Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\0085f9ca-bf9a-4159-8f55-6bfed66ededb.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\328aa511-2a90-4f9d-be11-f224f98e878e.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\72cf7953-3354-4cf1-a7c9-836eb893f86e.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\8449da15-6ece-44ec-8017-af69b2e4205b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\270ed276-90d5-43f6-ba2a-1cb9438db36f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A783-EBC.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A784-1914.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\5e0c24d3-f11e-4727-837f-9d7788a1f0b4.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\6f27319d-3ee5-4b2b-9e6d-9f4e035df5d5.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\72731a13-3483-4f06-bcca-03be6cad6d50.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\8ef20af6-1bd4-43c1-bcdd-7e5d07d7221e.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\93c06d2e-1542-4eaa-85b5-a352de53245f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\9452cfc6-52a0-495f-aab4-e5d9e01ce430.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF448dc.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\e01edf9b-c830-4476-b6f2-c879c2bb9e1c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\fb97a730-ef53-40ff-8d92-2128bd39897b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF4d84b.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF4a69c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8d83d591-004e-442e-a85c-a617d6d21c73.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b4e2e42d-b775-44de-8045-3aba351f1a2c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d340bdc6-7bde-48ac-9ae6-1b434f513c15.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\aba72e2a-1766-4a1a-955f-784f7e5e7810.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\bb719b8a-e01e-4b83-92a8-dd2a86a01aaa.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4394c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4395c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43dff.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43e1e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4653e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4a3ed.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ae9b7f30-b1fa-44d0-b92b-d65e7fd01ee8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\d05f31c2-76c1-4f38-bc69-79df9b86bf01.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\faa8ea85-54d5-46b3-9912-f857ab4b50dc.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2e198622-5f77-4ad2-a4e7-8be0226c87b3.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3b57f2a1-4afb-4974-a45f-657138574fb6.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\54464658-992c-4f00-abd9-c110d6d76e02.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6a56aa9a-7c0f-490b-85b4-f282d55ec683.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A79D-1EB0.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0305d237-9ff5-40f6-b85e-aea83e048fb9.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d2630a1-e339-4ef5-919f-f81120e7c0ab.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\312ab3e0-52e6-4095-afb6-3e45ea8daa18.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\36024a44-5542-48d9-a624-1c2416836eb6.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7cb0ef50-5186-445a-9a87-b3e314361797.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\891fd384-ac30-4f77-85ec-c2ec467db5bd.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF49d75.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF49db3.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7d8809f2-759d-46f0-83a9-c4c197d83485.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\96e1b99e-7de5-46af-8d05-14684c92da48.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF49f2a.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF49f0b.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cac076bd-616d-4c4c-aaa0-09ec827e9843.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ff06a2b0-3bfe-43d1-ade8-3138b6766371.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF49e7e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF49d46.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF49d46.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 8, database
pages 11, cookie 0x7, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old~RF49db3.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old~RF49db3.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47cdd.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47db8.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47e83.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49da4.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49e6f.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49e7e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c4ecdd67-ed4f-46c6-9dbb-cae9821e30e2.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d3488423-2916-4928-8602-f550f2875b44.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\NLEF764PDUOVOVP2J6GO.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UOHGJQYTOHJE0HE2RKO3.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Windows\Tasks\explorti.job
|
data
|
dropped
|
There are 291 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
"C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe"
|
||
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
||
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
||
C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe
|
"C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe"
|
||
C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe
|
"C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe"
|
||
C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe
|
"C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe"
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2116,i,16112167788991068290,14803182423369865752,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7020 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=4828 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9573157328777106886,9819326916295841096,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=1816 --field-trial-handle=2536,i,9573157328777106886,9819326916295841096,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2124,i,10162133090582848946,17402805719632758939,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3596 --field-trial-handle=2124,i,10162133090582848946,17402805719632758939,262144
/prefetch:8
|
There are 9 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://185.215.113.100/e2b1563c6670f193.phpl
|
unknown
|
||
http://185.215.113.100/e2b1563c6670f193.php/E
|
unknown
|
||
http://185.215.113.100/e2b1563c6670f193.phpX
|
unknown
|
||
http://185.215.113.100/
|
185.215.113.100
|
||
http://185.215.113.100/e2b1563c6670f193.phpa
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.php
|
185.215.113.19
|
||
http://185.215.113.100/e2b1563c6670f193.php
|
185.215.113.100
|
||
http://185.215.113.100/ata
|
unknown
|
||
http://185.215.113.100
|
unknown
|
||
http://185.215.113.100/e2b1563c6670f193.phpT
|
unknown
|
||
http://185.215.113.100/e2b1563c6670f193.php8
|
unknown
|
||
http://185.215.113.100Y
|
unknown
|
||
http://185.215.113.100/S
|
unknown
|
||
http://185.215.113.100/e2b1563c6670f193.php/
|
unknown
|
||
http://185.215.113.19/
|
unknown
|
||
185.215.113.100/e2b1563c6670f193.php
|
|||
http://185.215.113.100/e2b1563c6670f193.phpx
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpO
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://msn.com
|
unknown
|
||
http://185.215.113.16/steam/random.exe6522nGfO
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpU
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpAppData
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.php?
