IOC Report
hwWxZRwpeL.exe

loading gif

Files

File Path
Type
Category
Malicious
hwWxZRwpeL.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_hwWxZRwpeL.exe_165b5c6447ae5a2d06083211747dcaa66839eb_0cfad76b_36c85020-d344-4202-9556-db4bd9a7e805\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\AEBGIEGC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\BKEHDGDGHCBGCAKFIIIE
ASCII text, with very long lines (1743), with CRLF line terminators
dropped
C:\ProgramData\BKFCBFCBFBKEBFIDBKEC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\CFCGIIEH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\CGIEBAFHJJDBGCAKJJKFBGCFIJ
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\ECAFHDBGHJ.exe
HTML document, Unicode text, UTF-8 text
dropped
C:\ProgramData\EGDGIEGHJEGIDGCAFBFC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\JKJKJJDBKEGIECAAECFHCFBGIJ
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9890.tmp.dmp
Mini DuMP crash report, 14 streams, Mon Oct 28 21:02:50 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9CF6.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9D36.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\chrome.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7ff1077e-2baa-4bc2-960a-51cbdb7a30dc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\82361c59-9442-4512-9372-030328808a63.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\d1b0afc4-3965-4375-bc7d-40ccbc9db1b1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-671FFBDB-1F80.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\02a0322d-8aaa-4832-ad55-fc412093703a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2b1a6afa-a39e-44b7-b568-a30e745739f4.tmp
Unicode text, UTF-8 text, with very long lines (17632), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3c8e2796-c2ae-409b-bf85-36351194cc3f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7bc7b85e-b5d8-4a49-9003-de0b73c7087d.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\82bf00f3-9dac-4db9-8930-287e9e8a83e4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\336af243-ee73-4259-a905-87041dfb975d.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4f90cb45-d4cc-4f4f-8810-e5bd055588eb.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\66bd3064-2674-43ba-b900-94ce976fd08c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 9
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF48e42.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF38415.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF391f0.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF392bb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c8c9842c-260f-4604-9f7c-e418f1cd9f19.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\dc1b773f-ab2b-48d1-bff7-6291c6dd4b90.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e8290862-be67-4dd7-8e26-b7b8c9376c24.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\edf67c98-7aa2-4263-be1e-472e1e460beb.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3bd65.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3ffed.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF47f00.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3bd75.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4346a.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374622942181148
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\00fde652-b769-4cd9-b75a-d51a994246f0.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\099e8a68-6eb3-42c7-b4ae-199f9c0c4d1e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5f8ca002-ad7c-488c-94e8-aa97bb0ff354.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\781bd59d-bddf-42ac-9772-bb662bca06bb.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF391f0.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF392bb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d862a150-27d1-4870-9c65-93753713706b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b458f8e3-7e46-48c4-b97f-f9810f04b20f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c8ad58ec-1414-40e9-a4fd-3f640e29864c.tmp
Unicode text, UTF-8 text, with very long lines (17632), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ed6b7102-4213-4da8-a00a-419ec70555fe.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ff860a9b-4e8c-4f4f-b247-1fa3e28691b4.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36c57.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36cf4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36e1c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF394bf.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40ef0.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47f0f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4d9e1.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ab6e779d-e8c2-4594-8ee8-f2a35e1b91f9.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c00542f8-84ca-43c1-a8b4-85e0f9439917.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c2bdecf1-2c41-40cd-828a-ffecf53ef1ff.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cf5e96be-3435-4931-a62b-5dd7ff077cef.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e1377cc1-2aed-4d32-b7a3-6e584fdb9869.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e875cd5f-15a2-4bb2-847a-2b7270c74b46.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\0011bbb0-1994-48a9-9db2-09056c86101c.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\0cdbc265-84ef-48f9-ba59-03eaeb49a8c7.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\19b9b5c3-fd45-4067-81f3-8e67fd75d1a9.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\4db07784-ae47-490f-92be-8914131317ce.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
dropped
C:\Users\user\AppData\Local\Temp\572f3511-ce38-4d56-8946-8e0fcb526e84.tmp
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2019:01:23 13:24:18], baseline, precision 8, 401x402, components 3
dropped
C:\Users\user\AppData\Local\Temp\8978f35f-bf16-4c83-ac4d-8890b93ab17d.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\c0a68fdf-86be-41b0-921c-889642ffed99.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\0011bbb0-1994-48a9-9db2-09056c86101c.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3700)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_203325705\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3705)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\19b9b5c3-fd45-4067-81f3-8e67fd75d1a9.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir8064_845137876\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:10 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 28 20:02:09 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm
data
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
Chrome Cache Entry: 480
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 481
ASCII text, with very long lines (811)
downloaded
Chrome Cache Entry: 482
ASCII text
downloaded
Chrome Cache Entry: 483
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 484
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 485
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 486
SVG Scalable Vector Graphics image
downloaded
There are 291 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\hwWxZRwpeL.exe
"C:\Users\user\Desktop\hwWxZRwpeL.exe"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=2280,i,18331130875080231258,16974175982020744534,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7104 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7268 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7264 --field-trial-handle=2244,i,5814018708201048348,15499758968749185069,262144 /prefetch:8
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=2296,i,13023938482430916518,14835191359952617541,262144 /prefetch:8
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\ProgramData\ECAFHDBGHJ.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3552 -s 3100
There are 3 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://77.83.175.105/4db719b1f2f948b0/softokn3.dll
77.83.175.105
 malicious
http://77.83.175.105/4db719b1f2f948b0/nss3.dll
77.83.175.105
 malicious
https://duckduckgo.com/chrome_newtab
unknown
https://sb.scorecardresearch.com/b?rn=1730149368269&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=31232435889767F20B43311389B266D3&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
108.156.211.71
https://duckduckgo.com/ac/?q=
unknown
http://77.83.175.105/4db719b1f2f948b0/freebl3.dllC
unknown
https://google-ohttp-relay-join.fastly-edge.com/3
unknown
http://77.83.175.105/4db719b1f2f948b0/freebl3.dllM
unknown
https://permanently-removed.invalid/oauth2/v2/tokeninfo
unknown
https://google-ohttp-relay-join.fastly-edge.com/1
unknown
http://77.83.175.105/4db719b1f2f948b0/sqlite3.dll3
unknown
https://i.ibb.co/31pRMq1/Firefox-Logo.png
unknown
https://ntp.msn.com/0
unknown
https://google-ohttp-relay-join.fastly-edge.com/6
unknown
https://i.ibb.co/JKpFSmj/edge.png
unknown
http://anglebug.com/4633
unknown
https://anglebug.com/7382
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
unknown
https://google-ohttp-relay-join.fastly-edge.com/;
unknown
https://issuetracker.google.com/284462263
unknown
https://deff.nelreports.net/api/report?cat=msn
23.218.232.168
https://google-ohttp-relay-join.fastly-edge.com/=
unknown
https://publickeyservice.gcp.privacysandboxservices.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/G
unknown
http://polymer.github.io/AUTHORS.txt
unknown
https://docs.google.com/
unknown
https://publickeyservice.pa.aws.privacysandboxservices.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/J
unknown
https://i.ibb.co/sWFTLkV/unknown-browser-icon.png
unknown
https://anglebug.com/7714
unknown
https://www.instagram.com
unknown
http://77.83.175.10518a9a962225b1ffb.phpition:
unknown
http://77.83.175.105/4db719b1f2f948b0/mozglue.dllc
unknown
https://i.ibb.co/9NDBWJ6/microsoft.png
unknown
https://photos.google.com?referrer=CHROME_NTP
unknown
http://77.83.175.105/4db719b1f2f948b0/mozglue.dlli
unknown
http://anglebug.com/6248
unknown
https://ogs.google.com/widget/callout?eom=1
unknown
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
http://anglebug.com/6929
unknown
http://anglebug.com/5281
unknown
https://i.y.qq.com/n2/m/index.html
unknown
https://www.deezer.com/
unknown
https://www.youtube.com/?feature=ytca
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370792&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.16
https://cdn.ecosia.org/assets/images/ico/favicon.icormat
unknown
https://i.i
unknown
https://issuetracker.google.com/255411748
unknown
https://campuspersever.es/&
unknown
https://web.telegram.org/
unknown
https://i.ib
unknown
https://permanently-removed.invalid/oauth2/v4/token
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
https://i.ibb.co/JK?
