IOC Report
peugeot_update.exe

loading gif

Files

File Path
Type
Category
Malicious
peugeot_update.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
initial sample
C:\Users\user\AppData\Local\Programs\Peugeot Update\LICENSE.electron.txt
ASCII text
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\LICENSES.chromium.html
HTML document, ASCII text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\chrome_100_percent.pak
data
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\chrome_200_percent.pak
data
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\d3dcompiler_47.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\ffmpeg.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\icudtl.dat
data
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\install.log
data
modified
C:\Users\user\AppData\Local\Programs\Peugeot Update\libEGL.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\Peugeot Update\libGLESv2.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\0810531b-bb93-4e0a-a79e-1cfed8eeaed9.tmp.ico
MS Windows icon resource - 7 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
dropped
C:\Users\user\AppData\Local\Temp\0f525b02-e5e7-4137-aee5-d94d99f8e59a.tmp.node
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\95924052-34c7-405e-b391-ecce9d390a1d.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 784831
modified
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\LICENSE.electron.txt
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\LICENSES.chromium.html
HTML document, ASCII text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\Peugeot Update.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\bin\fat32format.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\chrome_100_percent.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\chrome_200_percent.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\d3dcompiler_47.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\ffmpeg.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\icudtl.dat
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\libEGL.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\libGLESv2.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\af.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\am.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ar.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\bg.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\bn.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ca.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\cs.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\da.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\de.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\el.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\en-GB.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\en-US.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\es-419.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\es.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\et.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\fa.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\fi.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\fil.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\fr.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\gu.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\he.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\hi.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\hr.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\hu.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\id.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\it.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ja.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\kn.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ko.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\lt.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\lv.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ml.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\mr.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ms.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\nb.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\nl.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\pl.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\pt-BR.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\pt-PT.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ro.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ru.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\sk.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\sl.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\sr.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\sv.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\sw.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ta.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\te.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\th.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\tr.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\uk.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\ur.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\vi.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\zh-CN.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\locales\zh-TW.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\proxy.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\resources.pak
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\resources\app-update.yml
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\resources\app.asar
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\resources\elevate.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\snapshot_blob.bin
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\v8_context_snapshot.bin
data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\vk_swiftshader.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\vk_swiftshader_icd.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\7z-out\vulkan-1.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\StdUtils.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\System.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\UAC.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\app-64.7z
7-zip archive data, version 0.4
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\modern-wizard.bmp
PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154490, resolution 11808 x 11808 px/m, cbSize 154544, bits offset 54
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\nsDialogs.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\nsExec.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsi2C55.tmp\nsis7z.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.acl
Unicode text, UTF-16, little-endian text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.dic
Unicode text, UTF-16, little-endian text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.exc
Unicode text, UTF-16, little-endian text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\.updaterId
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\64f62a71-31f2-4653-b085-c26b738936c6.tmp
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\66ce20cd-32ef-4c34-b634-7400304bac50.tmp
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Cache\Cache_Data\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Cache\Cache_Data\data_2
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Cache\Cache_Data\data_3
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Cache\Cache_Data\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\js\index
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\wasm\index
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\wasm\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Code Cache\wasm\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\DawnCache\data_3
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\GPUCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\GPUCache\data_2
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\GPUCache\data_3
data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\GPUCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Local Storage\leveldb\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Local Storage\leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Local Storage\leveldb\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Network\84eb0999-8b19-4d8a-9b10-bd231e9d6755.tmp
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Network\Network Persistent State~RF460c30.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Network\b7bf5a7d-b66e-469a-a3c9-30341c32834c.tmp
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\Preferences~RF450a51.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\config.json
JSON data
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\d5386c73-1e7e-4c0d-9157-6a50b87e6d9f.tmp
JSON data
modified
C:\Users\user\AppData\Roaming\Peugeot Update\downloadPath.txt
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\Peugeot Update\log.log
ASCII text, with CRLF line terminators
dropped
There are 131 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\peugeot_update.exe
"C:\Users\user\Desktop\peugeot_update.exe"
 malicious
C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe
"C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe"
malicious
C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe
"C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\Peugeot Update" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1676 --field-trial-handle=1852,i,572648558980708836,18132477583015397966,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
malicious
C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe
"C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\Peugeot Update" --mojo-platform-channel-handle=2008 --field-trial-handle=1852,i,572648558980708836,18132477583015397966,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
malicious
C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe
"C:\Users\user\AppData\Local\Programs\Peugeot Update\Peugeot Update.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\Peugeot Update" --app-path="C:\Users\user\AppData\Local\Programs\Peugeot Update\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --time-ticks-at-unix-epoch=-1711615653132558 --launch-time-ticks=4513447125 --mojo-platform-channel-handle=2216 --field-trial-handle=1852,i,572648558980708836,18132477583015397966,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Peugeot Update.exe" | %SYSTEMROOT%\System32\find.exe "Peugeot Update.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\tasklist.exe
tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq Peugeot Update.exe"
C:\Windows\SysWOW64\find.exe
C:\Windows\System32\find.exe "Peugeot Update.exe"
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE

URLs

Name
IP
Malicious
https://github.com/lgeiger/node-abi/issues/54
unknown
https://tartarus.org/~simon/putty-prerel-snapshots/htmldoc/AppendixC.html
unknown
https://url.spec.whatwg.org/#concept-url-origin
unknown
https://raw.githubusercontent.com/fb55/entities/867ac709ba482a56a98b7c35f49ca833c74dc193/src/
unknown
https://fr.search.yahoo.com/favicon.ico
unknown
https://support.google.com/chrome/answer/6098869
unknown
https://chrome.google.com/webstore?hl=ms&category=theme81https://myactivity.google.com/myactivity/?u
unknown
https://anglebug.com/7382
unknown
https://github.com/v8/v8/wiki/Embedder%27s%20Guide#handles-and-garbage-collection).
unknown
https://v8docs.nodesource.com/node-8.16/de/d73/classv8_1_1_non_copyable_persistent_traits.html)
unknown
https://github.com/nodejs/string_decoder
unknown
https://crbug.com/dawn/402
unknown
http://i.wp.pl/a/i/stg/500/favicon.icohttp://szukaj.wp.pl/szukaj.html?q=
unknown
https://suggestplugin.gmx.co.uk/s?q=
unknown
http://www.search.delta-search.com/?q=
unknown
https://github.com/kkoopa
unknown
https://tc39.github.io/ecma262/#sec-%iteratorprototype%-object
unknown
https://wicg.github.io/entries-api/#dom-htmlinputelement-webkitdirectory).
