Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ProjectFunding_450726_Jun01.js
|
ASCII text, with very long lines (1337), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Config.Msi\6781be.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\P96VU3JU.htm
|
HTML document, Unicode text, UTF-8 text, with very long lines (1206), with CRLF, LF line terminators
|
dropped
|
||
|
C:\Windows\Installer\6781bf.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {8C788FE0-D109-4927-9111-67E9237DDA2D}, Create Time/Date: Thu Jun
1 15:57:00 2023, Last Saved Time/Date: Thu Jun 1 15:57:00 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI81ED.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI980.tmp
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {8C788FE0-D109-4927-9111-67E9237DDA2D}, Create Time/Date: Thu Jun
1 15:57:00 2023, Last Saved Time/Date: Thu Jun 1 15:57:00 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF0DDEAC6C9405E7E5.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF4D363E067C7B1335.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7239BB99E68B74D1.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF97032EC5218A315C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFAAF580DC072508D1.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC5AF83C6C09B723C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFC8411CD743E6CADD.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFCFA0FDA4AEF3B850.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFD56E4E9B73156A44.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFEA98AB2A043532AC.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFEE30CB9E16457345.TMP
|
data
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\ProjectFunding_450726_Jun01.js"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.cisco.com/c/en_eg/index.html
|
unknown
|
||
|
https://www.youtube.com/user/cisco
|
unknown
|
||
|
https://www.cisco.com/c/en/us/solutions/service-provider/routed-optical-networking/index.html?ccid=c
|
unknown
|
||
|
https://www.cisco.com/c/ar_ae/index.html
|
unknown
|
||
|
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2023/m05/cisco-launches-program-for-customers-and-p
|
unknown
|
||
|
https://www.cisco.com/c/en_sg/index.html
|
unknown
|
||
|
https://garokelka.com/$
|
unknown
|
||
|
https://www.cisco.com/c/en_dz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/hu_hu/index.html
|
unknown
|
||
|
https://www.cisco.com/site/in/en/index.html
|
unknown
|
||
|
https://software.cisco.com/download/navigator.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/contact-cisco.html
|
unknown
|
||
|
https://www.schema.org
|
unknown
|
||
|
https://www.cisco.com/c/en/us/partners/connect-with-a-partner.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/sitemap.html
|
unknown
|
||
|
https://www.cisco.com/c/sv_se/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ru_ru/index.html
|
unknown
|
||
|
https://learninglocator.cloudapps.cisco.com/#/home
|
unknown
|
||
|
https://www.cisco.com/c/pl_pl/index.html
|
unknown
|
||
|
https://blogs.cisco.com/security/now-is-the-time-to-step-up-your-security?utm_medium=web-referral&ut
|
unknown
|
||
|
https://www.cisco.com
|
unknown
|
||
|
https://www.cisco.com/c/fr_dz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/de_ch/index.html
|
unknown
|
||
|
http://pdx-col.eum-appdynamics.com
|
unknown
|
||
|
https://www.cisco.com/site/fr/fr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/nl_nl/index.html
|
unknown
|
||
|
https://www.cisco.com/site/au/en/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi
|
217.195.153.225
|
||
|
https://www.cisco.com/c/es_ec/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/trademarks.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about.html
|
unknown
|
||
|
https://www.cisco.com/c/pt_br/index.html
|
unknown
|
||
|
https://www.cisco.com/c/th_th/index.html
|
unknown
|
||
|
https://www.cisco.com/site/de/de/index.html
|
unknown
|
||
|
https://search.cisco.com/search?query=
|
unknown
|
||
|
http://schema.org/ImageObject
|
unknown
|
||
|
https://www.ciscolive.com/global.html?CID=cdchp&TEAM=global_events&MEDIUM=digital_direct&CAMPAIGN=bt
|
unknown
|
||
|
https://www.cisco.com/c/en_my/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_es/index.html
|
unknown
|
||
|
https://www.cisco.com/c/it_it/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_il/index.html
|
unknown
|
||
|
https://www.cisco.com/site/cn/zh/index.html
|
unknown
|
||
|
https://newsroom.cisco.com/c/r/newsroom/en/us/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_hk/index.html
|
unknown
|
||
|
https://www.cisco.com/c/de_at/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_pa/index.html
|
unknown
|
||
|
https://www.cisco.com/c/da_dk/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ru_ua/index.html