unknown
https://campuspersever.es/chrome_93.exe
87.106.236.48
https://chrome.google.com/webstore
unknown
https://drive-daily-2.corp.google.com/
unknown
http://polymer.github.io/PATENTS.txt
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.ico
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://issuetracker.google.com/161903006
unknown
http://77.83.175.105/18a9a962225b1ffb.phpition:
unknown
https://www.ecosia.org/newtab/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://www.youtube.com/
unknown
https://drive-daily-5.corp.google.com/
unknown
https://cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/device.min.js
unknown
https://docs.google.com/spreadsheets/
unknown
https://permanently-removed.invalid/chrome/blank.html
unknown
http://77.83.175.105/4db719b1f2f948b0/msvcp140.dllm
unknown
http://anglebug.com/3078
unknown
http://anglebug.com/7553
unknown
http://anglebug.com/5375
unknown
https://permanently-removed.invalid/v1/issuetoken
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370164&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.16
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
142.250.186.78
http://anglebug.com/5371
unknown
http://anglebug.com/4722
unknown
https://permanently-removed.invalid/reauth/v1beta/users/
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730149370160&w=0&anoncknm=app_anon&NoResponseBody=true
20.189.173.16
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
unknown
http://anglebug.com/7556
unknown
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
unknown
https://chromewebstore.google.com/
unknown
https://drive-preprod.corp.google.com/
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
unknown
https://chrome.google.com/webstore/
unknown
https://publickeyservice.pa.gcp.privacysandboxservices.com
unknown
http://77.83.175.105/18a9a962225b1ffb.phpop:
unknown
https://i.ibb.co/LDF99J2/brave-logo.png
unknown
https://permanently-removed.invalid/RotateBoundCookies
unknown
https://c.msn.com/c.gif?rnd=1730149368269&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=490a2f67b40a434ab4bd51de99d9857b&activityId=490a2f67b40a434ab4bd51de99d9857b&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0
20.125.209.212
http://anglebug.com/6692
unknown
https://issuetracker.google.com/258207403
unknown
http://anglebug.com/3502
unknown
http://anglebug.com/3623
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
campuspersever.es
87.106.236.48
 malicious
clients2.googleusercontent.com
unknown
 malicious
bzib.nelreports.net
unknown
 malicious
assets.msn.com
unknown
 malicious
c.msn.com
unknown
 malicious
ntp.msn.com
unknown
 malicious
apis.google.com
unknown
 malicious
api.msn.com
unknown
 malicious
chrome.cloudflare-dns.com
162.159.61.3
plus.l.google.com
142.250.186.78
play.google.com
172.217.18.110
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.239.83.91
www.google.com
142.250.186.100
googlehosted.l.googleusercontent.com
142.250.184.193
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.5
unknown
unknown
malicious
87.106.236.48
campuspersever.es
Germany
malicious
77.83.175.105
unknown
Ukraine
malicious
23.221.22.120
unknown
United States
20.125.209.212
unknown
United States
162.159.61.3
chrome.cloudflare-dns.com
United States
142.250.186.78
plus.l.google.com
United States
23.222.241.148
unknown
United States
142.250.184.193
googlehosted.l.googleusercontent.com
United States
23.47.194.66
unknown
United States
239.255.255.250
unknown
Reserved
20.75.60.91
unknown
United States
142.250.186.100
www.google.com
United States
127.0.0.1
unknown
unknown
23.218.232.168
unknown
United States
152.195.19.97
unknown
United States
108.156.211.71
unknown
United States
20.189.173.16
unknown
United States
204.79.197.219
unknown
United States
172.217.18.110
play.google.com
United States
4.152.133.8
unknown
United States
13.107.246.57
unknown
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
18.239.83.91
sb.scorecardresearch.com
United States
There are 14 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197678
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197678
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197678
WindowTabManagerFileMappingId
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
ProgramId
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
FileId
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
LowerCaseLongPath
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
LongPathHash
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Name
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
OriginalFileName
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Publisher
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Version
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
BinFileVersion
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
BinaryType
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
ProductName
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
ProductVersion
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
LinkDate
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
BinProductVersion
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
AppxPackageFullName
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
AppxPackageRelativeId
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Size
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Language
\REGISTRY\A\{c6d517ef-7e3a-02f1-27d0-8d6467dc5d68}\Root\InventoryApplicationFile\hwwxzrwpel.exe|b062bf84d4d90e0e
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018001124124F72
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
There are 118 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2550000
direct allocation
page read and write
 malicious
78E000
heap
page read and write
 malicious
400000
unkown
page execute and read and write
 malicious
2470000
direct allocation
page execute and read and write
 malicious
2B4401264000
trusted library allocation
page read and write
E7425FE000
stack
page read and write
2B44017DC000
trusted library allocation
page read and write
495000
unkown
page write copy
2B4401518000
trusted library allocation
page read and write
283C9D94000
heap
page read and write
2640000
heap
page read and write
2B4401E78000
trusted library allocation
page read and write
462800240000
trusted library allocation
page read and write
2143F000
heap
page read and write
2B4401D08000
trusted library allocation
page read and write
283C9DA0000
heap
page read and write
4628000E8000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
E733DFE000
unkown
page readonly
2B44002F0000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
745800890000
trusted library allocation
page read and write
2B4400380000
trusted library allocation
page read and write
4628000A3000
trusted library allocation
page read and write
2460000
heap
page read and write
2995A700000
heap
page read and write
4628002AC000
trusted library allocation
page read and write
2103F000
heap
page read and write
4584003A0000
trusted library allocation
page read and write
2B44007AC000
trusted library allocation
page read and write
2B44019A0000
trusted library allocation
page read and write
462800324000
trusted library allocation
page read and write
2995A774000
heap
page read and write
2B4401DCC000
trusted library allocation
page read and write
E737DFE000
unkown
page readonly
2B4401CE4000
trusted library allocation
page read and write
4628002B0000
trusted library allocation
page read and write
6C662000
unkown
page readonly
74580082C000
trusted library allocation
page read and write
2B44013DE000
trusted library allocation
page read and write
2B4401388000
trusted library allocation
page read and write
2995A7B5000
heap
page read and write
2995A786000
heap
page read and write
2B4400BC8000
trusted library allocation
page read and write
2B4401894000
trusted library allocation
page read and write
46280040C000
trusted library allocation
page read and write
2B44013B2000
trusted library allocation
page read and write
2B440037C000
trusted library allocation
page read and write
7D3000
heap
page read and write
46280028C000
trusted library allocation
page read and write
2B44018AC000
trusted library allocation
page read and write
2B4401C94000
trusted library allocation
page read and write
283C9D9A000
heap
page read and write
728800270000
trusted library allocation
page read and write
728800294000
trusted library allocation
page read and write
1AE61000
heap
page read and write
21420000
heap
page read and write
747C00270000
direct allocation
page read and write
2B4401C38000
trusted library allocation
page read and write
458400401000
trusted library allocation
page read and write
2B4401CE8000
trusted library allocation
page read and write
299588A5000
heap
page read and write
458400230000
trusted library allocation
page read and write
2995A7DC000
heap
page read and write
462800290000
trusted library allocation
page read and write
2B4401584000
trusted library allocation
page read and write
2B4401D84000
trusted library allocation
page read and write
728800201000
trusted library allocation
page read and write
2B44001B4000
trusted library allocation
page read and write
29958790000
heap
page read and write
6C80F000
unkown
page readonly
210BA000
heap
page read and write
745800418000
trusted library allocation
page read and write
462800201000
trusted library allocation
page read and write
458400418000
trusted library allocation
page read and write
462800288000
trusted library allocation
page read and write
462800124000
trusted library allocation
page read and write
7288002B8000
trusted library allocation
page read and write
4628002CC000
trusted library allocation
page read and write
462800244000
trusted library allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
458400288000
trusted library allocation
page read and write
2B4400228000
trusted library allocation
page read and write
2B4400FBC000
trusted library allocation
page read and write
2B44002E0000
trusted library allocation
page read and write
21050000
heap
page read and write
2B4401798000
trusted library allocation
page read and write
2B4401870000
trusted library allocation
page read and write
E7375FC000
stack
page read and write
2B4401770000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
66E000
unkown
page execute and read and write
2846C000
stack
page read and write
2B64002C0000
trusted library allocation
