IOC Report
U8uFcjIjAR.exe

loading gif

Files

File Path
Type
Category
Malicious
U8uFcjIjAR.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\0LDENujoRxGDNSg8nAFeOW4T.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\1vyyhjyTv0WQsnxGKVgh8uWj.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\2H2iULi73jPqktFJ6OepOola.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\2N7xiUcqYcPt4XwwaXd6aBnt.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\2xEk595iCLChQEIkapYMtg4d.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\38jnFT91OuswY7e76EHimubt.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\3ffKdsqDDK85YKPHUJ1yg9YY.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\5fqYYoyWfgcx2hRWq28g7nNF.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\5j4vJucQDJ5dRUHs8KgbU6zE.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\5mXUxo0CobvbEjsxN58lv8JE.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\6NJQIAQREgE8pnH0Tc3vNghh.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\7RNCUCyZQBj5TbzSirPLZTx4.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\9MxwoVYUchzxPb9DWfXpxtIo.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ASNAP1v7gSBWUV4M24VeAq7L.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\CzkueZo2uibKMWVlxXuuuYuf.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\DP1cSbadxSZ4GN4Plf6lDD5t.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Dgwsf7w4EFU0DJenPeJFQ9dl.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\GRMRzFPp08Qf6xzoYXN3v0kJ.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\IJ5QGXKr1fcmeIhFX4JRmReR.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\K6IMtUjnmbObbtDmmgp6S08R.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\KMbSlAfByjkUF20UwkqxawkL.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\LfTUXDPwxqflzUdNce50hrbG.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\4767d2e713f2021e8fe856e3ea638b58[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\alexxxxxxxx[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\file300un[1].exe
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\jok[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\NewB[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\gold[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\ISetup8[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\swiiii[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\jfesawdr[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\swiiiii[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NrlBY7PHizkvtumpXDF2ZwbO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\PCUjpeIbitNbH0tzJuyqcPfq.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\PhNOluqeDQNAgQ6pyogubEva.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Q2ru8nMpr2nWW31YuPp81EFT.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\QeUXLRBK3hnXmDh6BxEoxRr1.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\RPuSi7aHauEmoLNZJ0gygFsP.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ReZDyiSv1d9oc9RKQh1HoSU9.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\SQz5qXC0XQfZInNOXxbOmSfU.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\SyhtUGQrnSlVAioQ4rVLOOjh.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\T3Qq4u2DRguTQUrxYHela5ZS.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\TVwptXCoO7sIbkrRhjbE2PZI.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000066001\swiiiii.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000071001\jok.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000073001\swiiii.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000075001\file300un.exe
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000077001\jfesawdr.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000079001\gold.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000080001\alexxxxxxxx.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000231001\ISetup8.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1000233001\4767d2e713f2021e8fe856e3ea638b58.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Local\Temp\RarSFX0\work.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\RarSFX1\podaw.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\svrht.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.0.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.1.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.2\UIxMarketPlugin.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.2\relay.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.2\run.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u5xs.0.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u5xs.1.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u5xs.2\UIxMarketPlugin.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u5xs.2\relay.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\u5xs.2\run.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\U4x5QYt9YvcW7ZavDfqoMzWn.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\U9TaXZF4Dtll7HWLvlflgS1k.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\UD5c5lRW73IS3PFTwgbHbs5R.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\Wbr3x69pcbSZtPyx0r9XirkL.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Xf0R0h4D02qlmSsaNEARsgAC.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\YmRHdVjMjWfgOGnmlpMeFk3W.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ZdJVnsAsGFXjRLisReQL9qeg.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\anYrNMf7BkK2nQqzIYyWir6K.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\bR4U6XYd9TFO6UTaUKN5r2h6.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\c5Evvv7PYHJO6LpEaGq866pm.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\dPOp3jG6cTg3qN9wSAMJoEyW.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\dr1rk0EffiWHIOEoIM0y02vz.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\e9hVvSYXlP0xhhVB1Cn6Pgop.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\hUntDTmBlfyZnFAi6sAPMqK9.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\hi1aLhmXAS9IuYfXRpFgbtIN.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\iPlB1qbFQFH1ftEutDuOvKvu.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\kJQmHVN1ymzFf6h1SAx9MRkd.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\kqWcoPWge2lBBTisp4lafa9T.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\mFxRdQLZpyvaCG50kC1Vvtgm.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\ndb0fcrEXTitnmEiCwbBu17x.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\nx2O4pl6JsljvUYganpkaIuz.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\oDbOgHc2o8C57zZ3j5h88raq.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\rBkbJurNkGUDcfqWsMfUiKI9.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\reXPhdY9Ai5nG5RYgYEblrOi.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\sAZX6pCAhoctp0pZlpHswGSQ.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\tIMIX6FhTytIBgdKnsKEeTL9.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\vDuCgf2Voaw2LLAsDp7A6309.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\vf0hhs68KGG55pTpbMQhmnEF.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\AppData\Local\w2LYT0LfpWsoNTZvweJklQve.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\wYB5cGZirJjZJJPhntypmeFR.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ww7JDxmxaoQ9FUv9x8TKyKSY.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\y37mD1IuO45o81MbxoPzuNXd.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\yqAccZXldjURDvuE02Wzx66b.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\yvu0DVxXmQgzDV8A7x4am1Ob.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\2Tou5zGna3sRH11GciMBbZgS.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\2WfD0d98t0vvspmZtbNiMd3K.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\2fZdJDwSJsgUfWXz4vfSCNc2.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\2hzHYeaAvedtbB9n4Al5HAlc.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\42aqT3i0exo8ClkJ9x9x76bj.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\4gHWYulKwwC9mAGusyg1bN2y.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\4qdN2NXKzWFa5hVG8lUhV5aV.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\56MSgzGjt7DCxuJwG3rlLC0n.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\5PRTInX0pnuXa8v8cOzJCXwY.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\5RIkieBmHnRMmQ027PXhctux.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\5uecEsXehJwba0CTpV7r5w9J.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\CW6I446Upi6pRJwdKk7DKik9.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\CcVsAa1aPXP8AeP3n8DklXlW.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\CpqmTFb0JovJ1ZbssYgoEukK.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\E2J4txsMwXF0FC1lSl4LeyeC.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\FxfpxXMfHqygzvFNuTBvcdK4.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\G5ySvIIiUZEng2gHEb0ia9X8.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\Gyjybmuo0flsJ9dTOIsqJkOX.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\H5yNpx42S8IZUDziNao5NoiZ.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\Hukfa3OXe0ABqVhMgk840KlD.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\HwacXgeZ7NROKRQE0PXEHrcz.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\I7ensOQctg1uAjq6Ow7TzO7R.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\IPYyjHxAPykR30zffbRrZF82.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\Ip8wtphk0sq5W1G9S0yXoRhB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\IyaFodsxs5gjaIKXcsBknvbB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\JpNy2GKOfbQVVFOOPrMrSDYH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\KD4MGqBmnl5yi0hAsXLSbdSy.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\KcPMpaa1kOoC1gyGKob3dUMA.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\KeaeBYEoeSKrt7OHYQWgw9KY.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\Lg7nSLwyiJZjUSW4G0qcX1yV.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\LqEGPBEKUCUhBDJKv5mRRgZQ.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\ME586VT0sUE29Jo7X6zYQs1O.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\NjV6zIGZdVX0WeB8KyD9vVQX.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\NxHsQz4fDCatJsgYrnTnuULR.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\OQgcqQkt9mj3bwxHnZIa4s8D.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\OcXMLXs1I7uPacTR3wj6FpuO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\U9sERAOeNr3mgv0e80M6A4fC.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\UiQzdb0JuVAuKhgIqFvM40tD.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\VIvaPgF4HG0I5BUqITqbcGpt.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\VkPnywQDA6u7BOwpwfjSJ67x.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\WwT2X5ly4j7TYqCo1DiUNFVe.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\X8dw09DkWg2FUJZX2MdQYMIH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\YY0KEjD7nviDyOYS1Zel18Iz.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\a61Zt3kxeVox4lwkSb04Exqv.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\bOup5lccxV9NOACTU5R4JYwk.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\cPV2bRPfjMzAHIg1WdlvEFuz.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\dAzTHvN7U1zbeiGER55JOdmD.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\dCJ2FGsdDNOePKsle0wc5xjs.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\eZIEOd6NiDhJgVNwtWcx59tv.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\itqn5NboFEwVdvQSHIzKZ5Tx.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\m51WyQJV3lONT871iWetdwlO.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\mOkLcaTZpbuoAYzmfUDWaVew.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\mwOimlTAau0yLmr8r4SRU8mq.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\pcgtAOzZa16Vv8MI85WMELIz.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\pvnkK7ERSt002PLOO6PmWB6P.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\qk0x06I6JhykUr9FfyCqWusc.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\tlTbd0P2iK6BETIro6KxfVNb.exe
MS-DOS executable PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, MZ for MS-DOS
dropped
 malicious
C:\Users\user\Pictures\un2vphNUslz6zwbvA7PqkJW0.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\wDrZ6hfdUrkd3JgS0hjhg6UX.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\wm7we8oXFjD0na8cInm6YOSJ.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\wtVMzXQafdDJfAuXHtN4Tdkn.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\xiBUq473AMEj3R5tdfFowrHB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\xyMqBBjqvGfUL37YvYIuomy7.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\yUP3tf3QnRZ1nTqTKGi8mWAl.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Pictures\yWV9WwJcUosMiP7cfkSd3H82.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\AZTRJHKCVR.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\BAAFCAFCBKFHJJJKKFHI
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\BKECBAKFBGDGCBGDBAECAKJJEC
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\BKJJJDHD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
dropped
C:\ProgramData\BNAGMGSPLO.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\CGIDGCGIEGDGDGDGHJKKKJKECG
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\DQOFHVHTMG.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\DQOFHVHTMG.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\DUUDTUBZFW.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EEGWXUHVUG.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\EHIDAKECFIEBGDHJEBKK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\ERWQDBYZVW.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\FCAKFCGCGIEGDGCAAKKJJJJDHJ
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\GRXZDKKVDB.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\HMPPSXQPQV.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\IEHDBGDH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\JKKEBGCGHIDHCBFHIDGHCBKEHC
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file300un.exe_b23a5ebad53b538d1a557cb9862f3e342e24557_13ec7059_7674419b-9cc4-40ba-8eb1-29ed2363b6b3\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_gold.exe_195ca8a7c544add89ad7bd6a13316bcd32671d2e_1fe4e9c4_13eebc0c-9d1c-4ca8-ba9d-654c034bf326\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_swiiiii.exe_4644a13ebcdb6e10e65a72b8ec8bc0b0ff32d1fa_6563360f_d10b2e99-b995-4aef-aade-cba8e78fd154\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER113F.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER119E.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER11BE.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER129A.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12AB.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12EA.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3005.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER312C.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER313D.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER32F4.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER33CE.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER33CF.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER45E9.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER50A.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5126.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5657.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER566B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5718.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER576F.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER60CD.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER613B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6189.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER61C8.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER64E9.tmp.dmp
Mini DuMP crash report, 15 streams, Thu May 2 09:30:09 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6836.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER68B4.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER68D1.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER695F.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6DF.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6F66.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7003.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER74AA.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER88B0.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER956E.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER95AD.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9B8E.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9C1A.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9EF1.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9FE5.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9FF3.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA218.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2BB.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA339.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA628.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA8B9.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA908.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERABA0.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERADD4.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAF65.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB09C.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB1B6.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB2D1.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBA2E.tmp.dmp
Mini DuMP crash report, 16 streams, Thu May 2 09:30:32 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBCC5.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC4ED.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC51C.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC56B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC83A.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC9F5.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCA3B.tmp.dmp
Mini DuMP crash report, 14 streams, Thu May 2 09:30:34 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCB65.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCBC4.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCC14.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCFF2.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD0AE.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD84A.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD95A.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE017.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE9E0.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREAA7.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREAB4.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERECF7.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDB5.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF4D.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF79.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFC8.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFCD.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF027.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF028.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF1ED.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF1EE.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF385.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF9ED.tmp.txt
data
dropped
C:\ProgramData\NVWZAPQSQL.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\NVWZAPQSQL.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\PALRGUCVEH.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\SQSJKEBWDT.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\SQSJKEBWDT.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\Public\Desktop\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 13:16:52 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\Users\user\AppData\Local\IuSz2b3gScKM1g5aUyC8xIoo.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\KxxYgtSXXYBdt8WEqc8cz7ko.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jok.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\swiiii.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Ov5ij7qPcC9pQIWxjxMSsuFg.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\SPYvPkIgJ1TpTR0wYPcX8Kzy.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe:Zone.Identifier
ASCII text, with CRLF line terminators
modified
C:\Users\user\AppData\Local\Temp\1000069001\0IwyRP8dv6Zvsx7tdYVcZobo.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\0dkirMiK0V7Usk4BVRj9SdEi.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\2mT1LImSiwozHKhvxZydXmh1.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\38gfT5U2xLmIrJ1JfgCj0Sl9.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\3QzGZ0FMhevW05KUlhVNrsZe.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\3VRXZqIQrD4DvXR5XbkXzfPs.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\4Hw4GM17srpfnY7aWVbqCAvW.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\4oGkw8mNJbU1wyXHkTUNOHn3.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\7J63lcbTUB7aRAcGoJlv3uAf.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\84bNk2xZ38AQ7vJpyX61pppV.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\8aemI9JIGX4XjYsESbWC1AZ3.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\8t5fwTd9wcogHnZ7jUYuHS5y.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\9YBxooZeQtInzxegUz9EXCqS.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\A2J46T0QzaIx5ltPheePGnNx.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Aav7VzV0TnDj1XGTcrDcoSiQ.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\B09GiEjg2l23JpV4pOwXYy19.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\BqFOhpvEPA5gTfbvasJQy6Sw.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\CePERjy3VawbOEOCJFp5rCDe.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\DKttanOEk8SNwyHB5pKPCCll.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\ElOKXd4nKhwOkYiTVRHCCSyi.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\FTzh9OVNpCItbUrRLCGGhkPi.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\G3xFDLLoyXYpnt4PdECLtjY4.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\GpXyNPhXX1x6gsgETAm5JdD6.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\H8KX10Z8JZ5DPc3akcVAyFTt.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\HbqqtaMSSllmBIFIPuGnvj1j.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\IQmJQWhZUkr75YbOnFhCkvPU.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Igc52RSkRB3ckavYJIiWhs1n.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Iz827EFHYPdnv3DWHW16LbJv.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\JhUp2IBZwNcQxlkSotXvgf3z.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\KeXAeThPEbqrrIQKsAVy9zB0.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Kt9BfE525WwVj8EJNHwi3rtp.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\LmIqYThZdpztx92dAYiQh07r.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\OWJKLihj3WL98squY38mI8s1.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Q3knTMMLgUJRkrpuPyNSKm6n.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\RExAMJMJqDGNidti25ikBJ8Z.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\S80dtpUid3aBvzgdEwe0tEXt.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Tp4Uq1bMlN2YRoafzcziHuVf.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\TtH4oRLhhB2fJEJO030pGGI3.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\UEhVyXTnne2ybmcPs86GBHYf.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\UbM2Q7KzPOkknJYUCOXCvXDD.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\UiCsRP5Rbz8CnOZOarlUv92d.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\VtPstywBnjZBAdhoY5cih5Nw.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\Wsq6lKnpChlV8MXJx7RUUziz.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\X6KmvlcWZCHuVJb7vK0X5GGu.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\bNw6XCxepZpkYCKJCHagZjZl.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\bjQ7hTgD5nTkllZr2yBVtjVg.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\c75A0tWeyNgMm4cXTKW4CG9C.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\cThz8ZcqpN6MkmCq29FmGm6Q.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\cfdDll82uGsZTelRRt9qunk4.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\e8q1nJenPFCxt7B22RY2dCPJ.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\fTx0Rh752YT1ZxL1Ia8F0Li7.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\gt6L62CNxUFJT8BCZD7TsizX.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\iIU9h9DWpWw8yNhlJpDYt8P8.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\jxAZZbmZmc05l2uJvPRogIbd.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\l44aCM4wfoc2KjlBuVKQHhT6.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\l9o8kM9BjIinz0h0p50XwnR7.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\n2fScr22mzVv9nogIX2RB4vZ.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\oHhKyFjCcKYD4reKIUgWWp7b.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\oaLQ4Ub3GjyDJN5eLZFzCvwM.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\pPkiJeCdWYfLaoVzjJZwIMcS.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\pdTOeVGmbV7avuVYsWjFcyoq.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\pf14CqiRnN8h4P0aztikrGcp.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\q9Ge7vq6rs4RIWowuJ48Ctxp.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\qPEXyjkk6CXkhoHFdbEYndrA.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\qaEgPPiQuxxe7gipXJRdfuRV.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\rvfHpP0gpyL4MvUofs8UBxrZ.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\rzjgYYVM8A8xdDG8WfZSoTOT.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\shxHtUUlgdIxnd1py9LpUTuk.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\u9yV8G8bVhUl56lPQUy4DNUA.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\uU5O3kLFa9GUuxsboepgF5vv.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\ujjmo6uL9OnfP0LyTlQGjGVl.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\vrkFkGiwAMrdU1STUqb2FFAs.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\wa6v1oMmrIJPDAlkYVL0P3q0.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\wtRO58b8a0Q0uNMww516OB2y.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\xIN6jUSXe8J3o734ru9ILSmo.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\xaxCj4I7MbRXZuGjmfyx8xaP.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\yLf3ZuA8QIjEUIQJuJRM5vUn.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\zHnhoQnlJb59qmOhcDM2QxfH.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\1000069001\zoDPWJTBIttHVrGdJAp4uwoG.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\RarSFX0\1.bat
DOS batch file, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Tmp6FC7.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\Tmp6FE7.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\_Files_\BNAGMGSPLO.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\EEGWXUHVUG.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\GRXZDKKVDB.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\NVWZAPQSQL.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\NVWZAPQSQL.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\PALRGUCVEH.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\SQSJKEBWDT.docx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_Files_\SQSJKEBWDT.xlsx
ASCII text, with very long lines (1024), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3ji4lwui.l02.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dmz3k3vo.cnr.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jrofkuun.f5p.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mn0j3ot2.wvk.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vnfxku1p.m4w.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zoqod3p0.uxa.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\u1eg.2\bunch.dat
data
dropped
C:\Users\user\AppData\Local\Temp\u1eg.2\whale.dbf
data
dropped
C:\Users\user\AppData\Local\Temp\u5xs.2\bunch.dat
data
dropped
C:\Users\user\AppData\Local\Temp\u5xs.2\whale.dbf
data
dropped
C:\Users\user\AppData\Local\dLUPpAAtiEoWEQUBQv1GxQM3.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\edp3oPwo77sX93prOjhnnm7f.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\hBG4JWy9UHJZLtiCZWmjck9Q.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\hMGf7FJgQbefAorbqBxMGDZP.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\iVaytSUSPGL5LKFxhJGT9AxZ.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\ohTgVe16YIJposWY9rBcMWQt.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\soJYu58T815PAMbVZEi3FqAj.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\valG8sjMrHqezgFOb9xfgsjM.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\wwnqRXQsqOwsfHiXwyXHy36k.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Local\xxxvQ222Muur7IAhJFO2josf.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite-shm
data
dropped
C:\Users\user\Pictures\CP9gGCLZql6Z3VnxUgaovlrP.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\IFHfRfJdw1mqQCHZWR8f3Vkv.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\KImI36TC1Y7rGZ5UkRKOyITD.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\O9XmeM92fKONDftmgyRaFliB.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\SFikDJwNMJxgFTwKZA4lZsP0.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\TOVomg3JhzM1hDeL6OH8S3j4.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\TluJPFR20Cizqk9QCeZ4f6Wn.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\fsVNTOPIZjvyyKLUfdVpOR4A.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\jbLETzz7C0GBJ2a9yv4MjoYb.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\jvyyUuPRRkaqGCtIkwRw4Z1Q.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\maw0QWL9For4QfobCLCbl1L1.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\pkTvRQbqxGJDEvP7qn2hNX7G.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\qxBJ9q7JFSujxnUh8qc7NeOo.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Users\user\Pictures\tOnhkleN9bZiXdFSaCNnUUUo.exe
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
dropped
C:\Windows\Tasks\explorha.job
data
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
C:\Windows\appcompat\Programs\Amcache.hve.LOG2
MS Windows registry file, NT/2000 or above
dropped
There are 423 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\U8uFcjIjAR.exe
"C:\Users\user\Desktop\U8uFcjIjAR.exe"
 malicious
C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
"C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"
malicious
C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
 malicious
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
 malicious
C:\Users\user\AppData\Local\Temp\1000066001\swiiiii.exe
"C:\Users\user\AppData\Local\Temp\1000066001\swiiiii.exe"
malicious
C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
 malicious
C:\Windows\System32\netsh.exe
netsh wlan show profiles
 malicious
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main
 malicious
C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe
"C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe"
malicious
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN NewB.exe /TR "C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe" /F
malicious
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal
malicious
C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe
C:\Users\user\AppData\Local\Temp\1000069001\NewB.exe
 malicious
C:\Users\user\AppData\Local\Temp\1000071001\jok.exe
"C:\Users\user\AppData\Local\Temp\1000071001\jok.exe"
malicious
C:\Users\user\AppData\Local\Temp\1000231001\ISetup8.exe
"C:\Users\user\AppData\Local\Temp\1000231001\ISetup8.exe"
malicious
C:\Users\user\AppData\Local\Temp\1000073001\swiiii.exe
"C:\Users\user\AppData\Local\Temp\1000073001\swiiii.exe"
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Users\user\AppData\Local\Temp\1000075001\file300un.exe
"C:\Users\user\AppData\Local\Temp\1000075001\file300un.exe"
malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
 malicious
C:\Users\user\AppData\Local\Temp\u1eg.0.exe
"C:\Users\user\AppData\Local\Temp\u1eg.0.exe"
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Local\Temp\1000075001\file300un.exe" -Force
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
 malicious
C:\Users\user\AppData\Local\Temp\1000079001\gold.exe
"C:\Users\user\AppData\Local\Temp\1000079001\gold.exe"
malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Users\user\Pictures\CpqmTFb0JovJ1ZbssYgoEukK.exe
"C:\Users\user\Pictures\CpqmTFb0JovJ1ZbssYgoEukK.exe"
malicious
C:\Users\user\AppData\Local\Temp\RarSFX1\podaw.exe
"C:\Users\user\AppData\Local\Temp\RarSFX1\podaw.exe"
malicious
C:\Users\user\Pictures\G5ySvIIiUZEng2gHEb0ia9X8.exe
"C:\Users\user\Pictures\G5ySvIIiUZEng2gHEb0ia9X8.exe"
malicious
C:\Users\user\AppData\Local\Temp\1000080001\alexxxxxxxx.exe
"C:\Users\user\AppData\Local\Temp\1000080001\alexxxxxxxx.exe"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 3580 -ip 3580
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3580 -s 924
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\user\AppData\Local\Temp\1000077001\jfesawdr.exe
"C:\Users\user\AppData\Local\Temp\1000077001\jfesawdr.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 436 -p 4764 -ip 4764
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\RarSFX0\1.bat" "
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 4764 -s 1500
C:\Users\user\AppData\Local\Temp\RarSFX0\work.exe
work.exe -priverdD
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 7452 -ip 7452
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7452 -s 372
C:\Users\user\AppData\Local\Temp\1000233001\4767d2e713f2021e8fe856e3ea638b58.exe
"C:\Users\user\AppData\Local\Temp\1000233001\4767d2e713f2021e8fe856e3ea638b58.exe"
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 40 hidden processes, click here to show them.

