Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
W4gFpExSht.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\.ms-ad\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\.curlrc.daenc
|
data
|
dropped
|
||
|
C:\Users\user\3D Objects\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\3D Objects\desktop.ini.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\.curlrc.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\ARM\Acrobat_23.006.20320\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\ARM\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\ARM\S\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\ARM\{291AA914-A987-4CE9-BD63-0C0A92D435E5}\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\CURRENT.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\data_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\data_1.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\data_2.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\data_3.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\Cache_Data\index.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Cache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4ca3cb58378aaa3f_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\72d9f526d2e2e7c8_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\78bff3512887b83d_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf8eae3dcaf681ca_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d5dedf551f4d1592_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\wasm\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\wasm\index-dir\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\wasm\index-dir\the-real-index.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\wasm\index.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\LOG.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\CURRENT.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\MANIFEST-000001.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\MANIFEST-000001.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Network\Cookies.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Network\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Network\Reporting and NEL.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\CURRENT.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\MANIFEST-000001.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\blob_storage\336a045b-df12-4067-9f71-93ee2edb038d\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cache\blob_storage\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\Cookie\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\Acrobat\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DC\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\AcroCef\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt23.lst.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt23.lst.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheAcro65536.dat.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache64.bin.daenc
|
DIY-Thermocam raw data (Lepton 2.x), scale 17454-12858, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration:
offset 0.000488, slope 60420025178353737768630222848.000000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Color\ACECache11.lst.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Color\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Color\Profiles\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\CEF\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\CEF\User Data\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\store.jfm.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\store.vol.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\Unistore\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\Unistore\data\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\D3DSCache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\DIPS.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Variations.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\IconCache.db.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\ngen.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\ngen.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Credentials\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Feeds Cache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Feeds\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\FontCache\4\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\FontCache\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\GameDVR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\History.IE5\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\Low\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\History\desktop.ini.