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpD
|
unknown
|
||
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phptch
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpo
|
unknown
|
||
http://185.215.113.19/ta
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpsr
|
unknown
|
||
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpb
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpc
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpgM
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phph
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpi
|
unknown
|
||
https://myaccount.google.com/signinoptions/passwordC:
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpm
|
unknown
|
||
https://www.office.com/
|
unknown
|
||
http://185.215.113.16/well/random.exe
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpAppDataBt
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phpata
|
unknown
|
||
http://185.215.113.16/well/random.exe.
|
unknown
|
||
http://185.215.113.16/steam/random.exe
|
185.215.113.16
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
https://www.office.com/Office
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.phphM
|
unknown
|
||
http://185.215.113.19/G
|
unknown
|
||
https://www.google.com/favicon.ico
|
142.251.41.4
|
||
http://185.215.113.19/Vi9leo/index.php0
|
unknown
|
||
http://185.215.113.16/steam/random.exesG
|
unknown
|
||
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
unknown
|
||
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
http://185.215.113.19/Vi9leo/index.php053001
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.php=
|
unknown
|
||
http://185.215.113.19/Vi9leo/index.php000
|
unknown
|
There are 48 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
bzib.nelreports.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
185.215.113.100
|
unknown
|
Portugal
|
||
185.215.113.19
|
unknown
|
Portugal
|
||
192.168.2.5
|
unknown
|
unknown
|
||
142.250.80.46
|
unknown
|
United States
|
||
185.215.113.16
|
unknown
|
Portugal
|
||
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
172.64.41.3
|
unknown
|
United States
|
||
142.251.41.4
|
unknown
|
United States
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_8b2c99fb8fe6c942191cb0c60151919b
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_E81D8DD3EACFA71E827377A4597DF902
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 69 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
16EE000
|
heap
|
page read and write
|
||
4A10000
|
direct allocation
|
page read and write
|
||
8C1000
|
unkown
|
page execute and read and write
|
||
821000
|
unkown
|
page execute and read and write
|
||
8C1000
|
unkown
|
page execute and read and write
|
||
48A0000
|
direct allocation
|
page read and write
|
||
5030000
|
direct allocation
|
page read and write
|
||
A3E000
|
heap
|
page read and write
|
||
8C1000
|
unkown
|
page execute and read and write
|
||
4AF0000
|
direct allocation
|
page read and write
|
||
4BE0000
|
direct allocation
|
page execute and read and write
|
||
1634000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
BC3000
|
unkown
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
1319000
|
heap
|
page read and write
|
||
124E000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
469E000
|
stack
|
page read and write
|
||
12FD000
|
heap
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
369E000
|
stack
|
page read and write
|
||
4B70000
|
direct allocation
|
page execute and read and write
|
||
417F000
|
stack
|
page read and write
|
||
58C000
|
stack
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
409F000
|
stack
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
8D6E000
|
stack
|
page read and write
|
||
4BC0000
|
direct allocation
|
page execute and read and write
|
||
3A9E000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
58A0000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
29EE000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
345F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
820000
|
unkown
|
page read and write
|
||
9221000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
38EE000
|
stack
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
E10000
|
heap
|
page read and write
|
||
D81000
|
unkown
|
page execute and write copy
|
||
922000
|
unkown
|
page execute and read and write
|
||
12E1000
|
heap
|
page read and write
|
||
2DFE000
|
stack
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
12E1000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
142F000
|
stack
|
page read and write
|
||
105A000
|
stack
|
page read and write
|
||
1D46E000
|
stack
|
page read and write
|
||
8C1000
|
unkown
|
page execute and write copy
|
||
3E4000
|
heap
|
page read and write
|
||
1122000
|
unkown
|
page execute and write copy
|
||
ABF000
|
heap
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
451F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
362F000
|
stack
|
page read and write
|
||
3BDE000
|
stack
|
page read and write
|
||
12BC000
|
heap
|
page read and write
|
||
287F000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1305000
|
heap
|
page read and write
|
||
BF0000
|
unkown
|
page readonly
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
305E000
|
stack
|
page read and write
|
||
F6D000
|
unkown
|
page execute and read and write
|
||
8B0000
|
heap
|
page read and write
|
||
3DAF000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
5020000
|
direct allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
8A0000
|
heap
|
page read and write
|
||
67EF000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3CDE000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
3E5E000
|
stack
|
page read and write
|
||
700000
|
heap
|
page read and write
|
||
34EF000
|
stack
|
page read and write
|
||
8E6E000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4EB0000
|
direct allocation
|
page read and write
|
||
79A0000
|
heap
|
page read and write
|
||
455E000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
BDB000
|
unkown
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
445F000
|
stack
|
page read and write
|
||
4A80000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
AB3000
|
heap
|
page read and write
|
||
144E000
|
stack
|
page read and write
|
||
8C0000
|
unkown
|
page read and write
|
||
9FE000
|
stack
|
page read and write
|
||
8BE000
|
stack
|
page read and write
|
||
682E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
AAC000
|
unkown
|
page write copy
|
||
929000
|
unkown
|
page write copy
|
||
3EEF000
|
stack
|
page read and write
|
||
660000
|
heap
|
page read and write
|
||
3774000
|
heap
|
page read and write
|
||
1733000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
38DE000
|
stack
|
page read and write
|
||
