Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ScreenConnect.ClientSetup(27).exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.ClientService.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\5c8b3a.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\Client.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\Client.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.Client.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.ClientService.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsBackstageShell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsBackstageShell.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsClient.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsCredentialProvider.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsFileManager.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsFileManager.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\app.config
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\system.config
|
XML 1.0 document, ASCII text, with very long lines (450), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xf7a04dd5, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ScreenConnect.ClientSetup(27).exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rundll32.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp-\CustomAction.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp-\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp-\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp-\ScreenConnect.InstallerActions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI8741.tmp-\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ScreenConnect\ce601acb92245386\setup.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5c8b39.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5c8b3b.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI8E27.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI8E66.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI91C3.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}\DefaultIcon
|
MS Windows icon resource - 3 icons, 16x16 with PNG image data, 16 x 16, 8-bit colormap, non-interlaced, 4 bits/pixel, 32x32
with PNG image data, 32 x 32, 1-bit colormap, non-interlaced, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (ce601acb92245386)\user.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (ce601acb92245386)\zehlfngi.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\Temp\~DF088A0D4D847346FD.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF11CD5EBDF1E5043E.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF28DCAAF2AAFC9B9A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF32EF17214AD7382D.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF3FFA85E6750A390B.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF96B67A5B7F2B4038.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFA396AF6431A52550.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFB06A89B8A29481E6.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC2BA8D64232887F6.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFD32AAFFB3FBA3A24.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD6CBCACF5BF12D58.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE46C777A9F0C7393.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 44 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ScreenConnect.ClientSetup(27).exe
|
"C:\Users\user\Desktop\ScreenConnect.ClientSetup(27).exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.ClientService.exe
|
"C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=89.43.28.229&p=8041&s=4af472d5-e551-4005-a126-503edb856296&k=BgIAAACkAABSU0ExAAgAAAEAAQC9J11i1IcRkYop2TycAp5K4RRKlLAUx4RuayPuLGq%2b%2bz1SrEkKJu7LSew91XxtbRam8zYNqziS%2b4sMOkWFBGzY%2bAOA9QnsWK6b7ncsPmHeg5jCkSeTC%2betKc4MuK94q5AHJES7CJcRW%2fBNz%2fJA9wvDvINQMMgToVWu%2fqJTsdrl7PJBXyTzuE6Rb0dN8IcSPIqsIjpGSq4uqnnlSAjjOHO503z6UUQCzk9NFWrKRhlmzGM0uvvRCSeMBGadOV%2fZbWQ4MEzf%2fAWw86k%2fYfTBFwW23KZV5BJ08ylr9L9Tz8wJAl4Q6S5eYfVazkM1C9DoFEJssQFe3QmIGp3g5UFhbXut&t=CBR"
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\ScreenConnect.WindowsClient.exe" "RunRole" "d839c8e7-3c23-47f2-a995-7e4a438c1ad3"
"User"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\ScreenConnect\ce601acb92245386\setup.msi"
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding E49D9630851C51BAAED691195B56D919 C
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Local\Temp\MSI8741.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6064187 1 ScreenConnect.InstallerActions!ScreenConnect.ClientInstallerActions.FixupServiceArguments
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding A9AB1835E8DD19CBED19F580B2093DC7
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding D88DC2B5D696E53B87AC1E4F8F30C031 E Global\MSI0000
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://feedback.screenconnect.com/Feedback.axd
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
There are 26 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
89.43.28.229
|
unknown
|
Turkey
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5c8b3a.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5c8b3a.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4C8A025BFD30BB2D5DDFF4CF2C1AB742
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E55A1E1A5BEDF00EFF00FA74074E297
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C3BAAB8C52C8AF0670F0DFED34EF56AF
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E5545BD5BE80E604F4C5179EA17E5A8
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9FDD75A42412199DAAD3F643E8C41F3