unknown
https://www.givero.com/suggest?q=
unknown
https://github.com/ChALkeR
unknown
http://anglebug.com/4722forceRobustResourceInitForce-enable
unknown
http://anglebug.com/6929
unknown
https://openjsf.org/
unknown
https://v8docs.nodesource.com/node-8.16/db/d85/classv8_1_1_object.html#af743b7ea132b89f84d34d164d066
unknown
https://dk.search.yahoo.com/favicon.icohttps://dk.search.yahoo.com/search
unknown
https://github.com/ahmadnassri/har-schema.git
unknown
http://l.twimg.com/i/hpkp_report
unknown
http://www.conduit.com/favicon.ico
unknown
https://anglebug.com/7369
unknown
https://bit.ly/3rpDuEX.
unknown
https://crbug.com/593024
unknown
http://www.midnight-commander.org/browser/lib/tty/key.c
unknown
https://crbug.com/tint.
unknown
https://vn.search.yahoo.com/search
unknown
http://www.yaml.org/spec/1.2/spec.html#id2804923
unknown
https://github.com/KhronosGroup/SPIRV-Headers.git
unknown
http://lynx.isc.org/current/breakout/lynx_help/keystrokes/environments.html)
unknown
https://chrome.google.com/webstore?hl=en-GB&category=theme81https://myactivity.google.com/myactivity
unknown
https://issuetracker.google.com/161903006
unknown
http://www1.delta-search.com/?q=
unknown
https://buscador.terra.com.ar/Default.aspx?source=Search&ca=s&query=
unknown
https://crbug.com/1060012
unknown
http://stackoverflow.com/a/1068308/13216
unknown
https://v8docs.nodesource.com/node-8.16/db/d85/classv8_1_1_object.html#ab7a92b4dcf822bef72f6c0ac6fea
unknown
http://anglebug.com/4722
unknown
https://www.yandex.by/chrome/newtab
unknown
https://gitter.im/form-data/form-data)
unknown
https://wombat-dressing-room.appspot.com
unknown
https://crbug.com/dawn/1071
unknown
https://github.com/angular/zone.js/issues/836
unknown
https://go.mail.ru/chrome/newtab/
unknown
http://www.neti.ee/cgi-bin/otsing?query=
unknown
https://bugs.chromium.org/p/dawn/issues/detail?id=434timestamp-querySupport
unknown
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/map)
unknown
https://github.com/blueimp/JavaScript-MD5
unknown
https://bugs.chromium.org/p/dawn/issues/detail?id=690
unknown
http://anglebug.com/3862
unknown
https://ph.search.yahoo.com/favicon.icohttps://ph.search.yahoo.com/search
unknown
https://oceanhero.today/web?q=
unknown
https://issuetracker.google.com/issues/166475273
unknown
https://github.com/WICG/construct-stylesheets/issues/119#issuecomment-588352418.
unknown
https://v8docs.nodesource.com/node-8.16/da/d6f/classv8_1_1_j_s_o_n.html#a936310d2540fb630ed37d3ee3ff
unknown
http://mths.be/fromcodepoint
unknown
https://tc39.github.io/ecma262/#sec-object.prototype.tostring
unknown
https://url.spec.whatwg.org/#urlsearchparams
unknown
https://crbug.com/v8/8520
unknown
https://github.com/nodejs/nan#wg-members--collaborators
unknown
https://dejavu-fonts.github.io/Download.html
unknown
https://github.com/rvagg/isstream.git
unknown
https://pagure.io/lohit
unknown
https://in.search.yahoo.com/search
unknown
https://github.com/sponsors/feross
unknown
http://cr.yp.to/djb.html
unknown
https://github.com/xamarin)
unknown
http://arianna.libero.it/search/abin/integrata.cgi?query=
unknown
https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.htmlattribution
unknown
http://www.cnri.reston.va.us)
unknown
https://github.com/web-animations/web-animations-js
unknown
https://ar.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://hackage.haskell.org/package/base/docs/Data-Maybe.html.
unknown
https://www.yandex.ua/chrome/newtab
unknown
https://id.search.yahoo.com/favicon.ico
unknown
https://search.naver.com/search.naver?ie=
unknown
http://anglebug.com/2517
unknown
http://buscador.terra.es/Default.aspx?source=Search&ca=s&query=
unknown
https://search.yahoo.co.jp/search
unknown
http://nl.softonic.com/s/
unknown
https://au.search.yahoo.com/favicon.ico
unknown
https://github.com/develar/lazy-val
unknown
https://tc39.github.io/ecma262/#sec-%typedarray%.of
unknown
https://bugs.chromium.org/p/v8/issues/detail?id=10201
unknown
http://crbug.com/941620allowTranslateUniformBlockToStructuredBufferThere
unknown
http://www.yhs.delta-search.com/home?q=
unknown
https://en.softonic.com/s/
unknown
http://anglebug.com/3832
unknown
https://github.com/bagder/curl/blob/6beb0eee/lib/http.c#L710
unknown
https://github.com/reactivex/rxjs.git
unknown
https://sp.ask.com/sh/i/a16/favicon/favicon.ico
unknown
http://pesquisa.sapo.pt/livesapo?q=
unknown
https://crbug.com/dawn/434
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
172.64.41.3
d1tik0o5ahgjm.cloudfront.net
18.165.94.225

IPs

IP
Domain
Country
Malicious
18.165.94.225
d1tik0o5ahgjm.cloudfront.net
United States
172.64.41.3
chrome.cloudflare-dns.com
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
InstallLocation
HKEY_CURRENT_USER\SOFTWARE\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
KeepShortcuts
HKEY_CURRENT_USER\SOFTWARE\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
ShortcutName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
QuietUninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
DisplayIcon
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
Publisher
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46cf01d6-a405-5b47-a44f-4dd61ad5f7c2
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000070496
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
There are 136 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
C891000
unkown
page read and write
33E0000
heap
page read and write
7FF7DC020000
unkown
page readonly
B4D0000
unkown
page readonly
CA4E000
unkown
page read and write
4986000
unkown
page read and write
9BB2000
unkown
page read and write
1250000
unkown
page read and write
21A0000
heap
page read and write
7FF7E2AA7000
unkown
page execute read
7FF7E3F4F000
unkown
page readonly
7D3E000
stack
page read and write
2EF1000
heap
page read and write
58A0000
direct allocation
page read and write
7FF5D770F000
unkown
page readonly
7B60000
unkown
page readonly
672000
heap
page read and write
A40E000
unkown
page read and write
2EF1000
heap
page read and write
2EF1000
heap
page read and write
278D000
heap
page read and write
4B61000
heap
page read and write
