IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\BKFHCGIDBAAFHIDHDAAE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\DGHCBAAEHCFIDGDHJEHCBGCGDB
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\EGCBFIEHIEGCAAAKKKKE
ASCII text, with very long lines (1717), with CRLF line terminators
dropped
C:\ProgramData\FBFCFIEB
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FBKFCFBFIDGCGDHJDBKF
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\IDAKJKEHDBGHIDHIEHDBAAFHJK
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\IJKJJKFH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\chrome.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\219fda36-7b0b-4429-9c7d-23c4c5488457.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\23f09f45-f5d8-461d-bf13-d044f9f555c7.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8d40f6ee-6216-4d2e-a781-694a0999f4b0.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8d77abbb-f999-4ad3-8822-07228e5aec05.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\a71d50b2-79ee-4122-9441-b23d58258f3f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67211471-1E64.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\51dc45b6-e829-41f9-9814-2ad8c2d1a217.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7305e7b5-c6d6-4b11-ab6f-3dba2bff062c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7fe7c86c-6d76-4e01-85cd-71cc674d551f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\99ebd57c-93c0-48d9-9884-15a84fc762ae.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2bb6c3d0-9a00-4918-b2bb-0295f657b02d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2c85c6d1-a9af-4c93-a915-9eb1737a71ed.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\52d9fb97-75d8-4ed0-b19c-03538870191a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\6b306eb7-b2a6-464c-8b42-00db60559b7d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF4d955.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 9
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3c9aa.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3dd61.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3de99.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a1bcc130-991a-4e8a-b707-2c5f19b9b8a2.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a8abbe47-3a61-49d4-ba77-f9eaf6938ef9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b1da953b-f866-48fa-bbd4-dfc890923195.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4127b.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF45948.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4ce97.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF42cc9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4436e.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374694772692780
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\009f3b25-e578-48e9-a065-58964a506b8b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\0f811625-d76c-4a4b-aa94-216670ad4dd0.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\17f5d813-261d-43da-acf6-0bc4afc8a352.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\2edea585-bc3a-4237-9262-3adbe9185fee.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3dd61.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3de99.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b27ae428-bde3-4239-8b58-5756f8ec1660.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\be797d2e-d59a-484b-87f7-2dbee7fa9f17.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c449f33f-80b1-477e-9b26-8d32369d3dab.tmp
Unicode text, UTF-8 text, with very long lines (17603), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\dc53e1bc-3429-4ea6-9e67-66babca1cc8b.tmp
Unicode text, UTF-8 text, with very long lines (17603), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f7cb9de0-6fa7-4945-b6fa-370baac7fb71.tmp
Unicode text, UTF-8 text, with very long lines (17438), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fd2f75c9-1e3b-4e18-b0a0-5bf8377fec0f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bbcf.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bc3c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bd46.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e446.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF42007.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4ce78.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF52a24.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store_new
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a2ae9e2d-0d25-4ba9-ada4-14cc83b9e4d2.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a55d464f-ffa0-4f55-b91a-417fef7dd016.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d94009ae-9bd4-4483-91e8-75dc396686b1.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\db606344-79c8-483f-910d-1574fa635471.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\093ae4f3-e924-49d8-8a5b-ae7ca15dfa7b.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41924
dropped
C:\Users\user\AppData\Local\Temp\28586e00-3e22-4793-8ad3-c1d1af00bf75.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\5a91bd57-0381-4e3d-b16f-6f54e8d7b5b0.tmp
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\889046ad-1076-45f5-b64f-10e7a38c31ad.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\ca0b2719-94ec-40a8-be6f-4bb3728aee4f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\eaf94e86-d463-4a99-ad36-15f62bdf52ea.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\eca76b28-8419-4c0e-99d2-702fa64dd4fb.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3700)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3705)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1185864583\eaf94e86-d463-4a99-ad36-15f62bdf52ea.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1958260108\28586e00-3e22-4793-8ad3-c1d1af00bf75.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1958260108\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1958260108\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1958260108\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir7780_1958260108\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
data
dropped
Chrome Cache Entry: 453
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 454
ASCII text, with very long lines (2287)
downloaded
Chrome Cache Entry: 455
ASCII text, with very long lines (5923)
downloaded
Chrome Cache Entry: 456
ASCII text
downloaded
Chrome Cache Entry: 457
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 458
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 459
SVG Scalable Vector Graphics image
downloaded
There are 281 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2796 --field-trial-handle=2320,i,15118049081942397489,15205487494085230485,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2772 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6692 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6848 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7412 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7412 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6980 --field-trial-handle=2208,i,2038679318912757788,6254700401294016102,262144 /prefetch:8
malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 --field-trial-handle=2212,i,17521321989125711666,7412979055019799333,262144 /prefetch:8
There are 2 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.206/
185.215.113.206
 malicious
http://185.215.113.206/6c4adf523b719729.php
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/softokn3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/freebl3.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/mozglue.dll
185.215.113.206
 malicious
http://185.215.113.206/746f34465cf17784/nss3.dll
185.215.113.206
 malicious
https://google-ohttp-relay-join.fastly-edge.com/(h
unknown
https://google-ohttp-relay-join.fastly-edge.com/jj
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://google-ohttp-relay-join.fastly-edge.com/Ij
unknown
https://mail.google.com/mail/?usp=installed_webapp
unknown
https://duckduckgo.com/ac/?q=
unknown
https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditing
unknown
https://permanently-removed.invalid/oauth2/v2/tokeninfo
unknown
http://185.215.113.206/746f34465cf17784/sqlite3.dllg
unknown
https://clients3.google.com/cast/chromecast/home/wallpaper/image?rt=b
unknown
https://docs.google.com/document/J
unknown
https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhone
unknown
http://anglebug.com/4633
unknown
https://anglebug.com/7382
unknown
https://issuetracker.google.com/284462263
unknown
https://.goof
unknown
https://clients3.google.com/cast/chromecast/home/wallpaper/collection-images?rt=bf
unknown
https://deff.nelreports.net/api/report?cat=msn
23.218.232.139
https://google-ohttp-relay-query.fastly-edge.com/f
unknown
https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEkly
unknown
https://publickeyservice.gcp.privacysandboxservices.com
unknown
http://polymer.github.io/AUTHORS.txt
unknown
https://docs.google.com/
unknown
https://docs.google.com/document/:
unknown
https://publickeyservice.pa.aws.privacysandboxservices.com
unknown
https://google-ohttp-relay-join.fastly-edge.com/9h
unknown
http://185.215.113.206/6c4adf523b719729.phpA4
unknown
https://photos.google.com/settings?referrer=CHROME_NTP
unknown
https://anglebug.com/7714
unknown
http://unisolated.invalid/
unknown
http://anglebug.com/3586emulateAdvancedBlendEquations
unknown
https://photos.google.com?referrer=CHROME_NTP
unknown
http://185.215.113.206/746f34465cf17784/mozglue.dllU
unknown
https://www.google.com/chrome/tips/
unknown
https://sb.scorecardresearch.com/b2?rn=1730221183264&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=359F0A28F1DB656E0F951F0FF08C6410&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
3.168.2.47
http://185.215.113.206/746f34465cf17784/sqlite3.dllG
unknown
https://drive.google.com/?lfhs=2
unknown
http://anglebug.com/6248
unknown
https://ogs.google.com/widget/callout?eom=1
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730221184818&w=0&anoncknm=app_anon&NoResponseBody=true
13.70.79.200
http://185.215.113.206/6c4adf523b719729.php17
unknown
http://anglebug.com/6929
unknown
http://anglebug.com/5281
unknown
https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhones
unknown
https://www.youtube.com/?feature=ytca
unknown
https://issuetracker.google.com/255411748
unknown
https://csp.withgoogle.com/csp/gws/cdt1rj
unknown
https://docs.google.com/document/u/0/create?usp=chrome_actions
unknown
https://permanently-removed.invalid/oauth2/v4/token
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
http://185.215.113.206/6c4adf523b719729.phpata
unknown
https://duckduckgo.com/?q=
unknown
https://chrome.google.com/webstore
unknown
https://drive-daily-2.corp.google.com/
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
http://polymer.github.io/PATENTS.txt
unknown
https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEklyT
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.ico
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icos
unknown
http://185.215.113.206/746f34465cf17784/nss3.dll7
unknown
http://185.215.113.206/746f34465cf17784/mozglue.dllQ
unknown
https://issuetracker.google.com/161903006
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1730221183262&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
13.70.79.200
https://www.ecosia.org/newtab/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://drive-daily-5.corp.google.com/
unknown
https://duckduckgo.com/favicon.ico
unknown
https://docs.google.com/spreadsheets/u/0/create?usp=chrome_actions
unknown
https://myaccount.google.com/data-and-privacy?utm_source=ga-chrome-actions&utm_medium=managePrivacy
unknown
https://plus.google.com
unknown
http://185.215.113.206/746f34465cf17784/nss3.dll.
