IOC Report
FRA.0038253.exe

loading gif

Files

File Path
Type
Category
Malicious
FRA.0038253.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\Chott151.pro
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\Majesttiske.Tys
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\Sponsible.gum
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\aromatiseres.kny
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\contraproposal.ber
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\mars\universaltang\reseek\overelaborates.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\802G22IQD
SQLite 3.x database, last written using SQLite version 3041002, page size 2048, file counter 3, database pages 92, cookie 0x3a, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Temp\Settings.ini
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\nspA3DD.tmp\System.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\FRA.0038253.exe
"C:\Users\user\Desktop\FRA.0038253.exe"
 malicious
C:\Users\user\Desktop\FRA.0038253.exe
"C:\Users\user\Desktop\FRA.0038253.exe"
 malicious
C:\Program Files (x86)\HusdUokqcMINxYBlXpWPlQQkwhJtANoBYKBkdDMUffYMwoyZFdOVzihPMzjfShFeueCXMN\aqqPMpTRvveOzLCNSEwwpwdiQeo.exe
"C:\Program Files (x86)\HusdUokqcMINxYBlXpWPlQQkwhJtANoBYKBkdDMUffYMwoyZFdOVzihPMzjfShFeueCXMN\aqqPMpTRvveOzLCNSEwwpwdiQeo.exe"
malicious
C:\Windows\SysWOW64\runas.exe
"C:\Windows\SysWOW64\runas.exe"
 malicious
C:\Program Files (x86)\HusdUokqcMINxYBlXpWPlQQkwhJtANoBYKBkdDMUffYMwoyZFdOVzihPMzjfShFeueCXMN\aqqPMpTRvveOzLCNSEwwpwdiQeo.exe
"C:\Program Files (x86)\HusdUokqcMINxYBlXpWPlQQkwhJtANoBYKBkdDMUffYMwoyZFdOVzihPMzjfShFeueCXMN\aqqPMpTRvveOzLCNSEwwpwdiQeo.exe"
malicious
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\Firefox.exe"
 malicious

URLs

Name
IP
Malicious
http://www.curty.se/op6t/?x2=wN2xY&nvddg=2K+bizHsAgvfK4Jo/uhNk3UulAHtk/DKCDOKU6rtdoeHnbYDCZc/1AXytKkQw+QkOVrLH0jtXL2IhsFkUUnXJZ7gVE9SlKcPHqW4H/CrkavSbMd4d5+KoUM=
185.76.64.170
 malicious
http://www.beersekes.com/op6t/?x2=wN2xY&nvddg=YctXgwSc3BFH36yF9ys3dkgcNMzODdMAg5UrK4hoOCtkU8eu6jJtgKS+79VookX26kbq7jB7bx1t6icTSvNHhm9auK9O3RFTYlK19WO6PR6V1RPvKp1uln4=
14.225.238.195
 malicious
http://www.l7aeh.us/op6t/?x2=wN2xY&nvddg=joKdiSi7KJbAbr0hs6/zjIJE4Behm4Eg2djH6+j8Qf7psFFLI9x7hyvntQ/EnvkMSFoG+HsqaOuOcF82SsMnr5xrxJqptXsvFzFrqoI6sGt4i0+JY4UwfJo=
91.195.240.123
 malicious
http://www.century21morenoycia.mx/op6t/
34.149.87.45
 malicious
http://www.shortfox.top/op6t/?nvddg=0Ny09Eq8ZBefbKkvkqaUMIZRDRlNq5VNIHijnsMzF4DJMnHDgghZ+20Zz3OB9IxSUXOfCxAz72VlILBCQfa8jvMelkWZW+WeIhBsswld1octwAWuto44rRQ=&x2=wN2xY
203.161.49.193
 malicious
http://www.century21morenoycia.mx/op6t/?nvddg=1X53ctdebY/A2eDtJqzL446hhD1I+nvyO5ulDREEvqgJJ1wskdyJ8sishyyYv1KZ95Yv7APwNDtcqTXRSGEguqmEKyboxWEzcfGHGWjx7gGV1XFCOYCNEPY=&x2=wN2xY
34.149.87.45
 malicious
http://www.shortfox.top/op6t/
203.161.49.193
 malicious
http://www.tycent520test.com/op6t/?nvddg=+6aS9fJbP9c9g0cefBC2hCdSY6eI42Bs0771KfpwNwRwjCkC9gP/ScKef//fPL1ZRbSBI6tgf+IRGYWXfXrYWSfcXSoVwh43zp6ZVipPdxItsiOM6ZnovEU=&x2=wN2xY
139.162.5.234
 malicious
http://www.getgoodscrub.com/op6t/
35.213.232.35
 malicious
http://www.curty.se/op6t/
185.76.64.170
 malicious
http://www.cngdesk.com/op6t/?x2=wN2xY&nvddg=B1nuqD59UoVahAAaaPrLlCdA9edg7gWIZ1BY+KXGwtiEVaDOMCSD80sEnTK1l1I1d32+6CzQNcHoayq10cGYYZnPmWF+i7E8hCdylepAFYAEUUK5dUTY9b4=
47.243.134.243
 malicious
http://www.facesofhoustontx.com/op6t/
34.174.122.2
 malicious
http://www.ng-bo.online/op6t/?x2=wN2xY&nvddg=QBE+WD5B6Jkt78kVGAOSUjwaMNkkuAvPxxlILtocCDSSbk2FnDvYucSHDfntlLOKDiDLv1Q+MrvgQctCdQiXEWmDWyfYVOljC1RMawJvJ4/x6B/DgtrXZJ0=
37.140.192.90
 malicious
http://www.ng-bo.online/op6t/
37.140.192.90
 malicious
http://www.getgoodscrub.com/op6t/?nvddg=aEKUNFeJbfSYXwp4ZCE5pj6NM5Y9npuXTcZZ2VZLyy8DmHHct0wY69Uf2FlN/+Mr5yqkWwSEcnLthRGoVw08meHK6rNA3rJY5N4rrVRcMXWX5QnofEk8vUc=&iXoT=lfKx4XoXw4a8lZu
35.213.232.35
 malicious
http://www.beersekes.com/op6t/
14.225.238.195
 malicious
http://www.cngdesk.com/op6t/
47.243.134.243