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D0DDABF1861213F97A1E3B251A5168F7
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\ScreenConnect Client (ce601acb92245386)\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-ce601acb92245386
|
URL Protocol
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-ce601acb92245386
|
UseOriginalUrlEncoding
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-ce601acb92245386\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (ce601acb92245386)
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-946A-5341B0B949D5}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-946A-5341B0B949D5}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-946A-5341B0B949D5}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6FF59A85-BC37-4CD4-946A-5341B0B949D5}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\616D9C4BAA4A4F09EC06A1BC29423568
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\8C0A2C811E2DF6911E33C6E9206FCDAA
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\Features
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{18C2A0C8-D2E1-196F-E133-6C9E02F6DCAA}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\616D9C4BAA4A4F09EC06A1BC29423568
|
8C0A2C811E2DF6911E33C6E9206FCDAA
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C0A2C811E2DF6911E33C6E9206FCDAA\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (ce601acb92245386)
|
ImagePath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 88 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
16736690000
|
trusted library allocation
|
page read and write
|
||
|
1B768000
|
unkown
|
page readonly
|
||
|
764000
|
unkown
|
page write copy
|
||
|
8F9000
|
stack
|
page read and write
|
||
|
4DBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DDA000
|
unkown
|
page readonly
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
1872E5E0000
|
remote allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
7B7B000
|
trusted library allocation
|
page read and write
|
||
|
A26E000
|
stack
|
page read and write
|
||
|
10F5000
|
heap
|
page read and write
|
||
|
6A22000
|
trusted library allocation
|
page read and write
|
||
|
3AFA000
|
unkown
|
page readonly
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
18728EB6000
|
heap
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
1B7AA000
|
unkown
|
page readonly
|
||
|
18728DA0000
|
trusted library section
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D2F000
|
unkown
|
page readonly
|
||
|
A3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
3D2B000
|
unkown
|
page readonly
|
||
|
3AD8000
|
unkown
|
page readonly
|
||
|
1872E2E2000
|
heap
|
page read and write
|
||
|
3D86000
|
unkown
|
page readonly
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1B788000
|
unkown
|
page readonly
|
||
|
1AE537C000
|
stack
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
71A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
911000
|
stack
|
page read and write
|
||
|
7FFD9B700000
|
trusted library allocation
|
page read and write
|
||
|
3DC3000
|
unkown
|
page readonly
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
12FB000
|
heap
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
1872E525000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B588000
|
trusted library allocation
|
page read and write
|
||
|
3E08000
|
unkown
|
page readonly
|
||
|
18728E22000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
4BED000
|
heap
|
page read and write
|
||
|
16735F20000
|
heap
|
page read and write
|
||
|
1B843000
|
unkown
|
page readonly
|
||
|
2780000
|
heap
|
page read and write
|
||
|
A22F000
|
stack
|
page read and write
|
||
|
18729602000
|
heap
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
5D51000
|
trusted library allocation
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
6CDD000
|
trusted library allocation
|
page read and write
|
||
|
12791000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B67B000
|
trusted library allocation
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
6BB9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B490000
|
trusted library allocation
|
page read and write
|
||
|
3A31000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
18728E73000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
2848000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
1AE517E000
|
stack
|
page read and write
|
||
|
440D000
|
stack
|
page read and write
|
||
|
16736102000
|
heap
|
page read and write
|
||
|
7235000
|
trusted library allocation
|
page read and write
|
||
|
1B7D1000
|
unkown
|
page readonly
|
||
|
7FFD9B2FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A82C000
|
stack
|
page read and write
|
||
|
18728F13000
|
heap
|
page read and write
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
18729E20000
|
trusted library section
|
page readonly
|
||
|
7FFD9B720000
|
trusted library allocation
|
page execute and read and write
|
||
|
4AB0000
|
trusted library allocation
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
1B5BC000
|
heap
|
page read and write
|
||
|
3E50000
|
unkown
|
page readonly
|
||
|
1872E470000
|
trusted library allocation
|
page read and write
|
||
|
18729E40000
|
trusted library section
|
page readonly
|
||
|
7224000
|
trusted library allocation
|
page read and write
|
||
|
1B808000
|
unkown
|
page readonly
|
||
|
71F2000
|
trusted library allocation
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
3AC7000
|
unkown
|
page readonly
|
||
|
3D5A000
|
unkown
|
page readonly
|
||
|
7FFD9B4B0000
|
trusted library allocation
|
page read and write
|
||
|
1B743000
|
unkown
|
page readonly