URLs

Name
IP
Malicious
pillowbrocccolipe.shop
malicious
worryfillvolcawoi.shop
malicious
http://3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionhttp://3ebu257qh2dlauxqj7cgv3i5
unknown
 malicious
diskretainvigorousiw.shop
malicious
5.252.22.216:44356
malicious
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
unknown
http://schemas.xmlsoap.org/ws/2005/02/sc/sct
unknown
https://incredibleextedwj.shop/apir
unknown
http://tempuri.org/Entity/Id23ResponseD
unknown
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdfh
unknown
http://tempuri.org/
unknown
http://tempuri.org/Entity/Id2Response
unknown
http://tempuri.org/Entity/Id21Response
unknown
http://www.indyproject.org/
unknown
https://jonathantwo.comHj
unknown
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
unknown
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
unknown
https://yip.su/redirect-
unknown
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
unknown
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
unknown
https://junglethomas.com/7c01bdea43026295bd9dcdbc2f93c432/4767d2e713f2021e8fe856e3ea638b58.exe$
unknown
https://incredibleextedwj.shop/
unknown
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
unknown
http://schemas.xmlsoap.org/ws/2004/10/wsat
unknown
https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf.
unknown
https://productivelookewr.shop/apis
unknown
https://turnitin.com/robot/crawlerinfo.html)cannot
unknown
http://Passport.NET/tb_
unknown
http://193.233.132.56/
unknown
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
unknown
https://api.ip.sb/ip
unknown
https://jonathantwo.comH
unknown
http://185.172.128.150/b7d0cfdb1d966bdd/vcruntime140.dll
unknown
http://schemas.xmlsoap.org/ws/2005/02/sc4
unknown
http://52.143.157.84/84bad7132df89fd7/sqlite3.dllUGy
unknown
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
unknown
http://tempuri.org/Entity/Id24Response
unknown
https://www.ecosia.org/newtab/
unknown
https://incredibleextedwj.shop/apihort
unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
unknown
http://schemas.xmlsoap.org/ws/2004/08/addressing
unknown
http://185.172.128.150/b7d0cfdb1d966bdd/freebl3.dll2
unknown
http://docs.oasis-open.org/wss/2004/01/o
unknown
http://52.143.157.84/c73eed764cc59dcb.php0
unknown
https://blockchain.infoindex
unknown
https://productivelookewr.shop/api
unknown
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
unknown
http://193.233.132.175/server/ww12/AppGate2103v01.exe4k2
unknown
http://tempuri.org/Entity/Id10ResponseD
unknown
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
unknown
http://tempuri.org/Entity/Id5Response
unknown
http://tempuri.org/Entity/Id15ResponseD
unknown
http://tempuri.org/Entity/Id10Response
unknown
http://185.172.18
unknown
http://tempuri.org/Entity/Id8Response
unknown
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
unknown
https://login.microsoftonline.com/ppsecure/deviceremovecredential.srf
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
unknown
https://login.microsoftonline.com/ppsecure/DeviceQuery.srf
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80600e
unknown
http://193.233.132.56/Pneh2sXQk0/index.php
unknown
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
unknown
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdcurit
unknown
https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf%
unknown
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
unknown
http://193.233.132.234
unknown
https://junglethomas.com/7c01bdea43026295bd9dcdbc2f93c432/4767d2e713f2021e8fe856e3ea638b58.exe
unknown
https://yip.su
unknown
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510
unknown
https://affordcharmcropwo.shop/apieJDz
unknown
http://tempuri.org/Entity/Id13Response
unknown
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1
unknown
https://signup.live.com/signup.aspx
unknown
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80601
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80600
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80603
unknown
http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement
unknown
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdAAAAAA
unknown
http://tempuri.org/Entity/Id4ResponseD
unknown
http://search.msn.com/msnbot.htm)msnbot/1.1
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80605
unknown
https://account.live.com/inlinesignup.aspx?iww=1&id=80604
unknown
http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_Wrap
unknown
https://yip.su/RNWPd
unknown
https://aka.ms/winsvr-2022-pshelpX
unknown
http://tempuri.org/Entity/Id22ResponseD
unknown
http://tempuri.org/Entity/Id16ResponseD
unknown
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue
unknown
https://skategirls.org/baf14778c246e15550645e30ba78ce1c.exe4k2
unknown
http://185.172.128.150/b7d0cfdb1d966bdd/nss3.dll
unknown
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContext
unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/Issue
unknown
http://tempuri.org/Entity/Id19ResponseD
unknown
http://52.143.157.84/73eed764cc59dcb.php
unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/spnego
unknown
There are 90 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
193.233.132.56
unknown
Russian Federation
malicious
185.172.128.150
unknown
Russian Federation
malicious
185.172.128.19
unknown
Russian Federation
malicious
185.172.128.90
unknown
Russian Federation
172.67.150.207
unknown
United States
40.126.24.149
unknown
United States
185.215.113.67
unknown
Portugal
193.233.132.175
unknown
Russian Federation
176.97.76.106
unknown
United Kingdom
193.233.132.234
unknown
Russian Federation
185.172.128.59
unknown
Russian Federation
104.21.11.250
unknown
United States
116.202.23.44
unknown
Germany
104.21.79.77
unknown
United States
104.21.31.124
unknown
United States
104.21.67.211
unknown
United States
104.21.90.14
unknown
United States
52.143.157.84
unknown
United States
23.44.201.207
unknown
United States
185.172.128.228
unknown
Russian Federation
172.67.176.131
unknown
United States
104.21.86.106
unknown
United States
104.20.3.235
unknown
United States
104.21.84.71
unknown
United States
20.42.65.92
unknown
United States
172.67.197.33
unknown
United States
104.20.4.235
unknown
United States
172.67.193.79
unknown
United States
172.67.19.24
unknown
United States
172.67.218.63
unknown
United States
104.21.76.57
unknown
United States
There are 21 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Startup
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
EnableLUA
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7172
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7172
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7172
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8716
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8716
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8716
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7340
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7340
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7340
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7892
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7892
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7892
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1816
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1816
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1816
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7792
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7792
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7792
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10208
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10208
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10208
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7696
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7696
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7696
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7456
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7456
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\7456
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8380
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8380
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8380
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8116
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8116
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8116
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5784
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5784
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5784
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9148
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9148
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9148
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9528
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9528
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9528
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1040
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1040
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1040
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9992
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9992
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9992
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2928
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2928
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2928
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6856
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6856
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6856
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4792
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4792
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4792
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4804
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4804
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4804
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11188
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11188
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11188
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4848
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4848
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4848
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9196
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9196
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9196
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6268
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6268
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6268
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5632
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5632
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5632
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6628
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6628
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6628
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4576
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4576
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4576
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5652
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5652
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5652
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10136
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10136
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10136
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9632
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9632
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9632
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10752
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10752
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10752
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1504
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1504
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\1504
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5528
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5528
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5528
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5868
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5868
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5868
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2604
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2604
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\2604
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10008
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10008
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10008
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10016
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10016
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\10016
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8428
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8428
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8428
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9624
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9624
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9624
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11072
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11072
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\11072
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9012
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9012
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9012
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9740
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9740
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\9740
CreationTime
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
ProgramId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
FileId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
LowerCaseLongPath
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
LongPathHash
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Name
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
OriginalFileName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Publisher
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Version
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
BinFileVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
BinaryType
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
ProductName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
ProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
LinkDate
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
BinProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
AppxPackageFullName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
AppxPackageRelativeId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Size
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Language
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\swiiiii.exe|e3c5585ae7a88e3e
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Windows Live ID Token Issuer\Certificates\2C85006A1A028BCC349DF23C474724C055FDE8B6
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Windows Live ID Token Issuer\Certificates\B68D8F953E551914324E557E6164D68B9926650C
Blob
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02vnquskfpppcivc
Reason
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02jkldqaptynxnci
DeviceId
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\Logs\02jkldqaptynxnci
Provision Thursday, May 02, 2024 11:30:18
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02jkldqaptynxnci
AppIdList
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\Logs\02gfcilbgfbgtour
Request Thursday, May 02, 2024 11:30:27
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\Logs\02gfcilbgfbgtour
Response Thursday, May 02, 2024 11:30:27
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02gfcilbgfbgtour
Reason
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02upzkxolhgbhsbb
DeviceId
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02upzkxolhgbhsbb
AppIdList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003
NegativeCacheState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003
LastAccountPersistentFailureTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc
NegativeCacheState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc
LastAccountPersistentFailureTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00DCE9F6F59_wlidsvc\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003
NegativeCacheState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003
LastAccountPersistentFailureTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018400CEE22F039_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018000DD8CC4D2F_S-1-5-21-2246122658-3693405117-2476756634-1003
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018000DD8CC4D2F_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018000DD8CC4D2F_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018000DD8CC4D2F_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018000DD8CC4D2F_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003
NegativeCacheState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003
LastAccountPersistentFailureTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018800EE4A34999_S-1-5-21-2246122658-3693405117-2476756634-1003\{67082621-8D18-4333-9C64-10DE93676363}\https://watson.telemetry.microsoft.com_MBI_SSL
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1
LastSuccessfulRequestTimestamp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\1
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\2
RequestCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\2
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\2
ErrorCode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\2
FailureType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\wlidsvc\1
StartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
ThrottleCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
ThrottleStartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\WLIDSVC_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
ThrottleCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\WLIDSVC_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
ThrottleStartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{67082621-8D18-4333-9C64-10DE93676363}
ThrottleCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{67082621-8D18-4333-9C64-10DE93676363}
ThrottleStartedTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02vnquskfpppcivc
AppIdList
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18
ValidDeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL
GlobalDeviceUpdateTime
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02jkldqaptynxnci
DeviceId
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18
ValidDeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02jkldqaptynxnci
DeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_USERS.DEFAULT\Software\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-18\02jkldqaptynxnci
DeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003
ValidDeviceId
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02gfcilbgfbgtour
AppIdList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02upzkxolhgbhsbb
DeviceId
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003
ValidDeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02upzkxolhgbhsbb
DeviceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_USERS.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-2246122658-3693405117-2476756634-1003\02upzkxolhgbhsbb
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\ExtendedProperties
LID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
Data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\jok_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\BroomCleaner
Installed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance
Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\installutil_RASMANCS
FileDirectory
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
ProgramId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
FileId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
LowerCaseLongPath
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
LongPathHash
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Name
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
OriginalFileName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Publisher
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Version
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
BinFileVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
BinaryType
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
ProductName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
ProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
LinkDate
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
BinProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
AppxPackageFullName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
AppxPackageRelativeId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Size
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Language
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\file300un.exe|d96a2962e489591e
Usn
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
ProgramId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
FileId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
LowerCaseLongPath
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
LongPathHash
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Name
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
OriginalFileName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Publisher
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Version
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
BinFileVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
BinaryType
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
ProductName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
ProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
LinkDate
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
BinProductVersion
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
AppxPackageFullName
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
AppxPackageRelativeId
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Size
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Language
\REGISTRY\A\{77909397-20dc-f765-862f-9b6d4990602d}\Root\InventoryApplicationFile\gold.exe|ccbdeb097bbbf990
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018800EE4A34999
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
There are 328 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
4AA0000
direct allocation
page read and write
 malicious
1F09E930000
trusted library allocation
page read and write
 malicious
400000
unkown
page execute and read and write
 malicious
42A000
remote allocation
page execute and read and write
 malicious
591000
unkown
page execute and read and write
 malicious
F1000
unkown
page execute read
 malicious
444000
remote allocation
page execute and read and write
 malicious
2637000
trusted library allocation
page read and write
 malicious
C3A000
heap
page read and write
 malicious
5170000
direct allocation
page read and write
 malicious
EC1000
unkown
page execute and read and write
 malicious
222000
unkown
page readonly
 malicious
F1000
unkown
page execute read
 malicious
400000
remote allocation
page execute and read and write
 malicious
F1000
unkown
page execute read
 malicious
843000
unkown
page execute and read and write
 malicious
1DF0000
heap
page read and write
 malicious
4910000
direct allocation
page read and write
 malicious
1B70000
direct allocation
page read and write
 malicious
1B40000
direct allocation
page execute and read and write
 malicious
40D000
unkown
page read and write
 malicious
4283000
direct allocation
page execute and read and write
 malicious
31F000
unkown
page read and write
 malicious
364000
unkown
page read and write
 malicious
3AB5000
trusted library allocation
page read and write
 malicious
114E000
heap
page read and write
132E000
heap
page read and write
3935000
trusted library allocation
page read and write
2991000
heap
page read and write
52E0000
direct allocation
page execute and read and write
2FCC000
trusted library allocation
page read and write
1F09CE9C000
heap
page read and write
7543F7E000
unkown
page readonly
373E000
heap
page read and write
252000
unkown
page readonly
1702C513000
heap
page read and write
334E000
stack
page read and write
B7BE000
stack
page read and write
FE4000
heap
page read and write
26D7000
trusted library allocation
page read and write
30A1000
trusted library allocation
page execute and read and write
DC9B000
stack
page read and write
22351000
heap
page read and write
4621000
heap
page read and write
853E000
stack
page read and write
7FF848A00000
trusted library allocation
page read and write
594000
heap
page read and write
32A4000
trusted library allocation
page read and write
1702C27C000
unkown
page read and write
1B6E000
stack
page read and write
34EE000
heap
page read and write
720000
heap
page read and write
D09E000
direct allocation
page read and write
EB0000
direct allocation
page read and write
7680000
heap
page read and write
FE4000
heap
page read and write
2235C000
heap
page read and write
83FE000
stack
page read and write
13FA000
heap
page read and write
7FF848810000
trusted library allocation
page read and write
37F2000
heap
page read and write
37DD000
heap
page read and write
30E3000
trusted library allocation
page read and write
FC0000
direct allocation
page read and write
1210000
heap
page read and write
790000
trusted library allocation
page read and write
220AE749000
heap
page read and write
484E000
stack
page read and write
220AE19F000
heap
page read and write
22BD000
stack