page read and write
2B440157D000
trusted library allocation
page read and write
2B4401CD0000
trusted library allocation
page read and write
458400201000
trusted library allocation
page read and write
21062000
heap
page read and write
2B4401E8C000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
4584002D8000
trusted library allocation
page read and write
283CA32F000
heap
page read and write
2B4400F4C000
trusted library allocation
page read and write
2B4401F30000
trusted library allocation
page read and write
21050000
heap
page read and write
21062000
heap
page read and write
462800394000
trusted library allocation
page read and write
2105A000
heap
page read and write
458400304000
trusted library allocation
page read and write
6C65E000
unkown
page read and write
4628002F0000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
400000
unkown
page readonly
2995A7EB000
heap
page read and write
2B4400328000
trusted library allocation
page read and write
7288002B4000
trusted library allocation
page read and write
2995A779000
heap
page read and write
462800238000
trusted library allocation
page read and write
2B4401BD4000
trusted library allocation
page read and write
2B4401D5C000
trusted library allocation
page read and write
2995881E000
heap
page read and write
2B4402A0C000
trusted library allocation
page read and write
6C855000
unkown
page readonly
2B4400328000
trusted library allocation
page read and write
8C7000
heap
page read and write
7288002A8000
trusted library allocation
page read and write
2B4401984000
trusted library allocation
page read and write
2B4400CA8000
trusted library allocation
page read and write
2B4401598000
trusted library allocation
page read and write
2B4401F30000
trusted library allocation
page read and write
E7385FD000
stack
page read and write
462800298000
trusted library allocation
page read and write
29958770000
heap
page readonly
2B44013DD000
trusted library allocation
page read and write
2B4401A48000
trusted library allocation
page read and write
E73CDFE000
unkown
page readonly
299588D2000
heap
page read and write
E735DFE000
unkown
page readonly
7288002B4000
trusted library allocation
page read and write
E73D5FE000
stack
page read and write
2B4401654000
trusted library allocation
page read and write
21064000
heap
page read and write
7ED000
heap
page read and write
2B4401F68000
trusted library allocation
page read and write
2B4400FC0000
trusted library allocation
page read and write
2B44010C4000
trusted library allocation
page read and write
299588F9000
heap
page read and write
4584002B0000
trusted library allocation
page read and write
2B4400FC0000
trusted library allocation
page read and write
2B4401654000
trusted library allocation
page read and write
2B4401A20000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
2B4401DF0000
trusted library allocation
page read and write
2B4401E90000
trusted library allocation
page read and write
2B440194C000
trusted library allocation
page read and write
2B440029E000
trusted library allocation
page read and write
46280029C000
trusted library allocation
page read and write
E73A5FE000
stack
page read and write
2B64002E4000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
2B4400F18000
trusted library allocation
page read and write
2B4400314000
trusted library allocation
page read and write
2B4400230000
trusted library allocation
page read and write
283CA315000
heap
page read and write
2B4400FAE000
trusted library allocation
page read and write
747C00215000
direct allocation
page read and write
2B4401754000
trusted library allocation
page read and write
2B44018A8000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
4628000A8000
trusted library allocation
page read and write
2B4400224000
trusted library allocation
page read and write
4628000AD000
trusted library allocation
page read and write
747C002AC000
direct allocation
page read and write
2B44002F0000
trusted library allocation
page read and write
21062000
heap
page read and write
462800294000
trusted library allocation
page read and write
2B4401F94000
trusted library allocation
page read and write
462800314000
trusted library allocation
page read and write
21062000
heap
page read and write
2B4400308000
trusted library allocation
page read and write
2B44015D4000
trusted library allocation
page read and write
2B4401D0C000
trusted library allocation
page read and write
E738DFE000
unkown
page readonly
747C00217000
direct allocation
page read and write
2B4400328000
trusted library allocation
page read and write
61ECD000
direct allocation
page readonly
2B4400328000
trusted library allocation
page read and write
2B4401A84000
trusted library allocation
page read and write
2B4401EC8000
trusted library allocation
page read and write
2B4400768000
trusted library allocation
page read and write
6C5D0000
unkown
page readonly
2B4401CE4000
trusted library allocation
page read and write
2B4401944000
trusted library allocation
page read and write
2B4401379000
trusted library allocation
page read and write
45840039C000
trusted library allocation
page read and write
2B4401684000
trusted library allocation
page read and write
4628002C0000
trusted library allocation
page read and write
2B4401C94000
trusted library allocation
page read and write
E71E5FE000
stack
page read and write
213B0000
remote allocation
page read and write
2B4401388000
trusted library allocation
page read and write
21064000
heap
page read and write
2B440169C000
trusted library allocation
page read and write
2B44029E4000
trusted library allocation
page read and write
283C9DA0000
heap
page read and write
2105F000
heap
page read and write
2995A7D6000
heap
page read and write
2B4400CE4000
trusted library allocation
page read and write
2B44014C5000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
21054000
heap
page read and write
6D017000
unkown
page read and write
458400364000
trusted library allocation
page read and write
2B4400D1C000
trusted library allocation
page read and write
2B440138A000
trusted library allocation
page read and write
7458007BC000
trusted library allocation
page read and write
2B440184C000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
E7315FD000
stack
page read and write
7288002B4000
trusted library allocation
page read and write
4628002C0000
trusted library allocation
page read and write
458400358000
trusted library allocation
page read and write
2B44017B8000
trusted library allocation
page read and write
2B4401C4C000
trusted library allocation
page read and write
747C0031C000
direct allocation
page read and write
2B4401320000
trusted library allocation
page read and write
E721DFE000
unkown
page readonly
2B440192C000
trusted library allocation
page read and write
7458008A8000
trusted library allocation
page read and write
2995A7B1000
heap
page read and write
7458006E0000
trusted library allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
2B4400F7C000
trusted library allocation
page read and write
2105D000
heap
page read and write
747C002A8000
direct allocation
page read and write
2B4401578000
trusted library allocation
page read and write
4628001E4000
trusted library allocation
page read and write
2B44002E3000
trusted library allocation
page read and write
4628002CC000
trusted library allocation
page read and write
21062000
heap
page read and write
2B4400464000
trusted library allocation
page read and write
4628003C0000
trusted library allocation
page read and write
2B4401330000
trusted library allocation
page read and write
2103F000
heap
page read and write
74580070C000
trusted library allocation
page read and write
4628003B0000
trusted library allocation
page read and write
4628001E0000
trusted library allocation
page read and write
2B4400B50000
trusted library allocation
page read and write
2B4401764000
trusted library allocation
page read and write
2B4400CD4000
trusted library allocation
page read and write
747C00311000
direct allocation
page read and write
20F7D000
heap
page read and write
2B44002F0000
trusted library allocation
page read and write
E7195FF000
stack
page read and write
458400390000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
283CA303000
heap
page read and write
2B440033C000
trusted library allocation
page read and write
2B4401780000
trusted library allocation
page read and write
283CA31A000
heap
page read and write
2B4401E5C000
trusted library allocation
page read and write
6C84F000
unkown
page write copy
4584002F1000
trusted library allocation
page read and write
745800850000
trusted library allocation
page read and write
2B440041C000
trusted library allocation
page read and write
46280022C000
trusted library allocation
page read and write
2B4401374000
trusted library allocation
page read and write
2102D000
heap
page read and write
7458008C4000
trusted library allocation
page read and write
7288002B4000
trusted library allocation
page read and write
2B4400768000
trusted library allocation
page read and write
2B44001E4000
trusted library allocation
page read and write
7458006AC000
trusted library allocation
page read and write
4628000D8000
trusted library allocation
page read and write
2B4401630000
trusted library allocation
page read and write
61ED3000
direct allocation
page read and write
74580087C000
trusted library allocation
page read and write
2103D000
heap
page read and write
21437000
heap
page read and write
2B4401A30000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2995892B000
heap
page read and write
1A71F000
stack
page read and write
5A7000
unkown
page execute and read and write
2B440033C000
trusted library allocation
page read and write
2B4401D78000
trusted library allocation
page read and write
283CA2FE000
heap
page read and write
2B44018B0000
trusted library allocation
page read and write
74580091C000
trusted library allocation
page read and write
2995A793000
heap
page read and write
2B4401A9C000
trusted library allocation
page read and write
21047000
heap
page read and write
2B44018E4000
trusted library allocation
page read and write
59B000
unkown
page execute and read and write
7458006C8000
trusted library allocation
page read and write
21054000
heap
page read and write
283CA30C000
heap
page read and write
2B4401A70000
trusted library allocation
page read and write
2B440139C000
trusted library allocation
page read and write
264E000
heap
page read and write
2B4401A98000
trusted library allocation
page read and write
