Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\Defs\Rh\full.dat
|
data
|
dropped
|
 |
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Defs\full.def
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Albanian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Bulgarian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Simplified).lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Chinese (Traditional).lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Croatian.lng
|
OpenPGP Public Key
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Czech.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Danish.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Dutch.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\English.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Finnish.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\French.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\German.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Greek.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Hungarian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Indonesian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Italian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Japanese.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Korean.lng
|
OpenPGP Secret Key
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Lithuanian.lng
|
OpenPGP Public Key
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Norwegian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Polish.lng
|
OpenPGP Secret Key
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Brazil).lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Portuguese (Portugal).lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Romanian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Russian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Serbian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Slovene.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Spanish.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Swedish.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Turkish.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Languages\Ukrainian.lng
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\data\acpwl.dat
|
data
|
dropped
|
|
|
|
C:\sh5ldr\initrd.gz
|
gzip compressed data, was "newinitrd", last modified: Fri Feb 9 17:19:34 2018, from Unix, original size modulo 2^32 4180998130
|
dropped
|
|
|
|
C:\sh5ldr\vmlinuz
|
Linux kernel x86 boot executable bzImage, version 3.18.5ESGi (enigma@enigma-mindo-xdev) #3 SMP Wed Feb 4 13:13:25 EET 2015,
RO-rootFS, swap_dev 0X2, Normal VGA
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\data\CrCache.dat
|
data
|
dropped
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\Native.exe
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\data\acpdata.dat
|
data
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\license.txt
|
Unicode text, UTF-8 text, with very long lines (1644), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\purl.dat
|
data
|
dropped
|
||
|
C:\ProgramData\EnigmaSoft Limited\sh5_installer.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft\Uninstall.lnk
|
MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has Working directory, Has command line
arguments, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__0.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__1.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\esg_setup.log
|
data
|
modified
|
||
|
C:\sh5ldr\shldr
|
DOS executable (COM)
|
dropped
|
||
|
C:\sh5ldr\shldr.mbr
|
DOS/MBR boot sector
|
dropped
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\data\ScanHistory.dat-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\ProgramData\USOPrivate\UpdateStore\updatestore51b519d5-b6f5-4333-8df6-e74d7c9aead4.xml (copy)
|
XML 1.0 document, ASCII text, with very long lines (2494), with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOPrivate\UpdateStore\updatestoretemp51b519d5-b6f5-4333-8df6-e74d7c9aead4.xml
|
XML 1.0 document, ASCII text, with very long lines (2494), with no line terminators
|
modified
|
||
|
C:\Windows\Logs\waasmedic\waasmedic.20221130_081446_547.etl
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\System32\drivers\EnigmaFileMonDriver.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
There are 49 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
C:\Users\user\Desktop\file.exe
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
|
C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
|
|
|
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe create EsgShKernel start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe\""
DisplayName= "SpyHunter 5 Kernel"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe description EsgShKernel "SpyHunter 5 Kernel"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe create ShMonitor start= demand binPath= "\"C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe\""
DisplayName= "SpyHunter 5 Kernel Monitor"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe description ShMonitor "SpyHunter 5 Kernel Monitor"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe config ShMonitor start= auto
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe config EsgShKernel start= auto
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\System32\regsvr32.exe /s "C:\Program Files\EnigmaSoft\SpyHunter\ShShellExt.dll"
|
||
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__0.exe
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__0.exe -exec OpfXySN2sIJfRn7kaByo3fAgnhU5bFC+1YK5gktB214= -args MHLPvv2eVF5BDDAj57kaKhLlRzVl3TCPBu81sCtfDvA=
-wait 300
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__1.exe
|
C:\Users\user\AppData\Local\Temp\EsgInstallerDelay__1.exe -exec OpfXySN2sIJfRn7kaByo3fAgnhU5bFC+1YK5gktB214= -args hOGTiE/QHFPjrWqL1njGygtJtFEVLgswO/2BlkHQX4U=
-wait 300
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe start EsgShKernel -tt_on
|
||
|
C:\Windows\System32\sc.exe
|
C:\Windows\System32\sc.exe start ShMonitor
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
|
C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
|
"C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe" /hide
|
There are 23 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_finnish.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.8
|
unknown
|
||
|
http://git.kernel.org/.