|
||
|
1872E4AC000
|
trusted library allocation
|
page read and write
|
||
|
3D12000
|
unkown
|
page readonly
|
||
|
1872E2F9000
|
heap
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
1B745000
|
unkown
|
page readonly
|
||
|
3DDE000
|
unkown
|
page readonly
|
||
|
75D000
|
unkown
|
page readonly
|
||
|
1872E2C2000
|
heap
|
page read and write
|
||
|
7FFD9B4D8000
|
trusted library allocation
|
page read and write
|
||
|
18728E13000
|
heap
|
page read and write
|
||
|
5D72000
|
trusted library allocation
|
page read and write
|
||
|
A4D000
|
unkown
|
page readonly
|
||
|
4B75B7E000
|
unkown
|
page readonly
|
||
|
4B754FE000
|
stack
|
page read and write
|
||
|
26BF000
|
stack
|
page read and write
|
||
|
3E2A000
|
unkown
|
page readonly
|
||
|
7FFD9B4E5000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
unkown
|
page readonly
|
||
|
4B74F7E000
|
unkown
|
page readonly
|
||
|
3E54000
|
unkown
|
page readonly
|
||
|
4B751FE000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
3D5C000
|
unkown
|
page readonly
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
1B670000
|
heap
|
page read and write
|
||
|
121A000
|
heap
|
page read and write
|
||
|
3AB4000
|
unkown
|
page readonly
|
||
|
545D000
|
stack
|
page read and write
|
||
|
1085000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE567E000
|
unkown
|
page readonly
|
||
|
1AE547E000
|
unkown
|
page readonly
|
||
|
1B472000
|
unkown
|
page readonly
|
||
|
C30000
|
heap
|
page read and write
|
||
|
5EDC000
|
trusted library allocation
|
page read and write
|
||
|
1A38000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
12C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B71E000
|
unkown
|
page readonly
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
1B4D8000
|
unkown
|
page readonly
|
||
|
E38000
|
unkown
|
page readonly
|
||
|
1872E4A4000
|
trusted library allocation
|
page read and write
|
||
|
9E70000
|
heap
|
page read and write
|
||
|
3CC2000
|
unkown
|
page readonly
|
||
|
1872E460000
|
trusted library allocation
|
page read and write
|
||
|
B58000
|
heap
|
page read and write
|
||
|
51C000
|
stack
|
page read and write
|
||
|
3D93000
|
unkown
|
page readonly
|
||
|
32A8000
|
heap
|
page read and write
|
||
|
1B716000
|
unkown
|
page readonly
|
||
|
7FFD9B7F4000
|
trusted library allocation
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
1B4A3000
|
unkown
|
page readonly
|
||
|
18729600000
|
heap
|
page read and write
|
||
|
7FFD9B51E000
|
trusted library allocation
|
page read and write
|
||
|
1AD1D000
|
stack
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
2AE9000
|
trusted library allocation
|
page read and write
|
||
|
1872E44E000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
trusted library section
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
1C099000
|
heap
|
page read and write
|
||
|
1872E1C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7E0000
|
trusted library allocation
|
page read and write
|
||
|
1872E53F000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page execute and read and write
|
||
|
3E06000
|
unkown
|
page readonly
|
||
|
3DBF000
|
unkown
|
page readonly
|
||
|
1B3DE000
|
stack
|
page read and write
|
||
|
40EE000
|
stack
|
page read and write
|
||
|
1072000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B564000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B581000
|
trusted library allocation
|
page read and write
|
||
|
559E000
|
stack
|
page read and write
|
||
|
5360000
|
heap
|
page execute and read and write
|
||
|
7FF425750000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6F0000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
3A80000
|
unkown
|
page readonly
|
||
|
1B799000
|
unkown
|
page readonly
|
||
|
1B7C9000
|
unkown
|
page readonly
|
||
|
18729C50000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1872F000000
|
heap
|
page read and write
|
||
|
18728EFF000
|
heap
|
page read and write
|
||
|
1872E441000
|
trusted library allocation
|
page read and write
|
||
|
B4B000
|
stack
|
page read and write
|
||
|
1B72E000
|
unkown
|
page readonly
|
||
|
16736002000
|
heap
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
1872E2F7000
|
heap
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B310000
|
trusted library allocation
|
page read and write
|
||
|
3E56000
|
unkown
|
page readonly
|
||
|
D10000
|
heap
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
3A00000
|
trusted library allocation
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
18728E7A000
|
heap
|
page read and write
|
||
|
1B4B6000
|
unkown
|
page readonly
|
||
|
18728E9F000
|
heap
|
page read and write
|
||
|
1B786000
|
unkown
|
page readonly
|
||
|
3D34000
|
unkown
|
page readonly
|
||
|
1AE507E000
|
unkown
|
page readonly
|
||
|
1872E528000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
3D8F000
|
unkown
|
page readonly
|
||
|
18728EA1000
|
heap
|
page read and write
|
||
|
3B30000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page execute and read and write
|
||
|
718E000
|
stack
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
42C0000
|
trusted library allocation
|
page read and write
|
||
|
7224000
|
trusted library allocation
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
4B760FE000
|
stack
|
page read and write
|
||
|
42B0000
|
trusted library allocation
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
1C06D000
|
stack
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B524000
|
trusted library allocation
|
page read and write
|
||
|
1872E242000
|
heap
|
page read and write
|
||
|
