Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
z69ClienteNFe-Faturada-15042024.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {B5D78B8B-DFC1-4A2C-B088-3448D87C823D}, Number of Words: 10, Subject: DaemonToolsPro, Author: Daemon Tools
Pro, Name of Creating Application: DaemonToolsPro, Template: ;1033, Comments: This installer database contains the logic and
data required to install DaemonToolsPro., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date:
Sat Apr 13 20:11:52 2024, Last Saved Time/Date: Sat Apr 13 20:11:52 2024, Last Printed: Sat Apr 13 20:11:52 2024, Number of
Pages: 450
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\DTCommonRes.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\69234a.rbs
|
data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\FomsTudio .exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\692348.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {B5D78B8B-DFC1-4A2C-B088-3448D87C823D}, Number of Words: 10, Subject: DaemonToolsPro, Author: Daemon Tools
Pro, Name of Creating Application: DaemonToolsPro, Template: ;1033, Comments: This installer database contains the logic and
data required to install DaemonToolsPro., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date:
Sat Apr 13 20:11:52 2024, Last Saved Time/Date: Sat Apr 13 20:11:52 2024, Last Printed: Sat Apr 13 20:11:52 2024, Number of
Pages: 450
|
dropped
|
||
|
C:\Windows\Installer\MSI24DE.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI25AA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI25DA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI261A.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2669.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI26D7.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{7CF68476-6C14-470A-B502-0AF87529D6C4}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF17ED5E811BFCD075.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF29CA92E203D81D61.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF3C7E6D4BA676129A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF78DF37D97A064E06.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7BE61B08C4E9F100.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF9E288FBEF4E52C9B.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFAECB8B62FBF941A8.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFBD1BCB0C64FB00ED.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFD0DCFE88B6D5D3FC.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD824A2E40EC93280.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFF50F701B66727A4C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFFFC47546BC8256A1.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 16 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Roaming\FomsTudio .exe
|
"C:\Users\user\AppData\Roaming\FomsTudio .exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\z69ClienteNFe-Faturada-15042024.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 90E3F561E19B31EB596B0EC133B15279
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.daemon-tools.cc/contacts/producttechnicalsupporthttps://www.daemon-tools.cc/account/seri
|
unknown
|
||
|
https://i.pinimg.com/236x/5b/f8/1a/5bf81a501ab9d26db806e7fec4edfa75.jpgp
|
unknown
|
||
|
https://www.reportscustomer.store/j
|
unknown
|
||
|
https://pix.servebbs.com/com7
|
unknown
|
||
|
https://pix.servebbs.com/th
|
unknown
|
||
|
https://i.pinimg.com/236x/5bN
|
unknown
|
||
|
https://pix.servebbs.com/f
|
unknown
|
||
|
https://pix.servebbs.com/senddata.php03
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpA03
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpike
|
unknown
|
||
|
https://pix.servebbs.com/h
|
unknown
|
||
|
https://www.reportscustomer.store/p
|
unknown
|
||
|
https://www.daemon-tools.cc/account/serials?email=%shttps://www.daemon-tools.cc/cart/set_upgrade?con
|
unknown
|
||
|
https://pix.servebbs.com/comB
|
unknown
|
||
|
https://pix.servebbs.com:443/sendonline.php
|
unknown
|
||
|
https://pix.servebbs.com/n
|
unknown
|
||
|
https://pix.servebbs.com/p
|
unknown
|
||
|
https://pix.servebbs.com/bs.com/
|
unknown
|
||
|
https://pix.servebbs.com/k
|
unknown
|
||
|
https://pix.servebbs.com/l
|
unknown
|
||
|
https://www.reportscustomer.store/gui/index.phpF
|
unknown
|
||
|
https://pix.servebbs.com/tw
|
unknown
|
||
|
https://pix.servebbs.com/w
|
unknown
|
||
|
https://i.pinimg.com/236x/5b/f8/1a/5bf81a501ab9d26db806e7fec4edfa75.jpg6D7
|
unknown
|
||
|
https://www.daemon-tools.cc/contacts/producttechnicalsupport?&product=%s&os=%s&hwkey=%sonFindSpecial
|
unknown
|
||
|
https://i.pinimg.com/236x/5b/f8/1a/5bf81a501ab9d26db806e7fec4edfa75.jpg
|
151.101.12.84
|
||
|
https://pix.servebbs.com/sendonline.php
|
178.128.15.164
|
||
|
https://www.daemon-tools.cc/cart/buy_check?abbr=%s&coupon_code=20off%s&system_key=%s&utm_source=%s&u
|
unknown
|
||
|
https://pix.servebbs.com/sendlog.php03
|
unknown
|
||
|
https://i.pinimg.com/I
|
unknown
|
||
|
https://pix.servebbs.com/F
|
unknown
|
||
|
https://pix.servebbs.com/G
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php-
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php.
