IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1008010001\FunnyJellyfish.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1008024001\76ce55fba7.exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-6E60U.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-D0LMC.tmp\FunnyJellyfish.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Temp\is-FSOGC.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-Q5AID.tmp\FunnyJellyfish.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\is-1VUQP.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\DelightfulCard.dll (copy)
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\is-4PJR3.tmp
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\DocumentsHCAEHJJKFC.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\AKKKECBKKECGCAAAEHJK
ASCII text, with very long lines (1769), with CRLF line terminators
dropped
C:\ProgramData\FHIDAFHCBAKFCAAKFCFCFIIJKF
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FIDGHIIE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\GDBAKEGIDBGIEBFHDHJJEHDHDG
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\HDAFIIDAKJDGDHIDAKJJ
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\IIJJDGHJKKJEBFHJDBGH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\KJDHCAFC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\09ef72cc-1dba-4017-a40a-e464b3d5d50e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\132358d3-3095-438c-8429-0704482c9750.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6aeaf85c-86a7-4d77-9432-b7d4499758b9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\787b7cc8-b1ed-4350-8866-9b6f14544e80.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7bd87eec-7685-49a5-9392-bbf3939a9224.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\90e34d4c-bdc4-4e24-9546-e6e15e99d814.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-673FA06A-1444.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-673FA06A-1B40.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\22252354-1ddc-41e8-84fe-777410ba7047.tmp
Unicode text, UTF-8 text, with very long lines (17304), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5caea874-4381-4cf7-8f67-5d8bcfd09bad.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\6c0e7b26-ce3b-4aea-9d1f-86f114b12486.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7d788db5-e2ba-4b0b-8635-ce4d0d762919.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\84f5a005-f88d-47e9-a118-75c2b11de138.tmp
Unicode text, UTF-8 text, with very long lines (17468), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\000a07b5-db1a-4ca1-8af1-6956ae9c2306.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\008783ab-9621-4a34-b286-8d27e97cd19a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\14853fc2-035b-4e86-b073-5525b7699ed4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF39a2e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF28bdb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2a251.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\aaa926c0-0d5a-43b0-b171-33ef70c21761.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c3ee095e-437d-436b-a869-abc94e7f844f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cd745b4d-152e-43d9-8245-32322c779576.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2d45d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF31270.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF387af.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2c430.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF30f72.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376696685527538
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\2e8ba7dc-b3b0-4c50-8c95-1d97c0d19a3b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\905b327e-4dff-4699-b543-ef495b821284.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF2a251.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b3e42f04-a899-4283-ba9b-c409c3b02e6e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d3a4467e-7f83-4900-b404-1369e9e1f888.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d3f05932-00a5-4cb5-88ce-76a6968cd1f2.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\efe234ce-ff54-43c2-bbc5-fa1a1765529e.tmp
Unicode text, UTF-8 text, with very long lines (17467), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\feaa5c66-1835-4a83-a3c4-31a277911622.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fed09102-d3d8-4ee9-bb6c-afc58cfbad2d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2747a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2748a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2765f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF29d4f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2ea56.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38752.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e3e9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a2ca9d97-d20a-476a-b827-008a9e3b81df.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d88e0c97-9325-4988-9029-7580db6f6497.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f6bf8e59-6695-4c8c-bce6-3a60f778b241.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\random[1].exe
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
modified
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\FunnyJellyfish[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\3e46e1fe-9900-4773-b114-be1e46e73b94.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 135363
dropped
C:\Users\user\AppData\Local\Temp\4f5c78ae-ea3f-48c8-ab3c-6b94eb343007.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\5d94539a-781a-46f0-a66d-05ac494905d9.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\8bbc31bd-aa16-496f-806f-3b33c4c2d2f1.tmp
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1knuhyxt.cmo.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tcpl0in1.ggr.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\daee817e-e190-4e61-ac1c-61a886801243.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\de647c73-1f17-43b8-881f-53b29a7fe328.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\e2ccb6fb-5a68-4651-abca-1236c97be0a1.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\is-6E60U.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
modified
C:\Users\user\AppData\Local\Temp\is-FSOGC.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_16115946\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_16115946\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_16115946\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_16115946\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_16115946\daee817e-e190-4e61-ac1c-61a886801243.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\5d94539a-781a-46f0-a66d-05ac494905d9.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3777)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir5188_1640264982\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3782)
dropped
C:\Users\user\AppData\Local\unins000.dat
InnoSetup Log Alert Window, version 0x418, 3715 bytes, 061544\37\user, C:\Users\user\AppData\Local\376\377\3
modified
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite-shm
data
dropped
C:\Windows\Tasks\skotes.job
data
dropped
Chrome Cache Entry: 465
Unicode text, UTF-8 text, with very long lines (763)
downloaded
Chrome Cache Entry: 466
ASCII text, with very long lines (2586)
downloaded
Chrome Cache Entry: 467
ASCII text
downloaded
Chrome Cache Entry: 468
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 469
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 470
SVG Scalable Vector Graphics image
downloaded
There are 296 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2072,i,2579720716033033678,1062830349227764566,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2488 --field-trial-handle=2396,i,17343823971388539006,1664554202216569598,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2540 --field-trial-handle=2008,i,2574835411242715716,13927479174439515153,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6336 --field-trial-handle=2008,i,2574835411242715716,13927479174439515153,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6492 --field-trial-handle=2008,i,2574835411242715716,13927479174439515153,262144 /prefetch:8
malicious
C:\Users\user\DocumentsHCAEHJJKFC.exe
"C:\Users\user\DocumentsHCAEHJJKFC.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
"C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7528 --field-trial-handle=2008,i,2574835411242715716,13927479174439515153,262144 /prefetch:8
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32.exe" /s /i:INSTALL "C:\Users\user\AppData\Roaming\\DelightfulCard.dll"
 malicious
C:\Windows\System32\regsvr32.exe
/s /i:INSTALL "C:\Users\user\AppData\Roaming\\DelightfulCard.dll"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command "if (Get-ScheduledTask | Where-Object { $_.Actions.Execute -eq 'regsvr32' -and $_.Actions.Arguments -eq '/S /i:INSTALL C:\Users\user\AppData\Roaming\DelightfulCard.dll' }) { exit 0 } else { exit 1 }"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsHCAEHJJKFC.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\user\AppData\Local\Temp\1008010001\FunnyJellyfish.exe
"C:\Users\user~1\AppData\Local\Temp\1008010001\FunnyJellyfish.exe"
C:\Users\user\AppData\Local\Temp\is-Q5AID.tmp\FunnyJellyfish.tmp
"C:\Users\user~1\AppData\Local\Temp\is-Q5AID.tmp\FunnyJellyfish.tmp" /SL5="$3025E,1097818,140800,C:\Users\user~1\AppData\Local\Temp\1008010001\FunnyJellyfish.exe"
C:\Windows\SysWOW64\cmd.exe
"cmd.exe" /C timeout /T 3 & "C:\Users\user~1\AppData\Local\Temp\1008010001\FunnyJellyfish.exe" /VERYSILENT /SUPPRESSMSGBOXES
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\timeout.exe
timeout /T 3
C:\Users\user\AppData\Local\Temp\1008010001\FunnyJellyfish.exe
"C:\Users\user~1\AppData\Local\Temp\1008010001\FunnyJellyfish.exe" /VERYSILENT /SUPPRESSMSGBOXES
C:\Users\user\AppData\Local\Temp\is-D0LMC.tmp\FunnyJellyfish.tmp
"C:\Users\user~1\AppData\Local\Temp\is-D0LMC.tmp\FunnyJellyfish.tmp" /SL5="$104A2,1097818,140800,C:\Users\user~1\AppData\Local\Temp\1008010001\FunnyJellyfish.exe" /VERYSILENT /SUPPRESSMSGBOXES
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 17 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.206/68b591d6548ec281/softokn3.dll
185.215.113.206
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_ef0fa27a12d43fbd45649e195429e8a63ddcad7cf7e128c0
unknown
http://31.41.244.11/files/random.exeespace
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732223106442&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
http://31.41.244.11/files/random.exe1008024001n
unknown
https://duckduckgo.com/ac/?q=
unknown
http://185.215.113.206/
185.215.113.206
https://ntp.msn.com/0
unknown
https://deff.nelreports.net/api/report?cat=msn
23.44.133.59
http://31.41.244.11/files/random.exe506ncoded
unknown
http://31.41.244.11/files/random.exe3
unknown
http://31.41.244.11/files/random.exe1
unknown
https://docs.google.com/
unknown
http://185.215.113.43/Zu7JuNko/index.php
185.215.113.43
http://185.215.113.206/68b591d6548ec281/freebl3.dll
185.215.113.206
https://drive.google.com/
unknown
https://c.msn.com/c.gif?rnd=1732223097968&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=d41ff1193c9d4d589e56076438120f12&activityId=d41ff1193c9d4d589e56076438120f12&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=2F27E49CDADA4719BA52FA6E0688DEC0&MUID=3AFA34AF60E96DDF261E219161EE6CD7
20.110.205.119
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732223105442&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://nuget.org/nuget.exe
unknown
http://185.215.113.206/68b591d6548ec281/nss3.dll
185.215.113.206
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
142.250.181.100
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://sb.scorecardresearch.com/b?rn=1732223097968&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3AFA34AF60E96DDF261E219161EE6CD7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
3.168.102.127
https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLK
unknown
http://www.innosetup.com/
unknown
http://www.mozilla.com/en-US/blocklist/
unknown
https://mozilla.org0/
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732223105451&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://drive-daily-2.corp.google.com/
unknown
https://drive-daily-4.corp.google.com/
unknown
https://contoso.com/Icon
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://assets.msn.com
unknown
https://www.ecosia.org/newtab/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://github.com/Pester/Pester
unknown
https://drive-daily-5.corp.google.com/
unknown
https://www.google.com/chrome
unknown
https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
unknown
http://31.41.244.11/files/FunnyJellyfish.exe6
unknown
https://chromewebstore.google.com/
unknown
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
unknown
https://drive-preprod.corp.google.com/
unknown
http://31.41.244.11/files/random.exe
unknown
https://chrome.google.com/webstore/
unknown
http://185.215.113.206rontdesk
unknown
http://185.215.113.16/mine/random.exez
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732223097965&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
https://api.msn.com/v1/news/Feed/Windows?
unknown
http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
185.215.113.206
https://contoso.com/License
unknown
https://clients2.googleusercontent.com/crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx
172.217.19.225
https://docs.rs/getrandom#nodejs-es-module-support
unknown
https://ntp.msn.com/edge/ntp
unknown
http://185.215.113.16/mine/random.exe
185.215.113.16
https://ecs.n
unknown
http://31.41.244.11/files/FunnyJellyfish.exeZ
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://c.msn.com/c.gif?rnd=1732223097968&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=d41ff1193c9d4d589e56076438120f12&activityId=d41ff1193c9d4d589e56076438120f12&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0
20.110.205.119
http://185.215.113.206/68b591d6548ec281/sqlite3.dll
185.215.113.206
https://ntp.msn.com
unknown
https://drive-staging.corp.google.com/
unknown
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
https://contoso.com/
unknown
https://oneget.orgX
unknown
http://185.215.113.206/68b591d6548ec281/mozglue.dll
185.215.113.206
https://ntp.msn.com/
unknown
http://31.41.244.11/files/FunnyJellyfish.exe
unknown
http://www.sqlite.org/copyright.html.