unknown
https://drive-daily-3.corp.googlP2
unknown
https://permanently-removed.invalid/chrome/blank.html
unknown
http://anglebug.com/3078
unknown
http://anglebug.com/7553
unknown
http://anglebug.com/5375
unknown
https://permanently-removed.invalid/v1/issuetoken
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
216.58.206.78
http://anglebug.com/5371
unknown
http://anglebug.com/4722
unknown
https://m.google.com/devicemanagement/data/api
unknown
https://permanently-removed.invalid/reauth/v1beta/users/
unknown
https://docs.google.com/presentation/u/0/create?usp=chrome_actions
unknown
http://185.215.113.206/6c4adf523b719729.phpu7
unknown
http://anglebug.com/7556
unknown
https://chromewebstore.google.com/
unknown
https://drive-preprod.corp.google.com/
unknown
https://chrome.google.com/webstore/
unknown
https://clients4.google.com/chrome-sync
unknown
https://publickeyservice.pa.gcp.privacysandboxservices.com
unknown
https://www.google.com/tools/feedback/chrome/__submitf
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
162.159.61.3
plus.l.google.com
216.58.206.78
play.google.com
142.250.185.142
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.244.18.27
s-part-0017.t-0009.t-msedge.net
13.107.246.45
www.google.com
142.250.185.132
googlehosted.l.googleusercontent.com
216.58.206.33
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
apis.google.com
unknown
api.msn.com
unknown
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.6
unknown
unknown
malicious
185.215.113.206
unknown
Portugal
malicious
23.221.22.184
unknown
United States
23.198.7.181
unknown
United States
13.107.246.45
s-part-0017.t-0009.t-msedge.net
United States
216.58.206.78
plus.l.google.com
United States
216.58.206.33
googlehosted.l.googleusercontent.com
United States
18.244.18.27
sb.scorecardresearch.com
United States
192.168.2.5
unknown
unknown
20.125.209.212
unknown
United States
162.159.61.3
chrome.cloudflare-dns.com
United States
142.250.185.142
play.google.com
United States
23.218.232.185
unknown
United States
204.79.197.219
unknown
United States
23.222.241.148
unknown
United States
13.107.246.57
unknown
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
142.250.185.132
www.google.com
United States
23.218.232.139
unknown
United States
13.70.79.200
unknown
United States
3.168.2.47
unknown
United States
239.255.255.250
unknown
Reserved
20.96.153.111
unknown
United States
23.47.50.146
unknown
United States
127.0.0.1
unknown
unknown
There are 15 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197634
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018000DDABBE6B3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{C89E2069-AF13-46DB-9E39-216131494B87}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197634
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197634
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197634
WindowTabManagerFileMappingId
There are 136 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
F71000
unkown
page execute and read and write
 malicious
4C30000
direct allocation
page read and write
 malicious
79E000
heap
page read and write
 malicious
66C40039C000
trusted library allocation
page read and write
43EF000
stack
page read and write
5C000108000
trusted library allocation
page read and write
614000
heap
page read and write
614000
heap
page read and write
66C40034C000
trusted library allocation
page read and write
5C0002D0000
trusted library allocation
page read and write
1BF76520000
trusted library section
page read and write
66C4014F4000
trusted library allocation
page read and write
66C4010CC000
trusted library allocation
page read and write
5C000030000
trusted library allocation
page read and write
294B3FD000
stack
page read and write
1BF75B97000
unclassified section
page read and write
1BF7693E000
trusted library section
page read and write
23611000
heap
page read and write
66C401401000
trusted library allocation
page read and write
A71CFFE000
unkown
page readonly
1DB53964000
heap
page read and write
4098006D0000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
61EB7000
direct allocation
page readonly
5BE400248000
trusted library allocation
page read and write
1DB5392D000
heap
page read and write
1CFBE000
stack
page read and write
4FC4002A0000
trusted library allocation
page read and write
5C000190000
trusted library allocation
page read and write
47B1000
heap
page read and write
1CBAF000
stack
page read and write
66C400184000
trusted library allocation
page read and write
47B1000
heap
page read and write
614000
heap
page read and write
2C70000
direct allocation
page read and write
3EE8002EC000
direct allocation
page read and write
1BF700AE000
heap
page read and write
3A2E000
stack
page read and write
4098006EC000
trusted library allocation
page read and write
4FC40039C000
trusted library allocation
page read and write
1D276000
heap
page read and write
66C40061C000
trusted library allocation
page read and write
66C4009A8000
trusted library allocation
page read and write
2360F000
heap
page read and write
5C0000D8000
trusted library allocation
page read and write
23373000
heap
page read and write
1DB51AC9000
heap
page read and write
5C0002E8000
trusted library allocation
page read and write
A77B5FE000
unkown
page read and write
66C400F0C000
trusted library allocation
page read and write
1BF70142000
heap
page read and write
4098002B0000
trusted library allocation
page read and write
66C400720000
trusted library allocation
page read and write
29333FB000
stack
page read and write
E5E000
stack
page read and write
66C401910000
trusted library allocation
page read and write
23358000
heap
page read and write
1D276000
heap
page read and write
4098002E4000
trusted library allocation
page read and write
A724FFE000
unkown
page readonly
66C40115C000
trusted library allocation
page read and write
5C0003A4000
trusted library allocation
page read and write
66C4004C0000
trusted library allocation
page read and write
66C400508000
trusted library allocation
page read and write
66C4008C4000
trusted library allocation
page read and write
1BF700C7000
heap
page read and write
A71AFFE000
unkown
page readonly
1DB5394C000
heap
page read and write
409800770000
trusted library allocation
page read and write
4FC4002AC000
trusted library allocation
page read and write
29523FA000
stack
page read and write
614000
heap
page read and write
3EE800311000
direct allocation
page read and write
409800330000
trusted library allocation
page read and write
47B1000
heap
page read and write
47B1000
heap
page read and write
66C4019E4000
trusted library allocation
page read and write
2BEF000
stack
page read and write
66C401594000
trusted library allocation
page read and write
5C000230000
trusted library allocation
page read and write
66C400454000
trusted library allocation
page read and write
66C4015AC000
trusted library allocation
page read and write
66C401392000
trusted library allocation
page read and write
1DB53938000
heap
page read and write
1D2AC000
heap
page read and write
66C401A44000
trusted library allocation
page read and write
48B0000
trusted library allocation
page read and write
3CAE000
stack
page read and write
2948BFE000
unkown
page readonly
29553FE000
stack
page read and write
66C401704000
trusted library allocation
page read and write
66C401BEC000
trusted library allocation
page read and write
66C400A70000
trusted library allocation
page read and write
294C3FD000
stack
page read and write
F9C000
unkown
page execute and read and write
66C401040000
trusted library allocation
page read and write
29383FA000
stack
page read and write
5C0002C4000
trusted library allocation
page read and write
3B2F000
stack
page read and write
66C401BB4000
trusted library allocation
page read and write
66C401A90000
trusted library allocation
page read and write
A71B7FE000
stack
page read and write
47B1000
heap
page read and write
66C4018FC000
trusted library allocation
page read and write
66C400FB0000
trusted library allocation
page read and write
1BF70144000
heap
page read and write
40980035C000
trusted library allocation
page read and write
5C0003D0000
trusted library allocation
page read and write
47B1000
heap
page read and write
614000
heap
page read and write
72E000
stack
page read and write
66C4016A4000
trusted library allocation
page read and write
1BF76930000
trusted library section
page read and write
11B8000
unkown
page execute and read and write
3EE8002A8000
direct allocation
page read and write
1BF6C520000
trusted library allocation
page read and write
5C00022C000
trusted library allocation
page read and write
66C4015D0000
trusted library allocation
page read and write
47B1000
heap
page read and write
1BF6C645000
heap
page read and write
1D295000
heap
page read and write
29463FE000
stack
page read and write
66C40020C000
trusted library allocation
page read and write
352E000
stack
page read and write
66C4017C4000
trusted library allocation
page read and write
409800238000
trusted library allocation
page read and write
614000
heap
page read and write
409800754000
trusted library allocation
page read and write
4FC400424000
trusted library allocation
page read and write
32AE000
stack
page read and write
66C401150000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C400EF0000
trusted library allocation
page read and write
2C2E000
stack
page read and write
5C000334000
trusted library allocation
page read and write
66C401534000
trusted library allocation
page read and write
2CAB000
heap
page read and write
294CBFE000
unkown
page readonly
1BF767A0000
trusted library section
page read and write
A700FFE000
unkown
page readonly
1E8002A0000
trusted library allocation
page read and write
66C401560000
trusted library allocation
page read and write
1CE2E000
stack
page read and write
66C4016DC000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
66C400C78000
trusted library allocation
page read and write
66C400FD0000
trusted library allocation
page read and write
614000
heap
page read and write
47B1000
heap
page read and write
66C400A01000
trusted library allocation
page read and write
A7077FC000
stack
page read and write
3DAF000
stack
page read and write
66C401BC0000
trusted library allocation
page read and write
614000
heap
page read and write
2939BFE000
unkown
page readonly
66C40154C000
trusted library allocation
page read and write
23367000
heap
page read and write
66C401A24000
trusted library allocation
page read and write
1D290000
heap
page read and write
3EE80030A000
direct allocation
page read and write
5C000238000
trusted library allocation
page read and write
66C400F0C000
trusted library allocation
page read and write
2927BFE000
unkown
page readonly
5C000290000
trusted library allocation
page read and write
4FC400360000
trusted library allocation
page read and write
1DB53740000
trusted library allocation
page read and write
409800330000
trusted library allocation
page read and write
66C40056C000
trusted library allocation
page read and write
66C4012F4000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C4019BC000
trusted library allocation
page read and write
326F000
stack
page read and write
66C400358000
trusted library allocation
page read and write
5C0001A8000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
A7207FE000
stack
page read and write
66C400968000
trusted library allocation
page read and write
23393000
heap
page read and write
66C401264000
trusted library allocation
page read and write
409800724000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
409800320000
trusted library allocation
page read and write
66C40131A000
trusted library allocation
page read and write
66C401744000
trusted library allocation
page read and write
66C401CC8000
trusted library allocation
page read and write
66C400F30000
trusted library allocation
page read and write
23331000
heap
page read and write
2C6E000
stack
page read and write
47B1000
heap
page read and write
66C4001D4000
trusted library allocation
page read and write
66C400B34000
trusted library allocation
page read and write
66C401B14000
trusted library allocation
page read and write
66C400201000
trusted library allocation
page read and write
66C401348000
trusted library allocation
page read and write
292CBFE000
unkown
page readonly
66C400FD4000
trusted library allocation
page read and write
66C4019AC000
trusted library allocation
page read and write
1DB53911000
heap
page read and write
66C401624000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
66C4012FC000
trusted library allocation
page read and write
1DB53977000
heap
page read and write
66C401580000
trusted library allocation
page read and write
66C400FBC000
trusted library allocation
page read and write
66C4016C4000
trusted library allocation
page read and write
4FC400308000
trusted library allocation
page read and write
4098002ED000
trusted library allocation
page read and write
66C401A8C000
trusted library allocation
page read and write
A713FFE000
unkown
page readonly
66C40104C000
trusted library allocation
page read and write
3EE800212000
direct allocation
page read and write
5BE4002B8000
trusted library allocation
page read and write
4FC400250000
trusted library allocation
page read and write
66C401BEC000
trusted library allocation
page read and write
A70AFFE000
unkown
page readonly
5C00040C000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C400308000
trusted library allocation
page read and write
66C401788000
trusted library allocation
page read and write
47B1000
heap
page read and write
5C00017C000
trusted library allocation
page read and write
57C000
stack
page read and write
1BF762F0000
trusted library section
page read and write
614000
heap
page read and write
5C00037C000
trusted library allocation
page read and write
66C400EC0000
trusted library allocation