2EF1000
heap
page read and write
5360000
heap
page read and write
7FF5D7385000
unkown
page readonly
2F31000
heap
page read and write
19A000
stack
page read and write
BEA0000
unkown
page readonly
7FF7DDE21000
unkown
page execute read
5479000
unkown
page read and write
7DF4F2491000
unkown
page execute read
8F50000
unkown
page read and write
7FF5D69BB000
unkown
page readonly
25EE000
stack
page read and write
4E9D000
stack
page read and write
9ABD000
unkown
page read and write
2F31000
heap
page read and write
98FD000
stack
page read and write
9AAA000
unkown
page read and write
7FF5D77B6000
unkown
page readonly
A28D000
unkown
page read and write
7FF5D7289000
unkown
page readonly
754A000
direct allocation
page read and write
AA40000
unkown
page read and write
2DB0000
heap
page read and write
1170D000
stack
page read and write
11A0E000
stack
page read and write
3110000
unkown
page readonly
2EF1000
heap
page read and write
11B8D000
stack
page read and write
C7C6000
unkown
page read and write
2EEB000
heap
page read and write
75E0000
unkown
page read and write
2EC3000
heap
page read and write
35CD000
unkown
page read and write
7FF5D6AB6000
unkown
page readonly
3400000
heap
page read and write
2EE2000
heap
page read and write
7FF5D772C000
unkown
page readonly
3160000
unkown
page read and write
59A0000
direct allocation
page read and write
362A000
unkown
page read and write
A251000
unkown
page read and write
2F31000
heap
page read and write
7FF5D77DA000
unkown
page readonly
7FF5D738E000
unkown
page readonly
F13000
heap
page read and write
697000
heap
page read and write
7FF5D7593000
unkown
page readonly
7DD0000
heap
page read and write
BF3E000
stack
page read and write
2C9B000
stack
page read and write
54A1000
heap
page read and write
9A94000
unkown
page read and write
C653000
unkown
page read and write
3260000
unkown
page read and write
CAFB000
unkown
page read and write
C609000
unkown
page read and write
29DE000
stack
page read and write
38C0000
heap
page read and write
4AA0000
heap
page read and write
7FF7DC020000
unkown
page readonly
7609000
unkown
page read and write
7FF5D77A8000
unkown
page readonly
22A0000
heap
page read and write
7FF5D72BF000
unkown
page readonly
68F000
heap
page read and write
35C1000
unkown
page read and write
342D000
heap
page read and write
53A0000
heap
page read and write
7FF5D7591000
unkown
page readonly
26FE000
stack
page read and write
71E0000
direct allocation
page read and write
7FF5D75F9000
unkown
page readonly
2F31000
heap
page read and write
7FF5D7202000
unkown
page readonly
1390000
heap
page read and write
7C90000
unkown
page read and write
F434000
unkown
page read and write
432000
unkown
page read and write
215C000
stack
page read and write
7FF5D762F000
unkown
page readonly
A0AA000
stack
page read and write
96000
stack
page read and write
C24E000
stack
page read and write
6D7F000
direct allocation
page read and write
7FF5D72DF000
unkown
page readonly
91F0000
unkown
page readonly
2F31000
heap
page read and write
7FF5D66E8000
unkown
page readonly
7FF7DD421000
unkown
page execute read
7FF5D7292000
unkown
page readonly
9AB2000
unkown
page read and write
C61B000
unkown
page read and write
1395000
heap
page read and write
9A6A000
unkown
page read and write
7FF5D7546000
unkown
page readonly
688000
heap
page read and write
7FF7E3AB7000
unkown
page readonly
853B000
stack
page read and write
8360000
unkown
page read and write
7FF5D74C3000
unkown
page readonly
2F31000
heap
page read and write
408000
unkown
page readonly
2F31000
heap
page read and write
2EF1000
heap
page read and write
7584000
direct allocation
page read and write
3626000
unkown
page read and write
C5FD000
unkown
page read and write
4BA1000
heap
page read and write
8880000
unkown
page readonly
7FF5D7797000
unkown
page readonly
7E60000
unkown
page read and write
53E0000
heap
page read and write
27EF000
heap
page read and write
A1AF000
stack
page read and write
7FF5D743F000
unkown
page readonly
336D000
stack
page read and write
5568000
heap
page read and write
A33F000
unkown
page read and write
27E6000
heap
page read and write
52A1000
heap
page read and write
54E1000
heap
page read and write
383E000
stack
page read and write
CAE4000
unkown
page read and write
C47F000
unkown
page read and write
760D000
unkown
page read and write
9EB0000
unkown
page readonly
27ED000
heap
page read and write
7FF5D6BE4000
unkown
page readonly
7FF5D7267000
unkown
page readonly
C73E000
unkown
page read and write
7FF5D7745000
unkown
page readonly
7FF5D710B000
unkown
page readonly
65E000
heap
page read and write
2783000
heap
page read and write
33B0000
unkown
page readonly
6A1000
heap
page read and write
2ED7000
heap
page read and write
C450000
unkown
page read and write
2F31000
heap
page read and write
7FF5D706E000
unkown
page readonly
7FF5D7309000
unkown
page readonly
2EF1000
heap
page read and write
277E000
heap
page read and write
AE1D000
stack
page read and write
4B20000
heap
page read and write
273F000
stack
page read and write
53E0000
heap
page read and write
7FF5D783B000
unkown
page readonly
2EF1000
heap
page read and write
1160000
unkown
page read and write
E4CC000
stack
page read and write
7FF5D717C000
unkown
page readonly
7FF7DE821000
unkown
page execute read
7E58000
stack
page read and write
9A92000
unkown
page read and write
2F31000
heap
page read and write
51A1000
heap
page read and write
F0C000
heap
page read and write
621000
heap
page read and write
7FF5CE33D000
unkown
page readonly
54A2000
heap
page read and write
75F8000
unkown
page read and write
7FF7E3AB7000
unkown
page readonly
33C0000
unkown
page read and write
9AA0000
unkown
page read and write
7FF5D7792000
unkown
page readonly
1160D000
stack
page read and write
CAB1000
unkown
page read and write
7B00000
unkown
page readonly
AA04000
unkown
page read and write
68A0000
direct allocation
page read and write
7FF5D720A000
unkown
page readonly
2EE2000
heap
page read and write
7FF5D76D7000
unkown
page readonly
7FF7DE821000
unkown
page execute read
7FF7DCA21000
unkown
page execute read
7FF5D6ABD000
unkown
page readonly
2F31000
heap
page read and write
35E4000
