Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
HomeDesk.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {16DCA61C-6A0D-4F02-A29D-AC9E50B5C214},
Number of Words: 10, Subject: Nota Fiscal Eletronica, Author: Nota FIscal Eletronica, Name of Creating Application: Nota Fiscal
Eletronica, Template: ;1046, Comments: A base dados do instalador contm a lgica e os dados necessrios para instalar o Nota
Fiscal Eletronica., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri May 24 18:08:16
2024, Number of Pages: 200
|
initial sample
|
 |
|
|
C:\Users\user\Nota Fiscal Eletronica\AGLoader.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIDD3D.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIDDBB.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIDDEA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIDF43.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIE0BB.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\53da31.rbs
|
data
|
modified
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv0.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv0.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv0.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv1.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv1.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv1.3.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv10.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv10.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv11.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv11.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv12.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv12.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv13.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv13.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv14.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv14.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv15.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv15.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv16.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv16.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv17.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv17.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv18.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv18.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv19.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv19.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.3.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.4.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.5.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv2.6.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv20.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv20.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv21.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv21.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv22.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv22.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv23.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv23.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv24.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv24.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv25.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv25.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv26.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv26.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv27.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv27.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv28.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv28.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv29.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv29.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv3.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv3.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv3.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv30.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv30.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv31.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv31.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv32.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv32.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv33.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv33.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv34.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv34.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv35.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv35.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv36.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv36.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv37.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv37.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv38.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv38.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv39.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv39.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv4.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv4.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv40.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv40.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv41.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv41.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv42.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv42.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv43.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv43.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv44.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv44.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv45.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv45.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv45.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv45.3.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv45.4.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv46.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv46.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv47.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv47.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.3.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.4.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.5.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.6.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.7.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv48.8.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv5.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv5.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv6.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv6.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv7.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv7.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv7.2.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv7.3.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv7.4.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv8.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv8.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv9.0.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\iframe\rolloutfile.tv9.1.tv
|
data
|
dropped
|
||
|
C:\Users\user\Nota Fiscal Eletronica\volume.dat
|
data
|
dropped
|
||
|
C:\Windows\Installer\53da2f.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {16DCA61C-6A0D-4F02-A29D-AC9E50B5C214},
Number of Words: 10, Subject: Nota Fiscal Eletronica, Author: Nota FIscal Eletronica, Name of Creating Application: Nota Fiscal
Eletronica, Template: ;1046, Comments: A base dados do instalador contm a lgica e os dados necessrios para instalar o Nota
Fiscal Eletronica., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri May 24 18:08:16
2024, Number of Pages: 200
|
dropped
|
||
|
C:\Windows\Installer\53da32.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {16DCA61C-6A0D-4F02-A29D-AC9E50B5C214},
Number of Words: 10, Subject: Nota Fiscal Eletronica, Author: Nota FIscal Eletronica, Name of Creating Application: Nota Fiscal
Eletronica, Template: ;1046, Comments: A base dados do instalador contm a lgica e os dados necessrios para instalar o Nota
Fiscal Eletronica., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri May 24 18:08:16
2024, Number of Pages: 200
|
dropped
|
||
|
C:\Windows\Installer\MSIE168.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF01F8A61A6F83E3B0.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF1B2B1AE4D46C4A14.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF20CF643BE25625F6.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF29AA714D001E56ED.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF49E483823D53DA02.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF66716DC87A4382C0.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF6675F6C8D980D559.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF808F27D5AC6BD4F4.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF8A9EA8E1CEF88136.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFB2188FFBC53DA54D.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFC5261587E7ECE041.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFC593D2471515D277.TMP
|
data
|
dropped
|
There are 133 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe
|