980000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
4B2E000
|
stack
|
page read and write
|
||
13C000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
147E000
|
stack
|
page read and write
|
||
1121000
|
unkown
|
page execute and read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
51D0000
|
direct allocation
|
page execute and read and write
|
||
5180000
|
direct allocation
|
page execute and read and write
|
||
BDC000
|
unkown
|
page execute and write copy
|
||
144F000
|
stack
|
page read and write
|
||
4F9F000
|
stack
|
page read and write
|
||
3D9F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
365E000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
734000
|
heap
|
page read and write
|
||
CE0000
|
unkown
|
page execute and read and write
|
||
66EE000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
15E0000
|
heap
|
page read and write
|
||
546E000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
48EF000
|
stack
|
page read and write
|
||
27F7000
|
heap
|
page read and write
|
||
41DF000
|
stack
|
page read and write
|
||
1D32D000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
3F0000
|
heap
|
page read and write
|
||
3CAE000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
3F3E000
|
stack
|
page read and write
|
||
452F000
|
stack
|
page read and write
|
||
466F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
4901000
|
direct allocation
|
page read and write
|
||
4B80000
|
direct allocation
|
page execute and read and write
|
||
3B7F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
130D000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2B5E000
|
stack
|
page read and write
|
||
4C2F000
|
stack
|
page read and write
|
||
2C9E000
|
stack
|
page read and write
|
||
316E000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
E8F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
32AE000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
311F000
|
stack
|
page read and write
|
||
9236000
|
heap
|
page read and write
|
||
4401000
|
heap
|
page read and write
|
||
1292000
|
heap
|
page read and write
|
||
375F000
|
stack
|
page read and write
|
||
B96000
|
unkown
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
499E000
|
stack
|
page read and write
|
||
4A50000
|
direct allocation
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
419E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
7990000
|
heap
|
page read and write
|
||
16D0000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
109A000
|
unkown
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3B9F000
|
stack
|
page read and write
|
||
5210000
|
direct allocation
|
page execute and read and write
|
||
5091000
|
direct allocation
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
3B2F000
|
stack
|
page read and write
|
||
315F000
|
stack
|
page read and write
|
||
41AE000
|
stack
|
page read and write
|
||
2AFF000
|
stack
|
page read and write
|
||
39DF000
|
stack
|
page read and write
|
||
1DB64000
|
heap
|
page read and write
|
||
678000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
335F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2B1F000
|
stack
|
page read and write
|
||
389F000
|
stack
|
page read and write
|
||
5010000
|
direct allocation
|
page execute and read and write
|
||
4C80000
|
direct allocation
|
page execute and read and write
|
||
3DBF000
|
stack
|
page read and write
|
||
2D9F000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
1312000
|
heap
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
650000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
38AF000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1630000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
B3B000
|
unkown
|
page execute and read and write
|
||
4B60000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
A3A000
|
heap
|
page read and write
|
||
ABD000
|
heap
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
4A9F000
|
stack
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
1319000
|
heap
|
page read and write
|
||
3DEE000
|
stack
|
page read and write
|
||
4AB0000
|
trusted library allocation
|
page read and write
|
||
3A1F000
|
stack
|
page read and write
|
||
1DA5E000
|
stack
|
page read and write
|
||
2D7F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
55BE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
39EF000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
37BE000
|
stack
|
page read and write
|
||
2C6E000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
5020000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
929000
|
unkown
|
page read and write
|
||
376F000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
BDB000
|
unkown
|
page execute and write copy
|
||
4A30000
|
direct allocation
|
page execute and read and write
|
||
1634000
|
heap
|
page read and write
|
||
16F2000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
33FE000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
BC3000
|
unkown
|
page execute and read and write
|
||
3E4000
|
heap
|
page read and write
|
||
43DF000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
40DE000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
F8F000
|
stack
|
page read and write
|
||
132A000
|
heap
|
page read and write
|
||
4AA0000
|
direct allocation
|
page execute and read and write
|
||
11E5000
|
heap
|
page read and write
|
||
10D3000
|
unkown
|
page execute and write copy
|
||
353E000
|
stack
|
page read and write
|
||
4CD0000
|
direct allocation
|
page execute and read and write
|
||
1D3AF000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
329F000
|
stack
|
page read and write
|
||
A0F000
|
unkown
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
BC3000
|
unkown
|
page execute and read and write
|
||
3C6F000
|
stack
|
page read and write
|
||
4A4C000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3EEF000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
33DE000
|
stack
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
4A71000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
B23000
|
unkown
|
page execute and read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
1D8BE000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
351F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
2EBF000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
1D0DE000
|
stack
|
page read and write
|
||
1288000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
419F000
|
stack
|
page read and write
|
||
42DF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
AF6000
|
unkown
|
page execute and read and write
|
||
2B2E000
|
stack
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
4A40000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4CB0000
|
direct allocation
|
page execute and read and write
|
||
5430000
|