unkown
page read and write
29F0000
heap
page read and write
779E000
unkown
page read and write
49A8000
unkown
page read and write
7FF5D76D5000
unkown
page readonly
54E000
stack
page read and write
26EC000
stack
page read and write
9579000
stack
page read and write
4A40000
unkown
page read and write
279E000
heap
page read and write
B03B000
stack
page read and write
7FF5D7065000
unkown
page readonly
64B000
heap
page read and write
685000
heap
page read and write
2ECF000
heap
page read and write
BE90000
unkown
page read and write
C81C000
unkown
page read and write
7FF5D748A000
unkown
page readonly
2EF1000
heap
page read and write
A220000
unkown
page read and write
2F31000
heap
page read and write
1108E000
stack
page read and write
7C80000
unkown
page read and write
7DF4F2480000
unkown
page readonly
7DC0000
unkown
page readonly
663000
heap
page read and write
36FF000
unkown
page read and write
52E0000
heap
page read and write
7FF5D7404000
unkown
page readonly
2EC5000
heap
page read and write
7FF7DC021000
unkown
page execute read
9679000
stack
page read and write
341C000
heap
page read and write
68D000
heap
page read and write
8A46000
unkown
page read and write
7FF5D749B000
unkown
page readonly
B85A000
stack
page read and write
7FF7E16A7000
unkown
page execute read
3840000
heap
page read and write
7FF5D74A6000
unkown
page readonly
54A1000
heap
page read and write
7AF1000
unkown
page read and write
4B20000
heap
page read and write
A9DF000
unkown
page read and write
7FF5D7589000
unkown
page readonly
7FF5D7682000
unkown
page readonly
A233000
unkown
page read and write
2EF1000
heap
page read and write
7FF5D71DA000
unkown
page readonly
C9A7000
unkown
page read and write
7FF5CE343000
unkown
page readonly
7FF5D7639000
unkown
page readonly
7FF5D7485000
unkown
page readonly
99C0000
unkown
page read and write
7435000
stack
page read and write
2EF1000
heap
page read and write
7FF7DF221000
unkown
page execute read
2EF1000
heap
page read and write
52A1000
heap
page read and write
7FF5D75AF000
unkown
page readonly
F453000
unkown
page read and write
2ECA000
heap
page read and write
5360000
heap
page read and write
2EE2000
heap
page read and write
AA01000
unkown
page read and write
EB3000
stack
page read and write
F421000
unkown
page read and write
5565000
heap
page read and write
AA92000
unkown
page read and write
94AD000
stack
page read and write
A02E000
stack
page read and write
A286000
unkown
page read and write
C0BA000
stack
page read and write
637000
heap
page read and write
40A000
unkown
page write copy
11B0E000
stack
page read and write
33FC000
heap
page read and write
279B000
heap
page read and write
590000
heap
page read and write
2EF1000
heap
page read and write
7FF5D7272000
unkown
page readonly
7637000
unkown
page read and write
2F31000
heap
page read and write
C5F8000
unkown
page read and write
7FF5D7722000
unkown
page readonly
1000000
heap
page read and write
9A84000
unkown
page read and write
C61D000
unkown
page read and write
58E000
stack
page read and write
7FF5D6BEF000
unkown
page readonly
7FF7E16A7000
unkown
page execute read
105B3000
unkown
page read and write
7FF5D75EE000
unkown
page readonly
2EF1000
heap
page read and write
1118E000
stack
page read and write
4B21000
heap
page read and write
279B000
heap
page read and write
54E0000
heap
page read and write
AA17000
unkown
page read and write
769A000
unkown
page read and write
C4DC000
unkown
page read and write
9B41000
unkown
page read and write
5038000
heap
page read and write
7DF4F2471000
unkown
page execute read
8979000
unkown
page read and write
2EB3000
heap
page read and write
C908000
unkown
page read and write
5D61000
heap
page read and write
4541000
heap
page read and write
7DF4F2461000
unkown
page execute read
7FF5D72BD000
unkown
page readonly
8870000
unkown
page readonly
2EC0000
heap
page read and write
279F000
heap
page read and write
BFB8000
stack
page read and write
C806000
unkown
page read and write
7FF7E16A7000
unkown
page execute read
7FF5D72CE000
unkown
page readonly
5220000
heap
page read and write
35C9000
unkown
page read and write
7CB0000
unkown
page readonly
7FF5D75CB000
unkown
page readonly
8890000
unkown
page readonly
7FF7E3AA7000
unkown
page readonly
40A000
unkown
page read and write
6848000
direct allocation
page read and write
7FF5D740B000
unkown
page readonly
53E1000
unkown
page read and write
7FF5D72E9000
unkown
page readonly
1190C000
stack
page read and write
C65E000
unkown
page read and write
9AF9000
unkown
page read and write
7FF5D77C2000
unkown
page readonly
7FF7DD421000
unkown
page execute read
2768000
heap
page read and write
5221000
heap
page read and write
2EE0000
heap
page read and write
10572000
unkown
page read and write
7FF5D7703000
unkown
page readonly
A2A2000
unkown
page read and write
B980000
unkown
page readonly
694000
heap
page read and write
3100000
unkown
page read and write
59E0000
direct allocation
page read and write
C5F4000
unkown
page read and write
2EF1000
heap
page read and write
5CA1000
heap
page read and write
27E8000
heap
page read and write
7FF5D71EA000
unkown
page readonly
1E0000
heap
page read and write
7AE0000
unkown
page read and write
2EC9000
heap
page read and write
C4C6000
unkown
page read and write
7FF5D76CD000
unkown
page readonly
7FF7DF221000
unkown
page execute read
2EF1000
heap
page read and write
77DB000
unkown
page read and write
4A90000
unkown
page read and write
1057B000
unkown
page read and write
7FF5D7429000
unkown
page readonly
4AB0000
unkown
page read and write
E00000
unkown
page readonly
5CA1000
heap
page read and write
7FF5D75D9000
unkown
page readonly
7FF5D74B8000
unkown
page readonly
7FF5D7442000
unkown
page readonly
645000
heap
page read and write
7FF5D75BF000
unkown
page readonly
7FF7DF8A7000
unkown
page execute read
7FF7E02A7000
unkown
page execute read
5E61000
heap
page read and write
4BE0000
heap
page read and write
49BB000
unkown
page read and write
9AA8000
unkown
page read and write
2F31000
heap
page read and write
2F31000
heap
page read and write
7FF5D7407000
unkown
page readonly
4FD7000
heap
page read and write
12B0000
unkown
page read and write
