
 clean
1F5FAC00000
unkown
page readonly
 clean
7FF58C7BF000
unkown image
page readonly
 clean
7FF55DB51000
unkown image
page readonly
 clean
7FF527305000
unkown image
page readonly
 clean
7DF432FB0000
unkown image
page readonly
 clean
7FF527481000
unkown image
page readonly
 clean
1B323050000
heap private
page read and write
 clean
1B5C04C0000
unkown image
page readonly
 clean
1B5C0356000
unkown
page read and write
 clean
7FF58C89A000
unkown image
page readonly
 clean
7FF571C35000
unkown image
page readonly
 clean
1B323BA3000
unkown
page read and write
 clean
7FF571C41000
unkown image
page readonly
 clean
7FF571B92000
unkown image
page readonly
 clean
7FF5C1E6A000
unkown image
page readonly
 clean
7FF58C8A5000
unkown image
page readonly
 clean
2017A980000
unkown image
page readonly
 clean
2478FA13000
unkown
page read and write
 clean
176AB7C0000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
2017A2D0000
unkown image
page readonly
 clean
7FF526F61000
unkown image
page readonly
 clean
7FF53A591000
unkown image
page readonly
 clean
89652FE000
stack
page read and write
 clean
1B5C0346000
heap default
page read and write
 clean
1B323B9D000
unkown
page read and write
 clean
7DF59A512000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
7DF59A512000
unkown image
page readonly
 clean
497C67F000
stack
page read and write
 clean
7FF527301000
unkown image
page readonly
 clean
1F5FA9B0000
unkown
page read and write
 clean
7FF5C1951000
unkown image
page readonly
 clean
2017A413000
unkown
page read and write
 clean
2478FA21000
unkown
page read and write
 clean
7DF50AD40000
unkown image
page readonly
 clean
7FF4FCF45000
unkown image
page readonly
 clean
D15F4FF000
stack
page read and write
 clean
1B323308000
unkown
page read and write
 clean
1B5C035F000
unkown
page read and write
 clean
176AB887000
unkown
page read and write
 clean
7FF5C1C3D000
unkown image
page readonly
 clean
7FF53A610000
unkown image
page readonly
 clean
2017A2C0000
unkown image
page readonly
 clean
176ABCD0000
unkown image
page readonly
 clean
7DF5CFAD0000
unkown image
page readonly
 clean
7FF5273A7000
unkown image
page readonly
 clean
2017A3F0000
unkown
page read and write
 clean
7FF4FD0C1000
unkown image
page readonly
 clean
7FF5719DA000
unkown image
page readonly
 clean
7FF53A584000
unkown image
page readonly
 clean
7DF446370000
unkown image
page readonly
 clean
7FF571B8B000
unkown image
page readonly
 clean
7FF4FCFCD000
unkown image
page readonly
 clean
7FF4FCE71000
unkown image
page readonly
 clean
7FF4FCFE7000
unkown image
page readonly
 clean
7FF58C7D7000
unkown image
page readonly
 clean
7FF571C19000
unkown image
page readonly
 clean
7DF5CFAD2000
unkown image
page readonly
 clean
2017A502000
unkown
page read and write
 clean
1B323780000
unkown image
page readonly
 clean
1B323090000
unkown image
page readonly
 clean
1B3230B0000
heap default
page read and write
 clean
6E4C7A000
stack
page read and write
 clean
7FF526B0A000
unkown image
page readonly
 clean
7FF5713BB000
unkown image
page readonly
 clean
7FF53A723000
unkown image
page readonly
 clean
497C4FE000
stack
page read and write
 clean
1B323B9B000
unkown
page read and write
 clean
176AB7B0000
unkown image
page readonly
 clean
1B323264000
unkown
page read and write
 clean
7FF5273B7000
unkown image
page readonly
 clean
1B323B7D000
unkown
page read and write
 clean
1B323BA1000
unkown
page read and write
 clean
7FF5C1E5A000
unkown image
page readonly
 clean
1B323B75000
unkown
page read and write
 clean
7FF4FD013000
unkown image
page readonly
 clean
176AC002000
unkown
page read and write
 clean
1B323B85000
unkown
page read and write
 clean
7DF5CFAE2000
unkown image
page readonly
 clean
7FF53A819000
unkown image
page readonly
 clean
2478F930000
heap default
page read and write
 clean
7FF5C16A9000
unkown image
page readonly
 clean
D15F3F7000
stack
page read and write
 clean
2478FA7C000
unkown
page read and write
 clean
176AB913000
unkown
page read and write
 clean
24790202000
unkown
page read and write
 clean
7FF58C8B1000
unkown image
page readonly
 clean
7DF5350E2000
unkown image
page readonly
 clean
7FF4FD0AA000