direct allocation
|
page read and write
|
||
376F000
|
stack
|
page read and write
|
||
1297000
|
heap
|
page read and write
|
||
303E000
|
stack
|
page read and write
|
||
5E0000
|
heap
|
page read and write
|
||
4B60000
|
heap
|
page read and write
|
||
29AF000
|
stack
|
page read and write
|
||
14FE000
|
stack
|
page read and write
|
||
4840000
|
trusted library allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
43EF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
12A3000
|
heap
|
page read and write
|
||
3B6E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
2AC000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2DAE000
|
stack
|
page read and write
|
||
459F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
79A0000
|
heap
|
page read and write
|
||
4E5F000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
6930000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
5580000
|
direct allocation
|
page execute and read and write
|
||
4E7F000
|
stack
|
page read and write
|
||
51E0000
|
direct allocation
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
39FF000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
12FD000
|
heap
|
page read and write
|
||
92B000
|
unkown
|
page execute and read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
1CE4E000
|
stack
|
page read and write
|
||
12FE000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
6E7000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
12FD000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
174F000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
12E1000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
2C2F000
|
stack
|
page read and write
|
||
1D36D000
|
stack
|
page read and write
|
||
50FE000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
442E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
16F4000
|
heap
|
page read and write
|
||
2900000
|
heap
|
page read and write
|
||
B33000
|
unkown
|
page execute and read and write
|
||
327F000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
301F000
|
stack
|
page read and write
|
||
BDB000
|
unkown
|
page execute and write copy
|
||
27F0000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4A00000
|
direct allocation
|
page execute and read and write
|
||
3DDF000
|
stack
|
page read and write
|
||
42AF000
|
stack
|
page read and write
|
||
BCB000
|
unkown
|
page execute and read and write
|
||
402F000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4BB0000
|
heap
|
page read and write
|
||
6425000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
5200000
|
direct allocation
|
page execute and read and write
|
||
3D1E000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1D3ED000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
85F000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4C60000
|
direct allocation
|
page execute and read and write
|
||
F83000
|
unkown
|
page execute and write copy
|
||
AB4000
|
unkown
|
page readonly
|
||
8C0000
|
unkown
|
page read and write
|
||
34FF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
317E000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
A7C000
|
unkown
|
page readonly
|
||
48DF000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
E00000
|
direct allocation
|
page read and write
|
||
C8F000
|
unkown
|
page execute and read and write
|
||
3CBE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
C83000
|
unkown
|
page execute and read and write
|
||
AA2000
|
unkown
|
page readonly
|
||
4560000
|
direct allocation
|
page read and write
|
||
AB0000
|
unkown
|
page write copy
|
||
7C4000
|
heap
|
page read and write
|
||
E00000
|
direct allocation
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
45DE000
|
stack
|
page read and write
|
||
12BA000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
BDB000
|
unkown
|
page execute and read and write
|
||
92B000
|
unkown
|
page execute and read and write
|
||
B96000
|
unkown
|
page execute and read and write
|
||
435E000
|
stack
|
page read and write
|
||
AA1000
|
unkown
|
page execute and write copy
|
||
56BE000
|
stack
|
page read and write
|
||
38EE000
|
stack
|
page read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
351E000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
465F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
55B0000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
18DF000
|
stack
|
page read and write
|
||
556F000
|
stack
|
page read and write
|
||
CCC000
|
unkown
|
page execute and read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
3B2F000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
1DB60000
|
heap
|
page read and write
|
||
2B3E000
|
stack
|
page read and write
|
||
12A1000
|
heap
|
page read and write
|
||
3C6F000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
391E000
|
stack
|
page read and write
|
||
9E0000
|
unkown
|
page readonly
|
||
2EEE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
87E000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
55C0000
|
direct allocation
|
page execute and read and write
|
||
301F000
|
stack
|
page read and write
|
||
BCB000
|
unkown
|
page execute and read and write
|
||
2C7E000
|
stack
|
page read and write
|
||
6F7000
|
heap
|
page read and write
|
||
12C2000
|
heap
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
403F000
|
stack
|
page read and write
|
||
4C90000
|
direct allocation
|
page execute and read and write
|
||
1634000
|
heap
|
page read and write
|
||
E8F000
|
stack
|
page read and write
|
||
442E000
|
stack
|
page read and write
|
||
2F1E000
|
stack
|
page read and write
|
||
1745000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4FEF000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
5430000
|
direct allocation
|
page read and write
|
||
4D7E000
|
stack
|
page read and write
|
||
4A40000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
53BD000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4C10000
|
direct allocation
|
page execute and read and write
|
||
95E000
|
stack
|
page read and write
|
||
37AE000
|
stack
|
page read and write
|
||
416E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
3E1E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2FEF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
2EFE000
|
stack
|
page read and write
|
||
16BE000
|
stack
|
page read and write
|
||
1272000
|
unkown
|
page execute and write copy
|
||
4EEC000
|
stack
|
page read and write
|
||
B96000
|
unkown
|
page execute and read and write
|
||
33DF000
|
stack
|
page read and write
|
||
929000
|
unkown
|
page read and write
|
||
365F000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4A00000
|
direct allocation
|
page read and write
|
||
16EA000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
31BE000
|
stack
|
page read and write