"C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe"
|
|
|
|
C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe
|
"C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe"
|
|
|
|
C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe
|
"C:\Users\user\Nota Fiscal Eletronica\LKdayanJELT9QDD900055.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\HomeDesk.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 1B2D85995D295580A3E8CCFD73CF5DB1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://newsfoos.from-il.com/clientes/inspecionando.phpN%
|
unknown
|
||
|
https://pastebin.com/raw/v03rLptMes/inspecionando.php
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://newsfoos.from-il.com/clientes/inspecionando.php#
|
unknown
|
||
|
http://newsfoos.from-il.com/clientes/inspecionando.php
|
35.199.75.136
|
||
|
http://newsfoos.from-il.com/clientes/inspecionando.php&
|
unknown
|
||
|
http://newsfoos.from-il.com/clientes/inspecionando.phpOI
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
newsfoos.from-il.com
|
35.199.75.136
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
35.199.75.136
|
newsfoos.from-il.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\53da31.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\53da31.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\6B2FB9B5C8633EF42B80E7457BF6D1DB
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\430764407F5B8EA4AB62EEF02A219F93
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\0C01AF67958C5B847A156C685FB89627
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\CBDBFC42587CE5A4CB6DAEF876F2D98A
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\4171529072301584B99BD247BF403B38
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\407F20F022934204FB111E201C8B182F
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\Nota Fiscal Eletronica\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\Nota Fiscal Eletronica\iframe\
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Nota FIscal Eletronica\Nota Fiscal Eletronica
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Nota FIscal Eletronica\Nota Fiscal Eletronica
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\94989599A1758CD4B89B6ADAA3512403
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD47C468-A902-4164-B360-5693BA87F9BC}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\864C74DC209A46143B066539AB789FCB
|
MainFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\Features
|
MainFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\864C74DC209A46143B066539AB789FCB\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
ProductName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
PackageCode
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
Language
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
Assignment
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
InstanceType
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\UpgradeCodes\94989599A1758CD4B89B6ADAA3512403
|
864C74DC209A46143B066539AB789FCB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB\SourceList\Media
|
DiskPrompt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB
|
Clients
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\864C74DC209A46143B066539AB789FCB\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Financeiro
|
There are 77 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
EC1000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2BCC000
|
direct allocation
|
page read and write
|
||
|
1270000
|
direct allocation
|
page execute and read and write
|
||
|
2849000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D74000
|
direct allocation
|
page read and write
|
||
|
36A3000
|
heap
|
page read and write
|
||
|
7FB70000
|
direct allocation
|
page read and write
|
||
|
2C28000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
704000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6C451000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2F43000
|
heap
|
page read and write
|
||
|
31B8000
|
direct allocation
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
3514000
|
direct allocation
|
page read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B371000
|
unkown
|
page execute read
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2BE8000
|
direct allocation
|
page read and write
|
||
|
2CE4000
|
direct allocation
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
6BA51000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
DD5000
|
heap
|
page read and write
|
||
|
7E310000
|
direct allocation
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
31F1000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2BFD000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
31A9000
|
direct allocation
|
page read and write
|
||
|
7EE90000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
31F8000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2D6D000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
3144000
|
direct allocation
|
page read and write
|
||
|
F03000
|
unkown
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6BA51000
|
unkown
|
page execute read
|
||
|
7ED10000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EDE0000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B48B000
|
unkown
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B462000
|
unkown
|
page execute read
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2D24000
|
direct allocation
|
page read and write
|
||
|
D20000
|
direct allocation
|
page execute and read and write
|
||
|
6B371000
|
unkown
|
page execute read
|
||
|
1314000
|
heap
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
2D3A000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6C4EC000
|
unkown
|
page readonly
|
||
|
F03000
|
unkown
|
page write copy
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
3224000
|
direct allocation
|
page read and write
|
||
|
2874000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
7EE10000
|
direct allocation
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
6B45C000
|
unkown
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
64D000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EE30000
|
direct allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2C0C000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B451000
|
unkown
|
page read and write
|
||
|
320F000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2898000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2883000
|
direct allocation
|
page read and write
|
||
|
34E2000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
31A8000
|
direct allocation
|
page read and write
|
||
|
2F59000
|
direct allocation
|
page execute and read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
6B451000
|
unkown
|
page read and write
|
||
|
7E9F0000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
31DB000
|
direct allocation
|
page read and write
|
||
|
775000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
352A000
|
direct allocation
|
page read and write
|
||
|
6B462000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6FA000
|
heap
|
page read and write
|
||
|
7EEB0000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B451000
|
unkown
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B460000
|
unkown
|
page readonly
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EEC0000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2BEF000
|
direct allocation
|
page read and write
|
||
|
34F8000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
400000
|
direct allocation
|
page execute and read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
7FAD0000
|
direct allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
3216000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
E1E000
|
stack
|
page read and write
|
||
|
31F2000
|
direct allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
3241000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EE60000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
83B000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B45C000
|
unkown
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
7EE90000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
14E1000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EE40000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6BA51000
|
unkown
|
page execute read
|
||
|
2BD2000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D15000
|
direct allocation
|
page read and write
|
||
|
7E6C0000
|
direct allocation
|
page read and write
|
||
|
2D7C000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1BB000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
7FC40000
|
direct allocation
|
page read and write
|
||
|
7EE10000
|
direct allocation
|
page read and write
|
||
|
34E9000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2D91000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
93B000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7F850000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B370000
|
unkown
|
page readonly
|
||
|
A44000
|
heap
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7ED90000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
28A0000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
3498000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
34DA000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
31C6000
|
direct allocation
|
page read and write
|
||
|
2BC9000
|
direct allocation
|
page execute and read and write
|
||
|
6B48B000
|
unkown