page read and write
409800698000
trusted library allocation
page read and write
4FC4003AC000
trusted library allocation
page read and write
88D000
heap
page read and write
3EE800217000
direct allocation
page read and write
61E00000
direct allocation
page execute and read and write
66C400E20000
trusted library allocation
page read and write
A70CFFE000
unkown
page readonly
1BF700C0000
heap
page read and write
66C4017C0000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
1BF70105000
heap
page read and write
66C400458000
trusted library allocation
page read and write
66C400464000
trusted library allocation
page read and write
66C400194000
trusted library allocation
page read and write
A7157FD000
stack
page read and write
4FC400380000
trusted library allocation
page read and write
66C4008A4000
trusted library allocation
page read and write
409800320000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
10EB000
unkown
page execute and read and write
2935BFE000
unkown
page readonly
40980020C000
trusted library allocation
page read and write
1E800230000
trusted library allocation
page read and write
66C400D84000
trusted library allocation
page read and write
66C401628000
trusted library allocation
page read and write
1DB51AA9000
heap
page read and write
3EE80024C000
direct allocation
page read and write
5C0002B0000
trusted library allocation
page read and write
4FC4002D0000
trusted library allocation
page read and write
A717FFE000
unkown
page readonly
409800624000
trusted library allocation
page read and write
66C401CB0000
trusted library allocation
page read and write
66C400EB4000
trusted library allocation
page read and write
66C400F3C000
trusted library allocation
page read and write
1BF70105000
heap
page read and write
66C4001F0000
trusted library allocation
page read and write
66C400E31000
trusted library allocation
page read and write
3EEF000
stack
page read and write
66C40021C000
trusted library allocation
page read and write
1D284000
heap
page read and write
14E6000
unkown
page execute and read and write
66C4002AC000
trusted library allocation
page read and write
33EE000
stack
page read and write
1DB53973000
heap
page read and write
1DB53954000
heap
page read and write
5C00045C000
trusted library allocation
page read and write
409800390000
trusted library allocation
page read and write
66C400324000
trusted library allocation
page read and write
66C400CFF000
trusted library allocation
page read and write
5C0001F4000
trusted library allocation
page read and write
2928BFE000
unkown
page readonly
A714FFE000
unkown
page readonly
66C40023C000
trusted library allocation
page read and write
66C400A24000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C400314000
trusted library allocation
page read and write
1BF76067000
unclassified section
page read and write
4FC400238000
trusted library allocation
page read and write
614000
heap
page read and write
66C401A94000
trusted library allocation
page read and write
1BF7010E000
heap
page read and write
4098006B4000
trusted library allocation
page read and write
1D28F000
heap
page read and write
66C4019A4000
trusted library allocation
page read and write
294EBFE000
unkown
page readonly
293A3FE000
stack
page read and write
66C4003AC000
trusted library allocation
page read and write
6CCE1000
unkown
page readonly
66C4019D4000
trusted library allocation
page read and write
66C401C58000
trusted library allocation
page read and write
614000
heap
page read and write
1D2AC000
heap
page read and write
409800354000
trusted library allocation
page read and write
1BF6C4C0000
heap
page read and write
66C401758000
trusted library allocation
page read and write
5BE400210000
trusted library allocation
page read and write
1E800235000
trusted library allocation
page read and write
409800401000
trusted library allocation
page read and write
1BF7012A000
heap
page read and write
5C00006C000
trusted library allocation
page read and write
66C400EA0000
trusted library allocation
page read and write
66C40101C000
trusted library allocation
page read and write
98E000
stack
page read and write
66C400C01000
trusted library allocation
page read and write
29413FC000
stack
page read and write
66C400801000
trusted library allocation
page read and write
614000
heap
page read and write
47B1000
heap
page read and write
1D2AC000
heap
page read and write
66C4019E8000
trusted library allocation
page read and write
66C401AD8000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
66C400F0C000
trusted library allocation
page read and write
66C401700000
trusted library allocation
page read and write
1BF6C4A0000
heap
page read and write
2FEF000
stack
page read and write
466F000
stack
page read and write
409800380000
trusted library allocation
page read and write
66C4010AC000
trusted library allocation
page read and write
5C00026C000
trusted library allocation
page read and write
5C000270000
trusted library allocation
page read and write
614000
heap
page read and write
4FC40032C000
trusted library allocation
page read and write
614000
heap
page read and write
A70D7FE000
stack
page read and write
292A3FE000
stack
page read and write
3EE8002D8000
direct allocation
page read and write
5BE400294000
trusted library allocation
page read and write
66C400238000
trusted library allocation
page read and write
2952BFE000
unkown
page readonly
66C4015E0000
trusted library allocation
page read and write
1BF75B67000
unclassified section
page read and write
1DB51B30000
heap
page read and write
5BE400294000
trusted library allocation
page read and write
4098007CC000
trusted library allocation
page read and write
4FC40031C000
trusted library allocation
page read and write
1DB51A45000
heap
page read and write
66C400B18000
trusted library allocation
page read and write
66C401980000
trusted library allocation
page read and write
4FC400230000
trusted library allocation
page read and write
66C4002CC000
trusted library allocation
page read and write
66C400C40000
trusted library allocation
page read and write
66C400D04000
trusted library allocation
page read and write
66C401314000
trusted library allocation
page read and write
A77C5FE000
stack
page read and write
66C400EF0000
trusted library allocation
page read and write
38EE000
stack
page read and write
1D290000
heap
page read and write
1E800248000
trusted library allocation
page read and write
1BF6FB0E000
heap
page read and write
2C70000
direct allocation
page read and write
66C401B10000
trusted library allocation
page read and write
66C401CDC000
trusted library allocation
page read and write
66C400E20000
trusted library allocation
page read and write
409800668000
trusted library allocation
page read and write
66C400168000
trusted library allocation
page read and write
1BF700FE000
heap
page read and write
66C400D04000
trusted library allocation
page read and write
66C400D9D000
trusted library allocation
page read and write
66C400308000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C401BDC000
trusted library allocation
page read and write
A71A7FE000
stack
page read and write
66C4011CC000
trusted library allocation
page read and write
A704FFE000
unkown
page readonly
1BF6E470000
heap
page read and write
29493FE000
stack
page read and write
66C400601000
trusted library allocation
page read and write
7E5000
heap
page read and write
5C00044C000
trusted library allocation
page read and write
66C400338000
trusted library allocation
page read and write
1DB51AA7000
heap
page read and write
5BE400230000
trusted library allocation
page read and write
3EE8002AC000
direct allocation
page read and write
66C400344000
trusted library allocation
page read and write
66C4001E0000
trusted library allocation
page read and write
1DB53971000
heap
page read and write
66C400E31000
trusted library allocation
page read and write
409800640000
trusted library allocation
page read and write
190400284000
direct allocation
page read and write
66C400DCC000
trusted library allocation
page read and write
66C401AE0000
trusted library allocation
page read and write
A77A5F3000
stack
page read and write
A7057FC000
stack
page read and write
66C4002E8000
trusted library allocation
page read and write
409800648000
trusted library allocation
page read and write
5C0002DC000
trusted library allocation
page read and write
66C400BE0000
trusted library allocation
page read and write
409800714000
trusted library allocation
page read and write
66C400710000
trusted library allocation
page read and write
29543FE000
stack
page read and write
66C401980000
trusted library allocation
page read and write
66C40116C000
trusted library allocation
page read and write
7F8000
heap
page read and write
66C4002BC000
trusted library allocation
page read and write
66C4006F9000
trusted library allocation
page read and write
40980033C000
trusted library allocation
page read and write
1DB539A4000
heap
page read and write
1DB51AF3000
heap
page read and write
66C400D14000
trusted library allocation
page read and write
6CA72000
unkown
page readonly
1D2A9000
heap
page read and write
66C400E2E000
trusted library allocation
page read and write
3EE8002D0000
direct allocation
page read and write
66C401AB0000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C401D24000
trusted library allocation
page read and write
3EE80026C000
direct allocation
page read and write
3C6F000
stack
page read and write
1BF70128000
heap
page read and write
5C0002C0000
trusted library allocation
page read and write
66C4002D8000
trusted library allocation
page read and write
47B1000
heap
page read and write
1DB53802000
heap
page read and write
46AE000
stack
page read and write
66C401040000
trusted library allocation
page read and write
A7217FE000
unkown
page readonly
614000
heap
page read and write
66C4016AC000
trusted library allocation
page read and write
47AF000
stack
page read and write
29273FE000
unkown
page read and write
66C401584000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
2929BFE000
unkown
page readonly
5BE400220000
trusted library allocation
page read and write
4C6C000
stack
page read and write
66C401040000
trusted library allocation
page read and write
47B1000
heap
page read and write
614000
heap
page read and write
3EE80021C000
direct allocation
page read and write
61ED0000
direct allocation
page read and write
66C400F0C000
trusted library allocation
page read and write
2943BFE000
unkown
page readonly
5C000214000
trusted library allocation
page read and write
66C400A7C000
trusted library allocation
page read and write
5C0003E0000
trusted library allocation
page read and write
66C40075D000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
66C400234000
trusted library allocation
page read and write
66C40138C000
trusted library allocation
page read and write
66C400CB4000
trusted library allocation
page read and write
66C400318000
trusted library allocation
page read and write
1D292000
heap
page read and write
66C400BEC000
trusted library allocation
page read and write
1D28B000
heap
page read and write
1D0BD000
stack
page read and write
23356000
heap
page read and write
66C401714000
trusted library allocation
page read and write
5C000450000
trusted library allocation
page read and write
19040020C000
direct allocation
page read and write
A70E7FE000
stack
page read and write
66C401B20000
trusted library allocation
page read and write
817000
heap
page read and write
1E8002F8000
trusted library allocation
page read and write
29443FD000
stack
page read and write
409800734000
trusted library allocation
page read and write
66C401CC0000
trusted library allocation
page read and write
4098006E0000
trusted library allocation
page read and write
47B1000
heap
page read and write
3EE800294000
direct allocation
page read and write
66C400ED0000
trusted library allocation
page read and write
1BF700D2000
heap
page read and write
409800730000
trusted library allocation
page read and write
409800610000
trusted library allocation
page read and write
66C400E4C000
trusted library allocation
page read and write
A71BFFE000
unkown
page readonly
47B1000
heap
page read and write
66C400E01000
trusted library allocation
page read and write
1D2A7000
heap
page read and write
66C400DB0000
trusted library allocation
page read and write
5C000120000
trusted library allocation
page read and write
66C4002B0000
trusted library allocation
page read and write
376F000
stack
page read and write
66C4015E8000
trusted library allocation
page read and write
1D283000
heap
page read and write
47B1000
heap
page read and write
66C400874000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
292DBFE000
unkown
page readonly
1DB51C20000
heap
page read and write
1BF76C60000
trusted library section
page read and write
66C4014C4000
trusted library allocation
page read and write
66C401740000
trusted library allocation
page read and write
1DB51ABB000
heap
page read and write
292C3FD000
stack
page read and write
66C4002F8000
trusted library allocation
page read and write
66C400454000
trusted library allocation
page read and write
5C0001F8000
trusted library allocation
page read and write
409800288000
trusted library allocation
page read and write
66C401318000
trusted library allocation
page read and write
66C400E0C000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C4000EC000
trusted library allocation
page read and write
A712FFE000
unkown
page readonly
A7047FE000
stack
page read and write
5C000440000
trusted library allocation
page read and write
66C400454000
trusted library allocation
page read and write
66C401601000
trusted library allocation
page read and write
1D283000
heap
page read and write
47B1000
heap
page read and write
2C70000
direct allocation
page read and write
66C400EAC000
trusted library allocation
page read and write
66C401BDC000
trusted library allocation
