IOCReport

loading gif

Files

File Path
Type
Category
Malicious
CUNA-uncashed check.pdf
PDF document, version 1.3
initial sample
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
Maple help database
modified
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
Maple help database
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-210804005158Z-195.bmp
PC bitmap, Windows 3.x format, 117 x -152 x 32
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3024000
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.7112
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt16.lst.7112
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
data
dropped
 clean
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store
data
dropped
 clean
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_storei
MS Windows COFF PA-RISC object file
modified
 clean
There are 46 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\CUNA-uncashed check.pdf'
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\CUNA-uncashed check.pdf'
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1720,6803796534539775004,11392875392024183128,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=16643864859160111475 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16643864859160111475 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1720,6803796534539775004,11392875392024183128,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=8013375785811497341 --mojo-platform-channel-handle=1744 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1720,6803796534539775004,11392875392024183128,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7474857484354196562 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7474857484354196562 --renderer-client-id=4 --mojo-platform-channel-handle=1840 --allow-no-sandbox-job /prefetch:1
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1720,6803796534539775004,11392875392024183128,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=14789584177783671881 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14789584177783671881 --renderer-client-id=5 --mojo-platform-channel-handle=1980 --allow-no-sandbox-job /prefetch:1
clean

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
192.168.2.3
unknown
unknown
clean

Registry

Path
Value
Malicious
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aFS
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDIText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tFileName
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tFileSource
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sFileAncestors
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDI
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDate
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
uFileSize
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
uPageCount
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aFS
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDIText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tFileName
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sFileAncestors
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDI
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDate
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDI
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDIText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aFS
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tfilename
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iTabCount
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iWinCount
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aDefaultRHPViewModeL
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bExpandRHPInViewer
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sfileKey
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
slastModifiedHeader
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
surlKey
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bGSTEnableWithIPM
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bPromptBeforeClosingMultipleTabs
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDI
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDIText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDisplayText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aFS
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
xID
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iTime
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iAVDocViewBottomSplitterPos
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iAVDocViewLeftSplitterPos
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bAVDocViewTabsShowing