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shshellext.dll.ecfDX/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shkernel.exe.ecfU
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_albanian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_initrd.gz.ecfH
|
unknown
|
||
|
https://purchase.enigmasoftware.com/purchase_spyhunter.php?sid=lav&dc=H2O75
|
unknown
|
||
|
https://tt.web.enigmasoftware.com/analytics_all/callback_functions/tt_callback.php?hwx=f74bebcde5492865145449b104425025&lng=EN&page_type=downloader&pid=1010&sid=lav&uid=0&user_agent=SH5%2C5%2E13%2E15%2E81%7CWindows%2C10%2E0%2E0%2E0%2E17134%2Cx64%7Clav%7Cf74bebcde5492865145449b104425025
|
34.240.252.91
|
||
|
https://tt.web.enigmasoftware.com/analytics_all/callback_functions/tt_callback.php10-100enigmasoftwa
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_bulgarian.lng.ecf0
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_indonesian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_greek.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/def/2022110703.def.ecf
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_norwegian.lng.ecf6
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_portuguese_(brazil).lng.ecf
|
89.187.165.194
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_french.lng.ecf
|
unknown
|
||
|
http://wwwigmasoftware.com
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_native.exe.ecfQ
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_japanese.lng.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_norwegian.lng.ecfj
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_korean.lng.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_slovene.lng.ecf
|
89.187.165.194
|
||
|
https://www.freebsd.org/copyright/license.html
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/def/latest_def.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_finnish.lng.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_native.exe.ecf
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer?F
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_portuguese_(portugal).lng.ecfy=
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_danish.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_slovene.lng.ecf
|
unknown
|
||
|
https://www.enigmasoftware.com/support/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_albanian.lng.ecf
|
89.187.165.194
|
||
|
ftp://ftp.fu-berlin.de/unix/NetBSD/NetBSD-release
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_italian.lng.ecf8
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_native.exe.ecf
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://api.enigmasoft.nethttps://www.enigmasoftware.comhttps://clicktoverify.truste.com/pvr.php?pag
|
unknown
|
||
|
https://tt.web.enigmasoftware.com/analytics_all/callback_functions/tt_callback.php?hwx=%HWID%&sid=%S
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shkernel.exe.ecf9v
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_croatian.lng.ecf
|
89.187.165.194
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_shshellext.dll.ecf
|
unknown
|
||
|
http://www.entrust.net/CRL/net1.crl0
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_native.exe.ecfx
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shkernel.exe.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_romanian.lng.ecf
|
89.187.165.194
|
||
|
http://metadata.ftp-master.debian.org/changelogs/main/libs/libselinux/libselinux_2.7-2_copyright.
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_spyhunter5.exe.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_hungarian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_lithuanian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_croatian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_turkish.lng.ecf
|
unknown
|
||
|
http://www.entrust.net/CRL/net1.crl?
|
unknown
|
||
|
http://ocsp.digicer
|
unknown
|
||
|
https://purchase.enigmasoftware.com
|
unknown
|
||
|
http://www.openssl.org/)
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/def/latest_def.ecf
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl00Z
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_norwegian.lng.ecf
|
unknown
|
||
|
https://myaccount.enigmasoftware.com/forgot-password/85000.0doc
|
unknown
|
||
|
http://cacerts.digice
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_spy
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/def.pro/2022080401.def.ecf
|
89.187.165.194
|
||
|
http://gcc.gnu.org/.
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_czech.lng.ecf
|
unknown
|
||
|
https://installer.enigmas
|
unknown
|
||
|
https://www.enigmasoftware.com/enigmasoft-discount-terms/.
|
unknown
|
||
|
https://www.enigmasoftware.com/program-uninstall-steps/.