page read and write
37AE000
stack
page read and write
1D290000
heap
page read and write
66C4004E8000
trusted library allocation
page read and write
1D28B000
heap
page read and write
2CA0000
heap
page read and write
47B1000
heap
page read and write
190400220000
direct allocation
page read and write
1BF700DC000
heap
page read and write
1DB5396C000
heap
page read and write
66C401201000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
6CD29000
unkown
page readonly
66C401A3C000
trusted library allocation
page read and write
4FC40032C000
trusted library allocation
page read and write
1BF767C1000
trusted library section
page read and write
1E800294000
trusted library allocation
page read and write
1DB51AA9000
heap
page read and write
29393FE000
stack
page read and write
1DB53770000
trusted library section
page readonly
66C400344000
trusted library allocation
page read and write
47B1000
heap
page read and write
233B3000
heap
page read and write
A70EFFE000
unkown
page readonly
1BF76727000
unclassified section
page read and write
5BE400274000
trusted library allocation
page read and write
29353FE000
stack
page read and write
5C000050000
trusted library allocation
page read and write
1BF767B0000
trusted library section
page read and write
1D28F000
heap
page read and write
66C4017AC000
trusted library allocation
page read and write
66C401BDC000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
66C401D1C000
trusted library allocation
page read and write
66C400630000
trusted library allocation
page read and write
409800760000
trusted library allocation
page read and write
1D260000
heap
page read and write
14F5000
unkown
page execute and write copy
5C000314000
trusted library allocation
page read and write
4FC40031C000
trusted library allocation
page read and write
1D290000
heap
page read and write
2C70000
direct allocation
page read and write
61ECD000
direct allocation
page readonly
1D293000
heap
page read and write
1BF6FAD0000
heap
page read and write
5C000114000
trusted library allocation
page read and write
29373FD000
stack
page read and write
1DB51900000
heap
page read and write
2C70000
direct allocation
page read and write
66C401308000
trusted library allocation
page read and write
66C400EB4000
trusted library allocation
page read and write
66C400554000
trusted library allocation
page read and write
5C0001B8000
trusted library allocation
page read and write
409800620000
trusted library allocation
page read and write
66C401C34000
trusted library allocation
page read and write
2937BFE000
unkown
page readonly
1BF6FB0D000
heap
page read and write
66C4002AC000
trusted library allocation
page read and write
409800250000
trusted library allocation
page read and write
66C400F88000
trusted library allocation
page read and write
614000
heap
page read and write
66C400D24000
trusted library allocation
page read and write
66C401A98000
trusted library allocation
page read and write
29533FC000
stack
page read and write
2954BFE000
unkown
page readonly
14BA000
unkown
page execute and read and write
1BF6C56E000
heap
page read and write
A70C7FE000
stack
page read and write
66C401150000
trusted library allocation
page read and write
66C40037C000
trusted library allocation
page read and write
3DEE000
stack
page read and write
66C40140C000
trusted library allocation
page read and write
294F3FC000
stack
page read and write
4FC400248000
trusted library allocation
page read and write
66C4012F4000
trusted library allocation
page read and write
6CC80000
unkown
page readonly
66C4016E8000
trusted library allocation
page read and write
47B1000
heap
page read and write
456E000
stack
page read and write
66C40165C000
trusted library allocation
page read and write
66C4017B0000
trusted library allocation
page read and write
66C401B40000
trusted library allocation
page read and write
66C400458000
trusted library allocation
page read and write
40980080C000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
29573FC000
stack
page read and write
1DB539A6000
heap
page read and write
66C401C0D000
trusted library allocation
page read and write
66C400B0C000
trusted library allocation
page read and write
66C400058000
trusted library allocation
page read and write
6CC5F000
unkown
page write copy
66C401910000
trusted library allocation
page read and write
6CC5E000
unkown
page read and write
66C401910000
trusted library allocation
page read and write
66C400548000
trusted library allocation
page read and write
1D28C000
heap
page read and write
23617000
heap
page read and write
A71EFFE000
unkown
page readonly
409800784000
trusted library allocation
page read and write
1DB53925000
heap
page read and write
409800750000
trusted library allocation
page read and write
66C40101C000
trusted library allocation
page read and write
47B1000
heap
page read and write
1E8002A1000
trusted library allocation
page read and write
66C400C7C000
trusted library allocation
page read and write
66C401A40000
trusted library allocation
page read and write
66C400094000
trusted library allocation
page read and write
A77BDFE000
unkown
page readonly
1E8002A4000
trusted library allocation
page read and write
4FC400344000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
409800601000
trusted library allocation
page read and write
5C0001DC000
trusted library allocation
page read and write
614000
heap
page read and write
4FC40027C000
trusted library allocation
page read and write
1DB51AF5000
heap
page read and write
1DB53938000
heap
page read and write
2932BFE000
unkown
page readonly
66C4017CC000
trusted library allocation
page read and write
5C000140000
trusted library allocation
page read and write
A7177FE000
stack
page read and write
66C401C84000
trusted library allocation
page read and write
A720FFD000
stack
page read and write
5C0002F4000
trusted library allocation
page read and write
409800364000
trusted library allocation
page read and write
66C400E60000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
1D28F000
heap
page read and write
66C401938000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
4098007D0000
trusted library allocation
page read and write
66C401B1C000
trusted library allocation
page read and write
66C400E2E000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
5C0000E8000
trusted library allocation
page read and write
452F000
stack
page read and write
47B1000
heap
page read and write
4098002F0000
trusted library allocation
page read and write
66C401658000
trusted library allocation
page read and write
66C40195C000
trusted library allocation
page read and write
1DB53813000
heap
page read and write
66C400454000
trusted library allocation
page read and write
29433FC000
stack
page read and write
66C400A9C000
trusted library allocation
page read and write
A71C7FE000
stack
page read and write
66C401768000
trusted library allocation
page read and write
66C40167C000
trusted library allocation
page read and write
66C400E18000
trusted library allocation
page read and write
66C4014EC000
trusted library allocation
page read and write
66C400E20000
trusted library allocation
page read and write
66C400001000
trusted library allocation
page read and write
66C401640000
trusted library allocation
page read and write
66C400E28000
trusted library allocation
page read and write
5C0002D0000
trusted library allocation
page read and write
3EE800280000
direct allocation
page read and write
66C401A84000
trusted library allocation
page read and write
66C400230000
trusted library allocation
page read and write
1BF700FB000
heap
page read and write
614000
heap
page read and write
66C401330000
trusted library allocation
page read and write
1DB51B30000
heap
page read and write
190400270000
direct allocation
page read and write
409800664000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
47B1000
heap
page read and write
1D2AC000
heap
page read and write
1BF745E0000
heap
page read and write
66C40164C000
trusted library allocation
page read and write
66C400228000
trusted library allocation
page read and write
61ED4000
direct allocation
page readonly
66C401550000
trusted library allocation
page read and write
66C4010CC000
trusted library allocation
page read and write
614000
heap
page read and write
1D29D000
heap
page read and write
66C4016D8000
trusted library allocation
page read and write
66C40112C000
trusted library allocation
page read and write
40980027C000
trusted library allocation
page read and write
66C40080D000
trusted library allocation
page read and write
66C400E31000
trusted library allocation
page read and write
4098007B4000
trusted library allocation
page read and write
66C401520000
trusted library allocation
page read and write
5C00037C000
trusted library allocation
page read and write
1E800274000
trusted library allocation
page read and write
5BE4002B8000
trusted library allocation
page read and write
1D28A000
heap
page read and write
33AF000
stack
page read and write
1BF6C5F7000
heap
page read and write
1DB539AA000
heap
page read and write
1DB51A2C000
heap
page read and write
4FC4003C0000
trusted library allocation
page read and write
1E800260000
trusted library allocation
page read and write
66C400B74000
trusted library allocation
page read and write
5C000244000
trusted library allocation
page read and write
66C4001E8000
trusted library allocation
page read and write
5C000324000
trusted library allocation
page read and write
A71E7FE000
stack
page read and write
5BE4002B8000
trusted library allocation
page read and write
5C000294000
trusted library allocation
page read and write
66C401AC4000
trusted library allocation
page read and write
66C4002CC000
trusted library allocation
page read and write
1D2A3000
heap
page read and write
66C400D34000
trusted library allocation
page read and write
4DA0000
direct allocation
page execute and read and write
66C400E2E000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
47B1000
heap
page read and write
1D276000
heap
page read and write
66C400E24000
trusted library allocation
page read and write
5C0001F0000
trusted library allocation
page read and write
2944BFE000
unkown
page readonly
66C400E31000
trusted library allocation
page read and write
66C401500000
trusted library allocation
page read and write
4D80000
direct allocation
page execute and read and write
66C4010DC000
trusted library allocation
page read and write
190400244000
direct allocation
page read and write
66C4015C0000
trusted library allocation
page read and write
66C40133C000
trusted library allocation
page read and write
2955BFE000
unkown
page readonly
1CAAE000
stack
page read and write
66C400D0A000
trusted library allocation
page read and write
A7197FE000
stack
page read and write
66C400ED0000
trusted library allocation
page read and write
1BF6FB01000
heap
page read and write
66C400BCC000
trusted library allocation
page read and write
293EBFE000
unkown
page readonly
66C401A58000
trusted library allocation
page read and write
1D29D000
heap
page read and write
4098006B8000
trusted library allocation
page read and write
125A000
unkown
page execute and read and write
66C400BF4000
trusted library allocation
page read and write
1DB51A00000
heap
page read and write
66C4010AC000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
F60000
heap
page read and write
66C4015E4000
trusted library allocation
page read and write
232F0000
trusted library allocation
page read and write
1DB51B58000
heap
page read and write
1904002A8000
direct allocation
page read and write
47B1000
heap
page read and write
292F3F9000
stack
page read and write
1D286000
heap
page read and write
66C401040000
trusted library allocation
page read and write
1CF7F000
stack
page read and write
2C70000
direct allocation
page read and write
232F0000
trusted library allocation
page read and write
4D90000
direct allocation
page execute and read and write
66C400D24000
trusted library allocation
page read and write
1CBEE000
stack
page read and write
66C40014C000
trusted library allocation
page read and write
2355F000
stack
page read and write
66C400F54000
trusted library allocation
page read and write
66C4004C7000
trusted library allocation
page read and write
1DB5398A000
heap
page read and write
3B6E000
stack
page read and write
66C40117C000
trusted library allocation
page read and write
66C4008F0000
trusted library allocation
page read and write
4FC400418000
trusted library allocation
page read and write
5C00040F000
trusted library allocation
page read and write
66C40162C000
trusted library allocation
page read and write
66C40161C000
trusted library allocation
page read and write
66C4002AC000
trusted library allocation
page read and write
47B7000
heap
page read and write
5C000201000
trusted library allocation
page read and write
66C40191C000
trusted library allocation
page read and write
5C00020C000
trusted library allocation
page read and write
66C4014C8000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
1D29D000
heap
page read and write
1D262000
heap
page read and write
5BE400294000
trusted library allocation
page read and write
38AF000
stack
page read and write
4FC400288000
trusted library allocation
page read and write
1E800288000
trusted library allocation
page read and write
5C0002F4000
trusted library allocation
page read and write
66C4017C8000
trusted library allocation
page read and write
614000
heap
page read and write
66C401B24000
trusted library allocation
page read and write
4098006C4000
trusted library allocation
page read and write
40980039C000
trusted library allocation
page read and write
66C400930000
trusted library allocation
page read and write
1BF75BC3000
heap
page read and write
2958BFE000
unkown
page readonly
66C400220000
trusted library allocation
page read and write
409800424000
trusted library allocation
page read and write
1BF6C510000
trusted library allocation