|
unknown
|
||
|
https://www.instagram.com/cisco/
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/accessibility.html
|
unknown
|
||
|
https://www.cisco.com/c/es_mx/index.html
|
unknown
|
||
|
https://www.cisco.com/c/fr_be/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi0C:
|
unknown
|
||
|
https://www.cisco.com/c/tr_tr/index.html
|
unknown
|
||
|
https://ciscocx.qualtrics.com/jfe/form/SV_0Tcp9VU8pUm4lBY?Ref=/c/en/us/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_ph/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_ar/index.html
|
unknown
|
||
|
https://www.cisco.com/c/no_no/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_cr/index.html
|
unknown
|
||
|
https://twitter.com/Cisco/
|
unknown
|
||
|
https://www.cisco.com/c/ar_eg/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ko_kr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ro_ro/index.html
|
unknown
|
||
|
https://www.cisco.com/site/ca/fr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/nl_be/index.html
|
unknown
|
||
|
https://duo.com/solutions/risk-based-authentication?utm_medium=web-referral&utm_source=cisco#eyJoYXN
|
unknown
|
||
|
https://www.cisco.com/c/es_co/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/terms-conditions.html
|
unknown
|
||
|
https://www.cisco.com/c/pt_pt/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/buy.html
|
unknown
|
||
|
https://www.cisco.com/c/uk_ua/index.html
|
unknown
|
||
|
https://cisco.com/
|
72.163.4.185
|
||
|
https://www.cisco.com/c/es_pe/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msif:randomM
|
unknown
|
||
|
https://www.cisco.com/c/m/en_us/solutions/hybrid-work/workplace-solutions/penn1-lookbook.html?ccid=c
|
unknown
|
||
|
https://www.cisco.com/c/en/us/training-events/training-certifications.html
|
unknown
|
||
|
https://www.cisco.com/c/cs_cz/index.html
|
unknown
|
||
|
https://www.cisco.com/web/fw/i/logo-open-graph.gif
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/careers.html
|
unknown
|
||
|
https://www.cisco.com/c/en_za/index.html
|
unknown
|
||
|
https://pdx-col.eum-appdynamics.com
|
unknown
|
||
|
https://community.cisco.com/
|
unknown
|
||
|
https://blogs.cisco.com/networking/it-leaders-contend-with-secure-multicloud-access-the-2023-global-
|
unknown
|
||
|
https://www.cisco.com/c/vi_vn/index.html
|
unknown
|
||
|
http://cdn.appdynamics.com
|
unknown
|
||
|
https://cdn.appdynamics.com
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/privacy-full.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/help.html
|
unknown
|
||
|
https://www.cisco.com/site/uk/en/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi457110176310365940
|
unknown
|
||
|
https://garokelka.com/
|
unknown
|
||
|
https://www.cisco.com/c/en/us/solutions/design-zone.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/training-events/events.html
|
unknown
|
||
|
https://www.cisco.com/site/jp/ja/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_bz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/zh_hk/index.html
|
unknown
|
||
|
https://www.linkedin.com/company/cisco
|
unknown
|
||
|
https://www.cisco.com/
|
unknown
|
||
|
https://www.cisco.com/c/fr_ch/index.html
|
unknown
|
||
|
https://www.cisco.com/site/ca/en/index.html
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
garokelka.com
|
217.195.153.225
|
||
|
cisco.com
|
72.163.4.185
|
||
|
www.cisco.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
80.167.196.79
|
unknown
|
Denmark
|
|
|
|
125.99.69.178
|
unknown
|
India
|
|
|
|
89.32.156.5
|
unknown
|
Italy
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
213.64.33.92
|
unknown
|
Sweden
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
24.234.220.88
|
unknown
|
United States
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
72.205.104.134
|
unknown
|
United States
|
|
|
|
69.160.121.6
|
unknown
|
Jamaica
|
|
|
|
117.195.17.148
|
unknown
|
India
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
70.49.205.198
|
unknown
|
Canada
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
41.227.190.59
|
unknown
|
Tunisia
|
|
|
|
86.168.210.41
|
unknown
|
United Kingdom
|
|
|
|
100.4.163.158
|
unknown
|
United States
|
|
|
|
70.50.83.216
|
unknown
|
Canada
|
|
|
|
165.120.169.171
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
79.92.15.6
|
unknown
|
France
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
98.187.21.2
|
unknown
|
United States
|
|
|
|
92.149.250.113
|
unknown
|
France
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
103.101.203.177
|
unknown
|
Singapore
|
|
|
|
94.204.202.106
|
unknown
|
United Arab Emirates
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
85.61.165.153
|
unknown
|
Spain
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
103.144.201.48
|
unknown
|
unknown
|
|
|
|
102.156.10.183
|
