Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
15dasx.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
initial sample
|
 |
|
|
C:\Config.Msi\6bb81c.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF4899FDBF77CB7EDE.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFA9753353B6A77A75.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFC65A62CAF401C2CF.TMP
|
data
|
dropped
|
||
|
C:\Windows\Installer\6bb81a.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\6bb81b.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\6bb81d.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI8ED9.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\15dasx.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://streams.videolan.org/upload/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
2.82.8.80
|
unknown
|
Portugal
|
|
|
|
70.160.67.203
|
unknown
|
United States
|
|
|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
92.186.69.229
|
unknown
|
France
|
|
|
|
174.4.89.3
|
unknown
|
Canada
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
84.108.200.161
|
unknown
|
Israel
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
183.87.163.165
|
unknown
|
India
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
124.149.143.189
|
unknown
|
Australia
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
73.29.92.128
|
unknown
|
United States
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
186.64.67.30
|
unknown
|
Argentina
|
|
|
|
188.28.19.84
|
unknown
|
United Kingdom
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
59.28.84.65
|
unknown
|
Korea Republic of
|
|
|
|
105.186.128.181
|
unknown
|
South Africa
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
78.92.133.215
|
unknown
|
Hungary
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
51.14.29.227
|
unknown
|
United Kingdom
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
69.133.162.35
|
unknown
|
United States
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
151.62.238.176
|
unknown
|
Italy
|
|
|
|
70.112.206.5
|
unknown
|
United States
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
102.159.188.125
|
unknown
|
Tunisia
|
|
|
|
151.65.167.77
|
unknown
|
Italy
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
89.36.206.69
|
unknown
|
Italy
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
193.253.100.236
|
unknown
|
France
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
94.207.104.225
|
unknown
|
United Arab Emirates
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
78.18.105.11
|
unknown
|
Ireland
|
|
|
|
80.6.50.34
|
unknown
|
United Kingdom
|
|
|
|
103.144.201.56
|
unknown
|
unknown
|
|
|
|
27.0.48.233
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
47.149.134.231
|
unknown
|
United States
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
79.77.142.22
|
unknown
|
United Kingdom
|
|
|
|
90.78.147.141
|
unknown
|
France
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
186.75.95.6
|
unknown
|
Panama
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
213.64.33.61
|
unknown
|
Sweden
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
86.97.55.89
|
unknown
|
United Arab Emirates
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
174.58.146.57
|
unknown
|
United States
|
|
|
|
78.160.146.127
|
unknown
|
Turkey
|
|
|
|
58.186.75.42
|
unknown
|
Viet Nam
|
|
|
|
223.166.13.95
|
unknown
|
China
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
104.35.24.154
|
unknown
|
United States
|
|
|
|
220.240.164.182
|
unknown
|
Australia
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
24.198.114.130
|
unknown
|
United States
|
|
|
|
2.36.64.159
|
unknown
|
Italy
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
69.119.123.159
|
unknown
|
United States
|
|
|
|
69.123.4.221
|
unknown
|
United States
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
77.86.98.236
|
unknown
|
United Kingdom
|
|
|
|
147.219.4.194
|
unknown
|
United States
|
|
There are 90 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bb81c.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bb81c.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\988FDE4671CFB664E8A9A56888BEC1CD
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\988FDE4671CFB664E8A9A56888BEC1CD
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
acebf99
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
88f9fe5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
b033f880
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
cd3bb70a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
7587d06f
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