 malicious
http://www.tycent520test.com/op6t/
139.162.5.234
 malicious
http://www.facesofhoustontx.com/op6t/?x2=wN2xY&nvddg=BHIAQNMULh6XRL1bx9H5u1ZiIAZR91nuzdCSdKuFpLeK/J0eLacPvObCKir816qtvGKK6uKZvELi45NaX+Eep6GNrYofejB/V2VvbUmxnRNQoZSvM+S992o=
34.174.122.2
 malicious
https://drive.usercontent.google.com/
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
https://www.google.com
unknown
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
unknown
http://nsis.sf.net/NSIS_Error
unknown
https://drive.google.com/
unknown
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
unknown
https://apis.google.com
unknown
https://drive.usercontent.google.com/2
unknown
There are 18 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
tycent520test.com
139.162.5.234
 malicious
www.cngdesk.com
47.243.134.243
 malicious
www.facesofhoustontx.com
34.174.122.2
 malicious
www.shortfox.top
203.161.49.193
 malicious
www.l7aeh.us
91.195.240.123
 malicious
www.ng-bo.online
37.140.192.90
 malicious
td-ccm-neg-87-45.wixdns.net
34.149.87.45
 malicious
curty.se
185.76.64.170
 malicious
www.beersekes.com
14.225.238.195
 malicious
www.getgoodscrub.com
35.213.232.35
 malicious
www.theertyuiergthjk.homes
unknown
 malicious
www.86597.vip
unknown
 malicious
www.andywork.one
unknown
 malicious
www.mustang777slot.net
unknown
 malicious
www.miagronorte.com.ar
unknown
 malicious
www.curty.se
unknown
 malicious
www.babyunitz.com
unknown
 malicious
www.baronbubbol.com
unknown
 malicious
www.vcayy.top
unknown
 malicious
www.century21morenoycia.mx
unknown
 malicious
www.vicenc39-ns.store
unknown
 malicious
www.tycent520test.com
unknown
 malicious
drive.usercontent.google.com
142.251.33.97
mustang777slot.net
31.172.87.131
drive.google.com
142.250.69.206
miagronorte.com.ar
200.58.112.243
There are 16 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
139.162.5.234
tycent520test.com
Netherlands
malicious
203.161.49.193
www.shortfox.top
Malaysia
malicious
47.243.134.243
www.cngdesk.com
United States
malicious
37.140.192.90
www.ng-bo.online
Russian Federation
malicious
14.225.238.195
www.beersekes.com
Viet Nam
malicious
35.213.232.35
www.getgoodscrub.com
United States
malicious
34.174.122.2
www.facesofhoustontx.com
United States
malicious
34.149.87.45
td-ccm-neg-87-45.wixdns.net
United States
malicious
91.195.240.123
www.l7aeh.us
Germany
malicious
185.76.64.170
curty.se
Sweden
malicious
142.251.33.97
drive.usercontent.google.com
United States
142.250.69.206
drive.google.com
United States
There are 2 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\eroters\snekkedrevsstrammerne
Bedyrelserne78
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\Mountjoy\helsiden\Pume
reglorify
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
HKEY_CURRENT_USER\SOFTWARE\Location
Lang
There are 218 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7F78000
direct allocation
page execute and read and write
 malicious
4360000
trusted library allocation
page read and write
 malicious
330000
system
page execute and read and write
 malicious
3A50000
unkown
page execute and read and write
 malicious
36400000
unclassified section
page execute and read and write
 malicious
43A0000
trusted library allocation
page read and write
 malicious
A0000
unclassified section
page execute and read and write
 malicious
8E0000
system
page execute and read and write
 malicious
4307000
heap
page read and write
4151000
heap
page read and write
247000
unkown
page readonly
4151000
heap
page read and write
245000
unkown
page read and write
1AB1000
unkown
page readonly
4151000
heap
page read and write
3E1000
unkown
page readonly
1327000
heap
page read and write
789000
heap
page read and write
780000
heap
page read and write
5352000
heap
page read and write
53C3000
heap
page read and write
4151000
heap
page read and write
45D9000
direct allocation
page execute and read and write
43E0000
trusted library allocation
page read and write
3597C000
direct allocation
page execute and read and write