page read and write
23617000
heap
page read and write
29583FE000
stack
page read and write
66C400C68000
trusted library allocation
page read and write
1D275000
heap
page read and write
614000
heap
page read and write
66C4008E3000
trusted library allocation
page read and write
294DBFE000
unkown
page readonly
5C000040000
trusted library allocation
page read and write
4098006AC000
trusted library allocation
page read and write
409800630000
trusted library allocation
page read and write
66C40114C000
trusted library allocation
page read and write
66C4017A4000
trusted library allocation
page read and write
29363FE000
stack
page read and write
2EAF000
stack
page read and write
5BE400250000
trusted library allocation
page read and write
66C400214000
trusted library allocation
page read and write
5C000401000
trusted library allocation
page read and write
66C40037C000
trusted library allocation
page read and write
293DBFE000
unkown
page readonly
3EE800250000
direct allocation
page read and write
409800704000
trusted library allocation
page read and write
66C400BB4000
trusted library allocation
page read and write
5C000390000
trusted library allocation
page read and write
66C401A2C000
trusted library allocation
page read and write
409800248000
trusted library allocation
page read and write
66C400674000
trusted library allocation
page read and write
1D2A7000
heap
page read and write
66C400740000
trusted library allocation
page read and write
66C401C90000
trusted library allocation
page read and write
66C400F88000
trusted library allocation
page read and write
66C4015DC000
trusted library allocation
page read and write
1DB53971000
heap
page read and write
66C401AC0000
trusted library allocation
page read and write
66C400E28000
trusted library allocation
page read and write
66C400A70000
trusted library allocation
page read and write
5C000428000
trusted library allocation
page read and write
66C40195C000
trusted library allocation
page read and write
66C400E2E000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C400308000
trusted library allocation
page read and write
A71D7FC000
stack
page read and write
A718FFE000
unkown
page readonly
66C401910000
trusted library allocation
page read and write
1904002DC000
direct allocation
page read and write
66C400D04000
trusted library allocation
page read and write
614000
heap
page read and write
66C401C14000
trusted library allocation
page read and write
47B1000
heap
page read and write
29483FE000
stack
page read and write
66C4001F4000
trusted library allocation
page read and write
4098007E0000
trusted library allocation
page read and write
4FC4003A8000
trusted library allocation
page read and write
1DB5A850000
trusted library allocation
page read and write
409800404000
trusted library allocation
page read and write
1DB53973000
heap
page read and write
66C4014BC000
trusted library allocation
page read and write
66C400E28000
trusted library allocation
page read and write
29473FB000
stack
page read and write
A70A7FE000
stack
page read and write
47B1000
heap
page read and write
47B1000
heap
page read and write
10DE000
unkown
page execute and read and write
66C401094000
trusted library allocation
page read and write
292E3FA000
stack
page read and write
66C4001C4000
trusted library allocation
page read and write
23351000
heap
page read and write
409800720000
trusted library allocation
page read and write
5C00007C000
trusted library allocation
page read and write
66C4015F8000
trusted library allocation
page read and write
4FC40020C000
trusted library allocation
page read and write
5C000394000
trusted library allocation
page read and write
1E8002D8000
trusted library allocation
page read and write
A7137FC000
stack
page read and write
3EE800316000
direct allocation
page read and write
66C4001C4000
trusted library allocation
page read and write
1BF6E473000
heap
page read and write
2945BFE000
unkown
page readonly
66C401684000
trusted library allocation
page read and write
66C400210000
trusted library allocation
page read and write
1D380000
trusted library allocation
page read and write
66C4015F4000
trusted library allocation
page read and write
2335E000
heap
page read and write
409800320000
trusted library allocation
page read and write
66C400174000
trusted library allocation
page read and write
3EE8002D0000
direct allocation
page read and write
6CA81000
unkown
page execute read
3EE800210000
direct allocation
page read and write
66C400D74000
trusted library allocation
page read and write
409800310000
trusted library allocation
page read and write
66C4016C0000
trusted library allocation
page read and write
5BE400294000
trusted library allocation
page read and write
66C4001F8000
trusted library allocation
page read and write
409800310000
trusted library allocation
page read and write
66C400B48000
trusted library allocation
page read and write
66C400CB0000
trusted library allocation
page read and write
4098002B8000
trusted library allocation
page read and write
3EE800290000
direct allocation
page read and write
4DB0000
direct allocation
page execute and read and write
4FC400220000
trusted library allocation
page read and write
1BF6C604000
heap
page read and write
47B1000
heap
page read and write
294BBFE000
unkown
page readonly
19040024C000
direct allocation
page read and write
5C000264000
trusted library allocation
page read and write
6CA80000
unkown
page readonly
66C400D4C000
trusted library allocation
page read and write
5C0000AD000
trusted library allocation
page read and write
614000
heap
page read and write
4FC400401000
trusted library allocation
page read and write
66C401A01000
trusted library allocation
page read and write
5C00019C000
trusted library allocation
page read and write
1BF7010D000
heap
page read and write
66C401A70000
trusted library allocation
page read and write
66C400D04000
trusted library allocation
page read and write
5C0002DC000
trusted library allocation
page read and write
47C000
stack
page read and write
66C400E24000
trusted library allocation
page read and write
66C4014FC000
trusted library allocation
page read and write
66C400C60000
trusted library allocation
page read and write
5C00029C000
trusted library allocation
page read and write
1BF6FAFD000
heap
page read and write
614000
heap
page read and write
4098002FC000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
66C4006A4000
trusted library allocation
page read and write
1DB51AC7000
heap
page read and write
66C40168C000
trusted library allocation
page read and write
A707FFE000
unkown
page readonly
66C400524000
trusted library allocation
page read and write
66C401620000
trusted library allocation
page read and write
66C4017D0000
trusted library allocation
page read and write
66C4015A4000
trusted library allocation
page read and write
66C401568000
trusted library allocation
page read and write
66C400978000
trusted library allocation
page read and write
5E0000
heap
page read and write
66C400044000
trusted library allocation
page read and write
66C40170C000
trusted library allocation
page read and write
4FC400284000
trusted library allocation
page read and write
1BF70119000
heap
page read and write
61ED3000
direct allocation
page read and write
66C400650000
trusted library allocation
page read and write
1DB53911000
heap
page read and write
66C4001A4000
trusted library allocation
page read and write
66C400364000
trusted library allocation
page read and write
40980033C000
trusted library allocation
page read and write
1BF6C567000
heap
page read and write
4098006E8000
trusted library allocation
page read and write
1BF6C60E000
heap
page read and write
66C4002C0000
trusted library allocation
page read and write
1DB51B27000
heap
page read and write
5C0001D8000
trusted library allocation
page read and write
409800230000
trusted library allocation
page read and write
66C401720000
trusted library allocation
page read and write
1BF760F0000
trusted library section
page read and write
66C4018FC000
trusted library allocation
page read and write
4FC4002C4000
trusted library allocation
page read and write
1D290000
heap
page read and write
1BF6FB01000
heap
page read and write
1E800250000
trusted library allocation
page read and write
1DB51AC0000
heap
page read and write
4C5B000
direct allocation
page read and write
47D0000
heap
page read and write
66C401AEC000
trusted library allocation
page read and write
409800614000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
66C4006B4000
trusted library allocation
page read and write
66C401B50000
trusted library allocation
page read and write
1BF7011F000
heap
page read and write
1DB51C00000
heap
page readonly
1E800264000
trusted library allocation
page read and write
A70BFFE000
unkown
page readonly
66C400E94000
trusted library allocation
page read and write
1BF700FB000
heap
page read and write
1BF76741000
trusted library section
page read and write
5C0001E0000
trusted library allocation
page read and write
1DB51AA2000
heap
page read and write
29513FD000
stack
page read and write
66C401574000
trusted library allocation
page read and write
1BF7012B000
heap
page read and write
1E8002B0000
trusted library allocation
page read and write
5BE4002A8000
trusted library allocation
page read and write
293B3FE000
stack
page read and write
409800418000
trusted library allocation
page read and write
66C400F98000
trusted library allocation
page read and write
2953BFE000
unkown
page readonly
29453FB000
stack
page read and write
66C400F88000
trusted library allocation
page read and write
5C0002A4000
trusted library allocation
page read and write
4098002D4000
trusted library allocation
page read and write
1BF7011F000
heap
page read and write
2C70000
direct allocation
page read and write
5BE400278000
trusted library allocation
page read and write
66C401D1C000
trusted library allocation
page read and write
2933BFE000
unkown
page readonly
66C40036C000
trusted library allocation
page read and write
409800430000
trusted library allocation
page read and write
2941BFE000
unkown
page readonly
614000
heap
page read and write
66C400EF0000
trusted library allocation
page read and write
66C400D60000
trusted library allocation
page read and write
29313FB000
stack
page read and write
1DB5397B000
heap
page read and write
402F000
stack
page read and write
66C401A0C000
trusted library allocation
page read and write
40980078C000
trusted library allocation
page read and write
5C0002D0000
trusted library allocation
page read and write
66C4004CC000
trusted library allocation
page read and write
1BF6FB05000
heap
page read and write
2EEE000
stack
page read and write
34EF000
stack
page read and write
66C4010F8000
trusted library allocation
page read and write
5C000218000
trusted library allocation
page read and write
A7147FD000
stack
page read and write
A7127FE000
stack
page read and write
1E8002E4000
trusted library allocation
page read and write
572000
stack
page read and write
1D2A6000
heap
page read and write
190400250000
direct allocation
page read and write
293CBFE000
unkown
page readonly
4FC40040C000
trusted library allocation
page read and write
1DB51B2B000
heap
page read and write
66C400390000
trusted library allocation
page read and write
1D2A3000
heap
page read and write
1DB53916000
heap
page read and write
1BF7008B000
heap
page read and write
40980040C000
trusted library allocation
page read and write
1BF76892000
trusted library section
page read and write
66C40034C000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
409800678000
trusted library allocation
page read and write
66C4002F8000
trusted library allocation
page read and write
66C400E2E000
trusted library allocation
page read and write
1E8002F0000
trusted library allocation
page read and write
66C400CF0000
trusted library allocation
page read and write
2938BFE000
unkown
page readonly
4098006E4000
trusted library allocation
page read and write
1E8002C0000
trusted library allocation
page read and write
3EE80025C000
direct allocation
page read and write
1D291000
heap
page read and write
1DB53947000
heap
page read and write
2947BFE000
unkown
page readonly
66C4005E0000
trusted library allocation
page read and write
190400303000
direct allocation
page read and write
409800688000
trusted library allocation
page read and write
4DC0000
direct allocation
page execute and read and write
1DB51ADF000
heap
page read and write
66C400E54000
trusted library allocation
page read and write
66C40022C000
trusted library allocation
page read and write
1BF7014A000
heap
page read and write
47B1000
heap
page read and write
5C0002DC000
trusted library allocation
page read and write
1BF76730000
trusted library section
page read and write
66C4011C4000
trusted library allocation
page read and write
5C000284000
trusted library allocation
page read and write
6CC60000
unkown
page read and write
66C400E24000
trusted library allocation
page read and write
1D2A3000
heap
page read and write
66C400338000
trusted library allocation
page read and write
66C400D94000
trusted library allocation
page read and write
1D29F000
heap
page read and write
5BE400288000
trusted library allocation
page read and write
4098003EC000
trusted library allocation
page read and write
4D70000
direct allocation
page execute and read and write
66C4016EC000
trusted library allocation
page read and write
66C401A1C000
trusted library allocation
page read and write
42EE000
stack
page read and write
5C000434000
trusted library allocation
page read and write
1DB5396F000
heap
page read and write
1DB51AF5000
heap
page read and write
A77E5FE000
stack
page read and write
66C401910000
trusted library allocation
page read and write
2946BFE000
unkown
page readonly
66C401980000
trusted library allocation
page read and write
190400201000
direct allocation
page read and write
1DB53931000
heap