262E000
stack
page read and write
2EB0000
heap
page read and write
927E000
stack
page read and write
4BA1000
heap
page read and write
F42D000
unkown
page read and write
7FF5D74F2000
unkown
page readonly
3120000
unkown
page read and write
C7BE000
unkown
page read and write
556E000
heap
page read and write
1148D000
stack
page read and write
624000
heap
page read and write
35B5000
unkown
page read and write
2F31000
heap
page read and write
556E000
heap
page read and write
9B0B000
unkown
page read and write
7FF5D73F5000
unkown
page readonly
2779000
heap
page read and write
7FF7E0CA7000
unkown
page execute read
684D000
direct allocation
page read and write
2EDD000
heap
page read and write
7FF5D7075000
unkown
page readonly
27F2000
heap
page read and write
7FF5D76C8000
unkown
page readonly
26BF000
stack
page read and write
1130E000
stack
page read and write
3630000
unkown
page readonly
4A12000
unkown
page read and write
2EC6000
heap
page read and write
22A4000
heap
page read and write
7FF5D75C1000
unkown
page readonly
697000
heap
page read and write
2ED0000
heap
page read and write
10634000
unkown
page read and write
2EF1000
heap
page read and write
A3B9000
unkown
page read and write
1F0000
heap
page read and write
4EC6000
heap
page read and write
4C22000
heap
page read and write
5120000
direct allocation
page read and write
2EC0000
unkown
page readonly
1140E000
stack
page read and write
2EF1000
heap
page read and write
BDC0000
unkown
page read and write
C46F000
unkown
page read and write
9E2E000
stack
page read and write
52A2000
heap
page read and write
BB9D000
stack
page read and write
5CA0000
heap
page read and write
C9CB000
unkown
page read and write
8F49000
stack
page read and write
677000
heap
page read and write
2F7E000
stack
page read and write
408000
unkown
page readonly
10589000
unkown
page read and write
1110E000
stack
page read and write
881B000
stack
page read and write
49FD000
unkown
page read and write
7FF5D7488000
unkown
page readonly
1178E000
stack
page read and write
7FF5D76F5000
unkown
page readonly
AA0C000
unkown
page read and write
7FF5D71AF000
unkown
page readonly
637000
heap
page read and write
2F6D000
stack
page read and write
1340000
unkown
page read and write
267E000
stack
page read and write
7FF5D77FD000
unkown
page readonly
7DF4F2460000
unkown
page readonly
2F30000
heap
page read and write
C605000
unkown
page read and write
13A0000
unkown
page readonly
7FF5D77E9000
unkown
page readonly
7618000
unkown
page read and write
7FF5D7450000
unkown
page readonly
7FF5D71A6000
unkown
page readonly
5D61000
heap
page read and write
7FF7E3AA7000
unkown
page readonly
2FF9000
stack
page read and write
7FF5D7262000
unkown
page readonly
5461000
heap
page read and write
5563000
heap
page read and write
7FF5D74A9000
unkown
page readonly
7FF5D716B000
unkown
page readonly
4FC0000
heap
page read and write
7FF5D774A000
unkown
page readonly
65B000
heap
page read and write
64A0000
direct allocation
page read and write
5320000
heap
page read and write
7FF5D732D000
unkown
page readonly
68B000
heap
page read and write
7DF4F2470000
unkown
page readonly
7AC0000
unkown
page read and write
448000
unkown
page read and write
21A7000
heap
page read and write
7FF5D75DF000
unkown
page readonly
A23A000
unkown
page read and write
7FF5D75E9000
unkown
page readonly
7FF5D7425000
unkown
page readonly
5321000
heap
page read and write
1350000
unkown
page readonly
2F31000
heap
page read and write
277E000
heap
page read and write
35FE000
unkown
page read and write
7FF5D77F7000
unkown
page readonly
7B80000
unkown
page readonly
7686000
unkown
page read and write
5A20000
direct allocation
page read and write
7FF7DD421000
unkown
page execute read
2EF1000
heap
page read and write
500000
heap
page read and write
B0BD000
stack
page read and write
7FF5D7455000
unkown
page readonly
F43C000
unkown
page read and write
1188D000
stack
page read and write
5D20000
heap
page read and write
669000
heap
page read and write
4FC4000
heap
page read and write
13C000
stack
page read and write
7631000
unkown
page read and write
68A0000
direct allocation
page read and write
3488000
stack
page read and write
3500000
stack
page read and write
A416000
unkown
page read and write
5DA1000
heap
page read and write
7FF5D72C8000
unkown
page readonly
7FF5D71C8000
unkown
page readonly
7FF5D7458000
unkown
page readonly
277E000
heap
page read and write
1383000
heap
page read and write
49FA000
unkown
page read and write
219E000
stack
page read and write
2EB1000
heap
page read and write
7611000
unkown
page read and write
7AA0000
unkown
page read and write
9A8E000
unkown
page read and write
7FF5D71EF000
unkown
page readonly
7FF5D75FF000
unkown
page readonly
7FF5D7523000
unkown
page readonly
27E6000
heap
page read and write
2EC9000
heap
page read and write
53A1000
heap
page read and write
2EF1000
heap
page read and write
9AB4000
unkown
page read and write
17C000
stack
page read and write
336F000
stack
page read and write
7FF5D7643000
unkown
page readonly
7FF7E20A7000
unkown
page execute read
1120B000
stack
page read and write
76F8000
unkown
page read and write
7DF4F24A1000
unkown
page execute read
977E000
stack
page read and write
4FC1000
heap
page read and write
C615000
unkown
page read and write
4BA2000
heap
page read and write
A3C3000
unkown
page read and write
2EB9000
heap
page read and write
7FF5D764F000
unkown
page readonly
33AE000
stack
page read and write
677000
heap
page read and write
A9A0000
unkown
page read and write
761E000
unkown
page read and write
373E000
stack
page read and write
6CA0000
direct allocation
page read and write
9A9E000
unkown
page read and write
C800000
unkown
page read and write
B220000
unkown
page read and write
2F31000
heap
page read and write
8D3A000
stack
page read and write
2EDA000
heap
page read and write
694000
heap
page read and write
3280000
unkown
page read and write
2EF1000
heap
page read and write
A2D7000
unkown
page read and write
35D3000
unkown
page read and write
7FF5D77EB000
unkown
page readonly
7FF5D7837000
unkown
page readonly
6A5000
heap
page read and write
A408000
unkown
page read and write