unknown
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
unknown
http://185.215.113.206/c4becf79229cb002.phpOS=Windows_NTPat
unknown
http://nuget.org/NuGet.exe
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://31.41.244.11/files/random.exeemp
unknown
http://31.41.244.11/files/random.exe506238476Q
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
http://31.41.244.11/files/random.exeg
unknown
http://185.215.113.206/68b591d6548ec281/softokn3.dllM
unknown
http://185.215.113.206/68b591d6548ec281/msvcp140.dll
185.215.113.206
https://drive-autopush.corp.google.com/
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696490019400400000.2&ci=1696490019252.
unknown
http://185.215.113.206/c4becf79229cb002.php
185.215.113.206
https://www.google.com/async/newtab_promos
142.250.181.100
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
unknown
https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
unknown
https://ac.ecosia.org/autocomplete?q=
unknown
https://www.google.com/async/ddljson?async=ntp:2
142.250.181.100
https://sb.scorecardresearch.com/b2?rn=1732223097968&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3AFA34AF60E96DDF261E219161EE6CD7&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
3.168.102.127
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
142.250.181.100
https://chrome.cloudflare-dns.com/dns-query
162.159.61.3
http://31.41.244.11/files/random.exe5062384760
unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
unknown
https://drive-daily-6.corp.google.com/
unknown
https://drive-daily-0.corp.google.com/
unknown
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732223106331&w=0&anoncknm=app_anon&NoResponseBody=true
104.208.16.90
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
162.159.61.3
plus.l.google.com
172.217.17.78
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.165.220.110
www.google.com
142.250.181.100
s-part-0035.t-0009.t-msedge.net
13.107.246.63
googlehosted.l.googleusercontent.com
172.217.19.225
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
assets.msn.com
unknown
c.msn.com
unknown
ntp.msn.com
unknown
apis.google.com
unknown
api.msn.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
185.215.113.43
unknown
Portugal
malicious
192.168.2.7
unknown
unknown
malicious
185.215.113.206
unknown
Portugal
malicious
13.107.246.40
unknown
United States
152.195.19.97
unknown
United States
172.217.19.225
googlehosted.l.googleusercontent.com
United States
3.168.102.127
unknown
United States
23.219.82.90
unknown
United States
162.159.61.3
chrome.cloudflare-dns.com
United States
104.208.16.90
unknown
United States
23.44.133.59
unknown
United States
20.110.205.119
unknown
United States
204.79.197.219
unknown
United States
4.153.29.52
unknown
United States
23.44.203.20
unknown
United States
23.44.203.86
unknown
United States
31.41.244.11
unknown
Russian Federation
23.219.82.49
unknown
United States
172.217.17.78
plus.l.google.com
United States
23.44.133.11
unknown
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
185.215.113.16
unknown
Portugal
20.99.185.48
unknown
United States
142.250.181.100
www.google.com
United States
239.255.255.250
unknown
Reserved
18.165.220.110
sb.scorecardresearch.com
United States
127.0.0.1
unknown
unknown
There are 17 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197780
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197780
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197780
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
Inno Setup: Setup Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
Inno Setup: App Path
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
InstallLocation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
Inno Setup: Icon Group
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
Inno Setup: User
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
Inno Setup: Language
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
QuietUninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
InstallDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
MajorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
MinorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alert Window_is1
EstimatedSize
There are 117 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
5280000
direct allocation
page read and write
 malicious
401000
unkown
page execute and read and write
 malicious
401000
unkown
page execute and read and write
 malicious
5B1000
unkown
page execute and read and write
 malicious
4F70000
direct allocation
page read and write
 malicious
4BE0000
direct allocation
page read and write
 malicious
401000
unkown
page execute and read and write
 malicious
4AA0000
direct allocation
page read and write
 malicious
AF1000
unkown
page execute and read and write
 malicious
4C00000
direct allocation
page read and write
 malicious
110E000
heap
page read and write
 malicious
21C0000
direct allocation
page execute and read and write
3067000
heap
page read and write
1D732000
heap
page read and write
3EDE000
stack
page read and write
874000
heap
page read and write
FD587FF000
stack
page read and write
2380000
direct allocation
page read and write
25D1000
heap
page read and write
1D713000
heap
page read and write
376F000
stack
page read and write
1D702000
heap
page read and write
25AC000
heap
page read and write
77E000
heap
page read and write
325E000
stack
page read and write
2463000
heap
page read and write
2D5E000
stack
page read and write
401E000
stack
page read and write
35DD000
direct allocation
page read and write
874000
heap
page read and write
4AE1000
heap
page read and write
717000
unkown
page execute and read and write
23804000
heap
page read and write
241C000
heap
page read and write
874000
heap
page read and write
3BFE000
stack
page read and write
23790000
trusted library allocation
page read and write
245D000
heap
page read and write
8CF000
stack
page read and write
9C4000
heap
page read and write
A6E000
heap
page read and write
1100000
heap
page read and write
DFB000
heap
page read and write
2188000
direct allocation
page read and write
249F000
heap
page read and write
4DF1000
heap
page read and write
4BAE000
stack
page read and write
25C0000
direct allocation
page read and write
15E0000
direct allocation
page read and write
4FE000
unkown
page write copy
980000
heap
page read and write
349E000
heap
page read and write
7FFAA938A000
trusted library allocation
page read and write
534E000
stack
page read and write
7CF000
stack
page read and write
7FFB0D745000
unkown
page readonly
2E5C000
stack
page read and write
10D4000
heap
page read and write
23F1000
heap
page read and write
4DC0000
direct allocation
page execute and read and write
2457000
heap
page read and write
237FF000
heap
page read and write
4761000
heap
page read and write
6F0000
heap
page read and write
293E000
stack
page read and write
7FFB22782000
unkown
page readonly
416F000
stack
page read and write
4BE0000
direct allocation
page execute and read and write
874000
heap
page read and write
FD58C39000
stack
page read and write
900000
heap
page read and write
FD58B3F000
stack
page read and write
4AE1000
heap
page read and write
1D733000
heap
page read and write
874000
heap
page read and write
245E000
heap
page read and write
23A2000
direct allocation
page read and write
4AE1000
heap
page read and write
5F36000
heap
page read and write
2D5F000
stack
page read and write
1D733000
heap
page read and write
A72000
heap
page read and write
15E0000
direct allocation
page read and write
4AE1000
heap
page read and write
326F000
stack
page read and write
2457000
heap
page read and write
10D4000
heap
page read and write
23EA000
direct allocation
page read and write
874000
heap
page read and write
874000
heap
page read and write
870000
heap
page read and write
4D70000
direct allocation
page execute and read and write
9D0000
heap
page read and write
7FFAA9390000
trusted library allocation
page execute and read and write
508000
unkown
page write copy
DF0000
heap
page read and write
7CF000
heap
page read and write
23F1000
heap
page read and write
4FE000
unkown
page read and write
874000
heap
page read and write
B5B000
unkown
page execute and read and write
2595000
heap
page read and write
1D720000
heap
page read and write
25F8000
heap
page read and write
4AE1000
heap
page read and write
4AE1000
heap
page read and write
2328000
direct allocation
page read and write
9C4000
heap
page read and write
261F000
heap
page read and write
FD586FE000
stack
page read and write
4DF1000
heap
page read and write
AC0000
direct allocation
page read and write
249F000
heap
page read and write
5C7C000
stack
page read and write
6CDD1000
unkown
page execute read
19C000
stack
page read and write
B52000
unkown
page execute and read and write
874000
heap
page read and write
9C4000
heap
page read and write
23C6000
direct allocation
page read and write
306F000
heap
page read and write
2970000
direct allocation
page read and write
249F000
heap
page read and write
5C60000
direct allocation
page read and write
2238000
direct allocation
page read and write
4860000
direct allocation
page read and write
4FC000
unkown
page execute read
2465000
heap
page read and write
11B7000
heap
page read and write
770000
heap
page read and write
3FDF000
stack
page read and write
239B000
direct allocation
page read and write
874000
heap
page read and write
2571000
heap
page read and write
421000
unkown
page readonly
222E000
direct allocation
page read and write
7FFB22761000
unkown
page execute read
4BE0000
direct allocation
page read and write
2645000
heap
page read and write
4720000
trusted library allocation
page read and write
25D1000
heap
page read and write
874000
heap
page read and write
548D000
stack
page read and write
249F000
heap
page read and write
25C0000
heap
page read and write
230C871F000
trusted library allocation
page read and write
874000
heap
page read and write
4761000
heap
page read and write
2A6FC000
stack
page read and write
4AE1000
heap
page read and write
4AE1000
heap
page read and write
2DBE000
heap
page read and write
90A000
heap
page read and write
375E000
stack
page read and write
1D72D000
heap
page read and write
4AE1000
heap
page read and write
2A1E000
stack
page read and write
10D4000
heap
page read and write
874000
heap
page read and write
1D733000
heap
page read and write
2A3C000
stack
page read and write
874000
heap
page read and write
230C66B4000
heap
page read and write
CED000
unkown
page execute and read and write
3D5F000
stack
page read and write
544F000
stack
page read and write
4C00000
direct allocation
page execute and read and write
7014E000
unkown
page read and write
5CE000
stack
page read and write
874000
heap
page read and write
4860000
direct allocation
page read and write
8C5000
unkown
page execute and read and write
230E07E0000
heap
page read and write
1D734000
heap
page read and write
5F0E000
stack
page read and write
3EE000
stack
page read and write
2970000
direct allocation
page read and write
2465000
heap
page read and write
2520000
heap
page read and write
24C8000
heap
page read and write
15E0000
direct allocation
page read and write
3C1F000
stack
page read and write
4761000
heap
page read and write
860000
heap
page read and write
2E5F000
stack
page read and write
80E000
stack
page read and write
987000
heap
page read and write
2438000
heap
page read and write
874000
heap
page read and write
4860000
direct allocation
page read and write
23F1000
heap
page read and write
874000
heap
page read and write
4761000
heap
page read and write
25F0000
heap
page read and write
35EE000
stack
page read and write
874000
heap
page read and write
2466000
heap
page read and write
46FF000
stack
page read and write
874000
heap
page read and write
A08000
heap
page read and write
45FE000
stack
page read and write
19C000
stack
page read and write
4BE0000
direct allocation
page read and write
52DF000
stack
page read and write
36FE000
stack
page read and write
25A9000
heap
page read and write
25CD000
heap
page read and write
2465000
heap
page read and write
1D740000
heap
page read and write
4761000
heap
page read and write
401000
unkown
page execute and write copy
FD58AF9000
stack
page read and write
224B000
direct allocation
page read and write
1D719000
heap
page read and write
2AAF000
stack
page read and write
1D71C000
heap
page read and write
95E000
heap
page read and write
874000
heap
page read and write
9C4000
heap
page read and write
4761000
heap
page read and write
4AD0000