page read and write
1DB539C8000
heap
page read and write
1D290000
heap
page read and write
14F5000
unkown
page execute and read and write
614000
heap
page read and write
1D285000
heap
page read and write
1D2AC000
heap
page read and write
47B1000
heap
page read and write
5BE400235000
trusted library allocation
page read and write
5C000073000
trusted library allocation
page read and write
4FC400310000
trusted library allocation
page read and write
1D28D000
heap
page read and write
66C40037C000
trusted library allocation
page read and write
409800658000
trusted library allocation
page read and write
1BF700C5000
heap
page read and write
66C4002A3000
trusted library allocation
page read and write
29303FB000
stack
page read and write
66C400EF0000
trusted library allocation
page read and write
292D3FB000
stack
page read and write
5BE400260000
trusted library allocation
page read and write
4098006C8000
trusted library allocation
page read and write
409800374000
trusted library allocation
page read and write
47B1000
heap
page read and write
409800744000
trusted library allocation
page read and write
66C4002B0000
trusted library allocation
page read and write
3EE800303000
direct allocation
page read and write
2CAE000
heap
page read and write
5C000280000
trusted library allocation
page read and write
5BE4002A8000
trusted library allocation
page read and write
66C400F19000
trusted library allocation
page read and write
66C400F78000
trusted library allocation
page read and write
1BF700CB000
heap
page read and write
66C400E80000
trusted library allocation
page read and write
66C401320000
trusted library allocation
page read and write
66C4007E8000
trusted library allocation
page read and write
66C4010AC000
trusted library allocation
page read and write
1BF70000000
trusted library section
page read and write
1BF6C558000
heap
page read and write
5C0002A0000
trusted library allocation
page read and write
2345E000
stack
page read and write
1E8002A4000
trusted library allocation
page read and write
5C0002B0000
trusted library allocation
page read and write
293E3FD000
stack
page read and write
1DB539A7000
heap
page read and write
1E8002A0000
trusted library allocation
page read and write
66C400CFC000
trusted library allocation
page read and write
66C401524000
trusted library allocation
page read and write
5C00008C000
trusted library allocation
page read and write
1DB51AA6000
heap
page read and write
66C401264000
trusted library allocation
page read and write
5C00000C000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
4FC400430000
trusted library allocation
page read and write
3EE8002E0000
direct allocation
page read and write
66C400EC0000
trusted library allocation
page read and write
110B000
unkown
page execute and read and write
1BF700D3000
heap
page read and write
66C4017EC000
trusted library allocation
page read and write
66C4017BC000
trusted library allocation
page read and write
66C401CEC000
trusted library allocation
page read and write
1DB53964000
heap
page read and write
19040026C000
direct allocation
page read and write
1D29F000
heap
page read and write
409800210000
trusted library allocation
page read and write
66C401BEC000
trusted library allocation
page read and write
1BF76762000
trusted library section
page read and write
66C401798000
trusted library allocation
page read and write
66C4014DC000
trusted library allocation
page read and write
1DB53916000
heap
page read and write
29263EF000
stack
page read and write
66C4002A8000
trusted library allocation
page read and write
39EF000
stack
page read and write
6CC65000
unkown
page readonly
F70000
unkown
page readonly
5BE4002F0000
trusted library allocation
page read and write
5BE400201000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
1BF7012E000
heap
page read and write
1D29D000
heap
page read and write
66C40151C000
trusted library allocation
page read and write
5BE400264000
trusted library allocation
page read and write
66C4017A8000
trusted library allocation
page read and write
1D28F000
heap
page read and write
5C000260000
trusted library allocation
page read and write
66C40037C000
trusted library allocation
page read and write
66C400840000
trusted library allocation
page read and write
66C401BB4000
trusted library allocation
page read and write
66C400F30000
trusted library allocation
page read and write
29323FD000
stack
page read and write
5BE4002A8000
trusted library allocation
page read and write
409800758000
trusted library allocation
page read and write
1BF6FB0A000
heap
page read and write
1690000
unkown
page execute and read and write
47B1000
heap
page read and write
1DB53955000
heap
page read and write
66C4007F4000
trusted library allocation
page read and write
233F0000
trusted library allocation
page read and write
1D286000
heap
page read and write
66C400E24000
trusted library allocation
page read and write
4FC400338000
trusted library allocation
page read and write
66C40009C000
trusted library allocation
page read and write
5C000104000
trusted library allocation
page read and write
5C00041C000
trusted library allocation
page read and write
66C4001D8000
trusted library allocation
page read and write
66C4004D8000
trusted library allocation
page read and write
66C4005F4000
trusted library allocation
page read and write
1D288000
heap
page read and write
66C401724000
trusted library allocation
page read and write
66C401530000
trusted library allocation
page read and write
1DB51AC1000
heap
page read and write
66C400EC3000
trusted library allocation
page read and write
409800368000
trusted library allocation
page read and write
4FC400290000
trusted library allocation
page read and write
66C4009C8000
trusted library allocation
page read and write
A701FFE000
unkown
page readonly
2DAF000
stack
page read and write
5C0003B0000
trusted library allocation
page read and write
66C400504000
trusted library allocation
page read and write
29343FE000
stack
page read and write
1CD2E000
stack
page read and write
3EE800318000
direct allocation
page read and write
1DB53960000
heap
page read and write
5C0004B0000
trusted library allocation
page read and write
66C40180C000
trusted library allocation
page read and write
66C400D68000
trusted library allocation
page read and write
1D2A3000
heap
page read and write
614000
heap
page read and write
66C4001B0000
trusted library allocation
page read and write
66C401764000
trusted library allocation
page read and write
1BF700B8000
heap
page read and write
66C401708000
trusted library allocation
page read and write
66C40034C000
trusted library allocation
page read and write
1BF75D10000
trusted library allocation
page read and write
1DB51A72000
heap
page read and write
5C000024000
trusted library allocation
page read and write
5D0000
heap
page read and write
66C400D24000
trusted library allocation
page read and write
293ABFE000
unkown
page readonly
614000
heap
page read and write
66C400458000
trusted library allocation
page read and write
66C401B18000
trusted library allocation
page read and write
5BE4002C8000
trusted library allocation
page read and write
13E0000
unkown
page execute and read and write
66C4002D4000
trusted library allocation
page read and write
23370000
heap
page read and write
610000
heap
page read and write
66C400B64000
trusted library allocation
page read and write
409800694000
trusted library allocation
page read and write
F70000
unkown
page read and write
5C000288000
trusted library allocation
page read and write
66C401801000
trusted library allocation
page read and write
2336A000
heap
page read and write
5C00024C000
trusted library allocation
page read and write
293F3FC000
stack
page read and write
66C400308000
trusted library allocation
page read and write
66C4018FC000
trusted library allocation
page read and write
1D28B000
heap
page read and write
66C401980000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C401564000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C4007A2000
trusted library allocation
page read and write
66C4017E4000
trusted library allocation
page read and write
1BF70150000
trusted library section
page read and write
1DB51AA2000
heap
page read and write
66C400AEC000
trusted library allocation
page read and write
1BF72310000
trusted library allocation
page read and write
5BE400210000
trusted library allocation
page read and write
5C0002AC000
trusted library allocation
page read and write
66C400CC4000
trusted library allocation
page read and write
66C4017E8000
trusted library allocation
page read and write
66C401548000
trusted library allocation
page read and write
409800320000
trusted library allocation
page read and write
5C000354000
trusted library allocation
page read and write
5C0001E4000
trusted library allocation
page read and write
23609000
heap
page read and write
6C9E0000
unkown
page readonly
66C4015A8000
trusted library allocation
page read and write
4DA0000
direct allocation
page execute and read and write
1D2AC000
heap
page read and write
4FC4003C4000
trusted library allocation
page read and write
66C401A60000
trusted library allocation
page read and write
66C400D24000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
66C40015C000
trusted library allocation
page read and write
66C4010DC000
trusted library allocation
page read and write
1DB53938000
heap
page read and write
66C400DC0000
trusted library allocation
page read and write
5C00028C000
trusted library allocation
page read and write
5C000240000
trusted library allocation
page read and write
A71DFFE000
unkown
page readonly
66C40089C000
trusted library allocation
page read and write
66C401264000
trusted library allocation
page read and write
19040025C000
direct allocation
page read and write
40980075C000
trusted library allocation
page read and write
1D29F000
heap
page read and write
294D3FD000
stack
page read and write
66C40056C000
trusted library allocation
page read and write
409800644000
trusted library allocation
page read and write
47B1000
heap
page read and write
293BBFE000
unkown
page readonly
66C401C98000
trusted library allocation
page read and write
66C401B30000
trusted library allocation
page read and write
5C000234000
trusted library allocation
page read and write
5BE4002B4000
trusted library allocation
page read and write
66C40093C000
trusted library allocation
page read and write
66C401734000
trusted library allocation
page read and write
2940BFE000
unkown
page readonly
1904002EC000
direct allocation
page read and write
1BF75BC0000
heap
page read and write
66C40001C000
trusted library allocation
page read and write
1BF700B2000
heap
page read and write
1DB51AA5000
heap
page read and write
47B0000
heap
page read and write
1BF7689D000
trusted library section
page read and write
66C40040C000
trusted library allocation
page read and write
5C000220000
trusted library allocation
page read and write
4FC4002F4000
trusted library allocation
page read and write
66C4014BC000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
1E800238000
trusted library allocation
page read and write
1BF70119000
heap
page read and write
2AEC000
stack
page read and write
47B1000
heap
page read and write
47B1000
heap
page read and write
66C4001BC000
trusted library allocation
page read and write
66C40082C000
trusted library allocation
page read and write
1CCEF000
stack
page read and write
3EE8002D8000
direct allocation
page read and write
1DB53926000
heap
page read and write
66C400EF0000
trusted library allocation
page read and write
66C401A20000
trusted library allocation
page read and write
66C401AB8000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
66C4001BC000
trusted library allocation
page read and write
366E000
stack
page read and write
66C4008E0000
trusted library allocation
page read and write
1DB51AA2000
heap
page read and write
1E80020C000
trusted library allocation
page read and write
2950BFE000
unkown
page readonly
409800248000
trusted library allocation
page read and write
1BF6C608000
heap
page read and write
66C401194000
trusted library allocation
page read and write
66C4016F0000
trusted library allocation
page read and write
614000
heap
page read and write
3EE800234000
direct allocation
page read and write
190400290000
direct allocation
page read and write
1BF75CF0000
heap
page read and write
4098006FC000
trusted library allocation
page read and write
5C000224000
trusted library allocation
page read and write
5C000250000
trusted library allocation
page read and write
66C401ADC000
trusted library allocation
page read and write
66C4014D4000
trusted library allocation
page read and write
66C400F24000
trusted library allocation
page read and write
66C401B60000
trusted library allocation
page read and write
66C400EB4000
trusted library allocation
page read and write
3EE800215000
direct allocation
page read and write
5C0002A8000
trusted library allocation
page read and write
66C4019D0000
trusted library allocation
page read and write
1BF764F7000
unclassified section
page read and write
66C400308000
trusted library allocation
page read and write
66C400E20000
trusted library allocation
page read and write
6CA5D000
unkown
page readonly
5C000380000
trusted library allocation
page read and write
66C4017A0000
trusted library allocation
page read and write
1BF7652E000
trusted library section
page read and write
47B1000
heap
page read and write
1BF700A8000
heap
page read and write
66C400AFC000
trusted library allocation
page read and write
66C40020C000
trusted library allocation
page read and write
2CA7000
heap
page read and write
66C400E38000
trusted library allocation
page read and write
1D275000
heap
page read and write
1DB51B2B000
heap
page read and write
5C00038C000
trusted library allocation
page read and write
5C00040C000
trusted library allocation
page read and write
66C401ABC000