page read and write
23D0F708000
heap
page read and write
431000
remote allocation
page execute and read and write
220AD905000
heap
page read and write
3737000
heap
page read and write
B78A4FE000
stack
page read and write
3DAF000
stack
page read and write
344F000
stack
page read and write
23D12B8E000
trusted library allocation
page read and write
2924000
heap
page read and write
55FD000
stack
page read and write
2E4F7000
heap
page read and write
1F09CE30000
heap
page read and write
BC9A000
stack
page read and write
1702C29D000
heap
page read and write
4CF1000
heap
page read and write
549000
unkown
page execute and read and write
162366F3000
heap
page read and write
3142000
trusted library allocation
page read and write
ACBB000
stack
page read and write
EA0000
direct allocation
page execute and read and write
11A4000
heap
page read and write
220AE133000
heap
page read and write
7FF848672000
trusted library allocation
page read and write
5CAE000
stack
page read and write
3801000
heap
page read and write
1702C29D000
heap
page read and write
D046000
direct allocation
page read and write
82BE000
stack
page read and write
4621000
heap
page read and write
D0C4000
direct allocation
page read and write
37E0000
heap
page read and write
4E1000
unkown
page execute read
591000
unkown
page execute and write copy
C79E000
stack
page read and write
1430000
heap
page read and write
220AE146000
heap
page read and write
3782000
heap
page read and write
1280000
heap
page read and write
7770000
heap
page read and write
23D2976C000
heap
page read and write
220AD8BA000
heap
page read and write
220AE19C000
heap
page read and write
2F7D000
trusted library allocation
page read and write
61D6000
trusted library allocation
page read and write
FE4000
heap
page read and write
220AE12A000
heap
page read and write
AF3A000
stack
page read and write
2234D000
heap
page read and write
D0DC000
direct allocation
page read and write
13E2000
heap
page read and write
893000
unkown
page execute and read and write
FC0000
direct allocation
page read and write
1000000
heap
page read and write
2FED000
stack
page read and write
1702C23C000
heap
page read and write
13FA000
heap
page read and write
3503000
trusted library allocation
page read and write
1702C24D000
unkown
page read and write
E15E000
stack
page read and write
35CA000
trusted library allocation
page read and write
11A4000
heap
page read and write
3780000
heap
page read and write
621B000
trusted library allocation
page read and write
220AE6E2000
heap
page read and write
220AD881000
heap
page read and write
454000
unkown
page read and write
72FE000
stack
page read and write
4621000
heap
page read and write
220AD8A9000
heap
page read and write
594000
heap
page read and write
E3DB000
stack
page read and write
23D0F6A6000
heap
page read and write
1C180000
heap
page read and write
D030000
direct allocation
page read and write
BF1B000
stack
page read and write
130D000
stack
page read and write
220AE65D000
heap
page read and write
3A4E000
stack
page read and write
298E000
heap
page read and write
889000
unkown
page execute and read and write
11F3000
heap
page read and write
4CF1000
heap
page read and write
220AE115000
heap
page read and write
411000
unkown
page readonly
6A55000
heap
page read and write
141B000
heap
page read and write
34F0000
heap
page read and write
220AD837000
heap
page read and write
13F7000
heap
page read and write
16236750000
heap
page read and write
37E0000
heap
page read and write
3282000
trusted library allocation
page read and write
220AE6FC000
heap
page read and write
379D000
heap
page read and write
37E0000
heap
page read and write
1181000
heap
page read and write
13E1000
heap
page read and write
346D000
trusted library allocation
page read and write
3D9E000
stack
page read and write
316C000
trusted library allocation
page read and write
220AE12E000
heap
page read and write
13DF000
heap
page read and write
6088000
trusted library allocation
page read and write
36FE000
trusted library allocation
page read and write
4620000
heap
page read and write
3737000
heap
page read and write
13F5000
heap
page read and write
7FF848A80000
trusted library allocation
page read and write
260000
unkown
page execute read
37ED000
heap
page read and write
4B10000
trusted library allocation
page execute and read and write
FE4000
heap
page read and write
EAEA000
stack
page read and write
3870000
heap
page read and write
1702C29D000
heap
page read and write
220AE162000
heap
page read and write
1F09CC40000
unkown
page readonly
1F0AE921000
trusted library allocation
page read and write
1A1D000
unkown
page readonly
7FF848890000
trusted library allocation
page read and write
220AE11C000
heap
page read and write
379E000
stack
page read and write
710000
trusted library allocation
page read and write
220AD91B000
heap
page read and write
220AE10E000
heap
page read and write
2237F000
heap
page read and write
2F6B000
trusted library allocation
page read and write
13F0000
heap
page read and write
220AE149000
heap
page read and write
2902000
heap
page read and write
617D000
heap
page read and write
843E000
stack
page read and write
4C0000
heap
page read and write
1702C290000
heap
page read and write
2DED000
stack
page read and write
8FC000
stack
page read and write
DA1E000
stack
page read and write
6220000
trusted library allocation
page read and write
3787000
heap
page read and write
43FC000
stack
page read and write
D000000
direct allocation
page read and write
11D2000
unkown
page execute and write copy
7FF84872C000
trusted library allocation
page execute and read and write
13E1000
heap
page read and write
4CF1000
heap
page read and write
7542F8B000
stack
page read and write
DB5A000
stack
page read and write
2081000
heap
page read and write
7FF8489C4000
trusted library allocation
page read and write
90BC000
stack
page read and write
4DD0000
trusted library allocation
page execute and read and write
1702C29D000
heap
page read and write
2235C000
heap
page read and write
32F1000
trusted library allocation
page read and write
283D2000
heap
page read and write
400000
remote allocation
page execute and read and write
22375000
heap
page read and write
13C2000
heap
page read and write
1446000
trusted library allocation
page read and write
33F5000
trusted library allocation
page read and write
7767000
heap
page read and write
23D12248000
trusted library allocation
page read and write
4621000
heap
page read and write
D06A000
direct allocation
page read and write
23D299C1000
heap
page read and write
220AE14C000
heap
page read and write
4FD000
stack
page read and write
610000
remote allocation
page execute and read and write
22375000
heap
page read and write
33C2000
trusted library allocation
page read and write
2E2A000
trusted library allocation
page read and write
23D297F6000
heap
page read and write
4621000
heap
page read and write
220AE60A000
heap
page read and write
402000
remote allocation
page execute and read and write
13F0000
heap
page read and write
E39A000
stack
page read and write
9CBA000
stack
page read and write
4AE0000
direct allocation
page execute and read and write
3E6E000
stack
page read and write
37F0000
heap
page read and write
220AEA00000
heap
page read and write
383B000
heap
page read and write
37F6000
heap
page read and write
3715000
heap
page read and write
220AE13B000
heap
page read and write
602E000
stack
page read and write
11C0000
heap
page read and write
13DF000
heap
page read and write
4621000
heap
page read and write
794F000
stack
page read and write
1F09CE76000
heap
page read and write
3163000
trusted library allocation
page read and write
31F000
unkown
page write copy
6097000
trusted library allocation
page read and write
769F000
stack
page read and write
52D0000
direct allocation
page execute and read and write
457000
stack
page read and write
D082000
direct allocation
page read and write
13DE000
heap
page read and write
34BF000
heap
page read and write
7FF848840000
trusted library allocation
page read and write
213D000
stack
page read and write
1AD4E000
stack
page read and write
F36E000
stack
page read and write
3799000
heap
page read and write
220AE6FF000
heap
page read and write
6EA62FE000
stack
page read and write
1E7C000
heap
page read and write
7A4C000
stack
page read and write
1CCF000
stack
page read and write
22389748000
heap
page read and write
11B9000
unkown
page execute and read and write
2B0E000
stack
page read and write
209D000
heap
page read and write
90F000
stack
page read and write
630000
direct allocation
page read and write
1056E000
stack
page read and write
220AE186000
heap
page read and write
13C6000
heap
page read and write
19B000
stack
page read and write
C65E000
stack
page read and write
EB0000
direct allocation
page read and write
DEE000
stack
page read and write
BACAB83000
stack
page read and write
FB2C000
stack
page read and write
594C000
stack
page read and write
D018000
direct allocation
page read and write
220AE6D3000
heap
page read and write
420F000
stack
page read and write
2922000
heap
page read and write
E04000
heap
page read and write
308F000
stack
page read and write
4621000
heap
page read and write
4621000
heap
page read and write
7FF848756000
trusted library allocation
page execute and read and write
1220000
heap
page read and write
FE4000
heap
page read and write
220AE69C000
heap
page read and write
37EF000
heap
page read and write
2AB3000
trusted library allocation
page read and write
BEDA000
stack
page read and write
D9F000
stack
page read and write
555A000
trusted library allocation
page read and write
3C5D000
stack
page read and write
4EDB000
stack
page read and write
2DA80000
heap
page read and write
4C0000
unkown
page readonly
23D11040000
heap
page read and write
2238B580000
heap
page read and write
30FB000
trusted library allocation
page read and write
9D0000
heap
page read and write
35C0000
trusted library allocation
page read and write
37F2000
heap
page read and write
31FF000
trusted library allocation
page read and write
11A8000
heap
page read and write
13C6000
heap
page read and write
2ACE000
stack
page read and write
4621000
heap
page read and write
3382000
trusted library allocation
page read and write
4CC0000
direct allocation
page execute and read and write
7FF848980000
trusted library allocation
page read and write
D035000
direct allocation
page read and write
413F000
stack
page read and write
1702C702000
heap
page read and write
740000
trusted library allocation
page read and write
3225000
trusted library allocation
page read and write
4E9D000
stack
page read and write
37D9000
heap
page read and write
4CF1000
heap
page read and write
348D000
trusted library allocation
page read and write
2E7F000
stack
page read and write
3787000
heap
page read and write
344E000
stack
page read and write
D212000
direct allocation
page read and write
23D0F664000
heap
page read and write
86A000
unkown
page readonly
7FF848880000
trusted library allocation
page read and write
220AE121000
heap
page read and write
D0C0000
direct allocation
page read and write
D08C000
direct allocation
page read and write
6260000
trusted library allocation
page read and write
3E9F000
stack
page read and write
220AE186000
heap
page read and write
2D89F000
stack
page read and write
329F000
stack
page read and write
35D9000
trusted library allocation
page read and write
3782000
heap
page read and write
3583000
trusted library allocation
page read and write
3775000
heap
page read and write
C01B000
stack
page read and write
132A000
heap
page read and write
993E000
stack
page read and write
389E000
stack
page read and write
136D000
unkown
page execute and read and write
220AD93C000
heap
page read and write
61EB7000
direct allocation
page readonly
A07B000
stack
page read and write
23D299EB000
heap
page read and write
396D000
trusted library allocation
page read and write
D9C000
stack
page read and write
220AE800000
remote allocation
page read and write
9DFA000
stack
page read and write
220AE6FE000
heap
page read and write
501000
unkown
page readonly
4621000
heap
page read and write
20DE000
stack
page read and write
220AE6E2000
heap
page read and write
6113000
heap
page read and write
2A95000
trusted library allocation
page read and write
D60000
unkown
page read and write
13DF000
heap
page read and write
357E000
stack
page read and write
3942000
trusted library allocation
page read and write
13E6000
heap
page read and write
2729000
trusted library allocation
page read and write
F95000
heap
page read and write
37EF000
heap
page read and write
11BD000
heap
page read and write
11A4000
heap
page read and write
28DE000
heap
page read and write
2A90000
trusted library allocation
page read and write
162366D2000
heap
page read and write
6240000
trusted library allocation
page read and write
393D000
trusted library allocation
page read and write
D020000
direct allocation
page read and write
20BC000
heap
page read and write
36EE000
trusted library allocation
page read and write
48B0000
direct allocation
page read and write
377E000
heap
page read and write
3810000
heap
page read and write
344F000
heap
page read and write
7FF848673000
trusted library allocation
page execute and read and write
13F0000
heap
page read and write
5E0000
remote allocation
page execute and read and write
220AD878000
heap
page read and write
5540000
heap
page read and write
330F000
stack
page read and write
1CD4000
heap
page read and write
D65000
unkown
page write copy
13C6000
heap
page read and write
6060000
heap
page read and write
F3AB000
stack
page read and write
298F000
stack
page read and write
152000
unkown
page read and write
61CB000
trusted library allocation
page read and write
1702C602000
heap
page read and write
419000
unkown
page write copy
BACB4FF000
stack
page read and write
3912000
trusted library allocation
page read and write
1702C29D000
heap
page read and write
375C000
heap
page read and write
597E000
stack
page read and write
6320000
trusted library allocation
page execute and read and write
D05E000
direct allocation
page read and write
1428000
trusted library allocation
page read and write
A3BE000
stack
page read and write
594000
heap
page read and write
856000
heap
page read and write
6EA5FFF000
stack
page read and write
37FD000
heap
page read and write
1F35000
heap
page read and write
3790000
trusted library allocation
page read and write
3C3000
trusted library allocation
page read and write
391C000
trusted library allocation
page read and write
22353000
heap
page read and write
CCDE000
stack
page read and write
3775000
heap
page read and write
23D29A03000
heap
page read and write
4D70000
heap
page read and write
2FEF000
trusted library allocation
page read and write
5FA000
remote allocation
page execute and read and write
220AE130000
heap
page read and write
27FB000
trusted library allocation
page read and write
5680000
trusted library allocation
page read and write
4A50000
direct allocation
page execute and read and write
D206000
direct allocation
page read and write
1F09CF83000
trusted library allocation
page read and write
5BFE000
stack
page read and write
4280000
direct allocation
page execute and read and write
220AE129000
heap
page read and write
220AE160000
heap
page read and write
52B0000
direct allocation
page execute and read and write
220AE152000
heap
page read and write
630000
direct allocation
page read and write
4490000
heap
page read and write
220AE15A000
heap
page read and write
31CF000
stack
page read and write
220AE10E000
heap
page read and write
13F0000
heap
page read and write
257000
unkown
page readonly
220AE156000
heap
page read and write
4CF1000
heap
page read and write
FB7000
heap
page read and write
EFE000
stack
page read and write
E04000
heap
page read and write
13C6000
heap
page read and write
3940000
trusted library allocation
page read and write
D022000
direct allocation
page read and write
FE4000
heap
page read and write
27EF000
trusted library allocation
page read and write
6A10000
heap
page read and write
B789D6E000
stack
page read and write
7A0000
trusted library allocation
page read and write
23D11486000
heap
page read and write
4AB0000
trusted library allocation
page read and write
D0DE000
direct allocation
page read and write
23D116A7000
trusted library allocation
page read and write
65C000
heap
page read and write
1E10000
heap
page read and write
4C30000
direct allocation
page execute and read and write
4CF1000
heap
page read and write
2237C000
heap
page read and write
73FC000
stack
page read and write
3937000
trusted library allocation
page read and write
4621000
heap
page read and write
D0AE000
direct allocation
page read and write
13CF000
heap
page read and write
13F0000
heap
page read and write
337A000
trusted library allocation
page read and write
817D000
stack
page read and write
FFE000
stack
page read and write
8AB000
heap
page read and write
317D000
trusted library allocation
page read and write
4A80000
heap
page read and write
EB0000
direct allocation
page read and write
5430000
heap
page read and write
65FC000
stack
page read and write
FC0000
direct allocation
page read and write
1F0B6C95000
heap
page read and write
13E1000
heap
page read and write
DD0000
unkown
page readonly
4E6000
unkown
page write copy
1191000
heap
page read and write
37B2000
heap
page read and write
1C8A000
heap
page read and write
390000
heap
page read and write
220AE139000
heap
page read and write
13E2000
heap
page read and write
D044000
direct allocation
page read and write
D01C000
direct allocation
page read and write
9E3B000
stack
page read and write
13E6000
heap
page read and write
289A000
trusted library allocation
page read and write
380E000
heap
page read and write
220AE127000
heap
page read and write
37E0000
heap
page read and write
2AA0000
trusted library allocation
page read and write
7FF848900000
trusted library allocation
page read and write
220AE113000
heap
page read and write
37F2000
heap
page read and write
DD0000
heap
page read and write
1BF7000
heap
page read and write
E11A000
stack
page read and write
2840000
trusted library allocation
page read and write
37F4000
heap
page read and write
3372000
trusted library allocation
page read and write
4980000
heap
page read and write
211E000
stack
page read and write
23D21621000
trusted library allocation
page read and write
D0D6000
direct allocation
page read and write
D180000
direct allocation
page read and write
2852000
trusted library allocation
page read and write
13DF000
heap
page read and write
3C6000
trusted library allocation
page read and write
813000
unkown
page read and write
20CD000
heap
page read and write
37FC000
heap
page read and write
1457000
trusted library allocation
page execute and read and write
1357000
heap
page read and write
220AE114000
heap
page read and write
1702C602000
heap
page read and write
23D12EF6000
trusted library allocation
page read and write
2060000
direct allocation
page read and write
4A60000
trusted library allocation
page read and write
427F000
stack
page read and write
2807000
trusted library allocation
page read and write
162366F3000
heap
page read and write
378F000
heap
page read and write
220AE691000
heap
page read and write
A0BB000
stack
page read and write
EC6B000
stack
page read and write
220AE120000
heap
page read and write
3810000
heap
page read and write
1431000
trusted library allocation
page read and write
7DA3000
heap
page read and write
3535000
trusted library allocation
page read and write
23D29A25000
heap
page read and write
220AE729000
heap
page read and write
377E000
heap
page read and write
A88000
heap
page read and write
4621000
heap
page read and write
4C60000
direct allocation
page execute and read and write
F8EE000
stack
page read and write
2E4E0000
heap
page read and write
FE4000
heap
page read and write
3519000
trusted library allocation
page read and write
375C000
heap
page read and write
13F0000
heap
page read and write
32D3000
trusted library allocation
page read and write
108A000
heap
page read and write
1BF0000
heap
page read and write
2330000
trusted library allocation
page execute and read and write
37B0000
heap
page read and write
1183000
heap
page read and write
34BF000
heap
page read and write
F29000
unkown
page read and write
77F000
trusted library allocation
page read and write
1702C28F000
heap
page read and write
CF6000
unkown
page execute and read and write
23D12B4D000
trusted library allocation
page read and write
6EA5BFF000
stack
page read and write
4CF1000
heap
page read and write
1450000
trusted library allocation
page read and write
107EE000
stack
page read and write
1108000
heap
page read and write
13FA000
heap
page read and write
64031000
unkown
page execute read
62C0000
trusted library allocation
page execute and read and write
1E5D000
heap
page read and write
162384A0000
trusted library allocation
page read and write
34E2000
trusted library allocation
page read and write
4621000
heap
page read and write
7543D7E000
unkown
page readonly
3734000
heap
page read and write
6099000
trusted library allocation
page read and write
293E000
heap
page read and write
2E9D000
stack
page read and write
220AE10F000
heap
page read and write
2B0E000
stack
page read and write
CAC000
heap
page read and write
31E0000
trusted library allocation
page read and write
23D2980E000
heap
page read and write
23D297B4000
heap
page read and write
EB0000
direct allocation
page read and write
220AD894000
heap
page read and write
13F7000
heap
page read and write
C41E000
stack
page read and write
220AE129000
heap
page read and write
52E0000
direct allocation
page execute and read and write
7FF848AD0000
trusted library allocation
page read and write
4621000
heap
page read and write
32D2000
stack
page read and write
35BA000
trusted library allocation
page read and write
B80000
heap
page read and write
220AE15B000
heap
page read and write
2586000
heap
page read and write
2FF9000
trusted library allocation
page read and write
220AE15A000
heap
page read and write
91FB000
stack
page read and write
220AD8D3000
heap
page read and write
1320000
heap
page read and write
684A000
stack
page read and write
2A65000
trusted library allocation
page read and write
2580000
heap
page read and write
37E7000
heap
page read and write
1702C753000
heap
page read and write
3FFE000
stack
page read and write
1AEE000
stack
page read and write
395D000
trusted library allocation
page read and write
300F000
trusted library allocation
page read and write
FB0000
heap
page read and write
7EDD000
stack
page read and write
37FA000
heap
page read and write
274B000
trusted library allocation
page read and write
7C0000
heap
page read and write
60D8000
heap
page read and write
220AE178000
heap
page read and write
1F0B70E0000
trusted library section
page read and write
401000
unkown
page execute read
4CF1000
heap
page read and write
48A0000
heap
page read and write
23D0F6AB000
heap
page read and write
345E000
heap
page read and write
4A85000
trusted library allocation
page read and write
3998000
trusted library allocation
page read and write
532000
unkown
page readonly
4F2E000
stack
page read and write
1BD9E000
stack
page read and write
7543C7E000
stack
page read and write
375E000
stack
page read and write
3CF0000
heap
page read and write
36C4000
trusted library allocation
page read and write
3492000
trusted library allocation
page read and write
1B90000
direct allocation
page execute and read and write
425F000
stack
page read and write
1D44000
heap
page read and write
391F000
trusted library allocation
page read and write
22382000
heap
page read and write
67C0000
trusted library allocation
page execute and read and write
B6E000
stack
page read and write
AFC000
stack
page read and write
13F0000
heap
page read and write
1702C29D000
heap
page read and write
34EF000
heap
page read and write
220AD87E000
heap
page read and write
393A000
trusted library allocation
page read and write
92FA000
stack
page read and write
22353000
heap
page read and write
4621000
heap
page read and write
24C000
stack
page read and write
385B000
heap
page read and write
125D000
stack
page read and write
220AE6C0000
heap
page read and write
14EF000
stack
page read and write
CD1B000
stack
page read and write
396B000
trusted library allocation
page read and write
FC2C000
stack
page read and write
13CE000
heap
page read and write
C8DB000
stack
page read and write
44FC000
stack
page read and write
1702C602000
heap
page read and write
2904000
heap
page read and write
620000
heap
page read and write
1E43000
heap
page read and write
7ABC000
stack
page read and write
6095000
trusted library allocation
page read and write
4621000
heap
page read and write
5B0B000
stack
page read and write
2244F000
heap
page read and write
122E000
heap
page read and write
293E000
heap
page read and write
13F0000
heap
page read and write
2234E000
heap
page read and write
6AA1000
heap
page read and write
E04000
heap
page read and write
10C0000
trusted library allocation
page read and write
220AD6F0000
heap
page read and write
8A2000
unkown
page execute and write copy
6D80000
heap
page read and write
32C0000
stack
page read and write
4621000
heap
page read and write
1DDC000
unkown
page readonly
608A000
trusted library allocation
page read and write
37F2000
heap
page read and write
3917000
trusted library allocation
page read and write
35CA000
trusted library allocation
page read and write
383B000
heap
page read and write
131D000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
320E000
stack
page read and write
4AF2000
trusted library allocation
page read and write
D0FE000
direct allocation
page read and write
FC0000
direct allocation
page read and write
2DFCE000
stack
page read and write
368F000
stack
page read and write
62AF000
stack
page read and write
4621000
heap
page read and write
7FF848790000
trusted library allocation
page execute and read and write
2237C000
heap
page read and write
220AD93C000
heap
page read and write
1C40000
heap
page read and write
4CF1000
heap
page read and write
2A72000
trusted library allocation
page read and write
4C00000
heap
page read and write
37EF000
heap