direct allocation
page read and write
400000
unkown
page readonly
2D2B000
stack
page read and write
4BE0000
direct allocation
page execute and read and write
874000
heap
page read and write
5400000
direct allocation
page execute and read and write
46B000
unkown
page execute and read and write
5440000
direct allocation
page execute and read and write
23AB7000
heap
page read and write
2438000
heap
page read and write
230D860F000
trusted library allocation
page read and write
3C5D000
stack
page read and write
2438000
heap
page read and write
24C8000
heap
page read and write
4AE1000
heap
page read and write
1D71F000
heap
page read and write
2611000
heap
page read and write
2419000
heap
page read and write
6991000
heap
page read and write
AF1000
unkown
page execute and write copy
E1D000
heap
page read and write
D80000
heap
page read and write
530000
heap
page read and write
4AE1000
heap
page read and write
257F000
heap
page read and write
7FFB0D74B000
unkown
page readonly
2438000
heap
page read and write
249F000
heap
page read and write
38AF000
stack
page read and write
711000
unkown
page execute and read and write
439F000
stack
page read and write
97F000
heap
page read and write
2642000
heap
page read and write
230C8F85000
trusted library allocation
page read and write
1D6FD000
stack
page read and write
3F2E000
stack
page read and write
874000
heap
page read and write
1D722000
heap
page read and write
285E000
stack
page read and write
39DE000
stack
page read and write
A76000
heap
page read and write
3E7E000
stack
page read and write
23801000
heap
page read and write
25B0000
heap
page read and write
DC0000
heap
page read and write
2478000
heap
page read and write
39DE000
stack
page read and write
55CE000
stack
page read and write
24F1000
heap
page read and write
BE0000
heap
page read and write
A6E000
heap
page read and write
874000
heap
page read and write
242F000
heap
page read and write
4761000
heap
page read and write
41D000
unkown
page read and write
5400000
direct allocation
page execute and read and write
7FFAA9286000
trusted library allocation
page read and write
9C4000
heap
page read and write
24C8000
heap
page read and write
620000
heap
page read and write
23F1000
heap
page read and write
2641000
heap
page read and write
9B5000
heap
page read and write
2465000
heap
page read and write
4D80000
direct allocation
page execute and read and write
9C4000
heap
page read and write
241B000
heap
page read and write
4761000
heap
page read and write
2CAE000
stack
page read and write
257D000
heap
page read and write
4761000
heap
page read and write
24C8000
heap
page read and write
874000
heap
page read and write
6FA000
stack
page read and write
2570000
heap
page read and write
2D1F000
stack
page read and write
9BC000
heap
page read and write
230C85A0000
heap
page execute and read and write
7F30000
heap
page read and write
2438000
heap
page read and write
1D72F000
heap
page read and write
372E000
stack
page read and write
95C000
stack
page read and write
23F1000
heap
page read and write
4D50000
direct allocation
page execute and read and write
315F000
stack
page read and write
411F000
stack
page read and write
3060000
heap
page read and write
EF5000
heap
page read and write
9C4000
heap
page read and write
4DF1000
heap
page read and write
2C5B000
stack
page read and write
2970000
direct allocation
page read and write
2286000
direct allocation
page read and write
874000
heap
page read and write
2465000
heap
page read and write
257E000
heap
page read and write
700C0000
unkown
page readonly
1D750000
heap
page read and write
7FFAA93E0000
trusted library allocation
page read and write
9BC000
heap
page read and write
7FFAA91DD000
trusted library allocation
page execute and read and write
22B2000
direct allocation
page read and write
874000
heap
page read and write
1D750000
heap
page read and write
41AE000
stack
page read and write
4F70000
direct allocation
page read and write
230C6698000
heap
page read and write
4761000
heap
page read and write
1D711000
heap
page read and write
4B01000
direct allocation
page read and write
257B000
heap
page read and write
4761000
heap
page read and write
247E000
heap
page read and write
515000
unkown
page readonly
260E000
heap
page read and write
4AD0000
direct allocation
page read and write
61EB4000
direct allocation
page read and write
23BF000
direct allocation
page read and write
7FFAA94A0000
trusted library allocation
page read and write
4AE1000
heap
page read and write
2380A000
heap
page read and write
230C6716000
heap
page read and write
7B4000
heap
page read and write
10D4000
heap
page read and write
461F000
stack
page read and write
214E000
direct allocation
page read and write
24C8000
heap
page read and write
1D734000
heap
page read and write
874000
heap
page read and write
FD5887E000
stack
page read and write
40BF000
stack
page read and write
FDC000
stack
page read and write
9DF000
heap
page read and write
248D000
heap
page read and write
7FFB22776000
unkown
page readonly
2A701000
heap
page read and write
721000
unkown
page execute and write copy
46AE000
stack
page read and write
25EB000
heap
page read and write
4761000
heap
page read and write
4621000
heap
page read and write
634000
unkown
page execute and read and write
4AE1000
heap
page read and write
6CFB5000
unkown
page readonly
4761000
heap
page read and write
366E000
stack
page read and write
5400000
direct allocation
page execute and read and write
230C8C2F000
trusted library allocation
page read and write
19C000
stack
page read and write
2534000
heap
page read and write
4761000
heap
page read and write
21E1000
direct allocation
page read and write
874000
heap
page read and write
9C4000
heap
page read and write
116A000
heap
page read and write
230C6995000
heap
page read and write
4761000
heap
page read and write
9C4000
heap
page read and write
9C4000
heap
page read and write
42EE000
stack
page read and write
7FFAA94E0000
trusted library allocation
page read and write
42AF000
stack
page read and write
10D4000
heap
page read and write
248B000
heap
page read and write
222D000
direct allocation
page read and write
3FDF000
stack
page read and write
10D4000
heap
page read and write
4C10000
direct allocation
page execute and read and write
18F000
stack
page read and write
9C4000
heap
page read and write
230C6650000
heap
page read and write
4761000
heap
page read and write
447F000
stack
page read and write
21AD000
direct allocation
page read and write
1D713000
heap
page read and write
227F000
direct allocation
page read and write
874000
heap
page read and write
53F0000
direct allocation
page execute and read and write
2457000
heap
page read and write
1D72E000
heap
page read and write
699E000
heap
page read and write
4761000
heap
page read and write
7C1000
heap
page read and write
CFD000
stack
page read and write
400000
unkown
page read and write
230C8BB2000
trusted library allocation
page read and write
249D000
heap
page read and write
DE8000
stack
page read and write
9C4000
heap
page read and write
3B1E000
stack
page read and write
874000
heap
page read and write
396F000
stack
page read and write
874000
heap
page read and write
249D000
heap
page read and write
1CE0E000
stack
page read and write
22C0000
direct allocation
page read and write
24A3000
heap
page read and write
2465000
heap
page read and write
23F1000
heap
page read and write
4C3E000
stack
page read and write
498F000
stack
page read and write
21B1000
direct allocation
page read and write
230C8767000
trusted library allocation
page read and write
FD58EBE000
stack
page read and write
FD598C6000
stack
page read and write
4761000
heap
page read and write
236B000
direct allocation
page read and write
4AE1000
heap
page read and write
21A0000
heap
page read and write
24C8000
heap
page read and write
4AE1000
heap
page read and write
4AE1000
heap
page read and write
2E2F000
stack
page read and write
1D731000
heap
page read and write
249F000
heap
page read and write
DF6000
heap
page read and write
430000
heap
page read and write
4AE1000
heap
page read and write
1D735000
heap
page read and write
2478000
heap
page read and write
4AE1000
heap
page read and write
437E000
stack
page read and write
400000
unkown
page readonly
4C61000
direct allocation
page read and write
296E000
stack
page read and write
E12000
unkown
page execute and write copy
2570000
heap
page read and write
722000
unkown
page execute and write copy
9C6000
heap
page read and write
2438000
heap
page read and write
7E8000
unkown
page execute and read and write
230D8601000
trusted library allocation
page read and write
1420000
heap
page read and write
7FFAA92F0000
trusted library allocation
page execute and read and write
393F000
stack
page read and write
874000
heap
page read and write
10D4000
heap
page read and write
6CDD0000
unkown
page readonly
4761000
heap
page read and write
1D735000
heap
page read and write
3126000
heap
page read and write
2478000
heap
page read and write
5F20000
heap
page read and write
11E9000
heap
page read and write
35DF000
stack
page read and write
5490000
direct allocation
page execute and read and write
874000
heap
page read and write
15FA000
heap
page read and write
230C6870000
trusted library allocation
page read and write
4AE1000
heap
page read and write
4621000
heap
page read and write
4761000
heap
page read and write
7FFB0D590000
unkown
page readonly
399F000
stack
page read and write
25CB000
heap
page read and write
44EE000
stack
page read and write
10D4000
heap
page read and write
4621000
heap
page read and write
4AE1000
heap
page read and write
7C4000
heap
page read and write
9F0000
heap
page read and write
383E000
stack
page read and write
7FFB0D746000
unkown
page read and write
25AE000
heap
page read and write
379E000
stack
page read and write
23ABD000
heap
page read and write
306F000
stack
page read and write
2A20000
direct allocation
page execute and read and write
43EF000
stack
page read and write
23E3000
direct allocation
page read and write
25C6000
heap
page read and write
4761000
heap
page read and write
389E000
stack
page read and write
230E0676000
heap
page read and write
2478000
heap
page read and write
7FFAA9381000
trusted library allocation
page read and write
874000
heap
page read and write
660000
heap
page read and write
2970000
direct allocation
page read and write
230E0606000
heap
page read and write
4630000
heap
page read and write
4C20000
direct allocation
page execute and read and write
6EE000
stack
page read and write
9C0000
heap
page read and write
462000
unkown
page execute and read and write
2463000
heap
page read and write
15E0000
direct allocation
page read and write
FD58E3E000
stack
page read and write
30AC000
heap
page read and write
2591000
heap
page read and write
230E07A0000
trusted library allocation
page read and write
4761000
heap
page read and write
874000
heap
page read and write
400000
unkown
page read and write
4860000
direct allocation
page read and write
4860000
direct allocation
page read and write
A57000
heap
page read and write
748000
heap
page read and write
951000
heap
page read and write
242F000
heap
page read and write
7FE39000
direct allocation
page read and write
9CA000
heap
page read and write
2B5F000
stack
page read and write
4DF0000
direct allocation
page execute and read and write
4E00000
direct allocation
page execute and read and write
25C3000
heap
page read and write
1D826000
heap
page read and write
4AE1000
heap
page read and write
23790000
trusted library allocation
page read and write
230E07A3000
trusted library allocation
page read and write
425000
unkown
page readonly
2420000
heap
page read and write
9C4000
heap
page read and write
AE0000
direct allocation
page read and write
4761000
heap
page read and write
1060000
heap
page read and write
5D0000
heap
page read and write
1D08E000
stack
page read and write
401000
unkown
page execute and write copy
415E000
stack
page read and write
7CD000
heap
page read and write
2CB0000
heap
page read and write
2D3F000
stack
page read and write
2A3F000
stack
page read and write
9C4000
heap
page read and write
E39000
heap
page read and write
2A700000
heap
page read and write
10D4000
heap
page read and write
411F000
stack
page read and write
2456000
heap
page read and write
6990000
heap
page read and write
2D6E000
stack
page read and write
7FD30000
direct allocation
page read and write
24F1000
heap
page read and write
13CE000
stack
page read and write
2BAF000
stack
page read and write
9C4000
heap
page read and write
4ACF000
stack