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2C30000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
323A000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
31B0000
|
direct allocation
|
page read and write
|
||
|
F03000
|
unkown
|
page read and write
|
||
|
287C000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
31B0000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
34D2000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
F03000
|
unkown
|
page write copy
|
||
|
3531000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
A44000
|
heap
|
page read and write
|
||
|
6B48B000
|
unkown
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D5F000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
34F0000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
7EE10000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2D07000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2CC6000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
34C4000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2891000
|
direct allocation
|
page read and write
|
||
|
3538000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2CCD000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
288A000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
14E1000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
27E4000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D2B000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2FA5000
|
direct allocation
|
page execute and read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
7E290000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
31F9000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2CDC000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7E640000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
6607000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
3523000
|
direct allocation
|
page read and write
|
||
|
351C000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
3248000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6C4EC000
|
unkown
|
page readonly
|
||
|
2661000
|
heap
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
31EA000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
31EA000
|
direct allocation
|
page read and write
|
||
|
6B460000
|
unkown
|
page readonly
|
||
|
71F000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7EA70000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
319C000
|
direct allocation
|
page read and write
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
6B491000
|
unkown
|
page execute read
|
||
|
3100000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
B5E000
|
stack
|
page read and write
|
||
|
3208000
|
direct allocation
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
34CB000
|
direct allocation
|
page read and write
|
||
|
70B000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
6C2000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
2858000
|
direct allocation
|
page read and write
|
||
|
F03000
|
unkown
|
page write copy
|
||
|
6B491000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2842000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
7FAD0000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2BE0000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2F3D000
|
stack
|
page read and write
|
||
|
6B371000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
D6F000
|
stack
|
page read and write
|
||
|
2C21000
|
direct allocation
|
page read and write
|
||
|
7FBF0000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2D66000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
2CF1000
|
direct allocation
|
page read and write
|
||
|
3570000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2C13000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
34B5000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D42000
|
direct allocation
|
page read and write
|
||
|
31DC000
|
direct allocation
|
page read and write
|
||
|
34FF000
|
direct allocation
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EC70000
|
direct allocation
|
page read and write
|
||
|
CAB000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
6B370000
|
unkown
|
page readonly
|
||
|
29F1000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
6B45C000
|
unkown
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2BF6000
|
direct allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
B78000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EAE000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
286D000
|
direct allocation
|
page read and write
|
||
|
2CD4000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
322C000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
6D2000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D83000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B2000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2BD9000
|
direct allocation
|
page read and write
|
||
|
2CF8000
|
direct allocation
|
page read and write
|
||
|
7ECF0000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6B491000
|
unkown
|
page execute read
|
||
|
31E3000
|
direct allocation
|
page read and write
|
||
|
31D4000
|
direct allocation
|
page read and write
|
||
|
F03000
|
unkown
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
7FC70000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
31C5000
|
direct allocation
|
page read and write
|
||
|
2D49000
|
direct allocation
|
page read and write
|
||
|
30D3000
|
heap
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
7F4A0000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
6F1000
|
heap
|
page read and write
|
||
|
6C451000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
3233000
|
direct allocation
|
page read and write
|
||
|
2D32000
|
direct allocation
|
page read and write
|
||
|
283C000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
31BF000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
31D4000
|
direct allocation
|
page read and write
|
||
|
6B370000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2C04000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
354E000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2850000
|
direct allocation
|
page read and write
|
||
|
2DDD000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
3506000
|
direct allocation
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
344B000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
F08000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2D98000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7F0F0000
|
direct allocation
|
page read and write
|
||
|
31A2000
|
direct allocation
|
page read and write
|
||
|
3030000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EE60000
|
direct allocation
|
page read and write
|
||
|
2D58000
|
direct allocation
|
page read and write
|
||
|
31CD000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
6C451000
|
unkown
|
page execute read
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2C15000
|
direct allocation
|
page execute and read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EA5000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D8A000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7EEE0000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7FCC0000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
7ECF0000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
2BBF000
|
direct allocation
|
page execute and read and write
|
||
|
65F0000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2866000
|
direct allocation
|
page read and write
|
||
|
350D000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
6E1000
|
heap
|
page read and write
|
||
|
7EE10000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
13E8000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
729000
|
direct allocation
|
page execute and read and write
|
||
|
2C1A000
|
direct allocation
|
page read and write
|
||
|
73E000
|
heap
|
page read and write
|
||
|
6B460000
|
unkown
|
page readonly
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
7ED90000
|
direct allocation
|
page read and write
|
||
|
34A0000
|
direct allocation
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
7ED90000
|
direct allocation
|
page read and write
|
||
|
7FCA0000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
5C0000
|
trusted library allocation
|
page read and write
|
||
|
6C4EC000
|
unkown
|
page readonly
|
||
|
B9000
|
stack
|
page read and write
|
||
|
6B462000
|
unkown
|
page execute read
|
||
|
7FC90000
|
direct allocation
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2D50000
|
direct allocation
|
page read and write
|
||
|
31E2000
|
direct allocation
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page execute read
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
2F4F000
|
direct allocation
|
page execute and read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
321D000
|
direct allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
2B74000
|
direct allocation
|
page read and write
|
||
|
EF6000
|
unkown
|
page readonly
|
||
|
1314000
|
heap
|
page read and write
|
||
|
4A4000
|
heap
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
285F000
|
direct allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
7FC70000
|
direct allocation
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
DAB000
|
stack
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
2661000
|
heap
|
page read and write
|
There are 722 hidden memdumps, click here to show them.