18728E78000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page read and write
|
||
|
A4D000
|
unkown
|
page readonly
|
||
|
7FFD9B650000
|
trusted library allocation
|
page read and write
|
||
|
1B77E000
|
unkown
|
page readonly
|
||
|
1B7B8000
|
unkown
|
page readonly
|
||
|
18728C80000
|
heap
|
page read and write
|
||
|
57EB000
|
trusted library section
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
4370000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B303000
|
trusted library allocation
|
page read and write
|
||
|
30B5000
|
heap
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
12D5000
|
heap
|
page read and write
|
||
|
1AE4D7D000
|
stack
|
page read and write
|
||
|
1872E24F000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
1872E260000
|
heap
|
page read and write
|
||
|
18728E94000
|
heap
|
page read and write
|
||
|
3AC5000
|
unkown
|
page readonly
|
||
|
1872E420000
|
trusted library allocation
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
3AE9000
|
unkown
|
page readonly
|
||
|
1B83F000
|
unkown
|
page readonly
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
2FEF000
|
stack
|
page read and write
|
||
|
5EC4000
|
trusted library allocation
|
page read and write
|
||
|
B31000
|
heap
|
page read and write
|
||
|
39D2000
|
unkown
|
page readonly
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
1B50A000
|
heap
|
page read and write
|
||
|
1BD76000
|
stack
|
page read and write
|
||
|
2722000
|
unkown
|
page readonly
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1872E455000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DD000
|
trusted library allocation
|
page read and write
|
||
|
4280000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
18729E30000
|
trusted library section
|
page readonly
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
|
121E000
|
heap
|
page read and write
|
||
|
1B74D000
|
unkown
|
page readonly
|
||
|
540000
|
unkown
|
page readonly
|
||
|
306F000
|
stack
|
page read and write
|
||
|
1872E4CE000
|
trusted library allocation
|
page read and write
|
||
|
3A60000
|
trusted library allocation
|
page read and write
|
||
|
16735F00000
|
heap
|
page read and write
|
||
|
1872E484000
|
trusted library allocation
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
1B50F000
|
heap
|
page read and write
|
||
|
4DB9000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D23000
|
unkown
|
page readonly
|
||
|
9F8E000
|
stack
|
page read and write
|
||
|
1B59F000
|
heap
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
4B16000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page read and write
|
||
|
3E02000
|
unkown
|
page readonly
|
||
|
1872E4B2000
|
trusted library allocation
|
page read and write
|
||
|
1872E440000
|
trusted library allocation
|
page read and write
|
||
|
2E61000
|
trusted library allocation
|
page read and write
|
||
|
3A5B000
|
trusted library allocation
|
page read and write
|
||
|
3D3F000
|
unkown
|
page readonly
|
||
|
1B4A5000
|
unkown
|
page readonly
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
4B74D7E000
|
unkown
|
page readonly
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
A4B0000
|
heap
|
page read and write
|
||
|
AFE000
|
heap
|
page read and write
|
||
|
4CBE000
|
stack
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
1B819000
|
unkown
|
page readonly
|
||
|
1872E440000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
1B83B000
|
unkown
|
page readonly
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
5A21000
|
trusted library allocation
|
page read and write
|
||
|
4B7507E000
|
unkown
|
page readonly
|
||
|
504D000
|
stack
|
page read and write
|
||
|
3D3D000
|
unkown
|
page readonly
|
||
|
B11000
|
heap
|
page read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
4B74C7B000
|
stack
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B410000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B7477E000
|
unkown
|
page readonly
|
||
|
1B160000
|
unkown
|
page readonly
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
5A1F000
|
stack
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
1872E4FA000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
trusted library allocation
|
page read and write
|
||
|
1B15E000
|
stack
|
page read and write
|
||
|
1872E48D000
|
trusted library allocation
|
page read and write
|
||
|
4B7587E000
|
stack
|
page read and write
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
9C2000
|
heap
|
page read and write
|
||
|
7FFD9B710000
|
trusted library allocation
|
page execute and read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
3DC1000
|
unkown
|
page readonly
|
||
|
1B518000
|
heap
|
page read and write
|
||
|
1872E55A000
|
trusted library allocation
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
BFC000
|
stack
|
page read and write
|
||
|
1872E2C0000
|
heap
|
page read and write
|
||
|
1B782000
|
unkown
|
page readonly
|
||
|
4AD3000
|
heap
|
page read and write
|
||
|
3D97000
|
unkown
|
page readonly
|
||
|
4B7527E000
|
unkown
|
page readonly
|
||
|
18729B40000
|
trusted library allocation
|
page read and write
|
||
|
A3AE000
|
stack
|
page read and write
|
||
|
3D91000
|
unkown
|
page readonly
|
||
|
1B54A000
|
heap
|
page read and write
|
||
|
1AE527E000
|
unkown
|
page readonly
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7F9000
|
trusted library allocation
|
page read and write
|
||
|
1B492000
|
unkown
|
page readonly
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
275B000
|
trusted library allocation
|
page read and write
|
||
|
3A50000
|
trusted library allocation
|
page read and write
|
||
|
4B7557E000
|
unkown
|