page read and write
4860000
direct allocation
page read and write
4621000
heap
page read and write
874000
heap
page read and write
4761000
heap
page read and write
4761000
heap
page read and write
4D40000
direct allocation
page execute and read and write
2438000
heap
page read and write
D7E000
stack
page read and write
69A0000
heap
page read and write
4AE1000
heap
page read and write
DB0000
heap
page read and write
4860000
direct allocation
page read and write
22BA000
direct allocation
page read and write
456E000
stack
page read and write
4F5E000
stack
page read and write
3A7F000
stack
page read and write
4761000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
DE3000
stack
page read and write
423E000
stack
page read and write
400000
unkown
page readonly
4635000
heap
page read and write
34AE000
heap
page read and write
257B000
heap
page read and write
10D4000
heap
page read and write
7FF000
stack
page read and write
2BDF000
stack
page read and write
9B000
stack
page read and write
874000
heap
page read and write
1D732000
heap
page read and write
3AAF000
stack
page read and write
4D60000
direct allocation
page execute and read and write
8C5000
unkown
page execute and read and write
2478000
heap
page read and write
A5E000
heap
page read and write
2438000
heap
page read and write
2308000
direct allocation
page read and write
4D3F000
stack
page read and write
4AE1000
heap
page read and write
7FFAA9290000
trusted library allocation
page execute and read and write
2465000
heap
page read and write
1D733000
heap
page read and write
4761000
heap
page read and write
2386B000
heap
page read and write
6CF6F000
unkown
page readonly
750000
heap
page read and write
1D1DE000
stack
page read and write
230E0674000
heap
page read and write
23F1000
heap
page read and write
874000
heap
page read and write
2A5B000
stack
page read and write
9C4000
heap
page read and write
4D90000
direct allocation
page execute and read and write
2641000
heap
page read and write
1D700000
heap
page read and write
4D70000
direct allocation
page execute and read and write
4DF1000
heap
page read and write
874000
heap
page read and write
2970000
direct allocation
page read and write
25AE000
heap
page read and write
10D4000
heap
page read and write
9C4000
heap
page read and write
361E000
stack
page read and write
53D0000
direct allocation
page execute and read and write
6CFAE000
unkown
page read and write
874000
heap
page read and write
9C6000
heap
page read and write
9E0000
heap
page read and write
874000
heap
page read and write
2BEE000
stack
page read and write
2606000
heap
page read and write
874000
heap
page read and write
8C7000
unkown
page execute and write copy
4750000
heap
page read and write
2316000
direct allocation
page read and write
2730000
heap
page read and write
39AE000
stack
page read and write
2438000
heap
page read and write
FD58BB7000
stack
page read and write
51A000
unkown
page readonly
874000
heap
page read and write
1D727000
heap
page read and write
4761000
heap
page read and write
2478000
heap
page read and write
4760000
heap
page read and write
2CFE000
stack
page read and write
874000
heap
page read and write
1D72C000
heap
page read and write
230C8601000
trusted library allocation
page read and write
4761000
heap
page read and write
2579000
heap
page read and write
36EF000
stack
page read and write
325F000
stack
page read and write
10D4000
heap
page read and write
1D724000
heap
page read and write
875000
heap
page read and write
1D71B000
heap
page read and write
3A2E000
stack
page read and write
874000
heap
page read and write
4AE1000
heap
page read and write
FD58CB7000
stack
page read and write
874000
heap
page read and write
451E000
stack
page read and write
FD58A7E000
stack
page read and write
2244000
direct allocation
page read and write
5F35000
heap
page read and write
874000
heap
page read and write
7FFAA93F0000
trusted library allocation
page read and write
25D2000
heap
page read and write
E4C000
heap
page read and write
540000
heap
page read and write
A76000
heap
page read and write
4D80000
direct allocation
page execute and read and write
ABE000
stack
page read and write
4AE1000
heap
page read and write
7FFAA91D2000
trusted library allocation
page read and write
305A000
stack
page read and write
47EE000
stack
page read and write
97A000
heap
page read and write
21A6000
direct allocation
page read and write
25A1000
heap
page read and write
FD588FD000
stack
page read and write
AC0000
direct allocation
page read and write
4761000
heap
page read and write
4761000
heap
page read and write
9BD000
heap
page read and write
2236000
direct allocation
page read and write
3430000
heap
page read and write
22C1000
direct allocation
page read and write
875000
heap
page read and write
246E000
heap
page read and write
8FE000
stack
page read and write
2131000
direct allocation
page read and write
4AE1000
heap
page read and write
4D80000
direct allocation
page execute and read and write
249F000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
2F0E000
stack
page read and write
9C4000
heap
page read and write
246E000
heap
page read and write
10D4000
heap
page read and write
5430000
direct allocation
page execute and read and write
230C6890000
trusted library allocation
page read and write
397E000
stack
page read and write
4DA0000
direct allocation
page execute and read and write
A00000
heap
page read and write
1D732000
heap
page read and write
386E000
stack
page read and write
25DF000
heap
page read and write
230C876D000
trusted library allocation
page read and write
230C864E000
trusted library allocation
page read and write
469000
unkown
page write copy
AAF000
unkown
page execute and read and write
4621000
heap
page read and write
9CF000
heap
page read and write
8FF000
stack
page read and write
9EF000
stack
page read and write
2200000
heap
page read and write
402F000
stack
page read and write
5B0000
unkown
page read and write
4D60000
direct allocation
page execute and read and write
44AF000
stack
page read and write
875000
heap
page read and write
7FFAA93C0000
trusted library allocation
page execute and read and write
23790000
heap
page read and write
37FF000
stack
page read and write
9E6000
heap
page read and write
24F1000
heap
page read and write
10D4000
heap
page read and write
249F000
heap
page read and write
9C6000
heap
page read and write
9BD000
heap
page read and write
874000
heap
page read and write
10D4000
heap
page read and write
2627000
heap
page read and write
9CA000
heap
page read and write
23813000
heap
page read and write
4AE1000
heap
page read and write
23F1000
heap
page read and write
4761000
heap
page read and write
224C000
direct allocation
page read and write
230C8EBB000
trusted library allocation
page read and write
2457000
heap
page read and write
2457000
heap
page read and write
23F1000
heap
page read and write
230C861B000
trusted library allocation
page read and write
7FFB0D748000
unkown
page write copy
1D729000
heap
page read and write
4D80000
direct allocation
page execute and read and write
21C1000
direct allocation
page read and write
25EA000
heap
page read and write
2A70000
heap
page read and write
15E0000
direct allocation
page read and write
10D4000
heap
page read and write
23A50000
heap
page read and write
4761000
heap
page read and write
4761000
heap
page read and write
3C2E000
stack
page read and write
7A1000
heap
page read and write
230E063C000
heap
page read and write
4BE0000
trusted library allocation
page read and write
874000
heap
page read and write
9C4000
heap
page read and write
C55000
unkown
page execute and read and write
874000
heap
page read and write
A7E000
stack
page read and write
5130000
direct allocation
page execute and read and write
35AF000
stack
page read and write
244D000
heap
page read and write
238A0000
trusted library allocation
page read and write
50BF000
stack
page read and write
2438000
heap
page read and write
9B5000
heap
page read and write
1D750000
heap
page read and write
249F000
heap
page read and write
510000
heap
page read and write
4AE1000
heap
page read and write
4DE0000
direct allocation
page execute and read and write
38EE000
stack
page read and write
4E00000
direct allocation
page execute and read and write
56CE000
stack
page read and write
874000
heap
page read and write
244D000
heap
page read and write
2ABD000
stack
page read and write
41E000
unkown
page write copy
25EC000
heap
page read and write
1D72A000
heap
page read and write
FB5000
unkown
page execute and read and write
23F1000
heap
page read and write
299C000
heap
page read and write
259B000
heap
page read and write
5100000
direct allocation
page execute and read and write
2A30000
direct allocation
page execute and read and write
BD0000
heap
page read and write
3068000
heap
page read and write
3236000
heap
page read and write
230E08C0000
heap
page read and write
4761000
heap
page read and write
221F000
direct allocation
page read and write
475F000
stack
page read and write
257B000
heap
page read and write
1D41D000
stack
page read and write
2DB7000
heap
page read and write
21C9000
direct allocation
page read and write
249F000
heap
page read and write
97C000
heap
page read and write
382F000
stack
page read and write
4E20000
direct allocation
page execute and read and write
29AF000
stack
page read and write
90E000
heap
page read and write
4761000
heap
page read and write
3097000
heap
page read and write
30B000
stack
page read and write
7C4000
heap
page read and write
1D71B000
heap
page read and write
1D729000
heap
page read and write
9CF000
heap
page read and write
230C66CD000
heap
page read and write
25A1000
heap
page read and write
50D0000
heap
page read and write
4AE0000
heap
page read and write
25D2000
heap
page read and write
24F1000
heap
page read and write
4BDF000
stack
page read and write
25D2000
heap
page read and write
4761000
heap
page read and write
4BE0000
direct allocation
page execute and read and write
21B3000
heap
page read and write
1D750000
heap
page read and write
7FFAA93D0000
trusted library allocation
page read and write
2A50000
heap
page read and write
35DF000
stack
page read and write
3CFF000
stack
page read and write
22EB000
direct allocation
page read and write
63BB000
stack
page read and write
4DA0000
direct allocation
page execute and read and write
21E5000
direct allocation
page read and write
23F1000
heap
page read and write
67C000
unkown
page execute and read and write
23F1000
heap
page read and write
5B60000
heap
page read and write
9CE000
heap
page read and write
505000
unkown
page read and write
230C8722000
trusted library allocation
page read and write
7EA000
heap
page read and write
2592000
heap
page read and write
245D000
heap
page read and write
1D04F000
stack
page read and write
2319000
direct allocation
page read and write
15DF000
stack
page read and write
7B0000
heap
page read and write
2438000
heap
page read and write
70A000
unkown
page execute and read and write
22CD000
direct allocation
page read and write
6FA000
heap
page read and write
1D734000
heap
page read and write
23F1000
heap
page read and write
3143000
heap
page read and write
6FE000
heap
page read and write
12FD000
stack
page read and write
230C68A0000
heap
page readonly
4AD0000
direct allocation
page read and write
333E000
stack
page read and write
4761000
heap
page read and write
4AE1000
heap
page read and write
2622000
heap
page read and write
2A57000
heap
page read and write
2438000
heap
page read and write
25E7000
heap
page read and write
9A2000
heap
page read and write
401000
unkown
page execute and write copy
469000
unkown
page write copy
2296000
direct allocation
page read and write
4AE1000
heap
page read and write
231D000
direct allocation
page read and write
25E8000
heap
page read and write
21F4000
direct allocation
page read and write
237B0000
heap
page read and write
483F000
stack
page read and write
4FE000
unkown
page read and write
10D4000
heap
page read and write
8EF000
stack
page read and write
10D4000
heap
page read and write
1D74D000
heap
page read and write
665000
unkown
page execute and read and write
2B00000
heap
page read and write
4AD0000
direct allocation
page read and write
223D000
direct allocation
page read and write
25A1000
heap
page read and write
2FDE000
stack
page read and write
1D71F000
heap
page read and write
2465000
heap
page read and write
A76000
heap
page read and write
3EAE000
stack
page read and write
34EF000
stack
page read and write
1D71B000
heap
page read and write
3061000
heap
page read and write