b272d8fc
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
40180021
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
There are 105 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23DD000
|
heap
|
page read and write
|
|
|
|
37D000
|
heap
|
page read and write
|
|
|
|
2867000
|
trusted library allocation
|
page read and write
|
||
|
2C5F000
|
trusted library allocation
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
236E000
|
stack
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
1C73000
|
heap
|
page read and write
|
||
|
1C76000
|
heap
|
page read and write
|
||
|
19CD000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
1E35000
|
heap
|
page read and write
|
||
|
1C77000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
AE000
|
heap
|
page read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
286C000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
286E000
|
trusted library allocation
|
page read and write
|
||
|
1B1000
|
direct allocation
|
page execute read
|
||
|
1C7B000
|
heap
|
page read and write
|
||
|
1C5A000
|
heap
|
page read and write
|
||
|
526000
|
trusted library allocation
|
page read and write
|
||
|
1C69000
|
heap
|
page read and write
|
||
|
101E3000
|
unkown
|
page write copy
|
||
|
1C57000
|
heap
|
page read and write
|
||
|
36A000
|
heap
|
page read and write
|
||
|
2C6A000
|
trusted library allocation
|
page read and write
|
||
|
19C6000
|
heap
|
page read and write
|
||
|
177000
|
heap
|
page read and write
|
||
|
261F000
|
stack
|
page read and write
|
||
|
2B5000
|
stack
|
page read and write
|
||
|
CC000
|
heap
|
page read and write
|
||
|
3BA000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2D2000
|
heap
|
page read and write
|
||
|
19C3000
|
heap
|
page read and write
|
||
|
C7000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
77000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1E3D000
|
heap
|
page read and write
|
||
|
1E24000
|
heap
|
page read and write
|
||
|
1C55000
|
heap
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
1C76000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
284C000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
2440000
|
trusted library allocation
|
page read and write
|
||
|
1C6B000
|
heap
|
page read and write
|
||
|
3C4000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
1C69000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
19C7000
|
heap
|
page read and write
|
||
|
1C5C000
|
heap
|
page read and write
|
||
|
32B000
|
heap
|
page read and write
|
||
|
416000
|
heap
|
page read and write
|
||
|
101E0000
|
unkown
|
page write copy
|
||
|
377000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
1C58000
|
heap
|
page read and write
|
||
|
204B000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
C8000
|
heap
|
page read and write
|
||
|
326000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1C6B000
|
heap
|
page read and write
|
||
|
1C7D000
|
heap
|
page read and write
|
||
|
2868000
|
trusted library allocation
|
page read and write
|
||
|
1E35000
|
heap
|
page read and write
|
||
|
1E28000
|
heap
|
page read and write
|
||
|
2875000
|
trusted library allocation
|
page read and write
|
||
|
19D4000
|
heap
|
page read and write
|
||
|
1C62000
|
heap
|
page read and write
|
||
|
2874000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
trusted library allocation
|
page read and write
|
||
|
2C57000
|
trusted library allocation
|
page read and write
|
||
|
2C45000
|
trusted library allocation
|
page read and write
|
||
|
286F000
|
trusted library allocation
|
page read and write
|
||
|
2C59000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3C3000
|
heap
|
page read and write
|
||
|
1C78000
|
heap
|
page read and write
|
||
|
1C56000
|
heap
|
page read and write
|
||
|
19D1000
|
heap
|
page read and write
|
||
|
2469000
|
trusted library allocation
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
25B000
|
stack
|
page read and write
|
||
|
1B0000
|
direct allocation
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
247F000
|
trusted library allocation
|
page read and write
|
||
|
56C000
|
stack
|
page read and write
|
||
|
1C5B000
|
heap
|
page read and write
|
||
|
3B19000
|
heap
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
240000
|
trusted library allocation
|
page read and write
|
||
|
243F000
|
heap
|
page read and write
|
||
|
1D72000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
1E3F000
|
heap
|
page read and write
|
||
|
19CE000
|
heap
|
page read and write
|
||
|
D2000
|
heap
|
page read and write
|
||