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_romanian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_russian.lng.ecf
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_native.ex
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_french.lng.ecf
|
89.187.165.194
|
||
|
http://www.ubuntu.com/.
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_bulgarian.lng.ecfty;
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/filelist.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_romanian.lng.ecfP6v
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_spanish.lng.ecf
|
89.187.165.194
|
||
|
https://www.enigmasoftware.com/sh/license.txt.
|
unknown
|
||
|
https://www.gnu.org/licenses/lgpl-3.0.html.
|
unknown
|
||
|
https://www.qt.io/terms-conditions/
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_chinese_(traditional).lng.ecf
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_spyhunter5.exe.ecf
|
unknown
|
||
|
https://www.enigmasoftware.com/spyhunter-eula/.
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpdata.dat.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/
|
unknown
|
||
|
https://www.enigmasoftware.com/spyhunter-remover-details/#windows
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpdata.dat.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/def.pro/2022080401.def.ecfE1B
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_bulgarian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_hungarian.lng.ecf.htm
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_romanian.lng.ecfl
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shshellext.dll.ecfcpdaY
|
unknown
|
||
|
http://ocsp.di
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_hungarian.lng.ecf
|
89.187.165.194
|
||
|
https://www.enigmasoftware.com/enigmasoft-privacy-policy/;
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_ukrainian.lng.ecf
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_bulgarian.lng.ecf
|
89.187.165.194
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_italian.lng.ecf
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_shldr.mbr.ecf
|
89.187.165.194
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_spyhunter5.exe.ecf)
|
unknown
|
||
|
http://installer.enigmas
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/M
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x64_shmonitor.exe.ecfR
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpdata.dat.ecf6
|
unknown
|
||
|
https://installer.enigmasB
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_spyhunter5.exe.ecfD
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpdata.dat.ecf--
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/def.pro/2022080401.def.ecfG
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_initrd.gz.ecf.ecf
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_chinese_(traditional).lng.ecfDVD
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_portuguese_(brazil).lng.ecfQsTb
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_shldr.mbr.ecfecf7O
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://purchase.enigmasoftware.com/purchase_spyhunter.php?sid=lav&dc=H2O750x01xDa
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/latest.ecfH
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpwl.dat.ecf/msv0t8
|
unknown
|
||
|
http://www.bulla.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_portuguese_(portugal).lng.ecf29t
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_vmlinuz.ecf:
|
unknown
|
||
|
https://api.release.cyclonis.net/v1/download?app=cyclonis-backup&os=win
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_sloven
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?entry=
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
http://installer.enigmasoftware.com/log_collect.cfgH
|
unknown
|
||
|
http://svc-stats.linkury.com/StateStatisticsService.svc/V1/JSON/GetDistributorIdFromNameHttpGet?dist
|
unknown
|
||
|
https://www.enigmasoftware.com/spyhunter5-special-promotion-terms/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_croatian.lng.ecfiEp
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_swedish.lng.ecfg
|
unknown
|
||
|
http://installer.enigmasoftware.com/shos5/3.18.5/sh5_vmlinuz.ecffdiyHxtN/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_acpwl.dat.ecf1c6
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_x86_shmonitor.exe.ecfR
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/def.pro/2022080401.def.ecfp
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
http://installer.enigmasoftware.com/sh5/5.13.15.81/sh5_slovene.lng.ecfPAt
|
unknown
|
There are 133 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geo-ip.enigmasoft.net
|
108.156.60.13
|
||
|
esg-installer.b-cdn.net
|
89.187.165.194
|
||
|
www.google.com
|
172.217.168.68
|
||
|
tt.web.enigmasoftware.com
|
34.240.252.91
|
||
|
installer.enigmasoftware.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.168.68
|
www.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
108.156.60.13
|
geo-ip.enigmasoft.net
|
United States
|
||
|
34.240.252.91
|
tt.web.enigmasoftware.com
|
United States
|
||
|