4AD0000
direct allocation
page read and write
46B000
unkown
page execute and read and write
1D71B000
heap
page read and write
30B9000
heap
page read and write
5A0000
heap
page read and write
4EF0000
trusted library allocation
page read and write
A60000
heap
page read and write
5DA000
heap
page read and write
AC0000
direct allocation
page read and write
4761000
heap
page read and write
10D4000
heap
page read and write
249D000
heap
page read and write
24A3000
heap
page read and write
AC0000
direct allocation
page read and write
874000
heap
page read and write
A7B000
heap
page read and write
4DB0000
direct allocation
page execute and read and write
3479000
heap
page read and write
321F000
stack
page read and write
3CAE000
stack
page read and write
3080000
heap
page read and write
874000
heap
page read and write
10D4000
heap
page read and write
5ECE000
stack
page read and write
750000
heap
page read and write
5280000
direct allocation
page read and write
9C4000
heap
page read and write
3EDE000
stack
page read and write
7FC000
unkown
page execute and read and write
245E000
heap
page read and write
242F000
heap
page read and write
7FE3E000
direct allocation
page read and write
241F000
heap
page read and write
315E000
heap
page read and write
70A000
unkown
page execute and read and write
6DE000
unkown
page execute and read and write
2C8F000
stack
page read and write
874000
heap
page read and write
230C8719000
trusted library allocation
page read and write
341E000
direct allocation
page read and write
2463000
heap
page read and write
5480000
direct allocation
page execute and read and write
7FFAA93A0000
trusted library allocation
page execute and read and write
44BE000
stack
page read and write
4621000
heap
page read and write
58E000
stack
page read and write
2438000
heap
page read and write
4AE1000
heap
page read and write
221C000
direct allocation
page read and write
4761000
heap
page read and write
874000
heap
page read and write
7FFAA9490000
trusted library allocation
page read and write
874000
heap
page read and write
22D5000
direct allocation
page read and write
4AE1000
heap
page read and write
FD5877E000
stack
page read and write
7FFAA9440000
trusted library allocation
page read and write
2592000
heap
page read and write
21B0000
heap
page read and write
1D728000
heap
page read and write
2223000
direct allocation
page read and write
4761000
heap
page read and write
245E000
heap
page read and write
2312000
direct allocation
page read and write
21FB000
direct allocation
page read and write
61EB7000
direct allocation
page readonly
429E000
stack
page read and write
9C4000
heap
page read and write
3061000
heap
page read and write
25C4000
heap
page read and write
2227000
direct allocation
page read and write
28A0000
heap
page read and write
2478000
heap
page read and write
4DD0000
direct allocation
page execute and read and write
316A000
heap
page read and write
25A1000
heap
page read and write
9B000
stack
page read and write
21D0000
direct allocation
page read and write
314C000
heap
page read and write
249B000
heap
page read and write
429000
unkown
page readonly
32AE000
stack
page read and write
1D727000
heap
page read and write
9C4000
heap
page read and write
249D000
heap
page read and write
1D73F000
heap
page read and write
874000
heap
page read and write
4761000
heap
page read and write
4AE1000
heap
page read and write
1D55C000
stack
page read and write
339E000
stack
page read and write
469000
unkown
page write copy
2438000
heap
page read and write
4780000
heap
page read and write
219D000
direct allocation
page read and write
4AD0000
direct allocation
page read and write
874000
heap
page read and write
E01000
unkown
page execute and read and write
461F000
stack
page read and write
230E07B6000
heap
page execute and read and write
21F0000
direct allocation
page read and write
2214000
direct allocation
page read and write
874000
heap
page read and write
41FE000
stack
page read and write
2610000
heap
page read and write
24F0000
heap
page read and write
15E0000
direct allocation
page read and write
244D000
heap
page read and write
4761000
heap
page read and write
4DEF000
stack
page read and write
400000
unkown
page read and write
F3E000
stack
page read and write
25FD000
heap
page read and write
A57000
heap
page read and write
245E000
heap
page read and write
21D1000
direct allocation
page read and write
7FFB0D591000
unkown
page execute read
874000
heap
page read and write
2CEE000
stack
page read and write
3D6D000
stack
page read and write
FD5897E000
stack
page read and write
230C871C000
trusted library allocation
page read and write
2463000
heap
page read and write
874000
heap
page read and write
4D6C000
stack
page read and write
8C5000
unkown
page execute and read and write
241D000
heap
page read and write
22BB000
direct allocation
page read and write
237F1000
heap
page read and write
7FFAA9400000
trusted library allocation
page read and write
23A9000
direct allocation
page read and write
4DE0000
direct allocation
page execute and read and write
230E0780000
heap
page execute and read and write
22C2000
direct allocation
page read and write
4AE1000
heap
page read and write
148E000
stack
page read and write
9C6000
heap
page read and write
9C4000
heap
page read and write
3D2F000
stack
page read and write
241A000
heap
page read and write
9C4000
heap
page read and write
5470000
direct allocation
page execute and read and write
229D000
direct allocation
page read and write
230C872D000
trusted library allocation
page read and write
2591000
heap
page read and write
4761000
heap
page read and write
241A000
heap
page read and write
1D73C000
heap
page read and write
54A0000
direct allocation
page execute and read and write
24F1000
heap
page read and write
3B1E000
stack
page read and write
A6C000
unkown
page execute and read and write
23B0000
direct allocation
page read and write
4AD0000
direct allocation
page read and write
473E000
stack
page read and write
230C6690000
heap
page read and write
1D729000
heap
page read and write
3406000
direct allocation
page read and write
4761000
heap
page read and write
237D1000
heap
page read and write
4761000
heap
page read and write
3E3F000
stack
page read and write
23A0E000
stack
page read and write
5280000
direct allocation
page read and write
230E08CF000
heap
page read and write
245E000
heap
page read and write
335F000
stack
page read and write
4621000
heap
page read and write
1D2DF000
stack
page read and write
3C6F000
stack
page read and write
2438000
heap
page read and write
25BD000
heap
page read and write
245F000
heap
page read and write
375F000
stack
page read and write
10D4000
heap
page read and write
4AE1000
heap
page read and write
2970000
direct allocation
page read and write
874000
heap
page read and write
4761000
heap
page read and write
9A2000
heap
page read and write
462000
unkown
page execute and read and write
230C65F0000
heap
page read and write
249F000
heap
page read and write
874000
heap
page read and write
875000
heap
page read and write
4860000
trusted library allocation
page read and write
2438000
heap
page read and write
34CA000
heap
page read and write
21D7000
direct allocation
page read and write
2405000
heap
page read and write
9B1000
heap
page read and write
2414000
heap
page read and write
2641000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
721000
unkown
page execute and read and write
2465000
heap
page read and write
415E000
stack
page read and write
50F0000
direct allocation
page execute and read and write
745000
heap
page read and write
249D000
heap
page read and write
2446000
heap
page read and write
9CF000
heap
page read and write
4860000
direct allocation
page read and write
2465000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
2BAD000
stack
page read and write
4761000
heap
page read and write
2F6F000
stack
page read and write
874000
heap
page read and write
874000
heap
page read and write
23F1000
heap
page read and write
9C4000
heap
page read and write
2FAE000
stack
page read and write
10D4000
heap
page read and write
230C8ADC000
trusted library allocation
page read and write
FD589FE000
stack
page read and write
230F000
direct allocation
page read and write
4AD0000
direct allocation
page read and write
385F000
stack
page read and write
7FFAA9280000
trusted library allocation
page read and write
4761000
heap
page read and write
22F4000
direct allocation
page read and write
A60000
heap
page read and write
1D72E000
heap
page read and write
8C7000
unkown
page execute and write copy
230C8B1A000
trusted library allocation
page read and write
4761000
heap
page read and write
22B3000
direct allocation
page read and write
CFD000
stack
page read and write
874000
heap
page read and write
4777000
heap
page read and write
AC0000
direct allocation
page read and write
230C6660000
heap
page read and write
4AE1000
heap
page read and write
2457000
heap
page read and write
4AE1000
heap
page read and write
245D000
heap
page read and write
10D0000
heap
page read and write
76F000
stack
page read and write
299E000
stack
page read and write
245E000
heap
page read and write
5450000
direct allocation
page execute and read and write
314D000
heap
page read and write
350E000
heap
page read and write
469000
unkown
page write copy
722000
unkown
page execute and write copy
11D6000
heap
page read and write
1D45D000
stack
page read and write
508000
unkown
page read and write
2405000
heap
page read and write
22ED000
direct allocation
page read and write
215D000
direct allocation
page read and write
AEF000
stack
page read and write
5120000
direct allocation
page execute and read and write
2465000
heap
page read and write
4761000
heap
page read and write
1D72B000
heap
page read and write
3430000
direct allocation
page read and write
313E000
heap
page read and write
A5B000
stack
page read and write
21FF000
direct allocation
page read and write
1153000
heap
page read and write
3606000
direct allocation
page read and write
874000
heap
page read and write
2220000
direct allocation
page read and write
9C4000
heap
page read and write
4761000
heap
page read and write
237D000
direct allocation
page read and write
40EF000
stack
page read and write
241B000
heap
page read and write
240E000
heap
page read and write
666000
heap
page read and write
3300000
direct allocation
page read and write
2DB0000
heap
page read and write
439F000
stack
page read and write
600000
heap
page read and write
4E10000
direct allocation
page execute and read and write
A99000
unkown
page execute and read and write
9B5000
heap
page read and write
613F000
stack
page read and write
462E000
stack
page read and write
245D000
heap
page read and write
5400000
direct allocation
page execute and read and write
4761000
heap
page read and write
76D000
heap
page read and write
2970000
direct allocation
page read and write
249D000
heap
page read and write
1D71B000
heap
page read and write
4D60000
direct allocation
page execute and read and write
2622000
heap
page read and write
6AE000
stack
page read and write
3B6E000
stack
page read and write
10D4000
heap
page read and write
466F000
stack
page read and write
5420000
direct allocation
page execute and read and write
21B4000
direct allocation
page read and write
1CF4E000
stack
page read and write
425F000
stack
page read and write
7FFAA91D4000
trusted library allocation
page read and write
23F1000
heap
page read and write
3E9F000
stack
page read and write
2438000
heap
page read and write
4761000
heap
page read and write
10D4000
heap
page read and write
874000
heap
page read and write
2DAE000
stack
page read and write
4D50000
direct allocation
page execute and read and write
1D71B000
heap
page read and write
1D72E000
heap
page read and write
11C7000
heap
page read and write
349F000
stack
page read and write
874000
heap
page read and write
2412000
heap
page read and write
B45000
heap
page read and write
230C6718000
heap
page read and write
36BF000
stack
page read and write
9B5000
heap
page read and write
70A000
unkown
page execute and read and write
2415000
heap
page read and write
2438000
heap
page read and write
5400000
direct allocation
page execute and read and write
874000
heap
page read and write
9C4000
heap
page read and write
7FFAA92B6000
trusted library allocation
page execute and read and write
9C4000
heap
page read and write
4761000
heap
page read and write
1D721000
heap
page read and write
509E000
stack
page read and write
23F1000
heap
page read and write
A68000
heap
page read and write
4BE0000