page read and write
13C2000
heap
page read and write
D190000
direct allocation
page read and write
6C1E000
stack
page read and write
11AE000
heap
page read and write
2550000
heap
page read and write
2F5C000
trusted library allocation
page read and write
13F5000
heap
page read and write
560000
heap
page read and write
4A4F000
stack
page read and write
7FF848824000
trusted library allocation
page read and write
220AD836000
heap
page read and write
4E1F000
unkown
page read and write
394F000
trusted library allocation
page read and write
B07D000
stack
page read and write
220AE702000
heap
page read and write
220AD905000
heap
page read and write
326D000
trusted library allocation
page read and write
32D7000
stack
page read and write
D40000
unkown
page read and write
2D3DE000
stack
page read and write
5E8000
remote allocation
page execute and read and write
4FC000
unkown
page write copy
220AE107000
heap
page read and write
11D0000
heap
page read and write
769000
trusted library allocation
page read and write
7855000
heap
page read and write
1A50000
heap
page read and write
2753000
trusted library allocation
page read and write
220AE132000
heap
page read and write
27E8000
trusted library allocation
page read and write
FE4000
heap
page read and write
1F0B6940000
trusted library allocation
page read and write
FE4000
heap
page read and write
3369000
trusted library allocation
page read and write
2E46000
trusted library allocation
page read and write
2237C000
heap
page read and write
D0CE000
direct allocation
page read and write
7737000
heap
page read and write
4900000
heap
page read and write
34F4000
trusted library allocation
page read and write
1B9CE000
stack
page read and write
1B98F000
stack
page read and write
37B2000
heap
page read and write
37E8000
heap
page read and write
687E0000
unkown
page readonly
7DA0000
heap
page read and write
2EB2000
heap
page read and write
37B2000
heap
page read and write
D010000
direct allocation
page read and write
2996000
heap
page read and write
3090000
heap
page execute and read and write
D20C000
direct allocation
page read and write
553000
unkown
page execute read
E8AB000
stack
page read and write
7A7000
trusted library allocation
page execute and read and write
45CC000
stack
page read and write
2980000
trusted library allocation
page read and write
7FF848A30000
trusted library allocation
page read and write
11C3000
unkown
page execute and read and write
13E1000
heap
page read and write
220AE18C000
heap
page read and write
13E9000
heap
page read and write
28FD000
heap
page read and write
3690000
heap
page read and write
3792000
heap
page read and write
644C000
stack
page read and write
220AE137000
heap
page read and write
E04000
heap
page read and write
220AD870000
heap
page read and write
3A1E000
trusted library allocation
page read and write
11D3000
unkown
page execute and write copy
F16B000
stack
page read and write
D056000
direct allocation
page read and write
37A9000
trusted library allocation
page read and write
36B9000
trusted library allocation
page read and write
22382000
heap
page read and write
23D29A51000
heap
page read and write
3EF0000
heap
page read and write
641CF000
unkown
page readonly
2236E000
heap
page read and write
1470000
heap
page read and write
EB0000
direct allocation
page execute and read and write
6EA5DFF000
stack
page read and write
23D21651000
trusted library allocation
page read and write
296E000
stack
page read and write
6420E000
unkown
page read and write
392E000
trusted library allocation
page read and write
25C000
unkown
page execute read
2905000
heap
page read and write
630000
direct allocation
page read and write
403E000
stack
page read and write
D0A4000
direct allocation
page read and write
FDD000
stack
page read and write
400000
unkown
page readonly
22340000
heap
page read and write
37EF000
heap
page read and write
33AD000
trusted library allocation
page read and write
734000
trusted library allocation
page read and write
E86B000
stack
page read and write
BACB5FF000
stack
page read and write
11A4000
heap
page read and write
1D30000
heap
page read and write
1F09CE70000
heap
page read and write
2D1FE000
stack
page read and write
D01000
unkown
page execute read
13DF000
heap
page read and write
FE4000
heap
page read and write
1E5D000
heap
page read and write
337E000
trusted library allocation
page read and write
4621000
heap
page read and write
3022000
trusted library allocation
page read and write
141D000
heap
page read and write
4621000
heap
page read and write
23D2993C000
heap
page read and write
4DC000
unkown
page readonly
1C40000
heap
page read and write
4621000
heap
page read and write
5C6F000
stack
page read and write
4904000
heap
page read and write
333B000
trusted library allocation
page read and write
298D000
trusted library allocation
page read and write
DC0000
heap
page read and write
1D8E000
stack
page read and write
30CA000
trusted library allocation
page read and write
2D9F000
stack
page read and write
37DB000
heap
page read and write
622000
remote allocation
page execute and read and write
7FF848852000
trusted library allocation
page read and write
6EA5EFB000
stack
page read and write
1B8000
stack
page read and write
4F80000
heap
page read and write
5115000
heap
page read and write
28B5000
trusted library allocation
page read and write
220AE66E000
heap
page read and write
A1BD000
stack
page read and write
4E8C000
stack
page read and write
2EA0000
heap
page read and write
4621000
heap
page read and write
4A10000
trusted library allocation
page read and write
2560000
heap
page readonly
4CF1000
heap
page read and write
373C000
heap
page read and write
7FA000
heap
page read and write
4F4000
unkown
page read and write
220AE67F000
heap
page read and write
1B88F000
stack
page read and write
2ACF000
stack
page read and write
4D0000
heap
page read and write
13FA000
heap
page read and write
7BFB000
stack
page read and write
4621000
heap
page read and write
D096000
direct allocation
page read and write
3917000
trusted library allocation
page read and write
4C20000
direct allocation
page execute and read and write
2237C000
heap
page read and write
2E26000
trusted library allocation
page read and write
1CFE000
heap
page read and write
36EE000
stack
page read and write
220AD91B000
heap
page read and write
4A4D000
trusted library allocation
page read and write
23D0F6A8000
heap
page read and write
393A000
trusted library allocation
page read and write
D06C000
direct allocation
page read and write
B0BD000
stack
page read and write
4AA0000
direct allocation
page read and write
3743000
heap
page read and write
2235C000
heap
page read and write
2EB2000
heap
page read and write
4A70000
trusted library allocation
page read and write
FE4000
heap
page read and write
334F000
stack
page read and write
4AB0000
direct allocation
page execute and read and write
1E45000
heap
page read and write
D002000
direct allocation
page read and write
1C191000
heap
page read and write
EF0000
heap
page read and write
594000
heap
page read and write
400000
unkown
page execute and read and write
37EE000
heap
page read and write
220AD909000
heap
page read and write
4BAE000
stack
page read and write
6A10000
heap
page read and write
447000
stack
page read and write
9B000
stack
page read and write
82FE000
stack
page read and write
7FF848790000
trusted library allocation
page execute and read and write
3170000
trusted library allocation
page read and write
2D90000
trusted library allocation
page read and write
220AE73E000
heap
page read and write
4531000
heap
page read and write
2D620000
heap
page read and write
34F4000
heap
page read and write
141A000
heap
page read and write
B40000
heap
page read and write
37FA000
heap
page read and write
4621000
heap
page read and write
2CEF000
stack
page read and write
16236703000
heap
page read and write
2AB2000
trusted library allocation
page execute and read and write
23D29A59000
heap
page read and write
319F000
trusted library allocation
page read and write
220AD94D000
heap
page read and write
4621000
heap
page read and write
6F7D000
stack
page read and write
4621000
heap
page read and write
7131000
heap
page read and write
3EDE000
stack
page read and write
283F000
stack
page read and write
3C0000
trusted library allocation
page read and write
37EE000
heap
page read and write
220AE67E000
heap
page read and write
220AD96E000
heap
page read and write
3775000
heap
page read and write
376A000
heap
page read and write
D47000
unkown
page read and write
4CF1000
heap
page read and write
1BB0E000
stack
page read and write
4A20000
trusted library allocation
page read and write
220AE129000
heap
page read and write
E70000
direct allocation
page read and write
22360000
heap
page read and write
754457B000
stack
page read and write
96C000
stack
page read and write
571E000
stack
page read and write
7FF848756000
trusted library allocation
page execute and read and write
A600000
heap
page read and write
3D60000
heap
page read and write
1420000
trusted library allocation
page read and write
1337000
heap
page read and write
A0FD000
stack
page read and write
7FF84885F000
trusted library allocation
page read and write
10A2B000
stack
page read and write
2E5D000
stack
page read and write
2B9F000
stack
page read and write
7FF848860000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
394C000
trusted library allocation
page read and write
2CCF000
stack
page read and write
3787000
heap
page read and write
23D29852000
heap
page read and write
352A000
trusted library allocation
page read and write
33FC000
trusted library allocation
page read and write
220AE12C000
heap
page read and write
339F000
stack
page read and write
1F09CDF0000
heap
page read and write
13F7000
heap
page read and write
462000
stack
page read and write
13DD000
heap
page read and write
3AB1000
trusted library allocation
page read and write
4D7000
unkown
page read and write
2E4E9000
heap
page read and write
4AC0000
direct allocation
page execute and read and write
13E7000
heap
page read and write
342F000
trusted library allocation
page read and write
1200000
heap
page read and write
BA7B000
stack
page read and write
1401000
heap
page read and write
377E000
heap
page read and write
8A3000
unkown
page execute and write copy
220AE10F000
heap
page read and write
4621000
heap
page read and write
391F000
trusted library allocation
page read and write
2E49000
trusted library allocation
page read and write
7D0000
trusted library allocation
page read and write
1F0000
heap
page read and write
129F000
stack
page read and write
4621000
heap
page read and write
29B8000
trusted library allocation
page read and write
CB0000
unkown
page readonly
1702C29D000
heap
page read and write
5ACE000
stack
page read and write
2D0FF000
stack
page read and write
C77000
unkown
page execute and read and write
220AE6D1000
heap
page read and write
3EAF000
stack
page read and write
23D299A3000
heap
page read and write
13C2000
heap
page read and write
AA7B000
stack
page read and write
4CFF000
stack
page read and write
2D751000
heap
page read and write
7FF8489C9000
trusted library allocation
page read and write
C55E000
stack
page read and write
3E19000
trusted library allocation
page read and write
4F5000
unkown
page write copy
220AE132000
heap
page read and write
220AE17A000
heap
page read and write
583D000
stack
page read and write
1C293000
heap
page read and write
378B000
heap
page read and write
D008000
direct allocation
page read and write
5F4000
unkown
page execute and read and write
B78A1FF000
stack
page read and write
502F000
stack
page read and write
372D000
heap
page read and write
4621000
heap
page read and write
3777000
heap
page read and write
7FF84867D000
trusted library allocation
page execute and read and write
33B407B000
stack
page read and write
664E000
stack
page read and write
62A0000
trusted library allocation
page read and write
2DECF000
stack
page read and write
4621000
heap
page read and write
840000
heap
page read and write
D06E000
direct allocation
page read and write
220AE100000
heap
page read and write
3934000
trusted library allocation
page read and write
3E4F000
stack
page read and write
455000
stack
page read and write
1702C502000
heap
page read and write
28422000
heap
page read and write
220AE17F000
heap
page read and write
D0B000
stack
page read and write
2904000
heap
page read and write
22E0000
heap
page read and write
23D1323F000
trusted library allocation
page read and write
26E6000
trusted library allocation
page read and write
37EF000
heap
page read and write
9FB000
stack
page read and write
6A01000
heap
page read and write
13F7000
heap
page read and write
283DC000
heap
page read and write
220AE724000
heap
page read and write
401000
unkown
page execute read
EDAE000
stack
page read and write
220AD878000
heap
page read and write
1702C29D000
heap
page read and write
383B000
heap
page read and write
7A7C000
stack
page read and write
3464000
trusted library allocation
page read and write
E76C000
stack
page read and write
8EE000
heap
page read and write
3950000
trusted library allocation
page read and write
13E1000
heap
page read and write
13F5000
heap
page read and write
82FD000
stack
page read and write
D0C2000
direct allocation
page read and write
3876000
heap
page read and write
2779000
trusted library allocation
page read and write
220AE13B000
heap
page read and write
220AD89B000
heap
page read and write
13B6000
heap
page read and write
11F6000
heap
page read and write
1200000
heap
page read and write
8A4000
heap
page read and write
16237FB0000
trusted library allocation
page read and write
23D12C07000
trusted library allocation
page read and write
13E1000
heap
page read and write
FE4000
heap
page read and write
2D23E000
stack
page read and write
7FF8486CC000
trusted library allocation
page execute and read and write
FE4000
heap
page read and write
3938000
trusted library allocation
page read and write
FBE000
stack
page read and write
BA1000
heap
page read and write
417E000
stack
page read and write
D80000
heap
page read and write
8F7E000
stack
page read and write
6FBD000
stack
page read and write
23D12E15000
trusted library allocation
page read and write
2E0F000
stack
page read and write
13B4000
heap
page read and write
FE4000
heap
page read and write
7FF848AE0000
trusted library allocation
page read and write
1F09E9A5000
trusted library allocation
page read and write
977D000
stack
page read and write
1190000
heap
page read and write
11D5000
heap
page read and write
3FDF000
stack
page read and write
383B000
heap
page read and write
220AE697000
heap
page read and write
220AE130000
heap
page read and write
13E9000
heap
page read and write
5D10000
trusted library allocation
page execute and read and write
31AB000
trusted library allocation
page read and write
24B8000
trusted library allocation
page read and write
829000
heap
page read and write
4FF000
unkown
page readonly
3937000
trusted library allocation
page read and write
64B000
heap
page read and write
1CF0000
heap
page read and write
34C0000
remote allocation
page read and write
30AC000
trusted library allocation
page read and write
1379000
heap
page read and write
3917000
trusted library allocation
page read and write
13FB000
heap
page read and write
4AA0000
direct allocation
page execute and read and write
37EE000
heap
page read and write
2B12000
trusted library allocation
page read and write
61ECD000
direct allocation
page readonly
5F9000
unkown
page read and write
4A80000
trusted library allocation
page read and write
301D000
stack
page read and write
118F000
heap
page read and write
4750000
heap
page read and write
220AE130000
heap
page read and write
220AD89B000
heap
page read and write
220AE126000
heap
page read and write
220AD96E000
heap
page read and write
13F5000
heap
page read and write
E04000
heap
page read and write
3FCF000
stack
page read and write
2DB7000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
1E5D000
heap
page read and write
799F000
stack
page read and write
28C2000
trusted library allocation
page read and write
220AE133000
heap
page read and write
13E1000
heap
page read and write
22359000
heap
page read and write
4AB000
unkown
page execute and read and write
4A60000
direct allocation
page execute and read and write
220AD91B000
heap
page read and write
81E000
stack
page read and write
61EB4000
direct allocation
page read and write
CFD000
stack
page read and write
283D0000
heap
page read and write
33B3BB6000
stack
page read and write
411000
unkown
page readonly
32A1000
trusted library allocation
page read and write
220AE14E000
heap
page read and write
2FB4000
trusted library allocation
page read and write
13F0000
heap
page read and write
32A7000
trusted library allocation
page read and write
7DBB000
stack
page read and write
37EF000
heap
page read and write
220AE6B4000
heap
page read and write
1702C2FC000
heap
page read and write
EF0000
trusted library allocation
page read and write
284D000
trusted library allocation
page read and write
7FF848810000
trusted library allocation
page read and write
13E1000
heap
page read and write
D078000
direct allocation
page read and write
F0000
unkown
page readonly
C60000
heap
page read and write
13CB000
heap
page read and write
11E8000
heap
page read and write
7F0000
heap
page read and write
1702C602000
heap
page read and write
114A000
heap
page read and write
3513000
trusted library allocation
page read and write
2220B000
heap
page read and write
23D21917000
trusted library allocation
page read and write
220AE64A000
heap
page read and write
13DF000
heap
page read and write
37E0000
heap
page read and write
220AD83A000
heap
page read and write
34C0000
heap
page read and write
220AE65D000
heap
page read and write
13B6000
heap
page read and write
220AE163000
heap
page read and write
2A79000
trusted library allocation
page read and write
7FF8489D0000
trusted library allocation
page read and write
E04000
heap
page read and write
23D0F67E000
heap
page read and write
4CB0000
direct allocation
page execute and read and write
33E3000
trusted library allocation
page read and write
D19A000
direct allocation
page read and write
13F3000
heap
page read and write
FE4000
heap
page read and write
220AE184000
heap
page read and write
3220000
trusted library allocation
page read and write
2801000
trusted library allocation
page read and write
13FA000
heap
page read and write
220AE176000
heap
page read and write
1702C29D000
heap
page read and write
26C7000
trusted library allocation
page read and write
37A4000
heap
page read and write
598E000
stack
page read and write
8F3C000
stack
page read and write
2F9F000
stack
page read and write
23D12B4B000
trusted library allocation
page read and write
840000
unkown
page readonly
13F0000
heap
page read and write
D188000
direct allocation
page read and write
11D0000
heap
page read and write
193000
stack
page read and write
4C30000
direct allocation
page execute and read and write
13E1000
heap
page read and write
2340000
trusted library allocation
page read and write
3FCE000
stack
page read and write
13F7000
heap
page read and write
393D000
trusted library allocation
page read and write
144A000
trusted library allocation
page execute and read and write
23D299EF000
heap
page read and write
5E7B000
stack
page read and write
4621000
heap
page read and write
6F7000
stack
page read and write
6A0E000
heap
page read and write
4FF000
unkown
page readonly
145F000
stack
page read and write
857B000
stack
page read and write
2739000
trusted library allocation
page read and write
D01A000
direct allocation
page read and write
13E2000
heap
page read and write
AA3C000
stack
page read and write
E04000
heap
page read and write
7FF848830000
trusted library allocation
page execute and read and write
220AE12E000
heap
page read and write
6790000
trusted library allocation
page read and write
616000
remote allocation
page execute and read and write
37F9000
heap
page read and write
383B000
heap
page read and write
220AE133000
heap
page read and write
3781000
heap
page read and write
3300000
trusted library allocation
page read and write
D092000
direct allocation
page read and write
159F000
stack
page read and write
23D0F705000
heap
page read and write
220AE109000
heap
page read and write
4621000
heap
page read and write
4C80000
direct allocation
page execute and read and write
37D9000
heap
page read and write
220AE132000
heap
page read and write
2591000
trusted library allocation
page read and write
220AE6D7000
heap
page read and write
488E000
stack
page read and write
920000
heap
page read and write
220AE643000
heap
page read and write
3801000
heap
page read and write
141D000
heap
page read and write
23D10F90000
heap
page readonly
2B90000
heap
page read and write
2235B000
heap
page read and write
4621000
heap
page read and write
220AE163000
heap
page read and write
220AE133000
heap
page read and write
4BBC000
heap
page read and write
11E6000
heap
page read and write
A7FC000
stack
page read and write
3299000
trusted library allocation
page read and write
7FF848990000
trusted library allocation
page read and write
220AD90B000
heap
page read and write
449000
remote allocation
page execute and read and write
D19E000
stack
page read and write
22363000
heap
page read and write
391E000
trusted library allocation
page read and write
2972000
trusted library allocation
page read and write
40CF000
stack
page read and write
1702C29D000
heap
page read and write
22354000
heap
page read and write
CA2000
heap
page read and write
13F5000
heap
page read and write
DE9E000
stack
page read and write
11A4000
heap
page read and write
52F000
unkown
page execute and read and write
6886E000
unkown
page read and write
3DB9000
trusted library allocation
page read and write
220AE712000
heap
page read and write
379F000
heap
page read and write
220AE133000
heap
page read and write
4621000
heap
page read and write
29D4000
trusted library allocation
page read and write
223EB000
heap
page read and write
23D12BBB000
trusted library allocation
page read and write
4621000
heap
page read and write
220AE119000
heap
page read and write
3956000
trusted library allocation
page read and write
907E000
stack
page read and write
D070000
direct allocation
page read and write
2875000
trusted library allocation
page read and write
4CF1000
heap
page read and write
EB0000
direct allocation
page read and write
1E81000
heap
page read and write
13B4000
heap
page read and write
293E000
heap
page read and write
13E1000
heap
page read and write
B8E000
heap
page read and write
3797000
heap
page read and write
370A000
heap
page read and write
45E3000
trusted library allocation
page read and write
266000
unkown
page readonly
16237FB0000
trusted library allocation
page read and write
E1E000
stack
page read and write
1175000
heap
page read and write
79B0000
trusted library allocation
page read and write
4C30000
direct allocation
page execute and read and write
3950000
trusted library allocation
page read and write
501000
unkown
page readonly
D052000
direct allocation
page read and write
1702C23C000
heap
page read and write
2996000
heap
page read and write
23D0F71A000
heap
page read and write
13B5000
heap
page read and write
D79E000
stack
page read and write
220AE133000
heap
page read and write
1E7F000
heap
page read and write
220AE10F000
heap
page read and write
13F7000
heap
page read and write
52C0000
direct allocation
page execute and read and write
220AE648000
heap
page read and write
F10000
heap
page read and write
490000
unkown
page readonly
33B417F000
stack
page read and write
3796000
heap
page read and write
3842000
heap
page read and write
C29C000
stack
page read and write
22389756000
heap
page read and write
46CC000
stack
page read and write
162366B9000
heap
page read and write
5FE000
remote allocation
page execute and read and write
BACAF7E000
stack
page read and write
4DEB000
stack
page read and write
30AE000
trusted library allocation
page read and write
C7E000
heap
page read and write
7EBB000
stack
page read and write
37A2000
heap
page read and write
2E42000
trusted library allocation
page read and write
3743000
heap
page read and write
2F38000
trusted library allocation
page read and write
11DB000
heap
page read and write
A5FE000
stack
page read and write
1702C302000
heap
page read and write
838C000
stack
page read and write
34B1000
heap
page read and write
220AE130000
heap
page read and write
811C000
stack
page read and write
340E000
stack
page read and write
34C0000
remote allocation
page read and write
616B000
heap
page read and write
223896E0000
heap
page read and write
E70000
direct allocation
page read and write
36DB000
trusted library allocation
page read and write
757C000
stack
page read and write
379B000
heap
page read and write
630000
direct allocation
page read and write
1280000
heap
page read and write
22369000
heap
page read and write
4A46000
trusted library allocation
page read and write
2D90000
trusted library allocation
page read and write
13F0000
heap
page read and write
380C000
heap
page read and write
220AE133000
heap
page read and write
590000
unkown
page read and write
1DDC000
unkown
page readonly
2FD7000
trusted library allocation
page read and write
4621000
heap
page read and write
3460000
remote allocation
page read and write
16236707000
heap
page read and write
283D4000
heap
page read and write
220AE15A000
heap
page read and write
4491000
heap
page read and write
7FF848670000
trusted library allocation
page read and write
1200000
heap
page read and write
726000
heap
page read and write
D7DB000
stack
page read and write
13DE000
heap
page read and write
F90000
heap
page read and write
13C2000
heap
page read and write
F0000
unkown
page readonly
411000
unkown
page readonly
2B17000
trusted library allocation
page read and write
4D90000
heap
page execute and read and write
37ED000
heap
page read and write
FC0000
direct allocation
page read and write
28E7000
heap
page read and write
391E000
trusted library allocation
page read and write
22354000
heap
page read and write
FE4000
heap
page read and write
394A000
trusted library allocation
