Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
AvigilonControlCenterPlayerStandAlone-6.10.0.24.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Telerik.Windows.Controls.DataVisualization.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\AnalyticsProtobuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\ClientEntry.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnClient.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnClientProtoBuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnStor.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnStorProtoBuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnSys.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\CmnSysProtoBuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Dev.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\DevProtoBuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Eagle.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\EagleClr.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\EagleCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\EagleProtobuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\ExportWriters.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GEISDK.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrApp.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrAppCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrAudit.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrAuditCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrBase.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrBookmarks.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrDirectory.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrForms.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrFormsCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrImagePanel.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrImagePanelCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrMaps.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrMapsCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrResources.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrSearch.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrSearchCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrSetup.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrSetupCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrSystemTree.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrTimelineCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrViewWindow.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrViewWindowCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\GuiClrWpfBase.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\IMV1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\If.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\IfSoap.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Io.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaCodec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaCore.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaExecutor.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaPipeline.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaProcessor.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaProtobuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaRendererAudio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaRendererHardware.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaRendererSoftware.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\MediaRendererWpf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\NetClr.dll
|
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\NetCore.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\NetCs.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\NetProtoBuf.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SSPI.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Converters.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Css.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Dom.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Model.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Rendering.Gdi.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Rendering.Wpf.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SharpVectors.Runtime.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\SoapCommon.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Telerik.Windows.Controls.Data.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Telerik.Windows.Controls.Input.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Telerik.Windows.Controls.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\Telerik.Windows.Data.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\VmsPlayerApp.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\avcodec-57.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\avfilter-6.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\avformat-57.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\avutil-55.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_chrono-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_date_time-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_filesystem-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_iostreams-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_log-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_log_setup-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_random-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_serialization-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_system-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_thread-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\boost_zlib-vc120-mt-1_62.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\c.fxo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\cert\ca\avgcacert1.pem