89.187.165.194
|
esg-installer.b-cdn.net
|
Czech Republic
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
108.156.60.111
|
unknown
|
United States
|
||
|
8.8.8.8
|
unknown
|
United States
|
||
|
172.217.168.46
|
unknown
|
United States
|
||
|
108.156.60.5
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
LanguageType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
ITime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
GuardEnabled
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
CloudAnalysis
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
ICfg
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
AdFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
TMode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
SpyHunterScanOnStartUpOnce
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
DisplayIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
UninstallActions
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter5
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{D71FC887-4726-44C5-AAE3-A27DE8B8322F}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\FLAGS
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\0\win64
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{026941B7-ABD1-4F16-ADB7-E811B8BAC354}\1.0\HELPDIR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator\Scheduler
|
UsoCrmScan
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator
|
USODiagnostics
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
KrnConnId
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
KrnMutexName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
Hwid
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig\MiniWin
|
Paths
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
DefsDate
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EnigmaFileMonDriver\Instances
|
DefaultInstance
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EnigmaFileMonDriver\Instances\EnigmaFileMonDriver Instance
|
Altitude
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EnigmaFileMonDriver\Instances\EnigmaFileMonDriver Instance
|
Flags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
GuardActive
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\EnigmaSoft\SpyHunter\SpyHunterConfig
|
KrnState
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
22E86FF0000
|
trusted library allocation
|
page read and write
|
||
|
F18000
|
unkown
|
page readonly
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
3738000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
22E86F90000
|
heap
|
page readonly
|
||
|
45FC000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AEF000
|
unkown
|
page readonly
|
||
|
1B23EC1E000
|
heap
|
page read and write
|
||
|
7FF728040000
|
unkown
|
page read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
46BF000
|
trusted library allocation
|
page read and write
|
||
|
4649000
|
trusted library allocation
|
page read and write
|
||
|
376A000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
5E61000
|
trusted library allocation
|
page read and write
|
||
|
231EEED0000
|
heap
|
page read and write
|
||
|
63FD000
|
trusted library allocation
|
page read and write
|
||
|
231EEEA4000
|
heap
|
page read and write
|
||
|
37BF000
|
trusted library allocation
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
37C3000
|
trusted library allocation
|
page read and write
|
||
|
13C7000
|
heap
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
22E86C00000
|
heap
|
page read and write
|
||
|
3737000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
7FF72804F000
|
unkown
|
page readonly
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
377C000
|
trusted library allocation
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
3737000
|
trusted library allocation
|
page read and write
|
||
|
45D1000
|
trusted library allocation
|
page read and write
|
||
|
4693000
|
trusted library allocation
|
page read and write
|
||
|
464A000
|
trusted library allocation
|
page read and write
|
||
|
AE1000
|
unkown
|
page execute read
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
463B000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
372D000
|
trusted library allocation
|
page read and write
|
||
|
5B22000
|
trusted library allocation
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
45F5000
|
trusted library allocation
|
page read and write
|
||
|
36F8000
|
trusted library allocation
|
page read and write
|
||
|
464B000
|
trusted library allocation
|
page read and write
|
||
|
1FB6EF14000
|
heap
|
page read and write
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
22E86E00000
|
heap
|
page read and write
|
||
|
1032000
|
unkown
|
page readonly
|
||
|
7FF6B0AE0000
|
unkown
|
page write copy
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
22E86F40000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
unkown
|
page readonly
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
unkown
|
page readonly
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
6FB000
|
stack
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
5EAC000
|
trusted library allocation
|
page read and write
|