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\af-ZA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-AE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-BH\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-DZ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-EG\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-IQ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-JO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-KW\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-LB\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-LY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-MA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-OM\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-QA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-SA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-SY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-TN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ar-YE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\bg-BG\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\bn-BD\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ca-ES\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\cs-CZ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\da-DK\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\de-AT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\de-CH\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\de-DE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\de-LI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\de-LU\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\el-GR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-029\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-AU\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-BZ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-CA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-GB\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-HK\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-ID\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-IE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-IN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-JM\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-MY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-NZ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-SG\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-TT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-ZA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\en-ZW\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-419\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-AR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-BO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-CL\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-CO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-CR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-DO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-EC\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-ES\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-GT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-HN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-MX\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-NI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-PA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-PE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-PR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-PY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-SV\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-US\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-UY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\es-VE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\et-EE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\eu-ES\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fa-IR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fi-FI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-029\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-BE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-CA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-CD\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-CH\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-CI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-CM\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-FR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-HT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-LU\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-MA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-MC\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-ML\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-RE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\fr-SN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\gl-ES\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\he-IL\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\hi-IN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\hr-BA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\hr-HR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\hu-HU\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\hy-AM\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\id-ID\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\it-CH\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\it-IT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ka-GE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\kk-KZ\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\lt-LT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\lv-LV\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\mk-MK\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ms-BN\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ms-MY\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\nb-NO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\nl-BE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\nl-NL\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\pl-PL\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\pt-BR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\pt-PT\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ro-MD\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ro-RO\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\ru-RU\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\sk-SK\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\sl-SI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\sq-AL\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\sv-FI\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\sv-SE\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\tr-TR\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\input\uk-UA\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.ses.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0353475199.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0615447233.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0666563528.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0887538035.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\0939541263.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1169381505.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1244065654.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1343496627.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1387277564.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1417002460.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1796052464.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2109793820.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2160417493.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2165547404.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2265332024.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2265465471.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2849925037.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2874006916.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3013890265.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3024948866.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3050907755.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3209467860.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3580751004.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3677062445.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3746535660.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3764832265.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3771420242.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\3901201620.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4054640694.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4144085054.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4458179343.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4683256203.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4728479984.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4941266003.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5060135932.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5367203117.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5622580005.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5713452101.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5795694722.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5859486270.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6092905029.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6422942404.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6483516391.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6516896632.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6880980688.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7011884383.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7046727858.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7155756679.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7244716724.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7245361316.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7454812183.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7606393495.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7838756049.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8134354090.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8138487229.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8300215382.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8416181845.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8416751812.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8492240360.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8784112376.