|
1C7D000
|
heap
|
page read and write
|
||
|
347000
|
heap
|
page read and write
|
||
|
1429000
|
stack
|
page read and write
|
||
|
180000
|
direct allocation
|
page execute read
|
||
|
246E000
|
trusted library allocation
|
page read and write
|
||
|
1C73000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
1D81000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
11D000
|
stack
|
page read and write
|
||
|
19B4000
|
heap
|
page read and write
|
||
|
3CC000
|
heap
|
page read and write
|
||
|
2871000
|
trusted library allocation
|
page read and write
|
||
|
2C5E000
|
trusted library allocation
|
page read and write
|
||
|
3B10000
|
heap
|
page read and write
|
||
|
19C8000
|
heap
|
page read and write
|
||
|
D2000
|
heap
|
page read and write
|
||
|
246F000
|
trusted library allocation
|
page read and write
|
||
|
1C55000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
19B4000
|
heap
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
247E000
|
trusted library allocation
|
page read and write
|
||
|
25C000
|
trusted library allocation
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
2C6D000
|
trusted library allocation
|
page read and write
|
||
|
1E2C000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
2C54000
|
trusted library allocation
|
page read and write
|
||
|
19D1000
|
heap
|
page read and write
|
||
|
3B8000
|
heap
|
page read and write
|
||
|
483F000
|
stack
|
page read and write
|
||
|
2483000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
3CA000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
2C6B000
|
trusted library allocation
|
page read and write
|
||
|
19C4000
|
heap
|
page read and write
|
||
|
19C2000
|
heap
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
1C7B000
|
heap
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
2C48000
|
trusted library allocation
|
page read and write
|
||
|
1C73000
|
heap
|
page read and write
|
||
|
1C6A000
|
heap
|
page read and write
|
||
|
1C7B000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
1C55000
|
heap
|
page read and write
|
||
|
2C5D000
|
trusted library allocation
|
page read and write
|
||
|
19C7000
|
heap
|
page read and write
|
||
|
1D60000
|
heap
|
page read and write
|
||
|
101FE000
|
unkown
|
page readonly
|
||
|
3900000
|
heap
|
page read and write
|
||
|
49D000
|
heap
|
page read and write
|
||
|
246C000
|
trusted library allocation
|
page read and write
|
||
|
1E0000
|
trusted library allocation
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1EED000
|
heap
|
page read and write
|
||
|
1D72000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
22E0000
|
heap
|
page read and write
|
||
|
1AE000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2C53000
|
trusted library allocation
|
page read and write
|
||
|
2B9000
|
stack
|
page read and write
|
||
|
1E3D000
|
heap
|
page read and write
|
||
|
1E3F000
|
heap
|
page read and write
|
||
|
2484000
|
trusted library allocation
|
page read and write
|
||
|
1E36000
|
heap
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
1CF000
|
direct allocation
|
page read and write
|
||
|
100AE000
|
unkown
|
page readonly
|
||
|
2871000
|
trusted library allocation
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
284D000
|
trusted library allocation
|
page read and write
|
||
|
1E3F000
|
heap
|
page read and write
|
||
|
2C42000
|
trusted library allocation
|
page read and write
|
||
|
2D4000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1E3D000
|
heap
|
page read and write
|
||
|
1E43000
|
heap
|
page read and write
|
||
|
355000
|
heap
|
page read and write
|
||
|
1E28000
|
heap
|
page read and write
|
||
|
1E3F000
|
heap
|
page read and write
|
||
|
2C6C000
|
trusted library allocation
|
page read and write
|
||
|
2C46000
|
trusted library allocation
|
page read and write
|
||
|
365000
|
heap
|
page read and write
|
||
|
246A000
|
trusted library allocation
|
page read and write
|
||
|
2488000
|
trusted library allocation
|
page read and write
|
||
|
284B000
|
trusted library allocation
|
page read and write
|
||
|
1E55000
|
heap
|
page read and write
|
||
|
244000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
19D3000
|
heap
|
page read and write
|
||
|
1E32000
|
heap
|
page read and write
|
||
|
1E24000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
1F70000
|
heap
|
page read and write
|
||
|
1C56000
|
heap
|
page read and write
|
||
|
367000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
364000
|
heap
|
page read and write
|
||
|
1C7C000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
2489000
|
trusted library allocation