page read and write
BB000
stack
page read and write
FE4000
heap
page read and write
251000
unkown
page execute read
3830000
heap
page read and write
2A42000
trusted library allocation
page read and write
13DD000
heap
page read and write
C05C000
stack
page read and write
367E000
stack
page read and write
4A52000
trusted library allocation
page read and write
4528000
heap
page read and write
220AE72C000
heap
page read and write
CD5E000
stack
page read and write
BACABCE000
stack
page read and write
22389745000
heap
page read and write
37FF000
heap
page read and write
55E000
stack
page read and write
D200000
direct allocation
page read and write
13E1000
heap
page read and write
44A000
stack
page read and write
4D29000
heap
page read and write
23D11848000
trusted library allocation
page read and write
7DC000
stack
page read and write
27CE000
trusted library allocation
page read and write
7FF848726000
trusted library allocation
page read and write
3BC0000
heap
page read and write
2B22000
trusted library allocation
page read and write
EB0000
direct allocation
page read and write
2ACC000
trusted library allocation
page read and write
4621000
heap
page read and write
292E000
heap
page read and write
636000
remote allocation
page execute and read and write
22363000
heap
page read and write
53DE000
stack
page read and write
E04000
heap
page read and write
328E000
trusted library allocation
page read and write
416E000
stack
page read and write
220AE153000
heap
page read and write
2A9E000
stack
page read and write
3743000
heap
page read and write
7FF84869D000
trusted library allocation
page execute and read and write
828B000
stack
page read and write
925000
heap
page read and write
2EF7000
trusted library allocation
page read and write
447000
unkown
page execute and read and write
141A000
heap
page read and write
37A4000
heap
page read and write
2237C000
heap
page read and write
1F37000
heap
page read and write
37B2000
heap
page read and write
13E1000
heap
page read and write
3E7E000
stack
page read and write
D214000
direct allocation
page read and write
4CF1000
heap
page read and write
D0D0000
direct allocation
page read and write
37EE000
heap
page read and write
D8E000
stack
page read and write
283E8000
heap
page read and write
7FF8489F0000
trusted library allocation
page read and write
36F9000
trusted library allocation
page read and write
2B97000
heap
page read and write
7DF410600000
trusted library allocation
page execute and read and write
4A60000
direct allocation
page execute and read and write
32CD000
stack
page read and write
1B80000
heap
page read and write
6242000
heap
page read and write
1BACF000
stack
page read and write
F7AE000
stack
page read and write
361A000
trusted library allocation
page read and write
447000
remote allocation
page execute and read and write
37EF000
heap
page read and write
220AE103000
heap
page read and write
2EE6000
trusted library allocation
page read and write
4740000
direct allocation
page read and write
84E000
heap
page read and write
D8DA000
stack
page read and write
6DB7000
heap
page read and write
13F0000
heap
page read and write
6DAC000
heap
page read and write
24B0000
heap
page read and write
2970000
heap
page read and write
461F000
stack
page read and write
5D3E000
stack
page read and write
28FD000
heap
page read and write
7FF848680000
trusted library allocation
page read and write
220AE145000
heap
page read and write
28FC000
trusted library allocation
page read and write
37ED000
heap
page read and write
220AE17C000
heap
page read and write
1175000
heap
page read and write
2E00000
trusted library allocation
page read and write
7F5F0000
trusted library allocation
page execute and read and write
ACFE000
stack
page read and write
1110000
heap
page read and write
396000
heap
page read and write
37E8000
heap
page read and write
5440000
trusted library allocation
page read and write
13EE000
heap
page read and write
1E43000
heap
page read and write
4ABE000
trusted library allocation
page read and write
1702C29D000
heap
page read and write
3990000
trusted library allocation
page read and write
4A41000
trusted library allocation
page read and write
624000
unkown
page execute and read and write
35DE000
trusted library allocation
page read and write
3C0E000
trusted library allocation
page read and write
2EB0000
trusted library allocation
page read and write
2570000
trusted library allocation
page read and write
1F09CF80000
trusted library allocation
page read and write
49A8000
heap
page read and write
3793000
heap
page read and write
338B000
trusted library allocation
page read and write
1477000
heap
page read and write
223EB000
heap
page read and write
9BBC000
stack
page read and write
1380000
heap
page read and write
220AE12F000
heap
page read and write
F26B000
stack
page read and write
1B85000
heap
page read and write
4621000
heap
page read and write
37EF000
heap
page read and write
634C000
stack
page read and write
1F09D030000
heap
page read and write
BAF4000
heap
page read and write
1006E000
stack
page read and write
E29C000
stack
page read and write
37E0000
heap
page read and write
1F09CE72000
heap
page read and write
7FFA000
stack
page read and write
220AE15F000
heap
page read and write
3942000
trusted library allocation
page read and write
4C03000
heap
page read and write
12CE000
stack
page read and write
3A8E000
stack
page read and write
220AE60F000
heap
page read and write
2FE6000
stack
page read and write
4621000
heap
page read and write
455C000
stack
page read and write
687E1000
unkown
page execute read
2390000
trusted library allocation
page read and write
113E000
heap
page read and write
220AE116000
heap
page read and write
11EE000
heap
page read and write
5EBD000
stack
page read and write
220AD8B8000
heap
page read and write
1439000
trusted library allocation
page read and write
1191000
heap
page read and write
A2BD000
stack
page read and write
7FF848AB0000
trusted library allocation
page read and write
D0F8000
direct allocation
page read and write
220AE15A000
heap
page read and write
13C6000
heap
page read and write
2B8E000
stack
page read and write
22384000
heap
page read and write
4CF1000
heap
page read and write
140D000
heap
page read and write
37D0000
heap
page read and write
37E5000
heap
page read and write
7FF848970000
trusted library allocation
page read and write
220AE11B000
heap
page read and write
22346000
heap
page read and write
97BE000
stack
page read and write
377E000
heap
page read and write
E04000
heap
page read and write
293E000
heap
page read and write
30A3000
trusted library allocation
page read and write
23D12E39000
trusted library allocation
page read and write
13F0000
heap
page read and write
EB0000
direct allocation
page read and write
401000
unkown
page execute read
5DE000
stack
page read and write
378B000
heap
page read and write
33E5000
trusted library allocation
page read and write
220AE12E000
heap
page read and write
43DE000
stack
page read and write
3810000
heap
page read and write
4C30000
direct allocation
page execute and read and write
1C26000
heap
page read and write
3790000
heap
page read and write
3713000
heap
page read and write
32DD000
stack
page read and write
209D000
heap
page read and write
6085000
trusted library allocation
page read and write
48D0000
trusted library allocation
page read and write
37E9000
heap
page read and write
36EB000
trusted library allocation
page read and write
220AE69B000
heap
page read and write
7FF848674000
trusted library allocation
page read and write
813000
unkown
page read and write
803D000
stack
page read and write
518E000
stack
page read and write
31F1000
trusted library allocation
page read and write
3743000
heap
page read and write
2D33F000
stack
page read and write
13C2000
heap
page read and write
37A1000
heap
page read and write
4621000
heap
page read and write
29B3000
trusted library allocation
page read and write
491000
unkown
page execute read
16236805000
heap
page read and write
7FF848820000
trusted library allocation
page read and write
849000
heap
page read and write
4621000
heap
page read and write
3BFE000
stack
page read and write
251000
unkown
page execute read
3783000
heap
page read and write
6066000
heap
page read and write
220AE130000
heap
page read and write
35B2000
trusted library allocation
page read and write
11EF000
heap
page read and write
1F09CDB0000
heap
page read and write
2996000
heap
page read and write
263E000
stack
page read and write
1460000
trusted library allocation
page read and write
587B000
stack
page read and write
304B000
trusted library allocation
page read and write
C96000
heap
page read and write
1200000
heap
page read and write
6F3B000
stack
page read and write
13E1000
heap
page read and write
2EC0000
trusted library allocation
page read and write
ABBE000
stack
page read and write
13E6000
heap
page read and write
2235B000
heap
page read and write
1702C702000
heap
page read and write
7FF848940000
trusted library allocation
page read and write
8A7B000
stack
page read and write
4AF0000
heap
page read and write
E04000
heap
page read and write
2F87000
trusted library allocation
page read and write
28E5000
trusted library allocation
page read and write
EE3000
trusted library allocation
page execute and read and write
3917000
trusted library allocation
page read and write
220AE133000
heap
page read and write
905000
unkown
page execute read
22C0000
trusted library allocation
page read and write
BACB07A000
stack
page read and write
E04000
heap
page read and write
3792000
heap
page read and write
3834000
heap
page read and write
D004000
direct allocation
page read and write
220AE6DA000
heap
page read and write
D03C000
direct allocation
page read and write
12FE000
stack
page read and write
470000
heap
page read and write
4A7E000
trusted library allocation
page read and write
883000
heap
page read and write
743E000
stack
page read and write
867A000
stack
page read and write
1320000
trusted library allocation
page read and write
13F7000
heap
page read and write
220AE13E000
heap
page read and write
220AE107000
heap
page read and write
220AE184000
heap
page read and write
220AE674000
heap
page read and write
D006000
direct allocation
page read and write
13E1000
heap
page read and write
13DE000
heap
page read and write
D0F2000
direct allocation
page read and write
3ADF000
stack
page read and write
D18A000
direct allocation
page read and write
20B8000
heap
page read and write
37DD000
heap
page read and write
78A000
trusted library allocation
page read and write
220AE129000
heap
page read and write
7FF848670000
trusted library allocation
page read and write
581E000
stack
page read and write
31C3000
trusted library allocation
page read and write
3743000
heap
page read and write
CD9E000
stack
page read and write
220AE169000
heap
page read and write
13DE000
heap
page read and write
11D5000
heap
page read and write
4E80000
heap
page read and write
3487000
trusted library allocation
page read and write
220AE69D000
heap
page read and write
3410000
heap
page read and write
B7FE000
stack
page read and write
9A3C000
stack
page read and write
220AE19B000
heap
page read and write
13DA000
heap
page read and write
2F8E000
stack
page read and write
DE1E000
stack
page read and write
2ED9000
trusted library allocation
page read and write
220AE5A0000
remote allocation
page read and write
61D1000
trusted library allocation
page read and write
D51E000
stack
page read and write
1702C240000
heap
page read and write
220AEA12000
heap
page read and write
4621000
heap
page read and write
3947000
trusted library allocation
page read and write
11D2000
unkown
page execute and write copy
D0D8000
direct allocation
page read and write
13E1000
heap
page read and write
F3ED000
stack
page read and write
4621000
heap
page read and write
380C000
heap
page read and write
220AE10E000
heap
page read and write
3450000
heap
page read and write
4D80000
trusted library allocation
page read and write
37E8000
heap
page read and write
364B000
trusted library allocation
page read and write
1702C654000
heap
page read and write
EB0000
direct allocation
page read and write
380C000
heap
page read and write
28FA000
heap
page read and write
400000
unkown
page readonly
4A90000
heap
page read and write
4CF1000
heap
page read and write
2700000
trusted library allocation
page read and write
3816000
heap
page read and write
754337E000
stack
page read and write
1447000
trusted library allocation
page execute and read and write
3964000
trusted library allocation
page read and write
FAF000
heap
page read and write
4CF1000
heap
page read and write
1F09D095000
heap
page read and write
3F8F000
stack
page read and write
13F0000
heap
page read and write
220AE14D000
heap
page read and write
37E2000
heap
page read and write
4621000
heap
page read and write
B78A2FE000
stack
page read and write
2994000
heap
page read and write
220AE138000
heap
page read and write
220AD7F0000
heap
page read and write
C10000
heap
page read and write
2EB1000
heap
page read and write
2235B000
heap
page read and write
8390000
heap
page read and write
13E2000
heap
page read and write
35D8000
trusted library allocation
page read and write
375C000
heap
page read and write
1D4E000
stack
page read and write
220AD8C8000
heap
page read and write
11A4000
heap
page read and write
3802000
heap
page read and write
2897000
trusted library allocation
page read and write
220AE15A000
heap
page read and write
77BE000
heap
page read and write
220AE110000
heap
page read and write
EB2E000
stack
page read and write
296A000
trusted library allocation
page read and write
2A7E000
stack
page read and write
419000
unkown
page write copy
291A000
heap
page read and write
4491000
heap
page read and write
1F0AE911000
trusted library allocation
page read and write
6065000
heap
page read and write
2E4ED000
heap
page read and write
2D51E000
stack
page read and write
371B000
heap
page read and write
D55E000
stack
page read and write
F66B000
stack
page read and write
3CB2000
trusted library allocation
page read and write
1130000
heap
page read and write
220AD93B000
heap
page read and write
7FF848870000
trusted library allocation
page execute and read and write
381A000
heap
page read and write
7FF84869B000
trusted library allocation
page execute and read and write
1C191000
heap
page read and write
39DE000
stack
page read and write
4621000
heap
page read and write
F7D000
stack
page read and write
13E8000
heap
page read and write
37E0000
heap
page read and write
E04000
heap
page read and write
2C20000
trusted library allocation
page read and write
D100000
direct allocation
page read and write
943B000
stack
page read and write
DA5B000
stack
page read and write
10A0000
heap
page read and write
1F09CE9E000
heap
page read and write
375C000
heap
page read and write
1020000
heap
page read and write
4CF1000
heap
page read and write
3E3E000
stack
page read and write
56AF000
heap
page read and write
220AE189000
heap
page read and write
7FF848930000
trusted library allocation
page read and write
220AE182000
heap
page read and write
33B40FF000
stack
page read and write
37FD000
heap
page read and write
288F000
stack
page read and write
140000
unkown
page readonly
ED0000
trusted library allocation
page read and write
401E000
stack
page read and write
891000
heap
page read and write
1F0B71B0000
heap
page read and write
37DE000
heap
page read and write
2235B000
heap
page read and write
B789D64000
stack
page read and write
7FF848960000
trusted library allocation
page read and write
2EB5000
trusted library allocation
page read and write
4CF1000
heap
page read and write
13FA000
heap
page read and write
E04000
heap
page read and write
D00C000
direct allocation
page read and write
BF0000
heap
page read and write
D64000
unkown
page read and write
6C3F000
stack
page read and write
F4EC000
stack
page read and write
D18C000
direct allocation
page read and write
4621000
heap
page read and write
5D00000
heap
page read and write
3816000
heap
page read and write
16237FB0000
trusted library allocation
page read and write
57AF000
stack
page read and write
25BF000
stack
page read and write
4DC5000
trusted library allocation
page read and write
B8FC000
stack
page read and write
2650000
heap
page read and write
45B000
stack
page read and write
654B000
stack
page read and write
40A1000
trusted library allocation
page read and write
1C13E000
stack
page read and write
22351000
heap
page read and write
4FB3000
heap
page read and write
4621000
heap
page read and write
1702C702000
heap
page read and write
10F8000
stack
page read and write
C69E000
stack
page read and write
3BCF000
stack
page read and write
220AE6CE000
heap
page read and write
37DD000
heap
page read and write
801B000
stack
page read and write
CC9E000
stack
page read and write
15D3000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
30A000
stack
page read and write
35D0000
trusted library allocation
page read and write
1702C753000
heap
page read and write
411000
unkown
page readonly
33B3FFF000
stack
page read and write
3761000
heap
page read and write
FAEB000
stack
page read and write
7FF848A90000
trusted library allocation
page read and write
2EB1000
heap
page read and write
220AE68F000
heap
page read and write
4621000
heap
page read and write
3020000
heap
page read and write
FE0000
heap
page read and write
1C290000
trusted library allocation
page read and write
3776000
heap
page read and write
3787000
heap
page read and write
23D11470000
heap
page read and write
13C6000
heap
page read and write
6DCC000
heap
page read and write
37E7000
heap
page read and write
2EF3000
trusted library allocation
page read and write
97FE000
stack
page read and write
1702C602000
heap
page read and write
13FA000
heap
page read and write
366000
stack
page read and write
C51C000
stack
page read and write
D66000
unkown
page readonly
E4E000
stack
page read and write
23D29820000
heap
page read and write
13F7000
heap
page read and write
36B4000
trusted library allocation
page read and write
4621000
heap
page read and write
13B4000
heap
page read and write
2237F000
heap
page read and write
379C000
heap
page read and write
594000
heap
page read and write
13C2000
heap
page read and write
220AE118000
heap
page read and write
7FFC000
stack
page read and write
23A0000
trusted library allocation
page execute and read and write
220AE182000
heap
page read and write
1A40000
heap
page read and write
D0B4000
direct allocation
page read and write
13C4000
heap
page read and write
220AE704000
heap
page read and write
11D2000
unkown
page execute and read and write
353DF000
heap
page read and write
23D29710000
heap
page execute and read and write
37EF000
heap
page read and write
5E6E000
stack
page read and write
F60000
heap
page read and write
4DC0000
trusted library allocation
page read and write
220AD839000
heap
page read and write
375C000
heap
page read and write
7FF8488E0000
trusted library allocation
page read and write
4621000
heap
page read and write
31AD000
trusted library allocation
page read and write
23D0F530000
heap
page read and write
752000
trusted library allocation
page read and write
4E6000
unkown
page read and write
D186000
direct allocation
page read and write
6165000
heap
page read and write
785000
trusted library allocation
page read and write
12EB000
stack
page read and write
439000
remote allocation
page execute and read and write
22351000
heap
page read and write
10A6E000
stack
page read and write
220AE129000
heap
page read and write
6A00000
heap
page read and write
68872000
unkown
page readonly
C15B000
stack
page read and write
16236630000
heap
page read and write
402C000
stack
page read and write
EB0000
direct allocation
page read and write
3D0000
trusted library allocation
page read and write
2235A000
heap
page read and write
2AFA000
trusted library allocation
page read and write
597D000
stack
page read and write
1E00000
heap
page read and write
E25E000
stack
page read and write
4621000
heap
page read and write
349E000
heap
page read and write
37EE000
heap
page read and write
2D0E000
stack
page read and write
2F4F000
stack
page read and write
3222000
trusted library allocation
page read and write
22B0000
trusted library allocation
page read and write
37E0000
heap
page read and write
13C4000
heap
page read and write
23D123FF000
trusted library allocation
page read and write
3940000
trusted library allocation
page read and write
127E000
stack
page read and write
220AE148000
heap
page read and write
7FF848A10000
trusted library allocation
page read and write
13E1000
heap
page read and write
22389915000
heap
page read and write
7BBC000
stack
page read and write
384E000
stack
page read and write
5130000
trusted library allocation
page read and write
3930000
trusted library allocation
page read and write
A4FB000
stack
page read and write
220AE60E000
heap
page read and write
2D621000
heap
page read and write
220AEA02000
heap
page read and write
27C1000
trusted library allocation
page read and write
42BC000
stack
page read and write
13F0000
heap
page read and write
2E1E000
stack
page read and write
23D29A4A000
heap
page read and write
4C4000
unkown
page readonly
13DE000
heap
page read and write
6230000
trusted library allocation
page read and write
13F3000
heap
page read and write
6E47000
heap
page read and write
4881000
trusted library allocation
page read and write
3D5F000
stack
page read and write
13F7000
heap
page read and write
430000
stack
page read and write
322F000
trusted library allocation
page read and write
2FEA000
trusted library allocation
page read and write
64215000
unkown
page readonly
13C6000
heap
page read and write
E01B000
stack
page read and write
FE4000
heap
page read and write
D09A000
direct allocation
page read and write
2F50000
trusted library allocation
page read and write
1702C29D000
heap
page read and write
2236C000
heap
page read and write
3147000
trusted library allocation
page read and write
3723000
heap
page read and write
1E27000
heap
page read and write
4BFE000
stack
page read and write
EC1000
unkown
page execute and write copy
380000
heap
page read and write
4F60000
trusted library allocation
page read and write
13B4000
heap
page read and write
23D12EA8000
trusted library allocation
page read and write
2235B000
heap
page read and write
FE4000
heap
page read and write
4A24000
trusted library allocation
page read and write
18C000
stack
page read and write
1422000
trusted library allocation
page read and write
1ED7000
heap
page read and write
13B5000
heap
page read and write
141D000
heap
page read and write
BAA0000
heap
page read and write
22355000
heap
page read and write
E04000
heap
page read and write
3797000
heap
page read and write
11A0000
heap
page read and write
1E5D000
heap
page read and write
7FF8489E0000
trusted library allocation
page read and write
B93E000
stack
page read and write
754397E000
unkown
page readonly
1A1D000
unkown
page readonly
D080000
direct allocation
page read and write
429E000
stack
page read and write
23BC000
stack
page read and write
2EB1000
heap
page read and write
220AE195000
heap
page read and write
3799000
heap
page read and write
220AE704000
heap
page read and write
1E7C000
heap
page read and write
2704000
trusted library allocation
page read and write
220ADE80000
trusted library allocation
page read and write
D65B000
stack
page read and write
32F8000
trusted library allocation
page read and write
78F000
trusted library allocation
page read and write
2EBA000
trusted library allocation
page read and write
3964000
trusted library allocation
page read and write
616F000
stack
page read and write
1C80000
heap
page read and write
3795000
heap
page read and write
220AD875000
heap
page read and write
D10A000
direct allocation
page read and write
1313000
trusted library allocation
page execute and read and write
1F09CE00000
heap
page read and write
3036000
trusted library allocation
page read and write
220AE739000
heap
page read and write
1702C29D000
heap
page read and write
6EA5CFE000
stack
page read and write
2AC4000
trusted library allocation
page read and write
4C1000
unkown
page execute read
3967000
trusted library allocation
page read and write
ED6A000
stack
page read and write
3942000
trusted library allocation
page read and write
7543E7C000
stack
page read and write
220AE72C000
heap
page read and write
400000
remote allocation
page execute and read and write
37DD000
heap
page read and write
7FF848682000
trusted library allocation
page read and write
1028000
heap
page read and write
3154000
trusted library allocation
page read and write
3978000
trusted library allocation
page read and write
1623670F000
heap
page read and write
4621000
heap
page read and write
220AE11D000
heap
page read and write
1100000
heap
page read and write
37DE000
heap
page read and write
9F7B000
stack
page read and write
37F8000
heap
page read and write
D00000
unkown
page readonly
6480000
trusted library allocation
page read and write
37D9000
heap
page read and write
630000
direct allocation
page read and write
37B0000
heap
page read and write
220AD800000
heap
page read and write
D074000
direct allocation
page read and write
345C000
trusted library allocation
page read and write
11A4000
heap
page read and write
15D0000
heap
page read and write
220AE13C000
heap
page read and write
19C000
stack
page read and write
1389000
heap
page read and write
2DBB000
trusted library allocation
page execute and read and write
E56D000
stack
page read and write
594000
heap
page read and write
303000
unkown
page execute read
37A4000
heap
page read and write
4621000
heap
page read and write
426E000
stack
page read and write
220AD91B000
heap
page read and write
BACAEFE000
stack
page read and write
3284000
trusted library allocation
page read and write
2EC0000
trusted library allocation
page execute and read and write
378F000
heap
page read and write
6EA5AF2000
stack
page read and write
1CFA000
heap
page read and write
283EE000
heap
page read and write
2238977F000
heap
page read and write
7FF8489C0000
trusted library allocation
page read and write
7FF84882A000
trusted library allocation
page read and write
1F09EB0F000