|
||
D7B000
|
stack
|
page read and write
|
||
319E000
|
stack
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B9C000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
34EF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
1CD0E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4C50000
|
direct allocation
|
page execute and read and write
|
||
323E000
|
stack
|
page read and write
|
||
4A70000
|
direct allocation
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
CB4000
|
unkown
|
page execute and read and write
|
||
5240000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
670000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
1CF4F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
89E000
|
stack
|
page read and write
|
||
2910000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
363F000
|
stack
|
page read and write
|
||
4D00000
|
direct allocation
|
page execute and read and write
|
||
157E000
|
stack
|
page read and write
|
||
921C000
|
stack
|
page read and write
|
||
12A3000
|
heap
|
page read and write
|
||
341E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
B64000
|
unkown
|
page execute and read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
2FFF000
|
stack
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
16E0000
|
heap
|
page read and write
|
||
4A45000
|
heap
|
page read and write
|
||
4FA7000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
516F000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
41AE000
|
stack
|
page read and write
|
||
42DE000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
42EE000
|
stack
|
page read and write
|
||
5020000
|
direct allocation
|
page execute and read and write
|
||
130D000
|
heap
|
page read and write
|
||
889000
|
unkown
|
page write copy
|
||
2DDE000
|
stack
|
page read and write
|
||
49DF000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
DCE000
|
stack
|
page read and write
|
||
D81000
|
unkown
|
page execute and write copy
|
||
47AF000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3DAF000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4A60000
|
direct allocation
|
page execute and read and write
|
||
4D10000
|
direct allocation
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
8C0000
|
unkown
|
page readonly
|
||
1620000
|
heap
|
page read and write
|
||
352E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
1D52E000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
3B5E000
|
stack
|
page read and write
|
||
3E0000
|
heap
|
page read and write
|
||
4BA0000
|
direct allocation
|
page execute and read and write
|
||
366E000
|
stack
|
page read and write
|
||
1D1DF000
|
stack
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
405F000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
1510000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
128E000
|
heap
|
page read and write
|
||
5000000
|
direct allocation
|
page execute and read and write
|
||
AA1000
|
unkown
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
E1A000
|
heap
|
page read and write
|
||
3B7E000
|
stack
|
page read and write
|
||
2E10000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
1D9FE000
|
stack
|
page read and write
|
||
7C0000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3DFE000
|
stack
|
page read and write
|
||
8C1000
|
unkown
|
page execute and write copy
|
||
4B91000
|
heap
|
page read and write
|
||
5010000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3AD000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
12C1000
|
heap
|
page read and write
|
||
9E1000
|
unkown
|
page execute read
|
||
2CEF000
|
stack
|
page read and write
|
||
3F5E000
|
stack
|
page read and write
|
||
4BA4000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
2EDF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
10BD000
|
unkown
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
176C000
|
heap
|
page read and write
|
||
BF1000
|
unkown
|
page execute and read and write
|
||
1634000
|
heap
|
page read and write
|
||
11BC000
|
stack
|
page read and write
|
||
4401000
|
heap
|
page read and write
|
||
5220000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
431E000
|
stack
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3A1E000
|
stack
|
page read and write
|
||
DF0000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
32BE000
|
stack
|
page read and write
|
||
3250000
|
heap
|
page read and write
|
||
1D4EF000
|
stack
|
page read and write
|
||
12FD000
|
heap
|
page read and write
|
||
997000
|
heap
|
page read and write
|
||
65AE000
|
stack
|
page read and write
|
||
401F000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
BF0000
|
unkown
|
page read and write
|
||
3A5E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2EAF000
|
stack
|
page read and write
|
||
4A48000
|
heap
|
page read and write
|
||
3C9E000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
6F7F000
|
stack
|
page read and write
|
||
362F000
|
stack
|
page read and write
|
||
12BF000
|
heap
|
page read and write
|
||
33AF000
|
stack
|
page read and write
|
||
38BF000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
929000
|
unkown
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
1271000
|
unkown
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
421E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
506E000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4BF0000
|
direct allocation
|
page execute and read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
34DF000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3A5F000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
B2B000
|
unkown
|
page execute and read and write
|
||
7C4000
|
heap
|
page read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
3DDE000
|
stack
|
page read and write
|
||
8C0000
|
unkown
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
821000
|
unkown
|
page execute and write copy
|
||
9220000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
37DE000
|
stack
|
page read and write
|
||
BCB000
|
unkown
|
page execute and read and write
|
||
16A0000
|
heap
|
page read and write
|
||
449E000
|
stack
|
page read and write
|
||
A30000
|
heap
|
page read and write
|
||
CE1000
|
unkown
|
page execute and write copy
|
||
3A3E000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
4CA0000
|
direct allocation
|
page execute and read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
AA0000
|
unkown
|
page readonly
|
||
16F2000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
42FE000
|
stack
|
page read and write
|
||
5030000
|
direct allocation
|
page execute and read and write
|
||
28FE000
|
stack
|
page read and write
|
||
516E000
|
stack
|
page read and write
|
||
A10000
|
direct allocation
|
page read and write
|
||
49B0000
|
heap
|
page read and write
|