|
page read and write
|
||
|
1C78000
|
heap
|
page read and write
|
||
|
248A000
|
trusted library allocation
|
page read and write
|
||
|
2872000
|
trusted library allocation
|
page read and write
|
||
|
1D70000
|
heap
|
page read and write
|
||
|
19C3000
|
heap
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
1D77000
|
heap
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
2C61000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
101DF000
|
unkown
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1C69000
|
heap
|
page read and write
|
||
|
2BE000
|
heap
|
page read and write
|
||
|
3890000
|
heap
|
page read and write
|
||
|
19C6000
|
heap
|
page read and write
|
||
|
2C51000
|
trusted library allocation
|
page read and write
|
||
|
2C55000
|
trusted library allocation
|
page read and write
|
||
|
2DF000
|
stack
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2869000
|
trusted library allocation
|
page read and write
|
||
|
46BF000
|
stack
|
page read and write
|
||
|
2C65000
|
trusted library allocation
|
page read and write
|
||
|
1E3F000
|
heap
|
page read and write
|
||
|
1E43000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
3CF000
|
heap
|
page read and write
|
||
|
19B0000
|
heap
|
page read and write
|
||
|
35F000
|
heap
|
page read and write
|
||
|
3B6000
|
heap
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
1E32000
|
heap
|
page read and write
|
||
|
2015000
|
heap
|
page read and write
|
||
|
19D6000
|
heap
|
page read and write
|
||
|
1C5D000
|
heap
|
page read and write
|
||
|
19C9000
|
heap
|
page read and write
|
||
|
2471000
|
trusted library allocation
|
page read and write
|
||
|
286B000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
2C68000
|
trusted library allocation
|
page read and write
|
||
|
2873000
|
trusted library allocation
|
page read and write
|
||
|
1D72000
|
heap
|
page read and write
|
||
|
101DA000
|
unkown
|
page readonly
|
||
|
261F000
|
stack
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
1C7D000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
19D1000
|
heap
|
page read and write
|
||
|
19E0000
|
heap
|
page read and write
|
||
|
1C72000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1CA000
|
direct allocation
|
page readonly
|
||
|
19C3000
|
heap
|
page read and write
|
||
|
376000
|
heap
|
page read and write
|
||
|
1E44000
|
heap
|
page read and write
|
||
|
2000000
|
heap
|
page read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
19D5000
|
heap
|
page read and write
|
||
|
2C63000
|
trusted library allocation
|
page read and write
|
||
|
1E32000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
31D000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
316000
|
heap
|
page read and write
|
||
|
284E000
|
trusted library allocation
|
page read and write
|
||
|
1C75000
|
heap
|
page read and write
|
||
|
BA000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
C6000
|
heap
|
page read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
19D6000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
137F000
|
stack
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
2C47000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2C69000
|
trusted library allocation
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
1E02000
|
heap
|
page read and write
|
||
|
329000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
1E2C000
|
heap
|
page read and write
|
||
|
38C6000
|
heap
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
1E43000
|
heap
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
2873000
|
trusted library allocation
|
page read and write
|
||
|
363000
|
heap
|
page read and write
|
||
|
1E02000
|
heap
|
page read and write
|
||
|
246B000
|
trusted library allocation
|
page read and write
|
||
|
1DF0000
|
heap
|
page read and write
|
||
|
19D1000
|
heap
|
page read and write
|
||
|
1E3D000
|
heap
|
page read and write
|
||
|
2C41000
|
trusted library allocation
|
page read and write
|
||
|
2C4B000
|
trusted library allocation
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
2872000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
trusted library allocation
|
page read and write
|
||
|
21CF000
|
stack
|
page read and write
|
||
|
19C0000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
484000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
1C7B000
|
heap
|
page read and write
|
||
|
1C5B000
|
heap
|
page read and write
|
||
|
311000
|
heap
|
page read and write
|
||
|
3900000
|
heap
|
page read and write
|
||
|
1C69000
|
heap
|
page read and write
|
||
|
286D000