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bShowingPageGaps
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bShowingPageGaps
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageRotation
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
xpageViewBead
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewLayoutMode
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewPageNum
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bpageViewStartThread
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewThreadIndex
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewX
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewY
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
dpageViewZoom
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewZoomType
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bbringToFront
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ioverViewMode
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ioverViewPos
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageRotation
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
xpageViewBead
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewLayoutMode
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewMaxVisPageNum
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewMinVisPageNum
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewPageNum
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bpageViewStartThread
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewThreadIndex
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewX
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewY
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
dpageViewZoom
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
ipageViewZoomType
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
xwindowFrame
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bwindowMaximized
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
sDI
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tDIText
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
aFS
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
tfilename
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bLastExitNormal
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bNormalExit
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
uLastAppLaunchTimeStamp
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iNumReaderLaunches
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iKillSwitchCheckDay
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
bNormalExit
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
iTabCount
 clean
There are 67 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
199D6960000
unkown
page readonly
 clean
21BA1757000
unkown
page read and write
 clean
21BA1753000
unkown
page read and write
 clean
7FF4EC0B2000
unkown
page readonly
 clean
172A6651000
unkown
page read and write
 clean
7FF4F8A29000
unkown
page readonly
 clean
231CD130000
heap private
page read and write
 clean
21BA0E00000
unkown
page read and write
 clean
7FF4F891C000
unkown
page readonly
 clean
1D971100000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
21BA0ED7000
unkown
page read and write
 clean
21BA1540000
unkown
page readonly
 clean
7FF580234000
unkown
page readonly
 clean
21BA177A000
unkown
page read and write
 clean
21BA17A9000
unkown
page read and write
 clean
7FF588131000
unkown
page readonly
 clean
7FF4EC189000
unkown
page readonly
 clean
273DBFF000
unkown
page read and write
 clean
7FF588317000
unkown
page readonly
 clean
7FF5801C6000
unkown
page readonly
 clean
1D971051000
unkown
page read and write
 clean
7FF4F89C7000
unkown
page readonly
 clean
21BA0EC1000
unkown
page read and write
 clean
7FF588348000
unkown
page readonly
 clean
21BA176E000
unkown
page read and write
 clean
21BA17C2000
unkown
page read and write
 clean
7FF4EBA30000
unkown
page readonly
 clean
172A6684000
unkown
page read and write
 clean
21BA1788000
unkown
page read and write
 clean
9E7DB7C000
unkown
page read and write
 clean
21BA1771000
unkown
page read and write
 clean
172A6650000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA175B000
unkown
page read and write
 clean
273DEFD000
unkown
page read and write
 clean
1D971102000
unkown
page read and write
 clean
21BA17A3000
unkown
page read and write
 clean
21BA1785000
unkown
page read and write
 clean
7FF5801B8000
unkown
page readonly
 clean
21BA175A000
unkown
page read and write
 clean
21BA1771000
unkown
page read and write
 clean
7FF4F8AA2000
unkown
page readonly
 clean
7FF587EB5000
unkown
page readonly
 clean
9E7D877000