unknown
|
Tunisia
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
201.143.215.69
|
unknown
|
Mexico
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
85.104.105.67
|
unknown
|
Turkey
|
|
|
|
41.186.88.38
|
unknown
|
Rwanda
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
90.104.151.37
|
unknown
|
France
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
116.74.163.130
|
unknown
|
India
|
|
|
|
105.184.209.194
|
unknown
|
South Africa
|
|
|
|
116.120.145.170
|
unknown
|
Korea Republic of
|
|
|
|
103.139.242.6
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
45.243.142.31
|
unknown
|
Egypt
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
27.109.19.90
|
unknown
|
India
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
45.62.70.33
|
unknown
|
Canada
|
|
|
|
83.249.198.100
|
unknown
|
Sweden
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
47.199.241.39
|
unknown
|
United States
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
199.27.66.213
|
unknown
|
United States
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
86.176.83.44
|
unknown
|
United Kingdom
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
89.79.229.50
|
unknown
|
Poland
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
77.126.99.230
|
unknown
|
Israel
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
31.53.29.235
|
unknown
|
United Kingdom
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
93.147.235.8
|
unknown
|
Italy
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
77.86.98.236
|
unknown
|
United Kingdom
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
72.163.4.185
|
cisco.com
|
United States
|
||
|
217.195.153.225
|
garokelka.com
|
Netherlands
|
There are 90 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6781be.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6781be.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\133299CF040AFA646B78A6D9FB953039
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\133299CF040AFA646B78A6D9FB953039
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\URL
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\URL
|
SourceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
ed48855
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
c95a829
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
b429cf4c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
c92180c6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
719de7a3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
b668ef30
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
440237ed
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
There are 82 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
47A000
|
heap
|
page read and write
|
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1DCD5D7E000
|
heap
|
page read and write
|
||
|
4F64000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
4AE89F9000
|
stack
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A11000
|
heap
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
570000
|
direct allocation
|
page read and write
|
||
|
1DCD7A18000
|
heap
|
page read and write
|
||
|
1DCD79F9000
|
heap
|
page read and write
|
||
|
54B9000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79FA000
|
heap
|
page read and write
|
||
|
1DCD7A0B000
|
heap
|
page read and write
|
||
|
216A6BF0000
|
heap
|
page read and write
|
||
|
1DCD5B10000
|
heap
|
page read and write
|
||
|
460000
|
direct allocation
|
page execute read
|
||
|
54BA000
|
heap
|
page read and write
|
||
|
1DCD7A06000
|
heap
|
page read and write
|
||
|
1DCD7A0C000
|
heap
|
page read and write
|
||
|
7977000
|
heap
|
page read and write
|
||
|
26FA9AB0000
|
heap
|
page read and write
|
||
|
1B63C569000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B40000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79ED000
|
heap
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
69A1000
|
heap
|
page read and write
|
||
|
7E83000
|
heap
|
page read and write
|
||
|
216A6AF7000
|
heap
|
page read and write
|
||
|
1DCD79D9000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B1C000
|
heap
|
page read and write
|
||
|
1DCD5B8A000
|
heap
|
page read and write
|
||
|
216A6AD0000
|
heap
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
216A6AED000
|
heap
|
page read and write
|
||
|
F9BF0FE000
|
stack
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
4AE8AFF000
|
stack
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
1DCD5B48000
|
heap
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
216A8A03000
|
heap
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
1DCD5B4A000
|
heap
|
page read and write
|
||
|
1DCD7680000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A09000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
4AE8A7A000
|
stack
|