page readonly
|
||
|
18728E8F000
|
heap
|
page read and write
|
||
|
41D5000
|
trusted library allocation
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
1872E200000
|
heap
|
page read and write
|
||
|
3DA8000
|
unkown
|
page readonly
|
||
|
7FFD9B64C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
18729713000
|
heap
|
page read and write
|
||
|
4B74B7E000
|
unkown
|
page readonly
|
||
|
1B730000
|
unkown
|
page readonly
|
||
|
1D2A2000
|
trusted library allocation
|
page read and write
|
||
|
3CB0000
|
trusted library allocation
|
page read and write
|
||
|
32B6000
|
heap
|
page read and write
|
||
|
1872E580000
|
trusted library allocation
|
page read and write
|
||
|
A08F000
|
stack
|
page read and write
|
||
|
3A2E000
|
trusted library allocation
|
page read and write
|
||
|
1872E2C7000
|
heap
|
page read and write
|
||
|
412E000
|
stack
|
page read and write
|
||
|
A5EE000
|
stack
|
page read and write
|
||
|
3E52000
|
unkown
|
page readonly
|
||
|
E38000
|
stack
|
page read and write
|
||
|
1872E28D000
|
heap
|
page read and write
|
||
|
BA1000
|
heap
|
page read and write
|
||
|
1B757000
|
unkown
|
page readonly
|
||
|
7FFD9B566000
|
trusted library allocation
|
page read and write
|
||
|
1872E21F000
|
heap
|
page read and write
|
||
|
4B7467C000
|
stack
|
page read and write
|
||
|
6BC0000
|
trusted library allocation
|
page read and write
|
||
|
18728E7D000
|
heap
|
page read and write
|
||
|
1872E590000
|
trusted library allocation
|
page read and write
|
||
|
1872E534000
|
trusted library allocation
|
page read and write
|
||
|
1B725000
|
unkown
|
page readonly
|
||
|
16736022000
|
heap
|
page read and write
|
||
|
2691000
|
trusted library allocation
|
page read and write
|
||
|
3D27000
|
unkown
|
page readonly
|
||
|
B17000
|
heap
|
page read and write
|
||
|
4290000
|
trusted library allocation
|
page read and write
|
||
|
1B747000
|
unkown
|
page readonly
|
||
|
16736802000
|
trusted library allocation
|
page read and write
|
||
|
1872E502000
|
trusted library allocation
|
page read and write
|
||
|
75D000
|
unkown
|
page readonly
|
||
|
3AA1000
|
unkown
|
page readonly
|
||
|
40D5000
|
trusted library allocation
|
page read and write
|
||
|
422E000
|
stack
|
page read and write
|
||
|
66D000
|
stack
|
page read and write
|
||
|
1254000
|
heap
|
page read and write
|
||
|
5DD1000
|
trusted library allocation
|
page read and write
|
||
|
1257000
|
heap
|
page read and write
|
||
|
624C000
|
trusted library allocation
|
page read and write
|
||
|
4B67000
|
heap
|
page read and write
|
||
|
18728E40000
|
heap
|
page read and write
|
||
|
55B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1872E30A000
|
heap
|
page read and write
|
||
|
3D58000
|
unkown
|
page readonly
|
||
|
1872E4D1000
|
trusted library allocation
|
page read and write
|
||
|
1872E520000
|
trusted library allocation
|
page read and write
|
||
|
14DC000
|
trusted library allocation
|
page read and write
|
||
|
A54000
|
unkown
|
page read and write
|
||
|
18729700000
|
heap
|
page read and write
|
||
|
2697000
|
trusted library allocation
|
page read and write
|
||
|
5070000
|
trusted library allocation
|
page read and write
|
||
|
1872E5E0000
|
remote allocation
|
page read and write
|
||
|
142F000
|
stack
|
page read and write
|
||
|
18729615000
|
heap
|
page read and write
|
||
|
4B7597E000
|
unkown
|
page readonly
|
||
|
1872E458000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
C24000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
1B7CB000
|
unkown
|
page readonly
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
1B7F5000
|
unkown
|
page readonly
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
1872E2F0000
|
heap
|
page read and write
|
||
|
1AE478C000
|
stack
|
page read and write
|
||
|
3D41000
|
unkown
|
page readonly
|
||
|
1B7B2000
|
unkown
|
page readonly
|
||
|
1B1A0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7F0000
|
trusted library allocation
|
page read and write
|
||
|
436C000
|
trusted library allocation
|
page read and write
|
||
|
26D3000
|
heap
|
page execute and read and write
|
||
|
1B7AC000
|
unkown
|
page readonly
|
||
|
766000
|
unkown
|
page readonly
|
||
|
12AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B0A000
|
heap
|
page read and write
|
||
|
1B7CD000
|
unkown
|
page readonly
|
||
|
4055000
|
trusted library allocation
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1B650000
|
heap
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
trusted library allocation
|
page read and write
|
||
|
1D280000
|
trusted library allocation
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
106D000
|
trusted library allocation
|
page execute and read and write
|
||
|
426E000
|
stack
|
page read and write
|
||
|
1680000
|
heap
|
page execute and read and write
|
||
|
3BF1000
|
trusted library allocation
|
page read and write
|
||
|
1872E531000
|
trusted library allocation
|
page read and write
|
||
|
1B5A9000
|
heap
|
page read and write
|
||
|
3DDC000
|
unkown
|
page readonly
|
||
|
4B74277000
|
stack
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
4B0E000
|
heap
|
page read and write
|
||
|
327A000
|
heap
|
page read and write
|
||
|
57DD000
|
stack
|
page read and write
|
||
|
4B7497E000
|
unkown
|
page readonly
|
||
|
1D680000
|
heap
|
page read and write
|
||
|
1872E5A0000
|
trusted library allocation
|
page read and write
|
||
|
3D95000
|
unkown
|
page readonly
|
||
|
187295E1000
|
trusted library allocation
|
page read and write
|
||
|
4B74E7E000
|
unkown
|
page readonly
|
||
|
1B4C7000
|
unkown
|
page readonly
|
||
|
4D70000
|
heap
|