|
unknown
|
||
|
https://www.reportscustomer.store/gui/index.phpA
|
unknown
|
||
|
https://www.reportscustomer.store/w$w
|
unknown
|
||
|
https://pix.servebbs.com/com
|
unknown
|
||
|
https://pix.servebbs.com:443/sendonline.phpG
|
unknown
|
||
|
https://pix.servA
|
unknown
|
||
|
https://pix.servebbs.com/pP
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php4
|
unknown
|
||
|
https://pix.servebbs.com/P
|
unknown
|
||
|
https://pix.servebbs.com:443/2
|
unknown
|
||
|
https://i.pinimg.com/ore
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php0
|
unknown
|
||
|
https://pix.servebbs.com:443/
|
unknown
|
||
|
https://pix.serv5
|
unknown
|
||
|
https://pix.servebbs.com/R
|
unknown
|
||
|
https://pix.servebbs.com/
|
178.128.15.164
|
||
|
https://pix.servebbs.com:443/sendonline.phpW
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php4j
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpB
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpM
|
unknown
|
||
|
https://i.pinimg.com:443/236x/5b/f8/1a/5bf81a501ab9d26db806e7fec4edfa75.jpg
|
unknown
|
||
|
https://pix.serv
|
unknown
|
||
|
https://www.reportscustomer.store:443/gui/index.phpC
|
unknown
|
||
|
https://www.reportscustomer.store/
|
unknown
|
||
|
https://ix.servebbs.com/er.store/gui/index.php
|
unknown
|
||
|
https://pix.servebbs.com/POST
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpP
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpZmM
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpR
|
unknown
|
||
|
https://pix.servebbs.com/coms
|
unknown
|
||
|
https://pix.servebbs.com/7
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.php-8Content-Type
|
unknown
|
||
|
https://www.reportscustomer.store/gui/index.php
|
187.1.138.172
|
||
|
https://pix.servebbs.com/2
|
unknown
|
||
|
https://www.reportscustomer.store/?
|
unknown
|
||
|
https://pix.servebbs.com/comp
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpX
|
unknown
|
||
|
https://pix.servebbs.com/4
|
unknown
|
||
|
https://pix.servebbs.com/5
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpebbs
|
unknown
|
||
|
https://pix.servebbs.com/senddataB.php03
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phpd
|
unknown
|
||
|
https://i.pinimg.com/236x/5b/f8/1a/5bf81a501ab9d26db806e7fec4edfa75.jpgP
|
unknown
|
||
|
https://pix.servebbs.com/z
|
unknown
|
||
|
https://pix.servebbscom/
|
unknown
|
||
|
https://pix.servebbs.com:443/sendonline.phpn64;
|
unknown
|
||
|
https://pix.servebbs.com/sendonline.phph
|
unknown
|
||
|
https://www.daemon-tools.cc/account/serialsAdd
|
unknown
|
There are 71 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pix.servebbs.com
|
178.128.15.164
|
||
|
www.reportscustomer.store
|
187.1.138.172
|
||
|
dualstack.pinterest.map.fastly.net
|
151.101.12.84
|
||
|
i.pinimg.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
178.128.15.164
|
pix.servebbs.com
|
Netherlands
|
||
|
151.101.12.84
|
dualstack.pinterest.map.fastly.net
|
United States
|
||
|
187.1.138.172
|
www.reportscustomer.store
|
Brazil
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\69234a.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\69234a.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\3CB28F16924C1634DB4E15C25BA5C054
|
67486FC741C6A0745B20A08F57926D4C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\81D5FA2980CB71E4DA56BA9BAC29F70C
|
67486FC741C6A0745B20A08F57926D4C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\3D9F9F883D04F91488E349689A01DAD5
|
67486FC741C6A0745B20A08F57926D4C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\4387993669AF29D4AA93C889D57DA013
|
67486FC741C6A0745B20A08F57926D4C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\5DFB1026E44FA28489E6330EA50CFA1B
|
67486FC741C6A0745B20A08F57926D4C
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Daemon Tools Pro\DaemonToolsPro
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Daemon Tools Pro\DaemonToolsPro
|
Path
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF7AE7F8000
|
unkown
|
page readonly
|
||
|
7FF7AE8D9000
|
unkown
|
page readonly
|
||
|
19D75480000
|
trusted library allocation
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D75300000
|
heap
|
page read and write
|
||
|
6669F000
|
unkown
|
page read and write
|
||
|
19D7343C000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D77773000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D73358000
|
heap
|
page read and write
|
||
|
19D777D1000
|
heap
|
page read and write
|
||
|
19D73419000