4520000
heap
page read and write
4FCE000
heap
page read and write
7FF5D71D7000
unkown
page readonly
2EB0000
trusted library allocation
page read and write
A39C000
unkown
page read and write
B330000
unkown
page read and write
279B000
heap
page read and write
5DE1000
heap
page read and write
302C000
stack
page read and write
BB10000
heap
page read and write
C642000
unkown
page read and write
2F31000
heap
page read and write
7FF5D751F000
unkown
page readonly
C48B000
unkown
page read and write
7FF7DDE21000
unkown
page execute read
7FF5D744C000
unkown
page readonly
692000
heap
page read and write
A273000
unkown
page read and write
8D3C000
stack
page read and write
2ECE000
heap
page read and write
1281000
unkown
page readonly
64B000
heap
page read and write
8DCB000
stack
page read and write
7FF5D75D6000
unkown
page readonly
7FF5D723C000
unkown
page readonly
4B0000
heap
page read and write
7FF7E3F60000
unkown
page readonly
7989000
stack
page read and write
5E20000
heap
page read and write
E10000
unkown
page readonly
2F31000
heap
page read and write
6FE000
stack
page read and write
5B80000
direct allocation
page read and write
85BE000
stack
page read and write
4B60000
heap
page read and write
52E0000
heap
page read and write
10674000
unkown
page read and write
2EC8000
heap
page read and write
2F31000
heap
page read and write
439000
unkown
page read and write
2EF1000
heap
page read and write
2FD0000
heap
page read and write
3406000
heap
page read and write
2EF1000
heap
page read and write
7FF7E02A7000
unkown
page execute read
69B000
heap
page read and write
33EE000
stack
page read and write
7DF4F2481000
unkown
page execute read
5330000
unkown
page write copy
2EF1000
heap
page read and write
9A96000
unkown
page read and write
2EEA000
heap
page read and write
7FF5D769E000
unkown
page readonly
7FF5D7438000
unkown
page readonly
4A71000
unkown
page read and write
2EF1000
heap
page read and write
8FD8000
stack
page read and write
AA24000
unkown
page read and write
7FF5D781A000
unkown
page readonly
C5F0000
unkown
page read and write
7AB0000
unkown
page read and write
C472000
unkown
page read and write
4CA0000
heap
page read and write
9AAC000
unkown
page read and write
7FF5D758D000
unkown
page readonly
2EE6000
heap
page read and write
7FF5D75F6000
unkown
page readonly
2F31000
heap
page read and write
997C000
stack
page read and write
5B60000
direct allocation
page read and write
1E0000
heap
page read and write
7FF5D75B8000
unkown
page readonly
2EE6000
heap
page read and write
7FF7E34A7000
unkown
page execute read
1100E000
stack
page read and write
7FF5D7694000
unkown
page readonly
362D000
unkown
page read and write
2EF1000
heap
page read and write
83E000
stack
page read and write
1731000
unkown
page readonly
7FF5D75A6000
unkown
page readonly
46F000
unkown
page readonly
42A0000
trusted library allocation
page read and write
5460000
heap
page read and write
3520000
unkown
page readonly
3140000
unkown
page read and write
7FF5D7396000
unkown
page readonly
2EF1000
heap
page read and write
7FF5D77A4000
unkown
page readonly
2F2D000
stack
page read and write
7FF5D776F000
unkown
page readonly
7FF5D7799000
unkown
page readonly
4FCA000
heap
page read and write
89FA000
heap
page read and write
A39F000
unkown
page read and write
7FF5D7398000
unkown
page readonly
279B000
heap
page read and write
C3CC000
stack
page read and write
C483000
unkown
page read and write
7FF5D747F000
unkown
page readonly
7FF5D7077000
unkown
page readonly
7FF5D7705000
unkown
page readonly
2CA0000
heap
page read and write
2B9C000
stack
page read and write
4AC0000
unkown
page read and write
7FF5D719C000
unkown
page readonly
4A16000
unkown
page read and write
9A90000
unkown
page read and write
10E8D000
stack
page read and write
9B2C000
unkown
page read and write
7FF5D7784000
unkown
page readonly
9A8C000
unkown
page read and write
7FF5D75B3000
unkown
page readonly
7FF5D76E8000
unkown
page readonly
7FF5D77CD000
unkown
page readonly
12D0000
unkown
page readonly
1180D000
stack
page read and write
7C31000
unkown
page read and write
5463000
unkown
page read and write
843F000
stack
page read and write
8940000
unkown
page read and write
2F31000
heap
page read and write
2EF1000
heap
page read and write
EF0000
heap
page read and write
5520000
heap
page read and write
7FF5D71C4000
unkown
page readonly
29E0000
heap
page read and write
7FF5D7452000
unkown
page readonly
B8DB000
stack
page read and write
B4BF000
stack
page read and write
442000
unkown
page read and write
1150D000
stack
page read and write
7FF5D771A000
unkown
page readonly
2EF1000
heap
page read and write
9AC3000
unkown
page read and write
760B000
unkown
page read and write
1138C000
stack
page read and write
75FD000
unkown
page read and write
1128D000
stack
page read and write
2EF1000
heap
page read and write
2FB0000
direct allocation
page read and write
2F31000
heap
page read and write
3014000
unkown
page read and write
5221000
heap
page read and write
7810000
unkown
page read and write
4FC8000
heap
page read and write
9FAF000
stack
page read and write
7FF5D7360000
unkown
page readonly
7FF5D7215000
unkown
page readonly
8A00000
unkown
page read and write
7FF5D7230000
unkown
page readonly
C44F000
stack
page read and write
7460000
unkown
page read and write
4D9F000
stack
page read and write
697000
heap
page read and write
F3F0000
unkown
page read and write
2ED0000
heap
page read and write
52E0000
heap
page read and write
8CB8000
stack
page read and write
7FF7E3F4F000
unkown
page readonly
7FF7DF221000
unkown
page execute read
5260000
heap
page read and write
2EF1000
heap
page read and write
7FF5D77E0000
unkown
page readonly
BB0D000
stack
page read and write
7FF5D7669000
unkown
page readonly
2EF1000
heap
page read and write
1E5000
heap
page read and write
9ADB000
unkown
page read and write
27ED000
heap
page read and write
2F31000
heap
page read and write
27EF000
stack
page read and write
B559000
stack
page read and write
2EDD000
heap
page read and write
2F31000
heap
page read and write
7FF5D7482000
unkown
page readonly
5421000
heap
page read and write
7FF5D720F000
unkown
page readonly