2108000
remote allocation
page execute and read and write
1F613603000
trusted library allocation
page read and write
1F6117A0000
heap
page read and write
4151000
heap
page read and write
2380000
heap
page read and write
700000
unkown
page read and write
34EEE000
stack
page read and write
368C0000
unclassified section
page execute and read and write
5355000
heap
page read and write
53C1000
heap
page read and write
52E8000
heap
page read and write
245000
unkown
page read and write
2380000
unkown
page readonly
4151000
heap
page read and write
4151000
heap
page read and write
35C000
stack
page read and write
77DD000
stack
page read and write
3508000
remote allocation
page execute and read and write
4151000
heap
page read and write
4151000
heap
page read and write
63E000
stack
page read and write
4151000
heap
page read and write
422000
unkown
page read and write
B40000
stack
page read and write
774000
heap
page read and write
4151000
heap
page read and write
656000
heap
page read and write
53B0000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
53C1000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
245000
unkown
page read and write
1F613500000
trusted library allocation
page read and write
2A80000
heap
page read and write
2DD0000
direct allocation
page read and write
12D0000
unkown
page readonly
4151000
heap
page read and write
4151000
heap
page read and write
231000
unkown
page execute read
400000
unkown
page readonly
952000
system
page execute and read and write
1320000
heap
page read and write
3550B000
heap
page read and write
7A0000
unkown
page readonly
7A0000
unkown
page readonly
43D000
unkown
page read and write
530F000
heap
page read and write
4151000
heap
page read and write
23E000
unkown
page readonly
4151000
heap
page read and write
529F000
stack
page read and write
37D2E000
unclassified section
page execute and read and write
A0000
direct allocation
page read and write
25B0000
heap
page read and write
117A2000
system
page read and write
748000
heap
page read and write
1250000
unkown
page readonly
F71000
unkown
page readonly
250000
heap
page read and write
5DC6000
unclassified section
page read and write
6D0000
unkown
page readonly
35483000
heap
page read and write
24A0000
unkown
page read and write
79F000
heap
page read and write
48A0000
trusted library allocation
page read and write
400000
unkown
page readonly
796000
heap
page read and write
532D000
heap
page read and write
4151000
heap
page read and write
52E0000
heap
page read and write
5366000
heap
page read and write
740000
heap
page read and write
7FAF000
stack
page read and write
1F613330000
trusted library allocation
page read and write
24A0000
unkown
page read and write
35190000
remote allocation
page read and write
180000
heap
page read and write
7867000
heap
page read and write
4780000
direct allocation
page execute and read and write
7E0000
heap
page read and write
4151000
heap
page read and write
DF0000
unkown
page readonly
4151000
heap
page read and write
2CD5000
heap
page read and write
4151000
heap
page read and write
1345000
heap
page read and write
5312000
heap
page read and write
227E000
stack
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
34F2F000
stack
page read and write
53CC000
heap
page read and write
25B0000
heap
page read and write
4151000
heap
page read and write
6E0000
unkown
page readonly
34E9D000
stack
page read and write
4151000
heap
page read and write
CD0000
unkown
page readonly
6B1000
heap
page read and write
4151000
heap
page read and write
3914000
unkown
page read and write
4151000
heap
page read and write
6EE000
heap
page read and write
4151000
heap
page read and write
3F10000
unkown
page execute and read and write
71F000
heap
page read and write
4151000
heap
page read and write
D4A000
stack
page read and write
5217000
heap
page read and write
774000
heap
page read and write
1327000
heap
page read and write
7879000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
5344000
heap