unkown
page read and write
 clean
9E7DA7F000
unkown
page read and write
 clean
172A668E000
unkown
page read and write
 clean
B31B2F5000
unkown
page read and write
 clean
21BA177A000
unkown
page read and write
 clean
9E7D77A000
unkown
page read and write
 clean
21BA1755000
unkown
page read and write
 clean
21BA1765000
unkown
page read and write
 clean
7FF5882F7000
unkown
page readonly
 clean
21BA1763000
unkown
page read and write
 clean
7FF4EC13F000
unkown
page readonly
 clean
1D97104E000
unkown
page read and write
 clean
F270D7F000
unkown
page read and write
 clean
7FF4F8903000
unkown
page readonly
 clean
7FF5C2320000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
21BA0E3C000
unkown
page read and write
 clean
199D6A2A000
unkown
page read and write
 clean
B31B6FF000
unkown
page read and write
 clean
7FF5C2A4A000
unkown
page readonly
 clean
1D97104F000
unkown
page read and write
 clean
21BA1777000
unkown
page read and write
 clean
21BA0EA7000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
9E7D675000
unkown
page read and write
 clean
7FF4EC0EF000
unkown
page readonly
 clean
7FF4F89DF000
unkown
page readonly
 clean
172A664A000
unkown
page read and write
 clean
199D7202000
unkown
page read and write
 clean
21BA17A0000
unkown
page read and write
 clean
21BA0DC0000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF58015B000
unkown
page readonly
 clean
9E7D977000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
21BA1000000
unkown
page readonly
 clean
1D971660000
unkown
page readonly
 clean
7FF588356000
unkown
page readonly
 clean
172A6653000
unkown
page read and write
 clean
172A6800000
unkown
page readonly
 clean
1D971A00000
unkown
page readonly
 clean
7FF4EC10E000
unkown
page readonly
 clean
7FF587EA0000
unkown
page readonly
 clean
21BA1739000
unkown
page read and write
 clean
1D971113000
unkown
page read and write
 clean
7FF57FFF3000
unkown
page readonly
 clean
7FF580242000
unkown
page readonly
 clean
21BA0E4A000
unkown
page read and write
 clean
21BA0ED7000
unkown
page read and write
 clean
21BA1700000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
199D6B00000
unkown
page read and write
 clean
231CD1A0000
unkown
page read and write
 clean
231CD225000
unkown
page read and write
 clean
21BA0EA8000
unkown
page read and write
 clean
21BA171B000
unkown
page read and write
 clean
21BA17A2000
unkown
page read and write
 clean
21BA1C3C000
unkown
page read and write
 clean
21BA171B000
unkown
page read and write
 clean
21BA0E4B000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
7FF5800A3000
unkown
page readonly
 clean
7FF4F89AE000
unkown
page readonly
 clean
172A6700000
unkown
page read and write
 clean
21BA1798000
unkown
page read and write
 clean
7FF588324000
unkown
page readonly
 clean
8A8C8FF000
unkown
page read and write
 clean
7FF58014E000
unkown
page readonly
 clean
9E7D57E000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
7FF5882DA000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF4EB967000
unkown
page readonly
 clean
172A6490000
heap private
page read and write
 clean
B31AF1E000
unkown
page read and write
 clean
21BA1753000
unkown
page read and write
 clean
21BA1764000
unkown
page read and write
 clean
231CD216000
heap default
page read and write
 clean
231CD22F000
unkown
page read and write
 clean
21BA1775000
unkown
page read and write
 clean
7FF4EBF61000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF5C2A6E000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
7FF4F8A26000
unkown
page readonly
 clean
172A6600000
unkown
page read and write
 clean
21BA1725000
unkown
page read and write
 clean
21BA0EA0000
unkown
page read and write
 clean
21BA15D0000
unkown
page read and write
 clean
7FF58017F000
unkown
page readonly
 clean
7FF5C2A54000
unkown
page readonly
 clean
21BA0DD0000
unkown
page readonly
 clean
7FF4EC1F4000
unkown
page readonly
 clean
172A663C000
unkown
page read and write
 clean
7FF57FD16000
unkown
page readonly
 clean
21BA1763000
unkown
page read and write
 clean
172A6690000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
8A8C6F7000
unkown
page read and write
 clean
21BA0E86000
unkown
page read and write
 clean
7FF4F89F4000
unkown
page readonly
 clean
7FF57F9AD000
unkown
page readonly
 clean
7FF58009D000
unkown
page readonly
 clean
231CD200000
heap default
page read and write
 clean
7FF4EC0DF000
unkown
page readonly
 clean
21BA1C02000
unkown
page read and write
 clean
7FF4EBFF1000
unkown
page readonly
 clean
7FF5800BC000
unkown
page readonly
 clean
21BA1763000
unkown
page read and write
 clean
7FF4EC018000
unkown
page readonly
 clean
21BA15C0000
unkown
page readonly
 clean