46280026C000
trusted library allocation
page read and write
2B4401914000
trusted library allocation
page read and write
7288002B4000
trusted library allocation
page read and write
2B4401A1C000
trusted library allocation
page read and write
745800864000
trusted library allocation
page read and write
21160000
heap
page read and write
283CA31F000
heap
page read and write
2B64002A0000
trusted library allocation
page read and write
2B44004A8000
trusted library allocation
page read and write
9B000
stack
page read and write
2B4401D08000
trusted library allocation
page read and write
2B4401A54000
trusted library allocation
page read and write
2B4401D3C000
trusted library allocation
page read and write
46280015C000
trusted library allocation
page read and write
4628001F4000
trusted library allocation
page read and write
2646000
heap
page read and write
747C00318000
direct allocation
page read and write
2B4400330000
trusted library allocation
page read and write
458400344000
trusted library allocation
page read and write
2B4400FC8000
trusted library allocation
page read and write
2B44013D4000
trusted library allocation
page read and write
2B4401D74000
trusted library allocation
page read and write
21044000
heap
page read and write
2B4400385000
trusted library allocation
page read and write
21024000
heap
page read and write
7288002B8000
trusted library allocation
page read and write
462800024000
trusted library allocation
page read and write
728800260000
trusted library allocation
page read and write
458400238000
trusted library allocation
page read and write
747C0021C000
direct allocation
page read and write
2B44002F0000
trusted library allocation
page read and write
2B4401864000
trusted library allocation
page read and write
2B44010C4000
trusted library allocation
page read and write
299587B0000
heap
page read and write
2B44013D4000
trusted library allocation
page read and write
74580079C000
trusted library allocation
page read and write
462800278000
trusted library allocation
page read and write
2B44001F4000
trusted library allocation
page read and write
4628003D0000
trusted library allocation
page read and write
25F0000
heap
page read and write
2B4401350000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2B4401AA8000
trusted library allocation
page read and write
745800844000
trusted library allocation
page read and write
77E000
stack
page read and write
2B64002A0000
trusted library allocation
page read and write
2B4401C94000
trusted library allocation
page read and write
2B44017BC000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2B4401E74000
trusted library allocation
page read and write
2B4400118000
trusted library allocation
page read and write
747C00280000
direct allocation
page read and write
8C0000
heap
page read and write
2B440120C000
trusted library allocation
page read and write
7458008F0000
trusted library allocation
page read and write
283CA307000
heap
page read and write
2B4401860000
trusted library allocation
page read and write
2B44013C8000
trusted library allocation
page read and write
2B4401630000
trusted library allocation
page read and write
7458002FC000
trusted library allocation
page read and write
2995A723000
heap
page read and write
2B440036C000
trusted library allocation
page read and write
283C9D99000
heap
page read and write
8C7000
heap
page read and write
462800150000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2B44013C8000
trusted library allocation
page read and write
19C000
stack
page read and write
2B44006C4000
trusted library allocation
page read and write
2B4401884000
trusted library allocation
page read and write
2105C000
heap
page read and write
283C9D8F000
heap
page read and write
2B4401C84000
trusted library allocation
page read and write
2B44010B4000
trusted library allocation
page read and write
1AE61000
heap
page read and write
4584003A8000
trusted library allocation
page read and write
283C9DA4000
heap
page read and write
462800264000
trusted library allocation
page read and write
747C002C0000
direct allocation
page read and write
23E0000
heap
page read and write
4584003C4000
trusted library allocation
page read and write
4628002F0000
trusted library allocation
page read and write
1AB9E000
stack
page read and write
728800250000
trusted library allocation
page read and write
283CA32F000
heap
page read and write
B9F000
stack
page read and write
745800818000
trusted library allocation
page read and write
2B44019A8000
trusted library allocation
page read and write
197000
stack
page read and write
299588C1000
heap
page read and write
2B44007AC000
trusted library allocation
page read and write
2B4402A0C000
trusted library allocation
page read and write
745800860000
trusted library allocation
page read and write
2B4400BCC000
trusted library allocation
page read and write
21064000
heap
page read and write
21054000
heap
page read and write
45840031C000
trusted library allocation
page read and write
747C002D8000
direct allocation
page read and write
2B4401678000
trusted library allocation
page read and write
2B4401B08000
trusted library allocation
page read and write
462800220000
trusted library allocation
page read and write
283C9DA0000
heap
page read and write
458400404000
trusted library allocation
page read and write
7288002F0000
trusted library allocation
page read and write
2B44001D4000
trusted library allocation
page read and write
283C9D9C000
heap
page read and write
4E6000
unkown
page execute and read and write
2B4401C18000
trusted library allocation
page read and write
1AF60000
trusted library allocation
page read and write
E7275FE000
stack
page read and write
2995A753000
heap
page read and write
1F0000
heap
page read and write
2B4401A0C000
trusted library allocation
page read and write
21050000
heap
page read and write
283C9DA4000
heap
page read and write
6C671000
unkown
page execute read
2B4400F70000
trusted library allocation
page read and write
2B4401D0C000
trusted library allocation
page read and write
7458007AC000
trusted library allocation
page read and write
2B4401A6C000
trusted library allocation
page read and write
2102B000
heap
page read and write
4628003BC000
trusted library allocation
page read and write
7458008EC000
trusted library allocation
page read and write
2103B000
heap
page read and write
2B4401F80000
trusted library allocation
page read and write
2995A766000
heap
page read and write
2B440037C000
trusted library allocation
page read and write
283C9D89000
heap
page read and write
E73E5FE000
stack
page read and write
2B4401376000
trusted library allocation
page read and write
745800408000
trusted library allocation
page read and write
2B4401E14000
trusted library allocation
page read and write
E72FDFE000
unkown
page readonly
21140000
heap
page read and write
2B440037C000
trusted library allocation
page read and write
4628002D8000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
2B4401E44000
trusted library allocation
page read and write
7458008F4000
trusted library allocation
page read and write
2B64002A4000
trusted library allocation
page read and write
243E000
stack
page read and write
299588DD000
heap
page read and write
462800334000
trusted library allocation
page read and write
2B4401D80000
trusted library allocation
page read and write
2B4401054000
trusted library allocation
page read and write
4628002F0000
trusted library allocation
page read and write
7458006F4000
trusted library allocation
page read and write
2B4400768000
trusted library allocation
page read and write
2B4401054000
trusted library allocation
page read and write
2B4401E94000
trusted library allocation
page read and write
2B4401678000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
6CF71000
unkown
page execute read
462800218000
trusted library allocation
page read and write
2B4401678000
trusted library allocation
page read and write
2B4401754000
trusted library allocation
page read and write
2B44001B4000
trusted library allocation
page read and write
2B4400F28000
trusted library allocation
page read and write
462800390000
trusted library allocation
page read and write
27E5F000
stack
page read and write
2B4401C44000
trusted library allocation
page read and write
1A81F000
stack
page read and write
2B4400FC0000
trusted library allocation
page read and write
2B4401794000
trusted library allocation
page read and write
2B4400E34000
trusted library allocation
page read and write
29958902000
heap
page read and write
2B4401E3C000
trusted library allocation
page read and write
728800235000
trusted library allocation
page read and write
2B44010C4000
trusted library allocation
page read and write
747C00284000
direct allocation
page read and write
2B44010C4000
trusted library allocation
page read and write
745800894000
trusted library allocation
page read and write
2B44019AC000
trusted library allocation
page read and write
2B4401DD8000
trusted library allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
4628001CC000
trusted library allocation
page read and write
2B4401844000
trusted library allocation
page read and write
21039000
heap
page read and write
2B64002B0000
trusted library allocation
page read and write
4628001B8000
trusted library allocation
page read and write
2B4400464000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
747C002E0000
direct allocation
page read and write
21062000
heap
page read and write
462800024000
trusted library allocation
page read and write
1AB5D000
stack
page read and write
2B4401630000
trusted library allocation
page read and write
61E01000
direct allocation
page execute read
283CA324000
heap
page read and write
E7245FD000
stack
page read and write
2B4401054000
trusted library allocation
page read and write
745800778000
trusted library allocation
page read and write
2B440279C000
trusted library allocation
page read and write
45840020C000
trusted library allocation
page read and write
29958869000
heap
page read and write
74580081C000
trusted library allocation
page read and write
25CE000
stack
page read and write
2995A784000
heap
page read and write
61ED4000
direct allocation
page readonly
458400350000
trusted library allocation
page read and write
2B4401264000
trusted library allocation
page read and write
2995A788000
heap
page read and write
41E000
unkown
page execute read
E7305FC000
stack
page read and write
74580039C000
trusted library allocation
page read and write
2B4401DA4000