page read and write
4151000
heap
page read and write
3A50000
heap
page read and write
12E0000
unkown
page read and write
785000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
19A000
stack
page read and write
640000
heap
page read and write
34F40000
heap
page read and write
5349000
heap
page read and write
7BE0000
heap
page read and write
5E0000
heap
page read and write
4151000
heap
page read and write
65F000
heap
page read and write
98000
stack
page read and write
220000
unkown
page readonly
627C000
unclassified section
page read and write
408000
unkown
page readonly
786B000
heap
page read and write
5210000
heap
page read and write
789000
heap
page read and write
401000
unkown
page execute read
780000
unkown
page read and write
7F6E000
stack
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
401000
unkown
page execute read
796000
heap
page read and write
7820000
trusted library allocation
page read and write
4151000
heap
page read and write
744000
heap
page read and write
780000
heap
page read and write
5315000
heap
page read and write
781E000
stack
page read and write
2960000
heap
page read and write
65041FE000
stack
page read and write
654000
heap
page read and write
4151000
heap
page read and write
1250000
unkown
page readonly
2960000
direct allocation
page read and write
1720000
unkown
page readonly
BE0000
unkown
page readonly
7FF000
heap
page read and write
4151000
heap
page read and write
81A000
heap
page read and write
170000
unkown
page readonly
4151000
heap
page read and write
5E8000
unkown
page execute read
785000
heap
page read and write
2E20000
direct allocation
page read and write
1349000
heap
page read and write
5570000
direct allocation
page read and write
4151000
heap
page read and write
49A2000
unclassified section
page read and write
532D000
heap
page read and write
53AF000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
3535C000
stack
page read and write
C20000
heap
page read and write
247000
unkown
page readonly
4151000
heap
page read and write
42F0000
heap
page read and write
1260000
heap
page read and write
4434000
heap
page read and write
774000
heap
page read and write
5D7E000
unkown
page execute and read and write
4280000
unkown
page read and write
2DA0000
direct allocation
page read and write
6E8000
heap
page read and write
23E000
unkown
page readonly
351CE000
stack
page read and write
4151000
heap
page read and write
796000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
55B0000
direct allocation
page read and write
4252000
heap
page read and write
2380000
unkown
page readonly
5F2000
unkown
page execute read
420000
unkown
page read and write
4151000
heap
page read and write
440000
unkown
page readonly
6C8000
heap
page read and write
3C38000
unkown
page read and write
11A7C000
system
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
1F613440000
heap
page read and write
231000
unkown
page execute read
2EC0000
unkown
page readonly
4151000
heap
page read and write
536A000
heap
page read and write
4151000
heap
page read and write
CE0000
heap
page read and write
4151000
heap
page read and write
796000
heap
page read and write
1F6119CF000
heap
page read and write
3000000
heap
page read and write
70756000
unkown
page readonly
1F6137C4000
trusted library allocation
page read and write
34E5D000
stack
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
12D0000
unkown
page readonly
1F6137A6000
trusted library allocation
page read and write
1F61189A000
system
page execute and read and write
2420000
heap
page read and write
7930000
trusted library allocation
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
3692E000
unclassified section
page execute and read and write
53AC000
heap
page read and write
537E000
unkown
page execute and read and write
DD1000
unkown
page readonly
230000
unkown
page readonly
10FC000
stack
page read and write
796000
heap
page read and write
3F08000
remote allocation
page execute and read and write
654000
heap
page read and write
170000
unkown