page read and write
|
||
|
1DCD7A18000
|
heap
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
216A86B0000
|
heap
|
page read and write
|
||
|
216A6AD8000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1DCD7A0A000
|
heap
|
page read and write
|
||
|
216A6B21000
|
heap
|
page read and write
|
||
|
1DCD79EA000
|
heap
|
page read and write
|
||
|
1DCD7A09000
|
heap
|
page read and write
|
||
|
1DCD7A0B000
|
heap
|
page read and write
|
||
|
1DCD7A0C000
|
heap
|
page read and write
|
||
|
1DCD5BAD000
|
heap
|
page read and write
|
||
|
1DCD7A1D000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
4AE8BF9000
|
stack
|
page read and write
|
||
|
672D000
|
heap
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
216A6BD0000
|
heap
|
page read and write
|
||
|
1DCD5B5C000
|
heap
|
page read and write
|
||
|
6D2A000
|
heap
|
page read and write
|
||
|
1DCD79F9000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1DCD7A0F000
|
heap
|
page read and write
|
||
|
571000
|
direct allocation
|
page execute read
|
||
|
1DCD5D7D000
|
heap
|
page read and write
|
||
|
1DCD7A1E000
|
heap
|
page read and write
|
||
|
1DCD79FF000
|
heap
|
page read and write
|
||
|
1DCD7A01000
|
heap
|
page read and write
|
||
|
1006A000
|
unkown
|
page readonly
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
DB000
|
stack
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79FE000
|
heap
|
page read and write
|
||
|
1DCD79D7000
|
heap
|
page read and write
|
||
|
26FA9C50000
|
heap
|
page read and write
|
||
|
216A6B08000
|
heap
|
page read and write
|
||
|
1DCD79F9000
|
heap
|
page read and write
|
||
|
1DCD5AF0000
|
heap
|
page read and write
|
||
|
1DCD79D1000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6AE8000
|
heap
|
page read and write
|
||
|
1DCD79F9000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
1DCD79EF000
|
heap
|
page read and write
|
||
|
1DCD5B8A000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A1C000
|
heap
|
page read and write
|
||
|
54A1000
|
heap
|
page read and write
|
||
|
1DCD7A10000
|
heap
|
page read and write
|
||
|
1B63C320000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5B74000
|
heap
|
page read and write
|
||
|
1DCD5B8A000
|
heap
|
page read and write
|
||
|
5FE0000
|
trusted library allocation
|
page read and write
|
||
|
26FA9D1B000
|
heap
|
page read and write
|
||
|
1DCD79DC000
|
heap
|
page read and write
|
||
|
1DCD7A01000
|
heap
|
page read and write
|
||
|
1B63C565000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
7976000
|
heap
|
page read and write
|
||
|
216A6B1C000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79F8000
|
heap
|
page read and write
|
||
|
1DCD79FE000
|
heap
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
10094000
|
unkown
|
page read and write
|
||
|
1DCD7A08000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
6060000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5B50000
|
heap
|
page read and write
|
||
|
1DCD5BAD000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
592000
|
direct allocation
|
page readonly
|
||
|
1DCD5B4A000
|
heap
|
page read and write
|
||
|
5FE0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
10092000
|
unkown
|
page write copy
|
||
|
1DCD79FB000
|
heap
|
page read and write
|
||
|
1B63C240000
|
heap
|
page read and write
|
||
|
1DCD7A10000
|
heap
|
page read and write
|
||
|
216A6D7C000
|
heap
|
page read and write
|
||
|
1DCD7A15000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B03000
|
heap
|
page read and write
|
||
|
1DCD79F9000
|
heap
|
page read and write
|
||
|
1DCD5B76000
|
heap
|
page read and write
|
||
|
1DCD5B8A000
|
heap
|
page read and write
|
||
|
1DCD7AD0000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
F9BE989000
|
stack
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
F9BECFE000
|
stack
|
page read and write
|
||
|
1DCD7A0E000
|
heap
|
page read and write
|
||
|
6E6D000
|
heap
|
page read and write
|
||
|
1B63C560000
|
heap
|
page read and write
|
||
|
80B64FF000
|
stack
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
58F000
|
direct allocation
|
page read and write
|
||
|
1DCD79EB000
|
heap
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
5FE0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A14000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1B63C328000
|
heap
|
page read and write
|
||
|
1DCD79FF000
|
heap
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1DCD5B38000
|
heap
|
page read and write
|
||
|
26FA9C55000
|
heap
|
page read and write
|
||
|
1DCD5B60000
|
heap
|
page read and write
|
||
|
1DCD7684000
|
heap
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
1DCD5BAD000
|
heap
|
page read and write
|
||
|
1B63D0B0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5B4A000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