trusted library allocation
page read and write
2B4400F70000
trusted library allocation
page read and write
2B4400470000
trusted library allocation
page read and write
21390000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
2B4401C64000
trusted library allocation
page read and write
2B4401E40000
trusted library allocation
page read and write
1A91F000
stack
page read and write
4628000C0000
trusted library allocation
page read and write
20ED6000
heap
page read and write
E725DFE000
unkown
page readonly
2B440147E000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
2995B3C0000
unkown
page read and write
2B440135C000
trusted library allocation
page read and write
E73BDFE000
unkown
page readonly
2B4401584000
trusted library allocation
page read and write
745800878000
trusted library allocation
page read and write
728800294000
trusted library allocation
page read and write
2B440151F000
trusted library allocation
page read and write
2995A729000
heap
page read and write
745800728000
trusted library allocation
page read and write
2B4401E10000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2995A7B1000
heap
page read and write
2B44015D4000
trusted library allocation
page read and write
1AD2E000
stack
page read and write
211C1000
heap
page read and write
2B4401068000
trusted library allocation
page read and write
2B4401BF0000
trusted library allocation
page read and write
2B44002F0000
trusted library allocation
page read and write
21020000
trusted library allocation
page read and write
2B4400210000
trusted library allocation
page read and write
2B4401918000
trusted library allocation
page read and write
2B4401D94000
trusted library allocation
page read and write
2995A77B000
heap
page read and write
2B4400CEC000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
2103D000
heap
page read and write
2B4401E70000
trusted library allocation
page read and write
745800974000
trusted library allocation
page read and write
514000
unkown
page execute and read and write
283C9D95000
heap
page read and write
21430000
heap
page read and write
2B4401D10000
trusted library allocation
page read and write
4628001DC000
trusted library allocation
page read and write
2B44012F4000
trusted library allocation
page read and write
2B6400248000
trusted library allocation
page read and write
2B44019C0000
trusted library allocation
page read and write
283C9D99000
heap
page read and write
21047000
heap
page read and write
2B4401934000
trusted library allocation
page read and write
213EE000
stack
page read and write
2995A74F000
heap
page read and write
462800108000
trusted library allocation
page read and write
2B44016A0000
trusted library allocation
page read and write
2B4401948000
trusted library allocation
page read and write
2B4400214000
trusted library allocation
page read and write
6C850000
unkown
page read and write
2B4401264000
trusted library allocation
page read and write
211B7000
heap
page read and write
2B4401974000
trusted library allocation
page read and write
2B4401A34000
trusted library allocation
page read and write
2995A762000
heap
page read and write
2B44015D4000
trusted library allocation
page read and write
4628001EC000
trusted library allocation
page read and write
2B440022C000
trusted library allocation
page read and write
21050000
heap
page read and write
2B4401584000
trusted library allocation
page read and write
728800278000
trusted library allocation
page read and write
462800030000
trusted library allocation
page read and write
747C00220000
direct allocation
page read and write
2B4400768000
trusted library allocation
page read and write
2B4400BC8000
trusted library allocation
page read and write
747C0024C000
direct allocation
page read and write
4628002D8000
trusted library allocation
page read and write
E728DFE000
unkown
page readonly
2B44017AC000
trusted library allocation
page read and write
2B440037C000
trusted library allocation
page read and write
458400430000
trusted library allocation
page read and write
2B44018DC000
trusted library allocation
page read and write
27F17000
heap
page read and write
745800424000
trusted library allocation
page read and write
283CA303000
heap
page read and write
27EE0000
heap
page read and write
2B4401578000
trusted library allocation
page read and write
2B4401430000
trusted library allocation
page read and write
2B4401AC0000
trusted library allocation
page read and write
458400210000
trusted library allocation
page read and write
2B4400220000
trusted library allocation
page read and write
2105F000
heap
page read and write
2B4401A74000
trusted library allocation
page read and write
2B440020C000
trusted library allocation
page read and write
2B4401834000
trusted library allocation
page read and write
747C00303000
direct allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
E7175F4000
stack
page read and write
E71EDFE000
unkown
page readonly
7458007C0000
trusted library allocation
page read and write
2B4402A0C000
trusted library allocation
page read and write
2B4401E18000
trusted library allocation
page read and write
2B440037C000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
6C64D000
unkown
page readonly
2B4401E48000
trusted library allocation
page read and write
2B4401CA0000
trusted library allocation
page read and write
21054000
heap
page read and write
7458006AC000
trusted library allocation
page read and write
2B4401A58000
trusted library allocation
page read and write
2995A7CF000
heap
page read and write
2B4401598000
trusted library allocation
page read and write
2B4400F4C000
trusted library allocation
page read and write
E7335FE000
stack
page read and write
299588BD000
heap
page read and write
458400284000
trusted library allocation
page read and write
2103D000
heap
page read and write
2103D000
heap
page read and write
462800354000
trusted library allocation
page read and write
283C9D97000
heap
page read and write
747C00316000
direct allocation
page read and write
2B4401E0C000
trusted library allocation
page read and write
747C00234000
direct allocation
page read and write
299587D0000
trusted library allocation
page read and write
2B440160C000
trusted library allocation
page read and write
747C00308000
direct allocation
page read and write
E73ADFE000
unkown
page readonly
2B4401AAC000
trusted library allocation
page read and write
462800190000
trusted library allocation
page read and write
2B4401930000
trusted library allocation
page read and write
6F0000
heap
page read and write
2843D000
heap
page read and write
7458008E8000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B44013B1000
trusted library allocation
page read and write
2B44017A8000
trusted library allocation
page read and write
2995A7CF000
heap
page read and write
45840040C000
trusted library allocation
page read and write
21047000
heap
page read and write
46280016C000
trusted library allocation
page read and write
46280040C000
trusted library allocation
page read and write
21120000
heap
page read and write
2B4401988000
trusted library allocation
page read and write
2B4400F4C000
trusted library allocation
page read and write
2B4401DF8000
trusted library allocation
page read and write
2B4401424000
trusted library allocation
page read and write
2B4401430000
trusted library allocation
page read and write
283C9DA0000
heap
page read and write
61EB4000
direct allocation
page read and write
2B4401300000
trusted library allocation
page read and write
283C9DA4000
heap
page read and write
1AC9D000
stack
page read and write
299588DC000
heap
page read and write
2995A7E7000
heap
page read and write
745800848000
trusted library allocation
page read and write
21054000
heap
page read and write
462800428000
trusted library allocation
page read and write
2B4401E50000
trusted library allocation
page read and write
2B44019D8000
trusted library allocation
page read and write
2B4401380000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
2B4401388000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
2B4401760000
trusted library allocation
page read and write
299588AA000
heap
page read and write
2B4402A0C000
trusted library allocation
page read and write
61ED0000
direct allocation
page read and write
2B4401D0C000
trusted library allocation
page read and write
2B44015D4000
trusted library allocation
page read and write
2B440147E000
trusted library allocation
page read and write
2106B000
heap
page read and write
E72A5FE000
stack
page read and write
263E000
stack
page read and write
2B4401354000
trusted library allocation
page read and write
2B4400CAC000
trusted library allocation
page read and write
E73EDFE000
unkown
page readonly
458400360000
trusted library allocation
page read and write
258E000
stack
page read and write
2B4401654000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
E732DFE000
unkown
page readonly
2103D000
heap
page read and write
747C002D8000
direct allocation
page read and write
462800380000
trusted library allocation
page read and write
2B44013C8000
trusted library allocation
page read and write
2995A70F000
heap
page read and write
4628002A4000
trusted library allocation
page read and write
2B4400B10000
trusted library allocation
page read and write
45840031C000
trusted library allocation
page read and write
2B4401898000
trusted library allocation
page read and write
2B44002A4000
trusted library allocation
page read and write
2B4401350000
trusted library allocation
page read and write
2B4400FC8000
trusted library allocation
page read and write
299588F3000
heap
page read and write
728800230000
trusted library allocation
page read and write
2B4401D50000
trusted library allocation
page read and write
45840032C000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
2B4401AA0000
trusted library allocation
page read and write
2B4401080000
trusted library allocation
page read and write
2B44019DC000
trusted library allocation
page read and write
2B4401910000
trusted library allocation
page read and write
2B4401A5C000
trusted library allocation
page read and write
E71D5FE000
stack
page read and write
2B44016A0000
trusted library allocation
page read and write
46280006C000
trusted library allocation
page read and write
2B4401598000
trusted library allocation
page read and write
2B440168E000
trusted library allocation
page read and write
46280041C000
trusted library allocation
page read and write
46280007C000
trusted library allocation
page read and write
2995A740000
heap