unkown image
page readonly
 clean
176ABAD0000
unkown image
page readonly
 clean
7FF53A6C5000
unkown image
page readonly
 clean
7FF53A841000
unkown image
page readonly
 clean
2017A600000
unkown image
page readonly
 clean
7FF526CC0000
unkown image
page readonly
 clean
7FF4FCFE0000
unkown image
page readonly
 clean
1F5F9D30000
unkown
page read and write
 clean
1B323B89000
unkown
page read and write
 clean
7FF53A793000
unkown image
page readonly
 clean
7FF571B9E000
unkown image
page readonly
 clean
7DF5350F0000
unkown image
page readonly
 clean
7FF5C1DED000
unkown image
page readonly
 clean
2478FA00000
unkown
page read and write
 clean
7FF5C1CDC000
unkown image
page readonly
 clean
7FF5713C2000
unkown image
page readonly
 clean
2478F8C0000
unkown image
page read and write
 clean
7FF571B4F000
unkown image
page readonly
 clean
7FF5C1D93000
unkown image
page readonly
 clean
6E4D79000
stack
page read and write
 clean
1B323B75000
unkown
page read and write
 clean
7FF5273FD000
unkown image
page readonly
 clean
1F5FA660000
unkown image
page readonly
 clean
7FF5C1D7F000
unkown image
page readonly
 clean
1B323B92000
unkown
page read and write
 clean
7FF5C1DBB000
unkown image
page readonly
 clean
1B5C0355000
unkown
page read and write
 clean
7FF4FCD45000
unkown image
page readonly
 clean
7FF5713BD000
unkown image
page readonly
 clean
7FF571C24000
unkown image
page readonly
 clean
2478FB08000
unkown
page read and write
 clean
7DF5484A2000
unkown image
page readonly
 clean
1B323BA3000
unkown
page read and write
 clean
1B323B87000
unkown
page read and write
 clean
2478F940000
unkown image
page readonly
 clean
7FF4FCFF7000
unkown image
page readonly
 clean
1F5FA0B0000
unkown
page read and write
 clean
7FF5C1E54000
unkown image
page readonly
 clean
6E477E000
stack
page read and write
 clean
7FF527459000
unkown image
page readonly
 clean
1B323B13000
unkown
page read and write
 clean
1B323B83000
unkown
page read and write
 clean
7FF527105000
unkown image
page readonly
 clean
1B323B4D000
unkown
page read and write
 clean
7DF5484B0000
unkown image
page readonly
 clean
D15F07F000
stack
page read and write
 clean
7DF57F8C0000
unkown image
page readonly
 clean
2017A513000
unkown
page read and write
 clean
7FF5C1BF6000
unkown image
page readonly
 clean
7FF527231000
unkown image
page readonly
 clean
7DF59A510000
unkown image
page readonly
 clean
7FF53A767000
unkown image
page readonly
 clean
176AB829000
unkown
page read and write
 clean
7FF4FD037000
unkown image
page readonly
 clean
1F5FAC10000
unkown
page read and write
 clean
7FF539ECA000
unkown image
page readonly
 clean
7DF5CFAE2000
unkown image
page readonly
 clean
2478FB13000
unkown
page read and write
 clean
7DF5350F2000
unkown image
page readonly
 clean
1B323BC9000
unkown
page read and write
 clean
7FF53A831000
unkown image
page readonly
 clean
1B3232C3000
unkown
page read and write
 clean
8964A9B000
unkown
page read and write
 clean
1F5F9D10000
unkown
page read and write
 clean
1B323B81000
unkown
page read and write
 clean
7FF58C7DE000
unkown image
page readonly
 clean
7DF5350E0000
unkown image
page readonly
 clean
7FF53A414000
unkown image
page readonly
 clean
1B3238D0000
unkown
page read and write
 clean
6E46FE000
stack
page read and write
 clean
1B324102000
unkown
page read and write
 clean
1B32325F000
unkown
page read and write
 clean
7FF5714C9000
unkown image
page readonly
 clean
1B324000000
unkown
page read and write
 clean
7DF5484B2000
unkown image
page readonly
 clean
7FF53A840000
unkown image
page readonly
 clean
1B323B99000
unkown
page read and write
 clean
7DF47D770000
unkown image
page readonly
 clean
7FF5C1957000
unkown image
page readonly
 clean
176AB7E0000
heap default
page read and write
 clean
7FF5272D5000
unkown image
page readonly
 clean
7FF5273F7000
unkown image
page readonly
 clean
7FF527452000
unkown image
page readonly
 clean
7FF5C1E71000
unkown image
page readonly
 clean
7DF59A530000
unkown image
page readonly
 clean
7FF571475000
unkown image
page readonly
 clean
7FF4FCFCF000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
7DF57F8B2000
unkown image
page readonly
 clean