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8878498721.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8886835349.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8995528179.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9106464316.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9275373402.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9281004682.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9369051781.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9607816641.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9655434068.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9713424497.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\9801086636.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AdobeARM.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\DxxAlien_ReadMe.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\user.bmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\chrome.exe.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\dbghelp.dll.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jones.bmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\jusched.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\offline.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\symsrv.dll.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp.bmp
|
PC bitmap, Windows 3.x format, 1920 x 1080 x 24, image size 6220800, cbSize 6220854, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp.bmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpE13E.tmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wct1834.tmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wct42C5.tmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wct4B1.tmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wctFE34.tmp.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wmsetup.log.daenc
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\time.dat
|
ASCII text, with no line terminators
|
modified
|
||
|
\Device\ConDrv
|
ASCII text, with very long lines (317), with CRLF line terminators
|
dropped
|
There are 365 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\W4gFpExSht.exe
|
"C:\Users\user\Desktop\W4gFpExSht.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://autodiscover.com/Autodiscover/Autodiscover.xml
|
unknown
|
||
|
https://autodiscover.sg/Autodiscover/Autodiscover.xml
|
unknown
|
||
|
https://autodiscover.com/autodiscover/autodiscover.xml
|
unknown
|
||
|
https://dc.services.visualstudio.com/v2/track
|
unknown
|
||
|
https://autodiscover.uk/autodiscover/autodiscover.xml
|
unknown
|
||
|
http://https://_bad_pdb_file.pdb
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/win81https://g.live.com/1rewlive5skydrive/win8https://g.live.co
|
unknown
|
||
|
https://g.live.com/odclientsettings/Enterprisehttps://g.live.com/odclientsettings/MsitFasthttps://g.
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1097000
|
unkown
|
page readonly
|
||
|
11BA000
|
unkown
|
page readonly
|
||
|
11C1000
|
unkown
|
page readonly
|
||
|
6BF000
|
unkown
|
page readonly
|
||
|
16B3000
|
unkown
|
page readonly
|
||
|
5EF000
|
unkown
|
page readonly
|
||
|
8FB000
|
unkown
|
page readonly
|
||
|
18E8000
|
heap
|
page read and write
|
||
|
11FF000
|
unkown
|
page readonly
|
||
|
1232000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9B9000
|
unkown
|
page readonly
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
9CA000
|
unkown
|
page readonly
|
||
|
3B49000
|
heap
|
page read and write
|
||
|
5F9000
|
unkown
|
page readonly
|
||
|
104B000
|
unkown
|
page readonly
|
||
|
935000
|
unkown
|
page readonly
|
||
|
1136000
|
unkown
|
page readonly
|
||
|
11A5000
|
unkown
|
page readonly
|
||
|
16FF000
|
unkown
|
page readonly
|
||
|
11ED000
|
unkown
|
page readonly
|
||
|
8FB000
|
unkown
|
page readonly
|
||
|
116E000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page readonly
|
||
|
190B000
|
heap
|
page read and write
|
||
|
99D000
|
unkown
|
page readonly
|
||
|
10F4000
|
unkown
|
page readonly
|
||
|
11E6000
|
unkown
|
page readonly
|
||
|
90C000
|
unkown
|
page readonly
|
||
|
10D1000
|
unkown
|
page readonly
|
||
|
919000
|
unkown
|
page readonly
|
||
|
11C1000
|
unkown
|
page readonly
|
||
|
90F000
|
unkown
|
page readonly
|
||
|
5E2000
|
unkown
|
page readonly
|
||
|
109A000
|
unkown
|
page readonly
|
||
|
5E2000
|
unkown
|
page readonly
|
||
|
16B3000
|
unkown
|
page readonly
|
||
|
1597000
|
unkown
|
page readonly
|
||
|
3C42000
|
stack
|
page read and write
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
11EA000
|
unkown
|
page readonly
|
||
|
8F7000
|
unkown
|
page readonly
|
||
|
11D5000
|
unkown
|
page readonly
|
||
|
156A000
|
unkown
|
page readonly
|
||
|
11CE000
|
unkown
|
page readonly
|
||
|
8F7000
|
unkown
|
page readonly
|
||
|
924000
|
unkown
|
page readonly
|
||
|
1226000
|
unkown
|
page readonly
|
||
|
EA8000
|
unkown
|
page readonly
|
||
|
11D8000
|
unkown
|
page readonly
|
||
|
120A000
|
unkown
|
page readonly
|
||
|
1189000
|
unkown
|
page readonly
|
||
|
1051000
|
unkown
|
page readonly
|
||
|
3C47000
|
stack
|
page read and write