|
heap
|
page read and write
|
||
|
19D776F8000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D77955000
|
trusted library allocation
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
666A8000
|
unkown
|
page write copy
|
||
|
666AB000
|
unkown
|
page readonly
|
||
|
19D73435000
|
heap
|
page read and write
|
||
|
66631000
|
unkown
|
page write copy
|
||
|
19D77951000
|
trusted library allocation
|
page read and write
|
||
|
19D7339A000
|
heap
|
page read and write
|
||
|
19D73437000
|
heap
|
page read and write
|
||
|
494DEFE000
|
stack
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D73420000
|
heap
|
page read and write
|
||
|
19D733CD000
|
heap
|
page read and write
|
||
|
19D75710000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D733F0000
|
heap
|
page read and write
|
||
|
66651000
|
unkown
|
page write copy
|
||
|
19D7341D000
|
heap
|
page read and write
|
||
|
19D77950000
|
trusted library allocation
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D776FE000
|
heap
|
page read and write
|
||
|
19D7343D000
|
heap
|
page read and write
|
||
|
19D73388000
|
heap
|
page read and write
|
||
|
19D777B7000
|
heap
|
page read and write
|
||
|
19D776FF000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D77953000
|
trusted library allocation
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D77773000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D733CA000
|
heap
|
page read and write
|
||
|
19D77777000
|
heap
|
page read and write
|
||
|
19D777C9000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D777A4000
|
heap
|
page read and write
|
||
|
19D73438000
|
heap
|
page read and write
|
||
|
19D77777000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D75575000
|
heap
|
page read and write
|
||
|
19D73413000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D73436000
|
heap
|
page read and write
|
||
|
19D74D38000
|
direct allocation
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D74D21000
|
direct allocation
|
page read and write
|
||
|
19D776FE000
|
heap
|
page read and write
|
||
|
6664B000
|
unkown
|
page read and write
|
||
|
6664F000
|
unkown
|
page write copy
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D733F0000
|
heap
|
page read and write
|
||
|
19D732F5000
|
heap
|
page read and write
|
||
|
19D7775A000
|
heap
|
page read and write
|
||
|
19D73420000
|
heap
|
page read and write
|
||
|
19D777CD000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D7777C000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D733EB000
|
heap
|
page read and write
|
||
|
19D73436000
|
heap
|
page read and write
|
||
|
19D777AC000
|
heap
|
page read and write
|
||
|
19D73387000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
66698000
|
unkown
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
7FF7AE8D4000
|
unkown
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77766000
|
heap
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D75500000
|
heap
|
page read and write
|
||
|
19D774E0000
|
remote allocation
|
page read and write
|
||
|
66660000
|
unkown
|
page write copy
|
||
|
19D733F0000
|
heap
|
page read and write
|
||
|
19D777D1000
|
heap
|
page read and write
|
||
|
494E1F9000
|
stack
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D75510000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D777CB000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D7340D000
|
heap
|
page read and write
|
||
|
19D732B0000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D77773000
|
heap
|
page read and write
|
||
|
7FF7AE957000
|
unkown
|
page readonly
|
||
|
666A9000
|
unkown
|
page readonly
|
||
|
19D73421000
|
heap
|
page read and write
|
||
|
6664D000
|
unkown
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
66664000
|
unkown
|
page write copy
|
||
|
19D75620000
|
heap
|
page read and write
|
||
|
19D77660000
|
heap
|
page read and write
|
||
|
19D7341D000
|
heap
|
page read and write
|
||
|
494DDFE000
|
stack
|
page read and write
|
||
|
494D73A000
|
stack
|
page read and write
|
||
|
19D7777C000
|
heap
|
page read and write
|
||
|
19D7341B000
|
heap
|
page read and write
|
||
|
19D777A9000
|
heap
|
page read and write
|
||
|
19D777A7000
|
heap
|
page read and write
|
||
|
19D77770000
|
heap
|
page read and write
|
||
|
19D777B2000
|
heap
|
page read and write
|
||
|
19D73431000
|
heap
|
page read and write
|
||
|
19D733CA000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D774A0000
|
heap
|
page read and write
|
||
|
6666E000
|
unkown