||
B3C000
|
unkown
|
page execute and write copy
|
||
1A4000
|
heap
|
page read and write
|
||
3F2E000
|
stack
|
page read and write
|
||
4890000
|
direct allocation
|
page read and write
|
||
4EBE000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
51A0000
|
direct allocation
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2D6F000
|
stack
|
page read and write
|
||
2E00000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
A7C000
|
unkown
|
page readonly
|
||
3E4000
|
heap
|
page read and write
|
||
1762000
|
heap
|
page read and write
|
||
53B0000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
3B6E000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4C30000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
302E000
|
stack
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
1296000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
76E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
A80000
|
heap
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
100F000
|
stack
|
page read and write
|
||
1312000
|
heap
|
page read and write
|
||
14F5000
|
stack
|
page read and write
|
||
4A2F000
|
stack
|
page read and write
|
||
4FC0000
|
heap
|
page read and write
|
||
12E1000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
10FA000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4BA0000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
AA2000
|
unkown
|
page readonly
|
||
4B91000
|
heap
|
page read and write
|
||
799E000
|
heap
|
page read and write
|
||
3B5F000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
441F000
|
stack
|
page read and write
|
||
47EE000
|
stack
|
page read and write
|
||
E1C000
|
unkown
|
page execute and read and write
|
||
291B000
|
heap
|
page read and write
|
||
33AF000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3CAE000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
36DE000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
AAF000
|
unkown
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
3A2E000
|
stack
|
page read and write
|
||
1CE0F000
|
stack
|
page read and write
|
||
929000
|
unkown
|
page write copy
|
||
361F000
|
stack
|
page read and write
|
||
352E000
|
stack
|
page read and write
|
||
27AE000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
3B3F000
|
stack
|
page read and write
|
||
F76000
|
unkown
|
page execute and read and write
|
||
1D7BD000
|
stack
|
page read and write
|
||
3E1F000
|
stack
|
page read and write
|
||
4890000
|
direct allocation
|
page read and write
|
||
2A1F000
|
stack
|
page read and write
|
||
12C1000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
2E1E000
|
heap
|
page read and write
|
||
4AB0000
|
direct allocation
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
92B000
|
unkown
|
page execute and read and write
|
||
BDC000
|
unkown
|
page execute and write copy
|
||
3E4000
|
heap
|
page read and write
|
||
51F0000
|
direct allocation
|
page execute and read and write
|
||
3F1E000
|
stack
|
page read and write
|
||
6420000
|
heap
|
page read and write
|
||
BDC000
|
unkown
|
page execute and write copy
|
||
929000
|
unkown
|
page write copy
|
||
4D1F000
|
stack
|
page read and write
|
||
4D3B000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
1240000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
379F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
7BE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
AAF000
|
unkown
|
page execute and read and write
|
||
4FD000
|
stack
|
page read and write
|
||
D81000
|
unkown
|
page execute and write copy
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9E0000
|
unkown
|
page readonly
|
||
441E000
|
stack
|
page read and write
|
||
495F000
|
stack
|
page read and write
|
||
3F9E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
48DE000
|
stack
|
page read and write
|
||
33EE000
|
stack
|
page read and write
|
||
359E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
A84000
|
heap
|
page read and write
|
||
4A00000
|
direct allocation
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3CDF000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3C5F000
|
stack
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
DE0000
|
heap
|
page read and write
|
||
4BDF000
|
stack
|
page read and write
|
||
7000000
|
trusted library allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
276E000
|
stack
|
page read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4400000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
456E000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
431F000
|
stack
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
406E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
491E000
|
stack
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
167E000
|
stack
|
page read and write
|
||
D7F000
|
unkown
|
page execute and read and write
|
||
49F0000
|
direct allocation
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
42BF000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
5430000
|
direct allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
405E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
123E000
|
stack
|
page read and write
|
||
38C000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4CE0000
|
direct allocation
|
page execute and read and write
|
||
FBE000
|
unkown
|
page execute and read and write
|
||
33EE000
|
stack
|
page read and write
|
||
51C0000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
8C1000
|
unkown
|
page execute and write copy
|
||
4571000
|
heap
|
page read and write
|
||
1DB5C000
|
stack
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
990000
|
heap
|
page read and write
|
||
429F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
B6E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
922000
|
unkown
|
page execute and read and write
|
||
38FE000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4A10000
|
direct allocation
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1D8FE000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
820000
|
unkown
|
page readonly
|
||
55D0000
|
direct allocation
|
page execute and read and write
|
||
D7F000
|
unkown
|
page execute and read and write
|
||
3E4000
|
heap
|
page read and write
|
||
41DE000
|
stack
|
page read and write
|
||
3C7F000
|
stack
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
1A4000
|
heap
|
page read and write
|
||
1D62F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
7991000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4A5E000
|
stack
|
page read and write
|
||
4C20000
|
direct allocation
|
page execute and read and write
|
||
88B000
|
unkown
|
page execute and read and write
|
||
416F000
|
stack
|
page read and write
|
||
1300000
|
heap
|
page read and write
|
||
312F000
|
stack
|
page read and write
|