|
||
|
182E000
|
unkown
|
page readonly
|
||
|
EA8000
|
unkown
|
page readonly
|
||
|
8F7000
|
unkown
|
page readonly
|
||
|
11F4000
|
unkown
|
page readonly
|
||
|
192A000
|
heap
|
page read and write
|
||
|
1921000
|
heap
|
page read and write
|
||
|
11CE000
|
unkown
|
page readonly
|
||
|
1091000
|
unkown
|
page readonly
|
||
|
98C000
|
unkown
|
page readonly
|
||
|
A21000
|
unkown
|
page readonly
|
||
|
9AB000
|
unkown
|
page readonly
|
||
|
685000
|
unkown
|
page readonly
|
||
|
1A00000
|
heap
|
page read and write
|
||
|
6BF000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
191D000
|
heap
|
page read and write
|
||
|
600000
|
unkown
|
page readonly
|
||
|
11E3000
|
unkown
|
page readonly
|
||
|
16FF000
|
unkown
|
page readonly
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
360C000
|
stack
|
page read and write
|
||
|
112F000
|
unkown
|
page readonly
|
||
|
1217000
|
unkown
|
page readonly
|
||
|
1217000
|
unkown
|
page readonly
|
||
|
1206000
|
unkown
|
page readonly
|
||
|
665000
|
unkown
|
page readonly
|
||
|
11E3000
|
unkown
|
page readonly
|
||
|
98C000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
9C7000
|
unkown
|
page readonly
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
119A000
|
unkown
|
page readonly
|
||
|
5F6000
|
unkown
|
page readonly
|
||
|
1128000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
11FF000
|
unkown
|
page readonly
|
||
|
16B7000
|
unkown
|
page readonly
|
||
|
122D000
|
unkown
|
page readonly
|
||
|
932000
|
unkown
|
page readonly
|
||
|
66B000
|
unkown
|
page readonly
|
||
|
93C000
|
unkown
|
page readonly
|
||
|
98C000
|
unkown
|
page readonly
|
||
|
11D5000
|
unkown
|
page readonly
|
||
|
11B7000
|
unkown
|
page readonly
|
||
|
16F8000
|
unkown
|
page readonly
|
||
|
10F4000
|
unkown
|
page readonly
|
||
|
370F000
|
stack
|
page read and write
|
||
|
18CE000
|
heap
|
page read and write
|
||
|
1247000
|
unkown
|
page readonly
|
||
|
6BB000
|
unkown
|
page readonly
|
||
|
9AB000
|
unkown
|
page readonly
|
||
|
7CB000
|
unkown
|
page readonly
|
||
|
9A4000
|
unkown
|
page readonly
|
||
|
16D2000
|
unkown
|
page readonly
|
||
|
122F000
|
unkown
|
page readonly
|
||
|
118E000
|
unkown
|
page readonly
|
||
|
1247000
|
unkown
|
page readonly
|
||
|
60E000
|
unkown
|
page readonly
|
||
|
191E000
|
heap
|
page read and write
|
||
|
1189000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
1560000
|
unkown
|
page readonly
|
||
|
1239000
|
unkown
|
page readonly
|
||
|
11E3000
|
unkown
|
page readonly
|
||
|
11DF000
|
unkown
|
page readonly
|
||
|
920000
|
unkown
|
page readonly
|
||
|
14F5000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
663000
|
unkown
|
page readonly
|
||
|
695000
|
unkown
|
page readonly
|
||
|
6B4000
|
unkown
|
page readonly
|
||
|
11A1000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
16CF000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1097000
|
unkown
|
page readonly
|
||
|
1244000
|
unkown
|
page readonly
|
||
|
943000
|
unkown
|
page readonly
|
||
|
16CF000
|
unkown
|
page readonly
|
||
|
193B000
|
heap
|
page read and write
|
||
|
104E000
|
unkown
|
page readonly
|
||
|
8FE000
|
unkown
|
page readonly
|
||
|
11CB000
|
unkown
|
page readonly
|
||
|
10D5000
|
unkown
|
page readonly
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
99D000
|
unkown
|
page readonly
|
||
|
1911000
|
heap
|
page read and write
|
||
|
11E6000
|
unkown
|
page readonly
|
||
|
11F8000
|
unkown
|
page readonly
|
||
|
1571000
|
unkown
|
page readonly
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
92B000
|
unkown
|
page readonly
|
||
|
191F000
|
heap
|
page read and write
|
||
|
6B8000
|
unkown
|
page readonly
|
||
|
695000
|
unkown
|
page readonly
|
||
|
A21000
|
unkown
|
page readonly
|
||
|
90C000
|
unkown
|
page readonly
|
||
|
15D3000
|
unkown
|
page readonly
|
||
|
1373000
|
unkown
|
page readonly
|
||
|
6BB000
|
unkown
|
page readonly
|
||
|
607000
|
unkown
|
page readonly
|
||
|
A21000
|
unkown
|
page readonly
|
||
|
109A000
|
unkown
|
page readonly
|
||
|
1252000
|
unkown
|
page readonly
|
||
|
1934000
|
heap
|
page read and write
|
||
|
1924000
|
heap
|
page read and write
|
||
|
665000
|
unkown
|
page readonly
|
||
|
136F000
|
unkown
|
page readonly
|
||
|
123E000
|
unkown
|
page readonly
|
||
|
1252000
|
unkown
|
page readonly
|
||
|
1376000
|
unkown
|
page readonly
|
||
|
156A000
|
unkown
|
page readonly
|
||
|
14F8000
|
unkown
|
page readonly
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
940000
|
unkown
|
page readonly
|
||
|
11AC000
|
unkown
|
page readonly
|
||
|
1178000
|
unkown
|
page readonly
|
||
|
104E000
|
unkown
|
page readonly
|
||
|
68E000
|
unkown
|
page readonly
|
||
|
902000
|
unkown
|
page readonly
|
||
|
1221000
|
unkown
|
page readonly
|
||
|
1832000
|
unkown
|
page readonly
|
||
|
11A5000
|
unkown
|
page readonly
|
||
|
607000
|
unkown
|
page readonly
|
||
|
11F4000
|
unkown
|
page readonly
|
||
|
66B000
|
unkown
|
page readonly
|
||
|
122F000
|
unkown
|
page readonly
|
||
|
1578000
|
unkown
|
page readonly
|
||
|
1500000
|
unkown
|
page readonly
|
||
|
1920000
|
heap
|
page read and write
|
