Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

FireDaemon-Pro-x64-5.4.10.exe

PE32 executable (GUI) Intel 80386, for MS Windows

initial sample

C:\Program Files\FireDaemon Pro\Core-0ccfb35b.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files\FireDaemon Pro\Core-0ccfb35b.dll:{4498064F-515A180A-A7D546EE-2EB1D8EE}

data

dropped

C:\Program Files\FireDaemon Pro\FireDaemonCLI.exe

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files\FireDaemon Pro\FireDaemonUI.exe

PE32+ executable (GUI) x86-64, for MS Windows

dropped

C:\Windows\Installer\MSI4A8B.tmp

PE32+ executable (GUI) x86-64, for MS Windows

dropped

C:\Config.Msi\5a2bce.rbs

data

dropped

C:\Program Files\FireDaemon Pro\Core.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files\FireDaemon Pro\FireDaemon.exe

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\add-service-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\add-service.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\additional-menu-horizontal-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\additional-menu-horizontal.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\branding.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-service-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\delete-service.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\done-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\done.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\edit-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\edit-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\erase-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\erase.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\hamburger-menu-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\hamburger-menu.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\logo.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\managed-services.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\open-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\open-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-grey-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-grey.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\pause-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\refresh-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\refresh.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-blue-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-blue.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\restart-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-grey-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-grey.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\resume-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\save-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\save-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\save-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\save.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\scheduling-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\scheduling-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\show-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\show-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-down-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-down.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-left-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-left.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-up-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\simple-arrow-up.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\splash-screen.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-green-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-green.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\start-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-red-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\stop-red.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\support-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\support.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\switch-session0-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\switch-session0.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\sysinfo.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\Graphics\winservices.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Program Files\FireDaemon Pro\Skin\skin.xml

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

C:\Program Files\FireDaemon Pro\VisualLayer.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Program Files\FireDaemon Pro\license.txt

ISO-8859 text, with CRLF, LF line terminators

dropped

C:\Program Files\FireDaemon Pro\regid.2000-01.com.firedaemon_29758F0E-2FC0-46EF-A3D7-0CECCDC6FB35.swidtag

XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators

dropped

C:\Program Files\FireDaemon Pro\version.txt

ASCII text

dropped

C:\ProgramData\Caphyon\Advanced Installer\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}\FireDaemon-Pro-x64-5.4.10.exe

PE32 executable (GUI) Intel 80386, for MS Windows

dropped

C:\ProgramData\Caphyon\Advanced Installer\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}\FireDaemon-Pro-x64-5.4.10.exe:Zone.Identifier

ASCII text, with CRLF line terminators

modified

C:\ProgramData\FireDaemon Pro\ServiceDefinitions\Default Template.xml

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireDaemon Pro\FireDaemon Pro.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Apr 22 18:39:02 2024, mtime=Sun May 26 23:13:58 2024, atime=Mon Apr 22 18:39:02 2024, length=17290944, window=hide

dropped

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireDaemon Pro\Online Resources.url

MS Windows 95 Internet shortcut text (URL=<https://www.firedaemon.com/user-guides/firedaemon-pro-5>), ASCII text, with CRLF line terminators

dropped

C:\ProgramData\regid.2000-01.com.firedaemon\regid.2000-01.com.firedaemon_29758F0E-2FC0-46EF-A3D7-0CECCDC6FB35.swidtag

XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators

dropped

C:\Users\Public\Desktop\FireDaemon Pro.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Mon Apr 22 18:39:02 2024, mtime=Sun May 26 23:13:56 2024, atime=Mon Apr 22 18:39:02 2024, length=17290944, window=hide

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\ExternalUICleaner.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\New

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\Up

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\banner.bmp

PC bitmap, Windows 3.x format, 499 x 58 x 24, resolution 2835 x 2835 px/m, cbSize 87054, bits offset 54

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\cmdlinkarrow

MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\completi

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\custicon

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\exclamic

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\info

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\installation.vbs

ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\insticon

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\lzmaextractor.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\removico

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\repairic

MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\tabback

PC bitmap, Windows 3.x format, 1 x 200 x 24, cbSize 854, bits offset 54

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\tempFiles.dll

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\welcome.bmp

PC bitmap, Windows 3.x format, 499 x 312 x 24, resolution 2835 x 2835 px/m, cbSize 468054, bits offset 54

dropped

C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_3724\wicustomactions.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\FireDaemon Pro-5.4.10\CoreETW.man

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\MSI11DB.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSI8085.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE2BE.LOG

Unicode text, UTF-16, little-endian text, with CRLF line terminators

dropped

C:\Users\user\AppData\Local\Temp\MSIE63A.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE6B8.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE707.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE766.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE7C5.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE7E5.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE815.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE845.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIE94F.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIEA0C.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIEA4B.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIEAC9.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\MSIEB28.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\shi28B0.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Local\Temp\shiE59D.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\CommonAppDataFolder\FireDaemon Pro\ServiceDefinitions\Default Template.xml

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Core-0ccfb35b.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Core.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\FireDaemon-Pro-x64-5.4.10.msi

Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252, Revision Number: {E87D1F75-6AF1-468D-8B53-FCCCA6F08190}, Number of Words: 0, Subject: FireDaemon Pro, Author: FireDaemon Technologies Limited, Name of Creating Application: FireDaemon Pro, Template: x64;1033, Comments: This installer database contains the logic and data required to install FireDaemon Pro., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Mon Apr 22 20:41:44 2024, Last Saved Time/Date: Mon Apr 22 20:41:44 2024, Last Printed: Mon Apr 22 20:41:44 2024, Number of Pages: 450

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\FireDaemon.exe

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\FireDaemonCLI.exe

PE32+ executable (console) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\FireDaemonUI.exe

PE32+ executable (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\add-service-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\add-service.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\additional-menu-horizontal-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\additional-menu-horizontal.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\branding.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\delete-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\delete-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\delete-service-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\delete-service.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\done-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\done.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\edit-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\edit-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\erase-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\erase.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\hamburger-menu-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\hamburger-menu.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\logo.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\managed-services-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\managed-services-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\managed-services.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\open-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\open-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\pause-grey-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\pause-grey.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\pause-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\pause-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\refresh-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\refresh.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-blue-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-blue.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\restart-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\resume-grey-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\resume-grey.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\resume-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\resume-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\save-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\save-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\save-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\save.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\scheduling-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\scheduling-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\show-log-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\show-log.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-down-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-down.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-left-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-left.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-up-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\simple-arrow-up.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\splash-screen.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-green-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-green.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\start-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-all-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-all.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-quick-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-quick.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-red-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\stop-red.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\support-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\support.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\switch-session0-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\switch-session0.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\sysinfo-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\sysinfo-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\sysinfo.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\winservices-hover.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\winservices-selected.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\Graphics\winservices.emf

Windows Enhanced Metafile (EMF) image data version 0x10000

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\Skin\skin.xml

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\VisualLayer.dll

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\license.txt

ISO-8859 text, with CRLF, LF line terminators

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\version.txt

ASCII text

dropped

C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\holder0.aiph

data

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun May 26 23:14:26 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

dropped

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

dropped

C:\Users\user\AppData\Roaming\Obsidium x64\{4498064F-515A180A-A7D546EE-2EB1D8EE}

data

dropped

C:\Windows\Installer\5a2bcd.msi

dropped

C:\Windows\Installer\5a2bcf.msi

dropped

C:\Windows\Installer\MSI2D53.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI2DE1.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI2E20.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI2E50.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Windows\Installer\MSI2F7A.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI2FC9.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI3009.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI3029.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI3E82.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI3F7D.tmp

data

dropped

C:\Windows\Installer\MSI4143.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI5087.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI5134.tmp

PE32+ executable (DLL) (GUI) x86-64, for MS Windows

dropped

C:\Windows\Installer\MSI6CCC.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

dropped

C:\Windows\Installer\MSI6D0B.tmp

PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

modified

C:\Windows\Installer\SourceHash{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Installer\inprogressinstallinfo.ipi

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Installer\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}\FireDaemonInstallation.exe

MS Windows icon resource - 14 icons, 64x64, 8 bits/pixel, 48x48, 8 bits/pixel

dropped

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

dropped

C:\Windows\Temp\~DF26B8D9A740B93BC3.TMP

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Temp\~DF3DDACB6F4C8EF1A8.TMP

data

dropped

C:\Windows\Temp\~DF61B171DEEBAAAFD6.TMP

data

dropped

C:\Windows\Temp\~DF670E2B902382FFDA.TMP

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Temp\~DF694D565802009297.TMP

data

dropped

C:\Windows\Temp\~DFD4733EF99BE671DE.TMP

data

dropped

C:\Windows\Temp\~DFD7FA42BE225A415F.TMP

data

dropped

C:\Windows\Temp\~DFE11CF3404DABF25A.TMP

data

dropped

C:\Windows\Temp\~DFE5A007460E28D2C8.TMP

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Temp\~DFEB0153BAE3165D9D.TMP

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\Temp\~DFEC878F4BA64BB368.TMP

data

dropped

C:\Windows\Temp\~DFEFEFE0DB913C8E3C.TMP

Composite Document File V2 Document, Cannot read section info

dropped

C:\Windows\win.ini

Generic INItialization configuration [extensions]

dropped

Chrome Cache Entry: 378

ASCII text, with very long lines (778)

downloaded

Chrome Cache Entry: 379

ASCII text, with very long lines (606)

downloaded

Chrome Cache Entry: 380

ASCII text, with very long lines (4910)

downloaded

Chrome Cache Entry: 381

JSON data

downloaded

Chrome Cache Entry: 382

ASCII text, with very long lines (5724)

dropped

Chrome Cache Entry: 383

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 384

ASCII text, with very long lines (46552)

dropped

Chrome Cache Entry: 385

ASCII text, with very long lines (14427)

downloaded

Chrome Cache Entry: 386

ASCII text, with very long lines (2297)

downloaded

Chrome Cache Entry: 387

JSON data

dropped

Chrome Cache Entry: 388

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

downloaded

Chrome Cache Entry: 389

ASCII text, with very long lines (20274)

downloaded

Chrome Cache Entry: 390

ASCII text, with very long lines (608)

downloaded

Chrome Cache Entry: 391

ASCII text, with very long lines (20274)

dropped

Chrome Cache Entry: 392

JSON data

dropped

Chrome Cache Entry: 393

PNG image data, 53 x 12, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 394