|
PEM certificate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\cert\firmware-ca.crl.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\cert\firmware-ca.crt.pem
|
PEM certificate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\d.fxo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\d3dx9_34.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\e.fxo
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\fisheyesw.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\freetype-6.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Common\InvestigateEvents.htm
|
HTML document, UTF-8 Unicode text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Common\for_more_information.htm
|
HTML document, UTF-8 Unicode text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Common\third-party_licenses.docx
|
Microsoft Word 2007+
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\ACC_Menu.png
|
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\ASGraph.png
|
PNG image data, 639 x 90, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\ASGraph_500x70.png
|
PNG image data, 500 x 70, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Bookmark.png
|
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Bookmark_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Delete.png
|
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Delete_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Export.png
|
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Action_Export_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_BookmarkAllStars.png
|
PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_ExportAllStars.png
|
PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Play.png
|
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Play_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Search_After.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Search_Previous.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Star_Orange.png
|
PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Star_Selection.png
|
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Star_Selection_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Star_White.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Zoom.png
|
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_Zoom_24x24.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AS_settings.png
|
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\AccessControl.png
|
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Bookmark.png
|
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Camera.png
|
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Check.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Close.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Cluster.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\DoorSwipes.png
|
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Error.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Expand_icon.png
|
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Export.png
|
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\FastBack.png
|
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\FastForward.png
|
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\Go.png
|
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\add_icon.gif
|
GIF image data, version 89a, 15 x 15
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\cycle_views.png
|
PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\edit_icon.png
|
PNG image data, 20 x 15, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\file_settings.gif
|
GIF image data, version 89a, 15 x 16
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\folder-site.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\fullscreen.png
|
PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\image-panel_POS.gif
|
GIF image data, version 89a, 18 x 16
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\image-panel_grant.png
|
PNG image data, 21 x 19, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\image-panel_speaker.gif
|
GIF image data, version 89a, 20 x 20
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\jump_back.gif
|
GIF image data, version 89a, 14 x 14
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\0Graphics\ACC\jump_forward.gif
|
GIF image data, version 89a, 14 x 14
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\Content\Search.htm
|
HTML document, ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\HTML_ACC_PLAYER.mclog
|
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\csh.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\index.htm
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\index.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\index.mcwebhelp
|
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\help\player\ar\index_CSH.htm