|
page write copy
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D733EB000
|
heap
|
page read and write
|
||
|
494E4FE000
|
stack
|
page read and write
|
||
|
7FF7AE5C0000
|
unkown
|
page readonly
|
||
|
19D73438000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
7FF7AE8BE000
|
unkown
|
page write copy
|
||
|
19D74D56000
|
direct allocation
|
page read and write
|
||
|
19D77950000
|
trusted library allocation
|
page read and write
|
||
|
19D7340D000
|
heap
|
page read and write
|
||
|
19D73426000
|
heap
|
page read and write
|
||
|
19D74DBF000
|
direct allocation
|
page read and write
|
||
|
19D74D19000
|
direct allocation
|
page read and write
|
||
|
19D73435000
|
heap
|
page read and write
|
||
|
19D733F0000
|
heap
|
page read and write
|
||
|
494E5FD000
|
stack
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D777A7000
|
heap
|
page read and write
|
||
|
19D777A7000
|
heap
|
page read and write
|
||
|
19D77957000
|
trusted library allocation
|
page read and write
|
||
|
19D7776E000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D754D0000
|
heap
|
page read and write
|
||
|
19D74D9C000
|
direct allocation
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D75620000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
6665F000
|
unkown
|
page read and write
|
||
|
19D74D84000
|
direct allocation
|
page read and write
|
||
|
19D776FE000
|
heap
|
page read and write
|
||
|
66240000
|
unkown
|
page readonly
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D74D48000
|
direct allocation
|
page read and write
|
||
|
19D77766000
|
heap
|
page read and write
|
||
|
19D74DC6000
|
direct allocation
|
page read and write
|
||
|
19D7339A000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
66659000
|
unkown
|
page read and write
|
||
|
66654000
|
unkown
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D777D0000
|
heap
|
page read and write
|
||
|
19D73438000
|
heap
|
page read and write
|
||
|
19D7770E000
|
heap
|
page read and write
|
||
|
19D777A2000
|
heap
|
page read and write
|
||
|
19D7341B000
|
heap
|
page read and write
|
||
|
19D77766000
|
heap
|
page read and write
|
||
|
7FF7AE957000
|
unkown
|
page readonly
|
||
|
19D73300000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D7770E000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D776D0000
|
heap
|
page read and write
|
||
|
19D77954000
|
trusted library allocation
|
page read and write
|
||
|
19D733CD000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77766000
|
heap
|
page read and write
|
||
|
7FF7AE8CD000
|
unkown
|
page read and write
|
||
|
66687000
|
unkown
|
page write copy
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D77777000
|
heap
|
page read and write
|
||
|
19D74CEC000
|
direct allocation
|
page read and write
|
||
|
19D7770E000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
7FF7AE910000
|
unkown
|
page readonly
|
||
|
19D777D1000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D757D0000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D77700000
|
heap
|
page read and write
|
||
|
19D733CA000
|
heap
|
page read and write
|
||
|
66644000
|
unkown
|
page read and write
|
||
|
19D754E0000
|
heap
|
page read and write
|
||
|
19D7341D000
|
heap
|
page read and write
|
||
|
66686000
|
unkown
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D77950000
|
trusted library allocation
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
7FF7AE8C1000
|
unkown
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D777C9000
|
heap
|
page read and write
|
||
|
19D777A8000
|
heap
|
page read and write
|
||
|
7FF7AE7F8000
|
unkown
|
page readonly
|
||
|
19D7341F000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D777B0000
|
heap
|
page read and write
|
||
|
19D74DCD000
|
direct allocation
|
page read and write
|
||
|
19D733EB000
|
heap
|
page read and write
|
||
|
19D73438000
|
heap
|
page read and write
|
||
|
19D7343F000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D774E0000
|
remote allocation
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D777B0000
|
heap
|
page read and write
|
||
|
19D74DF1000
|
direct allocation
|
page read and write
|
||
|
19D776FD000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77950000
|
trusted library allocation
|
page read and write
|
||
|
19D77777000
|
heap
|
page read and write
|
||
|
19D7343C000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D776E0000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
7FF7AE8BF000
|
unkown
|