|
trusted library allocation
|
page read and write
|
||
|
1D80000
|
heap
|
page read and write
|
||
|
1DF4000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
1C76000
|
heap
|
page read and write
|
||
|
1E2A000
|
heap
|
page read and write
|
||
|
1E2C000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
2C52000
|
trusted library allocation
|
page read and write
|
||
|
D2000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1D2000
|
direct allocation
|
page readonly
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
2C64000
|
trusted library allocation
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
3B3000
|
heap
|
page read and write
|
||
|
69F000
|
stack
|
page read and write
|
||
|
1E28000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
1C62000
|
heap
|
page read and write
|
||
|
1C69000
|
heap
|
page read and write
|
||
|
BF000
|
heap
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
474000
|
heap
|
page read and write
|
||
|
2870000
|
trusted library allocation
|
page read and write
|
||
|
3EBC000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
2C5C000
|
trusted library allocation
|
page read and write
|
||
|
1EBE000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
19BF000
|
heap
|
page read and write
|
||
|
19D1000
|
heap
|
page read and write
|
||
|
1C57000
|
heap
|
page read and write
|
||
|
2481000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
19C3000
|
heap
|
page read and write
|
||
|
1D0000
|
trusted library allocation
|
page read and write
|
||
|
1C73000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
19B5000
|
heap
|
page read and write
|
||
|
19D3000
|
heap
|
page read and write
|
||
|
3B15000
|
heap
|
page read and write
|
||
|
284F000
|
trusted library allocation
|
page read and write
|
||
|
1C75000
|
heap
|
page read and write
|
||
|
2487000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
3EF4000
|
heap
|
page read and write
|
||
|
19C7000
|
heap
|
page read and write
|
||
|
19C7000
|
heap
|
page read and write
|
||
|
286A000
|
trusted library allocation
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
19B4000
|
heap
|
page read and write
|
||
|
25BE000
|
stack
|
page read and write
|
||
|
1C50000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
21E000
|
stack
|
page read and write
|
||
|
287000
|
heap
|
page read and write
|
||
|
26DE000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1D7F000
|
heap
|
page read and write
|
||
|
1F22000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
1E43000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
1E3D000
|
heap
|
page read and write
|
||
|
17D000
|
stack
|
page read and write
|
||
|
1E28000
|
heap
|
page read and write
|
||
|
8F2000
|
heap
|
page read and write
|
||
|
19D9000
|
heap
|
page read and write
|
||
|
19C2000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
100AD000
|
unkown
|
page read and write
|
||
|
1C63000
|
heap
|
page read and write
|
||
|
246D000
|
trusted library allocation
|
page read and write
|
||
|
160F000
|
stack
|
page read and write
|
||
|
2C4A000
|
trusted library allocation
|
page read and write
|
||
|
2482000
|
trusted library allocation
|
page read and write
|
||
|
1E32000
|
heap
|
page read and write
|
||
|
1C7A000
|
heap
|
page read and write
|
||
|
2C62000
|
trusted library allocation
|
page read and write
|
||
|
2C4C000
|
trusted library allocation
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
1F1F000
|
heap
|
page read and write
|
||
|
19C0000
|
heap
|
page read and write
|
||
|
494F000
|
stack
|
page read and write
|
||
|
D2000
|
heap
|
page read and write
|
||
|
14E9000
|
stack
|
page read and write
|
||
|
2866000
|
trusted library allocation
|
page read and write
|
||
|
2445000
|
heap
|
page read and write
|
||
|
2C58000
|
trusted library allocation
|
page read and write
|
||
|
366000
|
heap
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
19D0000
|
heap
|
page read and write
|
||
|
3C2000
|
heap
|
page read and write
|
||
|
2EA000
|
heap
|
page read and write
|
||
|
1F25000
|
heap
|
page read and write
|
||
|
1D6F000
|
heap
|
page read and write
|
||
|
480000
|
trusted library allocation
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
1C72000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
2C5B000
|
trusted library allocation
|
page read and write
|
||
|
10C000
|
stack
|
page read and write
|
||
|
37B000
|
heap
|
page read and write
|
||
|
1E43000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
2C67000
|
trusted library allocation
|
page read and write
|
There are 449 hidden memdumps, click here to show them.