1270000
unkown
page read and write
7FF5D7236000
unkown
page readonly
C663000
unkown
page read and write
5DE1000
heap
page read and write
8E4D000
stack
page read and write
5D20000
heap
page read and write
7FF5D76AF000
unkown
page readonly
3181000
unkown
page read and write
7FF5D76DA000
unkown
page readonly
7FF5D7244000
unkown
page readonly
7FF5D765F000
unkown
page readonly
10E0D000
stack
page read and write
27ED000
heap
page read and write
2F31000
heap
page read and write
35F4000
unkown
page read and write
7FF5D7740000
unkown
page readonly
672000
heap
page read and write
278E000
heap
page read and write
340D000
heap
page read and write
10534000
unkown
page read and write
7FF5D760B000
unkown
page readonly
7FF5D71E6000
unkown
page readonly
C62D000
unkown
page read and write
4AE0000
heap
page read and write
94F3000
unkown
page read and write
35CF000
unkown
page read and write
5321000
heap
page read and write
105FB000
unkown
page read and write
C7CB000
unkown
page read and write
2780000
heap
page read and write
C4BD000
unkown
page read and write
2F31000
heap
page read and write
7FF5D7558000
unkown
page readonly
7FF5D777A000
unkown
page readonly
9A98000
unkown
page read and write
C625000
unkown
page read and write
2ECD000
heap
page read and write
7FF5D745B000
unkown
page readonly
7440000
unkown
page read and write
2100000
heap
page read and write
2ED4000
heap
page read and write
3400000
unkown
page read and write
4C21000
heap
page read and write
106B0000
unkown
page read and write
68F000
heap
page read and write
33F0000
unkown
page read and write
5420000
heap
page read and write
505000
heap
page read and write
2F31000
heap
page read and write
5DE0000
heap
page read and write
2F31000
heap
page read and write
2F31000
heap
page read and write
A391000
unkown
page read and write
2EF1000
heap
page read and write
5D21000
heap
page read and write
7FF7E3A9E000
unkown
page readonly
35D5000
unkown
page read and write
645000
heap
page read and write
1168D000
stack
page read and write
7FF5D6BDB000
unkown
page readonly
51E0000
heap
page read and write
A3AC000
unkown
page read and write
97FE000
stack
page read and write
51A1000
heap
page read and write
4FCB000
heap
page read and write
5260000
heap
page read and write
2760000
heap
page read and write
C669000
unkown
page read and write
8A70000
unkown
page read and write
7FF5D705D000
unkown
page readonly
96FE000
stack
page read and write
2F31000
heap
page read and write
105F6000
unkown
page read and write
B950000
unkown
page readonly
7FF7DE821000
unkown
page execute read
69B000
heap
page read and write
2EF1000
heap
page read and write
2F31000
heap
page read and write
B7DB000
stack
page read and write
450F000
stack
page read and write
35DC000
unkown
page read and write
5C7000
heap
page read and write
1360000
unkown
page readonly
7FF5D7691000
unkown
page readonly
4AA1000
heap
page read and write
4AA0000
unkown
page read and write
4FC2000
heap
page read and write
5920000
direct allocation
page read and write
2EF1000
heap
page read and write
7FF7DDE21000
unkown
page execute read
2EF1000
heap
page read and write
2EB1000
heap
page read and write
11A8D000
stack
page read and write
7FF5D7336000
unkown
page readonly
7FF7DCA21000
unkown
page execute read
A9FD000
unkown
page read and write
2F31000
heap
page read and write
7FF7DF8A7000
unkown
page execute read
279B000
heap
page read and write
7FF5D66E3000
unkown
page readonly
7FF5D75F2000
unkown
page readonly
86E0000
unkown
page readonly
5DE0000
heap
page read and write
2EF1000
heap
page read and write
3530000
unkown
page read and write
A237000
unkown
page read and write
35C3000
unkown
page read and write
4BE1000
heap
page read and write
5D20000
heap
page read and write
400000
unkown
page readonly
27F2000
heap
page read and write
68A0000
direct allocation
page read and write
7FF5D77E3000
unkown
page readonly
7FF5D72D0000
unkown
page readonly
5560000
heap
page read and write
10F8E000
stack
page read and write
95FF000
stack
page read and write
2EF1000
heap
page read and write
2EF1000
heap
page read and write
93F000
stack
page read and write
7FF7DCA21000
unkown
page execute read
AFBE000
stack
page read and write
5462000
heap
page read and write
A384000
unkown
page read and write
7FF5D775C000
unkown
page readonly
2F31000
heap
page read and write
5361000
heap
page read and write
5D60000
heap
page read and write
7FF5D7073000
unkown
page readonly
84BB000
stack
page read and write
7FF7E3A9E000
unkown
page readonly
7691000
unkown
page read and write
2F31000
heap
page read and write
54A0000
heap
page read and write
279B000
heap
page read and write
2EC3000
heap
page read and write
2F35000
heap
page read and write
7FF7DC021000
unkown
page execute read
9D67000
unkown
page read and write
35B0000
unkown
page read and write
51A0000
heap
page read and write
27A8000
heap
page read and write
27F2000
heap
page read and write
5CE0000
heap
page read and write
454000
unkown
page read and write
C460000
unkown
page read and write
7FF7E34A7000
unkown
page execute read
55A0000
direct allocation
page read and write
332E000
stack
page read and write
7FF5D7795000
unkown
page readonly
9EAD000
stack
page read and write
7FF5D77C7000
unkown
page readonly
C5FA000
unkown
page read and write
52E0000
heap
page read and write
7FF5D748C000
unkown
page readonly
C621000
unkown
page read and write
7C70000
unkown
page readonly
A9E9000
unkown
page read and write
7FF5D77D2000
unkown
page readonly
2F31000
heap
page read and write
C035000
stack
page read and write
1E7000
heap
page read and write
2F31000
heap
page read and write
27E6000
heap
page read and write
7FF5D752F000
unkown
page readonly
A3B6000
unkown
page read and write
277E000
heap
page read and write
7FF5D7641000
unkown
page readonly
7FF5D71F9000
unkown
page readonly
2F31000
heap
page read and write
2F31000
heap
page read and write
A3AA000
unkown
page read and write
65A000
heap
page read and write
CA5E000
unkown
page read and write
7FF5D776D000
unkown
page readonly
35BD000
unkown
page read and write
7FF5D77F0000
unkown
page readonly
A12F000
stack
page read and write
7FF5D71BF000
unkown
page readonly