Web Open Font Format, TrueType, length 84928, version 1.0

downloaded

Chrome Cache Entry: 395

ASCII text, with very long lines (33399)

downloaded

Chrome Cache Entry: 396

ASCII text, with very long lines (3733)

downloaded

Chrome Cache Entry: 397

PNG image data, 969 x 685, 8-bit/color RGB, non-interlaced

dropped

Chrome Cache Entry: 398

ASCII text, with very long lines (65125)

downloaded

Chrome Cache Entry: 399

ASCII text, with very long lines (30854)

downloaded

Chrome Cache Entry: 400

ASCII text, with very long lines (548)

downloaded

Chrome Cache Entry: 401

ASCII text

downloaded

Chrome Cache Entry: 402

Web Open Font Format, TrueType, length 84696, version 1.0

downloaded

Chrome Cache Entry: 403

ASCII text, with very long lines (5680)

downloaded

Chrome Cache Entry: 404

JSON data

downloaded

Chrome Cache Entry: 405

JSON data

downloaded

Chrome Cache Entry: 406

ASCII text, with very long lines (5724)

downloaded

Chrome Cache Entry: 407

JSON data

dropped

Chrome Cache Entry: 408

HTML document, Unicode text, UTF-8 text, with very long lines (20786)

downloaded

Chrome Cache Entry: 409

ASCII text, with very long lines (32945)

downloaded

Chrome Cache Entry: 410

JSON data

dropped

Chrome Cache Entry: 411

ASCII text, with no line terminators

downloaded

Chrome Cache Entry: 412

JSON data

downloaded

Chrome Cache Entry: 413

PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 414

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 415

PNG image data, 227 x 48, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 416

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 417

ASCII text, with very long lines (56796)

downloaded

Chrome Cache Entry: 418

ASCII text, with very long lines (65536), with no line terminators

dropped

Chrome Cache Entry: 419

ASCII text, with very long lines (25480)

downloaded

Chrome Cache Entry: 420

ASCII text, with very long lines (707)

downloaded

Chrome Cache Entry: 421

ASCII text, with very long lines (25977)

downloaded

Chrome Cache Entry: 422

ASCII text, with very long lines (391)

downloaded

Chrome Cache Entry: 423

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 424

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 425

ASCII text, with very long lines (4633)

dropped

Chrome Cache Entry: 426

ASCII text, with very long lines (5945)

downloaded

Chrome Cache Entry: 427

ASCII text, with very long lines (30964)

downloaded

Chrome Cache Entry: 428

ASCII text, with very long lines (12689)

downloaded

Chrome Cache Entry: 429

ASCII text, with very long lines (9405)

downloaded

Chrome Cache Entry: 430

PNG image data, 297 x 62, 8-bit/color RGBA, non-interlaced

dropped

Chrome Cache Entry: 431

RIFF (little-endian) data, Web/P image

downloaded

Chrome Cache Entry: 432

ASCII text, with very long lines (37575)

downloaded

Chrome Cache Entry: 433

ASCII text, with very long lines (1298)

downloaded

Chrome Cache Entry: 434

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 435

ASCII text, with very long lines (64394)

downloaded

Chrome Cache Entry: 436

RIFF (little-endian) data, Web/P image

downloaded

Chrome Cache Entry: 437

ASCII text, with very long lines (65536), with no line terminators

downloaded

Chrome Cache Entry: 438

JSON data

downloaded

Chrome Cache Entry: 439

RIFF (little-endian) data, Web/P image

downloaded

Chrome Cache Entry: 440

ASCII text, with very long lines (46552)

downloaded

Chrome Cache Entry: 441

JSON data

downloaded

Chrome Cache Entry: 442

ASCII text, with very long lines (65536), with no line terminators

dropped

Chrome Cache Entry: 443

ASCII text, with very long lines (5020)

downloaded

Chrome Cache Entry: 444

JSON data

dropped

Chrome Cache Entry: 445

ASCII text, with very long lines (4633)

downloaded

Chrome Cache Entry: 446

JSON data

downloaded

Chrome Cache Entry: 447

ASCII text, with very long lines (1298)

downloaded

Chrome Cache Entry: 448

ASCII text, with very long lines (65536), with no line terminators

dropped

Chrome Cache Entry: 449

ASCII text, with very long lines (5020)

dropped

Chrome Cache Entry: 450

ASCII text, with very long lines (4230)

downloaded

Chrome Cache Entry: 451

ASCII text, with very long lines (42026)

downloaded

Chrome Cache Entry: 452

JSON data

dropped

Chrome Cache Entry: 453

ASCII text, with very long lines (1810)

downloaded

Chrome Cache Entry: 454

ASCII text, with very long lines (56261)

downloaded

Chrome Cache Entry: 455

ASCII text, with very long lines (6383)

downloaded

Chrome Cache Entry: 456

ASCII text, with very long lines (945)

downloaded

Chrome Cache Entry: 457

ASCII text, with very long lines (18479)

downloaded

Chrome Cache Entry: 458

ASCII text, with very long lines (4143)

downloaded

Chrome Cache Entry: 459

JSON data

dropped

Chrome Cache Entry: 460

ASCII text, with very long lines (12367)

downloaded

Chrome Cache Entry: 461

ASCII text, with very long lines (437)

downloaded

Chrome Cache Entry: 462

ASCII text, with very long lines (432)

downloaded

Chrome Cache Entry: 463

RIFF (little-endian) data, Web/P image

downloaded

Chrome Cache Entry: 464

ASCII text, with very long lines (3280)

downloaded

Chrome Cache Entry: 465

ASCII text, with very long lines (2102)

downloaded

Chrome Cache Entry: 466

ASCII text, with very long lines (31349)

downloaded

Chrome Cache Entry: 467

JSON data

downloaded

Chrome Cache Entry: 468

ASCII text, with very long lines (37412)

downloaded

Chrome Cache Entry: 469

ASCII text, with no line terminators

downloaded

Chrome Cache Entry: 470

ASCII text, with very long lines (3562)

downloaded

Chrome Cache Entry: 471

ASCII text, with very long lines (2766)

downloaded

Chrome Cache Entry: 472

ASCII text, with very long lines (2183)

downloaded

Chrome Cache Entry: 473

JSON data

dropped

Chrome Cache Entry: 474

JSON data

dropped

Chrome Cache Entry: 475

JSON data

downloaded

Chrome Cache Entry: 476

ASCII text, with very long lines (65536), with no line terminators

downloaded

There are 352 hidden files, click here to show them.

Processes

Path

Cmdline

Malicious

C:\Windows\System32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\System32\msiexec.exe

C:\Windows\System32\MsiExec.exe -Embedding 911D350BE57E64866022B62F36BBA82C C

C:\Windows\System32\msiexec.exe

C:\Windows\System32\MsiExec.exe -Embedding F00D2CFA17B3A1B813951E4AFEA3B618

C:\Windows\Installer\MSI4A8B.tmp

"C:\Windows\Installer\MSI4A8B.tmp" /EnforcedRunAsAdmin /RunAsAdmin /HideWindow /dir "C:\Program Files\FireDaemon Pro\" wevtutil.exe im "C:\Users\user\AppData\Local\Temp\FireDaemon Pro-5.4.10\CoreETW.man" /rf:"C:\Program Files\FireDaemon Pro\Core.dll" /mf:"C:\Program Files\FireDaemon Pro\Core.dll"

C:\Windows\System32\wevtutil.exe

"C:\Windows\System32\wevtutil.exe" im "C:\Users\user\AppData\Local\Temp\FireDaemon Pro-5.4.10\CoreETW.man" /rf:"C:\Program Files\FireDaemon Pro\Core.dll" /mf:"C:\Program Files\FireDaemon Pro\Core.dll"

C:\Windows\System32\msiexec.exe

C:\Windows\System32\MsiExec.exe -Embedding 2C93263EC56A61C426AD4BBB3DBBF379 E Global\MSI0000

C:\Program Files\FireDaemon Pro\FireDaemonCLI.exe

"C:\Program Files\FireDaemon Pro\FireDaemonCLI.exe" control-all start-automatic

C:\Program Files\FireDaemon Pro\FireDaemonUI.exe

"C:\Program Files\FireDaemon Pro\FireDaemonUI.exe"

C:\Program Files\FireDaemon Pro\FireDaemonUI.exe

"C:\Program Files\FireDaemon Pro\FireDaemonUI.exe"

C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe

"C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe"

C:\Windows\SysWOW64\msiexec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 65BC5742A4D136F247A43F6F8A09CB61 C

C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe

"C:\Users\user\Desktop\FireDaemon-Pro-x64-5.4.10.exe" /i "C:\Users\user\AppData\Roaming\FireDaemon Technologies Limited\FireDaemon Pro 5.4.10\install\9D27617\FireDaemon-Pro-x64-5.4.10.msi" AI_EUIMSI=1 APPDIR="C:\Program Files\FireDaemon Pro" SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireDaemon Pro" PRODUCT_TEMPFOLDER="C:\Users\user\AppData\Local\Temp\FireDaemon Pro-5.4.10" SECONDSEQUENCE="1" CLIENTPROCESSID="3724" AI_MORE_CMD_LINE=1

C:\Windows\SysWOW64\msiexec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 4FDFDF47CA384F24D6EDC9B370A17B58

C:\Windows\System32\conhost.exe

C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

C:\Windows\SysWOW64\msiexec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 8A88BC285C82FC453C4ED127C82769C1 E Global\MSI0000

C:\Windows\System32\conhost.exe

C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.firedaemon.com/download-firedaemon-pro

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2212,i,1586714833246951182,13030695916731165331,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

There are 8 hidden processes, click here to show them.