||
|
37BC000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AE0000
|
unkown
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
37C0000
|
trusted library allocation
|
page read and write
|
||
|
D04000
|
heap
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
22E86FA0000
|
trusted library allocation
|
page read and write
|
||
|
1FB6EA90000
|
heap
|
page read and write
|
||
|
231EEEB0000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
3743000
|
trusted library allocation
|
page read and write
|
||
|
AC8E92F000
|
stack
|
page read and write
|
||
|
63F1000
|
trusted library allocation
|
page read and write
|
||
|
D154FF000
|
stack
|
page read and write
|
||
|
3708000
|
trusted library allocation
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
13F2000
|
heap
|
page read and write
|
||
|
37BB000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
22E86C10000
|
trusted library allocation
|
page read and write
|
||
|
45F2000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AEA000
|
unkown
|
page readonly
|
||
|
803F7FF000
|
stack
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
379E000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
4654000
|
trusted library allocation
|
page read and write
|
||
|
7D2B000
|
trusted library allocation
|
page read and write
|
||
|
1B23EC10000
|
heap
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
45F9000
|
trusted library allocation
|
page read and write
|
||
|
45E1000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
16A4000
|
heap
|
page read and write
|
||
|
22E87AE0000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
3748000
|
trusted library allocation
|
page read and write
|
||
|
45F2000
|
trusted library allocation
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
45FA000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
37BE000
|
trusted library allocation
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
36D9000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
45D9000
|
trusted library allocation
|
page read and write
|
||
|
5BE5000
|
trusted library allocation
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
468F000
|
trusted library allocation
|
page read and write
|
||
|
22E86D60000
|
heap
|
page read and write
|
||
|
4687000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
7FF727FF1000
|
unkown
|
page execute read
|
||
|
1B23EEB4000
|
heap
|
page read and write
|
||
|
3725000
|
trusted library allocation
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
974000
|
stack
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
36EF000
|
trusted library allocation
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
1B23EA10000
|
heap
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
46AC000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
22E86FE9000
|
heap
|
page read and write
|
||
|
46A7000
|
trusted library allocation
|
page read and write
|
||
|
372D000
|
trusted library allocation
|
page read and write
|
||
|
D1547D000
|
stack
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
37A7000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
202CA130000
|
heap
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
803F77D000
|
stack
|
page read and write
|
||
|
6C69000
|
trusted library allocation
|
page read and write
|
||
|
45D4000
|
trusted library allocation
|
page read and write
|
||
|
370D000
|
trusted library allocation
|
page read and write
|
||
|
36DF000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
DE451FD000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
5F23000
|
trusted library allocation
|
page read and write
|
||
|
3704000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
27381C60000
|
heap
|
page read and write
|
||
|
17C9B1F000
|
stack
|
page read and write
|
||
|
25A65BB0000
|
heap
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
46CC000
|
trusted library allocation
|
page read and write
|
||
|
3763000
|
trusted library allocation
|
page read and write
|
||
|
22E86D40000
|
heap
|
page read and write
|
||
|
37C0000
|
trusted library allocation
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
4662000
|
trusted library allocation
|
page read and write
|
||
|
45D1000
|
trusted library allocation
|
page read and write
|
||
|
36D9000
|
trusted library allocation
|
page read and write
|
||
|
378C000
|
trusted library allocation
|
page read and write
|
||
|
3708000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
231EEE80000
|
heap
|
page read and write
|
||
|
4609000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
45F2000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
803FA7F000
|
stack
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
9A7000
|
heap
|
page read and write
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
46B5000
|
trusted library allocation
|
page read and write
|
||
|
3738000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0A91000
|
unkown
|
page execute read
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page read and write
|
||
|
4649000
|
trusted library allocation
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
5BED000
|
trusted library allocation