page readonly
780000
heap
page read and write
4151000
heap
page read and write
744000
heap
page read and write
4430000
heap
page read and write
7E8000
heap
page read and write
2490000
heap
page read and write
3872E000
unclassified section
page execute and read and write
3B4C000
stack
page read and write
42A000
unkown
page read and write
6B78000
direct allocation
page execute and read and write
34E1F000
stack
page read and write
3040000
heap
page read and write
1F6132C0000
heap
page read and write
536D000
heap
page read and write
1AB1000
unkown
page readonly
6A1000
heap
page read and write
48A0000
trusted library allocation
page read and write
6A1000
heap
page read and write
408000
unkown
page readonly
4151000
heap
page read and write
12B0000
unkown
page read and write
4151000
heap
page read and write
7E0000
heap
page read and write
55C0000
direct allocation
page read and write
780000
heap
page read and write
35190000
remote allocation
page read and write
4276000
heap
page read and write
780000
unkown
page read and write
53AC000
heap
page read and write
65F000
heap
page read and write
45DD000
direct allocation
page execute and read and write
2990000
heap
page read and write
35C000
stack
page read and write
53C1000
heap
page read and write
5352000
heap
page read and write
231000
unkown
page execute read
530E000
heap
page read and write
5670000
heap
page read and write
356B0000
direct allocation
page execute and read and write
4153000
heap
page read and write
4151000
heap
page read and write
789000
heap
page read and write
4151000
heap
page read and write
35980000
direct allocation
page execute and read and write
1F6137CE000
trusted library allocation
page read and write
6F0000
heap
page read and write
40A000
unkown
page write copy
1F611AB0000
heap
page read and write
2682000
unkown
page read and write
53C1000
heap
page read and write
35080000
heap
page read and write
4151000
heap
page read and write
783B000
heap
page read and write
4151000
heap
page read and write
40A000
unkown
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
789000
heap
page read and write
25B4000
heap
page read and write
70754000
unkown
page readonly
48E2000
unclassified section
page read and write
4151000
heap
page read and write
296B000
heap
page read and write
35A00000
unclassified section
page execute and read and write
733000
heap
page read and write
2920000
heap
page read and write
3000000
heap
page read and write
4151000
heap
page read and write
3C4C000
stack
page read and write
4151000
heap
page read and write
6E5000
heap
page read and write
535E000
heap
page read and write
6178000
direct allocation
page execute and read and write
53CC000
heap
page read and write
5E5000
heap
page read and write
4151000
heap
page read and write
1F613330000
trusted library allocation
page read and write
4151000
heap
page read and write
5590000
direct allocation
page read and write
5366000
heap
page read and write
1708000
remote allocation
page execute and read and write
7863000
heap
page read and write
4151000
heap
page read and write
5EC000
unkown
page execute read
7848000
heap
page read and write
425000
unkown
page read and write
6C8000
heap
page read and write
5366000
heap
page read and write
4151000
heap
page read and write
220000
unkown
page readonly
1F61361D000
trusted library allocation
page read and write
11E64000
system
page read and write
49FC000
unclassified section
page read and write
4151000
heap
page read and write
1EA000
stack
page read and write
256F000
stack
page read and write
5343000
heap
page read and write
6F6000
heap
page read and write
5355000
heap
page read and write
65F000
heap
page read and write
665000
heap
page read and write
1F613701000
trusted library allocation
page read and write
4151000
heap
page read and write
11D0000
unkown
page read and write
79C000
heap
page read and write
5349000
heap
page read and write
4151000
heap
page read and write
1720000
unkown
page readonly
4151000
heap
page read and write
4FA4000