URLs

Name

Malicious

https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=1&is_sav_rollout=0&is_dac_rollout=0&dc=42&microPop=fastly_42_g&is_cached=true&msid=49d14df4-afe2-4e62-83bc-650176825a35&session_id=adeae0fd-d2b1-4196-944d-a38205e992a9&ish=false&isb=false&vsi=97642ca1-5898-43f4-8533-becae685cd66&caching=hit,hit_miss&pv=visible&pn=1&v=1.14056.0&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&st=2&ts=45&tsn=1588&platformOnSite=true

3.85.180.19

https://static.parastorage.com/services/auto-frontend-modules/dist/webworker/auto-frontend-modules.0e3e917b.umd.min.js

34.49.229.81

http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0

unknown

http://xml.firedaemon.com

unknown

https://www.firedaemon.com/download-firedaemon-prog;

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.affe2026.chunk.min.js

34.49.229.81

http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt0#

unknown

http://xml.firedaemon.com/scheduling/v15

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/group_43.fac77ec7.chunk.min.js

34.49.229.81

https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-classic.3bf2ca42.bundle.min.js

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/panorama.051dc072.chunk.min.js

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/platform.34e40fe4.chunk.min.js

34.49.229.81

https://www.firedaemon.com/supportButtonText_Repair&RepairAiPreferFastOemProductLanguage1033ProductV

unknown

https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/open-source/opensans-regular-webfont.woff

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/Fallback.corvid.6c607819.chunk.min.js

34.49.229.81

http://xml.firedaemon.combt

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/ooi.aaf1fd25.chunk.min.js

34.49.229.81

https://static.parastorage.com/services/auto-frontend-modules/1.4827.0/webworker/manifest-worker.min.json

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.0e16a51b.chunk.min.js

34.49.229.81

https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_miss&dc=42&microPop=fastly_42_g&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=1&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=49d14df4-afe2-4e62-83bc-650176825a35&pid=vi7pm&pn=1&sar=1280x984&sessionId=adeae0fd-d2b1-4196-944d-a38205e992a9&siterev=5065-__siteCacheRevision__&sr=1280x1024&st=2&ts=8674&tts=10218&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&v=1.14056.0&vid=38a15070-7fdd-4de0-aeac-5eb12a324034&bsi=0627d659-1bf8-4f4a-a708-e9783f65564e|1&vsi=97642ca1-5898-43f4-8533-becae685cd66&wor=1050x964&wr=1034x870&_brandId=wix

3.85.180.19

http://xml.firedaemon.com/scheduling/v1Y:

unknown

https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap.8949600c.bundle.min.js

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/environmentWixCodeSdk.7690a40b.chunk.min.js

34.49.229.81

http://xml.firedaemon.com/scheduling/v2nStyle/

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/group_0.fbab12aa.chunk.min.js

34.49.229.81

http://ocsp.sectigo.comhttp://crl.sectigo.com/SectigoRSATimeStampingCA.crl9e

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/group_33.f6f5fc64.chunk.min.js

34.49.229.81

https://static.wixstatic.com/media/dc9a59_9354b886e1e4435e939e6ec92ac3c300~mv2.png/v1/fill/w_227,h_48,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/dc9a59_9354b886e1e4435e939e6ec92ac3c300~mv2.png

99.86.4.105

http://xml.firedaemon.com/scheduling/v3%

unknown

http://standards.iso.org/iso/19770/-2/2008/schema.xsd

unknown

http://xml.firedaemon.com/scheduling/v1y

unknown

https://update.firedaemon.com(.

unknown

http://ocsp.sectigo.com

unknown

https://www.firedaemon.com/contact-us

unknown

https://update.firedaemon.com/firedaemon-pro-version.txt

104.26.10.34

https://static.parastorage.com/services/wix-thunderbolt/dist/group_7.bae0ce0c.chunk.min.css

34.49.229.81

http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl

unknown

https://www.firedaemon.com/pricingu

unknown

https://www.firedaemon.com/user-guides/firedaemon-pro-5FireDaemonFireDaemonCLI.exeFireDaemon.exehttp

unknown

http://xml.firedaemon.com/scheduling/v1C

unknown

http://xml.firedaemon.com/scheduling/v39=

unknown

http://xml.firedaemon.com/scheduling/v2y=

unknown

https://www.firedaemon.com/support

unknown

https://www.firedaemon.com/_partials/wix-thunderbolt/dist/nonMainSdks.725f9808.chunk.min.js

34.149.87.45

http://ocsp.sectigo.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSmEJ7s5DLYqQ4%2FaFKR54j1BHqdkgQUGqH4YRkgD8NBd0

unknown

http://xml.firedaemon.com/scheduling/v1O

unknown

https://www.firedaemon.com/get-firedaemon-zeroUI0DetectThe

unknown

http://xml.firedaemon.comw

unknown

https://static.parastorage.com/services/tag-manager-client/1.841.0/siteTags.bundle.min.js

34.49.229.81

https://static.parastorage.com/services/cookie-consent-banner-for-uou/1.730.0//app.bundle.min.js

34.49.229.81

https://static.wixstatic.com/media/9fb53e_8dcfc3c797a44c8d9c13ea5ea1ecf0c1~mv2.png/v1/crop/x_14,y_4,w_410,h_92/fill/w_53,h_12,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/_edited.png

99.86.4.105

http://ocsp.sectigo.com0

unknown

https://www.firedaemon.com/download-firedaemon-pro(a

unknown

https://www.firedaemon.comFor

unknown

https://static.parastorage.com/unpkg/react-dom@18.3.1/umd/react-dom.production.min.js

34.49.229.81

https://www.firedaemon.com/download-firedaemon-protCookiesU

unknown

http://xml.fire

unknown

https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_miss&dc=42&microPop=fastly_42_g&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=1&ism=1&isp=0&isjp=false&iss=1&ita=1&msid=49d14df4-afe2-4e62-83bc-650176825a35&pn=1&sessionId=adeae0fd-d2b1-4196-944d-a38205e992a9&siterev=5065-__siteCacheRevision__&st=2&ts=638&tts=2181&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&v=1.14056.0&vsi=97642ca1-5898-43f4-8533-becae685cd66&_brandId=wix

3.85.180.19

https://github.com/moment/moment/blame/develop/src/lib/duration/create.js#L15

unknown

http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#

unknown

https://www.firedaemon.com/download-firedaemon-pro

http://xml.firedaemon.com/scheduling/v1portcolor

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/main.f384254e.bundle.min.js

34.49.229.81

http://xml.firedaemon.comMs

unknown

https://frog.wix.com/pa?_msid=49d14df4-afe2-4e62-83bc-650176825a35&vsi=97642ca1-5898-43f4-8533-becae685cd66&_av=thunderbolt-1.14056.0&isb=false&_brandId=wix&_siteBranchId=undefined&_ms=10225&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=38a15070-7fdd-4de0-aeac-5eb12a324034&_siteMemberId=undefined&bsi=0627d659-1bf8-4f4a-a708-e9783f65564e%7C1&src=76&evid=1109&pid=vi7pm&pn=1&viewer=TB&pt=static&pa=editor&pti=vi7pm&uuid=9fb53e45-004a-4b5e-9251-01139847ff5b&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&ref=&bot=false&bl=en-US&pl=en-US%2Cen&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17167688737561

3.85.180.19

https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js

34.49.229.81

http://xml.firedaemon.com/scheduling/v3?L

unknown

http://xml.firedaemon.com/scheduling/v3q=

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/group_4.8bb74093.chunk.min.js

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/group_9.857f66a1.chunk.min.js

34.49.229.81

https://www.firedaemon.com/pricing

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/animations.17323c3a.chunk.min.js

34.49.229.81

https://www.firedaemon.com0.dllom

unknown

https://frog.wix.com/bpm?_msid=49d14df4-afe2-4e62-83bc-650176825a35&vsi=97642ca1-5898-43f4-8533-becae685cd66&_av=thunderbolt-1.14056.0&isb=false&ts=10995&tsn=12538&dc=42&microPop=fastly_42_g&caching=hit%2Chit_miss&session_id=adeae0fd-d2b1-4196-944d-a38205e992a9&st=2&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&ish=false&pn=1&isFirstNavigation=true&pv=true&pageId=vi7pm&isServerSide=false&isSuccessfulSSR=true&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.14056.0&_brandId=wix&_siteBranchId=undefined&_ms=12538&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_mt_instance=05S2CUFXEgdB2hDG16mdRzmMuM8wZjgsF2JzF5HPeTI.eyJpbnN0YW5jZUlkIjoiNDlkMTRkZjQtYWZlMi00ZTYyLTgzYmMtNjUwMTc2ODI1YTM1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNDlkMTRkZjQtYWZlMi00ZTYyLTgzYmMtNjUwMTc2ODI1YTM1Iiwic2lnbkRhdGUiOiIyMDI0LTA1LTI3VDAwOjE0OjI2LjcyNloiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjM4YTE1MDcwLTdmZGQtNGRlMC1hZWFjLTVlYjEyYTMyNDAzNCIsInNpdGVPd25lcklkIjoiOWZiNTNlNDUtMDA0YS00YjVlLTkyNTEtMDExMzk4NDdmZjViIn0&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=17167688760562&tti=10144&tbt=11&iframes=0&screens=2&entryType=loaded&lcp=3323&lcpSize=152054&closestId=img_comp-lk1nm3jg&lcpTag=WOW-IMAGE&lcpResourceType=png&lcpInLightbox=false&countScripts=48&startTimeScripts=2168&durationScripts=8365&mttfbScripts=124&attfbScripts=125&cssResourcesScripts=&tbdScripts=1435829&countImages=4&startTimeImages=2970&durationImages=320&mttfbImages=552&attfbImages=562&cssResourcesImages=&tbdImages=87120&countFonts=2&startTimeFonts=2199&durationFonts=496&mttfbFonts=117&attfbFonts=117&cssResourcesFonts=&tbdFonts=170224&duration=6931&ttlb=2163&dcl=3822&transferSize=657316&decodedBodySize=657016&isSsr=true&isWelcome=false&bsi=0627d659-1bf8-4f4a-a708-e9783f65564e%7C1&ssrDuration=210&ssrTimestamp=1716763885129&isRollout=true&isPlatformLoaded=false&maybeBot=false&cls=75&countCls=1&clsOld=114&clsId=comp-l9l2563x1&clsTag=DIV&clientType=ugc&analytics=true&_isca=1&_iscf=1&_ispd=0&_ise=1