7FF5D77DD000
unkown
page readonly
401000
unkown
page execute read
2EF1000
heap
page read and write
5CE0000
heap
page read and write
99B0000
unkown
page read and write
2F31000
heap
page read and write
C1CC000
stack
page read and write
3070000
unkown
page read and write
2F31000
heap
page read and write
35B3000
unkown
page read and write
4A44000
unkown
page read and write
4CA0000
direct allocation
page read and write
7FF5D7700000
unkown
page readonly
2ED7000
heap
page read and write
69E000
heap
page read and write
430000
unkown
page read and write
7FF7E0CA7000
unkown
page execute read
7FF7DC021000
unkown
page execute read
AAA9000
unkown
page read and write
35D1000
unkown
page read and write
2EBF000
heap
page read and write
5AA0000
direct allocation
page read and write
2EB1000
heap
page read and write
2FB0000
direct allocation
page read and write
FF0000
unkown
page readonly
2F31000
heap
page read and write
1158D000
stack
page read and write
11AF000
unkown
page read and write
7FF5D7280000
unkown
page readonly
CAB6000
unkown
page read and write
A264000
unkown
page read and write
89F0000
heap
page read and write
2DB1000
heap
page read and write
4BA0000
heap
page read and write
7FF5D7760000
unkown
page readonly
7FF5D7820000
unkown
page readonly
C617000
unkown
page read and write
7FF5D7764000
unkown
page readonly
54E1000
heap
page read and write
3025000
unkown
page read and write
2F31000
heap
page read and write
7FF5D7534000
unkown
page readonly
4AE0000
heap
page read and write
7FF5D6A4B000
unkown
page readonly
4A0E000
unkown
page read and write
4B21000
heap
page read and write
2EF1000
heap
page read and write
7FF5D778A000
unkown
page readonly
342C000
heap
page read and write
9A80000
unkown
page read and write
9A72000
unkown
page read and write
2F31000
heap
page read and write
8ECF000
stack
page read and write
7FF7E0CA7000
unkown
page execute read
7FF7E02A7000
unkown
page execute read
3361000
unkown
page read and write
5360000
heap
page read and write
35B0000
heap
page read and write
5220000
heap
page read and write
C496000
unkown
page read and write
2ECD000
heap
page read and write
2EF1000
heap
page read and write
7FF5D7394000
unkown
page readonly
7B10000
unkown
page read and write
53E1000
heap
page read and write
2EDC000
heap
page read and write
49C2000
unkown
page read and write
BE70000
unkown
page readonly
11C0E000
stack
page read and write
7FF5D768B000
unkown
page readonly
46F000
unkown
page readonly
7FF5D723F000
unkown
page readonly
7B20000
unkown
page read and write
BE49000
stack
page read and write
1380000
heap
page read and write
5D20000
heap
page read and write
52E0000
heap
page read and write
30FB000
stack
page read and write
2EF1000
heap
page read and write
2EC9000
heap
page read and write
2FE0000
heap
page read and write
3416000
heap
page read and write
7FF5D779E000
unkown
page readonly
A2B5000
unkown
page read and write
8C39000
stack
page read and write
2EF1000
heap
page read and write
7FF5D72D3000
unkown
page readonly
7FF5D7752000
unkown
page readonly
7FF5D774C000
unkown
page readonly
7FF5D770A000
unkown
page readonly
2F31000
heap
page read and write
2EF1000
heap
page read and write
7FF7E2AA7000
unkown
page execute read
7FF5D77B9000
unkown
page readonly
633000
heap
page read and write
A313000
unkown
page read and write
7FF5D74FA000
unkown
page readonly
3407000
heap
page read and write
2F31000
heap
page read and write
2EF1000
heap
page read and write
7FF5D7507000
unkown
page readonly
29E0000
heap
page read and write
2F31000
heap
page read and write
4AA1000
heap
page read and write
B0E0000
unkown
page readonly
32E0000
heap
page read and write
7FF5D7604000
unkown
page readonly
7FF000
stack
page read and write
5C0000
heap
page read and write
33F0000
heap
page read and write
7FF7DF8A7000
unkown
page execute read
2F31000
heap
page read and write
2EB9000
heap
page read and write
4B00000
unkown
page read and write
7FF5D72FB000
unkown
page readonly
89F2000
heap
page read and write
33D0000
heap
page read and write
7FF5D72D7000
unkown
page readonly
9A76000
unkown
page read and write
4C21000
heap
page read and write
3170000
unkown
page read and write
8850000
unkown
page readonly
49D6000
unkown
page read and write
10F0E000
stack
page read and write
86D0000
unkown
page readonly
7FF5D766E000
unkown
page readonly
52A0000
heap
page read and write
4980000
unkown
page read and write
4DB5000
heap
page read and write
3418000
heap
page read and write
2F31000
heap
page read and write
633000
heap
page read and write
7FF5D7648000
unkown
page readonly
21AC000
heap
page read and write
1198D000
stack
page read and write
4AE0000
heap
page read and write
11C8F000
stack
page read and write
4FC1000
heap
page read and write
CAE9000
unkown
page read and write
6A0000
heap
page read and write
7FF7E20A7000
unkown
page execute read
326D000
stack
page read and write
2EF1000
heap
page read and write
2EF1000
heap
page read and write
7605000
unkown
page read and write
7FF5D7808000
unkown
page readonly
4540000
heap
page read and write
2F35000
heap
page read and write
C78A000
unkown
page read and write
64A0000
direct allocation
page read and write
401000
unkown
page execute read
2F31000
heap
page read and write
7FF5D7391000
unkown
page readonly
2EF1000
heap
page read and write
2EC9000
heap
page read and write
5CE0000
heap
page read and write
2EB0000
heap
page read and write
7FF7DC020000
unkown
page readonly
7FF5D71E0000
unkown
page readonly
7FF5D7284000
unkown
page readonly
7FF5D728E000
unkown
page readonly
7FF5D7376000
unkown
page readonly
2F31000
heap
page read and write
7FF5D729E000
unkown
page readonly
5D61000
heap
page read and write
2F31000
heap
page read and write
7FF5D71CC000
unkown
page readonly
760F000
unkown
page read and write
35FA000
unkown
page read and write
7FF7E3F60000
unkown
page readonly
2EB5000
heap
page read and write
7DBC000
stack
page read and write
7FF5D7257000
unkown
page readonly
400000
unkown
page readonly
2F31000
heap
page read and write
694000
heap
page read and write
4FC5000
heap
page read and write
2FEE000
stack
page read and write
There are 1082 hidden memdumps, click here to show them.