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\icudt44.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\icudt44l_regexclient.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\icuin44.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\icuuc44.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libcrypto-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libgcc_s_sjlj-1.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libgfortran-3.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libopenblas.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libprotobuf-2.3.0.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libquadmath-0.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libssl-1_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\libxml2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\msvcp120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\msvcp80.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\msvcr80.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\openh264.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\opus.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\protobuf-net.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\pthreadVC2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\swresample-2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\swscale-4.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\vccorlib120.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\vrllite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\xerces-c_3_1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ckz_5KZN\zxcvbn.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
There are 170 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\AvigilonControlCenterPlayerStandAlone-6.10.0.24.exe
|
"C:\Users\user\Desktop\AvigilonControlCenterPlayerStandAlone-6.10.0.24.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://www.winimage.com/zLibDll6666666666666666jjjjjjjjjjjjjjjj
|
unknown
|
||
|
http://activate.avigilon.com./PublicLicenseInfo/site
|
unknown
|
||
|
http://schemas.telerik.com/2008/xaml/presentation
|
unknown
|
||
|
https://blue.avigilon.comY/GuiClrSetupCs;component/cloudsetupview.xaml%AudioSetupPageText
|
unknown
|
||
|
http://icu-project.org
|
unknown
|
||
|
http://activate.avigilon.com/activation/activate_autoshttp://activate.avigilon.com/deactivation/deac
|
unknown
|
||
|
http://activate.avigilon.comAGuiClr.Setup.LicensingDialogBaseCGuiClr.Setup.LicensingRequestDemom/Gui
|
unknown
|
||
|
https://blue.avigilon.com$Setup/MediaServer/
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
21B8C849000
|
heap
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
4CA000
|
unkown
|
page readonly
|
||
|
721000
|
trusted library allocation
|
page read and write
|
||
|
731000
|
trusted library allocation
|
page read and write
|
||
|
331247E000
|
stack
|
page read and write
|
||
|
29188678000
|
heap
|
page read and write
|
||
|
4CA000
|
unkown
|
page readonly
|
||
|
1B20FD74000
|
heap
|
page read and write
|
||
|
72A000
|
trusted library allocation
|
page read and write
|
||
|
21B8C5C0000
|
heap
|
page read and write
|
||
|
1B20FDA0000
|
heap
|
page read and write
|
||
|
17528661000
|
heap
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
726000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
175285D0000
|
heap
|
page read and write
|
||
|
29FA000
|
trusted library allocation
|
page read and write
|
||
|
20F810A0000
|
heap
|
page read and write
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD76000
|
heap
|
page read and write
|
||
|
25B6000
|
trusted library allocation
|
page read and write
|
||
|
29FE000
|
trusted library allocation
|
page read and write
|
||
|
291883E0000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page write copy
|
||
|
72C000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD80000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
283C8B90000
|
trusted library allocation
|
page read and write
|
||
|
29188700000
|
heap
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
72D000
|
trusted library allocation
|
page read and write
|
||
|
17528676000
|
heap
|
page read and write
|
||
|
890F9F8000
|
stack
|
page read and write
|
||
|
1B20F4F4000
|
heap
|
page read and write
|
||
|
20F81277000
|
heap
|
page read and write
|
||
|
20F81090000
|
heap
|
page read and write
|
||
|
2918868F000
|
heap
|
page read and write
|
||
|
1B20FD1C000
|
heap
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
21B8C822000
|
heap
|
page read and write
|
||
|
1B20FDDB000
|
heap
|
page read and write
|
||
|
1B20F4C6000
|
heap
|
page read and write
|
||
|
499000
|
unkown
|
page readonly
|
||
|
721000
|
trusted library allocation
|
page read and write
|
||
|
7DC000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
283C8BF0000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
81E000
|
trusted library allocation
|
page read and write
|
||
|
29FA000
|
trusted library allocation
|
page read and write
|
||
|
1B210200000
|
heap
|
page read and write
|
||
|
B10BFF9000
|
stack
|
page read and write
|
||
|
1B20FD12000
|
heap
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
20F81270000
|
heap
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
72A000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD80000
|
heap
|
page read and write
|
||
|
21B8D002000
|
trusted library allocation
|
page read and write
|
||
|
331227F000
|
stack
|
page read and write
|
||
|
E922E77000
|
stack
|
page read and write
|
||
|
811000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD8B000
|
heap
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
1B20FD9E000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
trusted library allocation
|
page read and write
|
||
|
1B20FDC1000
|
heap
|
page read and write
|
||
|
1752868A000
|
heap
|
page read and write
|
||
|
1B20FD8B000
|
heap
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
17528570000
|
heap
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
21B8C620000
|
heap
|
page read and write
|
||
|
1B20FD9E000
|
heap
|
page read and write
|
||
|
2A81000
|
trusted library allocation
|
page read and write
|
||
|
2918862E000
|
heap
|
page read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
2918865F000
|
heap
|
page read and write
|
||
|
1B20F4DE000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page readonly
|
||
|
1B210140000
|
remote allocation
|
page read and write
|
||
|
1B210220000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
721000
|
trusted library allocation