3.85.180.19

http://xml.firedaemon.comb

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.e52856fd.bundle.min.js

34.49.229.81

http://xml.firedaemon.com/scheduling/v3S

unknown

http://xml.firedaemon.comn

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.0d22f791.chunk.min.js

34.49.229.81

https://www.firedaemon.com/supportwww.firedaemon.com/pricinghttps://www.firedaemon.com/pricing

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/group_28.d2676dae.chunk.min.js

34.49.229.81

https://reactjs.org/docs/error-decoder.html?invariant=

unknown

https://static.parastorage.com/services/editor-elements/1.12119.0/rb_wixui.thunderbolt.manifest.min.json

34.49.229.81

https://static.parastorage.com/services/wix-thunderbolt/dist/windowScroll.bc5f1bd7.chunk.min.js

34.49.229.81

http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crlJW

unknown

https://www.firedaemon.com

unknown

https://static.wixstatic.com/media/9fb53e_d6b5d9866444497586eb218c6b0d5d76~mv2.png/v1/fill/w_969,h_685,al_c,q_90,usm_0.66_1.00_0.01,enc_auto/FireDaemon%20Pro%205%20Service%20Definition.png

99.86.4.105

http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl

unknown

http://ocsp.sectigo.comhttp://crl.sectigo.com/SectigoRSATimeStampingCA.crlNz

unknown

https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.0ad4b1bd.chunk.min.js

34.49.229.81

https://www.firedaemon.com/pricingay:Sat:Saturday

unknown

http://crl.sectigo.com/SectigoRSATimeStampingCA.crl

unknown

https://static.parastorage.com/services/editor-elements/1.12119.0/rb_wixui.corvid.manifest.min.json

34.49.229.81

https://www.firedaemon.com/supportCannot

unknown

https://www.firedaemon.com/_partials/wix-thunderbolt/dist/clientWorker.40b4c8e8.bundle.min.js

34.149.87.45

https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=1&is_sav_rollout=0&is_dac_rollout=0&dc=42&microPop=fastly_42_g&is_cached=true&msid=49d14df4-afe2-4e62-83bc-650176825a35&session_id=adeae0fd-d2b1-4196-944d-a38205e992a9&ish=false&isb=false&vsi=97642ca1-5898-43f4-8533-becae685cd66&caching=hit,hit_miss&pv=visible&pn=1&v=1.14056.0&url=https%3A%2F%2Fwww.firedaemon.com%2Fdownload-firedaemon-pro&st=2&ts=45&tsn=1588&name=partially_visible&duration=1716768865655&pageId=vi7pm&isSuccessfulSSR=true

3.85.180.19

https://www.firedaemon.com/_api/tag-manager/api/v1/tags/sites/49d14df4-afe2-4e62-83bc-650176825a35?wixSite=false&htmlsiteId=966392eb-b72e-4748-adc9-c5effa72ecbf&language=en&partytown=false

34.149.87.45

https://static.parastorage.com/services/wix-thunderbolt/dist/group_7.d83ad24e.chunk.min.js

34.49.229.81

https://www.firedaemon.com/contact-usWindowsTypeNT40DisplayWindows

unknown

https://www.firedaemon.com/user-guides/firedaemon-pro-5

unknown

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

browser.sentry-cdn.com

151.101.194.217

glb-editor.wix.com

34.149.206.255

d1cq301dpr7fww.cloudfront.net

99.86.4.105

td-static-34-49-229-81.parastorage.com

34.49.229.81

www.google.com

142.250.185.196

td-ccm-neg-87-45.wixdns.net

34.149.87.45

update.firedaemon.com

104.26.10.34

bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com

3.85.180.19

static.wixstatic.com

unknown

siteassets.parastorage.com

unknown

frog.wix.com

unknown

www.firedaemon.com

unknown

panorama.wixapps.net

unknown

static.parastorage.com

unknown

There are 4 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

3.85.180.19

bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com

United States

99.86.4.90

unknown

United States

34.49.229.81

td-static-34-49-229-81.parastorage.com

United States

99.86.4.105

d1cq301dpr7fww.cloudfront.net

United States

192.168.2.5

unknown

104.26.10.34

update.firedaemon.com

United States

239.255.255.250

unknown

Reserved

142.250.185.196

www.google.com

United States

151.101.194.217

browser.sentry-cdn.com

United States

34.149.87.45

td-ccm-neg-87-45.wixdns.net

United States

34.149.206.255

glb-editor.wix.com

United States

There are 1 hidden IPs, click here to show them.

Registry

Path

Value

Malicious

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\FireDaemon Technologies Limited-FireDaemon Pro-Service/Operational

OwningPublisher

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\FireDaemon Technologies Limited-FireDaemon Pro-Service/Operational

Enabled

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\FireDaemon Technologies Limited-FireDaemon Pro-Service/Operational

Isolation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\FireDaemon Technologies Limited-FireDaemon Pro-Service/Operational

ChannelAccess

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\FireDaemon Technologies Limited-FireDaemon Pro-Service/Operational

Type

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349

Blob

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349

Blob

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

Owner

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

SessionHash

HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000

Sequence

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Config.Msi\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts

C:\Config.Msi\5a2bce.rbs

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts

C:\Config.Msi\5a2bce.rbsLow

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E185A072E52C5A4CA989731C03BBCEB

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0D7226F572C1AA2499792FDCE581988C

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B770552B6606494CA77A37200751F54

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9F7CB7277A8F6E74AA42FF3F94FCA404

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\96CDBD6AB8E6C6D4C93A54EB8B7E55FA

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B75A40A4D8543D7409DB0CB4891594CB

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98E1380D67FFC6047971CD69945151E8

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98F3050AED4A3E143949E199329C2C2E

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\414631E0FAD637B4C92602B86464D521

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CAC6F215B8422646BD4802F6230BD04

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9274B104FFEE76A408F07F315E6BFFAE

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E765EBE088A0C5A4BB201C0F907FD02D

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AE16C9C83D973B4F817F122EE188B1A

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5C37ED3B76FEB44C9E50154E035ED64

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6083EA7DACAEC4847BC1A54010C76E4C

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11BB5F8ED6FFFFF4FADDD53478E312DD

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3252D87FECFAD3C448C30C8AD1AAA5B2

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F9803B226698DB46943B0E716F2138D

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86DB97595C8F4184F8CB7D1AD1B9CE74

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8BCDE8D6146C73D4BA892EA9AB04765F

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Program Files\FireDaemon Pro\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireDaemon Pro\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Program Files\Common Files\FireDaemon Pro\ServiceDefinitions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Program Files\Common Files\FireDaemon Pro\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\ProgramData\regid.2000-01.com.firedaemon\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\ProgramData\FireDaemon Pro\ServiceDefinitions\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\ProgramData\FireDaemon Pro\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Program Files\FireDaemon Pro\Skin\Graphics\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Program Files\FireDaemon Pro\Skin\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders

C:\Windows\Installer\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}\

HKEY_LOCAL_MACHINE\SOFTWARE\Caphyon\Advanced Installer\LZMA\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}\5.4.10

AI_ExePath

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

DisplayVersion

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

Contact

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

InstallLocation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

Comments

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

URLUpdateInfo

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

DisplayIcon

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

DisplayName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

EstimatedSize

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

HelpLink

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

HelpTelephone

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

ModifyPath

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

NoRemove

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

NoRepair

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

Publisher

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

Readme

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

URLInfoAbout

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

UninstallPath

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

UninstallString

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

VersionMajor

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FireDaemon Pro 5.4.10

VersionMinor

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

AffinityRadix

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

ConfirmControlAllActions

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

SplashOn

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

FilterServices

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

RefreshFreq

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

SummaryToolTipDelay

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

SuppressPopups

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Preferences

VersionCheck

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\FireDaemon Pro

CategoryCount

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\FireDaemon Pro

CategoryMessageFile

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\FireDaemon Pro

TypesSupported

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\FireDaemon Pro

EventMessageFile

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Services

AutostartsOffOnInstall

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Services

CloneNamePrefix

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Services

CloneNameSeparator

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\GlobalSettings\Services

UseCloneNameSeparator

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

TurnOffOnboardingCues

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

ServiceExe

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

TurnOffSession0Switch

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

HelpFile

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

TurnOffInSessionCommands

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

InitiallyConfigured

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

LastConfigured

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

InstallationDir

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

ProductFlavor

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

ProductName

HKEY_LOCAL_MACHINE\SOFTWARE\FireDaemon Technologies\FireDaemon Pro

ProductShortName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

LocalPackage

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

AuthorizedCDFPrefix

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Comments

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Contact

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

DisplayVersion

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

HelpLink

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

HelpTelephone

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

InstallDate

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

InstallLocation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

InstallSource

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

NoRemove

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

NoRepair

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Publisher

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Readme

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Size

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

EstimatedSize

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

SystemComponent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

URLInfoAbout

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

URLUpdateInfo

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

VersionMajor

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

VersionMinor

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

WindowsInstaller

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Version

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

Language

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

AuthorizedCDFPrefix

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Comments

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Contact

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

DisplayVersion

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

HelpLink

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

HelpTelephone

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

InstallDate

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

InstallLocation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

InstallSource

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

NoRemove

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

NoRepair

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Publisher

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Readme

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Size

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

EstimatedSize

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

SystemComponent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

URLInfoAbout

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

URLUpdateInfo

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

VersionMajor

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

VersionMinor

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

WindowsInstaller

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Version

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

Language

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\128713F89831CF146A040BE7E332BABE

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\InstallProperties

DisplayName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

DisplayName

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\0E41F6BC6C0C7B34D95A3C379C2D6771

FireDaemonPro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\Features

FireDaemonPro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\0E41F6BC6C0C7B34D95A3C379C2D6771

GlobalSettings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\Features

GlobalSettings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\Patches

AllPatches

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

ProductName

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

PackageCode

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

Language

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

Version

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

Assignment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

AdvertiseFlags

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

ProductIcon

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

InstanceType

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

AuthorizedLUAApp

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

DeploymentFlags

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\128713F89831CF146A040BE7E332BABE

0E41F6BC6C0C7B34D95A3C379C2D6771

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\SourceList

PackageName

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\SourceList\Net

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\SourceList\Media

DiskPrompt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\SourceList\Media

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771

Clients

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\0E41F6BC6C0C7B34D95A3C379C2D6771\SourceList