page read and write
29958670000
heap
page read and write
2B44018D0000
trusted library allocation
page read and write
6D019000
unkown
page readonly
21064000
heap
page read and write
2B44002F0000
trusted library allocation
page read and write
2995A739000
heap
page read and write
4628002E4000
trusted library allocation
page read and write
745800868000
trusted library allocation
page read and write
2B44001E0000
trusted library allocation
page read and write
E7285FD000
stack
page read and write
2995A771000
heap
page read and write
2B4400B50000
trusted library allocation
page read and write
2B4401054000
trusted library allocation
page read and write
462800368000
trusted library allocation
page read and write
2B64002D8000
trusted library allocation
page read and write
4628000F8000
trusted library allocation
page read and write
210BB000
heap
page read and write
2B44015D4000
trusted library allocation
page read and write
21054000
heap
page read and write
283CA30E000
heap
page read and write
2B44013DE000
trusted library allocation
page read and write
2B4401678000
trusted library allocation
page read and write
2B4400480000
trusted library allocation
page read and write
21047000
heap
page read and write
4628002A8000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
7458006C8000
trusted library allocation
page read and write
2B44001DC000
trusted library allocation
page read and write
2B4401E88000
trusted library allocation
page read and write
2B4401678000
trusted library allocation
page read and write
E7185FE000
unkown
page read and write
2103D000
heap
page read and write
210BA000
heap
page read and write
E730DFE000
unkown
page readonly
2B4400BC8000
trusted library allocation
page read and write
2B44016A4000
trusted library allocation
page read and write
747C002EC000
direct allocation
page read and write
458400290000
trusted library allocation
page read and write
462800438000
trusted library allocation
page read and write
E72ADFE000
unkown
page readonly
2995A7B5000
heap
page read and write
2B4401D70000
trusted library allocation
page read and write
2B4401CA0000
trusted library allocation
page read and write
2B44001C8000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
21054000
heap
page read and write
2B44019BC000
trusted library allocation
page read and write
283C9DA2000
heap
page read and write
1AA1F000
stack
page read and write
2995882F000
heap
page read and write
2995A76E000
heap
page read and write
462800210000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
45840027C000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
4628002E4000
trusted library allocation
page read and write
2995A730000
heap
page read and write
462800354000
trusted library allocation
page read and write
462800230000
trusted library allocation
page read and write
462800270000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
7288002A8000
trusted library allocation
page read and write
462800310000
trusted library allocation
page read and write
2B64002A0000
trusted library allocation
page read and write
462800454000
trusted library allocation
page read and write
21062000
heap
page read and write
728800274000
trusted library allocation
page read and write
2B44017D0000
trusted library allocation
page read and write
4584003AC000
trusted library allocation
page read and write
2B440151B000
trusted library allocation
page read and write
2B64002A0000
trusted library allocation
page read and write
2B440041C000
trusted library allocation
page read and write
2B4401AA4000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
21050000
heap
page read and write
2B4401D4C000
trusted library allocation
page read and write
7288002B8000
trusted library allocation
page read and write
2B44001D0000
trusted library allocation
page read and write
2B4401754000
trusted library allocation
page read and write
2B4400F4C000
trusted library allocation
page read and write
745800248000
trusted library allocation
page read and write
2B44001B4000
trusted library allocation
page read and write
2995A7B5000
heap
page read and write
462800240000
trusted library allocation
page read and write
21046000
heap
page read and write
2B4400FA4000
trusted library allocation
page read and write
E71F5FE000
stack
page read and write
E73C5FE000
stack
page read and write
2B44010B4000
trusted library allocation
page read and write
283C9D99000
heap
page read and write
2B44007AC000
trusted library allocation
page read and write
2995A7A3000
heap
page read and write
2B44017D8000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2B4400464000
trusted library allocation
page read and write
2B4400328000
trusted library allocation
page read and write
2B44019A4000
trusted library allocation
page read and write
6EB000
unkown
page readonly
E742DFE000
unkown
page readonly
45840032C000
trusted library allocation
page read and write
747C00244000
direct allocation
page read and write
2B64002C0000
trusted library allocation
page read and write
2B440137E000
trusted library allocation
page read and write
2340000
direct allocation
page execute and read and write
29958843000
heap
page read and write
745800884000
trusted library allocation
page read and write
728800288000
trusted library allocation
page read and write
2B44002B4000
trusted library allocation
page read and write
283CA2FE000
heap
page read and write
2B44001D8000
trusted library allocation
page read and write
2B440139C000
trusted library allocation
page read and write
462800340000
trusted library allocation
page read and write
21062000
heap
page read and write
2102F000
heap
page read and write
2B44012F4000
trusted library allocation
page read and write
46280021C000
trusted library allocation
page read and write
80B000
heap
page read and write
27F20000
heap
page read and write
2B44001EC000
trusted library allocation
page read and write
2B4401DDC000
trusted library allocation
page read and write
2B440180C000
trusted library allocation
page read and write
2B4401878000
trusted library allocation
page read and write
2B4401A28000
trusted library allocation
page read and write
2B44001E8000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
2103D000
heap
page read and write
2B4400CD4000
trusted library allocation
page read and write
2B440137B000
trusted library allocation
page read and write
213B0000
remote allocation
page read and write
462800001000
trusted library allocation
page read and write
74580071C000
trusted library allocation
page read and write
7288002B4000
trusted library allocation
page read and write
747C002D0000
direct allocation
page read and write
458400300000
trusted library allocation
page read and write
2B440159C000
trusted library allocation
page read and write
458400310000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
462800140000
trusted library allocation
page read and write
2B440037C000
trusted library allocation
page read and write
2B4401768000
trusted library allocation
page read and write
728800294000
trusted library allocation
page read and write
21020000
heap
page read and write
2B4400F7C000
trusted library allocation
page read and write
4584003BC000
trusted library allocation
page read and write
2B64002A0000
trusted library allocation
page read and write
462800250000
trusted library allocation
page read and write
2B4401908000
trusted library allocation
page read and write
462800224000
trusted library allocation
page read and write
2B4401C84000
trusted library allocation
page read and write
E7415FE000
stack
page read and write
2B440108C000
trusted library allocation
page read and write
7458008E4000
trusted library allocation
page read and write
2B44010F0000
trusted library allocation
page read and write
6CFD1000
unkown
page readonly
46280024C000
trusted library allocation
page read and write
549000
unkown
page execute and read and write
2B4400328000
trusted library allocation
page read and write
2B440185C000
trusted library allocation
page read and write
2B4401978000
trusted library allocation
page read and write
2B44015AC000
trusted library allocation
page read and write
2995A613000
heap
page read and write
2995885A000
heap
page read and write
2B44001F8000
trusted library allocation
page read and write
2B4401E60000
trusted library allocation
page read and write
6C670000
unkown
page readonly
2B4400330000
trusted library allocation
page read and write
2B4401015000
trusted library allocation
page read and write
283C9D9C000
heap
page read and write
2B4401840000
trusted library allocation
page read and write
747C00328000
direct allocation
page read and write
4584002C4000
trusted library allocation
page read and write
2B4401DBC000
trusted library allocation
page read and write
21057000
heap
page read and write
283C9D8F000
heap
page read and write
2B4400328000
trusted library allocation
page read and write
21040000
heap
page read and write
299588C8000
heap
page read and write
2B4401A60000
trusted library allocation
page read and write
462800254000
trusted library allocation
page read and write
299588B8000
heap
page read and write
2995A7C7000
heap
page read and write
29958927000
heap
page read and write
46280040F000
trusted library allocation
page read and write
7458008C8000
trusted library allocation
page read and write
747C00274000
direct allocation
page read and write
A9E000
stack
page read and write
747C00230000
direct allocation
page read and write
2B44017D4000
trusted library allocation
page read and write
2B64002A0000
trusted library allocation
page read and write
E7345FE000
stack
page read and write
2643000
heap
page read and write
6C5D1000
unkown
page execute read
2103D000
heap
page read and write
2B4401654000
trusted library allocation
page read and write
2995A751000
heap
page read and write
7288002B4000
trusted library allocation
page read and write
E7365FE000
stack
page read and write
2142A000
heap
page read and write
2B4401C5C000
trusted library allocation
page read and write
2B4401440000
trusted library allocation
page read and write
747C00294000
direct allocation
page read and write
2B44002A4000
trusted library allocation
page read and write
7458007A0000
trusted library allocation
page read and write
299588A3000
heap
page read and write
2B4400294000
trusted library allocation
page read and write
2B44015D4000
trusted library allocation
page read and write
2B44015C0000
trusted library allocation
page read and write
E7255FD000
stack
page read and write
299588E2000
heap