direct allocation
page execute and read and write
4AE1000
heap
page read and write
49CE000
stack
page read and write
874000
heap
page read and write
DC8000
heap
page read and write
2438000
heap
page read and write
249D000
heap
page read and write
7FFB0D694000
unkown
page read and write
245E000
heap
page read and write
2463000
heap
page read and write
7FA000
unkown
page write copy
2279000
direct allocation
page read and write
2465000
heap
page read and write
FD58F3B000
stack
page read and write
25DF000
heap
page read and write
401E000
stack
page read and write
1D733000
heap
page read and write
3154000
heap
page read and write
2333000
direct allocation
page read and write
AE0000
direct allocation
page read and write
4AD0000
direct allocation
page read and write
874000
heap
page read and write
10BF000
stack
page read and write
1D73D000
heap
page read and write
241A000
heap
page read and write
2410000
heap
page read and write
667000
heap
page read and write
230C6655000
heap
page read and write
608000
heap
page read and write
9C4000
heap
page read and write
33AF000
stack
page read and write
AC0000
direct allocation
page read and write
22D7000
direct allocation
page read and write
1D72F000
heap
page read and write
30EE000
stack
page read and write
2438000
heap
page read and write
25D2000
heap
page read and write
4650000
heap
page read and write
22AC000
direct allocation
page read and write
7C2000
heap
page read and write
4761000
heap
page read and write
3429000
direct allocation
page read and write
24AA000
heap
page read and write
9DF000
heap
page read and write
1D727000
heap
page read and write
362F000
stack
page read and write
3E6E000
stack
page read and write
2465000
heap
page read and write
874000
heap
page read and write
2A728000
heap
page read and write
2595000
heap
page read and write
31E7000
heap
page read and write
2463000
heap
page read and write
6CFB0000
unkown
page read and write
7D4000
heap
page read and write
1D735000
heap
page read and write
230C8B6D000
trusted library allocation
page read and write
23AB1000
heap
page read and write
874000
heap
page read and write
950000
heap
page read and write
23F1000
heap
page read and write
2580000
heap
page read and write
2C1E000
stack
page read and write
389F000
stack
page read and write
4DF1000
heap
page read and write
2172000
direct allocation
page read and write
874000
heap
page read and write
230E063E000
heap
page read and write
34B0000
direct allocation
page read and write
2324000
direct allocation
page read and write
11CB000
heap
page read and write
2302000
direct allocation
page read and write
1D735000
heap
page read and write
5F30000
heap
page read and write
2641000
heap
page read and write
7FFB0D695000
unkown
page readonly
2970000
direct allocation
page read and write
2164000
direct allocation
page read and write
85E000
stack
page read and write
2121000
direct allocation
page read and write
2DCA000
heap
page read and write
2AD0000
trusted library allocation
page read and write
798000
heap
page read and write
2181000
direct allocation
page read and write
4AE1000
heap
page read and write
30BF000
stack
page read and write
230D867F000
trusted library allocation
page read and write
A72000
heap
page read and write
3066000
heap
page read and write
2438000
heap
page read and write
281E000
stack
page read and write
3FEE000
stack
page read and write
249F000
heap
page read and write
24F1000
heap
page read and write
4761000
heap
page read and write
230A000
direct allocation
page read and write
1CF0F000
stack
page read and write
3430000
heap
page read and write
14D0000
heap
page read and write
25C2000
direct allocation
page read and write
339E000
stack
page read and write
7AA000
heap
page read and write
2581000
heap
page read and write
9A2000
heap
page read and write
874000
heap
page read and write
4761000
heap
page read and write
2446000
heap
page read and write
FD5990E000
stack
page read and write
417000
unkown
page write copy
25C3000
heap
page read and write
4761000
heap
page read and write
4AE1000
heap
page read and write
2F67000
heap
page read and write
9C4000
heap
page read and write
4761000
heap
page read and write
2DBB000
heap
page read and write
23F1000
heap
page read and write
4C50000
direct allocation
page execute and read and write
94E000
heap
page read and write
2205000
heap
page read and write
1D731000
heap
page read and write
3432000
heap
page read and write
230C6920000
trusted library allocation
page read and write
24F1000
heap
page read and write
25FB000
heap
page read and write
2465000
heap
page read and write
721000
unkown
page execute and read and write
9C4000
heap
page read and write
2AFE000
stack
page read and write
4DF0000
heap
page read and write
23B8000
direct allocation
page read and write
31FE000
stack
page read and write
230C8AAF000
trusted library allocation
page read and write
230E06EA000
heap
page read and write
AF0000
unkown
page read and write
43DE000
stack
page read and write
2591000
heap
page read and write
874000
heap
page read and write
7FFAA91D3000
trusted library allocation
page execute and read and write
3430000
heap
page read and write
2630000
heap
page read and write
1D31D000
stack
page read and write
223D000
direct allocation
page read and write
97B000
heap
page read and write
4AE1000
heap
page read and write
7FFB22760000
unkown
page readonly
64FE000
stack
page read and write
2409000
heap
page read and write
874000
heap
page read and write
27CC000
stack
page read and write
228D000
direct allocation
page read and write
7A8000
heap
page read and write
4761000
heap
page read and write
4AD0000
direct allocation
page read and write
248D000
direct allocation
page read and write
67AC000
stack
page read and write
4860000
trusted library allocation
page read and write
2438000
heap
page read and write
47AF000
stack
page read and write
5B7C000
stack
page read and write
440000
heap
page read and write
1D71B000
heap
page read and write
5FD000
unkown
page execute and read and write
3067000
heap
page read and write
260A000
heap
page read and write
875000
heap
page read and write
245E000
heap
page read and write
35BE000
stack
page read and write
2605000
heap
page read and write
7D32000
heap
page read and write
2438000
heap
page read and write
2252000
direct allocation
page read and write
737000
heap
page read and write
874000
heap
page read and write
249F000
heap
page read and write
4840000
heap
page read and write
23F1000
direct allocation
page read and write
15E0000
direct allocation
page read and write
9C4000
heap
page read and write
540000
heap
page read and write
425F000
stack
page read and write
2970000
direct allocation
page read and write
35FD000
direct allocation
page read and write
417000
unkown
page read and write
7FFAA9450000
trusted library allocation
page read and write
10D4000
heap
page read and write
765000
heap
page read and write
4761000
heap
page read and write
4BF0000
direct allocation
page execute and read and write
257D000
heap
page read and write
4CEE000
stack
page read and write
4C1C000
stack
page read and write
216B000
direct allocation
page read and write
15F0000
heap
page read and write
4761000
heap
page read and write
AC0000
direct allocation
page read and write
314F000
heap
page read and write
2573000
heap
page read and write
874000
heap
page read and write
2457000
heap
page read and write
118F000
stack
page read and write
2560000
heap
page read and write
874000
heap
page read and write
AC0000
direct allocation
page read and write
23890000
trusted library allocation
page read and write
1D71C000
heap
page read and write
874000
heap
page read and write
9B8000
heap
page read and write
52E1000
direct allocation
page read and write
874000
heap
page read and write
874000
heap
page read and write
4AE1000
heap
page read and write
33EE000
stack
page read and write
69A0000
heap
page read and write
FB7000
unkown
page execute and write copy
10D4000
heap
page read and write
874000
heap
page read and write
2465000
heap
page read and write
874000
heap
page read and write
2348000
direct allocation
page read and write
B59000
unkown
page write copy
9C4000
heap
page read and write
26F2000
heap
page read and write
795000
heap
page read and write
25A9000
heap
page read and write
2449000
heap
page read and write
4D30000
direct allocation
page execute and read and write
2CB8000
heap
page read and write
10D4000
heap
page read and write
2385000
direct allocation
page read and write
61ED3000
direct allocation
page read and write
4AE1000
heap
page read and write
15FE000
heap
page read and write
2231000
direct allocation
page read and write
442E000
stack
page read and write
578E000
stack
page read and write
2463000
heap
page read and write
7FFAA91EB000
trusted library allocation
page read and write
314A000
heap
page read and write
9C4000
heap
page read and write
30F5000
heap
page read and write
2463000
heap
page read and write
61E00000
direct allocation
page execute and read and write
4761000
heap
page read and write
249F000
heap
page read and write
220D000
direct allocation
page read and write
9C4000
heap
page read and write
309C000
heap
page read and write
44DF000
stack
page read and write
2ECE000
stack
page read and write
2A40000
heap
page read and write
874000
heap
page read and write
1050000
heap
page read and write
874000
heap
page read and write
8BC000
stack
page read and write
9DF000
heap
page read and write
11E3000
heap
page read and write
2970000
direct allocation
page read and write
4C40000
direct allocation
page execute and read and write
249F000
heap
page read and write
24F1000
heap
page read and write
242F000
heap
page read and write
2465000
heap
page read and write
244D000
heap
page read and write
11DC000
heap
page read and write
AC0000
direct allocation
page read and write
4AE2000
heap
page read and write
25C0000
direct allocation
page read and write
AC0000
direct allocation
page read and write
3105000
heap
page read and write
349F000
stack
page read and write
2419000
heap
page read and write
2E6E000
stack
page read and write
519F000
stack
page read and write
874000
heap
page read and write
24C8000
heap
page read and write
3159000
heap
page read and write
711000
unkown
page execute and read and write
6DE000
unkown
page execute and read and write
2D2E000
stack
page read and write
261F000
heap
page read and write
2363000
direct allocation
page read and write
874000
heap
page read and write
23F1000
heap
page read and write
15E0000
direct allocation
page read and write
25EB000
heap
page read and write
3472000
heap
page read and write
61ECC000
direct allocation
page read and write
2419000
heap
page read and write
2457000
heap
page read and write
1D711000
heap
page read and write
53E0000
direct allocation
page execute and read and write
48EF000
stack
page read and write
623F000
stack
page read and write
1D18F000
stack
page read and write
1D706000
heap
page read and write
22F9000
direct allocation
page read and write
375E000
stack
page read and write
23CD000
direct allocation
page read and write
874000
heap
page read and write
5FD000
unkown
page execute and read and write
4C00000
direct allocation
page read and write
34DE000
stack
page read and write
15E0000
direct allocation
page read and write
AAF000
unkown
page execute and write copy
417000
unkown
page read and write
10D4000
heap
page read and write
22DE000
direct allocation
page read and write
874000
heap
page read and write
1D72F000
heap
page read and write
3431000
heap
page read and write
E11000
unkown
page execute and read and write
9C0000
heap
page read and write
2438000
heap
page read and write
7FFAA91E0000
trusted library allocation
page read and write
4AE1000
heap
page read and write
A9C000
stack
page read and write
23D4000
direct allocation
page read and write
232C000
direct allocation
page read and write
3FAF000
stack
page read and write
31BF000
stack
page read and write
46B000
unkown
page execute and read and write
2F50000
heap
page read and write
2438000
heap
page read and write
24AA000
heap
page read and write
371F000
stack
page read and write
218F000
direct allocation
page read and write
874000
heap
page read and write
230C872A000
trusted library allocation
page read and write
874000
heap
page read and write
2406000
heap
page read and write
874000
heap
page read and write
6640000
heap
page read and write
259D000
heap
page read and write
5110000
direct allocation
page execute and read and write
222A000
direct allocation
page read and write
2FBF000
stack
page read and write
2619000
heap