LastUsedSource

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings

StringCacheGeneration

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer

GlobalAssocChangedCounter

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings

JITDebug

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

NULL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

ResourceFileName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

MessageFileName

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}\ChannelReferences

Count

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}\ChannelReferences\0

NULL

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}\ChannelReferences\0

Flags

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

Enabled

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

EnableLevel

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

LoggerName

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

MatchAnyKeyword

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

MatchAllKeyword

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\EventLog-Application\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}

EnableProperty

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{145f0f18-a78f-56af-0f5b-4d60a93a34ba}\ChannelReferences

Count

HKEY_USERS.DEFAULT\Software\Caphyon\Advanced Installer\XML Config\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

C:\ProgramData\regid.2000-01.com.firedaemon\regid.2000-01.com.firedaemon_29758F0E-2FC0-46EF-A3D7-0CECCDC6FB35.swidtag

HKEY_USERS.DEFAULT\Software\Caphyon\Advanced Installer\XML Config\{CB6F14E0-C0C6-43B7-9DA5-C373C9D27617}

C:\Program Files\FireDaemon Pro\regid.2000-01.com.firedaemon_29758F0E-2FC0-46EF-A3D7-0CECCDC6FB35.swidtag

HKEY_USERS.DEFAULT\Software\Obsidium x64\{4498064F-515A180A-A7D546EE-2EB1D8EE}

Settings

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\System32\ci.dll,-100

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\System32\ci.dll,-101

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\system32\dnsapi.dll,-103

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\System32\fveui.dll,-843

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\System32\fveui.dll,-844

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\System32\wuaueng.dll,-400

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124

HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB

@%SystemRoot%\system32\NgcRecovery.dll,-100

HKEY_CURRENT_USER\SOFTWARE\Obsidium x64\{4498064F-515A180A-A7D546EE-2EB1D8EE}

Settings

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

SplashOn

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

VersionCheck

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

SuppressPopups

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

AffinityRadix

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

SummaryToolTipDelay

HKEY_CURRENT_USER\SOFTWARE\FireDaemon Technologies\FireDaemon Pro\BCGWorkspace\Preferences

ConfirmControlAllActions

There are 188 hidden registries, click here to show them.