page execute and read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
1872E5E0000
|
remote allocation
|
page read and write
|
||
|
1673602B000
|
heap
|
page read and write
|
||
|
12B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E1000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
1BC78000
|
stack
|
page read and write
|
||
|
1B6B0000
|
unkown
|
page readonly
|
||
|
174E000
|
trusted library allocation
|
page read and write
|
||
|
1B856000
|
unkown
|
page readonly
|
||
|
1087000
|
trusted library allocation
|
page execute and read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B30D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1872971B000
|
heap
|
page read and write
|
||
|
5430000
|
trusted library allocation
|
page execute and read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
3D77000
|
unkown
|
page readonly
|
||
|
130E000
|
heap
|
page read and write
|
||
|
107A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page read and write
|
||
|
16736200000
|
heap
|
page read and write
|
||
|
4373000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
unkown
|
page readonly
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
E8E000
|
stack
|
page read and write
|
||
|
3D88000
|
unkown
|
page readonly
|
||
|
1B2DF000
|
stack
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
18728C60000
|
heap
|
page read and write
|
||
|
5D4E000
|
trusted library allocation
|
page read and write
|
||
|
1836000
|
trusted library allocation
|
page read and write
|
||
|
8FE000
|
heap
|
page read and write
|
||
|
18729E50000
|
trusted library section
|
page readonly
|
||
|
3E3B000
|
unkown
|
page readonly
|
||
|
1B82A000
|
unkown
|
page readonly
|
||
|
C2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E0000
|
trusted library allocation
|
page read and write
|
||
|
4015000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4A0000
|
trusted library allocation
|
page read and write
|
||
|
1A32000
|
trusted library allocation
|
page read and write
|
||
|
1872971A000
|
heap
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B670000
|
trusted library allocation
|
page read and write
|
||
|
18B4000
|
trusted library allocation
|
page read and write
|
||
|
127D000
|
heap
|
page read and write
|
||
|
1C108000
|
heap
|
page read and write
|
||
|
5650000
|
trusted library section
|
page read and write
|
||
|
1B723000
|
unkown
|
page readonly
|
||
|
4B73CCB000
|
stack
|
page read and write
|
||
|
16736013000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page execute and read and write
|
||
|
57F2000
|
trusted library section
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
39E2000
|
unkown
|
page readonly
|
||
|
1470000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A80000
|
trusted library allocation
|
page read and write
|
||
|
14D0000
|
trusted library allocation
|
page read and write
|
||
|
A34000
|
trusted library allocation
|
page read and write
|
||
|
3EAE000
|
stack
|
page read and write
|
||
|
319F000
|
trusted library allocation
|
page read and write
|
||
|
108B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1872E496000
|
trusted library allocation
|
page read and write
|
||
|
3CC0000
|
unkown
|
page readonly
|
||
|
1AE4E7E000
|
unkown
|
page readonly
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
4B74DFE000
|
stack
|
page read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18728E59000
|
heap
|
page read and write
|
||
|
18729702000
|
heap
|
page read and write
|
||
|
18728E5B000
|
heap
|
page read and write
|
||
|
E31000
|
unkown
|
page readonly
|
||
|
3E19000
|
unkown
|
page readonly
|
||
|
134D000
|
stack
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
18728EAE000
|
heap
|
page read and write
|
||
|
18728E00000
|
heap
|
page read and write
|
||
|
1872E22C000
|
heap
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
1872E590000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
D03000
|
trusted library allocation
|
page read and write
|
||
|
2752000
|
unkown
|
page readonly
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B714000
|
unkown
|
page readonly
|
||
|
4B753FE000
|
stack
|
page read and write
|
||
|
1691000
|
trusted library allocation
|
page read and write
|
||
|
1872E24D000
|
heap
|
page read and write
|
||
|
1872E430000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
trusted library allocation
|
page execute and read and write
|
||
|
5370000
|
trusted library section
|
page read and write
|
||
|
16736040000
|
heap
|
page read and write
|
||
|
18729891000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
1B564000
|
heap
|
page read and write
|
||
|
3D52000
|
unkown
|
page readonly
|
||
|
18729D40000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
7FFD9B3AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B7577E000
|
unkown
|
page readonly
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
1076000
|
trusted library allocation
|
page execute and read and write
|
||
|
39F0000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
1872E4E3000
|
trusted library allocation
|
page read and write
|
||
|
3DC7000
|
unkown
|
page readonly
|
||
|
1B1D0000
|
heap
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library allocation
|
page read and write
|
||
|
1B7AE000
|
unkown
|
page readonly
|
||
|
7226000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B680000
|
trusted library allocation
|
page read and write
|
||
|
B21000
|
heap
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
3D66000
|
unkown
|
page readonly
|
||
|
4B7457E000
|
unkown
|
page readonly
|
||
|
18728D90000
|
trusted library allocation
|
page read and write
|
||
|
1B57B000