unclassified section
page read and write
4151000
heap
page read and write
3502E000
stack
page read and write
4BBC000
unclassified section
page read and write
7E8000
heap
page read and write
AFC000
unkown
page read and write
5366000
heap
page read and write
4151000
heap
page read and write
1F61360B000
trusted library allocation
page read and write
401000
unkown
page execute read
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
44B0000
direct allocation
page execute and read and write
4151000
heap
page read and write
1F613330000
trusted library allocation
page read and write
7578000
direct allocation
page execute and read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
7830000
heap
page read and write
4EBF000
heap
page read and write
65F000
heap
page read and write
1660000
remote allocation
page execute and read and write
5F0000
unkown
page execute read
3525C000
stack
page read and write
4151000
heap
page read and write
2DC0000
direct allocation
page read and write
2BB000
stack
page read and write
289C000
unkown
page read and write
D80000
unkown
page readonly
12B0000
unkown
page read and write
535E000
heap
page read and write
180000
heap
page read and write
7840000
heap
page read and write
65031FE000
stack
page read and write
53C3000
heap
page read and write
65F000
heap
page read and write
648000
heap
page read and write
667000
heap
page read and write
535E000
heap
page read and write
68F000
heap
page read and write
4151000
heap
page read and write
7875000
heap
page read and write
25C2000
unkown
page read and write
2E10000
direct allocation
page read and write
7845000
heap
page read and write
744000
heap
page read and write
3040000
heap
page read and write
780000
heap
page read and write
796000
heap
page read and write
40A000
unkown
page write copy
55D0000
direct allocation
page read and write
4151000
heap
page read and write
F71000
unkown
page readonly
1EA000
stack
page read and write
2BF8000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
313A000
unkown
page read and write
4151000
heap
page read and write
477C000
direct allocation
page execute and read and write
35638000
heap
page read and write
35190000
remote allocation
page read and write
4150000
heap
page read and write
11D0000
unkown
page read and write
6A2000
heap
page read and write
5366000
heap
page read and write
95E000
system
page execute and read and write
5315000
heap
page read and write
1F611810000
system
page execute and read and write
56D0000
direct allocation
page execute and read and write
53B0000
heap
page read and write
23E000
unkown
page readonly
2490000
heap
page read and write
1F6119BC000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
700000
unkown
page read and write
4151000
heap
page read and write
626000
unkown
page execute read
665000
heap
page read and write
65F000
heap
page read and write
245000
unkown
page read and write
4151000
heap
page read and write
48A0000
trusted library allocation
page read and write
774000
heap
page read and write
440000
unkown
page readonly
4151000
heap
page read and write
5349000
heap
page read and write
60000
direct allocation
page read and write
4151000
heap
page read and write
5136000
unclassified section
page read and write
D80000
unkown
page readonly
230000
unkown
page readonly
4151000
heap
page read and write
4908000
remote allocation
page execute and read and write
4151000
heap
page read and write
780000
heap
page read and write
1F613600000
trusted library allocation
page read and write
77C000
unkown
page read and write
360000
unkown
page read and write
942000
system
page execute and read and write
55A0000
direct allocation
page read and write
960000
system
page execute and read and write
6BB000
heap
page read and write
4151000
heap
page read and write
2B08000
remote allocation
page execute and read and write
7822000
heap
page read and write
4151000
heap
page read and write
5340000
heap
page read and write
401000
unkown
page execute read
2DE0000
direct allocation
page read and write