Memdumps

Base Address

Regiontype

Protect

Malicious

23BF8F5E000

heap

page read and write

2F2D6520000

heap

page read and write

2514F86A000

heap

page read and write

2514EC1E000

heap

page read and write

23BFAF7C000

heap

page read and write

1D01D035000

heap

page read and write

2514F86A000

heap

page read and write

23BFB0EF000

heap

page read and write

23BFB367000

heap

page read and write

2514F85D000

heap

page read and write

1D01D037000

heap

page read and write

2514F86A000

heap

page read and write

23BFAFC0000

heap

page read and write

2514F830000

heap

page read and write

2514F86A000

heap

page read and write

CB1000

heap

page read and write

2514EC6D000

heap

page read and write

5199000

heap

page read and write

851B000

heap

page read and write

2514E836000

heap

page read and write

23BFAFC0000

heap

page read and write

9C40000

trusted library allocation

page read and write

7FF79E6CC000

unkown

page execute and write copy

7FF79E6EA000

unkown

page execute and write copy

2514F87C000

heap

page read and write

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

CCF000

heap

page read and write

1D01D030000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

23BFB382000

heap

page read and write

1D01CD00000

heap

page read and write

CB4000

heap

page read and write

2514F86A000

heap

page read and write

23BFB21A000

heap

page read and write

2514F86C000

heap

page read and write

2514F86C000

heap

page read and write

2514F86C000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F830000

heap

page read and write

BAF0000

heap

page read and write

2514F86A000

heap

page read and write

8740000

trusted library allocation

page read and write

2514E833000

heap

page read and write

2514F87C000

heap

page read and write

23BF8F73000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

1D01D03A000

heap

page read and write

23BF8F63000

heap

page read and write

2514E83A000

heap

page read and write

8B68EFF000

stack

page read and write

1D01D560000

heap

page read and write

2514E83A000

heap

page read and write

2514F86C000

heap

page read and write

7FF79E3F2000

unkown

page readonly

2514E1D3000

heap

page read and write

2514F830000

heap

page read and write

2514EB8A000

heap

page read and write

BCF0000

heap

page read and write

CD6000

heap

page read and write

7FF7ED490000

unkown

page execute and write copy

8DBE000

heap

page read and write

2514F86C000

heap

page read and write

23BFB195000

heap

page read and write

2514F86A000

heap

page read and write

23BFB35A000

heap

page read and write

2514F86A000

heap

page read and write

7FF79DCB0000

unkown

page readonly

7FF7ED2F6000

unkown

page execute and read and write

2514F86C000

heap

page read and write

2F2D6765000

heap

page read and write

2514E83A000

heap

page read and write

23BFB041000

heap

page read and write

7FF79E6CE000

unkown

page execute and write copy

23BFB06B000

heap

page read and write

2514F86E000

heap

page read and write

23BFAFB8000

heap

page read and write

2514F87C000

heap

page read and write

7FF79E6EC000

unkown

page execute and write copy

2514E83A000

heap

page read and write

2514F86E000

heap

page read and write

2514E83A000

heap

page read and write

2514E83A000

heap

page read and write

2514F86D000

heap

page read and write

23BFAFD9000

heap

page read and write

23BFAF96000

heap

page read and write

7FF79E6D2000

unkown

page execute and write copy

2514F867000

heap

page read and write

2514F87C000

heap

page read and write

7770000

trusted library allocation

page read and write

2514E834000

heap

page read and write

23BF8F73000

heap

page read and write

23BFB04C000

heap

page read and write

2F2D6470000

heap

page read and write

7FF8A7B59000

unkown

page execute and write copy

2514F830000

heap

page read and write

7FF7ED73B000

unkown

page readonly

2514F86D000

heap

page read and write

2514F86D000

heap

page read and write

2514F85D000

heap

page read and write

2514F86E000

heap

page read and write

7A8E000

stack

page read and write

BD70000

heap

page read and write

23BF8F7A000

heap

page read and write

2514E6F9000

heap

page read and write

8740000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

C5D000

heap

page read and write

2514F863000

heap

page read and write

2514E836000

heap

page read and write

23BFAFCD000

heap

page read and write

2514F86E000

heap

page read and write

A2CD7FE000

stack

page read and write

2514F85D000

heap

page read and write

23BFB10B000

heap

page read and write

23BFAFFF000

heap

page read and write

2514F86C000

heap

page read and write

23BFB16B000

heap

page read and write

23BFB364000

heap

page read and write

2514F866000

heap

page read and write

2514F860000

heap

page read and write

7FF8A7B58000

unkown

page execute and read and write

6C10000

trusted library allocation

page read and write

2514F863000

heap

page read and write

2514E83A000

heap

page read and write

8DAE000

heap

page read and write

2514F85C000

heap

page read and write

2514ED30000

heap

page read and write

1D01D585000

heap

page read and write

23BFAF4F000

heap

page read and write

9C40000

trusted library allocation

page read and write

75F1CB000

stack

page read and write

2514E835000

heap

page read and write

1D01D59D000

heap

page read and write

8558000

heap

page read and write

23BFB10E000

heap

page read and write

2514F86C000

heap

page read and write

2514E833000

heap

page read and write

2514F82C000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

6EB000

stack

page read and write

7FF8B8CCD000

unkown

page readonly

2514F86C000

heap

page read and write

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

BFE000

heap

page read and write

2514F872000

heap

page read and write

2514F866000

heap

page read and write

2514F82E000

heap

page read and write

23BFB1E5000

heap

page read and write

2514F862000

heap

page read and write

23BFAFFF000

heap

page read and write

2514F87C000

heap

page read and write

2514F860000

heap

page read and write

7FF79E6D2000

unkown

page execute and write copy

2514F85D000

heap

page read and write

7FF8A7B59000

unkown

page execute and write copy

23BFB140000

heap

page read and write

BDF0000

heap

page read and write

21335C30000

heap

page read and write

23BFB11A000

heap

page read and write

23BFB012000

heap

page read and write

7FF79E66A000

unkown

page execute and read and write

2514F86C000

heap

page read and write

105B000

unkown

page write copy

2514F85A000

heap

page read and write

851E000

heap

page read and write

2514F86A000

heap

page read and write

8B68CFE000

stack

page read and write

23BFB1EE000

heap

page read and write

2514F860000

heap

page read and write

FE618FD000

stack

page read and write

23BFB11A000

heap

page read and write

2514F862000

heap

page read and write

23BFB066000

heap

page read and write

23BFAF31000

heap

page read and write

23BFA9F4000

heap

page read and write

2514F86A000

heap

page read and write

7FF79E6C8000

unkown

page execute and write copy

2F2D64E0000

heap

page read and write

23BFB0C4000

heap

page read and write

23BFAFC0000

heap

page read and write

8DFF000

heap

page read and write

51BD000

heap

page read and write

2514F863000

heap

page read and write

B5F1000

heap

page read and write

23BFB061000

heap

page read and write

BA30000

heap

page read and write

7FF8A7AFB000

unkown

page readonly

1D01D037000

heap

page read and write

7EB000

stack

page read and write

9C40000

trusted library allocation

page read and write

2514F860000

heap

page read and write

2514F86A000

heap

page read and write

8559000

heap

page read and write

8E0A000

heap

page read and write

CA1000

heap

page read and write

2514F82C000

heap

page read and write

23BFB179000

heap

page read and write

2514E83A000

heap

page read and write

23BFB10E000

heap

page read and write

2514F86C000

heap

page read and write

23BFB16B000

heap

page read and write

2514E835000

heap

page read and write

C8C000

heap

page read and write

7FF7ED2F6000

unkown

page execute and write copy

23BF8E90000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFB338000

heap

page read and write

2514EB30000

heap

page read and write

A2CD4FE000

stack

page read and write

2514F85C000

heap

page read and write

FE619FE000

stack

page read and write

1D01D585000

heap

page read and write

23BFB161000

heap

page read and write

2514F5A7000

heap

page read and write

23BFB1EB000

heap

page read and write

2514F82D000

heap

page read and write

2514F87D000

heap

page read and write

23BFB38D000

heap

page read and write

2514E834000

heap

page read and write

2514F863000

heap

page read and write

CBD000

heap

page read and write

23BFAFC2000

heap

page read and write

2514F85C000

heap

page read and write

7FF79DCB1000

unkown

page execute read

8B689F4000

stack

page read and write

23BFAFCC000

heap

page read and write

C21000

heap

page read and write

8B68DFE000

stack

page read and write

514E000

heap

page read and write

2514F830000

heap

page read and write

8582000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F86D000

heap

page read and write

CAA000

heap

page read and write

BEF0000

heap

page read and write

2514F860000

heap

page read and write

2514F85B000

heap

page read and write

23BFB240000

heap

page read and write

2514F86C000

heap

page read and write

23BFB10B000

heap

page read and write

2514EC0E000

heap

page read and write

A2CD2FD000

stack

page read and write

23BFB0A2000

heap

page read and write

7FF7B9A90000

unkown

page readonly

7FF79E6EA000

unkown

page execute and write copy

2514F86C000

heap

page read and write

23BFB0EF000

heap

page read and write

2514E2F0000

heap

page read and write

2514F865000

heap

page read and write

2514F86A000

heap

page read and write

7FF7B9B0C000

unkown

page write copy

2514F85C000

heap

page read and write

7FF8A7B38000

unkown

page readonly

7FF79E6CA000

unkown

page execute and write copy

2514E74D000

heap

page read and write

2514F86A000

heap

page read and write

7FF8B8CC1000

unkown

page execute read

7FF79E6E2000

unkown

page execute and write copy

2514F86A000

heap

page read and write

8DC7000

heap

page read and write

2514F86A000

heap

page read and write

2514E83A000

heap

page read and write

8579000

heap

page read and write

23BFB190000

heap

page read and write

2514F830000

heap

page read and write

2514F860000

heap

page read and write

6C10000

trusted library allocation

page read and write

23BFB192000

heap

page read and write

8DA1000

heap

page read and write

2514F85C000

heap

page read and write

2514F85B000

heap

page read and write

2514E751000

heap

page read and write

2514F86A000

heap

page read and write

23BFB08E000

heap

page read and write

A2CD8FF000

stack

page read and write

23BF8F51000

heap

page read and write

2514C7D0000

heap

page read and write

23BFAFC0000

heap

page read and write

8DCF000

heap

page read and write

23BFB07F000

heap

page read and write

6C10000

trusted library allocation

page read and write

2514F86C000

heap

page read and write

7FF8B8CC0000

unkown

page readonly

2514F85C000

heap

page read and write

6B40000

heap

page read and write

2514F863000

heap

page read and write

2514F142000

heap

page read and write

2514F863000

heap

page read and write

8DB7000

heap

page read and write

23BFB190000

heap

page read and write

23BFAFD9000

heap

page read and write

2514F863000

heap

page read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

2514F860000

heap

page read and write

23BF8F43000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFB08A000

heap

page read and write

7D30000

trusted library allocation

page read and write

2514F863000

heap

page read and write

7FF79E62F000

unkown

page execute and write copy

2514F830000

heap

page read and write

2514F86C000

heap

page read and write

BD30000

heap

page read and write

7FF79E6C4000

unkown

page execute and write copy

852C000

heap

page read and write

7FF79E62D000

unkown

page execute and read and write

2514F86E000

heap

page read and write

2514EB84000

heap

page read and write

23BFB130000

heap

page read and write

2514E83A000

heap

page read and write

2514F86C000

heap

page read and write

23BFAFA7000

heap

page read and write

C6A000

heap

page read and write

23BFAF9A000

heap

page read and write

B6B0000

heap

page read and write

8DBE000

heap

page read and write

84E2000

heap

page read and write

23BFB22B000

heap

page read and write

2514F86A000

heap

page read and write

51A4000

heap

page read and write

1D01D57B000

heap

page read and write

23BFAF45000

heap

page read and write

2514E83A000

heap

page read and write

7FF8A7EDC000

unkown

page execute and read and write

7FF79E6CA000

unkown

page execute and write copy

2514F86C000

heap

page read and write

2514F867000

heap

page read and write

7FF8A7EDD000

unkown

page execute and write copy

23BFB393000

heap

page read and write

51A5000

heap

page read and write

2514F86C000

heap

page read and write

9A40000

direct allocation

page read and write

2514F87C000

heap

page read and write

2514F860000

heap

page read and write

2514E83A000

heap

page read and write

2514F863000

heap

page read and write

7FF79E69D000

unkown

page execute and write copy

23BFB0EF000

heap

page read and write

2514F87C000

heap

page read and write

2514F86A000

heap

page read and write

7FF7ED2A8000

unkown

page readonly

2514E832000

heap

page read and write

2514F867000

heap

page read and write

7FF79EB38000

unkown

page readonly

2514F86C000

heap

page read and write

2514F864000

heap

page read and write

1D01D57F000

heap

page read and write