|
page read and write
|
||
|
202C9E80000
|
heap
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
||
|
27381EF4000
|
heap
|
page read and write
|
||
|
DA8000
|
heap
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
13CB000
|
heap
|
page read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page read and write
|
||
|
DCF000
|
heap
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
17C9A9D000
|
stack
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
22E86DA1000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
25A65DF0000
|
heap
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
3765000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
978000
|
stack
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
DC9000
|
heap
|
page read and write
|
||
|
6EF3000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
1079000
|
heap
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
22E86DD6000
|
heap
|
page read and write
|
||
|
DA6000
|
heap
|
page read and write
|
||
|
DE454FF000
|
stack
|
page read and write
|
||
|
231EEEDB000
|
heap
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
1004000
|
unkown
|
page write copy
|
||
|
464B000
|
trusted library allocation
|
page read and write
|
||
|
7FF727FF0000
|
unkown
|
page readonly
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
3740000
|
trusted library allocation
|
page read and write
|
||
|
3750000
|
trusted library allocation
|
page read and write
|
||
|
22E86FB0000
|
trusted library allocation
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
3742000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
13EC000
|
heap
|
page read and write
|
||
|
45E6000
|
trusted library allocation
|
page read and write
|
||
|
22E86EE0000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
D1557F000
|
stack
|
page read and write
|
||
|
202C9EA0000
|
heap
|
page read and write
|
||
|
45FE000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
39EC000
|
trusted library allocation
|
page read and write
|
||
|
F4EE4FE000
|
stack
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
45E1000
|
trusted library allocation
|
page read and write
|
||
|
4634000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
273E000
|
stack
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
5F27000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
378C000
|
trusted library allocation
|
page read and write
|
||
|
24B3000
|
heap
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
9734C7F000
|
stack
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
D8B000
|
stack
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
45E9000
|
trusted library allocation
|
page read and write
|
||
|
F4EE579000
|
stack
|
page read and write
|
||
|
22E86DDF000
|
heap
|
page read and write
|
||
|
3734000
|
trusted library allocation
|
page read and write
|
||
|
370F000
|
trusted library allocation
|
page read and write
|
||
|
22E87D10000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
3750000
|
trusted library allocation
|
page read and write
|
||
|
5B28000
|
trusted library allocation
|
page read and write
|
||
|
463B000
|
trusted library allocation
|
page read and write
|
||
|
4645000
|
trusted library allocation
|
page read and write
|
||
|
45E6000
|
trusted library allocation
|
page read and write
|
||
|
45F6000
|
trusted library allocation
|
page read and write
|
||
|
13C5000
|
heap
|
page read and write
|
||
|
3797000
|
trusted library allocation
|
page read and write
|
||
|
45D1000
|
trusted library allocation
|
page read and write
|
||
|
4657000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
F4EE27B000
|
stack
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
3740000
|
trusted library allocation
|
page read and write
|
||
|
7FF727FF0000
|
unkown
|
page readonly
|
||
|
36DF000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
46B3000
|
trusted library allocation
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page read and write
|
||
|
370F000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
7FF727FF1000
|
unkown
|
page execute read
|
||
|
3710000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
6262000
|
trusted library allocation
|
page read and write
|
||
|
6269000
|
trusted library allocation
|
page read and write
|
||
|
202C9F5A000
|
heap
|
page read and write
|
||
|
DC1000
|
heap
|
page read and write
|
||
|
45F9000
|
trusted library allocation
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
46A4000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
372D000
|
trusted library allocation
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
5ED2000
|
trusted library allocation
|
page read and write
|
||
|
27381AA0000
|
heap
|
page read and write
|
||
|
69DB000
|
trusted library allocation
|
page read and write
|
||
|
25A65DF4000
|
heap
|
page read and write
|
||
|
4642000
|
trusted library allocation
|
page read and write
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
AC8E9AF000
|
stack
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
202C9D40000
|
heap
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
373C000
|
trusted library allocation
|
page read and write