page read and write
874000
heap
page read and write
2155000
direct allocation
page read and write
4C00000
direct allocation
page read and write
874000
heap
page read and write
1D70F000
heap
page read and write
3DAF000
stack
page read and write
874000
heap
page read and write
4C70000
direct allocation
page execute and read and write
2438000
heap
page read and write
10D4000
heap
page read and write
874000
heap
page read and write
76D000
heap
page read and write
3472000
heap
page read and write
10D4000
heap
page read and write
700C1000
unkown
page execute read
2438000
heap
page read and write
53BF000
stack
page read and write
23A10000
trusted library allocation
page read and write
AF0000
heap
page read and write
4F70000
direct allocation
page read and write
31EF000
stack
page read and write
472F000
stack
page read and write
1D735000
heap
page read and write
3496000
heap
page read and write
261F000
heap
page read and write
23816000
heap
page read and write
25BD000
heap
page read and write
2353000
direct allocation
page read and write
874000
heap
page read and write
FD58DBF000
stack
page read and write
261F000
heap
page read and write
874000
heap
page read and write
1D729000
heap
page read and write
1186000
heap
page read and write
230C6789000
heap
page read and write
3B2F000
stack
page read and write
245F000
heap
page read and write
10D4000
heap
page read and write
336E000
stack
page read and write
2C4E000
stack
page read and write
1D71B000
heap
page read and write
7DF449780000
trusted library allocation
page execute and read and write
257A000
heap
page read and write
505F000
stack
page read and write
9C4000
heap
page read and write
4AD0000
direct allocation
page read and write
2457000
heap
page read and write
4FBB000
stack
page read and write
245D000
heap
page read and write
2438000
heap
page read and write
249F000
heap
page read and write
230E0686000
heap
page read and write
9A2000
heap
page read and write
23F8000
direct allocation
page read and write
25A1000
heap
page read and write
15E0000
direct allocation
page read and write
108E000
stack
page read and write
2603000
heap
page read and write
24F1000
heap
page read and write
4AE1000
heap
page read and write
2970000
direct allocation
page read and write
874000
heap
page read and write
22A3000
direct allocation
page read and write
1340000
heap
page read and write
22FB000
direct allocation
page read and write
469000
unkown
page write copy
400000
unkown
page readonly
30A4000
heap
page read and write
21E9000
direct allocation
page read and write
AC0000
direct allocation
page read and write
230E07B0000
heap
page execute and read and write
1E0000
heap
page read and write
7B9000
heap
page read and write
4C41000
direct allocation
page read and write
4860000
direct allocation
page read and write
742000
heap
page read and write
1D72A000
heap
page read and write
4AE1000
heap
page read and write
4ADE000
stack
page read and write
246E000
heap
page read and write
401000
unkown
page execute read
61ED0000
direct allocation
page read and write
960000
heap
page read and write
400000
unkown
page readonly
24C8000
heap
page read and write
25A9000
heap
page read and write
4730000
heap
page read and write
2478000
heap
page read and write
21ED000
direct allocation
page read and write
503000
unkown
page read and write
3D9E000
stack
page read and write
4761000
heap
page read and write
406E000
stack
page read and write
3472000
heap
page read and write
1D750000
heap
page read and write
21DE000
direct allocation
page read and write
65FE000
stack
page read and write
874000
heap
page read and write
FD58D3E000
stack
page read and write
25A0000
heap
page read and write
246E000
heap
page read and write
315A000
heap
page read and write
AC0000
direct allocation
page read and write
7F4A000
heap
page read and write
1D733000
heap
page read and write
7FFAA94C0000
trusted library allocation
page read and write
874000
heap
page read and write
305F000
stack
page read and write
365E000
stack
page read and write
25A8000
heap
page read and write
23AB9000
heap
page read and write
874000
heap
page read and write
4AE3000
heap
page read and write
25DF000
heap
page read and write
2401000
heap
page read and write
2467000
heap
page read and write
9C4000
heap
page read and write
C56000
unkown
page execute and write copy
5DE000
heap
page read and write
1D750000
heap
page read and write
4DF1000
heap
page read and write
261F000
heap
page read and write
4860000
direct allocation
page read and write
1D72A000
heap
page read and write
25DF000
heap
page read and write
34E8000
heap
page read and write
385F000
stack
page read and write
4D80000
direct allocation
page execute and read and write
24C8000
heap
page read and write
2380000
direct allocation
page read and write
1D750000
heap
page read and write
25A6000
heap
page read and write
1D72E000
heap
page read and write
1D5FE000
stack
page read and write
2416000
heap
page read and write
352E000
stack
page read and write
1D71B000
heap
page read and write
43DE000
stack
page read and write
44DF000
stack
page read and write
24F1000
heap
page read and write
23F1000
heap
page read and write
25A1000
heap
page read and write
22A4000
direct allocation
page read and write
2147000
direct allocation
page read and write
25FE000
heap
page read and write
7FFAA93B2000
trusted library allocation
page read and write
77B000
heap
page read and write
25A4000
heap
page read and write
874000
heap
page read and write
9D8000
heap
page read and write
230E066E000
heap
page read and write
9C4000
heap
page read and write
3ADF000
stack
page read and write
2271000
direct allocation
page read and write
30DF000
stack
page read and write
230C8690000
trusted library allocation
page read and write
2321000
direct allocation
page read and write
2E5F000
stack
page read and write
4CAF000
stack
page read and write
1D750000
heap
page read and write
2970000
direct allocation
page read and write
4761000
heap
page read and write
233D000
direct allocation
page read and write
5400000
direct allocation
page execute and read and write
A5E000
heap
page read and write
2211000
direct allocation
page read and write
9B5000
heap
page read and write
588E000
stack
page read and write
8C7000
unkown
page execute and write copy
2438000
heap
page read and write
25D2000
heap
page read and write
2300000
direct allocation
page read and write
4F0B000
stack
page read and write
DCE000
unkown
page execute and read and write
10D4000
heap
page read and write
4D80000
direct allocation
page execute and read and write
2F5F000
stack
page read and write
3470000
heap
page read and write
7FFAA9410000
trusted library allocation
page read and write
2B30000
heap
page read and write
10D4000
heap
page read and write
230C8716000
trusted library allocation
page read and write
29DE000
stack
page read and write
2997000
heap
page read and write
5460000
direct allocation
page execute and read and write
7FFAA94D0000
trusted library allocation
page read and write
2530000
direct allocation
page execute and read and write
2612000
heap
page read and write
4AE1000
heap
page read and write
315A000
heap
page read and write
2336000
direct allocation
page read and write
426E000
stack
page read and write
2438000
heap
page read and write
462000
unkown
page execute and read and write
CEC000
stack
page read and write
322E000
stack
page read and write
10D4000
heap
page read and write
4C30000
direct allocation
page execute and read and write
505000
unkown
page read and write
7FFAA9480000
trusted library allocation
page read and write
AB0000
unkown
page execute and write copy
11D1000
heap
page read and write
15E0000
direct allocation
page read and write
361E000
stack
page read and write
28A7000
heap
page read and write
335F000
stack
page read and write
2DC0000
heap
page read and write
230C6780000
heap
page read and write
21D8000
direct allocation
page read and write
25CF000
heap
page read and write
230E08D4000
heap
page read and write
AA0000
unkown
page execute and read and write
3610000
direct allocation
page read and write
316F000
stack
page read and write
257C000
heap
page read and write
343F000
stack
page read and write
311E000
stack
page read and write
1D723000
heap
page read and write
5F0000
heap
page read and write
3061000
heap
page read and write
9C4000
heap
page read and write
11C6000
heap
page read and write
2CEF000
stack
page read and write
2EBF000
stack
page read and write
10D4000
heap
page read and write
2381C000
heap
page read and write
874000
heap
page read and write
9CF000
heap
page read and write
7FFAA94B0000
trusted library allocation
page read and write
3DEE000
stack
page read and write
2640000
heap
page read and write
2465000
heap
page read and write
110A000
heap
page read and write
4621000
heap
page read and write
2269000
direct allocation
page read and write
230C671B000
heap
page read and write
315C000
heap
page read and write
4AE1000
heap
page read and write
32F0000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
3066000
heap
page read and write
492E000
stack
page read and write
721000
unkown
page execute and write copy
874000
heap
page read and write
22F2000
direct allocation
page read and write
2438000
heap
page read and write
9AE000
stack
page read and write
9D0000
heap
page read and write
4850000
heap
page read and write
3F7F000
stack
page read and write
25DF000
heap
page read and write
2268000
direct allocation
page read and write
65E000
stack
page read and write
10D4000
heap
page read and write
7FFAA928C000
trusted library allocation
page execute and read and write
4761000
heap
page read and write
245E000
heap
page read and write
558C000
stack
page read and write
32FF000
stack
page read and write
9B6000
heap
page read and write
1D735000
heap
page read and write
9C4000
heap
page read and write
4761000
heap
page read and write
7FFAA9370000
trusted library allocation
page read and write
230C85F0000
heap
page read and write
DF8000
heap
page read and write
4D60000
direct allocation
page execute and read and write
25D2000
heap
page read and write
2463000
heap
page read and write
2438000
heap
page read and write
1D722000
heap
page read and write
5FD000
unkown
page execute and read and write
4AD0000
direct allocation
page read and write
295E000
stack
page read and write
1D735000
heap
page read and write
9FA000
heap
page read and write
230C8663000
trusted library allocation
page read and write
10D4000
heap
page read and write
2465000
heap
page read and write
2641000
heap
page read and write
257F000
heap
page read and write
230C65E0000
heap
page read and write
721000
unkown
page execute and read and write
3430000
heap
page read and write
2537000
heap
page read and write
15E0000
direct allocation
page read and write
228F000
direct allocation
page read and write
25BE000
heap
page read and write
10CE000
stack
page read and write
245E000
heap
page read and write
4BA0000
heap
page read and write
722000
unkown
page execute and write copy
9B5000
heap
page read and write
2209000
direct allocation
page read and write
3486000
heap
page read and write
249F000
heap
page read and write
245D000
heap
page read and write
4761000
heap
page read and write
433F000
stack
page read and write
9C4000
heap
page read and write
4D90000
direct allocation
page execute and read and write
61ECD000
direct allocation
page readonly
4761000
heap
page read and write
874000
heap
page read and write
1D750000
heap
page read and write
2390E000
stack
page read and write
2438000
heap
page read and write
9BD000
heap
page read and write
5AB000
stack
page read and write
1D733000
heap
page read and write
50D0000
direct allocation
page execute and read and write
389E000
stack
page read and write
A3E000
stack
page read and write
4AE1000
heap
page read and write
4761000
heap
page read and write
2F9F000
stack
page read and write
70152000
unkown
page readonly
346F000
stack
page read and write
874000
heap
page read and write
6DE000
unkown
page execute and read and write
4AE1000
heap
page read and write
1D733000
heap
page read and write
25F3000
heap
page read and write
1D734000
heap
page read and write
247E000
heap
page read and write
230E0680000
heap
page read and write
874000
heap
page read and write
50E0000
direct allocation
page execute and read and write
245E000
heap
page read and write
2438000
heap
page read and write
4AE1000
heap
page read and write
257B000
heap
page read and write
2261000
direct allocation
page read and write
4860000
direct allocation
page read and write
380000
heap
page read and write
4FA6000
direct allocation