2514F860000

heap

page read and write

8740000

trusted library allocation

page read and write

7FF7ED48C000

unkown

page execute and write copy

23BFB11E000

heap

page read and write

1D01CF30000

heap

page read and write

23BFAFB6000

heap

page read and write

2514F86A000

heap

page read and write

23BFB066000

heap

page read and write

2514F860000

heap

page read and write

23BFB06E000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFA8B0000

direct allocation

page execute and read and write

8DD6000

heap

page read and write

2514F85D000

heap

page read and write

CA4000

heap

page read and write

2514F85B000

heap

page read and write

2514F587000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFA970000

direct allocation

page read and write

23BFAF5E000

heap

page read and write

A8D0000

trusted library allocation

page read and write

51C0000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F86C000

heap

page read and write

2514F864000

heap

page read and write

7FF8A7B58000

unkown

page execute and read and write

2514E833000

heap

page read and write

84E2000

heap

page read and write

2514ECC6000

heap

page read and write

2514F863000

heap

page read and write

A60000

heap

page read and write

2514F86D000

heap

page read and write

2514F85C000

heap

page read and write

2514F85C000

heap

page read and write

A2CD3FD000

stack

page read and write

23BFAF9F000

heap

page read and write

23BFB0C4000

heap

page read and write

23BFB230000

heap

page read and write

2514E832000

heap

page read and write

7FF8B8067000

unkown

page execute and read and write

2514EBC4000

heap

page read and write

2514C82E000

heap

page read and write

2514F860000

heap

page read and write

2514F86A000

heap

page read and write

2514EA2A000

heap

page read and write

2514E836000

heap

page read and write

23BFB06C000

heap

page read and write

8578000

heap

page read and write

6B65000

heap

page read and write

7FF79E627000

unkown

page execute and read and write

2514F864000

heap

page read and write

C131000

heap

page read and write

2514F86A000

heap

page read and write

2514F86C000

heap

page read and write

23BFB0B8000

heap

page read and write

2514F5CF000

heap

page read and write

7FF8B7E01000

unkown

page execute read

23BFB192000

heap

page read and write

23BFB006000

heap

page read and write

2514F86D000

heap

page read and write

7FF79E6CA000

unkown

page execute and write copy

2514F592000

heap

page read and write

2514F86D000

heap

page read and write

2514F86A000

heap

page read and write

2514F87C000

heap

page read and write

7FF79E6EC000

unkown

page execute and write copy

8563000

heap

page read and write

D00000

unkown

page readonly

77AC000

stack

page read and write

2514E83A000

heap

page read and write

2514F86A000

heap

page read and write

1D01D0D5000

heap

page read and write

2514F87C000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F864000

heap

page read and write

7FF8A7A51000

unkown

page execute read

2514F59A000

heap

page read and write

7FF7B9B11000

unkown

page readonly

2514F5B3000

heap

page read and write

CBB000

heap

page read and write

23BF8F7E000

heap

page read and write

2514F86A000

heap

page read and write

23BF8F56000

heap

page read and write

23BFB11A000

heap

page read and write

2514E832000

heap

page read and write

2514F86A000

heap

page read and write

23BFB08A000

heap

page read and write

2514E832000

heap

page read and write

2514E2A0000

direct allocation

page execute and read and write

23BFB0F3000

heap

page read and write

23BFB194000

heap

page read and write

2514F85C000

heap

page read and write

2514F86A000

heap

page read and write

1D01CD7D000

heap

page read and write

23BFB09A000

heap

page read and write

2514F86A000

heap

page read and write

2514F85C000

heap

page read and write

23BFB730000

heap

page read and write

2514F86A000

heap

page read and write

2514F860000

heap

page read and write

2514F85B000

heap

page read and write

6C0B000

stack

page read and write

2514F86D000

heap

page read and write

1D01D584000

heap

page read and write

2514F86D000

heap

page read and write

CA4000

heap

page read and write

2514F86C000

heap

page read and write

2514F86A000

heap

page read and write

2514F86C000

heap

page read and write

8DB0000

heap

page read and write

6C10000

trusted library allocation

page read and write

727E000

stack

page read and write

2514F866000

heap

page read and write

7FF79DCB0000

unkown

page readonly

2514E660000

heap

page read and write

8740000

trusted library allocation

page read and write

23BF8EDC000

heap

page read and write

7FF79E6EA000

unkown

page execute and write copy

A2CD9FB000

stack

page read and write

8DA5000

heap

page read and write

2514E83A000

heap

page read and write

23BFB169000

heap

page read and write

2514F860000

heap

page read and write

2514F830000

heap

page read and write

2514F86D000

heap

page read and write

2514E6DC000

heap

page read and write

7FF7ED2F7000

unkown

page execute and write copy

2514E83A000

heap

page read and write

2514F866000

heap

page read and write

1D01D56F000

heap

page read and write

2514F860000

heap

page read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

2514F82C000

heap

page read and write

7FF79E6C4000

unkown

page execute and write copy

7FF79E6CC000

unkown

page execute and write copy

2514E83A000

heap

page read and write

2514F82D000

heap

page read and write

2514F866000

heap

page read and write

23BFAD60000

trusted library allocation

page read and write

23BFB382000

heap

page read and write

2514F85C000

heap

page read and write

2514F860000

heap

page read and write

7D30000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

23BFB08A000

heap

page read and write

2514F866000

heap

page read and write

2514F829000

heap

page read and write

2514F87C000

heap

page read and write

23BFB361000

heap

page read and write

2514F860000

heap

page read and write

7FF79EC60000

unkown

page readonly

2514F87C000

heap

page read and write

2514E834000

heap

page read and write

2514E706000

heap

page read and write

2514F86D000

heap

page read and write

23BFB162000

heap

page read and write

6C10000

trusted library allocation

page read and write

23BFAFD5000

heap

page read and write

2514F82F000

heap

page read and write

2514E832000

heap

page read and write

2514F866000

heap

page read and write

2514F5C7000

heap

page read and write

2514F87C000

heap

page read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

1D01D588000

heap

page read and write

2514E83A000

heap

page read and write

CC7000

heap

page read and write

2514E834000

heap

page read and write

23BFB10E000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFB390000

heap

page read and write

2514F86A000

heap

page read and write

2514F85C000

heap

page read and write

23BF8F3A000

heap

page read and write

2514F85C000

heap

page read and write

7FF79E6EE000

unkown

page execute and write copy

1D01D58F000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514E833000

heap

page read and write

2514E83A000

heap

page read and write

23BFA9F4000

heap

page read and write

2514F85C000

heap

page read and write

7FF7ED739000

unkown

page execute and read and write

23BFAF3D000

heap

page read and write

2514E835000

heap

page read and write

2514F86A000

heap

page read and write

2514F830000

heap

page read and write

23BFB184000

heap

page read and write

C0F2000

heap

page read and write

2514F830000

heap

page read and write

23BFAF3F000

heap

page read and write

25150B10000

trusted library allocation

page read and write

23BFAF47000

heap

page read and write

23BFB05C000

heap

page read and write

23BFB086000

heap

page read and write

2514F86C000

heap

page read and write

7D30000

trusted library allocation

page read and write

2514F86C000

heap

page read and write

2514F863000

heap

page read and write

CF98EFE000

stack

page read and write

7632000

heap

page read and write

23BFB000000

heap

page read and write

BA70000

heap

page read and write

2514C831000

heap

page read and write

9C40000

trusted library allocation

page read and write

9C40000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

2514F860000

heap

page read and write

2514F860000

heap

page read and write

23BFAFED000

heap

page read and write

7FF79EBFA000

unkown

page readonly

2514E83A000

heap

page read and write

23BF8F56000

heap

page read and write

2514F864000

heap

page read and write

2514F85C000

heap

page read and write

2514F830000

heap

page read and write

A8D0000

trusted library allocation

page read and write

2514F860000

heap

page read and write

2514F86A000

heap

page read and write

2514F86E000

heap

page read and write

23BFB179000

heap

page read and write

2514E836000

heap

page read and write

23BFAFFF000

heap

page read and write

7FF7ED200000

unkown

page readonly

7FF7ED734000

unkown

page execute and read and write

23BFAFF9000

heap

page read and write

1D01CCD0000

heap

page read and write

2514F860000

heap

page read and write

2514F863000

heap

page read and write

2514F85C000

heap

page read and write

2514E83A000

heap

page read and write

23BFB00C000

heap

page read and write

21337BC0000

heap

page read and write

23BFAF53000

heap

page read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

2514F85C000

heap

page read and write

6ACE000

stack

page read and write

23BF8F1A000

heap

page read and write

2514F866000

heap

page read and write

2514F86C000

heap

page read and write

2514F830000

heap

page read and write

84CE000

heap

page read and write

2514F863000

heap

page read and write

7FF8A7B59000

unkown

page execute and write copy

2514E83A000

heap

page read and write

23BFA950000

direct allocation

page read and write

2514C780000

heap

page read and write

2514F863000

heap

page read and write

23BFB09F000

heap

page read and write

8740000

trusted library allocation

page read and write

7FF8B8CD4000

unkown

page readonly

23BFAFF5000

heap

page read and write

2514F86D000

heap

page read and write

C65000

heap

page read and write

2514E83A000

heap

page read and write

1D01D571000

heap

page read and write

2514F86A000

heap

page read and write

2514E830000

heap

page read and write

2514F85C000

heap

page read and write

7FF8A7A50000

unkown

page readonly

2514F86A000

heap

page read and write

23BFAFB3000

heap

page read and write

7FF79E6E2000

unkown

page execute and write copy

2514E833000

heap

page read and write

23BF8F4E000

heap

page read and write

23BFAFCA000

heap

page read and write

2514F866000

heap

page read and write

2514EB54000

heap

page read and write

23BFB349000

heap

page read and write

2514F86A000

heap

page read and write

2514F85C000

heap

page read and write

1051000

unkown

page read and write

8DBE000

heap

page read and write

7FF79E6C6000

unkown

page execute and write copy

7D2E000

stack

page read and write

B770000

heap

page read and write

2514F87C000

heap

page read and write

2514F866000

heap

page read and write

2514F87D000

heap

page read and write

2514F86D000

heap

page read and write

2514E6D1000

heap

page read and write

2514E250000

trusted library allocation

page read and write

CF985B8000

stack

page read and write

7FF79E666000

unkown

page execute and read and write

2514E836000

heap

page read and write

7FF7ED3F6000

unkown

page execute and read and write

51DF000

stack

page read and write

7FF7B9B11000

unkown

page readonly

51C0000

heap

page read and write

2514F860000

heap

page read and write

2514F86A000

heap

page read and write

2514F862000

heap

page read and write

CA4000

heap

page read and write

2514E689000

heap

page read and write

23BFB009000

heap

page read and write

1D01D58A000

heap

page read and write

7FF8B802D000

unkown

page readonly

2514F86A000

heap

page read and write

9C40000

trusted library allocation

page read and write

7FF7B9A91000

unkown

page execute read

2514F863000

heap

page read and write

2514F86A000

heap

page read and write

23BFB194000

heap

page read and write

2514EAA5000

heap

page read and write

2514F86C000

heap

page read and write

7D80000

trusted library allocation

page read and write

2514E703000

heap

page read and write

23BFB126000

heap

page read and write

23BFB21A000

heap

page read and write

2514F860000

heap

page read and write

1D01CD68000

heap

page read and write

CE9000

heap

page read and write

CC4000

heap

page read and write

7FF79E6F0000

unkown

page execute and write copy

2514EC0B000

heap

page read and write

2514E83A000

heap

page read and write

2514F86C000

heap

page read and write

2514F860000

heap

page read and write

2514F86D000

heap

page read and write

2514F86A000

heap

page read and write

23BFB21C000

heap

page read and write

BFF1000

heap

page read and write

2514F86A000

heap

page read and write

CF992FC000

stack

page read and write

2514ECCD000

heap

page read and write

23BFB359000

heap

page read and write

2514F87D000

heap

page read and write

7FF8B7E51000

unkown

page readonly

1050000

unkown

page write copy

7FF79E667000

unkown

page execute and write copy

7FF79E6EC000

unkown

page execute and write copy

8DB0000

heap

page read and write

2514E810000

trusted library section

page readonly

2514F865000

heap

page read and write

23BFA960000

direct allocation

page execute and read and write

7FF79E6EE000

unkown

page execute and write copy

2514E83A000

heap

page read and write

2514EA30000

heap

page read and write

B9F1000

heap

page read and write

8DCF000

heap

page read and write

C8F000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514E836000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F867000