trusted library allocation
page read and write
1C9B000
heap
page execute and read and write
37EB000
heap
page read and write
3798000
heap
page read and write
37E8000
heap
page read and write
7650000
heap
page read and write
2ABA000
trusted library allocation
page read and write
7FF848674000
trusted library allocation
page read and write
F0000
unkown
page readonly
220AE153000
heap
page read and write
365E000
stack
page read and write
155000
unkown
page read and write
220AE10E000
heap
page read and write
1161000
heap
page read and write
37EF000
heap
page read and write
23D10F60000
trusted library allocation
page read and write
7FF8488A0000
trusted library allocation
page read and write
13C6000
heap
page read and write
BD00000
unkown
page readonly
54E0000
heap
page read and write
220AE179000
heap
page read and write
13DF000
heap
page read and write
DDDE000
stack
page read and write
4A80000
trusted library allocation
page read and write
37A4000
heap
page read and write
4F5E000
stack
page read and write
1702C29D000
heap
page read and write
54D000
unkown
page read and write
400000
unkown
page readonly
D3DB000
stack
page read and write
36E2000
trusted library allocation
page read and write
2E4F1000
heap
page read and write
220AE600000
heap
page read and write
2C9F000
stack
page read and write
220AE72F000
heap
page read and write
28FF000
heap
page read and write
220AE5A0000
remote allocation
page read and write
D062000
direct allocation
page read and write
4CF1000
heap
page read and write
753E000
stack
page read and write
594000
heap
page read and write
28B7000
trusted library allocation
page read and write
5ABE000
stack
page read and write
630000
direct allocation
page read and write
220AD8FF000
heap
page read and write
2926000
heap
page read and write
3940000
trusted library allocation
page read and write
E04000
heap
page read and write
4730000
direct allocation
page read and write
220AD902000
heap
page read and write
594000
heap
page read and write
D00A000
direct allocation
page read and write
220AE723000
heap
page read and write
1AA5E000
stack
page read and write
448F000
stack
page read and write
D02E000
direct allocation
page read and write
37EE000
heap
page read and write
11E6000
heap
page read and write
220AE152000
heap
page read and write
23D10FD0000
trusted library allocation
page read and write
136C000
heap
page read and write
842000
unkown
page readonly
135A000
heap
page read and write
4F70000
trusted library allocation
page read and write
4CF1000
heap
page read and write
13E6000
heap
page read and write
1F0AE917000
trusted library allocation
page read and write
23D12B33000
trusted library allocation
page read and write
220AE195000
heap
page read and write
762000
trusted library allocation
page read and write
B1BD000
stack
page read and write
16238060000
heap
page read and write
3737000
heap
page read and write
604000
remote allocation
page execute and read and write
1A9E000
stack
page read and write
27DB000
trusted library allocation
page read and write
760000
trusted library allocation
page read and write
28431000
heap
page read and write
319F000
stack
page read and write
2924000
heap
page read and write
7D0000
heap
page read and write
11A4000
heap
page read and write
1B20000
heap
page read and write
3477000
heap
page read and write
3762000
heap
page read and write
630000
direct allocation
page read and write
23D115C0000
heap
page execute and read and write
594000
heap
page read and write
3FAF000
stack
page read and write
37EE000
heap
page read and write
3047000
trusted library allocation
page read and write
383B000
heap
page read and write
4760000
direct allocation
page read and write
550000
heap
page read and write
2237C000
heap
page read and write
220AE11F000
heap
page read and write
162366A0000
heap
page read and write
1702C602000
heap
page read and write
379C000
heap
page read and write
4CF1000
heap
page read and write
2FDE000
stack
page read and write
830000
trusted library allocation
page execute and read and write
34ED0000
heap
page read and write
1ABEE000
stack
page read and write
23D12E85000
trusted library allocation
page read and write
E04000
heap
page read and write
1BF5000
heap
page read and write
6250000
trusted library allocation
page read and write
7AB000
trusted library allocation
page execute and read and write
D18E000
direct allocation
page read and write
636000
unkown
page execute and read and write
9E0000
heap
page read and write
3781000
heap
page read and write
750000
trusted library allocation
page read and write
3027000
trusted library allocation
page read and write
4621000
heap
page read and write
13DF000
heap
page read and write
594000
heap
page read and write
4AA0000
direct allocation
page read and write
23D12B61000
trusted library allocation
page read and write
220AE117000
heap
page read and write
411000
unkown
page readonly
B6F000
stack
page read and write
688E000
stack
page read and write
D40000
unkown
page write copy
1E4E000
heap
page read and write
23D21691000
trusted library allocation
page read and write
220AD8B0000
heap
page read and write
400000
unkown
page execute and read and write
20A1000
heap
page read and write
22389756000
heap
page read and write
415E000
stack
page read and write
4CF1000
heap
page read and write
28AA000
trusted library allocation
page read and write
3770000
heap
page read and write
96FC000
stack
page read and write
37E0000
heap
page read and write
220AE713000
heap
page read and write
1702C29D000
heap
page read and write
37B6000
heap
page read and write
CFE000
unkown
page readonly
57E000
stack
page read and write
7FF8489D8000
trusted library allocation
page read and write
3690000
direct allocation
page execute and read and write
2992000
heap
page read and write
81FE000
stack
page read and write
C91B000
stack
page read and write
FC0000
direct allocation
page read and write
4631000
heap
page read and write
590000
unkown
page readonly
43D000
stack
page read and write
13DF000
heap
page read and write
2F9D000
trusted library allocation
page read and write
1DDB000
heap
page execute and read and write
2FB8000
trusted library allocation
page read and write
23D29A57000
heap
page read and write
60A000
remote allocation
page execute and read and write
3052000
trusted library allocation
page read and write
2236E000
heap
page read and write
23D10F80000
trusted library allocation
page read and write
1E1E000
heap
page read and write
11F7000
heap
page read and write
7FF848840000
trusted library allocation
page execute and read and write
D34000
unkown
page readonly
13F5000
heap
page read and write
438E000
stack
page read and write
D066000
direct allocation
page read and write
2B8E000
stack
page read and write
10EE000
stack
page read and write
D0B6000
direct allocation
page read and write
310C000
trusted library allocation
page read and write
6DA7000
heap
page read and write
4621000
heap
page read and write
2B5D000
trusted library allocation
page read and write
3810000
heap
page read and write
E70000
direct allocation
page read and write
50F4000
heap
page read and write
7D7D000
stack
page read and write
2F77000
trusted library allocation
page read and write
37F6000
heap
page read and write
385F000
stack
page read and write
1C20000
heap
page read and write
66FE000
stack
page read and write
13E8000
heap
page read and write
840000
unkown
page execute and read and write
3294000
trusted library allocation
page read and write
31FB000
trusted library allocation
page read and write
4C00000
direct allocation
page execute and read and write
FE4000
heap
page read and write
220AE613000
heap
page read and write
11E8000
heap
page read and write
3701000
heap
page read and write
6310000
trusted library allocation
page execute and read and write
3782000
heap
page read and write
1F09CDF5000
heap
page read and write
D040000
direct allocation
page read and write
23D21641000
trusted library allocation
page read and write
4F1E000
stack
page read and write
1F09CF50000
trusted library allocation
page read and write
22349000
heap
page read and write
32DA000
stack
page read and write
220AE124000
heap
page read and write
1F0000
heap
page read and write
7FF84867D000
trusted library allocation
page execute and read and write
3156000
trusted library allocation
page read and write
23D2190F000
trusted library allocation
page read and write
1314000
trusted library allocation
page read and write
220AD898000
heap
page read and write
4A90000
trusted library allocation
page read and write
5470000
heap
page execute and read and write
37DF000
heap
page read and write
4D0000
unkown
page write copy
1F09CE5D000
heap
page read and write
11CB000
heap
page read and write
220AE132000
heap
page read and write
3819000
heap
page read and write
3DFF000
unkown
page read and write
519E000
stack
page read and write
6215000
trusted library allocation
page read and write
7FF848910000
trusted library allocation
page read and write
220AE133000
heap
page read and write
10F6000
stack
page read and write
DB9B000
stack
page read and write
CA4000
heap
page read and write
3A8F000
stack
page read and write
10B6E000
stack
page read and write
451E000
stack
page read and write
30CE000
stack
page read and write
37EF000
heap
page read and write
D058000
direct allocation
page read and write
4621000
heap
page read and write
1BC4E000
stack
page read and write
857000
unkown
page execute read
5DC000
remote allocation
page execute and read and write
220AD82B000
heap
page read and write
1140000
heap
page read and write
EC0000
unkown
page readonly
2E31000
trusted library allocation
page read and write
3857000
heap
page read and write
37EF000
heap
page read and write
1AE4E000
stack
page read and write
4621000
heap
page read and write
2B8F000
stack
page read and write
E04000
heap
page read and write
162366A3000
heap
page read and write
C30000
heap
page read and write
3F7E000
stack
page read and write
401000
unkown
page execute read
D05B000
stack
page read and write
4C4000
unkown
page readonly
29AC000
trusted library allocation
page read and write
D04C000
direct allocation
page read and write
24B0000
trusted library allocation
page read and write
4621000
heap
page read and write
3977000
trusted library allocation
page read and write
37E4000
heap
page read and write
E04000
heap
page read and write
2AAD000
trusted library allocation
page read and write
220AE172000
heap
page read and write
673E000
stack
page read and write
F29000
unkown
page write copy
1702C23A000
unkown
page read and write
37EA000
heap
page read and write
31E7000
trusted library allocation
page read and write
13C6000
heap
page read and write
13EA000
heap
page read and write
393C000
trusted library allocation
page read and write
2ED3000
trusted library allocation
page read and write
1002D000
stack
page read and write
E04000
heap
page read and write
23D29620000
trusted library allocation
page read and write
220AE133000
heap
page read and write
7FF8486CC000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
7760000
heap
page read and write
BCC000
stack
page read and write
7FF8488D0000
trusted library allocation
page read and write
35A4000
trusted library allocation
page read and write
33B3000
trusted library allocation
page read and write
321E000
trusted library allocation
page read and write
162384A0000
trusted library allocation
page read and write
220AE6F3000
heap
page read and write
6050000
heap
page read and write
2E07000
trusted library allocation
page read and write
391A000
trusted library allocation
page read and write
6885D000
unkown
page readonly
52E0000
direct allocation
page execute and read and write
383B000
heap
page read and write
136F000
unkown
page execute and write copy
28C0000
heap
page read and write
6EA63FA000
stack
page read and write
4621000
heap
page read and write
4621000
heap
page read and write
3925000
trusted library allocation
page read and write
4E0000
unkown
page readonly
3306000
trusted library allocation
page read and write
CB9E000
stack
page read and write
EC0000
unkown
page read and write
2235B000
heap
page read and write
2846000
trusted library allocation
page read and write
1BE9D000
stack
page read and write
1310000
trusted library allocation
page read and write
8A2000
unkown
page execute and read and write
20B4000
heap
page read and write
1DCE000
heap
page read and write
37A4000
heap
page read and write
13FA000
heap
page read and write
2D7E000
stack
page read and write
220AE10F000
heap
page read and write
13E1000
heap
page read and write
52E0000
direct allocation
page execute and read and write
13DB000
heap
page read and write
2A39000
trusted library allocation
page read and write
220AD93C000
heap
page read and write
1C03E000
stack
page read and write
D04A000
direct allocation
page read and write
FE4000
heap
page read and write
113A000
heap
page read and write
535B000
stack
page read and write
220AEB06000
heap
page read and write
13F5000
heap
page read and write
87BE000
stack
page read and write
531C000
stack
page read and write
303E000
trusted library allocation
page read and write
5E6000
remote allocation
page execute and read and write
435000
remote allocation
page execute and read and write
220AE6F3000
heap
page read and write
2EC3000
heap
page read and write
3FB2000
trusted library allocation
page read and write
7FF848694000
trusted library allocation
page read and write
2235B000
heap
page read and write
30CE000
trusted library allocation
page read and write
3039000
trusted library allocation
page read and write
346D000
trusted library allocation
page read and write
35D3000
trusted library allocation
page read and write
3121000
trusted library allocation
page read and write
D07E000
direct allocation
page read and write
7FF848A70000
trusted library allocation
page read and write
2237C000
heap
page read and write
4621000
heap
page read and write
4C0000
unkown
page readonly
13E1000
heap
page read and write
391F000
trusted library allocation
page read and write
3041000
trusted library allocation
page read and write
220AE6BF000
heap
page read and write
28FD000
heap
page read and write
8FC000
stack
page read and write
7FF848726000
trusted library allocation
page read and write
220AE167000
heap
page read and write
7FF848680000
trusted library allocation
page read and write
220AE704000
heap
page read and write
6300000
heap
page read and write
1E77000
heap
page read and write
3420000
heap
page read and write
220AE11A000
heap
page read and write
DFDD000
stack
page read and write
2235D000
heap
page read and write
630000
direct allocation
page read and write
2236E000
heap
page read and write
23D0F620000
heap
page read and write
1EBD000
heap
page read and write
2BCE000
stack
page read and write
391E000
trusted library allocation
page read and write
754387A000
stack
page read and write
220AE16B000
heap
page read and write
13C6000
heap
page read and write
220AE177000
heap
page read and write
37E9000
heap
page read and write
3945000
trusted library allocation
page read and write
22352000
heap
page read and write
4990000
heap
page read and write
3799000
heap
page read and write
220AD93C000
heap
page read and write
380C000
heap
page read and write
3071000
trusted library allocation
page read and write
220AE153000
heap
page read and write
820000
heap
page execute and read and write
141A000
heap
page read and write
3ACE000
stack
page read and write
37DD000
heap
page read and write
2F00000
direct allocation
page read and write
220AE000000
heap
page read and write
220AE658000
heap
page read and write
4A60000
trusted library allocation
page read and write
2E00000
heap
page read and write
C15000
heap
page read and write
139F000
heap
page read and write
37A2000
heap
page read and write
FE4000
heap
page read and write
2EAD000
trusted library allocation
page read and write
37EE000
stack
page read and write
220AE72B000
heap
page read and write
4621000
heap
page read and write
2AF3000
trusted library allocation
page read and write
FE4000
heap
page read and write
D40000
heap
page read and write
220AD710000
heap
page read and write
37EE000
heap
page read and write
35B000
stack
page read and write
51A000
unkown
page readonly
573B000
stack
page read and write
A3F000
unkown
page execute and write copy
7A5000
trusted library allocation
page execute and read and write
220AE13A000
heap
page read and write
2996000
heap
page read and write
22355000
heap
page read and write
6C20000
heap
page read and write
383B000
heap
page read and write
DB0000
heap
page read and write
F80000
heap
page read and write
4621000
heap
page read and write
3799000
heap
page read and write
80FF000
stack
page read and write
2580000
heap
page read and write
CF1B000
stack
page read and write
11FC000
heap
page read and write
B50000
heap
page read and write
37DE000
heap
page read and write
4621000
heap
page read and write
2E9F000
stack
page read and write
37DF000
heap
page read and write
2C98000
heap
page read and write
C7B000
heap
page read and write
42AC000
stack
page read and write
A17B000
stack
page read and write
4BEF000
stack
page read and write
5F9000
unkown
page write copy
4621000
heap
page read and write
4E84000
heap
page read and write
1A1D000
unkown
page readonly
37E4000
heap
page read and write
61E2000
trusted library allocation
page read and write
13C2000
heap
page read and write
3F8E000
stack
page read and write
7FF8489A3000
trusted library allocation
page read and write
1D0B000
heap
page execute and read and write
11F7000
heap
page read and write
220AD820000
heap
page read and write
2FA8000
trusted library allocation
page read and write
220AE10E000
heap
page read and write
532000
unkown
page readonly
3930000
trusted library allocation
page read and write
220AE6F6000
heap
page read and write
D064000
direct allocation
page read and write
3159000
trusted library allocation
page read and write
FC0000
direct allocation
page read and write
3783000
heap
page read and write
1431000
trusted library allocation
page read and write
4A70000
direct allocation
page execute and read and write
3460000
remote allocation
page read and write
283B0000
heap
page read and write
220AD902000
heap
page read and write
7C5000
heap
page read and write
6E46000
heap
page read and write
8A6000
heap
page read and write
220AD81B000
heap
page read and write
4FA1000
heap
page read and write
6E50000
trusted library allocation
page read and write
F76C000
stack
page read and write
2D79E000
stack
page read and write
28F0000
trusted library allocation
page read and write
3787000
heap
page read and write
220AE13D000
heap
page read and write
6470000
trusted library allocation
page read and write
1702C500000
heap
page read and write
C3DA000
stack
page read and write
32F9000
stack
page read and write
2EC3000
trusted library allocation
page read and write
F5EA000
stack
page read and write
4621000
heap
page read and write
145B000
trusted library allocation
page execute and read and write
13F7000
heap
page read and write
1F09CCD0000
heap
page read and write
2C9B000
heap
page read and write
220AE661000
heap
page read and write
8DFE000
stack
page read and write
38FF000
heap
page execute and read and write
1442000
trusted library allocation
page read and write
4621000
heap
page read and write
220AE72C000
heap
page read and write
13C6000
heap
page read and write
19D000
stack
page read and write
3965000
trusted library allocation
page read and write
37E0000
heap
page read and write
4CF1000
heap
page read and write
4F0000
unkown
page read and write
37D0000
heap
page read and write
7FF848815000
trusted library allocation
page read and write
35DF000
stack
page read and write
28C8000
heap
page read and write
34BE000
trusted library allocation
page read and write
220AE14A000
heap
page read and write
13DE000
heap
page read and write
7FF848AC0000
trusted library allocation
page read and write
11E7000
heap
page read and write
DE5D000
stack
page read and write
6080000
trusted library allocation
page read and write
4A80000
direct allocation
page execute and read and write
6440000
trusted library allocation
page read and write
7FF848A63000
trusted library allocation
page read and write
72BC000
stack
page read and write
33B3E7D000
stack
page read and write
33B9000
trusted library allocation
page read and write
1A1B000
unkown
page read and write
7FF848A20000
trusted library allocation
page read and write
23D11610000
heap
page execute and read and write
220AE10E000
heap
page read and write
269E000
stack
page read and write
375F000
stack
page read and write
A84000
heap
page read and write
3728000
heap
page read and write
624A000
heap
page read and write
E04000
heap
page read and write
2236E000
heap
page read and write
1E6C000
heap
page read and write
220AE002000
heap
page read and write
2FE8000
trusted library allocation
page read and write
220AE12A000
heap
page read and write
37AD000
heap
page read and write
2A02000
trusted library allocation
page read and write
314C000
stack
page read and write
D01E000
direct allocation
page read and write
2822000
trusted library allocation
page read and write
13F5000
heap
page read and write
37E2000
heap
page read and write
11E6000
heap
page read and write
30DA000
trusted library allocation
page read and write
371C000
heap
page read and write
2237C000
heap
page read and write
13E1000
heap
page read and write
13DA000
heap
page read and write
2ECF000
trusted library allocation
page read and write
D01000
unkown
page execute read
7FF848730000
trusted library allocation
page execute and read and write
69DD000
stack
page read and write
1F09CF70000
trusted library allocation
page read and write
220AD898000
heap
page read and write
220AE659000
heap
page read and write
CB2000
unkown
page readonly
23D29C80000
heap
page read and write
759E000
stack
page read and write
28FE000
heap
page read and write
1C4B000
heap
page read and write
BACC04F000
stack
page read and write
220AD8CF000
heap
page read and write
6240000
trusted library allocation
page read and write
DDC000
stack
page read and write
10BAE000
stack
page read and write
B23B000
stack
page read and write
D086000
direct allocation
page read and write
D016000
direct allocation
page read and write
359F000
trusted library allocation
page read and write
32E7000
stack
page read and write
4621000
heap
page read and write
3360000
heap
page readonly
375C000
heap
page read and write
C99000
heap
page read and write
3978000
trusted library allocation
page read and write
1F09E990000
trusted library allocation
page read and write
220AE72D000
heap
page read and write
5F2000
remote allocation
page execute and read and write
FC0000
direct allocation
page read and write
162384A0000
trusted library allocation
page read and write
754467E000
unkown
page readonly
40A5000
trusted library allocation
page read and write
10BE000
stack
page read and write
22354000
heap
page read and write
371F000
heap
page read and write
13EE000
stack
page read and write
220AD91B000
heap
page read and write
23D12B37000
trusted library allocation
page read and write
3357000
trusted library allocation
page read and write
13DF000
heap
page read and write
A8FB000
stack
page read and write
3330000
trusted library allocation
page read and write
FE4000
heap
page read and write
68DB000
stack
page read and write
ADFC000
stack
page read and write
37E3000
heap
page read and write
2E17000
trusted library allocation
page read and write
220AE5A0000
remote allocation
page read and write
37EF000
heap
page read and write
3799000
heap
page read and write
5C3E000
stack
page read and write
6EA64FE000
stack
page read and write
4CF1000
heap
page read and write
2DB0000
heap
page read and write
30EC000
trusted library allocation
page read and write
630000
direct allocation
page read and write
23D11045000
heap
page read and write
96BE000
stack
page read and write
84D000
heap
page read and write
1E77000
heap
page read and write
AF5000
stack
page read and write
23D1267A000
trusted library allocation
page read and write
11AF000
heap
page read and write
220AEB06000
heap
page read and write
1440000
trusted library allocation
page read and write
46A000
stack
page read and write
594000
heap
page read and write
303000
unkown
page execute read
28C9000
trusted library allocation
page read and write
162366D2000
heap
page read and write
391F000
trusted library allocation
page read and write
1F09CDD0000
heap
page read and write
13FA000
heap
page read and write
FC0000
direct allocation
page read and write
24AE000
stack
page read and write
220AE10F000
heap
page read and write
345A000
heap
page read and write
2F00000
direct allocation
page read and write
22355000
heap
page read and write
2994000
heap
page read and write
D0AA000
direct allocation
page read and write
3800000
heap
page read and write
2238977B000
heap
page read and write
7FF848673000
trusted library allocation
page execute and read and write
4621000
heap
page read and write
4F1F000
stack
page read and write
220AD8DA000
heap
page read and write
411F000
stack
page read and write
22D0000
heap
page read and write
28D4000
trusted library allocation
page read and write
378C000
heap
page read and write
3780000
heap
page read and write
CFEF000
stack
page read and write
4CF1000
heap
page read and write
4A60000
direct allocation
page execute and read and write
15E0000
heap
page read and write
EE4000
trusted library allocation
page read and write
E97000
heap
page read and write
4621000
heap
page read and write
2F47000
trusted library allocation
page read and write
61C0000
trusted library allocation
page read and write
E5E000
stack
page read and write
37AA000
heap
page read and write
3446000
trusted library allocation
page read and write
1702C29D000
heap
page read and write
378F000
heap
page read and write
4CD0000
direct allocation
page execute and read and write
20B4000
heap
page read and write
34D3000
trusted library allocation
page read and write
23D13243000
trusted library allocation
page read and write
1F0B7206000
heap
page read and write
61E000
stack
page read and write
37A3000
heap
page read and write
22369000
heap
page read and write
3446000
heap
page read and write
91BB000
stack
page read and write
220AE155000
heap
