Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
r3zg12.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {880CDD59-0C2C-49AC-BA45-82BB01CD8BD1}, Create Time/Date: Tue May
30 14:29:16 2023, Last Saved Time/Date: Tue May 30 14:29:16 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
initial sample
|
 |
|
|
C:\Config.Msi\725f14.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF737A82605D542653.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF9424631930F5E6F6.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFCE21E83529306783.TMP
|
data
|
dropped
|
||
|
C:\Windows\Installer\725f12.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {880CDD59-0C2C-49AC-BA45-82BB01CD8BD1}, Create Time/Date: Tue May
30 14:29:16 2023, Last Saved Time/Date: Tue May 30 14:29:16 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\725f13.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\725f15.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {880CDD59-0C2C-49AC-BA45-82BB01CD8BD1}, Create Time/Date: Tue May
30 14:29:16 2023, Last Saved Time/Date: Tue May 30 14:29:16 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSIDFB6.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\r3zg12.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://streams.videolan.org/upload/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
2.82.8.80
|
unknown
|
Portugal
|
|
|
|
70.160.67.203
|
unknown
|
United States
|
|
|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
105.184.103.97
|
unknown
|
South Africa
|
|
|
|
92.186.69.229
|
unknown
|
France
|
|
|
|
174.4.89.3
|
unknown
|
Canada
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
84.108.200.161
|
unknown
|
Israel
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
183.87.163.165
|
unknown
|
India
|
|
|
|
124.149.143.189
|
unknown
|
Australia
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
73.29.92.128
|
unknown
|
United States
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
186.64.67.30
|
unknown
|
Argentina
|
|
|
|
188.28.19.84
|
unknown
|
United Kingdom
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
86.176.144.234
|
unknown
|
United Kingdom
|
|
|
|
59.28.84.65
|
unknown
|
Korea Republic of
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
78.92.133.215
|
unknown
|
Hungary
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
51.14.29.227
|
unknown
|
United Kingdom
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
81.111.108.123
|
unknown
|
United Kingdom
|
|
|
|
69.133.162.35
|
unknown
|
United States
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
151.62.238.176
|
unknown
|
Italy
|
|
|
|
70.112.206.5
|
unknown
|
United States
|
|
|
|
41.228.224.161
|
unknown
|
Tunisia
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
102.159.188.125
|
unknown
|
Tunisia
|
|
|
|
151.65.167.77
|
unknown
|
Italy
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
89.36.206.69
|
unknown
|
Italy
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
85.104.105.67
|
unknown
|
Turkey
|
|
|
|
94.207.104.225
|
unknown
|
United Arab Emirates
|
|
|
|
193.253.100.236
|
unknown
|
France
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
78.18.105.11
|
unknown
|
Ireland
|
|
|
|
80.6.50.34
|
unknown
|
United Kingdom
|
|
|
|
103.144.201.56
|
unknown
|
unknown
|
|
|
|
27.0.48.233
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
79.77.142.22
|
unknown
|
United Kingdom
|
|
|
|
90.78.147.141
|
unknown
|
France
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
186.75.95.6
|
unknown
|
Panama
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
213.64.33.61
|
unknown
|
Sweden
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
86.173.2.12
|
unknown
|
United Kingdom
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
78.160.146.127
|
unknown
|
Turkey
|
|
|
|
58.186.75.42
|
unknown
|
Viet Nam
|
|
|
|
223.166.13.95
|
unknown
|
China
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
220.240.164.182
|
unknown
|
Australia
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
24.198.114.130
|
unknown
|
United States
|
|
|
|
2.36.64.159
|
unknown
|
Italy
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
109.50.149.241
|
unknown
|
Portugal
|
|
|
|
69.119.123.159
|
unknown
|
United States
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
147.219.4.194
|
unknown
|
United States
|
|
There are 90 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\725f14.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\725f14.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
D45CFDABE04C2B5408551C4544F4F138
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
D45CFDABE04C2B5408551C4544F4F138
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BADFC54D-C40E-45B2-8055-C154444F1F83}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\D45CFDABE04C2B5408551C4544F4F138
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\D45CFDABE04C2B5408551C4544F4F138
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\D45CFDABE04C2B5408551C4544F4F138\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
D45CFDABE04C2B5408551C4544F4F138
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D45CFDABE04C2B5408551C4544F4F138\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
ba1a3b32
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
8f85eb7c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
8dc4cb00
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
3578ac65
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
4870e3ef
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