21BA175F000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
21BA0E71000
unkown
page read and write
 clean
21BA0E8D000
unkown
page read and write
 clean
21BA1712000
unkown
page read and write
 clean
21BA15E0000
unkown
page read and write
 clean
199D6B08000
unkown
page read and write
 clean
7FF4F89B0000
unkown
page readonly
 clean
7FF4EC0FC000
unkown
page readonly
 clean
21BA0E49000
unkown
page read and write
 clean
7FF4EB96D000
unkown
page readonly
 clean
21BA0EB2000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
21BA1788000
unkown
page read and write
 clean
7FF57FDCA000
unkown
page readonly
 clean
7FF4EBE90000
unkown
page readonly
 clean
231CD180000
unkown
page read and write
 clean
7FF4EBCD6000
unkown
page readonly
 clean
21BA174E000
unkown
page read and write
 clean
7FF4F88FD000
unkown
page readonly
 clean
7FF5C2A68000
unkown
page readonly
 clean
7FF5882E5000
unkown
page readonly
 clean
B31B4F7000
unkown
page read and write
 clean
7FF4F8A18000
unkown
page readonly
 clean
7FF4EC074000
unkown
page readonly
 clean
172A6713000
unkown
page read and write
 clean
21BA175A000
unkown
page read and write
 clean
9E7D4FE000
unkown
page read and write
 clean
273DDF7000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
21BA1765000
unkown
page read and write
 clean
7FF5883D2000
unkown
page readonly
 clean
21BA1769000
unkown
page read and write
 clean
7FF4F8A1E000
unkown
page readonly
 clean
1D970E60000
heap default
page read and write
 clean
21BA17AA000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
7FF5883CA000
unkown
page readonly
 clean
7FF5C2A0B000
unkown
page readonly
 clean
7FF4EC202000
unkown
page readonly
 clean
1D971086000
unkown
page read and write
 clean
21BA175D000
unkown
page read and write
 clean
21BA15D0000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
231CD1E0000
unkown
page readonly
 clean
7FF4F88AB000
unkown
page readonly
 clean
21BA0F08000
unkown
page read and write
 clean
7FF4F88AE000
unkown
page readonly
 clean
8A8C37D000
unkown
page read and write
 clean
172A6670000
unkown
page read and write
 clean
7FF4F8730000
unkown
page readonly
 clean
7FF58834E000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
B31B3FB000
unkown
page read and write
 clean
7FF5C2A5E000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
21BA175F000
unkown
page read and write
 clean
21BA1766000
unkown
page read and write
 clean
21BA0D50000
heap private
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
231CD1F0000
unkown
page readonly
 clean
172A664D000
unkown
page read and write
 clean
7FF4EC11B000
unkown
page readonly
 clean
21BA0ED0000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
231CD135000
heap private
page read and write
 clean
21BA0EEC000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1C9B000
unkown
page read and write
 clean
7FF4F8570000
unkown
page readonly
 clean
21BA1781000
unkown
page read and write
 clean
7FF58004B000
unkown
page readonly
 clean
7FF5800B4000
unkown
page readonly
 clean
199D6A13000
unkown
page read and write
 clean
199D6A70000
unkown
page read and write
 clean
21BA15B0000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
21BA0F13000
unkown
page read and write
 clean
7FF5C2AF2000
unkown
page readonly
 clean
F270C7F000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
7FF4EBC7E000
unkown
page readonly
 clean
21BA1C9B000
unkown
page read and write
 clean
7FF4EC201000
unkown
page readonly
 clean
8A8C475000
unkown
page read and write
 clean
21BA0E29000
unkown
page read and write
 clean
7FF4EC127000
unkown
page readonly
 clean
172A6702000
unkown
page read and write
 clean
21BA1756000
unkown
page read and write
 clean
273DFFF000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
1D971013000
unkown
page read and write
 clean
199D6B02000
unkown
page read and write
 clean
21BA1779000
unkown
page read and write
 clean
7FF4EBD27000
unkown
page readonly
 clean
1D97104C000
unkown
page read and write
 clean
7FF5801AF000
unkown
page readonly
 clean
21BA1761000
unkown
page read and write
 clean
8A8C5FE000
unkown
page read and write
 clean
172A664B000
unkown
page read and write
 clean
199D6A4C000
unkown
page read and write
 clean
199D6A51000
unkown
page read and write
 clean
273D76B000
unkown
page read and write
 clean
7FF4F8A0F000
unkown
page readonly
 clean
21BA0EBE000
unkown
page read and write
 clean
1D97104B000
unkown
page read and write
 clean
21BA1D02000
unkown
page read and write
 clean
231CD3D0000
unkown
page readonly
 clean
21BA175E000
unkown
page read and write
 clean
F27091F000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
7FF58013C000
unkown
page readonly
 clean
7FF4EC115000
unkown
page readonly
 clean