||
|
1217000
|
unkown
|
page readonly
|
||
|
191F000
|
heap
|
page read and write
|
||
|
1935000
|
heap
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
913000
|
unkown
|
page readonly
|
||
|
91D000
|
unkown
|
page readonly
|
||
|
9A4000
|
unkown
|
page readonly
|
||
|
16CB000
|
unkown
|
page readonly
|
||
|
11D8000
|
unkown
|
page readonly
|
||
|
121B000
|
unkown
|
page readonly
|
||
|
1594000
|
unkown
|
page readonly
|
||
|
155D000
|
unkown
|
page readonly
|
||
|
1586000
|
unkown
|
page readonly
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
11FB000
|
unkown
|
page readonly
|
||
|
61C000
|
unkown
|
page readonly
|
||
|
11DC000
|
unkown
|
page readonly
|
||
|
3DC0000
|
trusted library allocation
|
page read and write
|
||
|
5E8000
|
unkown
|
page readonly
|
||
|
927000
|
unkown
|
page readonly
|
||
|
11DC000
|
unkown
|
page readonly
|
||
|
6B8000
|
unkown
|
page readonly
|
||
|
137A000
|
unkown
|
page readonly
|
||
|
1244000
|
unkown
|
page readonly
|
||
|
11ED000
|
unkown
|
page readonly
|
||
|
120A000
|
unkown
|
page readonly
|
||
|
9A4000
|
unkown
|
page readonly
|
||
|
191E000
|
heap
|
page read and write
|
||
|
1597000
|
unkown
|
page readonly
|
||
|
123E000
|
unkown
|
page readonly
|
||
|
668000
|
unkown
|
page readonly
|
||
|
423000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
136F000
|
unkown
|
page readonly
|
||
|
1934000
|
heap
|
page read and write
|
||
|
11FF000
|
unkown
|
page readonly
|
||
|
1136000
|
unkown
|
page readonly
|
||
|
11FB000
|
unkown
|
page readonly
|
||
|
11DF000
|
unkown
|
page readonly
|
||
|
668000
|
unkown
|
page readonly
|
||
|
11B7000
|
unkown
|
page readonly
|
||
|
9B000
|
stack
|
page read and write
|
||
|
11C1000
|
unkown
|
page readonly
|
||
|
35CC000
|
stack
|
page read and write
|
||
|
157F000
|
unkown
|
page readonly
|
||
|
916000
|
unkown
|
page readonly
|
||
|
920000
|
unkown
|
page readonly
|
||
|
11BD000
|
unkown
|
page readonly
|
||
|
11C7000
|
unkown
|
page readonly
|
||
|
90F000
|
unkown
|
page readonly
|
||
|
11AC000
|
unkown
|
page readonly
|
||
|
112B000
|
unkown
|
page readonly
|
||
|
1376000
|
unkown
|
page readonly
|
||
|
927000
|
unkown
|
page readonly
|
||
|
1093000
|
unkown
|
page readonly
|
||
|
695000
|
unkown
|
page readonly
|
||
|
9C3000
|
unkown
|
page readonly
|
||
|
182B000
|
unkown
|
page readonly
|
||
|
5F6000
|
unkown
|
page readonly
|
||
|
663000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page readonly
|
||
|
1825000
|
unkown
|
page readonly
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
5E2000
|
unkown
|
page readonly
|
||
|
61C000
|
unkown
|
page readonly
|
||
|
1097000
|
unkown
|
page readonly
|
||
|
14F8000
|
unkown
|
page readonly
|
||
|
10D8000
|
unkown
|
page readonly
|
||
|
124E000
|
unkown
|
page readonly
|
||
|
117F000
|
unkown
|
page readonly
|
||
|
1128000
|
unkown
|
page readonly
|
||
|
10CF000
|
unkown
|
page readonly
|
||
|
93C000
|
unkown
|
page readonly
|
||
|
1232000
|
unkown
|
page readonly
|
||
|
1193000
|
unkown
|
page readonly
|
||
|
16B7000
|
unkown
|
page readonly
|
||
|
8FE000
|
unkown
|
page readonly
|
||
|
685000
|
unkown
|
page readonly
|
||
|
1376000
|
unkown
|
page readonly
|
||
|
14F5000
|
unkown
|
page readonly
|
||
|
157F000
|
unkown
|
page readonly
|
||
|
11ED000
|
unkown
|
page readonly
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
1560000
|
unkown
|
page readonly
|
||
|
15D3000
|
unkown
|
page readonly
|
||
|
10D5000
|
unkown
|
page readonly
|
||
|
1926000
|
heap
|
page read and write
|
||
|
687000
|
unkown
|
page readonly
|
||
|
9B2000
|
unkown
|
page readonly
|
||
|
112B000
|
unkown
|
page readonly
|
||
|
11A1000
|
unkown
|
page readonly
|
||
|
1213000
|
unkown
|
page readonly
|
||
|
11C7000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1193000
|
unkown
|
page readonly
|
||
|
112F000
|
unkown
|
page readonly
|
||
|
66B000
|
unkown
|
page readonly
|
||
|
155D000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
665000
|
unkown
|
page readonly
|
||
|
1578000
|
unkown
|
page readonly
|
||
|
913000
|
unkown
|
page readonly
|
||
|
1193000
|
unkown
|
page readonly
|
||
|
191E000
|
heap
|
page read and write
|
||
|
11A1000
|
unkown
|
page readonly
|
||
|
935000
|
unkown
|
page readonly
|
||
|
615000
|
unkown
|
page readonly
|
||
|
10D8000
|
unkown
|
page readonly
|
||
|
11C4000
|
unkown
|
page readonly
|
||
|
136D000
|
unkown
|
page readonly
|
||
|
1051000
|
unkown
|
page readonly
|
||
|
11FB000
|
unkown
|
page readonly
|
||
|
EA5000
|
unkown
|
page readonly
|
||
|
9AB000
|
unkown
|
page readonly
|
||
|
905000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
136D000
|
unkown
|
page readonly
|
||
|
104B000
|
unkown
|
page readonly
|
||
|
121B000
|
unkown
|
page readonly
|
||
|
5F9000
|
unkown
|
page readonly
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
905000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page write copy
|
||
|
EA5000
|
unkown
|
page readonly
|
||
|
6BB000
|
unkown
|
page readonly
|
||
|
1174000
|
unkown
|
page readonly
|
||
|
663000
|
unkown
|
page readonly
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
10F4000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