3E1000
unkown
page readonly
3004000
heap
page read and write
A0000
direct allocation
page read and write
5580000
direct allocation
page read and write
696000
heap
page read and write
2EC0000
unkown
page readonly
30000
heap
page read and write
2E16000
unkown
page read and write
DD1000
unkown
page readonly
2614000
heap
page read and write
230000
unkown
page readonly
719000
heap
page read and write
1F6119A0000
heap
page read and write
785000
heap
page read and write
6B1000
heap
page read and write
230000
unkown
page readonly
53C1000
heap
page read and write
35360000
heap
page read and write
5F58000
unclassified section
page read and write
4151000
heap
page read and write
3732E000
unclassified section
page execute and read and write
53CC000
heap
page read and write
789000
heap
page read and write
5342000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4EBF000
heap
page read and write
4151000
heap
page read and write
780000
heap
page read and write
5778000
direct allocation
page execute and read and write
1F61189E000
system
page execute and read and write
1F613609000
trusted library allocation
page read and write
4151000
heap
page read and write
26DC000
unkown
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
2D80000
direct allocation
page read and write
1F61360E000
trusted library allocation
page read and write
35634000
heap
page read and write
7871000
heap
page read and write
80F000
heap
page read and write
53AC000
heap
page read and write
785000
heap
page read and write
5E1000
unkown
page read and write
2F8000
stack
page read and write
440000
unkown
page readonly
2B7E000
heap
page read and write
1F61189C000
system
page execute and read and write
4151000
heap
page read and write
5C34000
unclassified section
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
939000
system
page execute and read and write
5560000
direct allocation
page read and write
65A000
heap
page read and write
3F5C000
unkown
page read and write
3AA6000
unkown
page read and write
370000
unkown
page read and write
796000
heap
page read and write
357DD000
direct allocation
page execute and read and write
680000
heap
page read and write
2980000
heap
page read and write
4151000
heap
page read and write
535E000
heap
page read and write
4151000
heap
page read and write
5215000
heap
page read and write
3F7E000
unkown
page execute and read and write
79F000
heap
page read and write
6DE000
heap
page read and write
5EA000
unkown
page execute read
4151000
heap
page read and write
2B30000
heap
page read and write
4151000
heap
page read and write
51CE000
stack
page read and write
1320000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
53C1000
heap
page read and write
4151000
heap
page read and write
536D000
heap
page read and write
65A0000
unclassified section
page read and write
12E0000
unkown
page read and write
4151000
heap
page read and write
2DF0000
direct allocation
page read and write
7854000
heap
page read and write
70750000
unkown
page readonly
785000
heap
page read and write
6A6000
heap
page read and write
789000
heap
page read and write
6B6000
heap
page read and write
3004000
heap
page read and write
1F6119D1000
heap
page read and write
237F000
stack
page read and write
4151000
heap
page read and write
CD0000
unkown
page readonly
5550000
direct allocation
page read and write
6F0000
heap
page read and write
85E000
stack
page read and write
53C1000
heap
page read and write
34FEE000
stack
page read and write
5349000
heap
page read and write
4151000
heap
page read and write
774000
heap
page read and write
4151000
heap
page read and write
65A000
heap
page read and write
25B4000
heap
page read and write
D4A000
stack
page read and write
774000
heap
page read and write
53C8000
heap
page read and write
780000
heap
page read and write
4DCF000
stack
page read and write
7836000
heap
page read and write
497E000
unkown
page execute and read and write
30000
heap
page read and write
6E0000
unkown
page readonly
789000
heap
page read and write