trusted library allocation
page read and write
5C000368000
trusted library allocation
page read and write
5C000334000
trusted library allocation
page read and write
316E000
stack
page read and write
66C400E31000
trusted library allocation
page read and write
5BE400270000
trusted library allocation
page read and write
66C4007D0000
trusted library allocation
page read and write
A716FFE000
unkown
page readonly
77D000
stack
page read and write
40980035C000
trusted library allocation
page read and write
1D28C000
heap
page read and write
614000
heap
page read and write
66C4005CC000
trusted library allocation
page read and write
5C000368000
trusted library allocation
page read and write
66C400EF0000
trusted library allocation
page read and write
66C400D04000
trusted library allocation
page read and write
66C40004D000
trusted library allocation
page read and write
1DB51AC6000
heap
page read and write
790000
heap
page read and write
23354000
heap
page read and write
66C4001C4000
trusted library allocation
page read and write
1DB51A9E000
heap
page read and write
66C40179C000
trusted library allocation
page read and write
5C00016C000
trusted library allocation
page read and write
1BF700DC000
heap
page read and write
66C401654000
trusted library allocation
page read and write
4FC4003A0000
trusted library allocation
page read and write
1D388000
heap
page read and write
29293FE000
stack
page read and write
66C400F29000
trusted library allocation
page read and write
1E8002C0000
trusted library allocation
page read and write
3EE800328000
direct allocation
page read and write
1DB545C0000
unkown
page read and write
66C401AA0000
trusted library allocation
page read and write
66C4016D4000
trusted library allocation
page read and write
1D0FE000
stack
page read and write
66C401710000
trusted library allocation
page read and write
66C400F98000
trusted library allocation
page read and write
1BF6C830000
trusted library section
page readonly
409800220000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
5C000258000
trusted library allocation
page read and write
292B3FE000
stack
page read and write
2951BFE000
unkown
page readonly
4DA0000
direct allocation
page execute and read and write
66C400074000
trusted library allocation
page read and write
47B1000
heap
page read and write
1E8002B0000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
14F6000
unkown
page execute and write copy
5C000464000
trusted library allocation
page read and write
1D28F000
heap
page read and write
66C400CE4000
trusted library allocation
page read and write
66C400EFC000
trusted library allocation
page read and write
1DB51AFF000
heap
page read and write
66C400918000
trusted library allocation
page read and write
66C400324000
trusted library allocation
page read and write
A705FFE000
unkown
page readonly
66C400E20000
trusted library allocation
page read and write
66C401630000
trusted library allocation
page read and write
614000
heap
page read and write
1BF7012E000
heap
page read and write
409800201000
trusted library allocation
page read and write
190400215000
direct allocation
page read and write
66C40101C000
trusted library allocation
page read and write
1DB539C4000
heap
page read and write
66C400CFC000
trusted library allocation
page read and write
5C000460000
trusted library allocation
page read and write
A7017FE000
stack
page read and write
1DB539C0000
heap
page read and write
42AF000
stack
page read and write
578000
stack
page read and write
66C4014C0000
trusted library allocation
page read and write
47B1000
heap
page read and write
4FC400350000
trusted library allocation
page read and write
66C4014F0000
trusted library allocation
page read and write
409800348000
trusted library allocation
page read and write
1BF70106000
heap
page read and write
66C401750000
trusted library allocation
page read and write
66C4005BC000
trusted library allocation
page read and write
1BF7676E000
trusted library section
page read and write
409800788000
trusted library allocation
page read and write
1E800270000
trusted library allocation
page read and write
292EBFE000
unkown
page readonly
1E800278000
trusted library allocation
page read and write
66C400A60000
trusted library allocation
page read and write
614000
heap
page read and write
4098006B0000
trusted library allocation
page read and write
66C401680000
trusted library allocation
page read and write
442E000
stack
page read and write
66C4001EC000
trusted library allocation
page read and write
66C400CD0000
trusted library allocation
page read and write
66C401BCC000
trusted library allocation
page read and write
1DB53988000
heap
page read and write
2934BFE000
unkown
page readonly
1D29D000
heap
page read and write
409800368000
trusted library allocation
page read and write
4FC400210000
trusted library allocation
page read and write
5C000030000
trusted library allocation
page read and write
40980069C000
trusted library allocation
page read and write
66C4002FB000
trusted library allocation
page read and write
66C400738000
trusted library allocation
page read and write
66C400CFC000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
1BF7011F000
heap
page read and write
66C400104000
trusted library allocation
page read and write
A7007FE000
stack
page read and write
3EE800284000
direct allocation
page read and write
47B1000
heap
page read and write
66C401040000
trusted library allocation
page read and write
4FC400201000
trusted library allocation
page read and write
66C400A48000
trusted library allocation
page read and write
5BE4002A8000
trusted library allocation
page read and write
66C4003AC000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
23570000
trusted library allocation
page read and write
1DB5A810000
trusted library allocation
page read and write
66C4019C0000
trusted library allocation
page read and write
5BE4002FC000
trusted library allocation
page read and write
66C400660000
trusted library allocation
page read and write
1BF6C4F0000
heap
page read and write
66C400EFC000
trusted library allocation
page read and write
66C400818000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
1056000
unkown
page execute and read and write
1BF7009B000
heap
page read and write
66C400FA8000
trusted library allocation
page read and write
5C000300000
trusted library allocation
page read and write
1BF7011D000
heap
page read and write
190400230000
direct allocation
page read and write
47B1000
heap
page read and write
A7247FE000
stack
page read and write
3EE800230000
direct allocation
page read and write
66C401A6C000
trusted library allocation
page read and write
5C0001D0000
trusted library allocation
page read and write
47B1000
heap
page read and write
1D2AC000
heap
page read and write
66C4010C0000
trusted library allocation
page read and write
7E3000
heap
page read and write
66C400358000
trusted library allocation
page read and write
3EE800270000
direct allocation
page read and write
409800700000
trusted library allocation
page read and write
61ECC000
direct allocation
page read and write
66C4011E8000
trusted library allocation
page read and write
1DB51B13000
heap
page read and write
66C4012F4000
trusted library allocation
page read and write
66C40034C000
trusted library allocation
page read and write
29283FE000
stack
page read and write
66C4015A0000
trusted library allocation
page read and write
2930BFE000
unkown
page readonly
66C4001DC000
trusted library allocation
page read and write
66C401BEC000
trusted library allocation
page read and write
1D28F000
heap
page read and write
1E8002C0000
trusted library allocation
page read and write
A721FFE000
unkown
page readonly
5C0003C0000
trusted library allocation
page read and write
5C0000A0000
trusted library allocation
page read and write
66C4002CC000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C4003AC000
trusted library allocation
page read and write
66C400504000
trusted library allocation
page read and write
1BF6C4B0000
heap
page readonly
1DB53928000
heap
page read and write
294A3FD000
stack
page read and write
4FC400404000
trusted library allocation
page read and write
5C0000F4000
trusted library allocation
page read and write
66C400FC4000
trusted library allocation
page read and write
66C40013C000
trusted library allocation
page read and write
1D276000
heap
page read and write
66C40157C000
trusted library allocation
page read and write
1904002AC000
direct allocation
page read and write
5C0000C0000
trusted library allocation
page read and write
409800408000
trusted library allocation
page read and write
5C00023C000
trusted library allocation
page read and write
66C40100C000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C401A5C000
trusted library allocation
page read and write
4FC400374000
trusted library allocation
page read and write
A70B7FD000
stack
page read and write
66C4015B8000
trusted library allocation
page read and write
409800684000
trusted library allocation
page read and write
66C4017D4000
trusted library allocation
page read and write
66C401CA8000
trusted library allocation
page read and write
66C400818000
trusted library allocation
page read and write
66C401094000
trusted library allocation
page read and write
4FC400408000
trusted library allocation
page read and write
5BE400238000
trusted library allocation
page read and write
66C400308000
trusted library allocation
page read and write
293D3FC000
stack
page read and write
2956BFE000
unkown
page readonly
1DB53960000
heap
page read and write
A719FFE000
unkown
page readonly
5C000314000
trusted library allocation
page read and write
1BF6FAE0000
heap
page read and write
79A000
heap
page read and write
1084000
unkown
page execute and read and write
66C401A48000
trusted library allocation
page read and write
1E8002C0000
trusted library allocation
page read and write
66C401544000
trusted library allocation
page read and write
66C401C50000
trusted library allocation
page read and write
5C0002DC000
trusted library allocation
page read and write
66C4006C0000
trusted library allocation
page read and write
66C4000C0000
trusted library allocation
page read and write
5C000268000
trusted library allocation
page read and write
4FC400358000
trusted library allocation
page read and write
1DB51AC5000
heap
page read and write
1BF700C9000
heap
page read and write
1DB51A7F000
heap
page read and write
66C400330000
trusted library allocation
page read and write
66C40181C000
trusted library allocation
page read and write
1DB51AAB000
heap
page read and write
1DB51B02000
heap
page read and write
4098006F0000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
4098002F4000
trusted library allocation
page read and write
190400217000
direct allocation
page read and write
1D286000
heap
page read and write
4FC400390000
trusted library allocation
page read and write
66C400A0C000
trusted library allocation
page read and write
47B1000
heap
page read and write
1BF6C5EB000
heap
page read and write
66C400A8C000
trusted library allocation
page read and write
4098006D4000
trusted library allocation
page read and write
66C400EFC000
trusted library allocation
page read and write
1117000
unkown
page execute and read and write
66C4014D8000
trusted library allocation
page read and write
66C401754000
trusted library allocation
page read and write
5C0003BC000
trusted library allocation
page read and write
1DB53922000
heap
page read and write
1BF7013E000
heap
page read and write
6C9E1000
unkown
page execute read
1D29D000
heap
page read and write
14DF000
unkown
page execute and read and write
416F000
stack
page read and write
66C400308000
trusted library allocation
page read and write
5C000240000
trusted library allocation
page read and write
66C401A28000
trusted library allocation
page read and write
40980025C000
trusted library allocation
page read and write
5BE4002A8000
trusted library allocation
page read and write
66C4002C0000
trusted library allocation
page read and write
1D29D000
heap
page read and write
66C4014F8000
trusted library allocation
page read and write
2C90000
direct allocation
page read and write
1BF75F60000
trusted library section
page read and write
66C4011B4000
trusted library allocation
page read and write
1BF70050000
heap
page read and write
2931BFE000
unkown
page readonly
66C400401000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
66C4001BC000
trusted library allocation
page read and write
5C00005C000
trusted library allocation
page read and write
66C400EFC000
trusted library allocation
page read and write
4FC4002F1000
trusted library allocation
page read and write
66C4019A4000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
4FC4002D8000
trusted library allocation
page read and write
6CC1F000
unkown
page readonly
1E8002A0000
trusted library allocation
page read and write
1E8002C8000
trusted library allocation
page read and write
1D1FD000
stack
page read and write
66C400E24000
trusted library allocation
page read and write
1E8002A0000
trusted library allocation
page read and write
4FC400300000
trusted library allocation
page read and write
1D28F000
heap
page read and write
1BF74629000
heap
page read and write
1BF6C550000
heap
page read and write
66C4011AC000
trusted library allocation
page read and write
40980060C000
trusted library allocation
page read and write
1CE7E000
stack
page read and write
614000
heap
page read and write
66C40120C000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
66C401C6C000
trusted library allocation
page read and write
66C40177C000
trusted library allocation
page read and write
66C401760000
trusted library allocation
page read and write
66C400303000
trusted library allocation
page read and write
A7187FE000
stack
page read and write
66C400218000
trusted library allocation
page read and write
66C40184C000
trusted library allocation
page read and write
66C401B64000