497C1BA000
unkown
page read and write
 clean
7FF5C1CCB000
unkown image
page readonly
 clean
7FF53A72E000
unkown image
page readonly
 clean
89650F7000
stack
page read and write
 clean
176AB83C000
unkown
page read and write
 clean
A6EF3FE000
stack
page read and write
 clean
1B5C035F000
unkown
page read and write
 clean
7FF53A737000
unkown image
page readonly
 clean
6E4F7E000
stack
page read and write
 clean
1B323B5E000
unkown
page read and write
 clean
1B3232C7000
unkown
page read and write
 clean
1B323B89000
unkown
page read and write
 clean
1B323213000
unkown
page read and write
 clean
7DF50AD40000
unkown image
page readonly
 clean
1B323B86000
unkown
page read and write
 clean
1F5F9DD6000
heap default
page read and write
 clean
6E4EFE000
stack
page read and write
 clean
2017AC02000
unkown
page read and write
 clean
1F5FA0D0000
unkown
page read and write
 clean
1F5F9F40000
unkown image
page readonly
 clean
176ABF40000
unkown
page read and write
 clean
7DF5350E0000
unkown image
page readonly
 clean
D15F27B000
stack
page read and write
 clean
7DF57F8C0000
unkown image
page readonly
 clean
7FF53A417000
unkown image
page readonly
 clean
3108D3E000
stack
page read and write
 clean
1B323080000
unkown image
page readonly
 clean
2478F8E0000
unkown image
page readonly
 clean
7FF53A1AB000
unkown image
page readonly
 clean
7FF53A3A9000
unkown image
page readonly
 clean
7FF527377000
unkown image
page readonly
 clean
176AB908000
unkown
page read and write
 clean
A6EF47A000
stack
page read and write
 clean
1B324002000
unkown
page read and write
 clean
1B3232A5000
unkown
page read and write
 clean
1F5FA2E0000
unkown image
page readonly
 clean
1B323B00000
unkown
page read and write
 clean
7FF53A763000
unkown image
page readonly
 clean
7DF50AD32000
unkown image
page readonly
 clean
1F5F9CC0000
unkown image
page readonly
 clean
7FF53A1A7000
unkown image
page readonly
 clean
1B324002000
unkown
page read and write
 clean
176AB800000
unkown
page read and write
 clean
7DF408BF0000
unkown image
page readonly
 clean
2017A429000
unkown
page read and write
 clean
176AB84E000
unkown
page read and write
 clean
1B323B87000
unkown
page read and write
 clean
2017A2A0000
unkown image
page readonly
 clean
7FF5C1C5B000
unkown image
page readonly
 clean
1F5FAC20000
unkown
page read and write
 clean
7FF53A1BC000
unkown image
page readonly
 clean
7FF571B53000
unkown image
page readonly
 clean
7FF4FCEAB000
unkown image
page readonly
 clean
7FF5C1D67000
unkown image
page readonly
 clean
1B5C0840000
unkown image
page readonly
 clean
7FF52738D000
unkown image
page readonly
 clean
2478FA3C000
unkown
page read and write
 clean
7FF5C1E49000
unkown image
page readonly
 clean
D15EDAE000
stack
page read and write
 clean
1B5C0371000
unkown
page read and write
 clean
7FF53A321000
unkown image
page readonly
 clean
1B323B87000
unkown
page read and write
 clean
A6EF37E000
stack
page read and write
 clean
7FF4FD00B000
unkown image
page readonly
 clean
1B323255000
unkown
page read and write
 clean
1F5FA0C5000
heap private
page read and write
 clean
7DF5484A0000
unkown image
page readonly
 clean
7FF526F67000
unkown image
page readonly
 clean
1B5C01B0000
unkown image
page readonly
 clean
31091FB000
stack
page read and write
 clean
7FF58C8A1000
unkown image
page readonly
 clean
497C47F000
stack
page read and write
 clean
7FF5272EC000
unkown image
page readonly
 clean
7FF539FC8000
unkown image
page readonly
 clean
7FF571AAC000
unkown image
page readonly
 clean
1B323BBA000
unkown
page read and write
 clean
7FF53A7BD000
unkown image
page readonly
 clean
1B323B99000
unkown
page read and write
 clean
7FF53A78B000
unkown image
page readonly
 clean
7DF57F8A0000
unkown image
page readonly
 clean
7FF53A507000
unkown image
page readonly
 clean
7FF53A327000
unkown image
page readonly
 clean
2017A290000
heap private
page read and write
 clean
7DF4983E0000
unkown image
page readonly
 clean
176AB853000
unkown
page read and write
 clean
1F5F9DBF000
unkown
page read and write
 clean
There are 641 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://emiland.com/htmpx/unitedhealthcare.asp/
 malicious