9CA000
|
unkown
|
page readonly
|
||
|
1132000
|
unkown
|
page readonly
|
||
|
1221000
|
unkown
|
page readonly
|
||
|
191E000
|
heap
|
page read and write
|
||
|
6BF000
|
unkown
|
page readonly
|
||
|
600000
|
unkown
|
page readonly
|
||
|
194C000
|
heap
|
page read and write
|
||
|
11BD000
|
unkown
|
page readonly
|
||
|
1183000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
1827000
|
unkown
|
page readonly
|
||
|
1BDF000
|
stack
|
page read and write
|
||
|
18CA000
|
heap
|
page read and write
|
||
|
1926000
|
heap
|
page read and write
|
||
|
11F8000
|
unkown
|
page readonly
|
||
|
600000
|
unkown
|
page readonly
|
||
|
1967000
|
heap
|
page read and write
|
||
|
1586000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
935000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
3AC0000
|
heap
|
page read and write
|
||
|
91D000
|
unkown
|
page readonly
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
687000
|
unkown
|
page readonly
|
||
|
1189000
|
unkown
|
page readonly
|
||
|
182E000
|
unkown
|
page readonly
|
||
|
11B2000
|
unkown
|
page readonly
|
||
|
902000
|
unkown
|
page readonly
|
||
|
117F000
|
unkown
|
page readonly
|
||
|
10CF000
|
unkown
|
page readonly
|
||
|
1174000
|
unkown
|
page readonly
|
||
|
16F5000
|
unkown
|
page readonly
|
||
|
432000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
943000
|
unkown
|
page readonly
|
||
|
8FB000
|
unkown
|
page readonly
|
||
|
9C3000
|
unkown
|
page readonly
|
||
|
137A000
|
unkown
|
page readonly
|
||
|
91D000
|
unkown
|
page readonly
|
||
|
119F000
|
unkown
|
page readonly
|
||
|
11F8000
|
unkown
|
page readonly
|
||
|
1213000
|
unkown
|
page readonly
|
||
|
9BC000
|
unkown
|
page readonly
|
||
|
112F000
|
unkown
|
page readonly
|
||
|
6B4000
|
unkown
|
page readonly
|
||
|
1093000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
943000
|
unkown
|
page readonly
|
||
|
120C000
|
unkown
|
page readonly
|
||
|
120A000
|
unkown
|
page readonly
|
||
|
902000
|
unkown
|
page readonly
|
||
|
1920000
|
heap
|
page read and write
|
||
|
3B45000
|
heap
|
page read and write
|
||
|
92B000
|
unkown
|
page readonly
|
||
|
11AC000
|
unkown
|
page readonly
|
||
|
99D000
|
unkown
|
page readonly
|
||
|
124E000
|
unkown
|
page readonly
|
||
|
11BA000
|
unkown
|
page readonly
|
||
|
1952000
|
heap
|
page read and write
|
||
|
11A5000
|
unkown
|
page readonly
|
||
|
1051000
|
unkown
|
page readonly
|
||
|
93C000
|
unkown
|
page readonly
|
||
|
5F9000
|
unkown
|
page readonly
|
||
|
924000
|
unkown
|
page readonly
|
||
|
10D1000
|
unkown
|
page readonly
|
||
|
919000
|
unkown
|
page readonly
|
||
|
1232000
|
unkown
|
page readonly
|
||
|
11EA000
|
unkown
|
page readonly
|
||
|
117F000
|
unkown
|
page readonly
|
||
|
11EA000
|
unkown
|
page readonly
|
||
|
11DF000
|
unkown
|
page readonly
|
||
|
908000
|
unkown
|
page readonly
|
||
|
104B000
|
unkown
|
page readonly
|
||
|
90F000
|
unkown
|
page readonly
|
||
|
109A000
|
unkown
|
page readonly
|
||
|
18E2000
|
heap
|
page read and write
|
||
|
9BC000
|
unkown
|
page readonly
|
||
|
190E000
|
heap
|
page read and write
|
||
|
119A000
|
unkown
|
page readonly
|
||
|
668000
|
unkown
|
page readonly
|
||
|
16CB000
|
unkown
|
page readonly
|
||
|
11F1000
|
unkown
|
page readonly
|
||
|
924000
|
unkown
|
page readonly
|
||
|
1091000
|
unkown
|
page readonly
|
||
|
1567000
|
unkown
|
page readonly
|
||
|
5EF000
|
unkown
|
page readonly
|
||
|
3C28000
|
stack
|
page read and write
|
||
|
1128000
|
unkown
|
page readonly
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
11F1000
|
unkown
|
page readonly
|
||
|
9C7000
|
unkown
|
page readonly
|
||
|
10CF000
|
unkown
|
page readonly
|
||
|
5E8000
|
unkown
|
page readonly
|
||
|
1917000
|
heap
|
page read and write
|
||
|
16AE000
|
unkown
|
page readonly
|
||
|
1934000
|
heap
|
page read and write
|
||
|
1926000
|
heap
|
page read and write
|
||
|
927000
|
unkown
|
page readonly
|
||
|
7CB000
|
unkown
|
page readonly
|
||
|
34CA000
|
stack
|
page read and write
|
||
|
1921000
|
heap
|
page read and write
|
||
|
122F000
|
unkown
|
page readonly
|
||
|
16FC000
|
unkown
|
page readonly
|
||
|
916000
|
unkown
|
page readonly
|
||
|
1226000
|
unkown
|
page readonly
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
11B7000
|
unkown
|
page readonly
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
913000
|
unkown
|
page readonly
|
||
|
1221000
|
unkown
|
page readonly
|
||
|
940000
|
unkown
|
page readonly
|
||
|
916000
|
unkown
|
page readonly
|
||
|
7CB000
|
unkown
|
page readonly
|
||
|
1567000
|
unkown
|
page readonly
|
||
|
1239000
|
unkown
|
page readonly
|
||
|
3AD0000
|
heap
|
page read and write
|
||
|
116E000
|
unkown
|
page readonly
|
||
|
1178000
|
unkown
|
page readonly
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
16FC000
|
unkown
|
page readonly
|
||
|
1136000
|
unkown
|
page readonly
|
||
|
11BA000
|
unkown
|
page readonly
|
||
|
1571000
|
unkown
|
page readonly
|
||
|
120C000
|
unkown
|
page readonly
|
||
|
1206000
|
unkown
|
page readonly
|
||
|
122D000
|
unkown
|
page readonly
|
||
|
16F8000
|
unkown
|
page readonly