trusted library allocation
page read and write
4FC400364000
trusted library allocation
page read and write
66C400AC0000
trusted library allocation
page read and write
1BF6C845000
heap
page read and write
1E8002C0000
trusted library allocation
page read and write
66C401578000
trusted library allocation
page read and write
1DB5BC02000
heap
page read and write
66C4000F8000
trusted library allocation
page read and write
66C401650000
trusted library allocation
page read and write
294FBFE000
unkown
page readonly
47B1000
heap
page read and write
5C000020000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
5BE4002E0000
trusted library allocation
page read and write
66C400358000
trusted library allocation
page read and write
1DB5396F000
heap
page read and write
1D270000
heap
page read and write
1BF762FC000
trusted library section
page read and write
6CC81000
unkown
page execute read
66C400A3F000
trusted library allocation
page read and write
292BBFE000
unkown
page readonly
41AE000
stack
page read and write
66C400344000
trusted library allocation
page read and write
66C400818000
trusted library allocation
page read and write
66C400EE0000
trusted library allocation
page read and write
5C00014C000
trusted library allocation
page read and write
1DB53900000
heap
page read and write
66C400704000
trusted library allocation
page read and write
614000
heap
page read and write
61E01000
direct allocation
page execute read
66C401668000
trusted library allocation
page read and write
2957BFE000
unkown
page readonly
66C401688000
trusted library allocation
page read and write
66C40169C000
trusted library allocation
page read and write
66C40150C000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
66C400EFC000
trusted library allocation
page read and write
1DB53938000
heap
page read and write
5C000130000
trusted library allocation
page read and write
1DB51AA5000
heap
page read and write
66C401AF0000
trusted library allocation
page read and write
66C40195C000
trusted library allocation
page read and write
5C000001000
trusted library allocation
page read and write
F71000
unkown
page execute and write copy
409800354000
trusted library allocation
page read and write
66C401A88000
trusted library allocation
page read and write
66C400458000
trusted library allocation
page read and write
1D28A000
heap
page read and write
3EE80031C000
direct allocation
page read and write
1BF6EEC0000
unkown
page read and write
1DB53720000
heap
page read and write
293FBFE000
unkown
page readonly
5C0002F4000
trusted library allocation
page read and write
1DB51A9E000
heap
page read and write
5BE4002A8000
trusted library allocation
page read and write
5C000254000
trusted library allocation
page read and write
66C400B78000
trusted library allocation
page read and write
1DB5393B000
heap
page read and write
3EE800201000
direct allocation
page read and write
614000
heap
page read and write
1DB5BC00000
heap
page read and write
66C400BB4000
trusted library allocation
page read and write
190400234000
direct allocation
page read and write
190400294000
direct allocation
page read and write
5C00021C000
trusted library allocation
page read and write
10B9000
unkown
page execute and read and write
66C400958000
trusted library allocation
page read and write
66C4000D0000
trusted library allocation
page read and write
66C401A80000
trusted library allocation
page read and write
66C4016BC000
trusted library allocation
page read and write
1DB51ADF000
heap
page read and write
1D286000
heap
page read and write
406E000
stack
page read and write
66C4016A0000
trusted library allocation
page read and write
4D6F000
stack
page read and write
6CD27000
unkown
page read and write
23310000
heap
page read and write
1D290000
heap
page read and write
66C401770000
trusted library allocation
page read and write
1DB5392F000
heap
page read and write
1BF70119000
heap
page read and write
29403FC000
stack
page read and write
66C401BEC000
trusted library allocation
page read and write
66C400344000
trusted library allocation
page read and write
66C40104C000
trusted library allocation
page read and write
5BE4002A0000
trusted library allocation
page read and write
66C4019D8000
trusted library allocation
page read and write
66C401678000
trusted library allocation
page read and write
66C4019B8000
trusted library allocation
page read and write
4DD0000
direct allocation
page execute and read and write
3EE800220000
direct allocation
page read and write
E1E000
stack
page read and write
312F000
stack
page read and write
302E000
stack
page read and write
5C00015C000
trusted library allocation
page read and write
66C401B04000
trusted library allocation
page read and write
1BF75EC6000
trusted library section
page read and write
66C401AF4000
trusted library allocation
page read and write
F5F000
stack
page read and write
1BF73D72000
trusted library allocation
page read and write
29503FD000
stack
page read and write
1BF7012B000
heap
page read and write
66C401001000
trusted library allocation
page read and write
66C4015BC000
trusted library allocation
page read and write
4098006CC000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
66C401360000
trusted library allocation
page read and write
1E8002A4000
trusted library allocation
page read and write
4098002CC000
trusted library allocation
page read and write
294ABFE000
unkown
page readonly
66C400344000
trusted library allocation
page read and write
1DB51A5C000
heap
page read and write
66C400308000
trusted library allocation
page read and write
66C401C18000
trusted library allocation
page read and write
66C400D44000
trusted library allocation
page read and write
66C4007A8000
trusted library allocation
page read and write
190400210000
direct allocation
page read and write
5C000248000
trusted library allocation
page read and write
5C0002E8000
trusted library allocation
page read and write
66C401AA4000
trusted library allocation
page read and write
1DB53928000
heap
page read and write
5BE4002A8000
trusted library allocation
page read and write
66C40138C000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
5C000340000
trusted library allocation
page read and write
1DB51AC4000
heap
page read and write
A715FFE000
unkown
page readonly
2C90000
direct allocation
page read and write
47B1000
heap
page read and write
1D290000
heap
page read and write
66C400DA4000
trusted library allocation
page read and write
294E3FE000
stack
page read and write
66C400510000
trusted library allocation
page read and write
5C000228000
trusted library allocation
page read and write
3EE800244000
direct allocation
page read and write
1E800220000
trusted library allocation
page read and write
4FC400284000
trusted library allocation
page read and write
190400280000
direct allocation
page read and write
66C4019A8000
trusted library allocation
page read and write
66C400308000
trusted library allocation
page read and write
66C4001BC000
trusted library allocation
page read and write
66C401C01000
trusted library allocation
page read and write
1DB51A30000
heap
page read and write
66C400224000
trusted library allocation
page read and write
4FC400320000
trusted library allocation
page read and write
1BF75E83000
trusted library section
page read and write
1D26E000
heap
page read and write
66C401D0C000
trusted library allocation
page read and write
A70DFFE000
unkown
page readonly
1DB539A4000
heap
page read and write
66C400769000
trusted library allocation
page read and write
66C401CD0000
trusted library allocation
page read and write
292FBFE000
unkown
page readonly
1BF6FAF8000
heap
page read and write
1DB51AFF000
heap
page read and write
66C400818000
trusted library allocation
page read and write
66C400EF0000
trusted library allocation
page read and write
A7087FD000
stack
page read and write
66C401C64000
trusted library allocation
page read and write
4098007C8000
trusted library allocation
page read and write
1DB51B02000
heap
page read and write
1DB51AA5000
heap
page read and write
A77EDFE000
unkown
page readonly
1BF74150000
trusted library section
page read and write
66C401D0C000
trusted library allocation
page read and write
66C401D30000
trusted library allocation
page read and write
5C000024000
trusted library allocation
page read and write
2C70000
direct allocation
page read and write
66C40060C000
trusted library allocation
page read and write
614000
heap
page read and write
66C400850000
trusted library allocation
page read and write
232F0000
heap
page read and write
5BE4002E4000
trusted library allocation
page read and write
66C400C84000
trusted library allocation
page read and write
66C401910000
trusted library allocation
page read and write
3EE8002C0000
direct allocation
page read and write
1D286000
heap
page read and write
66C401938000
trusted library allocation
page read and write
1D2A0000
heap
page read and write
66C4009E8000
trusted library allocation
page read and write
66C40000C000
trusted library allocation
page read and write
292ABFE000
unkown
page readonly
409800330000
trusted library allocation
page read and write
66C4010C0000
trusted library allocation
page read and write
1BF700C3000
heap
page read and write
1BF6FB02000
heap
page read and write
66C4006B4000
trusted library allocation
page read and write
66C400C0C000
trusted library allocation
page read and write
47B1000
heap
page read and write
1BF6C5EF000
heap
page read and write
47B1000
heap
page read and write
66C401AB4000
trusted library allocation
page read and write
1D2AC000
heap
page read and write
66C400E6C000
trusted library allocation
page read and write
29563FD000
stack
page read and write
1DB5392E000
heap
page read and write
293C3FE000
stack
page read and write
6CA6E000
unkown
page read and write
5C000298000
trusted library allocation
page read and write
1E8002F4000
trusted library allocation
page read and write
66C401315000
trusted library allocation
page read and write
66C400DEC000
trusted library allocation
page read and write
47B1000
heap
page read and write
1DB5394A000
heap
page read and write
1D2A9000
heap
page read and write
1BF7010E000
heap
page read and write
66C400308000
trusted library allocation
page read and write
66C401AD4000
trusted library allocation
page read and write
5C0001C4000
trusted library allocation
page read and write
66C400240000
trusted library allocation
page read and write
66C400784000
trusted library allocation
page read and write
66C400060000
trusted library allocation
page read and write
11DE000
unkown
page execute and read and write
11D8000
unkown
page execute and read and write
66C400D3C000
trusted library allocation
page read and write
47C0000
heap
page read and write
1D293000
heap
page read and write
1691000
unkown
page execute and write copy
66C40176C000
trusted library allocation
page read and write
66C401134000
trusted library allocation
page read and write
1D276000
heap
page read and write
1BF6C840000
heap
page read and write
66C401910000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
1D283000
heap
page read and write
66C400774000
trusted library allocation
page read and write
29423FD000
stack
page read and write
66C400124000
trusted library allocation
page read and write
1BF7006B000
heap
page read and write
66C401A9C000
trusted library allocation
page read and write
66C40175C000
trusted library allocation
page read and write
1D26B000
heap
page read and write
5C00025C000
trusted library allocation
page read and write
1904002E4000
direct allocation
page read and write
4C10000
heap
page read and write
5C000210000
trusted library allocation
page read and write
480F000
heap
page read and write
2942BFE000
unkown
page readonly
66C40101C000
trusted library allocation
page read and write
66C400D24000
trusted library allocation
page read and write
5BE4002D8000
trusted library allocation
page read and write
2949BFE000
unkown
page readonly
3EE800308000
direct allocation
page read and write
1DB51AE3000
heap
page read and write
5C0001EC000
trusted library allocation
page read and write
66C401150000
trusted library allocation
page read and write
66C40160C000
trusted library allocation
page read and write
66C4006CC000
trusted library allocation
page read and write
47B1000
heap
page read and write
1DB51A13000
heap
page read and write
4FC4003BC000
trusted library allocation
page read and write
23400000
trusted library allocation
page read and write
66C401838000
trusted library allocation
page read and write
61EB4000
direct allocation
page read and write
66C401690000
trusted library allocation
page read and write
4FC40025C000
trusted library allocation
page read and write
3F2E000
stack
page read and write
A708FFE000
unkown
page readonly
1BF7011B000
heap
page read and write
66C400C18000
trusted library allocation
page read and write
362F000
stack
page read and write
66C4016A8000
trusted library allocation
page read and write
1DB5396C000
heap
page read and write
47B1000
heap
page read and write
66C4016B0000
trusted library allocation
page read and write
A7167FC000
stack
page read and write
66C4002A0000
trusted library allocation
page read and write
5C0001E8000
trusted library allocation
page read and write
1DB51AE9000
heap
page read and write
1BF70119000
heap
page read and write
1904002D0000
direct allocation
page read and write
5C0002E8000
trusted library allocation
page read and write
2936BFE000
unkown
page readonly
1DB51920000
heap
page read and write
66C401B4C000
trusted library allocation
page read and write
1E800201000
trusted library allocation
page read and write
66C40028C000
trusted library allocation
page read and write
5BE4002B8000
trusted library allocation
page read and write
47B1000
heap
page read and write
66C400EC0000
trusted library allocation
page read and write
1BF6FD50000
heap
page read and write
There are 1895 hidden memdumps, click here to show them.