||
8F5000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
BEE000
|
stack
|
page read and write
|
||
329E000
|
stack
|
page read and write
|
||
4FD0000
|
trusted library allocation
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
38AF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
7809000
|
heap
|
page read and write
|
||
355F000
|
stack
|
page read and write
|
||
492E000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
481F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
1A0000
|
heap
|
page read and write
|
||
12C7000
|
heap
|
page read and write
|
||
456E000
|
stack
|
page read and write
|
||
15CE000
|
stack
|
page read and write
|
||
42EE000
|
stack
|
page read and write
|
||
479F000
|
stack
|
page read and write
|
||
2AEF000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4A1F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
E00000
|
direct allocation
|
page read and write
|
||
124A000
|
heap
|
page read and write
|
||
28BB000
|
stack
|
page read and write
|
||
AA0000
|
unkown
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
47DE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
291D000
|
heap
|
page read and write
|
||
911C000
|
stack
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
130F000
|
heap
|
page read and write
|
||
1D08F000
|
stack
|
page read and write
|
||
3B1F000
|
stack
|
page read and write
|
||
4CF0000
|
direct allocation
|
page execute and read and write
|
||
E6E000
|
unkown
|
page execute and read and write
|
||
4571000
|
heap
|
page read and write
|
||
130D000
|
heap
|
page read and write
|
||
A20000
|
direct allocation
|
page execute and read and write
|
||
166E000
|
stack
|
page read and write
|
||
312F000
|
stack
|
page read and write
|
||
BDB000
|
unkown
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
12FD000
|
heap
|
page read and write
|
||
4A90000
|
direct allocation
|
page execute and read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
43FF000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
882000
|
unkown
|
page execute and read and write
|
||
8C0000
|
unkown
|
page readonly
|
||
B3F000
|
unkown
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
46AE000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
5230000
|
direct allocation
|
page execute and read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
99B000
|
heap
|
page read and write
|
||
6CD000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1EBF000
|
stack
|
page read and write
|
||
16C0000
|
heap
|
page read and write
|
||
4A30000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1319000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4BB0000
|
direct allocation
|
page execute and read and write
|
||
4AC0000
|
direct allocation
|
page execute and read and write
|
||
3DEE000
|
stack
|
page read and write
|
||
1D22D000
|
stack
|
page read and write
|
||
52BD000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
3EFF000
|
stack
|
page read and write
|
||
4C1E000
|
stack
|
page read and write
|
||
620000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4FBF000
|
stack
|
page read and write
|
||
1301000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4671000
|
heap
|
page read and write
|
||
6426000
|
heap
|
page read and write
|
||
9A0000
|
direct allocation
|
page read and write
|
||
4401000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
141F000
|
stack
|
page read and write
|
||
4A50000
|
heap
|
page read and write
|
||
277E000
|
stack
|
page read and write
|
||
60E000
|
stack
|
page read and write
|
||
10D3000
|
unkown
|
page execute and read and write
|
||
11E0000
|
heap
|
page read and write
|
||
326F000
|
stack
|
page read and write
|
||
325F000
|
stack
|
page read and write
|
||
33BF000
|
stack
|
page read and write
|
||
4671000
|
heap
|
page read and write
|
||
5580000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
2E17000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
1328000
|
heap
|
page read and write
|
||
4A20000
|
direct allocation
|
page execute and read and write
|
||
12E1000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
1294000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
445E000
|
stack
|
page read and write
|
||
2FEF000
|
stack
|
page read and write
|
||
55A0000
|
direct allocation
|
page execute and read and write
|
||
E30000
|
unkown
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
1306000
|
heap
|
page read and write
|
||
377F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
452F000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
922000
|
unkown
|
page execute and read and write
|
||
3C9E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
381E000
|
stack
|
page read and write
|
||
143F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
15F0000
|
heap
|
page read and write
|
||
1D76F000
|
stack
|
page read and write
|
||
2D7E000
|
stack
|
page read and write
|
||
2917000
|
heap
|
page read and write
|
||
28FF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
3F2E000
|
stack
|
page read and write
|
||
317F000
|
stack
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
6B7000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4A00000
|
direct allocation
|
page read and write
|
||
64E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
53E0000
|
trusted library allocation
|
page read and write
|
||
6E7E000
|
stack
|
page read and write
|
||
4B4F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
D7F000
|
unkown
|
page execute and read and write
|
||
1D66E000
|
stack
|
page read and write
|
||
55B0000
|
direct allocation
|
page execute and read and write
|
||
5020000
|
direct allocation
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
485E000
|
stack
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
14B0000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4B90000
|
heap
|
page read and write
|
||
3F1F000
|
stack
|
page read and write
|
||
4CC0000
|
direct allocation
|
page execute and read and write
|
||
4E9E000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4C40000
|
direct allocation
|
page execute and read and write
|
||
471E000
|
stack
|
page read and write
|
||
BAB000
|
stack
|
page read and write
|
||
130D000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
272F000
|
stack
|
page read and write
|
||
3F5F000
|
stack
|
page read and write
|
||
37AE000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
313F000
|
stack
|
page read and write
|
||
DE0000
|
heap
|
page read and write
|
||
339F000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
8EAB000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4C00000
|
direct allocation
|
page execute and read and write
|
||
67C000
|
heap
|
page read and write
|
||
692F000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