|
heap
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
1C0E5000
|
heap
|
page read and write
|
||
|
623B000
|
trusted library allocation
|
page read and write
|
||
|
3D2D000
|
unkown
|
page readonly
|
||
|
1B74B000
|
unkown
|
page readonly
|
||
|
1BE76000
|
stack
|
page read and write
|
||
|
3E4E000
|
unkown
|
page readonly
|
||
|
105E000
|
stack
|
page read and write
|
||
|
7FFD9B3A0000
|
trusted library allocation
|
page read and write
|
||
|
18728E2B000
|
heap
|
page read and write
|
||
|
1872E4E0000
|
trusted library allocation
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
4F4D000
|
stack
|
page read and write
|
||
|
3BBB000
|
trusted library allocation
|
page read and write
|
||
|
1B588000
|
heap
|
page read and write
|
||
|
1064000
|
trusted library allocation
|
page read and write
|
||
|
CCE000
|
stack
|
page read and write
|
||
|
12CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
3DBD000
|
unkown
|
page readonly
|
||
|
1872E570000
|
trusted library allocation
|
page read and write
|
||
|
1AE4F7E000
|
stack
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
1872E53C000
|
trusted library allocation
|
page read and write
|
||
|
3D54000
|
unkown
|
page readonly
|
||
|
4A90000
|
trusted library allocation
|
page read and write
|
||
|
5D6B000
|
trusted library allocation
|
page read and write
|
||
|
1B777000
|
unkown
|
page readonly
|
||
|
751000
|
unkown
|
page execute read
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
85A1000
|
trusted library allocation
|
page read and write
|
||
|
530B000
|
stack
|
page read and write
|
||
|
7FFD9B2F4000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
7FFD9B34C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
1B841000
|
unkown
|
page readonly
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
7FFD9B7B9000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
trusted library section
|
page read and write
|
||
|
4270000
|
trusted library allocation
|
page read and write
|
||
|
32F7000
|
heap
|
page read and write
|
||
|
1872E302000
|
heap
|
page read and write
|
||
|
A72C000
|
stack
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page read and write
|
||
|
A85000
|
heap
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
3DB9000
|
unkown
|
page readonly
|
||
|
7FB40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
9E6E000
|
stack
|
page read and write
|
||
|
A36F000
|
stack
|
page read and write
|
||
|
1A36000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2F0000
|
trusted library allocation
|
page read and write
|
||
|
1872E257000
|
heap
|
page read and write
|
||
|
1B7B6000
|
unkown
|
page readonly
|
||
|
540000
|
unkown
|
page readonly
|
||
|
18D6000
|
trusted library allocation
|
page read and write
|
||
|
A4AE000
|
stack
|
page read and write
|
||
|
4376000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
4380000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0A0000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
D15000
|
heap
|
page read and write
|
||
|
A54000
|
unkown
|
page write copy
|
||
|
1B701000
|
unkown
|
page readonly
|
||
|
7FFD9B506000
|
trusted library allocation
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
5EBB000
|
trusted library allocation
|
page read and write
|
||
|
18729E60000
|
trusted library section
|
page readonly
|
||
|
16736000000
|
heap
|
page read and write
|
||
|
1B500000
|
heap
|
page read and write
|
||
|
5DD5000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
trusted library allocation
|
page read and write
|
||
|
B88000
|
stack
|
page read and write
|
||
|
3C70000
|
unkown
|
page readonly
|
||
|
1872E2E6000
|
heap
|
page read and write
|
||
|
1B460000
|
trusted library section
|
page readonly
|
||
|
5426000
|
trusted library allocation
|
page read and write
|
||
|
569A000
|
stack
|
page read and write
|
||
|
1B1D3000
|
heap
|
page read and write
|
||
|
7FFD9B6A0000
|
trusted library allocation
|
page read and write
|
||
|
7FB58000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page execute and read and write
|
||
|
4BEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
18728D60000
|
heap
|
page read and write
|
||
|
39D0000
|
unkown
|
page readonly
|
||
|
5460000
|
heap
|
page read and write
|
||
|
1B470000
|
unkown
|
page readonly
|
||
|
5D0000
|
unkown
|
page readonly
|
||
|
2700000
|
trusted library section
|
page read and write
|
||
|
1872E547000
|
trusted library allocation
|
page read and write
|
||
|
4DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A94000
|
trusted library allocation
|
page read and write
|
||
|
9DDE000
|
stack
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page read and write
|
||
|
3E4C000
|
unkown
|
page readonly
|
||
|
1B741000
|
unkown
|
page readonly
|
||
|
1B57F000
|
heap
|
page read and write
|
||
|
1B4E9000
|
unkown
|
page readonly
|
||
|
7FFD9B64A000
|
trusted library allocation
|
page read and write
|
||
|
1872E448000
|
trusted library allocation
|
page read and write
|
||
|
4B7617E000
|
unkown
|
page readonly
|
||
|
A6EF000
|
stack
|
page read and write
|
||
|
3BB0000
|
trusted library allocation
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
A33000
|
trusted library allocation
|
page execute and read and write
|
||
|
93C000
|
heap
|
page read and write
|
||
|
1872E4AF000
|
trusted library allocation
|
page read and write
|
||
|
4A93000
|
trusted library allocation
|
page execute and read and write
|
||
|
18728F02000
|
heap
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page read and write
|
||
|
1AE557E000
|
stack
|
page read and write
|
||
|
56DE000
|
stack
|
page read and write
|
||
|