page read and write
2B4401EB4000
trusted library allocation
page read and write
2B440279C000
trusted library allocation
page read and write
2836C000
stack
page read and write
46280009E000
trusted library allocation
page read and write
2B44018F8000
trusted library allocation
page read and write
21220000
trusted library allocation
page read and write
2B44007AC000
trusted library allocation
page read and write
2B44002B4000
trusted library allocation
page read and write
29958690000
heap
page read and write
42C800244000
direct allocation
page read and write
2995881D000
heap
page read and write
2B4401EC4000
trusted library allocation
page read and write
4584003C0000
trusted library allocation
page read and write
2995A7D6000
heap
page read and write
2B4400330000
trusted library allocation
page read and write
2B4400BC8000
trusted library allocation
page read and write
E72B5FE000
stack
page read and write
458400308000
trusted library allocation
page read and write
1AA5E000
stack
page read and write
747C00210000
direct allocation
page read and write
46280017C000
trusted library allocation
page read and write
7458006AC000
trusted library allocation
page read and write
2B44015D4000
trusted library allocation
page read and write
462800214000
trusted library allocation
page read and write
2B4401EB0000
trusted library allocation
page read and write
458400424000
trusted library allocation
page read and write
2B44018E8000
trusted library allocation
page read and write
2B4401E1C000
trusted library allocation
page read and write
2B64002C8000
trusted library allocation
page read and write
2B4400330000
trusted library allocation
page read and write
648000
unkown
page execute and read and write
458400250000
trusted library allocation
page read and write
21054000
heap
page read and write
2995882C000
heap
page read and write
814000
heap
page read and write
2B44015D4000
trusted library allocation
page read and write
2B4401830000
trusted library allocation
page read and write
2B440189C000
trusted library allocation
page read and write
E7215FE000
stack
page read and write
283C9DA4000
heap
page read and write
2B440181C000
trusted library allocation
page read and write
E71DDFE000
unkown
page readonly
283C9D94000
heap
page read and write
2B44013C0000
trusted library allocation
page read and write
462800314000
trusted library allocation
page read and write
2995889F000
heap
page read and write
2B4401964000
trusted library allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
2B4400330000
trusted library allocation
page read and write
2B44010F0000
trusted library allocation
page read and write
2B4401BB8000
trusted library allocation
page read and write
46280023C000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
283C9DA4000
heap
page read and write
2B4400C8C000
trusted library allocation
page read and write
462800234000
trusted library allocation
page read and write
7458007E4000
trusted library allocation
page read and write
6CF70000
unkown
page readonly
462800268000
trusted library allocation
page read and write
2B44017C0000
trusted library allocation
page read and write
7288002E4000
trusted library allocation
page read and write
E736DFE000
unkown
page readonly
2B440160C000
trusted library allocation
page read and write
2B44019C4000
trusted library allocation
page read and write
2B4400464000
trusted library allocation
page read and write
728800210000
trusted library allocation
page read and write
2995A7C7000
heap
page read and write
2B44016A0000
trusted library allocation
page read and write
1AE50000
heap
page read and write
7288002C8000
trusted library allocation
page read and write
462800258000
trusted library allocation
page read and write
E73B5FE000
stack
page read and write
2B4401A88000
trusted library allocation
page read and write
2B44015AC000
trusted library allocation
page read and write
E7205FE000
stack
page read and write
74580040C000
trusted library allocation
page read and write
4628002D8000
trusted library allocation
page read and write
2B44019C8000
trusted library allocation
page read and write
747C00250000
direct allocation
page read and write
2B44019F8000
trusted library allocation
page read and write
2B44018B4000
trusted library allocation
page read and write
8C7000
heap
page read and write
21220000
trusted library allocation
page read and write
747C00290000
direct allocation
page read and write
2B4400387000
trusted library allocation
page read and write
7458007E0000
trusted library allocation
page read and write
2B4401DD0000
trusted library allocation
page read and write
8C5000
heap
page read and write
2B440033C000
trusted library allocation
page read and write
2128E000
stack
page read and write
2B4401DB8000
trusted library allocation
page read and write
728800264000
trusted library allocation
page read and write
2995889F000
heap
page read and write
2B4400328000
trusted library allocation
page read and write
4628004A0000
trusted library allocation
page read and write
2B440108C000
trusted library allocation
page read and write
2B44018CC000
trusted library allocation
page read and write
2B4401874000
trusted library allocation
page read and write
2103D000
heap
page read and write
7458009C4000
trusted library allocation
page read and write
2105F000
heap
page read and write
2B44015D4000
trusted library allocation
page read and write
2B4400330000
trusted library allocation
page read and write
46280025C000
trusted library allocation
page read and write
21047000
heap
page read and write
2B4401054000
trusted library allocation
page read and write
2B4401124000
trusted library allocation
page read and write
2995A731000
heap
page read and write
283C9DA0000
heap
page read and write
4628002E4000
trusted library allocation
page read and write
21047000
heap
page read and write
2B4400464000
trusted library allocation
page read and write
745800898000
trusted library allocation
page read and write
E741DFE000
unkown
page readonly
7288002A0000
trusted library allocation
page read and write
462800401000
trusted library allocation
page read and write
728800294000
trusted library allocation
page read and write
2B4400BC8000
trusted library allocation
page read and write
2B4402A2C000
trusted library allocation
page read and write
2B4401D7C000
trusted library allocation
page read and write
192000
stack
page read and write
2B44018B8000
trusted library allocation
page read and write
2B44018E0000
trusted library allocation
page read and write
21047000
heap
page read and write
2B4400D1C000
trusted library allocation
page read and write
21036000
heap
page read and write
2B4400328000
trusted library allocation
page read and write
2B4400CD4000
trusted library allocation
page read and write
46280020C000
trusted library allocation
page read and write
2B64002C0000
trusted library allocation
page read and write
E7355FE000
stack
page read and write
1AE61000
heap
page read and write
2B4400DAC000
trusted library allocation
page read and write
7288002B4000
trusted library allocation
page read and write
2B4401C7C000
trusted library allocation
page read and write
2B4400F98000
trusted library allocation
page read and write
213B0000
remote allocation
page read and write
2B4400118000
trusted library allocation
page read and write
21422000
heap
page read and write
2B4401F58000
trusted library allocation
page read and write
21054000
heap
page read and write
2B4401DF4000
trusted library allocation
page read and write
462800260000
trusted library allocation
page read and write
E734DFE000
unkown
page readonly
462800444000
trusted library allocation
page read and write
2B440140C000
trusted library allocation
page read and write
2B44017EC000
trusted library allocation
page read and write
21062000
heap
page read and write
2B4400E30000
trusted library allocation
page read and write
2B4400CC8000
trusted library allocation
page read and write
2B44019E8000
trusted library allocation
page read and write
2B4401D08000
trusted library allocation
page read and write
2B4402004000
trusted library allocation
page read and write
74580085C000
trusted library allocation
page read and write
E72F5FE000
stack
page read and write
2B440037C000
trusted library allocation
page read and write
2995A72B000
heap
page read and write
283CA2E1000
heap
page read and write
2B44002F0000
trusted library allocation
page read and write
458400220000
trusted library allocation
page read and write
2B440041E000
trusted library allocation
page read and write
4584002A4000
trusted library allocation
page read and write
2B4401928000
trusted library allocation
page read and write
2B44016A0000
trusted library allocation
page read and write
299588C1000
heap
page read and write
283C9D95000
heap
page read and write
2B4402A1C000
trusted library allocation
page read and write
57B000
unkown
page execute and read and write
8C7000
heap
page read and write
2B4401754000
trusted library allocation
page read and write
2B4400C88000
trusted library allocation
page read and write
2B4401E4C000
trusted library allocation
page read and write
7458007D0000
trusted library allocation
page read and write
819000
heap
page read and write
74580060C000
trusted library allocation
page read and write
299588A5000
heap
page read and write
4584002D0000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B4401A2C000
trusted library allocation
page read and write
728800294000
trusted library allocation
page read and write
73E000
stack
page read and write
78A000
heap
page read and write
1AE60000
heap
page read and write
462800090000
trusted library allocation
page read and write
4628001C4000
trusted library allocation
page read and write
462800274000
trusted library allocation
page read and write
2B4400218000
trusted library allocation
page read and write
2B4401EA0000
trusted library allocation
page read and write
2B440021C000
trusted library allocation
page read and write
E720DFE000
unkown
page readonly
745800790000
trusted library allocation
page read and write
4628003A4000
trusted library allocation
page read and write
E727DFE000
unkown
page readonly
2B4401A44000
trusted library allocation
page read and write
2B44018BC000
trusted library allocation
page read and write
462800334000
trusted library allocation
page read and write
2995892B000
heap
page read and write
2B4401D2C000
trusted library allocation
page read and write
745800828000
trusted library allocation
page read and write
2B4401DF4000
trusted library allocation