172A664E000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA0EF6000
unkown
page read and write
 clean
21BA17A3000
unkown
page read and write
 clean
7FF4EC063000
unkown
page readonly
 clean
172A7000000
unkown
page readonly
 clean
21BA0E4D000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1C02000
unkown
page read and write
 clean
21BA1795000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA172B000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
7FF588244000
unkown
page readonly
 clean
7FF4EBF46000
unkown
page readonly
 clean
21BA1761000
unkown
page read and write
 clean
7FF58822D000
unkown
page readonly
 clean
199D6A7B000
unkown
page read and write
 clean
7FF5C2A05000
unkown
page readonly
 clean
7FF4EC00B000
unkown
page readonly
 clean
21BA1752000
unkown
page read and write
 clean
231CD300000
unkown
page readonly
 clean
21BA1765000
unkown
page read and write
 clean
7FF4F8A04000
unkown
page readonly
 clean
21BA175D000
unkown
page read and write
 clean
F270CF9000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
199D6A00000
unkown
page read and write
 clean
7FF4EBC72000
unkown
page readonly
 clean
7FF4F899A000
unkown
page readonly
 clean
21BA175D000
unkown
page read and write
 clean
7FF58833F000
unkown
page readonly
 clean
199D6950000
unkown
page readonly
 clean
7FF5C2353000
unkown
page readonly
 clean
7FF4F8A2D000
unkown
page readonly
 clean
1D970F50000
unkown
page readonly
 clean
7FF58004E000
unkown
page readonly
 clean
273E0FF000
unkown
page read and write
 clean
21BA1795000
unkown
page read and write
 clean
7FF4F8801000
unkown
page readonly
 clean
21BA1736000
unkown
page read and write
 clean
231CD226000
unkown
page read and write
 clean
21BA173E000
unkown
page read and write
 clean
21BA1756000
unkown
page read and write
 clean
1D970F40000
unkown
page readonly
 clean
7FF5883D1000
unkown
page readonly
 clean
7FF57FD10000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
21BA177A000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
199D7400000
unkown
page readonly
 clean
7FF4EC164000
unkown
page readonly
 clean
7FF58019A000
unkown
page readonly
 clean
273DB75000
unkown
page read and write
 clean
7FF5C2A7D000
unkown
page readonly
 clean
F27089A000
unkown
page read and write
 clean
1D971802000
unkown
page read and write
 clean
7FF58824C000
unkown
page readonly
 clean
21BA1771000
unkown
page read and write
 clean
7FF4EBA67000
unkown
page readonly
 clean
7FF4EC15A000
unkown
page readonly
 clean
21BA1763000
unkown
page read and write
 clean
21BA1758000
unkown
page read and write
 clean
21BA15F0000
unkown
page readonly
 clean
7FF4F8A94000
unkown
page readonly
 clean
21BA0EE0000
unkown
page read and write
 clean
21BA177F000
unkown
page read and write
 clean
1D970E70000
unkown
page readonly
 clean
7FF4EC17E000
unkown
page readonly
 clean
7FF4EC16F000
unkown
page readonly
 clean
21BA1752000
unkown
page read and write
 clean
7FF4F89AA000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
172A6500000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF588233000
unkown
page readonly
 clean
21BA174E000
unkown
page read and write
 clean
199D6A56000
unkown
page read and write
 clean
21BA1746000
unkown
page read and write
 clean
7FF4EC0DB000
unkown
page readonly
 clean
21BA17AA000
unkown
page read and write
 clean
21BA17AA000
unkown
page read and write
 clean
7FF58830C000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
7FF58832A000
unkown
page readonly
 clean
7FF4F8914000
unkown
page readonly
 clean
21BA15D0000
unkown
page read and write
 clean
9E7DE7B000
unkown
page read and write
 clean
7FF5C2AEA000
unkown
page readonly
 clean
1D971070000
unkown
page read and write
 clean
172A6655000
unkown
page read and write
 clean
7FF5801C9000
unkown
page readonly
 clean
21BA17A6000
unkown
page read and write
 clean
172A6656000
unkown
page read and write
 clean
21BA172F000
unkown
page read and write
 clean
7FF5883C4000
unkown
page readonly
 clean
21BA1779000
unkown
page read and write
 clean
7FF5882CA000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
21BA1752000
unkown
page read and write
 clean
8A8C2FE000
unkown
page read and write
 clean
21BA1C02000
unkown
page read and write
 clean
21BA1781000
unkown
page read and write
 clean
7FF5C2A44000
unkown
page readonly
 clean
21BA1C3C000
unkown
page read and write
 clean
21BA1769000
unkown
page read and write
 clean
21BA1C54000
unkown
page read and write
 clean
7FF5881DB000
unkown
page readonly
 clean
7FF5C2A38000
unkown
page readonly
 clean
172A65E0000
unkown
page readonly
 clean
199D6B13000
unkown
page read and write
 clean
21BA17C7000
unkown
page read and write
 clean
7FF4EC013000
unkown
page readonly
 clean