f0cc848a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
37398c19
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
c55354c4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
ba1a3b32
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Vlotrabeib
|
ba1a3b32
|
There are 103 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29D000
|
heap
|
page read and write
|
|
|
|
E3D000
|
heap
|
page read and write
|
|
|
|
9CF000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
2F9000
|
heap
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
24D4000
|
heap
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
23E2000
|
trusted library allocation
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
23EE000
|
trusted library allocation
|
page read and write
|
||
|
398000
|
heap
|
page read and write
|
||
|
23D5000
|
trusted library allocation
|
page read and write
|
||
|
2020000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
1DF000
|
direct allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3BA000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
260000
|
heap
|
page read and write
|
||
|
1969000
|
stack
|
page read and write
|
||
|
1F6A000
|
heap
|
page read and write
|
||
|
23F1000
|
trusted library allocation
|
page read and write
|
||
|
23D8000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
100AB000
|
unkown
|
page readonly
|
||
|
127000
|
heap
|
page read and write
|
||
|
4B0F000
|
stack
|
page read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
297000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
23D7000
|
trusted library allocation
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
244000
|
heap
|
page read and write
|
||
|
38A000
|
heap
|
page read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
A0000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
40FC000
|
heap
|
page read and write
|
||
|
1F82000
|
heap
|
page read and write
|
||
|
36B000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
1C8B000
|
heap
|
page read and write
|
||
|
2EB000
|
heap
|
page read and write
|
||
|
1DF0000
|
heap
|
page read and write
|
||
|
244000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
397000
|
heap
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
427000
|
heap
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
404000
|
heap
|
page read and write
|
||
|
2F8000
|
heap
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
1C80000
|
heap
|
page read and write
|
||
|
2F6000
|
heap
|
page read and write
|
||
|
234F000
|
stack
|
page read and write
|
||
|
106000
|
heap
|
page read and write
|
||
|
23A0000
|
trusted library allocation
|
page read and write
|
||
|
1E9000
|
stack
|
page read and write
|
||
|
99D000
|
heap
|
page read and write
|
||
|
2E3000
|
heap
|
page read and write
|
||
|
23E5000
|
trusted library allocation
|
page read and write
|
||
|
1F85000
|
heap
|
page read and write
|
||
|
23E4000
|
trusted library allocation
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
2E9000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
23F7000
|
trusted library allocation
|
page read and write
|
||
|
24D000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
1C97000
|
heap
|
page read and write
|
||
|
1DA000
|
direct allocation
|
page readonly
|
||
|
3D90000
|
heap
|
page read and write
|
||
|
2024000
|
heap
|
page read and write
|
||
|
4D6000
|
trusted library allocation
|
page read and write
|
||
|
357000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
23DA000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
3A40000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
425000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
2DC000
|
heap
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
25DE000
|
stack
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
23EB000
|
trusted library allocation
|
page read and write
|
||
|
2EA000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
2EC000
|
heap
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
1C1000
|
direct allocation
|
page execute read
|
||
|
100AA000
|
unkown
|
page read and write
|
||
|
280E000
|
stack
|
page read and write
|
||
|
23EC000
|
trusted library allocation
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
1EBB000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
3A2000
|
heap
|
page read and write
|
||
|
320000
|
heap
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
45E000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
2D0000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
23F0000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
101FC000
|
unkown
|
page readonly
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
13EF000
|
stack
|
page read and write
|
||
|
19B0000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
101E1000
|
unkown
|
page write copy
|
||
|
2E1000
|
heap
|
page read and write
|
||
|
4C9000
|
stack
|
page read and write
|
||
|
213B000
|
heap
|
page read and write
|
||
|
2E6000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
23C000
|
stack
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
3D95000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
2DF000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
456000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
23F8000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
23CF000
|
trusted library allocation
|
page read and write
|
||
|
140000
|
direct allocation
|
page execute read
|
||
|
240000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
33FC000
|
heap
|