page read and write
103F000
stack
page read and write
874000
heap
page read and write
4D60000
direct allocation
page execute and read and write
451E000
stack
page read and write
24A3000
heap
page read and write
230E0600000
heap
page read and write
9C4000
heap
page read and write
2372000
direct allocation
page read and write
50E000
unkown
page readonly
2ADB000
stack
page read and write
2262000
direct allocation
page read and write
3430000
heap
page read and write
EF0000
heap
page read and write
2209000
heap
page read and write
2196000
direct allocation
page read and write
4761000
heap
page read and write
469000
unkown
page write copy
5D30000
heap
page read and write
66E000
stack
page read and write
15E0000
direct allocation
page read and write
874000
heap
page read and write
40FD000
stack
page read and write
E09000
heap
page read and write
2644000
heap
page read and write
96000
stack
page read and write
5B0000
unkown
page readonly
874000
heap
page read and write
DEE000
stack
page read and write
246B000
heap
page read and write
10D4000
heap
page read and write
3C1F000
stack
page read and write
2179000
direct allocation
page read and write
B40000
heap
page read and write
4DF0000
direct allocation
page execute and read and write
332F000
stack
page read and write
4BE0000
direct allocation
page execute and read and write
1D0000
heap
page read and write
FD58673000
stack
page read and write
55E000
stack
page read and write
245E000
heap
page read and write
4761000
heap
page read and write
9BF000
heap
page read and write
10D4000
heap
page read and write
245D000
heap
page read and write
43AE000
stack
page read and write
874000
heap
page read and write
2F4E000
stack
page read and write
7FFAA9470000
trusted library allocation
page read and write
488E000
stack
page read and write
874000
heap
page read and write
4C60000
direct allocation
page execute and read and write
733000
heap
page read and write
10D4000
heap
page read and write
4DB0000
direct allocation
page execute and read and write
5B61000
heap
page read and write
4BE0000
direct allocation
page execute and read and write
2A5FC000
stack
page read and write
8AE000
stack
page read and write
4DD0000
direct allocation
page execute and read and write
5A30000
heap
page read and write
2457000
heap
page read and write
3D9E000
stack
page read and write
874000
heap
page read and write
23DC000
direct allocation
page read and write
230C8F81000
trusted library allocation
page read and write
230C6990000
heap
page read and write
25C7000
heap
page read and write
2210000
direct allocation
page read and write
D3D000
stack
page read and write
25C3000
heap
page read and write
348F000
heap
page read and write
30DF000
heap
page read and write
7FFB22780000
unkown
page read and write
34DE000
stack
page read and write
3ABE000
stack
page read and write
25C3000
heap
page read and write
10D4000
heap
page read and write
7B0000
heap
page read and write
874000
heap
page read and write
1D740000
heap
page read and write
5100000
direct allocation
page execute and read and write
4DF1000
heap
page read and write
2A40000
direct allocation
page execute and read and write
9C4000
heap
page read and write
4A2F000
stack
page read and write
230E06A8000
heap
page read and write
51DE000
stack
page read and write
249D000
heap
page read and write
61ED4000
direct allocation
page readonly
2457000
heap
page read and write
AC0000
direct allocation
page read and write
30B0000
heap
page read and write
627E000
stack
page read and write
2F60000
heap
page read and write
401000
unkown
page execute read
452F000
stack
page read and write
2465000
heap
page read and write
52BE000
stack
page read and write
3EEF000
stack
page read and write
3E9F000
stack
page read and write
3061000
heap
page read and write
874000
heap
page read and write
15E0000
direct allocation
page read and write
874000
heap
page read and write
7013D000
unkown
page readonly
4AE1000
heap
page read and write
4761000
heap
page read and write
24F1000
heap
page read and write
2343000
direct allocation
page read and write
1E6000
heap
page read and write
1D729000
heap
page read and write
25D2000
heap
page read and write
2E9E000
stack
page read and write
4AE1000
heap
page read and write
1D711000
heap
page read and write
1D72C000
heap
page read and write
1D731000
heap
page read and write
2226000
direct allocation
page read and write
4761000
heap
page read and write
994000
unkown
page execute and read and write
22C8000
direct allocation
page read and write
230C8730000
trusted library allocation
page read and write
340D000
direct allocation
page read and write
61E01000
direct allocation
page execute read
4860000
direct allocation
page read and write
25BD000
heap
page read and write
7FFB22785000
unkown
page readonly
A76000
heap
page read and write
3415000
direct allocation
page read and write
2438000
heap
page read and write
2438000
heap
page read and write
2CBF000
stack
page read and write
4761000
heap
page read and write
313C000
heap
page read and write
4AE1000
heap
page read and write
4761000
heap
page read and write
1D729000
heap
page read and write
370000
heap
page read and write
9C4000
heap
page read and write
3D3E000
stack
page read and write
1D820000
trusted library allocation
page read and write
3ADF000
stack
page read and write
2385F000
heap
page read and write
45EF000
stack
page read and write
3FBE000
stack
page read and write
4AE1000
heap
page read and write
2438000
heap
page read and write
240E000
heap
page read and write
7E2000
heap
page read and write
233A000
direct allocation
page read and write
4A6E000
stack
page read and write
4D80000
direct allocation
page execute and read and write
A5E000
heap
page read and write
874000
heap
page read and write
2271000
direct allocation
page read and write
249B000
heap
page read and write
10D4000
heap
page read and write
2465000
heap
page read and write
2570000
heap
page read and write
357F000
stack
page read and write
C5E000
stack
page read and write
249D000
heap
page read and write
3BBF000
stack
page read and write
2B00000
trusted library allocation
page read and write
230C6680000
trusted library section
page read and write
23F1000
heap
page read and write
7FFAA94F0000
trusted library allocation
page read and write
2438000
heap
page read and write
4D60000
direct allocation
page execute and read and write
289E000
stack
page read and write
314D000
heap
page read and write
25E7000
heap
page read and write
59E000
stack
page read and write
900000
heap
page read and write
3618000
direct allocation
page read and write
248B000
heap
page read and write
315D000
heap
page read and write
399F000
stack
page read and write
3C5E000
stack
page read and write
2634000
heap
page read and write
5410000
direct allocation
page execute and read and write
2A9F000
stack
page read and write
95C000
stack
page read and write
4621000
heap
page read and write
23F1000
heap
page read and write
4761000
heap
page read and write
4C80000
direct allocation
page execute and read and write
3160000
heap
page read and write
2433000
heap
page read and write
41C000
unkown
page read and write
230E06D7000
heap
page read and write
23AAF000
heap
page read and write
874000
heap
page read and write
874000
heap
page read and write
465E000
stack
page read and write
2C5F000
stack
page read and write
2278000
direct allocation
page read and write
371F000
stack
page read and write
4620000
heap
page read and write
2465000
heap
page read and write
9C4000
heap
page read and write
232F000
direct allocation
page read and write
747000
heap
page read and write
8D0000
heap
page read and write
874000
heap
page read and write
315E000
heap
page read and write
4AE1000
heap
page read and write
874000
heap
page read and write
2218000
direct allocation
page read and write
AF0000
unkown
page readonly
4761000
heap
page read and write
7D30000
heap
page read and write
2139000
direct allocation
page read and write
E11000
unkown
page execute and write copy
2280000
direct allocation
page read and write
2605000
heap
page read and write
2341000
direct allocation
page read and write
875000
heap
page read and write
4D64000
heap
page read and write
259E000
heap
page read and write
2244000
direct allocation
page read and write
1D71B000
heap
page read and write
24C8000
heap
page read and write
4760000
heap
page read and write
45BF000
stack
page read and write
1D72B000
heap
page read and write
4D60000
heap
page read and write
9C4000
heap
page read and write
34AE000
stack
page read and write
39EF000
stack
page read and write
23F1000
heap
page read and write
3AEE000
stack
page read and write
9C4000
heap
page read and write
33B0000
heap
page read and write
34B6000
heap
page read and write
2413000
heap
page read and write
249D000
heap
page read and write
A76000
heap
page read and write
114F000
heap
page read and write
4D1F000
stack
page read and write
4AFA000
heap
page read and write
4DC0000
direct allocation
page execute and read and write
64BC000
stack
page read and write
236E000
stack
page read and write
30AF000
stack
page read and write
314A000
heap
page read and write
874000
heap
page read and write
230C66A2000
heap
page read and write
DFA000
unkown
page execute and read and write
2571000
heap
page read and write
4D60000
direct allocation
page execute and read and write
4761000
heap
page read and write
4AD0000
direct allocation
page read and write
1D730000
heap
page read and write
7BF000
heap
page read and write
711000
unkown
page execute and read and write
2140000
direct allocation
page read and write
4761000
heap
page read and write
7CD000
heap
page read and write
23F1000
heap
page read and write
5B1000
unkown
page execute and write copy
2492000
direct allocation
page read and write
4AE1000
heap
page read and write
429E000
stack
page read and write
230E0BB0000
heap
page read and write
4761000
heap
page read and write
225A000
direct allocation
page read and write
7FFAA9420000
trusted library allocation
page read and write
4AD0000
direct allocation
page read and write
313A000
heap
page read and write
2990000
heap
page read and write
23E0000
heap
page read and write
3D5E000
stack
page read and write
1D750000
heap
page read and write
4BB0000
heap
page read and write
7F2C000
stack
page read and write
610000
heap
page read and write
14B0000
heap
page read and write
AFE000
stack
page read and write
2206000
direct allocation
page read and write
4F70000
direct allocation
page read and write
22C8000
direct allocation
page read and write
2417000
heap
page read and write
2420000
heap
page read and write
25ED000
heap
page read and write
2409000
heap
page read and write
22DC000
direct allocation
page read and write
B59000
unkown
page write copy
4860000
direct allocation
page read and write
7FA000
unkown
page read and write
3470000
heap
page read and write
4AE1000
heap
page read and write
3BEF000
stack
page read and write
874000
heap
page read and write
436F000
stack
page read and write
7FFAA9430000
trusted library allocation
page read and write
9C4000
heap
page read and write
874000
heap
page read and write
7FFAA9460000
trusted library allocation
page read and write
230C6610000
heap
page read and write
347E000
stack
page read and write
10D4000
heap
page read and write
313A000
heap
page read and write
874000
heap
page read and write
37AE000
stack
page read and write
238C000
direct allocation
page read and write
2400000
heap
page read and write
230D8673000
trusted library allocation
page read and write
9E2000
heap
page read and write
25F1000
heap
page read and write
2970000
direct allocation
page read and write
96000
stack
page read and write
721000
unkown
page execute and write copy
2202000
direct allocation
page read and write
4761000
heap
page read and write
637F000
stack
page read and write
874000
heap
page read and write
2970000
direct allocation
page read and write
4B6F000
stack
page read and write
6CFAF000
unkown
page write copy
2463000
heap
page read and write
4640000
heap
page read and write
874000
heap
page read and write
4AE1000
heap
page read and write
230C66EE000
heap
page read and write
DF2000
heap
page read and write
2591000
heap
page read and write
4860000
direct allocation
page read and write
AC0000
direct allocation
page read and write
3469000
heap
page read and write
25AA000
heap
page read and write
9DF000
heap
page read and write
14D6000
heap
page read and write
422F000
stack
page read and write
412E000
stack
page read and write
5E7000
unkown
page execute and read and write
There are 2231 hidden memdumps, click here to show them.