8FAC000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
1CF8E000
|
stack
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
28AF000
|
stack
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
143B000
|
stack
|
page read and write
|
||
4E70000
|
trusted library allocation
|
page read and write
|
||
AB4000
|
unkown
|
page readonly
|
||
172F000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
66AF000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
366E000
|
stack
|
page read and write
|
||
9E1000
|
unkown
|
page execute read
|
||
2DEF000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
F83000
|
unkown
|
page execute and read and write
|
||
4B91000
|
heap
|
page read and write
|
||
407E000
|
stack
|
page read and write
|
||
4B5F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4BD0000
|
direct allocation
|
page execute and read and write
|
||
4FF0000
|
heap
|
page read and write
|
||
53B4000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
409E000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
41BE000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
32DE000
|
stack
|
page read and write
|
||
1E0000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
4FB0000
|
heap
|
page read and write
|
||
2F1F000
|
stack
|
page read and write
|
||
2C3F000
|
stack
|
page read and write
|
||
1328000
|
heap
|
page read and write
|
||
3B9E000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
15D0000
|
heap
|
page read and write
|
||
316E000
|
stack
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
39EF000
|
stack
|
page read and write
|
||
54FC000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4582000
|
heap
|
page read and write
|
||
AAC000
|
unkown
|
page read and write
|
||
43EF000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
A10000
|
direct allocation
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
31FB000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
8C0000
|
unkown
|
page readonly
|
||
3E4000
|
heap
|
page read and write
|
||
37DF000
|
stack
|
page read and write
|
||
AAF000
|
unkown
|
page execute and read and write
|
||
367E000
|
stack
|
page read and write
|
||
6E7000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4570000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
355E000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
7800000
|
heap
|
page read and write
|
||
130A000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4560000
|
direct allocation
|
page read and write
|
||
4B90000
|
direct allocation
|
page execute and read and write
|
||
16F0000
|
heap
|
page read and write
|
||
A96000
|
heap
|
page read and write
|
||
3EDF000
|
stack
|
page read and write
|
||
889000
|
unkown
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
32AE000
|
stack
|
page read and write
|
||
5F0000
|
heap
|
page read and write
|
||
302E000
|
stack
|
page read and write
|
||
16D8000
|
heap
|
page read and write
|
||
455F000
|
stack
|
page read and write
|
||
369F000
|
stack
|
page read and write
|
||
66B000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
402F000
|
stack
|
page read and write
|
||
38DF000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4C70000
|
direct allocation
|
page execute and read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
415F000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
8B0000
|
direct allocation
|
page read and write
|
||
4FFE000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
27EE000
|
stack
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
4B51000
|
direct allocation
|
page read and write
|
||
53FD000
|
stack
|
page read and write
|
||
1306000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
145F000
|
stack
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
46DF000
|
stack
|
page read and write
|
||
16C8000
|
heap
|
page read and write
|
||
4671000
|
heap
|
page read and write
|
||
CDF000
|
unkown
|
page execute and read and write
|
||
10C6000
|
unkown
|
page execute and read and write
|
||
315E000
|
stack
|
page read and write
|
||
4FA1000
|
heap
|
page read and write
|
||
51B0000
|
direct allocation
|
page execute and read and write
|
||
6CD000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
406E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
DD0000
|
direct allocation
|
page read and write
|
||
2EEF000
|
stack
|
page read and write
|
||
8FE000
|
stack
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
4D5E000
|
stack
|
page read and write
|
||
BF1000
|
unkown
|
page execute and write copy
|
||
4B91000
|
heap
|
page read and write
|
||
5190000
|
direct allocation
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
9B0000
|
heap
|
page read and write
|
||
1A4000
|
heap
|
page read and write
|
||
1D2AE000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
10D4000
|
unkown
|
page execute and write copy
|
||
29FF000
|
stack
|
page read and write
|
||
379E000
|
stack
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
2C5F000
|
stack
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
1B0000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
6A5000
|
heap
|
page read and write
|
||
4ADE000
|
stack
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
4670000
|
heap
|
page read and write
|
||
DE7000
|
heap
|
page read and write
|
||
3E4000
|
heap
|
page read and write
|
||
326F000
|
stack
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
526F000
|
stack
|
page read and write
|
||
391F000
|
stack
|
page read and write
|
||
42AF000
|
stack
|
page read and write
|
||
BDB000
|
unkown
|
page execute and write copy
|
||
4B91000
|
heap
|
page read and write
|
||
4890000
|
direct allocation
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
6FD000
|
stack
|
page read and write
|
||
3770000
|
heap
|
page read and write
|
||
6F7000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
E1E000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
1634000
|
heap
|
page read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4A31000
|
heap
|
page read and write
|
||
49B0000
|
trusted library allocation
|
page read and write
|
||
3257000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
395E000
|
stack
|
page read and write
|
||
4FA0000
|
heap
|
page read and write
|
||
F4A000
|
unkown
|
page execute and read and write
|
||
9B4000
|
heap
|
page read and write
|
||
4B80000
|
direct allocation
|
page read and write
|
||
F84000
|
unkown
|
page execute and write copy
|
||
4B91000
|
heap
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
4571000
|
heap
|
page read and write
|
||
3A2E000
|
stack
|
page read and write
|
||
466F000
|
stack
|
page read and write
|
||
3240000
|
direct allocation
|
page read and write
|
||
4B91000
|
heap
|
page read and write
|
||
B3B000
|
unkown
|
page execute and write copy
|
There are 1371 hidden memdumps, click here to show them.