|
||
|
7D31000
|
trusted library allocation
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
13CB000
|
heap
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
375D000
|
trusted library allocation
|
page read and write
|
||
|
27381BE0000
|
heap
|
page read and write
|
||
|
45E9000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0A90000
|
unkown
|
page readonly
|
||
|
1FB6EF10000
|
heap
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
231EED40000
|
heap
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
36F8000
|
trusted library allocation
|
page read and write
|
||
|
5E61000
|
trusted library allocation
|
page read and write
|
||
|
370D000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0A90000
|
unkown
|
page readonly
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
22E86DDD000
|
heap
|
page read and write
|
||
|
7FF6B0AEF000
|
unkown
|
page readonly
|
||
|
13BC000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
4654000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
25A65B40000
|
heap
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
7FF728030000
|
unkown
|
page readonly
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
45DE000
|
trusted library allocation
|
page read and write
|
||
|
45D9000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
464B000
|
trusted library allocation
|
page read and write
|
||
|
1FB6EB6A000
|
heap
|
page read and write
|
||
|
37C1000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1B23EB70000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
231EEEA0000
|
heap
|
page read and write
|
||
|
22E86D90000
|
heap
|
page read and write
|
||
|
37CA000
|
trusted library allocation
|
page read and write
|
||
|
13E4000
|
heap
|
page read and write
|
||
|
45EE000
|
trusted library allocation
|
page read and write
|
||
|
DE4547E000
|
stack
|
page read and write
|
||
|
27381EF0000
|
heap
|
page read and write
|
||
|
464B000
|
trusted library allocation
|
page read and write
|
||
|
22E86DDD000
|
heap
|
page read and write
|
||
|
3758000
|
trusted library allocation
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
F4EE3F9000
|
stack
|
page read and write
|
||
|
22E86ED0000
|
trusted library allocation
|
page read and write
|
||
|
25A65DA0000
|
heap
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
46B8000
|
trusted library allocation
|
page read and write
|
||
|
45F6000
|
trusted library allocation
|
page read and write
|
||
|
464B000
|
trusted library allocation
|
page read and write
|
||
|
25A65BBA000
|
heap
|
page read and write
|
||
|
6E05000
|
trusted library allocation
|
page read and write
|
||
|
7FF72804F000
|
unkown
|
page readonly
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
1FB6EB20000
|
heap
|
page read and write
|
||
|
F4EE47D000
|
stack
|
page read and write
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AD0000
|
unkown
|
page readonly
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
4693000
|
trusted library allocation
|
page read and write
|
||
|
13EB000
|
heap
|
page read and write
|
||
|
13F2000
|
heap
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
DD6000
|
heap
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
27381C00000
|
heap
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
4664000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
36E0000
|
trusted library allocation
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
37C2000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
7D21000
|
trusted library allocation
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
46A7000
|
trusted library allocation
|
page read and write
|
||
|
1B23EB50000
|
heap
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
6659000
|
trusted library allocation
|
page read and write
|
||
|
F4EE5FE000
|
stack
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
7FF728030000
|
unkown
|
page readonly
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
13B5000
|
heap
|
page read and write
|
||
|
869000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1453000
|
heap
|
page read and write
|
||
|
39E3000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
45FD000
|
trusted library allocation
|
page read and write
|
||
|
463A000
|
trusted library allocation
|
page read and write
|
||
|
3710000
|
trusted library allocation
|
page read and write
|
||
|
7FF72804A000
|
unkown
|
page readonly
|
||
|
1FB6EB60000
|
heap
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
36F1000
|
trusted library allocation
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
378C000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
5B2D000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
3792000
|
trusted library allocation
|
page read and write
|
||
|
3702000
|
trusted library allocation
|
page read and write
|
||
|
6F02000
|
trusted library allocation
|
page read and write
|
||
|
463C000
|
trusted library allocation
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
375B000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
22E86D99000
|
heap
|
page read and write
|
||
|
7805000
|
trusted library allocation
|
page read and write
|
||
|