100CFE000
|
stack
|
page read and write
|
||
|
216A86B4000
|
heap
|
page read and write
|
||
|
1DCD7BF0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79DC000
|
heap
|
page read and write
|
||
|
4AE887B000
|
stack
|
page read and write
|
||
|
1DCD5B36000
|
heap
|
page read and write
|
||
|
6C75000
|
heap
|
page read and write
|
||
|
1DCD7A10000
|
heap
|
page read and write
|
||
|
1DCD79D0000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
1DCD7A0A000
|
heap
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
1DCD79EA000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
1B63C220000
|
heap
|
page read and write
|
||
|
1DCD7A01000
|
heap
|
page read and write
|
||
|
216A6B1C000
|
heap
|
page read and write
|
||
|
1DCD7A05000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A08000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5BAD000
|
heap
|
page read and write
|
||
|
26FA9D17000
|
heap
|
page read and write
|
||
|
216A8520000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A0A000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1B63C540000
|
heap
|
page readonly
|
||
|
6167000
|
heap
|
page read and write
|
||
|
4F41000
|
heap
|
page read and write
|
||
|
1B63C0F0000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
1DCD5B74000
|
heap
|
page read and write
|
||
|
10095000
|
unkown
|
page readonly
|
||
|
1DCD5B8E000
|
heap
|
page read and write
|
||
|
1DCD5D7C000
|
heap
|
page read and write
|
||
|
1DCD5B43000
|
heap
|
page read and write
|
||
|
1DCD79D3000
|
heap
|
page read and write
|
||
|
1DCD79F6000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
1DCD7A14000
|
heap
|
page read and write
|
||
|
5A0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A0A000
|
heap
|
page read and write
|
||
|
1DCD7A13000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
7972000
|
heap
|
page read and write
|
||
|
1DCD5B3A000
|
heap
|
page read and write
|
||
|
1DCD7A0F000
|
heap
|
page read and write
|
||
|
1007FF000
|
stack
|
page read and write
|
||
|
1DCD79F3000
|
heap
|
page read and write
|
||
|
216AA150000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B03000
|
heap
|
page read and write
|
||
|
1DCD5B3A000
|
heap
|
page read and write
|
||
|
1DCD7A02000
|
heap
|
page read and write
|
||
|
1DCD5BAD000
|
heap
|
page read and write
|
||
|
1B63C38F000
|
heap
|
page read and write
|
||
|
1006FF000
|
stack
|
page read and write
|
||
|
1DCD5B4A000
|
heap
|
page read and write
|
||
|
1DCD7A0E000
|
heap
|
page read and write
|
||
|
1DCD5B74000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79FB000
|
heap
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
216A6990000
|
heap
|
page read and write
|
||
|
1DCD79EB000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79EB000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
1DCD5B71000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5B74000
|
heap
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
1DCD7A0E000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
1DCD79E1000
|
heap
|
page read and write
|
||
|
1DCD79F5000
|
heap
|
page read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
66FC000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79EB000
|
heap
|
page read and write
|
||
|
F9BEFFF000
|
stack
|
page read and write
|
||
|
216A6B03000
|
heap
|
page read and write
|
||
|
1B63C365000
|
heap
|
page read and write
|
||
|
1DCD5D7B000
|
heap
|
page read and write
|
||
|
1DCD7A0F000
|
heap
|
page read and write
|
||
|
1DCD5B18000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
1B63C36C000
|
heap
|
page read and write
|
||
|
7454000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B07000
|
heap
|
page read and write
|
||
|
1DCD5B44000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
1DCD79ED000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A1A000
|
heap
|
page read and write
|
||
|
1DCD5B77000
|
heap
|
page read and write
|
||
|
1DCD5B67000
|
heap
|
page read and write
|
||
|
1DCD5B8A000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
1DCD5B28000
|
heap
|
page read and write
|
||
|
1DCD7A0C000
|
heap
|
page read and write
|
||
|
1B63C36C000
|
heap
|
page read and write
|
||
|
1DCD79EB000
|
heap
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
F9BEDFE000
|
stack
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
1DCD5B1E000
|
heap
|
page read and write
|
||
|
1B63C36E000
|
heap
|
page read and write
|
||
|
4F70000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
460000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
1DCD7A03000
|
heap
|
page read and write
|
||
|
1DCD5B8E000
|
heap
|
page read and write
|
||
|
1DCD7A1D000
|
heap
|
page read and write
|
||
|
1DCD79DD000
|
heap
|
page read and write
|
||
|
1B63C36C000
|
heap
|
page read and write
|
||
|
1DCD79ED000
|
heap
|