page read and write
220AD93B000
heap
page read and write
3770000
heap
page read and write
4CF1000
heap
page read and write
223EC000
heap
page read and write
2996000
heap
page read and write
46B6000
direct allocation
page execute and read and write
3940000
trusted library allocation
page read and write
13B4000
heap
page read and write
220AE174000
heap
page read and write
26B0000
heap
page read and write
34C3000
heap
page read and write
220AE125000
heap
page read and write
797E000
stack
page read and write
D00E000
direct allocation
page read and write
1CD0000
heap
page read and write
37F0000
heap
page read and write
37EE000
heap
page read and write
C7A000
unkown
page execute and read and write
2A84000
trusted library allocation
page read and write
8C1000
heap
page read and write
2E4B000
trusted library allocation
page read and write
587E000
stack
page read and write
162384A0000
trusted library allocation
page read and write
A3FE000
stack
page read and write
630000
direct allocation
page read and write
60C8000
heap
page read and write
309F000
stack
page read and write
220AE6B1000
heap
page read and write
250000
unkown
page readonly
2889000
trusted library allocation
page read and write
3910000
trusted library allocation
page read and write
1F0000
heap
page read and write
F9AB000
stack
page read and write
220AD91B000
heap
page read and write
16236550000
heap
page read and write
590000
heap
page read and write
330C000
trusted library allocation
page read and write
2892000
trusted library allocation
page read and write
35B6000
trusted library allocation
page read and write
13C2000
heap
page read and write
3792000
heap
page read and write
BEE000
stack
page read and write
CDDB000
stack
page read and write
51D000
unkown
page read and write
4B00000
trusted library allocation
page read and write
36CE000
trusted library allocation
page read and write
95BE000
stack
page read and write
27B9000
trusted library allocation
page read and write
1F09CE3C000
heap
page read and write
A20000
heap
page read and write
B47E000
stack
page read and write
34C5000
trusted library allocation
page read and write
4621000
heap
page read and write
193000
stack
page read and write
154000
unkown
page write copy
2EB2000
heap
page read and write
220AD91B000
heap
page read and write
4621000
heap
page read and write
392B000
trusted library allocation
page read and write
FD2E000
stack
page read and write
23D2978C000
heap
page read and write
1AFBF000
stack
page read and write
5D20000
trusted library allocation
page execute and read and write
11D5000
heap
page read and write
220AE143000
heap
page read and write
30C8000
trusted library allocation
page read and write
13F7000
heap
page read and write
4768000
direct allocation
page read and write
4621000
heap
page read and write
48B4000
direct allocation
page read and write
FE4000
heap
page read and write
7FF848A40000
trusted library allocation
page read and write
603E000
stack
page read and write
13F0000
heap
page read and write
2235F000
heap
page read and write
220AD91B000
heap
page read and write
957E000
stack
page read and write
37EF000
heap
page read and write
E9EB000
stack
page read and write
245E000
stack
page read and write
FE4000
heap
page read and write
1421000
trusted library allocation
page read and write
220AE10E000
heap
page read and write
220AD913000
heap
page read and write
220AD91A000
heap
page read and write
612000
remote allocation
page execute and read and write
273E000
stack
page read and write
70D0000
heap
page read and write
37A1000
heap
page read and write
1A1B000
unkown
page read and write
400000
unkown
page readonly
220AE10E000
heap
page read and write
3D0F000
stack
page read and write
1DDC000
unkown
page readonly
220AE16B000
heap
page read and write
13FA000
heap
page read and write
28EB000
heap
page read and write
5EC000
remote allocation
page execute and read and write
4C40000
direct allocation
page execute and read and write
7EFB000
stack
page read and write
CCF000
unkown
page execute and read and write
4F6000
unkown
page readonly
E0E000
stack
page read and write
28FD000
heap
page read and write
34B1000
heap
page read and write
370000
heap
page read and write
5FFE000
stack
page read and write
1702C29D000
heap
page read and write
3C0E000
stack
page read and write
61E000
remote allocation
page execute and read and write
E90000
heap
page read and write
1702C29D000
heap
page read and write
220AE16E000
heap
page read and write
344A000
heap
page read and write
10A8000
heap
page read and write
D0BC000
direct allocation
page read and write
2237C000
heap
page read and write
3C40000
heap
page read and write
13B5000
heap
page read and write
CB5A000
stack
page read and write
22389600000
heap
page read and write
3936000
trusted library allocation
page read and write
70CE000
stack
page read and write
1BB0000
heap
page read and write
674D000
stack
page read and write
13DE000
heap
page read and write
220AE728000
heap
page read and write
13EA000
heap
page read and write
22360000
heap
page read and write
299A000
trusted library allocation
page read and write
EF9000
stack
page read and write
3921000
trusted library allocation
page read and write
4C00000
heap
page read and write
23D21919000
trusted library allocation
page read and write
4973000
direct allocation
page read and write
152000
unkown
page write copy
754377E000
unkown
page readonly
D042000
direct allocation
page read and write
112E000
stack
page read and write
157000
unkown
page readonly
3781000
heap
page read and write
378E000
heap
page read and write
140000
unkown
page readonly
3964000
trusted library allocation
page read and write
2E7B000
trusted library allocation
page read and write
37BB000
heap
page read and write
7FF848690000
trusted library allocation
page read and write
34C7000
trusted library allocation
page read and write
EC2B000
stack
page read and write
D08A000
direct allocation
page read and write
37E7000
heap
page read and write
D29C000
stack
page read and write
7FF848720000
trusted library allocation
page read and write
220AE713000
heap
page read and write
28E8000
trusted library allocation
page read and write
4AD0000
direct allocation
page execute and read and write
FE4000
heap
page read and write
30B0000
trusted library allocation
page read and write
220AE657000
heap
page read and write
3950000
trusted library allocation
page read and write
220AE170000
heap
page read and write
3950000
trusted library allocation
page read and write
220AE6DC000
heap
page read and write
1BD4E000
stack
page read and write
375C000
heap
page read and write
4FB8000
heap
page read and write
13CE000
heap
page read and write
6FC0000
heap
page read and write
FE4000
heap
page read and write
220AD840000
heap
page read and write
220AD8EE000
heap
page read and write
494E000
stack
page read and write
1E7C000
heap
page read and write
23D0F790000
heap
page read and write
C19B000
stack
page read and write
67B0000
trusted library allocation
page read and write
5541000
trusted library allocation
page read and write
36F3000
trusted library allocation
page read and write
391F000
trusted library allocation
page read and write
D41E000
stack
page read and write
947D000
stack
page read and write
220AE184000
heap
page read and write
2A4A000
trusted library allocation
page read and write
43EC000
stack
page read and write
5B2D000
stack
page read and write
23D297D8000
heap
page read and write
4621000
heap
page read and write
D08E000
direct allocation
page read and write
3940000
trusted library allocation
page read and write
4621000
heap
page read and write
36AF000
trusted library allocation
page read and write
11EF000
heap
page read and write
23D0F740000
heap
page read and write
3350000
heap
page read and write
4CF1000
heap
page read and write
13FA000
heap
page read and write
61C000
remote allocation
page execute and read and write
6BDD000
stack
page read and write
220AE129000
heap
page read and write
2237B000
heap
page read and write
4C70000
direct allocation
page execute and read and write
1702C702000
heap
page read and write
19F9000
unkown
page readonly
13EE000
heap
page read and write
37D5000
heap
page read and write
4CF1000
heap
page read and write
4621000
heap
page read and write
3DB1000
trusted library allocation
page read and write
6EA67FD000
stack
page read and write
7FF84872C000
trusted library allocation
page execute and read and write
220AE159000
heap
page read and write
13B0000
heap
page read and write
48B0000
heap
page read and write
13C6000
heap
page read and write
220AE12F000
heap
page read and write
372D000
heap
page read and write
293E000
heap
page read and write
606000
remote allocation
page execute and read and write
F24000
unkown
page execute and read and write
EB0000
direct allocation
page read and write
157000
unkown
page readonly
2AE6000
trusted library allocation
page read and write
4621000
heap
page read and write
25C000
unkown
page execute read
7FF848672000
trusted library allocation
page read and write
5AFE000
stack
page read and write
73D000
trusted library allocation
page execute and read and write
220AE135000
heap
page read and write
13E1000
heap
page read and write
D05A000
direct allocation
page read and write
220AE690000
heap
page read and write
A88000
heap
page read and write
1350000
heap
page read and write
893B000
stack
page read and write
D0DA000
direct allocation
page read and write
AB7A000
stack
page read and write
FE4000
heap
page read and write
3591000
trusted library allocation
page read and write
220AE728000
heap
page read and write
2237C000
heap
page read and write
8CFE000
stack
page read and write
7FF84882A000
trusted library allocation
page read and write
220AE10E000
heap
page read and write
2235B000
heap
page read and write
359A000
trusted library allocation
page read and write
1120000
heap
page read and write
3761000
heap
page read and write
4621000
heap
page read and write
4D0E000
heap
page read and write
394F000
stack
page read and write
37EE000
heap
page read and write
220AE650000
heap
page read and write
4621000
heap
page read and write
1452000
trusted library allocation
page read and write
2E50000
trusted library allocation
page read and write
4F8E000
stack
page read and write
434F000
stack
page read and write
2FEE000
stack
page read and write
D21A000
direct allocation
page read and write
1066C000
stack
page read and write
CD3000
unkown
page execute and read and write
1DC0000
heap
page read and write
1EB7000
heap
page read and write
2300000
heap
page read and write
1E9C000
heap
page read and write
4F5000
unkown
page readonly
3800000
heap
page read and write
2D360000
direct allocation
page read and write
489A000
trusted library allocation
page read and write
1DCE000
heap
page read and write
64210000
unkown
page read and write
E45D000
stack
page read and write
361E000
stack
page read and write
220AD8AD000
heap
page read and write
4C50000
direct allocation
page execute and read and write
61E01000
direct allocation
page execute read
13C6000
heap
page read and write
37B6000
heap
page read and write
28F1000
heap
page read and write
3798000
heap
page read and write
220AD902000
heap
page read and write
419000
unkown
page write copy
220AE68F000
heap
page read and write
220AE714000
heap
page read and write
5E2000
remote allocation
page execute and read and write
584C000
stack
page read and write
FC5000
heap
page read and write
778000
trusted library allocation
page read and write
64030000
unkown
page readonly
22362000
heap
page read and write
1702C602000
heap
page read and write
F50000
trusted library allocation
page execute and read and write
2B4E000
stack
page read and write
28DB000
heap
page read and write
37F6000
heap
page read and write
399F000
stack
page read and write
64FC000
stack
page read and write
1212000
heap
page read and write
7C7E000
stack
page read and write
39DE000
stack
page read and write
220AE123000
heap
page read and write
6153000
heap
page read and write
3917000
trusted library allocation
page read and write
220AE10E000
heap
page read and write
765000
trusted library allocation
page read and write
101AD000
stack
page read and write
23D12B7A000
trusted library allocation
page read and write
75436FE000
stack
page read and write
298E000
heap
page read and write
37AA000
heap
page read and write
5EE000
remote allocation
page execute and read and write
6B3F000
stack
page read and write
4C30000
direct allocation
page execute and read and write
7C3E000
stack
page read and write
11FC000
heap
page read and write
827B000
stack
page read and write
3813000
heap
page read and write
7FF848830000
trusted library allocation
page read and write
37D9000
heap
page read and write
220AE6D7000
heap
page read and write
4491000
heap
page read and write
220AE610000
heap
page read and write
E66D000
stack
page read and write
220AE16F000
heap
page read and write
22389756000
heap
page read and write
4CF1000
heap
page read and write
F30000
heap
page read and write
1702C602000
heap
page read and write
59BE000
stack
page read and write
380E000
stack
page read and write
13C6000
heap
page read and write
1ACEF000
stack
page read and write
3850000
heap
page read and write
7FF848850000
trusted library allocation
page read and write
220AE172000
heap
page read and write
220AE12E000
heap
page read and write
23D21911000
trusted library allocation
page read and write
D0EA000
direct allocation
page read and write
220AE15A000
heap
page read and write
8A3B000
stack
page read and write
B67B000
stack
page read and write
230E000
stack
page read and write
A3D000
unkown
page execute and read and write
3310000
trusted library allocation
page read and write
1F09EE14000
trusted library allocation
page read and write
2D340000
heap
page read and write
A7D000
heap
page read and write
3819000
heap
page read and write
61ECC000
direct allocation
page read and write
594000
heap
page read and write
BAC000
stack
page read and write
13DA000
heap
page read and write
D15B000
stack
page read and write
44DF000
stack
page read and write
3C09000
trusted library allocation
page read and write
4C90000
direct allocation
page execute and read and write
4B02000
trusted library allocation
page read and write
3917000
trusted library allocation
page read and write
2238B380000
heap
page read and write
AE3C000
stack
page read and write
37A0000
heap
page read and write
37E0000
heap
page read and write
23D12BD1000
trusted library allocation
page read and write
F80000
heap
page read and write
4DC000
unkown
page readonly
8BBD000
stack
page read and write
22389910000
heap
page read and write
372C000
heap
page read and write
1E1A000
heap
page read and write
605000
heap
page read and write
6420F000
unkown
page write copy
FE4000
heap
page read and write
28A8000
trusted library allocation
page read and write
5AAE000
stack
page read and write
27AF000
trusted library allocation
page read and write
D0A0000
direct allocation
page read and write
13DF000
heap
page read and write
640000
heap
page read and write
4621000
heap
page read and write
37ED000
heap
page read and write
2FBA000
trusted library allocation
page read and write
1402000
heap
page read and write
4CF1000
heap
page read and write
7750000
heap
page read and write
A93E000
stack
page read and write
E41E000
stack
page read and write
37A3000
heap
page read and write
D210000
direct allocation
page read and write
88FA000
stack
page read and write
9B000
stack
page read and write
2DAA000
trusted library allocation
page execute and read and write
1DDA000
unkown
page read and write
220AE130000
heap
page read and write
102EC000
stack
page read and write
D0E2000
direct allocation
page read and write
306D000
trusted library allocation
page read and write
13DE000
heap
page read and write
5C0000
heap
page read and write
1449000
trusted library allocation
page read and write
220AE707000
heap
page read and write
B1FE000
stack
page read and write
13E1000
heap
page read and write
6290000
trusted library allocation
page read and write
11A4000
heap
page read and write
220AEB02000
heap
page read and write
613A000
stack
page read and write
2C90000
heap
page read and write
3820000
heap
page read and write
2235B000
heap
page read and write
D65000
unkown
page readonly
2DD0000
trusted library allocation
page read and write
35CE000
stack
page read and write
BE0000
heap
page read and write
FC0000
direct allocation
page read and write
220AE140000
heap
page read and write
302D000
stack
page read and write
13F7000
heap
page read and write
220AE6DA000
heap
page read and write
37F6000
heap
page read and write
5FB000
unkown
page execute and read and write
33B5000
trusted library allocation
page read and write
220AE6AD000
heap
page read and write
4A3E000
trusted library allocation
page read and write
D0BE000
direct allocation
page read and write
D088000
direct allocation
page read and write
238D000
stack
page read and write
34F4000
heap
page read and write
13DF000
heap
page read and write
4621000
heap
page read and write
2EC5000
trusted library allocation
page read and write
220AE184000
heap
page read and write
1C190000
heap
page read and write
491000
unkown
page execute read
1B90000
heap
page read and write
35BB000
trusted library allocation
page read and write
603B000
stack
page read and write
3760000
heap
page read and write
34B9000
trusted library allocation
page read and write
220AD87F000
heap
page read and write
61EE000
trusted library allocation
page read and write
22354000
heap
page read and write
22389730000
heap
page read and write
220AE142000
heap
page read and write
2F02000
trusted library allocation
page read and write
220AE172000
heap
page read and write
220AE152000
heap
page read and write
11D5000
heap
page read and write
42C000
remote allocation
page execute and read and write
3032000
trusted library allocation
page read and write
370E000
stack
page read and write
7FF848A2A000
trusted library allocation
page read and write
6DE0000
heap
page read and write
15D4000
trusted library allocation
page read and write
465C000
stack
page read and write
372D000
heap
page read and write
3796000
heap
page read and write
1016C000
stack
page read and write
6EA60FF000
stack
page read and write
220AE723000
heap
page read and write
4CF1000
heap
page read and write
2B70000
trusted library allocation
page read and write
37B2000
heap
page read and write
3800000
heap
page read and write
13DA000
heap
page read and write
FE4000
heap
page read and write
2237C000
heap
page read and write
280C000
trusted library allocation
page read and write
3794000
heap
page read and write
3783000
heap
page read and write
1168000
stack
page read and write
37E0000
heap
page read and write
7FF84868B000
trusted library allocation
page read and write
22356000
heap
page read and write
4621000
heap
page read and write
3E40000
direct allocation
page execute and read and write
37D9000
heap
page read and write
1702C602000
heap
page read and write
62B0000
trusted library allocation
page execute and read and write
4621000
heap
page read and write
E04000
heap
page read and write
6EA61FE000
stack
page read and write
9A7D000
stack
page read and write
1054000
heap
page read and write
149E000
stack
page read and write
102AC000
stack
page read and write
3715000
heap
page read and write
2ED7000
trusted library allocation
page read and write
2F4E000
trusted library allocation
page read and write
26BA000
heap
page read and write
3960000
trusted library allocation
page read and write
1702C23A000
heap
page read and write
EEAE000
stack
page read and write
3700000
heap
page read and write
2DA0000
heap
page read and write
4FC0000
heap
page read and write
4E2E000
stack
page read and write
46B9000
direct allocation
page execute and read and write
4621000
heap
page read and write
13F5000
heap
page read and write
2C8C000
stack
page read and write
220AE6F6000
heap
page read and write
36E5000
trusted library allocation
page read and write
2DA20000
trusted library allocation
page read and write
16237FB0000
trusted library allocation
page read and write
142B000
stack
page read and write
33AE000
stack
page read and write
23D12B90000
trusted library allocation
page read and write
220AE167000
heap
page read and write
3428000
heap
page read and write
311F000
trusted library allocation
page read and write
F3E000
stack
page read and write
3117000
trusted library allocation
page read and write
152000
unkown
page write copy
539B000
stack
page read and write
7FF848720000
trusted library allocation
page read and write
371F000
stack
page read and write
283B000
stack
page read and write
28E0000
trusted library allocation
page read and write
4AA0000
direct allocation
page read and write
13C2000
heap
page read and write
7FF84868D000
trusted library allocation
page execute and read and write
37AD000
heap
page read and write
220AE129000
heap
page read and write
13E6000
heap
page read and write
20C000
stack
page read and write
38F0000
heap
page read and write
71BB000
stack
page read and write
220AE735000
heap
page read and write
220AD93C000
heap
page read and write
45A000
stack
page read and write
220AE176000
heap
page read and write
13DA000
heap
page read and write
37D4000
heap
page read and write
13E6000
heap
page read and write
1702C276000
heap
page read and write
69E0000
heap
page read and write
2D99F000
stack
page read and write
EFEE000
stack
page read and write
23D0F770000
heap
page read and write
30F0000
trusted library allocation
page read and write
4FD000
unkown
page read and write
1702C29D000
heap
page read and write
37E2000
heap
page read and write
D91E000
stack
page read and write
3917000
trusted library allocation
page read and write
220AE141000
heap
page read and write
12B0000
heap
page read and write
37AA000
trusted library allocation
page read and write
1459000
trusted library allocation
page read and write
116C000
heap
page read and write
6210000
trusted library allocation
page read and write
3CC1000
trusted library allocation
page read and write
13E1000
heap
page read and write
220AD93C000
heap
page read and write
220AE6F6000
heap
page read and write
13DF000
heap
page read and write
283D6000
heap
page read and write
FE4000
heap
page read and write
13C2000
heap
page read and write
37F6000
heap
page read and write
6450000
trusted library allocation
page read and write
1374000
heap
page read and write
220AE6B0000
heap
page read and write
31ED000
trusted library allocation
page read and write
16236638000
heap
page read and write
220AD880000
heap
page read and write
2FC9000
trusted library allocation
page read and write
D202000
direct allocation
page read and write
32C7000
trusted library allocation
page read and write
2A8B000
trusted library allocation
page read and write
1A40000
heap
page read and write
22346000
heap
page read and write
D02A000
direct allocation
page read and write
11BE000
stack
page read and write
2994000
heap
page read and write
1BF9F000
unkown
page read and write
CA1A000
stack
page read and write
8B7A000
stack
page read and write
2550000
heap
page read and write
16238630000
heap
page read and write
D70000
heap
page read and write
1BC0F000
stack
page read and write
32DB000
trusted library allocation
page read and write
16237FB0000
trusted library allocation
page read and write
11D5000
heap
page read and write
220AE12E000
heap
page read and write
61ED0000
direct allocation
page read and write
11F6000
heap
page read and write
2E4E000
stack
page read and write
4AEE000
stack
page read and write
23D29920000
heap
page read and write
61AE000
stack
page read and write
26EA000
trusted library allocation
page read and write
2961000
trusted library allocation
page read and write
3956000
trusted library allocation
page read and write
2570000
heap
page read and write
15C0000
trusted library allocation
page read and write
3917000
trusted library allocation
page read and write
933E000
stack
page read and write
30C6000
trusted library allocation
page read and write
378E000
heap
page read and write
34C0000
heap
page read and write
208C000
heap
page read and write
3136000
trusted library allocation
page read and write
4C30000
direct allocation
page execute and read and write
7FF848A50000
trusted library allocation
page read and write
34DE000
stack
page read and write
BACB0FE000
stack
page read and write
2DB0000
trusted library allocation
page read and write
4C1000
unkown
page execute read
D00000
unkown
page readonly
6FBE000
stack
page read and write
FC0000
direct allocation
page read and write
60C000
remote allocation
page execute and read and write
22354000
heap
page read and write
2C70000
heap
page execute and read and write
13C2000
heap
page read and write
11A4000
heap
page read and write
F29000
unkown
page write copy
317B000
trusted library allocation
page read and write
13E3000
heap
page read and write
377E000
heap
page read and write
2237C000
heap
page read and write
D0BA000
direct allocation
page read and write
37EE000
heap
page read and write
4AC0000
heap
page read and write
220AE133000
heap
page read and write
1F30000
heap
page read and write
4A90000
direct allocation
page execute and read and write
4621000
heap
page read and write
23D12BBD000
trusted library allocation
page read and write
7FF848870000
trusted library allocation
page read and write
3463000
heap
page read and write
3C06000
trusted library allocation
page read and write
44EC000
stack
page read and write
1F09E911000
trusted library allocation
page read and write
D0E8000
direct allocation
page read and write
4CF1000
heap
page read and write
61ED4000
direct allocation
page readonly
1285000
heap
page read and write
30B000
unkown
page readonly
7FDE000
stack
page read and write
13F5000
heap
page read and write
AF7E000
stack
page read and write
528000
unkown
page execute read
3AFD000
stack
page read and write
220AE15B000
heap
page read and write
2854000
trusted library allocation
page read and write
7704000
heap
page read and write
3E8E000
stack
page read and write
7118000
heap
page read and write
220AE6C2000
heap
page read and write
85B000
unkown
page execute and read and write
220AE133000
heap
page read and write
E04000
heap
page read and write
2D80000
trusted library allocation