7FF4EC178000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF5881C1000
unkown
page readonly
 clean
273DA7E000
unkown
page read and write
 clean
7FF58014A000
unkown
page readonly
 clean
7FF4EC110000
unkown
page readonly
 clean
273D7EE000
unkown
page read and write
 clean
21BA1C02000
unkown
page read and write
 clean
199D6CD0000
unkown
page readonly
 clean
7FF4EBA11000
unkown
page readonly
 clean
21BA1739000
unkown
page read and write
 clean
7FF58830F000
unkown
page readonly
 clean
199D6970000
unkown
page read and write
 clean
172A64F0000
heap default
page read and write
 clean
8A8C57B000
unkown
page read and write
 clean
199D6A02000
unkown
page read and write
 clean
7FF4F820D000
unkown
page readonly
 clean
7FF57FEC7000
unkown
page readonly
 clean
7FF57FD25000
unkown
page readonly
 clean
9E7DD78000
unkown
page read and write
 clean
7FF4F8891000
unkown
page readonly
 clean
21BA1756000
unkown
page read and write
 clean
21BA1800000
unkown
page readonly
 clean
7FF4F8727000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
7FF4EC05D000
unkown
page readonly
 clean
7FF4F89BB000
unkown
page readonly
 clean
21BA1756000
unkown
page read and write
 clean
21BA1756000
unkown
page read and write
 clean
21BA0F02000
unkown
page read and write
 clean
21BA174E000
unkown
page read and write
 clean
21BA177A000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
231CD22F000
unkown
page read and write
 clean
7FF4F8AA1000
unkown
page readonly
 clean
21BA1758000
unkown
page read and write
 clean
1D971108000
unkown
page read and write
 clean
1D97104A000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
21BA17A2000
unkown
page read and write
 clean
7FF5C2357000
unkown
page readonly
 clean
21BA15D0000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
7FF4EC07C000
unkown
page readonly
 clean
21BA1C02000
unkown
page read and write
 clean
7FF4EC13C000
unkown
page readonly
 clean
7FF5C2A00000
unkown
page readonly
 clean
21BA1771000
unkown
page read and write
 clean
7FF4F8585000
unkown
page readonly
 clean
7FF4EBFB3000
unkown
page readonly
 clean
21BA1560000
unkown
page write copy
 clean
7FF5801CD000
unkown
page readonly
 clean
7FF588057000
unkown
page readonly
 clean
1D971000000
unkown
page read and write
 clean
172A6649000
unkown
page read and write
 clean
7FF4F8207000
unkown
page readonly
 clean
9E7DBFE000
unkown
page read and write
 clean
21BA179E000
unkown
page read and write
 clean
7FF4EC186000
unkown
page readonly
 clean
21BA1755000
unkown
page read and write
 clean
8A8C7FF000
unkown
page read and write
 clean
7FF588334000
unkown
page readonly
 clean
21BA1755000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1736000
unkown
page read and write
 clean
21BA176F000
unkown
page read and write
 clean
7FF58023A000
unkown
page readonly
 clean
21BA1789000
unkown
page read and write
 clean
7FF4F89FA000
unkown
page readonly
 clean
21BA175F000
unkown
page read and write
 clean
F270DFC000
unkown
page read and write
 clean
231CD22F000
unkown
page read and write
 clean
7FF580187000
unkown
page readonly
 clean
7FF58013A000
unkown
page readonly
 clean
172A6613000
unkown
page read and write
 clean
21BA1E00000
unkown
page readonly
 clean
7FF4EBF10000
unkown
page readonly
 clean
7FF5882DE000
unkown
page readonly
 clean
172A65D0000
unkown
page readonly
 clean
7FF5C2A79000
unkown
page readonly
 clean
21BA0E83000
unkown
page read and write
 clean
21BA177D000
unkown
page read and write
 clean
1D971026000
unkown
page read and write
 clean
21BA1766000
unkown
page read and write
 clean
1D971049000
unkown
page read and write
 clean
7FF5882EB000
unkown
page readonly
 clean
21BA1C00000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
172A662A000
unkown
page read and write
 clean
7FF4EBECB000
unkown
page readonly
 clean
7FF4EC147000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
7FF4EC0FA000
unkown
page readonly
 clean
7FF4F89DC000
unkown
page readonly
 clean
9E7DC7F000
unkown
page read and write
 clean
21BA1796000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
21BA178A000
unkown
page read and write
 clean
7FF580194000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
21BA174F000
unkown
page read and write
 clean
7FF57FFA1000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
7FF588060000
unkown
page readonly
 clean
21BA10D0000
unkown
page readonly
 clean
7FF580031000
unkown
page readonly
 clean
7FF580167000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
7FF4EC10A000
unkown
page readonly
 clean
21BA1777000
unkown
page read and write
 clean
21BA0EAC000
unkown
page read and write
 clean
21BA1712000
unkown
page read and write
 clean
1D971200000
unkown
page readonly