page read and write
|
||
|
1E2000
|
direct allocation
|
page readonly
|
||
|
12D000
|
stack
|
page read and write
|
||
|
39C000
|
heap
|
page read and write
|
||
|
2EA000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
23D6000
|
trusted library allocation
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
1F60000
|
heap
|
page read and write
|
||
|
23E3000
|
trusted library allocation
|
page read and write
|
||
|
2DE000
|
heap
|
page read and write
|
||
|
23E7000
|
trusted library allocation
|
page read and write
|
||
|
3B40000
|
heap
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
38F000
|
heap
|
page read and write
|
||
|
2105000
|
heap
|
page read and write
|
||
|
E9F000
|
heap
|
page read and write
|
||
|
347000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
2F6000
|
heap
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
1F4D000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
23D3000
|
trusted library allocation
|
page read and write
|
||
|
23DC000
|
trusted library allocation
|
page read and write
|
||
|
2D3000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
267000
|
heap
|
page read and write
|
||
|
284000
|
heap
|
page read and write
|
||
|
3A2000
|
heap
|
page read and write
|
||
|
23D4000
|
trusted library allocation
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
23DD000
|
trusted library allocation
|
page read and write
|
||
|
24D000
|
stack
|
page read and write
|
||
|
1C0000
|
direct allocation
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
2E4000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
1EB0000
|
heap
|
page read and write
|
||
|
23ED000
|
trusted library allocation
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
2EA000
|
heap
|
page read and write
|
||
|
23FE000
|
trusted library allocation
|
page read and write
|
||
|
3D99000
|
heap
|
page read and write
|
||
|
2D8000
|
heap
|
page read and write
|
||
|
2FA000
|
heap
|
page read and write
|
||
|
11D000
|
heap
|
page read and write
|
||
|
1C88000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
443000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
3A2000
|
heap
|
page read and write
|
||
|
23FD000
|
trusted library allocation
|
page read and write
|
||
|
429000
|
heap
|
page read and write
|
||
|
2DA000
|
heap
|
page read and write
|
||
|
43C000
|
heap
|
page read and write
|
||
|
2DD000
|
heap
|
page read and write
|
||
|
101DE000
|
unkown
|
page write copy
|
||
|
3630000
|
heap
|
page read and write
|
||
|
24F2000
|
heap
|
page read and write
|
||
|
23E1000
|
trusted library allocation
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
308000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
23D2000
|
trusted library allocation
|
page read and write
|
||
|
366000
|
heap
|
page read and write
|
||
|
396000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
23DE000
|
trusted library allocation
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
44C000
|
heap
|
page read and write
|
||
|
327000
|
heap
|
page read and write
|
||
|
2E2000
|
heap
|
page read and write
|
||
|
1C8D000
|
heap
|
page read and write
|
||
|
35D000
|
heap
|
page read and write
|
||
|
1F8D000
|
heap
|
page read and write
|
||
|
2816000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
256E000
|
stack
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
3F3000
|
heap
|
page read and write
|
||
|
1F84000
|
heap
|
page read and write
|
||
|
37E000
|
heap
|
page read and write
|
||
|
1F84000
|
heap
|
page read and write
|
||
|
4D0000
|
trusted library allocation
|
page read and write
|
||
|
29C000
|
stack
|
page read and write
|
||
|
23EF000
|
trusted library allocation
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
D0000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
445000
|
heap
|
page read and write
|
||
|
2E1000
|
heap
|
page read and write
|
||
|
101D8000
|
unkown
|
page readonly
|
||
|
23DB000
|
trusted library allocation
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
23D1000
|
trusted library allocation
|
page read and write
|
||
|
2EF000
|
heap
|
page read and write
|
||
|
3CFF000
|
stack
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
4A0F000
|
stack
|
page read and write
|
||
|
2E4000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
60C000
|
stack
|
page read and write
|
||
|
2E3000
|
heap
|
page read and write
|
||
|
3AD000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2E8000
|
heap
|
page read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
37A0000
|
heap
|
page read and write
|
||
|
2F5000
|
heap
|
page read and write
|
||
|
D0000
|
heap
|
page read and write
|
||
|
404000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
24D000
|
heap
|
page read and write
|
||
|
3B1000
|
heap
|
page read and write
|
||
|
101DD000
|
unkown
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
38E000
|
heap
|
page read and write
|
||
|
584000
|
heap
|
page read and write
|
||
|
2EC000
|
heap
|
page read and write
|
||
|
307000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
23D9000
|
trusted library allocation
|
page read and write
|
||
|
1C9E000
|
heap
|
page read and write
|
||
|
9D6000
|
heap
|
page read and write
|
||
|
106000
|
heap
|
page read and write
|
||
|
1F53000
|
heap
|
page read and write
|
||
|
96E000
|
heap
|
page read and write
|
||
|
4134000
|
heap
|
page read and write
|
||
|
3A2000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
23E6000
|
trusted library allocation
|
page read and write
|
There are 308 hidden memdumps, click here to show them.