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
104E000
|
unkown
|
page readonly
|
||
|
136F000
|
unkown
|
page readonly
|
||
|
10FB000
|
unkown
|
page readonly
|
||
|
1247000
|
unkown
|
page readonly
|
||
|
939000
|
unkown
|
page readonly
|
||
|
124E000
|
unkown
|
page readonly
|
||
|
11DC000
|
unkown
|
page readonly
|
||
|
685000
|
unkown
|
page readonly
|
||
|
1911000
|
heap
|
page read and write
|
||
|
9B9000
|
unkown
|
page readonly
|
||
|
932000
|
unkown
|
page readonly
|
||
|
1132000
|
unkown
|
page readonly
|
||
|
1850000
|
heap
|
page read and write
|
||
|
9B2000
|
unkown
|
page readonly
|
||
|
11B2000
|
unkown
|
page readonly
|
||
|
11BD000
|
unkown
|
page readonly
|
||
|
919000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
116E000
|
unkown
|
page readonly
|
||
|
11C7000
|
unkown
|
page readonly
|
||
|
5EF000
|
unkown
|
page readonly
|
||
|
905000
|
unkown
|
page readonly
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
11CB000
|
unkown
|
page readonly
|
||
|
16D2000
|
unkown
|
page readonly
|
||
|
10FB000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
1832000
|
unkown
|
page readonly
|
||
|
939000
|
unkown
|
page readonly
|
||
|
908000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
10FB000
|
unkown
|
page readonly
|
||
|
1132000
|
unkown
|
page readonly
|
||
|
11F1000
|
unkown
|
page readonly
|
||
|
932000
|
unkown
|
page readonly
|
||
|
1912000
|
heap
|
page read and write
|
||
|
10D1000
|
unkown
|
page readonly
|
||
|
1190000
|
unkown
|
page readonly
|
||
|
120C000
|
unkown
|
page readonly
|
||
|
1594000
|
unkown
|
page readonly
|
||
|
423000
|
unkown
|
page readonly
|
||
|
137A000
|
unkown
|
page readonly
|
||
|
19AA000
|
heap
|
page read and write
|
||
|
615000
|
unkown
|
page readonly
|
||
|
5E8000
|
unkown
|
page readonly
|
||
|
1213000
|
unkown
|
page readonly
|
||
|
EA8000
|
unkown
|
page readonly
|
||
|
1183000
|
unkown
|
page readonly
|
||
|
1206000
|
unkown
|
page readonly
|
||
|
158D000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
16B0000
|
unkown
|
page readonly
|
||
|
92B000
|
unkown
|
page readonly
|
||
|
3C4C000
|
stack
|
page read and write
|
||
|
939000
|
unkown
|
page readonly
|
||
|
5F6000
|
unkown
|
page readonly
|
||
|
11C4000
|
unkown
|
page readonly
|
||
|
121B000
|
unkown
|
page readonly
|
||
|
119A000
|
unkown
|
page readonly
|
||
|
9C7000
|
unkown
|
page readonly
|
||
|
908000
|
unkown
|
page readonly
|
||
|
9CA000
|
unkown
|
page readonly
|
||
|
11D8000
|
unkown
|
page readonly
|
||
|
11CE000
|
unkown
|
page readonly
|
||
|
1091000
|
unkown
|
page readonly
|
||
|
1239000
|
unkown
|
page readonly
|
||
|
1373000
|
unkown
|
page readonly
|
||
|
1174000
|
unkown
|
page readonly
|
||
|
9B9000
|
unkown
|
page readonly
|
||
|
136D000
|
unkown
|
page readonly
|
||
|
16F5000
|
unkown
|
page readonly
|
||
|
182B000
|
unkown
|
page readonly
|
||
|
90C000
|
unkown
|
page readonly
|
||
|
9B2000
|
unkown
|
page readonly
|
||
|
11E6000
|
unkown
|
page readonly
|
||
|
6B8000
|
unkown
|
page readonly
|
||
|
EA5000
|
unkown
|
page readonly
|
||
|
1922000
|
heap
|
page read and write
|
||
|
9BC000
|
unkown
|
page readonly
|
||
|
189E000
|
stack
|
page read and write
|
||
|
1921000
|
heap
|
page read and write
|
||
|
1921000
|
heap
|
page read and write
|
||
|
118E000
|
unkown
|
page readonly
|
||
|
1178000
|
unkown
|
page readonly
|
||
|
11B2000
|
unkown
|
page readonly
|
||
|
607000
|
unkown
|
page readonly
|
||
|
11C4000
|
unkown
|
page readonly
|
||
|
687000
|
unkown
|
page readonly
|
||
|
1915000
|
heap
|
page read and write
|
||
|
119F000
|
unkown
|
page readonly
|
||
|
615000
|
unkown
|
page readonly
|
||
|
1827000
|
unkown
|
page readonly
|
||
|
16AE000
|
unkown
|
page readonly
|
||
|
940000
|
unkown
|
page readonly
|
||
|
1183000
|
unkown
|
page readonly
|
||
|
8FE000
|
unkown
|
page readonly
|
||
|
3C3D000
|
stack
|
page read and write
|
||
|
11D5000
|
unkown
|
page readonly
|
||
|
1244000
|
unkown
|
page readonly
|
||
|
158D000
|
unkown
|
page readonly
|
||
|
123E000
|
unkown
|
page readonly
|
||
|
1924000
|
heap
|
page read and write
|
||
|
1373000
|
unkown
|
page readonly
|
||
|
3AE0000
|
heap
|
page read and write
|
||
|
10D8000
|
unkown
|
page readonly
|
||
|
1226000
|
unkown
|
page readonly
|
||
|
6B4000
|
unkown
|
page readonly
|
||
|
11F4000
|
unkown
|
page readonly
|
||
|
11CB000
|
unkown
|
page readonly
|
||
|
1093000
|
unkown
|
page readonly
|
||
|
1923000
|
heap
|
page read and write
|
||
|
112B000
|
unkown
|
page readonly
|
||
|
122D000
|
unkown
|
page readonly
|
||
|
16B0000
|
unkown
|
page readonly
|
||
|
10D5000
|
unkown
|
page readonly
|
||
|
118E000
|
unkown
|
page readonly
|
||
|
1921000
|
heap
|
page read and write
|
||
|
1252000
|
unkown
|
page readonly
|
||
|
61C000
|
unkown
|
page readonly
|
||
|
191F000
|
heap
|
page read and write
|
||
|
6C2000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9C3000
|
unkown
|
page readonly
|
||
|
920000
|
unkown
|
page readonly
|
||
|
1825000
|
unkown
|
page readonly
|
||
|
3AE4000
|
heap
|
page read and write
|
||
|
119F000
|
unkown
|
page readonly
|
There are 565 hidden memdumps, click here to show them.