page read and write
8C7000
heap
page read and write
2B44010F0000
trusted library allocation
page read and write
29958958000
heap
page read and write
E724DFE000
unkown
page readonly
2B4400464000
trusted library allocation
page read and write
4628002CC000
trusted library allocation
page read and write
2B44013A8000
trusted library allocation
page read and write
4A7000
unkown
page readonly
61E00000
direct allocation
page execute and read and write
2B4401524000
trusted library allocation
page read and write
2102B000
heap
page read and write
458400320000
trusted library allocation
page read and write
2B4401ABC000
trusted library allocation
page read and write
2B4401EE0000
trusted library allocation
page read and write
2B44013EC000
trusted library allocation
page read and write
747C00260000
direct allocation
page read and write
462800054000
trusted library allocation
page read and write
2B440190C000
trusted library allocation
page read and write
4628002A0000
trusted library allocation
page read and write
E72BDFE000
unkown
page readonly
747C00201000
direct allocation
page read and write
21043000
heap
page read and write
45840025C000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
E7295FE000
stack
page read and write
2B440031C000
trusted library allocation
page read and write
2995DAA0000
trusted library allocation
page read and write
1AE61000
heap
page read and write
462800060000
trusted library allocation
page read and write
46280037C000
trusted library allocation
page read and write
2B4400E9C000
trusted library allocation
page read and write
2B4401CB0000
trusted library allocation
page read and write
2B440157D000
trusted library allocation
page read and write
2995A75F000
heap
page read and write
2B4401F58000
trusted library allocation
page read and write
2138F000
stack
page read and write
462800114000
trusted library allocation
page read and write
264C000
heap
page read and write
29958930000
heap
page read and write
2B4400298000
trusted library allocation
page read and write
2B4400C50000
trusted library allocation
page read and write
2102D000
heap
page read and write
2B4401D0C000
trusted library allocation
page read and write
4628002FC000
trusted library allocation
page read and write
299588A3000
heap
page read and write
462800248000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
E729DFE000
unkown
page readonly
E7325FC000
stack
page read and write
2B4401080000
trusted library allocation
page read and write
7458006E8000
trusted library allocation
page read and write
2B4401A24000
trusted library allocation
page read and write
2B440182C000
trusted library allocation
page read and write
458400408000
trusted library allocation
page read and write
61ECC000
direct allocation
page read and write
80F000
heap
page read and write
2B4401960000
trusted library allocation
page read and write
46280000C000
trusted library allocation
page read and write
2B4400330000
trusted library allocation
page read and write
728800220000
trusted library allocation
page read and write
299588A5000
heap
page read and write
2B4401D30000
trusted library allocation
page read and write
2B44014C5000
trusted library allocation
page read and write
27F2A000
heap
page read and write
E71BDFE000
unkown
page readonly
2B4400328000
trusted library allocation
page read and write
747C00212000
direct allocation
page read and write
4628003E0000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
4628000FC000
trusted library allocation
page read and write
E73DDFE000
unkown
page readonly
2B4401820000
trusted library allocation
page read and write
4628003F0000
trusted library allocation
page read and write
4628004AC000
trusted library allocation
page read and write
458400374000
trusted library allocation
page read and write
745800830000
trusted library allocation
page read and write
2B4401418000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
21044000
heap
page read and write
E71FDFE000
unkown
page readonly
2B44015D4000
trusted library allocation
page read and write
299588C4000
heap
page read and write
2B4401AE0000
trusted library allocation
page read and write
74580080C000
trusted library allocation
page read and write
29958913000
heap
page read and write
29958930000
heap
page read and write
4628001F0000
trusted library allocation
page read and write
21020000
trusted library allocation
page read and write
7458007D4000
trusted library allocation
page read and write
2B4400CEC000
trusted library allocation
page read and write
1AE61000
heap
page read and write
2B44019F4000
trusted library allocation
page read and write
2B4400BCC000
trusted library allocation
page read and write
462800228000
trusted library allocation
page read and write
2B440036C000
trusted library allocation
page read and write
2B64002C0000
trusted library allocation
page read and write
7288002FC000
trusted library allocation
page read and write
2B4400FC0000
trusted library allocation
page read and write
74580078C000
trusted library allocation
page read and write
2995A77D000
heap
page read and write
56E000
unkown
page execute and read and write
5AA000
unkown
page execute and read and write
29958813000
heap
page read and write
6E8000
unkown
page execute and read and write
74580039C000
trusted library allocation
page read and write
4628002D8000
trusted library allocation
page read and write
2B44014C5000
trusted library allocation
page read and write
458400380000
trusted library allocation
page read and write
2B4401848000
trusted library allocation
page read and write
7288002D8000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B4401DA0000
trusted library allocation
page read and write
29958800000
heap
page read and write
462800020000
trusted library allocation
page read and write
2B44012F4000
trusted library allocation
page read and write
29958886000
heap
page read and write
2B4400328000
trusted library allocation
page read and write
458400248000
trusted library allocation
page read and write
668000
unkown
page execute and read and write
462800368000
trusted library allocation
page read and write
1AE2D000
stack
page read and write
2B44013EC000
trusted library allocation
page read and write
7288002F8000
trusted library allocation
page read and write
29962A02000
heap
page read and write
2995A602000
heap
page read and write
6C84E000
unkown
page read and write
7288002A8000
trusted library allocation
page read and write
2B64002C0000
trusted library allocation
page read and write
2B44002F0000
trusted library allocation
page read and write
2B440198C000
trusted library allocation
page read and write
2B4400CD4000
trusted library allocation
page read and write
2B440138C000
trusted library allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B64002A4000
trusted library allocation
page read and write
4628001D8000
trusted library allocation
page read and write
2B44019D4000
trusted library allocation
page read and write
2B4400380000
trusted library allocation
page read and write
747C0030A000
direct allocation
page read and write
2B440033C000
trusted library allocation
page read and write
2B4400FC0000
trusted library allocation
page read and write
462800134000
trusted library allocation
page read and write
2B44015AC000
trusted library allocation
page read and write
462800030000
trusted library allocation
page read and write
E71B5FE000
stack
page read and write
283C9D9A000
heap
page read and write
2B4401368000
trusted library allocation
page read and write
4628001A8000
trusted library allocation
page read and write
458400338000
trusted library allocation
page read and write
2B4401532000
trusted library allocation
page read and write
2B4401DA8000
trusted library allocation
page read and write
2B4401940000
trusted library allocation
page read and write
728800238000
trusted library allocation
page read and write
21054000
heap
page read and write
299588BE000
heap
page read and write
2B4401C74000
trusted library allocation
page read and write
29962A00000
heap
page read and write
2B44018FC000
trusted library allocation
page read and write
2B44001F0000
trusted library allocation
page read and write
4584002F4000
trusted library allocation
page read and write
1AF62000
heap
page read and write
2B4400CFC000
trusted library allocation
page read and write
2B4401E9C000
trusted library allocation
page read and write
46280019C000
trusted library allocation
page read and write
46280025C000
trusted library allocation
page read and write
2B4400CD4000
trusted library allocation
page read and write
2B44007AC000
trusted library allocation
page read and write
728800248000
trusted library allocation
page read and write
2995DAA0000
trusted library allocation
page read and write
2995A5B0000
trusted library section
page readonly
299588AC000
heap
page read and write
283CA2E3000
heap
page read and write
2103D000
heap
page read and write
2B4401F3C000
trusted library allocation
page read and write
2B44002FC000
trusted library allocation
page read and write
2995A7B1000
heap
page read and write
299588C5000
heap
page read and write
61EB7000
direct allocation
page readonly
2B4400CFC000
trusted library allocation
page read and write
747C002D0000
direct allocation
page read and write
283CA323000
heap
page read and write
46280037C000
trusted library allocation
page read and write
2995A79B000
heap
page read and write
2B4401D08000
trusted library allocation
page read and write
462800040000
trusted library allocation
page read and write
21054000
heap
page read and write
462800368000
trusted library allocation
page read and write
4628001F8000
trusted library allocation
page read and write
2B4400294000
trusted library allocation
page read and write
2B44015D4000
trusted library allocation
page read and write
4628001E8000
trusted library allocation
page read and write
2B4401DC0000
trusted library allocation
page read and write
745800788000
trusted library allocation
page read and write
401000
unkown
page execute read
E731DFE000
unkown
page readonly
2995A7C7000
heap
page read and write
2B4400F70000
trusted library allocation
page read and write
780000
heap
page read and write
21047000
heap
page read and write
2B4401E2C000
trusted library allocation
page read and write
2B4400D1C000
trusted library allocation
page read and write
2B44014D9000
trusted library allocation
page read and write
458400284000
trusted library allocation
page read and write
There are 1320 hidden memdumps, click here to show them.