4800000
trusted library allocation
page execute and read and write
DF0000
unkown
page readonly
357D9000
direct allocation
page execute and read and write
4151000
heap
page read and write
430000
unkown
page read and write
5355000
heap
page read and write
4151000
heap
page read and write
65029FB000
stack
page read and write
247000
unkown
page readonly
714000
heap
page read and write
60000
direct allocation
page read and write
3050000
unkown
page execute and read and write
4151000
heap
page read and write
545A000
unclassified section
page read and write
1F6119AA000
heap
page read and write
2C93000
heap
page read and write
6D0000
unkown
page readonly
11862000
system
page read and write
70751000
unkown
page execute read
53C3000
heap
page read and write
563E000
stack
page read and write
23E000
unkown
page readonly
4151000
heap
page read and write
2C84000
unkown
page read and write
1260000
heap
page read and write
289C000
unkown
page read and write
4151000
heap
page read and write
787E000
heap
page read and write
4151000
heap
page read and write
5352000
heap
page read and write
4151000
heap
page read and write
5312000
heap
page read and write
4151000
heap
page read and write
10FC000
stack
page read and write
4151000
heap
page read and write
2D90000
direct allocation
page read and write
5344000
heap
page read and write
6FB000
heap
page read and write
79C000
heap
page read and write
4151000
heap
page read and write
5352000
heap
page read and write
2B80000
heap
page read and write
552F000
stack
page read and write
535E000
heap
page read and write
774000
heap
page read and write
4151000
heap
page read and write
231000
unkown
page execute read
785000
heap
page read and write
4151000
heap
page read and write
789000
heap
page read and write
649000
unkown
page execute read
25C0000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
785000
heap
page read and write
5355000
heap
page read and write
1F6119CA000
heap
page read and write
4151000
heap
page read and write
4250000
trusted library allocation
page read and write
4151000
heap
page read and write
785000
heap
page read and write
65049FF000
stack
page read and write
4151000
heap
page read and write
8978000
direct allocation
page execute and read and write
BE0000
unkown
page readonly
6F0000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
408000
unkown
page readonly
1F613621000
trusted library allocation
page read and write
4151000
heap
page read and write
34DDE000
stack
page read and write
400000
unkown
page readonly
4151000
heap
page read and write
4151000
heap
page read and write
525E000
stack
page read and write
A0000
direct allocation
page read and write
4151000
heap
page read and write
6BB000
heap
page read and write
B3E000
stack
page read and write
35089000
heap
page read and write
4151000
heap
page read and write
65039FE000
stack
page read and write
2C71000
heap
page read and write
5EE000
unkown
page execute read
796000
heap
page read and write
34D9F000
stack
page read and write
9B5000
system
page execute and read and write
6B6000
heap
page read and write
53C3000
heap
page read and write
4151000
heap
page read and write
CE0000
heap
page read and write
520E000
stack
page read and write
2DB0000
direct allocation
page read and write
2E00000
direct allocation
page read and write
2610000
heap
page read and write
55E0000
direct allocation
page read and write
25C2000
unkown
page read and write
4151000
heap
page read and write
4151000
heap
page read and write
70E000
heap
page read and write
1F6137BE000
trusted library allocation
page read and write
5366000
heap
page read and write
C25000
heap
page read and write
3520F000
stack
page read and write
54EE000
stack
page read and write
4151000
heap
page read and write
53AC000
heap
page read and write
740000
heap
page read and write
246E000
stack
page read and write
4151000
heap
page read and write
52A0000
heap
page read and write
247000
unkown
page readonly
There are 715 hidden memdumps, click here to show them.