page write copy
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D77703000
|
heap
|
page read and write
|
||
|
19D7343C000
|
heap
|
page read and write
|
||
|
19D758E0000
|
heap
|
page read and write
|
||
|
19D777CD000
|
heap
|
page read and write
|
||
|
19D75585000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
6664C000
|
unkown
|
page write copy
|
||
|
66658000
|
unkown
|
page write copy
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D777B7000
|
heap
|
page read and write
|
||
|
19D754A0000
|
heap
|
page read and write
|
||
|
66657000
|
unkown
|
page read and write
|
||
|
19D733CD000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D77959000
|
trusted library allocation
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
666A3000
|
unkown
|
page read and write
|
||
|
19D777C9000
|
heap
|
page read and write
|
||
|
19D777AC000
|
heap
|
page read and write
|
||
|
19D74D4F000
|
direct allocation
|
page read and write
|
||
|
19D7340D000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D75690000
|
heap
|
page read and write
|
||
|
19D74DB8000
|
direct allocation
|
page read and write
|
||
|
19D74CF9000
|
direct allocation
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
666A2000
|
unkown
|
page write copy
|
||
|
66241000
|
unkown
|
page execute read
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D73421000
|
heap
|
page read and write
|
||
|
19D75140000
|
direct allocation
|
page execute and read and write
|
||
|
19D74D7D000
|
direct allocation
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D73414000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
66655000
|
unkown
|
page write copy
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D75303000
|
heap
|
page read and write
|
||
|
19D732F0000
|
heap
|
page read and write
|
||
|
19D73411000
|
heap
|
page read and write
|
||
|
19D73435000
|
heap
|
page read and write
|
||
|
7FF7AE8D9000
|
unkown
|
page readonly
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D77771000
|
heap
|
page read and write
|
||
|
6665B000
|
unkown
|
page write copy
|
||
|
19D77952000
|
trusted library allocation
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D74DA3000
|
direct allocation
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D75680000
|
heap
|
page read and write
|
||
|
6668C000
|
unkown
|
page write copy
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D77774000
|
heap
|
page read and write
|
||
|
19D73350000
|
heap
|
page read and write
|
||
|
19D7339A000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D77770000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
66663000
|
unkown
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D777B3000
|
heap
|
page read and write
|
||
|
19D74D02000
|
direct allocation
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D74DE3000
|
direct allocation
|
page read and write
|
||
|
19D7342B000
|
heap
|
page read and write
|
||
|
19D732A0000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D75580000
|
heap
|
page read and write
|
||
|
19D77800000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D74D09000
|
direct allocation
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D74D30000
|
direct allocation
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
6663A000
|
unkown
|
page write copy
|
||
|
19D77580000
|
heap
|
page read and write
|
||
|
494E2FF000
|
stack
|
page read and write
|
||
|
19D7343D000
|
heap
|
page read and write
|
||
|
19D75900000
|
trusted library allocation
|
page read and write
|
||
|
66645000
|
unkown
|
page write copy
|
||
|
19D7777C000
|
heap
|
page read and write
|
||
|
66641000
|
unkown
|
page write copy
|
||
|
19D75560000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D74D67000
|
direct allocation
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D75870000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D777BB000
|
heap
|
page read and write
|
||
|
19D75740000
|
heap
|
page read and write
|
||
|
19D75490000
|
heap
|
page read and write
|
||
|
19D75570000
|
heap
|
page read and write
|
||
|
494DCE7000
|
stack
|
page read and write
|
||
|
19D74D75000
|
direct allocation
|
page read and write
|
||
|
19D7343C000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
7FF7AE8BE000
|
unkown
|
page read and write
|
||
|
19D77766000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D73411000
|
heap
|
page read and write
|
||
|
66694000
|
unkown
|
page read and write
|
||
|
19D77956000
|
trusted library allocation
|
page read and write
|