page read and write
|
||
|
1DCD79D9000
|
heap
|
page read and write
|
||
|
1DCD7A1C000
|
heap
|
page read and write
|
||
|
1B63C530000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1B63C2B0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
1DCD79EE000
|
heap
|
page read and write
|
||
|
216A8A00000
|
heap
|
page read and write
|
||
|
1B63C570000
|
trusted library allocation
|
page read and write
|
||
|
26FA9C10000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
26FA9BF0000
|
heap
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
1DCD5B8E000
|
heap
|
page read and write
|
||
|
1B63CE50000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5D70000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79F5000
|
heap
|
page read and write
|
||
|
6160000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A07000
|
heap
|
page read and write
|
||
|
1DCD5B4E000
|
heap
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
C71000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD79EC000
|
heap
|
page read and write
|
||
|
216A6B2C000
|
heap
|
page read and write
|
||
|
26FA9D10000
|
heap
|
page read and write
|
||
|
7976000
|
heap
|
page read and write
|
||
|
1008FE000
|
stack
|
page read and write
|
||
|
1DCD7A08000
|
heap
|
page read and write
|
||
|
E33000
|
heap
|
page read and write
|
||
|
1DCD5B67000
|
heap
|
page read and write
|
||
|
1DCD79E8000
|
heap
|
page read and write
|
||
|
1DCD7A08000
|
heap
|
page read and write
|
||
|
1DCD5D75000
|
heap
|
page read and write
|
||
|
1DCD5BA4000
|
heap
|
page read and write
|
||
|
1DCD5B74000
|
heap
|
page read and write
|
||
|
1DCD5B8E000
|
heap
|
page read and write
|
||
|
1B63C4F0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A12000
|
heap
|
page read and write
|
||
|
1001FE000
|
stack
|
page read and write
|
||
|
216A6AF6000
|
heap
|
page read and write
|
||
|
B6B000
|
heap
|
page read and write
|
||
|
1DCD79F3000
|
heap
|
page read and write
|
||
|
216A6B1C000
|
heap
|
page read and write
|
||
|
1B63C550000
|
trusted library allocation
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A13000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
1009FE000
|
stack
|
page read and write
|
||
|
1DCD7A08000
|
heap
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
1DCD7A0B000
|
heap
|
page read and write
|
||
|
1DCD79D9000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
54B2000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A18000
|
heap
|
page read and write
|
||
|
741C000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A18000
|
heap
|
page read and write
|
||
|
817D000
|
heap
|
page read and write
|
||
|
6771000
|
heap
|
page read and write
|
||
|
5E4000
|
heap
|
page read and write
|
||
|
62E0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD5CE0000
|
heap
|
page read and write
|
||
|
216A6B03000
|
heap
|
page read and write
|
||
|
1DCD7A0E000
|
heap
|
page read and write
|
||
|
216A6B03000
|
heap
|
page read and write
|
||
|
1DCD79F1000
|
heap
|
page read and write
|
||
|
1DCD5B67000
|
heap
|
page read and write
|
||
|
1DCD79ED000
|
heap
|
page read and write
|
||
|
1DCD79FC000
|
heap
|
page read and write
|
||
|
80B647C000
|
stack
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
6C81000
|
heap
|
page read and write
|
||
|
1DCD7A02000
|
heap
|
page read and write
|
||
|
7973000
|
heap
|
page read and write
|
||
|
1DCD7A07000
|
heap
|
page read and write
|
||
|
80B657F000
|
stack
|
page read and write
|
||
|
1DCD5B67000
|
heap
|
page read and write
|
||
|
100AFF000
|
stack
|
page read and write
|
||
|
1DCD5B2C000
|
heap
|
page read and write
|
||
|
1DCD5A80000
|
heap
|
page read and write
|
||
|
1B63C0E0000
|
heap
|
page read and write
|
||
|
1DCD5B8E000
|
heap
|
page read and write
|
||
|
1004FE000
|
stack
|
page read and write
|
||
|
6C75000
|
heap
|
page read and write
|
||
|
797D000
|
heap
|
page read and write
|
||
|
1DCD79EF000
|
heap
|
page read and write
|
||
|
1B63D060000
|
trusted library allocation
|
page read and write
|
||
|
1B63C2C0000
|
trusted library allocation
|
page read and write
|
||
|
216A6B25000
|
heap
|
page read and write
|
||
|
1DCD7A01000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1DCD7A16000
|
heap
|
page read and write
|
||
|
1DCD7A11000
|
heap
|
page read and write
|
||
|
216A6D70000
|
heap
|
page read and write
|
||
|
1000F9000
|
stack
|
page read and write
|
||
|
58A000
|
direct allocation
|
page readonly
|
||
|
1DCD5B86000
|
heap
|
page read and write
|
||
|
1DCD7A1B000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
216A6D75000
|
heap
|
page read and write
|
||
|
1DCD7A00000
|
heap
|
page read and write
|
||
|
216A6B1C000
|
heap
|
page read and write
|
||
|
6C7A000
|
heap
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
There are 434 hidden memdumps, click here to show them.