 clean
B31B5FE000
unkown
page read and write
 clean
7FF5C2A2C000
unkown
page readonly
 clean
7FF4EBE87000
unkown
page readonly
 clean
7FF588183000
unkown
page readonly
 clean
7FF580155000
unkown
page readonly
 clean
21BA176C000
unkown
page read and write
 clean
21BA1775000
unkown
page read and write
 clean
7FF5C2AE4000
unkown
page readonly
 clean
21BA1755000
unkown
page read and write
 clean
21BA0E4F000
unkown
page read and write
 clean
21BA1759000
unkown
page read and write
 clean
7FF4EBC82000
unkown
page readonly
 clean
7FF5C2AF1000
unkown
page readonly
 clean
7FF4EBCE5000
unkown
page readonly
 clean
199D6A4E000
unkown
page read and write
 clean
7FF4EBD25000
unkown
page readonly
 clean
21BA1759000
unkown
page read and write
 clean
199D6A88000
unkown
page read and write
 clean
7FF4EBF44000
unkown
page readonly
 clean
7FF4EC154000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
21BA0DB0000
heap default
page read and write
 clean
1D970E00000
heap private
page read and write
 clean
7FF4F8576000
unkown
page readonly
 clean
21BA179B000
unkown
page read and write
 clean
7FF4F8A9A000
unkown
page readonly
 clean
8A8C27B000
unkown
page read and write
 clean
21BA0E4E000
unkown
page read and write
 clean
7FF4EBED6000
unkown
page readonly
 clean
7FF587B3D000
unkown
page readonly
 clean
21BA174A000
unkown
page read and write
 clean
199D6940000
heap default
page read and write
 clean
172A6708000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
21BA174F000
unkown
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
231CD211000
unkown
page read and write
 clean
21BA0DE0000
unkown
page read and write
 clean
7FF4F8853000
unkown
page readonly
 clean
7FF4EBA63000
unkown
page readonly
 clean
7FF5C2A2F000
unkown
page readonly
 clean
21BA173D000
unkown
page read and write
 clean
21BA1776000
unkown
page read and write
 clean
1D97103C000
unkown
page read and write
 clean
7FF58835D000
unkown
page readonly
 clean
21BA175D000
unkown
page read and write
 clean
7FF5881DE000
unkown
page readonly
 clean
21BA1736000
unkown
page read and write
 clean
7FF58017C000
unkown
page readonly
 clean
273DCFB000
unkown
page read and write
 clean
172A6CA0000
unkown
page readonly
 clean
7FF580241000
unkown
page readonly
 clean
B31AE9B000
unkown
page read and write
 clean
172A65F0000
unkown
page read and write
 clean
21BA1602000
unkown
page read and write
 clean
21BA1750000
unkown
page read and write
 clean
21BA17C2000
unkown
page read and write
 clean
7FF4F899C000
unkown
page readonly
 clean
9E7D47B000
unkown
page read and write
 clean
21BA1766000
unkown
page read and write
 clean
21BA1763000
unkown
page read and write
 clean
21BA176D000
unkown
page read and write
 clean
7FF587B37000
unkown
page readonly
 clean
7FF4F89B5000
unkown
page readonly
 clean
21BA178A000
unkown
page read and write
 clean
21BA1755000
unkown
page read and write
 clean
7FF4EC1FA000
unkown
page readonly
 clean
21BA1D00000
unkown
page read and write
 clean
21BA1767000
unkown
page read and write
 clean
21BA0EC5000
unkown
page read and write
 clean
B31AF9E000
unkown
page read and write
 clean
21BA0E13000
unkown
page read and write
 clean
7FF588359000
unkown
page readonly
 clean
231CD20B000
heap default
page read and write
 clean
21BA1754000
unkown
page read and write
 clean
7FF5801A4000
unkown
page readonly
 clean
7FF5801BE000
unkown
page readonly
 clean
7FF5882CC000
unkown
page readonly
 clean
21BA17A2000
unkown
page read and write
 clean
7FF4EBFBA000
unkown
page readonly
 clean
199D6C00000
unkown
page readonly
 clean
7FF5882E0000
unkown
page readonly
 clean
21BA1767000
unkown
page read and write
 clean
21BA1C02000
unkown
page read and write
 clean
21BA1776000
unkown
page read and write
 clean
7FF580150000
unkown
page readonly
 clean
7FF4EC00E000
unkown
page readonly
 clean
199D7740000
unkown
page readonly
 clean
7FF4EBBEE000
unkown
page readonly
 clean
21BA1754000
unkown
page read and write
 clean
199D6A3C000
unkown
page read and write
 clean
7FF4EC0B0000
unkown
page readonly
 clean
F27099F000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
7FF4EBF51000
unkown
page readonly
 clean
7FF4EC0E4000
unkown
page readonly
 clean
7FF4F89E7000
unkown
page readonly
 clean
21BA177D000
unkown
page read and write
 clean
7FF587EA6000
unkown
page readonly
 clean
172A6E02000
unkown
page read and write
 clean
21BA175E000
unkown
page read and write
 clean
7FF4EBCD0000
unkown
page readonly
 clean
21BA0E7D000
unkown
page read and write
 clean
1D970F60000
unkown
page read and write
 clean
21BA1755000
unkown
page read and write
 clean
199D68E0000
heap private
page read and write
 clean
There are 599 hidden memdumps, click here to show them.