3712000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AEA000
|
unkown
|
page readonly
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
664D000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0A91000
|
unkown
|
page execute read
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
36F8000
|
trusted library allocation
|
page read and write
|
||
|
3792000
|
trusted library allocation
|
page read and write
|
||
|
45EE000
|
trusted library allocation
|
page read and write
|
||
|
17C9B9F000
|
stack
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
46AB000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
1FB6EB00000
|
heap
|
page read and write
|
||
|
976000
|
stack
|
page read and write
|
||
|
45D1000
|
trusted library allocation
|
page read and write
|
||
|
4775000
|
trusted library allocation
|
page read and write
|
||
|
37BB000
|
trusted library allocation
|
page read and write
|
||
|
27381C6A000
|
heap
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
37BE000
|
trusted library allocation
|
page read and write
|
||
|
202CA134000
|
heap
|
page read and write
|
||
|
5E61000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
463A000
|
trusted library allocation
|
page read and write
|
||
|
7FF6B0AD0000
|
unkown
|
page readonly
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
13E4000
|
heap
|
page read and write
|
||
|
373F000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
36F4000
|
trusted library allocation
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
202C9F50000
|
heap
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
39F4000
|
trusted library allocation
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
DD2000
|
heap
|
page read and write
|
||
|
5D61000
|
heap
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
trusted library allocation
|
page read and write
|
||
|
7FF72804A000
|
unkown
|
page readonly
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
46C1000
|
trusted library allocation
|
page read and write
|
||
|
4638000
|
trusted library allocation
|
page read and write
|
||
|
36D9000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
463A000
|
trusted library allocation
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
4653000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
69CD000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
467A000
|
trusted library allocation
|
page read and write
|
||
|
6260000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
heap
|
page read and write
|
||
|
4645000
|
trusted library allocation
|
page read and write
|
||
|
973498D000
|
stack
|
page read and write
|
||
|
4602000
|
trusted library allocation
|
page read and write
|
||
|
377B000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
trusted library allocation
|
page read and write
|
||
|
46C1000
|
trusted library allocation
|
page read and write
|
||
|
477F000
|
trusted library allocation
|
page read and write
|
||
|
373B000
|
trusted library allocation
|
page read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
22E86FE0000
|
heap
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
13CB000
|
heap
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page read and write
|
||
|
22E86DDD000
|
heap
|
page read and write
|
||
|
13D3000
|
heap
|
page read and write
|
||
|
37BA000
|
trusted library allocation
|
page read and write
|
||
|
BA4000
|
heap
|
page read and write
|
||
|
4601000
|
trusted library allocation
|
page read and write
|
||
|
25A65D80000
|
heap
|
page read and write
|
||
|
AC8E8AD000
|
stack
|
page read and write
|
||
|
7FF728040000
|
unkown
|
page write copy
|
||
|
37A5000
|
trusted library allocation
|
page read and write
|
||
|
36EF000
|
trusted library allocation
|
page read and write
|
||
|
4605000
|
trusted library allocation
|
page read and write
|
||
|
1B23EC1A000
|
heap
|
page read and write
|
||
|
466E000
|
trusted library allocation
|
page read and write
|
||
|
DD8000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3797000
|
trusted library allocation
|
page read and write
|
||
|
4647000
|
trusted library allocation
|
page read and write
|
||
|
46A7000
|
trusted library allocation
|
page read and write
|
||
|
370D000
|
trusted library allocation
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
||
|
37BE000
|
trusted library allocation
|
page read and write
|
||
|
3750000
|
trusted library allocation
|
page read and write
|
||
|
3730000
|
trusted library allocation
|
page read and write
|
||
|
1B23EEB0000
|
heap
|
page read and write
|
||
|
22E86DF7000
|
heap
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
22E86FEB000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
3720000
|
trusted library allocation
|
page read and write
|
||
|
3715000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
trusted library allocation
|
page read and write
|
||
|
3765000
|
trusted library allocation
|
page read and write
|
||
|
22E86FE5000
|
heap
|
page read and write
|
||
|
22E86F80000
|
trusted library allocation
|
page read and write
|
||
|
370F000
|
trusted library allocation
|
page read and write
|
There are 591 hidden memdumps, click here to show them.