1247000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
3BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C10000
|
trusted library allocation
|
page read and write
|
||
|
4410000
|
trusted library allocation
|
page read and write
|
||
|
1B7F7000
|
unkown
|
page readonly
|
||
|
3A45000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
1C090000
|
heap
|
page read and write
|
||
|
1B703000
|
unkown
|
page readonly
|
||
|
4A9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FF5000
|
trusted library allocation
|
page read and write
|
||
|
4B7487A000
|
stack
|
page read and write
|
||
|
3AB2000
|
unkown
|
page readonly
|
||
|
1872E510000
|
trusted library allocation
|
page read and write
|
||
|
4B74A7B000
|
stack
|
page read and write
|
||
|
7FFD9B640000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library section
|
page read and write
|
||
|
4B7447E000
|
stack
|
page read and write
|
||
|
2BB2000
|
trusted library allocation
|
page read and write
|
||
|
A56000
|
unkown
|
page readonly
|
||
|
1872E510000
|
trusted library allocation
|
page read and write
|
||
|
4DD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
1C0B1000
|
heap
|
page read and write
|
||
|
1872A1C0000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3A6000
|
trusted library allocation
|
page read and write
|
||
|
B1D000
|
heap
|
page read and write
|
||
|
4E0B000
|
stack
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
542000
|
unkown
|
page readonly
|
||
|
3A16000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7F3000
|
unkown
|
page readonly
|
||
|
4AD0000
|
heap
|
page read and write
|
||
|
1B83D000
|
unkown
|
page readonly
|
||
|
7FFD9B690000
|
trusted library allocation
|
page read and write
|
||
|
42A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
1B71C000
|
unkown
|
page readonly
|
||
|
1B7CF000
|
unkown
|
page readonly
|
||
|
3DE0000
|
unkown
|
page readonly
|
||
|
1B7E2000
|
unkown
|
page readonly
|
||
|
12B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B314000
|
trusted library allocation
|
page read and write
|
||
|
86D000
|
stack
|
page read and write
|
||
|
1B845000
|
unkown
|
page readonly
|
||
|
92A000
|
heap
|
page read and write
|
||
|
4B752FE000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
4C30000
|
heap
|
page execute and read and write
|
||
|
1872E470000
|
trusted library allocation
|
page read and write
|
||
|
4BE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BC000
|
heap
|
page read and write
|
||
|
1B71A000
|
unkown
|
page readonly
|
||
|
1893000
|
trusted library allocation
|
page read and write
|
||
|
4B7537E000
|
unkown
|
page readonly
|
||
|
5ECC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B31B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7224000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
43CD000
|
stack
|
page read and write
|
||
|
3A12000
|
trusted library allocation
|
page read and write
|
||
|
3A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7C0000
|
trusted library allocation
|
page read and write
|
||
|
1872E480000
|
trusted library allocation
|
page read and write
|
||
|
4B7547E000
|
unkown
|
page readonly
|
||
|
3C10000
|
trusted library allocation
|
page read and write
|
||
|
4B75A7B000
|
stack
|
page read and write
|
||
|
3E04000
|
unkown
|
page readonly
|
||
|
9E80000
|
heap
|
page read and write
|
||
|
706000
|
heap
|
page read and write
|
||
|
3BD0000
|
trusted library allocation
|
page read and write
|
||
|
1B784000
|
unkown
|
page readonly
|
||
|
3BE7000
|
trusted library allocation
|
page read and write
|
||
|
12C2000
|
trusted library allocation
|
page read and write
|
||
|
3DBB000
|
unkown
|
page readonly
|
||
|
1872E2FB000
|
heap
|
page read and write
|
||
|
18BE000
|
trusted library allocation
|
page read and write
|
||
|
3D56000
|
unkown
|
page readonly
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
764000
|
unkown
|
page read and write
|
||
|
1B780000
|
unkown
|
page readonly
|
||
|
1A22000
|
trusted library allocation
|
page read and write
|
||
|
3DF1000
|
unkown
|
page readonly
|
||
|
1B7B4000
|
unkown
|
page readonly
|
||
|
7FFD9B660000
|
trusted library allocation
|
page read and write
|
||
|
3A59000
|
trusted library allocation
|
page read and write
|
||
|
4B75679000
|
stack
|
page read and write
|
||
|
1B749000
|
unkown
|
page readonly
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7D0000
|
trusted library allocation
|
page read and write
|
||
|
3DC9000
|
unkown
|
page readonly
|
||
|
4C10000
|
heap
|
page readonly
|
||
|
12E9000
|
heap
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
3D25000
|
unkown
|
page readonly
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B64E000
|
trusted library allocation
|
page read and write
|
||
|
12C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
5580000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
4F0B000
|
stack
|
page read and write
|
||
|
4B7437E000
|
unkown
|
page readonly
|
||
|
4B74EFE000
|
stack
|
page read and write
|
||
|
12C9000
|
heap
|
page read and write
|
||
|
1B7B0000
|
unkown
|
page readonly
|
||
|
18729E70000
|
trusted library section
|
page readonly
|
||
|
132E000
|
stack
|
page read and write
|
||
|
5EBE000
|
trusted library allocation
|
page read and write
|
||
|
3DC5000
|
unkown
|
page readonly
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
AFB000
|
heap
|
page read and write
|
||
|
18E4000
|
trusted library allocation
|
page read and write
|
||
|
1B450000
|
trusted library allocation
|
page read and write
|
||
|
4B74FFE000
|
stack
|
page read and write
|
There are 823 hidden memdumps, click here to show them.