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
29188667000
|
heap
|
page read and write
|
||
|
1752868B000
|
heap
|
page read and write
|
||
|
1B20FDB9000
|
heap
|
page read and write
|
||
|
890F8F7000
|
stack
|
page read and write
|
||
|
1B20F4B0000
|
heap
|
page read and write
|
||
|
475000
|
unkown
|
page read and write
|
||
|
4EBD9AF000
|
stack
|
page read and write
|
||
|
76D000
|
trusted library allocation
|
page read and write
|
||
|
20F819A0000
|
trusted library allocation
|
page read and write
|
||
|
21B8C82A000
|
heap
|
page read and write
|
||
|
890FD7B000
|
stack
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
1B20FD9E000
|
heap
|
page read and write
|
||
|
1B20F230000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page write copy
|
||
|
723000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD4F000
|
heap
|
page read and write
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
E922F7F000
|
stack
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
29188708000
|
heap
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
283C7E20000
|
heap
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21B8C802000
|
heap
|
page read and write
|
||
|
B10BBDF000
|
stack
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
1B20FDAB000
|
heap
|
page read and write
|
||
|
283C7EA0000
|
heap
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
E922AFE000
|
stack
|
page read and write
|
||
|
1752868A000
|
heap
|
page read and write
|
||
|
890F6FE000
|
stack
|
page read and write
|
||
|
890FAFF000
|
stack
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
753000
|
trusted library allocation
|
page read and write
|
||
|
77D000
|
trusted library allocation
|
page read and write
|
||
|
29188713000
|
heap
|
page read and write
|
||
|
283C7E90000
|
heap
|
page read and write
|
||
|
729000
|
trusted library allocation
|
page read and write
|
||
|
72C000
|
trusted library allocation
|
page read and write
|
||
|
283C7DC0000
|
trusted library allocation
|
page read and write
|
||
|
3312177000
|
stack
|
page read and write
|
||
|
723000
|
trusted library allocation
|
page read and write
|
||
|
723000
|
trusted library allocation
|
page read and write
|
||
|
29188678000
|
heap
|
page read and write
|
||
|
21B8C800000
|
heap
|
page read and write
|
||
|
45E000
|
unkown
|
page write copy
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
283C8E40000
|
trusted library allocation
|
page read and write
|
||
|
472000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
20F81283000
|
heap
|
page read and write
|
||
|
1B20F489000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
22D7000
|
trusted library allocation
|
page read and write
|
||
|
29188550000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
2142000
|
trusted library allocation
|
page read and write
|
||
|
331237C000
|
stack
|
page read and write
|
||
|
890F67C000
|
stack
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
29FA000
|
trusted library allocation
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
2918867E000
|
heap
|
page read and write
|
||
|
722000
|
trusted library allocation
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
2918868D000
|
heap
|
page read and write
|
||
|
2918867C000
|
heap
|
page read and write
|
||
|
29FE000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD98000
|
heap
|
page read and write
|
||
|
21B8C926000
|
heap
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
B10BF7F000
|
stack
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
20F81308000
|
heap
|
page read and write
|
||
|
3311BFF000
|
stack
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
1B20F4A5000
|
heap
|
page read and write
|
||
|
727000
|
trusted library allocation
|
page read and write
|
||
|
72A000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
20F81213000
|
heap
|
page read and write
|
||
|
1B20FD98000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
20F81A02000
|
trusted library allocation
|
page read and write
|
||
|
29F7000
|
trusted library allocation
|
page read and write
|
||
|
3585FFC000
|
stack
|
page read and write
|
||
|
1B20F429000
|
heap
|
page read and write
|
||
|
3585EFE000
|
stack
|
page read and write
|
||
|
4FF000
|
unkown
|
page readonly
|
||
|
35860FB000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
29188450000
|
heap
|
page read and write
|
||
|
29188613000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD70000
|
heap
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
3311F7C000
|
stack
|
page read and write
|
||
|
2A66000
|
trusted library allocation
|
page read and write
|
||
|
46B000
|
unkown
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
3311B7B000
|
stack
|
page read and write
|
||
|
E922D7B000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2918865A000
|
heap
|
page read and write
|
||
|
3585B9C000
|
stack
|
page read and write
|
||
|
29188652000
|
heap
|
page read and write
|
||
|
1B20FD60000
|
heap
|
page read and write
|
||
|
1B20FD98000
|
heap
|
page read and write
|
||
|
729000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page read and write
|
||
|
1B20F502000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
29188689000
|
heap
|
page read and write
|
||
|
727000
|
trusted library allocation
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
46D000
|
unkown
|
page write copy
|
||
|
20F81259000
|
heap
|
page read and write
|
||
|
20F8122A000
|
heap
|
page read and write
|
||
|
21B8C871000
|
heap
|
page read and write
|
||
|
2AA2000
|
trusted library allocation
|
page read and write
|
||
|
2918865E000
|
heap
|
page read and write
|
||
|
283C8210000
|
heap
|
page read and write
|
||
|
1B20FD80000
|
heap
|
page read and write
|
||
|
52A000