||
|
19D77777000
|
heap
|
page read and write
|
||
|
19D75565000
|
heap
|
page read and write
|
||
|
19D777A5000
|
heap
|
page read and write
|
||
|
19D77757000
|
heap
|
page read and write
|
||
|
19D777B2000
|
heap
|
page read and write
|
||
|
19D76100000
|
heap
|
page read and write
|
||
|
19D777AB000
|
heap
|
page read and write
|
||
|
6669A000
|
unkown
|
page read and write
|
||
|
19D7338C000
|
heap
|
page read and write
|
||
|
19D777C9000
|
heap
|
page read and write
|
||
|
19D77702000
|
heap
|
page read and write
|
||
|
19D776C0000
|
heap
|
page read and write
|
||
|
19D733EB000
|
heap
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D77702000
|
heap
|
page read and write
|
||
|
19D74CE6000
|
direct allocation
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D73413000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D75270000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D7341B000
|
heap
|
page read and write
|
||
|
19D733F0000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D7777E000
|
heap
|
page read and write
|
||
|
19D774B9000
|
heap
|
page read and write
|
||
|
19D73421000
|
heap
|
page read and write
|
||
|
19D73435000
|
heap
|
page read and write
|
||
|
19D77958000
|
trusted library allocation
|
page read and write
|
||
|
19D7342E000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D777AB000
|
heap
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
7FF7AE5C1000
|
unkown
|
page execute read
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D7340E000
|
heap
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
666A5000
|
unkown
|
page write copy
|
||
|
7FF7AE910000
|
unkown
|
page readonly
|
||
|
19D776F0000
|
heap
|
page read and write
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D7778D000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
494E0FD000
|
stack
|
page read and write
|
||
|
19D733CA000
|
heap
|
page read and write
|
||
|
19D7343D000
|
heap
|
page read and write
|
||
|
666A7000
|
unkown
|
page read and write
|
||
|
494E3FB000
|
stack
|
page read and write
|
||
|
19D74D93000
|
direct allocation
|
page read and write
|
||
|
19D73415000
|
heap
|
page read and write
|
||
|
19D77771000
|
heap
|
page read and write
|
||
|
19D7770D000
|
heap
|
page read and write
|
||
|
19D74DDC000
|
direct allocation
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D733CD000
|
heap
|
page read and write
|
||
|
19D7343F000
|
heap
|
page read and write
|
||
|
19D7339B000
|
heap
|
page read and write
|
||
|
19D777AC000
|
heap
|
page read and write
|
||
|
7FF7AE5C0000
|
unkown
|
page readonly
|
||
|
19D733CD000
|
heap
|
page read and write
|
||
|
19D733CA000
|
heap
|
page read and write
|
||
|
19D74DEA000
|
direct allocation
|
page read and write
|
||
|
7FF7AE5C1000
|
unkown
|
page execute read
|
||
|
19D774B0000
|
heap
|
page read and write
|
||
|
19D73435000
|
heap
|
page read and write
|
||
|
19D75480000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
66650000
|
unkown
|
page read and write
|
||
|
19D74D6E000
|
direct allocation
|
page read and write
|
||
|
6668B000
|
unkown
|
page read and write
|
||
|
19D757A0000
|
heap
|
page read and write
|
||
|
19D77781000
|
heap
|
page read and write
|
||
|
19D774E0000
|
remote allocation
|
page read and write
|
||
|
19D7341D000
|
heap
|
page read and write
|
||
|
19D77701000
|
heap
|
page read and write
|
||
|
19D777C9000
|
heap
|
page read and write
|
||
|
19D774F0000
|
heap
|
page read and write
|
||
|
19D77774000
|
heap
|
page read and write
|
||
|
19D73411000
|
heap
|
page read and write
|
||
|
19D732FD000
|
heap
|
page read and write
|
||
|
19D73420000
|
heap
|
page read and write
|
||
|
7FF7AE8C4000
|
unkown
|
page write copy
|
||
|
19D77708000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
66268000
|
unkown
|
page execute read
|
||
|
66633000
|
unkown
|
page read and write
|
||
|
19D777B9000
|
heap
|
page read and write
|
||
|
19D733EB000
|
heap
|
page read and write
|
||
|
494DFFB000
|
stack
|
page read and write
|
||
|
66630000
|
unkown
|
page read and write
|
||
|
66640000
|
unkown
|
page read and write
|
||
|
19D7779F000
|
heap
|
page read and write
|
||
|
19D777A5000
|
heap
|
page read and write
|
||
|
19D74DAB000
|
direct allocation
|
page read and write
|
||
|
19D7343E000
|
heap
|
page read and write
|
||
|
19D777AB000
|
heap
|
page read and write
|
||
|
19D73443000
|
heap
|
page read and write
|
||
|
19D77770000
|
heap
|
page read and write
|
There are 454 hidden memdumps, click here to show them.