page execute and read and write
4621000
heap
page read and write
103EA000
stack
page read and write
205E000
stack
page read and write
2E5B000
trusted library allocation
page read and write
220AD85F000
heap
page read and write
23D11621000
trusted library allocation
page read and write
2F3A000
trusted library allocation
page read and write
13E3000
heap
page read and write
52E0000
direct allocation
page execute and read and write
11AF000
heap
page read and write
383B000
heap
page read and write
7FF8488F0000
trusted library allocation
page read and write
383F000
heap
page read and write
2B4E000
stack
page read and write
D0C6000
direct allocation
page read and write
103E000
heap
page read and write
1C8E000
heap
page read and write
490000
unkown
page readonly
BA3D000
stack
page read and write
3775000
heap
page read and write
220AE133000
heap
page read and write
1BF7000
heap
page read and write
57EC000
stack
page read and write
10BEC000
stack
page read and write
4BB3000
heap
page read and write
2E4F5000
heap
page read and write
2F00000
trusted library allocation
page read and write
7FF8489A0000
trusted library allocation
page read and write
5BC0000
heap
page read and write
594000
heap
page read and write
4720000
direct allocation
page read and write
E04000
heap
page read and write
2994000
heap
page read and write
6780000
trusted library allocation
page read and write
23D29720000
heap
page read and write
37AD000
heap
page read and write
48D0000
direct allocation
page read and write
23D2190B000
trusted library allocation
page read and write
13F0000
heap
page read and write
3187000
trusted library allocation
page read and write
34EE000
trusted library allocation
page read and write
843000
heap
page read and write
4A60000
direct allocation
page execute and read and write
4621000
heap
page read and write
9B000
stack
page read and write
A4E000
stack
page read and write
377E000
heap
page read and write
2235B000
heap
page read and write
FE4000
heap
page read and write
D69E000
stack
page read and write
306B000
trusted library allocation
page read and write
298E000
heap
page read and write
11C2000
heap
page read and write
3752000
heap
page read and write
37FC000
heap
page read and write
3721000
heap
page read and write
2FA5000
trusted library allocation
page read and write
6D98000
heap
page read and write
3917000
trusted library allocation
page read and write
220AE743000
heap
page read and write
3119000
trusted library allocation
page read and write
B57C000
stack
page read and write
798000
trusted library allocation
page read and write
7FF848821000
trusted library allocation
page read and write
2D950000
trusted library allocation
page read and write
4621000
heap
page read and write
3040000
heap
page read and write
F8AC000
stack
page read and write
1212000
heap
page read and write
F8E000
heap
page read and write
3783000
heap
page read and write
D0D2000
direct allocation
page read and write
DD0000
unkown
page readonly
2B2D000
trusted library allocation
page read and write
220000
unkown
page readonly
37E2000
heap
page read and write
220AD91B000
heap
page read and write
4CA0000
direct allocation
page execute and read and write
107AE000
stack
page read and write
56A3000
heap
page read and write
789F000
stack
page read and write
37EE000
heap
page read and write
2394000
trusted library allocation
page read and write
3917000
trusted library allocation
page read and write
22372000
heap
page read and write
3775000
heap
page read and write
30E6000
trusted library allocation
page read and write
F7E000
stack
page read and write
13F5000
heap
page read and write
1702C29D000
heap
page read and write
220AE10E000
heap
page read and write
45D000
stack
page read and write
220AD87D000
heap
page read and write
30B4000
trusted library allocation
page read and write
1052C000
stack
page read and write
2E14000
trusted library allocation
page read and write
2A58000
trusted library allocation
page read and write
6AC2000
heap
page read and write
594000
heap
page read and write
4621000
heap
page read and write
3785000
heap
page read and write
157000
unkown
page readonly
6A66000
heap
page read and write
3CBB000
trusted library allocation
page read and write
23D12BA4000
trusted library allocation
page read and write
2EEF000
stack
page read and write
22372000
heap
page read and write
197000
stack
page read and write
6D3B000
stack
page read and write
7FF848880000
trusted library allocation
page read and write
37F7000
heap
page read and write
E04000
heap
page read and write
63EF000
stack
page read and write
600000
heap
page read and write
141A000
heap
page read and write
F92D000
stack
page read and write
BACB57C000
stack
page read and write
EB0000
direct allocation
page read and write
220AD8E7000
heap
page read and write
220AE152000
heap
page read and write
3345000
trusted library allocation
page read and write
28F0000
heap
page read and write
22389739000
heap
page read and write
3700000
direct allocation
page read and write
F2B000
unkown
page execute and read and write
B789D5D000
stack
page read and write
220AD93C000
heap
page read and write
733000
trusted library allocation
page execute and read and write
3216000
trusted library allocation
page read and write
13E1000
heap
page read and write
973E000
stack
page read and write
5830000
heap
page execute and read and write
1183000
heap
page read and write
EC0000
unkown
page readonly
37E0000
heap
page read and write
390F000
stack
page read and write
ACD000
unkown
page execute and read and write
380D000
heap
page read and write
2FD0000
trusted library allocation
page read and write
29BD000
trusted library allocation
page read and write
1215000
heap
page read and write
23D0F720000
heap
page read and write
2817000
trusted library allocation
page read and write
23D29840000
heap
page read and write
4621000
heap
page read and write
3B1E000
stack
page read and write
3799000
heap
page read and write
7FF848950000
trusted library allocation
page read and write
35D6000
trusted library allocation
page read and write
375C000
heap
page read and write
37F7000
heap
page read and write
1C00000
trusted library allocation
page read and write
5EFE000
stack
page read and write
D03E000
direct allocation
page read and write
424E000
stack
page read and write
2B0C000
trusted library allocation
page read and write
3743000
heap
page read and write
3172000
trusted library allocation
page read and write
1430000
trusted library allocation
page read and write
13C6000
heap
page read and write
5F4000
remote allocation
page execute and read and write
220AE713000
heap
page read and write
4621000
heap
page read and write
594000
heap
page read and write
4CF1000
heap
page read and write
122A000
heap
page read and write
4621000
heap
page read and write
4520000
heap
page read and write
D05C000
direct allocation
page read and write
A10000
heap
page read and write
29A1000
trusted library allocation
page read and write
D0A2000
direct allocation
page read and write
220AE703000
heap
page read and write
2E4E000
trusted library allocation
page read and write
118B000
unkown
page execute and read and write
13F7000
heap
page read and write
2EFB000
trusted library allocation
page read and write
220AE6DA000
heap
page read and write
3040000
trusted library allocation
page read and write
37ED000
heap
page read and write
3918000
trusted library allocation
page read and write
13C2000
heap
page read and write
113E000
stack
page read and write
23D12B64000
trusted library allocation
page read and write
13DA000
heap
page read and write
11E8000
heap
page read and write
1E74000
heap
page read and write
37B0000
heap
page read and write
3415000
heap
page read and write
13C6000
heap
page read and write
621E000
trusted library allocation
page read and write
32EC000
stack
page read and write
13E1000
heap
page read and write
5AEE000
unkown
page read and write
1184000
heap
page read and write
1702C29D000
heap
page read and write
1F0B720E000
heap
page read and write
22351000
heap
page read and write
23D12C01000
trusted library allocation
page read and write
2A8F000
stack
page read and write
16236730000
heap
page read and write
EEEE000
stack
page read and write
D076000
direct allocation
page read and write
4CFF000
stack
page read and write
220AE6AC000
heap
page read and write
3917000
trusted library allocation
page read and write
220AE130000
heap
page read and write
6D7E000
stack
page read and write
D0B8000
direct allocation
page read and write
380F000
stack
page read and write
260000
unkown
page execute read
F96E000
stack
page read and write
383B000
heap
page read and write
419000
unkown
page write copy
3942000
trusted library allocation
page read and write
29C8000
trusted library allocation
page read and write
FE4000
heap
page read and write
7FF8489DC000
trusted library allocation
page read and write
13F5000
heap
page read and write
F8A000
heap
page read and write
358F000
stack
page read and write
820000
heap
page read and write
4BB6000
heap
page read and write
36D5000
trusted library allocation
page read and write
4E5E000
unkown
page read and write
30D0000
trusted library allocation
page read and write
220AD829000
heap
page read and write
37AB000
heap
page read and write
3925000
trusted library allocation
page read and write
3C1F000
stack
page read and write
4CF1000
heap
page read and write
6E40000
heap
page read and write
13FA000
heap
page read and write
6C30000
heap
page read and write
3812000
heap
page read and write
347A000
heap
page read and write
BACAE7D000
stack
page read and write
23D0F65E000
heap
page read and write
3D4E000
stack
page read and write
23D12B78000
trusted library allocation
page read and write
3790000
heap
page read and write
1C00000
heap
page read and write
3D4000
trusted library allocation
page read and write
220AE641000
heap
page read and write
13E1000
heap
page read and write
220AE174000
heap
page read and write
394D000
trusted library allocation
page read and write
2AA0000
heap
page execute and read and write
2C6E000
stack
page read and write
2D61F000
stack
page read and write
141A000
heap
page read and write
5ABE000
stack
page read and write
22363000
heap
page read and write
D048000
direct allocation
page read and write
6EA68FE000
stack
page read and write
220AD8A3000
heap
page read and write
10E0000
heap
page read and write
37EF000
heap
page read and write
D6C000
stack
page read and write
4CF1000
heap
page read and write
1F09D090000
heap
page read and write
106B000
stack
page read and write
541D000
stack
page read and write
6200000
trusted library allocation
page read and write
7DF4105F0000
trusted library allocation
page execute and read and write
2D4DF000
stack
page read and write
618000
remote allocation
page execute and read and write
5E3E000
stack
page read and write
220AE15A000
heap
page read and write
31F3000
trusted library allocation
page read and write
7FF848920000
trusted library allocation
page read and write
9F3B000
stack
page read and write
43BE000
stack
page read and write
E9AA000
stack
page read and write
23D11010000
trusted library allocation
page read and write
220AE11E000
heap
page read and write
2ECB000
trusted library allocation
page read and write
33B0000
heap
page read and write
56A2000
heap
page read and write
3130000
trusted library allocation
page read and write
2F91000
trusted library allocation
page read and write
220AE649000
heap
page read and write
EF4000
trusted library allocation
page read and write
FE4000
heap
page read and write
4CF1000
heap
page read and write
25D0000
heap
page read and write
380C000
heap
page read and write
2DF4000
trusted library allocation
page read and write
134E000
stack
page read and write
32CF000
trusted library allocation
page read and write
32FA000
trusted library allocation
page read and write
37E8000
heap
page read and write
86BD000
stack
page read and write
CEF000
unkown
page execute and read and write
D094000
direct allocation
page read and write
CEDB000
stack
page read and write
A84000
heap
page read and write
4E0000
unkown
page readonly
141A000
heap
page read and write
87FB000
stack
page read and write
36F1000
trusted library allocation
page read and write
813E000
stack
page read and write
5A8E000
stack
page read and write
141D000
heap
page read and write
1DCA000
heap
page read and write
13C2000
heap
page read and write
16237FB0000
trusted library allocation
page read and write
4A60000
direct allocation
page execute and read and write
D2DB000
stack
page read and write
D028000
direct allocation
page read and write
1F09CE5A000
heap
page read and write
3801000
heap
page read and write
4621000
heap
page read and write
1A95D000
stack
page read and write
13C6000
heap
page read and write
2ED0000
heap
page read and write
6DEC000
heap
page read and write
4CF1000
heap
page read and write
BAF6000
heap
page read and write
4621000
heap
page read and write
630000
direct allocation
page read and write
34D9000
trusted library allocation
page read and write
10FD000
stack
page read and write
3737000
heap
page read and write
13E2000
heap
page read and write
4D0000
unkown
page read and write
1F09CC42000
unkown
page readonly
391E000
trusted library allocation
page read and write
FE4000
heap
page read and write
2E6C000
trusted library allocation
page read and write
7FF848690000
trusted library allocation
page read and write
355000
unkown
page read and write
83A8000
heap
page read and write
11BB000
heap
page read and write
833E000
stack
page read and write
2759000
trusted library allocation
page read and write
220AE133000
heap
page read and write
9CFB000
stack
page read and write
1330000
heap
page read and write
1702C29D000
heap
page read and write
1AF0000
heap
page read and write
F62E000
stack
page read and write
7FF84886A000
trusted library allocation
page read and write
74D000
trusted library allocation
page execute and read and write
28DB000
trusted library allocation
page read and write
13F0000
heap
page read and write
344D000
heap
page read and write
412D000
stack
page read and write
7DF4105E0000
trusted library allocation
page execute and read and write
11E6000
heap
page read and write
1702C29D000
heap
page read and write
106AE000
stack
page read and write
4621000
heap
page read and write
35F2000
trusted library allocation
page read and write
A13D000
stack
page read and write
400000
unkown
page readonly
220AE140000
heap
page read and write
3917000
trusted library allocation
page read and write
48A0000
heap
page read and write
203E000
stack
page read and write
35C1000
trusted library allocation
page read and write
33BB000
trusted library allocation
page read and write
61ED3000
direct allocation
page read and write
8CBE000
stack
page read and write
4621000
heap
page read and write
98FC000
stack
page read and write
3ADF000
stack
page read and write
62EE000
stack
page read and write
7FF848A60000
trusted library allocation
page read and write
283E5000
heap
page read and write
419000
unkown
page write copy
37DF000
heap
page read and write
220AD93C000
heap
page read and write
3782000
heap
page read and write
140000
unkown
page readonly
220AE10E000
heap
page read and write
40D0000
heap
page read and write
23D12B1F000
trusted library allocation
page read and write
1212000
heap
page read and write
13C2000
heap
page read and write
31C7000
trusted library allocation
page read and write
220AE6FB000
heap
page read and write
1F09E840000
trusted library section
page read and write
2238B1C0000
heap
page read and write
600000
remote allocation
page execute and read and write
220AD93D000
heap
page read and write
34C0000
remote allocation
page read and write
4BFE000
stack
page read and write
2940000
heap
page read and write
1F09CFD0000
heap
page execute and read and write
FC0000
direct allocation
page read and write
A00000
heap
page read and write
13E1000
heap
page read and write
44D000
stack
page read and write
220AE184000
heap
page read and write
F2B000
trusted library allocation
page execute and read and write
2236C000
heap
page read and write
1AF5000
heap
page read and write
EBF000
stack
page read and write
13E1000
heap
page read and write
FC0000
direct allocation
page read and write
52E0000
direct allocation
page execute and read and write
7FF848B00000
trusted library allocation
page read and write
786000
unkown
page execute and read and write
767C000
stack
page read and write
2EB2000
heap
page read and write
439F000
stack
page read and write
4621000
heap
page read and write
13C2000
heap
page read and write
292A000
trusted library allocation
page read and write
F9EC000
stack
page read and write
37ED000
heap
page read and write
220AE16D000
heap
page read and write
4A2B000
trusted library allocation
page read and write
6EFC000
stack
page read and write
10B6000
unkown
page execute and read and write
1170000
heap
page read and write
1702C29D000
heap
page read and write
3968000
trusted library allocation
page read and write
D01C000
stack
page read and write
B78A0FE000
unkown
page read and write
16236800000
heap
page read and write
33B3F7F000
stack
page read and write
779E000
stack
page read and write
220AD895000
heap
page read and write
754347E000
unkown
page readonly
220AE165000
heap
page read and write
37ED000
heap
page read and write
1242000
heap
page read and write
4621000
heap
page read and write
2904000
heap
page read and write
3800000
heap
page read and write
30F9000
trusted library allocation
page read and write
2AB1000
trusted library allocation
page read and write
162366B2000
heap
page read and write
22389700000
heap
page read and write
2EE1000
trusted library allocation
page read and write
2081000
heap
page read and write
3744000
heap
page read and write
1F0B7430000
heap
page read and write
13E1000
heap
page read and write
76A2000
heap
page read and write
220AE015000
heap
page read and write
13DF000
heap
page read and write
2E91000
trusted library allocation
page read and write
22362000
heap
page read and write
34EE000
heap
page read and write
3912000
trusted library allocation
page read and write
220AE153000
heap
page read and write
FF2D000
stack
page read and write
301B000
trusted library allocation
page read and write
36CF000
stack
page read and write
A642000
heap
page read and write
3810000
heap
page read and write
531000
unkown
page read and write
7FF45B860000
trusted library allocation
page execute and read and write
220AE132000
heap
page read and write
220AE129000
heap
page read and write
34ED000
heap
page read and write
77D9000
heap
page read and write
220AE580000
remote allocation
page read and write
EC1000
unkown
page execute and write copy
37E2000
heap
page read and write
C7DE000
stack
page read and write
2236F000
heap
page read and write
11F7000
heap
page read and write
2236F000
heap
page read and write
250000
unkown
page readonly
349F000
stack
page read and write
56FE000
stack
page read and write
383B000
heap
page read and write
23D13179000
trusted library allocation
page read and write
DCDE000
stack
page read and write
2DB1000
trusted library allocation
page read and write
9B7C000
stack
page read and write
23D0F70B000
heap
page read and write
3819000
heap
page read and write
108EC000
stack
page read and write
13E1000
heap
page read and write
843E000
stack
page read and write
220AD828000
heap
page read and write
617E000
stack
page read and write
220AD93C000
heap
page read and write
1AE0000
heap
page read and write
13E1000
heap
page read and write
61E00000
direct allocation
page execute and read and write
480D000
stack
page read and write
376A000
heap
page read and write
220AE199000
heap
page read and write
4A60000
direct allocation
page execute and read and write
3440000
trusted library allocation
page read and write
4FA000
unkown
page write copy
410E000
stack
page read and write
CA5B000
stack
page read and write
401000
unkown
page execute read
A60000
heap
page read and write
13E1000
heap
page read and write
22360000
heap
page read and write
D0B2000
direct allocation
page read and write
1F09EE11000
trusted library allocation
page read and write
6460000
trusted library allocation
page read and write
FE2C000
stack
page read and write
70BC000
stack
page read and write
313E000
trusted library allocation
page read and write
6A80000
heap
page read and write
6102000
heap
page read and write
220AE122000
heap
page read and write
72E000
heap
page read and write
35C7000
trusted library allocation
page read and write
2235B000
heap
page read and write
2F5E000
trusted library allocation
page read and write
1A1D000
unkown
page readonly
13E1000
heap
page read and write
220AE182000
heap
page read and write
BDDC000
stack
page read and write
13F5000
heap
page read and write
B27B000
stack
page read and write
1042E000
stack
page read and write
BACAFFE000
stack
page read and write
324D000
stack
page read and write
6490000
trusted library allocation
page execute and read and write
191000
stack
page read and write
22360000
heap
page read and write
7FF848B10000
trusted library allocation
page execute and read and write
D34000
unkown
page readonly
4CF1000
heap
page read and write
400000
remote allocation
page execute and read and write
1F09E900000
heap
page execute and read and write
1AEBE000
stack
page read and write
4B03000
direct allocation
page read and write
1E7F000
stack
page read and write
1092B000
stack
page read and write
220AE65D000
heap
page read and write
301D000
trusted library allocation
page read and write
11A4000
heap
page read and write
4621000
heap
page read and write
43AD000
stack
page read and write
3460000
remote allocation
page read and write
756000
trusted library allocation
page execute and read and write
7FF8488B0000
trusted library allocation
page read and write
318F000
trusted library allocation
page read and write
4AF0000
direct allocation
page execute and read and write
298D000
heap
page read and write
4E1E000
stack
page read and write
BACB67C000
stack
page read and write
8E3E000
stack
page read and write
DEDE000
stack
page read and write
28EB000
heap
page read and write
3957000
trusted library allocation
page read and write
33B3EFB000
stack
page read and write
60C0000
heap
page read and write
13DC000
heap
page read and write
7FF8488C0000
trusted library allocation
page read and write
4CF1000
heap
page read and write
3924000
trusted library allocation
page read and write
61F1000
trusted library allocation
page read and write
19F7000
unkown
page read and write
37D7000
heap
page read and write
2B05000
trusted library allocation
page read and write
1702C29D000
heap
page read and write
630000
direct allocation
page read and write
7FF848862000
trusted library allocation
page read and write
13F5000
heap
page read and write
5F8000
remote allocation
page execute and read and write
2F0C000
trusted library allocation
page read and write
23D29717000
heap
page execute and read and write
4D88000
trusted library allocation
page read and write
13C2000
heap
page read and write
C2DC000
stack
page read and write
EB0000
direct allocation
page read and write
2EEF000
trusted library allocation
page read and write
400000
unkown
page execute and read and write
6090000
trusted library allocation
page read and write
7A2000
trusted library allocation
page read and write
EB0000
direct allocation
page read and write
19F9000
unkown
page readonly
4621000
heap
page read and write
37FE000
heap
page read and write
1213000
heap
page read and write
32C9000
trusted library allocation
page read and write
220AD8FD000
heap
page read and write
11A4000
heap
page read and write
220AE17E000
heap
page read and write
220AE10E000
heap
page read and write
37E0000
heap
page read and write
FC0000
direct allocation
page read and write
51D3000
direct allocation
page read and write
4FA000
unkown
page read and write
1D5C000
heap
page read and write
23D12C4B000
trusted library allocation
page read and write
23D0F795000
heap
page read and write
1702C29D000
heap
page read and write
1C00000
direct allocation
page read and write
34EE000
heap
page read and write
4621000
heap
page read and write
1300000
trusted library allocation
page read and write
342F000
stack
page read and write
13F0000
heap
page read and write
398E000
stack
page read and write
630000
direct allocation
page read and write
2F08000
trusted library allocation
page read and write
1E52000
heap
page read and write
37A0000
heap
page read and write
53E000
stack
page read and write
378F000
heap
page read and write
1702C239000
heap
page read and write
2756000
trusted library allocation
page read and write
A7D000
heap
page read and write
13DF000
heap
page read and write
5B6E000
unkown
page read and write
220AD813000
heap
page read and write
348E000
stack
page read and write
222AA000
heap
page read and write
220AE17C000
heap
page read and write
22375000
heap
page read and write
37DF000
heap
page read and write
1702C2FB000
heap
page read and write
220AE157000
heap
page read and write
4AD0000
heap
page read and write
64B0000
trusted library allocation
page execute and read and write
B6BD000
stack
page read and write
380C000
heap
page read and write
5CC000
stack
page read and write
450C000
direct allocation
page execute and read and write
3799000
heap
page read and write
EB0000
direct allocation
page read and write
315B000
trusted library allocation
page read and write
607C000
stack
page read and write
15DD000
trusted library allocation
page execute and read and write
220AE188000
heap
page read and write
59BE000
stack
page read and write
B37D000
stack
page read and write
220AE695000
heap
page read and write
730000
trusted library allocation
page read and write
DB5000
heap
page read and write
220AE723000
heap
page read and write
30B000
unkown
page readonly
4C10000
direct allocation
page execute and read and write
13E9000
heap
page read and write
9C000
stack
page read and write
2AD9000
trusted library allocation
page read and write
B8A000
heap
page read and write
E04000
heap
page read and write
D20E000
direct allocation
page read and write
37F2000
heap
page read and write
630000
direct allocation
page read and write
7FF848AA0000
trusted library allocation
page execute and read and write
There are 3988 hidden memdumps, click here to show them.