|
heap
|
page read and write
|
||
|
1B210203000
|
heap
|
page read and write
|
||
|
20F81300000
|
heap
|
page read and write
|
||
|
1B20FD76000
|
heap
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
29F7000
|
trusted library allocation
|
page read and write
|
||
|
291883F0000
|
heap
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
25B6000
|
trusted library allocation
|
page read and write
|
||
|
499000
|
unkown
|
page readonly
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD98000
|
heap
|
page read and write
|
||
|
1B20F240000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
17528666000
|
heap
|
page read and write
|
||
|
890F7FA000
|
stack
|
page read and write
|
||
|
1B20F400000
|
heap
|
page read and write
|
||
|
29188600000
|
heap
|
page read and write
|
||
|
1B20FD8B000
|
heap
|
page read and write
|
||
|
477000
|
unkown
|
page readonly
|
||
|
20F81100000
|
heap
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page read and write
|
||
|
21B8C88C000
|
heap
|
page read and write
|
||
|
1B20FDC4000
|
heap
|
page read and write
|
||
|
4EBDDFE000
|
stack
|
page read and write
|
||
|
B10BE79000
|
stack
|
page read and write
|
||
|
283C8B80000
|
trusted library allocation
|
page read and write
|
||
|
283C8E60000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
283C8E50000
|
heap
|
page readonly
|
||
|
283C7ED7000
|
heap
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
1B20F513000
|
heap
|
page read and write
|
||
|
2918863C000
|
heap
|
page read and write
|
||
|
753000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD78000
|
heap
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
B10BEF9000
|
stack
|
page read and write
|
||
|
175285F0000
|
heap
|
page read and write
|
||
|
722000
|
trusted library allocation
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
2918865B000
|
heap
|
page read and write
|
||
|
214B000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
20F8123C000
|
heap
|
page read and write
|
||
|
726000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
1752867F000
|
heap
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
1B210252000
|
heap
|
page read and write
|
||
|
214F000
|
trusted library allocation
|
page read and write
|
||
|
21B8C84F000
|
heap
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
728000
|
trusted library allocation
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
7ED000
|
trusted library allocation
|
page read and write
|
||
|
29188629000
|
heap
|
page read and write
|
||
|
46E000
|
unkown
|
page write copy
|
||
|
283C7EDE000
|
heap
|
page read and write
|
||
|
283C7EDE000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
1B20FDAF000
|
heap
|
page read and write
|
||
|
2ABA000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
21B8C83C000
|
heap
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9A000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
2918865C000
|
heap
|
page read and write
|
||
|
29188702000
|
heap
|
page read and write
|
||
|
21B8C902000
|
heap
|
page read and write
|
||
|
4BD000
|
unkown
|
page readonly
|
||
|
1752868A000
|
heap
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
726000
|
trusted library allocation
|
page read and write
|
||
|
488000
|
unkown
|
page readonly
|
||
|
4EBD92A000
|
stack
|
page read and write
|
||
|
20F8124F000
|
heap
|
page read and write
|
||
|
4EBDE7D000
|
stack
|
page read and write
|
||
|
B10BB5F000
|
stack
|
page read and write
|
||
|
723000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD85000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page readonly
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
4BD000
|
unkown
|
page readonly
|
||
|
1B20FDA0000
|
heap
|
page read and write
|
||
|
1B20FD83000
|
heap
|
page read and write
|
||
|
1B20FD7B000
|
heap
|
page read and write
|
||
|
20F81302000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
1B20F4E3000
|
heap
|
page read and write
|
||
|
283C7EDF000
|
heap
|
page read and write
|
||
|
890FF7F000
|
stack
|
page read and write
|
||
|
7B1000
|
trusted library allocation
|
page read and write
|
||
|
890F4FF000
|
stack
|
page read and write
|
||
|
E922A7C000
|
stack
|
page read and write
|
||
|
283C8EC0000
|
trusted library allocation
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
1B20FDA0000
|
heap
|
page read and write
|
||
|
1B20F43C000
|
heap
|
page read and write
|
||
|
488000
|
unkown
|
page readonly
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD78000
|
heap
|
page read and write
|
||
|
890FC78000
|
stack
|
page read and write
|
||
|
7B3000
|
trusted library allocation
|
page read and write
|
||
|
B10BADB000
|
stack
|
page read and write
|
||
|
3311E7F000
|
stack
|
page read and write
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
45D000
|
unkown
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
1B20F4BF000
|
heap
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
25B6000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
890F57E000
|
stack
|
page read and write
|
||
|
1B20F4A6000
|
heap
|
page read and write
|
||
|
4FF000
|
unkown
|
page readonly
|
||
|
72C000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD9C000
|
heap
|
page read and write
|
||
|
2A9C000
|
trusted library allocation
|
page read and write
|
||
|
21B8C908000
|
heap
|
page read and write
|
||
|
17528650000
|
heap
|
page read and write
|
||
|
7BD000
|
trusted library allocation
|
page read and write
|
||
|
29F5000
|
trusted library allocation
|
page read and write
|
||
|
7D5000
|
trusted library allocation
|
page read and write
|
||
|
29188E02000
|
trusted library allocation
|
page read and write
|
||
|
1B20F4E5000
|
heap
|
page read and write
|
||
|
B10C07D000
|
stack
|
page read and write
|
||
|
2AEC000
|
trusted library allocation
|
page read and write
|
||
|
20F8124C000
|
heap
|
page read and write
|
||
|
1B210140000
|
remote allocation
|
page read and write
|
||
|
48C000
|
unkown
|
page readonly
|
||
|
721000
|
trusted library allocation
|
page read and write
|
||
|
481000
|
unkown
|
page readonly
|
||
|
20F81313000
|
heap
|
page read and write
|
||
|
1B20FD92000
|
heap
|
page read and write
|
||
|
890FB7F000
|
stack
|
page read and write
|
||
|
890F47C000
|
stack
|
page read and write
|
||
|
283C8C00000
|
trusted library allocation
|
page read and write
|
||
|
890FE7A000
|
stack
|
page read and write
|
||
|
1B210140000
|
remote allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
35861F7000
|
stack
|
page read and write
|
||
|
35862FE000
|
stack
|
page read and write
|
||
|
E92307E000
|
stack
|
page read and write
|
||
|
20F81254000
|
heap
|
page read and write
|
||
|
2A91000
|
trusted library allocation
|
page read and write
|
||
|
77B000
|
trusted library allocation
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
283C7DB0000
|
heap
|
page read and write
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
726000
|
trusted library allocation
|
page read and write
|
||
|
727000
|
trusted library allocation
|
page read and write
|
||
|
29F3000
|
trusted library allocation
|
page read and write
|
||
|
283C8E70000
|
trusted library allocation
|
page read and write
|
||
|
2A69000
|
trusted library allocation
|
page read and write
|
||
|
4EBDCF9000
|
stack
|
page read and write
|
||
|
21B8C813000
|
heap
|
page read and write
|
||
|
283C8219000
|
heap
|
page read and write
|
||
|
283C8215000
|
heap
|
page read and write
|
||
|
283C7E40000
|
heap
|
page read and write
|
||
|
29FB000
|
trusted library allocation
|
page read and write
|
||
|
2918867C000
|
heap
|
page read and write
|
||
|
733000
|
trusted library allocation
|
page read and write
|
||
|
29188684000
|
heap
|
page read and write
|
||
|
3585E7F000
|
stack
|
page read and write
|
||
|
1B20FDA0000
|
heap
|
page read and write
|
||
|
1B20F413000
|
heap
|
page read and write
|
||
|
17528677000
|
heap
|
page read and write
|
||
|
236D000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
283C7E98000
|
heap
|
page read and write
|
||
|
20F81200000
|
heap
|
page read and write
|
||
|
725000
|
trusted library allocation
|
page read and write
|
||
|
2A53000
|
trusted library allocation
|
page read and write
|
||
|
72A000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
trusted library allocation
|
page read and write
|
||
|
21B8C855000
|
heap
|
page read and write
|
||
|
1752867F000
|
heap
|
page read and write
|
||
|
1B210202000
|
heap
|
page read and write
|
||
|
72C000
|
trusted library allocation
|
page read and write
|
||
|
72D000
|
trusted library allocation
|
page read and write
|
||
|
21B8C720000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
trusted library allocation
|
page read and write
|
||
|
29FF000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD82000
|
heap
|
page read and write
|
||
|
29188663000
|
heap
|
page read and write
|
||
|
29F6000
|
trusted library allocation
|
page read and write
|
||
|
1752867F000
|
heap
|
page read and write
|
||
|
721000
|
trusted library allocation
|
page read and write
|
||
|
1B20FDA0000
|
heap
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD81000
|
heap
|
page read and write
|
||
|
29F8000
|
trusted library allocation
|
page read and write
|
||
|
72A000
|
trusted library allocation
|
page read and write
|
||
|
477000
|
unkown
|
page readonly
|
||
|
29F9000
|
trusted library allocation
|
page read and write
|
||
|
72F000
|
trusted library allocation
|
page read and write
|
||
|
195000
|
stack
|
page read and write
|
||
|
283C8220000
|
trusted library allocation
|
page read and write
|
||
|
723000
|
trusted library allocation
|
page read and write
|
||
|
E922B7E000
|
stack
|
page read and write
|
||
|
E922C7C000
|
stack
|
page read and write
|
||
|
26B6000
|
trusted library allocation
|
page read and write
|
||
|
72C000
|
trusted library allocation
|
page read and write
|
||
|
21B8C900000
|
heap
|
page read and write
|
||
|
1B20FC02000
|
heap
|
page read and write
|
||
|
331207B000
|
stack
|
page read and write
|
||
|
727000
|
trusted library allocation
|
page read and write
|
||
|
726000
|
trusted library allocation
|
page read and write
|
||
|
7F4000
|
trusted library allocation
|
page read and write
|
||
|
21FE000
|
heap
|
page read and write
|
||
|
26B0000
|
trusted library allocation
|
page read and write
|
||
|
2A72000
|
trusted library allocation
|
page read and write
|
||
|
21B8C5B0000
|
heap
|
page read and write
|
||
|
1B20F2A0000
|
heap
|
page read and write
|
||
|
29FD000
|
trusted library allocation
|
page read and write
|
||
|
175288D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
21B8C87F000
|
heap
|
page read and write
|
||
|
4EBDC7F000
|
stack
|
page read and write
|
||
|
75A000
|
trusted library allocation
|
page read and write
|
||
|
46D000
|
unkown
|
page read and write
|
||
|
21B8C913000
|
heap
|
page read and write
|
||
|
1B20F4E7000
|
heap
|
page read and write
|
||
|
481000
|
unkown
|
page readonly
|
||
|
1B20FD00000
|
heap
|
page read and write
|
||
|
175288D5000
|
heap
|
page read and write
|
||
|
1B20FD70000
|
heap
|
page read and write
|
||
|
1B20F3A0000
|
trusted library allocation
|
page read and write
|
||
|
1B20FD98000
|
heap
|
page read and write
|
||
|
1B20F470000
|
heap
|
page read and write
|
||
|
7DF000
|
trusted library allocation
|
page read and write
|
||
|
35863FF000
|
stack
|
page read and write
|
||
|
4EBDD7F000
|
stack
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
There are 473 hidden memdumps, click here to show them.