heap

page read and write

2514F86A000

heap

page read and write

2514F86D000

heap

page read and write

2514F86A000

heap

page read and write

2514F860000

heap

page read and write

A2CD6FD000

stack

page read and write

23BFAF20000

heap

page read and write

9C40000

trusted library allocation

page read and write

6D3F000

stack

page read and write

23BF8F65000

heap

page read and write

8DFF000

heap

page read and write

2514F863000

heap

page read and write

2514F85D000

heap

page read and write

2514F86E000

heap

page read and write

2514F86C000

heap

page read and write

23BFB370000

heap

page read and write

2514E83A000

heap

page read and write

7FF79E90D000

unkown

page execute and write copy

8DB0000

heap

page read and write

23BFB1D8000

heap

page read and write

1D01D03A000

heap

page read and write

2514E2D0000

direct allocation

page execute read

2514E836000

heap

page read and write

2514E74D000

heap

page read and write

CDF000

heap

page read and write

846A000

heap

page read and write

7FF79E6C2000

unkown

page execute and write copy

BCF1000

heap

page read and write

2514F86C000

heap

page read and write

7FF79EB12000

unkown

page execute and write copy

23BFB05E000

heap

page read and write

23BF9080000

heap

page read and write

2514F87C000

heap

page read and write

105C000

unkown

page readonly

6C10000

trusted library allocation

page read and write

1D01D579000

heap

page read and write

23BFB012000

heap

page read and write

CF993FF000

stack

page read and write

23BFB013000

heap

page read and write

2514E834000

heap

page read and write

8560000

heap

page read and write

7CCF000

stack

page read and write

23BFB16B000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514E834000

heap

page read and write

23BF8F4C000

heap

page read and write

2514EA7C000

heap

page read and write

C70000

heap

page read and write

8DCF000

heap

page read and write

21335C70000

heap

page read and write

23BFB11E000

heap

page read and write

CDC000

heap

page read and write

23BFAF4B000

heap

page read and write

7FF7ED48C000

unkown

page execute and write copy

23BFB02A000

heap

page read and write

BBF1000

heap

page read and write

23BFA9F3000

heap

page read and write

104E000

unkown

page write copy

2514F860000

heap

page read and write

7FF79E90D000

unkown

page execute and write copy

2514F85E000

heap

page read and write

2514F867000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFA990000

direct allocation

page execute read

2514F866000

heap

page read and write

2514E74D000

heap

page read and write

C40000

heap

page read and write

2514F860000

heap

page read and write

8DD8000

heap

page read and write

2514F86A000

heap

page read and write

23BF8ED0000

heap

page read and write

2514E83A000

heap

page read and write

2514F87C000

heap

page read and write

51B9000

heap

page read and write

23BF8F75000

heap

page read and write

23BFB09A000

heap

page read and write

7FF79E90D000

unkown

page execute and write copy

6AF0000

heap

page read and write

23BFB02A000

heap

page read and write

23BFA9F7000

heap

page read and write

2514E834000

heap

page read and write

23BFAF76000

heap

page read and write

856C000

heap

page read and write

23BFAF8C000

heap

page read and write

2514E834000

heap

page read and write

2514E835000

heap

page read and write

8740000

trusted library allocation

page read and write

8D9F000

heap

page read and write

2514F161000

heap

page read and write

23BFB0C4000

heap

page read and write

23BFB381000

heap

page read and write

7FF8B7FF0000

unkown

page readonly

7FF79E6D2000

unkown

page execute and write copy

2514ED1A000

heap

page read and write

2514F87C000

heap

page read and write

2514F86A000

heap

page read and write

2514EA22000

heap

page read and write

C5B000

heap

page read and write

8DB1000

heap

page read and write

23BFA9FA000

heap

page read and write

2514F86C000

heap

page read and write

7B8F000

stack

page read and write

BF70000

heap

page read and write

857C000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

73BF000

stack

page read and write

8740000

trusted library allocation

page read and write

2F2D64B0000

heap

page read and write

104E000

unkown

page write copy

2514F86D000

heap

page read and write

8441000

heap

page read and write

1D01D59D000

heap

page read and write

8DDD000

heap

page read and write

2514F86C000

heap

page read and write

105B000

unkown

page write copy

2514E6EF000

heap

page read and write

2514E702000

heap

page read and write

7FF79EC60000

unkown

page readonly

7FF79EBFA000

unkown

page readonly

8642000

heap

page read and write

2514F87C000

heap

page read and write

2514F86C000

heap

page read and write

8558000

heap

page read and write

2514F87C000

heap

page read and write

2514E751000

heap

page read and write

23BFAF6B000

heap

page read and write

8550000

heap

page read and write

2514F86D000

heap

page read and write

2514F85C000

heap

page read and write

2514EAFE000

heap

page read and write

2514F86C000

heap

page read and write

21335C20000

heap

page read and write

23BFB10E000

heap

page read and write

2514F86A000

heap

page read and write

23BFAF40000

heap

page read and write

23BFAF7E000

heap

page read and write

2514F85B000

heap

page read and write

23BFB364000

heap

page read and write

2514F86A000

heap

page read and write

23BF8F5B000

heap

page read and write

2514F86A000

heap

page read and write

C070000

heap

page read and write

23BFAF8C000

heap

page read and write

75F47F000

stack

page read and write

2514F84B000

heap

page read and write

2514F860000

heap

page read and write

2514F85B000

heap

page read and write

2514E70F000

heap

page read and write

CF990FB000

stack

page read and write

2514E832000

heap

page read and write

7FF8A7AFB000

unkown

page readonly

2514E833000

heap

page read and write

8565000

heap

page read and write

8DE7000

heap

page read and write

23BFA910000

trusted library allocation

page read and write

23BFB1E0000

heap

page read and write

2514F82C000

heap

page read and write

23BFB0C4000

heap

page read and write

C1F1000

heap

page read and write

C5D000

heap

page read and write

23BFB11A000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514E1F0000

direct allocation

page execute and read and write

23BF8F3A000

heap

page read and write

2514F830000

heap

page read and write

7FAC000

stack

page read and write

9D20000

trusted library allocation

page read and write

2514CA70000

heap

page read and write

C51000

heap

page read and write

6AE0000

heap

page read and write

23BF8F7E000

heap

page read and write

9C40000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

7FF79DCB0000

unkown

page readonly

2514F85C000

heap

page read and write

8441000

heap

page read and write

BF30000

heap

page read and write

2514F866000

heap

page read and write

C0F1000

heap

page read and write

2514F863000

heap

page read and write

9C40000

trusted library allocation

page read and write

C04000

heap

page read and write

51C2000

heap

page read and write

23BFB126000

heap

page read and write

CF98FFD000

stack

page read and write

8DE9000

heap

page read and write

7FF7B9A91000

unkown

page execute read

2514F86D000

heap

page read and write

23BFB054000

heap

page read and write

7FF79E6CC000

unkown

page execute and write copy

1D01D56C000

heap

page read and write

C89000

heap

page read and write

8DD0000

heap

page read and write

2514F87D000

heap

page read and write

23BFB190000

heap

page read and write

2514E74D000

heap

page read and write

2514E834000

heap

page read and write

7FF79E6F0000

unkown

page execute and write copy

2514F866000

heap

page read and write

23BFAFBC000

heap

page read and write

23BFB086000

heap

page read and write

23BFB1BA000

heap

page read and write

2514EA20000

heap

page read and write

1D01D03E000

heap

page read and write

2514F87C000

heap

page read and write

7FF7ED2A8000

unkown

page readonly

2514F863000

heap

page read and write

2514E836000

heap

page read and write

2514F85D000

heap

page read and write

2514F863000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F82C000

heap

page read and write

2514F5D9000

heap

page read and write

104E000

unkown

page read and write

23BF8F04000

heap

page read and write

C4C000

heap

page read and write

6C10000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

2514ECD4000

heap

page read and write

2514F863000

heap

page read and write

7FF79E6CE000

unkown

page execute and write copy

2514F824000

heap

page read and write

8DFF000

heap

page read and write

25150A70000

trusted library allocation

page read and write

2514F86D000

heap

page read and write

2514F85D000

heap

page read and write

23BFB194000

heap

page read and write

2514E83A000

heap

page read and write

CD9000

heap

page read and write

BE70000

heap

page read and write

7620000

trusted library allocation

page read and write

2514F5FD000

heap

page read and write

A140000

direct allocation

page read and write

2514F86C000

heap

page read and write

7FF8A7B58000

unkown

page execute and read and write

23BFAFC1000

heap

page read and write

23BF8F8E000

heap

page read and write

7DEC000

stack

page read and write

2514F86D000

heap

page read and write

C74000

heap

page read and write

2F2D6588000

heap

page read and write

23BFAF5B000

heap

page read and write

1D01D572000

heap

page read and write

7FF8B7FF1000

unkown

page execute read

2514F820000

heap

page read and write

2514F866000

heap

page read and write

2514E834000

heap

page read and write

7FF79E6CA000

unkown

page execute and write copy

23BFB086000

heap

page read and write

CE8000

heap

page read and write

2514F87C000

heap

page read and write

79EF000

stack

page read and write

23BFAFD9000

heap

page read and write

2514F59A000

heap

page read and write

23BFAF7C000

heap

page read and write

CAA000

heap

page read and write

7D90000

heap

page read and write

23BF8F56000

heap

page read and write

23BFAF83000

heap

page read and write

7FF79E6C6000

unkown

page execute and write copy

2514F863000

heap

page read and write

23BFB359000

heap

page read and write

2514F866000

heap

page read and write

2514E770000

trusted library allocation

page read and write

2514F592000

heap

page read and write

23BFA970000

direct allocation

page read and write

A910000

trusted library allocation

page read and write

2514E833000

heap

page read and write

7FF8B8041000

unkown

page readonly

23BFB10B000

heap

page read and write

2514F866000

heap

page read and write

A76000

heap

page read and write

23BFB192000

heap

page read and write

8DCF000

heap

page read and write

23BFB393000

heap

page read and write

1D01D032000

heap

page read and write

2514F87D000

heap

page read and write

2514F5ED000

heap

page read and write

B971000

heap

page read and write

23BFB066000

heap

page read and write

23BFB194000

heap

page read and write

C51000

heap

page read and write

7FF79E6F0000

unkown

page execute and write copy

2514F86D000

heap

page read and write

23BF8EDB000

heap

page read and write

7FF8B7E77000

unkown

page execute and read and write

23BFB1B7000

heap

page read and write

2514F86C000

heap

page read and write

2514E83A000

heap

page read and write

23BFAF60000

heap

page read and write

23BFA9FB000

heap

page read and write

23BFB10E000

heap

page read and write

7FF8A7EDC000

unkown

page execute and read and write

23BFAFD9000

heap

page read and write

2514E833000

heap

page read and write

23BFB08B000

heap

page read and write

A8D0000

trusted library allocation

page read and write

2514F86C000

heap

page read and write

23BFAFC0000

heap

page read and write

2514F863000

heap

page read and write

23BFAF6E000

heap

page read and write

2514F86A000

heap

page read and write

2514F82C000

heap

page read and write

23BFAFA3000

heap

page read and write

8DF0000

heap

page read and write

2514C670000

heap

page read and write

8577000

heap

page read and write

7FF79E6C8000

unkown

page execute and write copy

23BFB009000

heap

page read and write

21335E00000

heap

page read and write

51BD000

heap

page read and write

2514F864000

heap

page read and write

2514F85C000

heap

page read and write

2514E74B000

heap

page read and write

5154000

heap

page read and write

847F000

stack

page read and write

7FF79E6D0000

unkown

page execute and write copy

2514F860000

heap

page read and write

7FF79EB30000

unkown

page execute and read and write

2514F863000

heap

page read and write

2514E833000

heap

page read and write

5154000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFB393000

heap

page read and write

2514F863000

heap

page read and write

2514F860000

heap

page read and write

23BFB361000

heap

page read and write

2514F87C000

heap

page read and write

23BFAF53000

heap

page read and write

7FF7ED3F7000

unkown

page execute and write copy

21335C54000

heap

page read and write

23BFAF9F000

heap

page read and write

23BFB17B000

heap

page read and write

7FF79E69B000

unkown

page execute and read and write

8740000

trusted library allocation

page read and write

A8D0000

trusted library allocation

page read and write

7FF79E6C6000

unkown

page execute and write copy

23BF8F75000

heap

page read and write

2514F866000

heap

page read and write

23BFB179000

heap

page read and write

2514F86C000

heap

page read and write

2514F85E000

heap

page read and write

C6A000

heap

page read and write

2514EB2A000

heap

page read and write

2514F86A000

heap

page read and write

7FF79E627000

unkown

page execute and write copy

7FF79EC60000

unkown

page readonly

2514F860000

heap

page read and write

A8D0000

trusted library allocation

page read and write

21335F95000

heap

page read and write

23BFAFF5000

heap

page read and write

7FF7ED490000

unkown

page execute and write copy

2514E83A000

heap

page read and write

7FF79DCB1000

unkown

page execute read

23BFB11F000

heap

page read and write

2514F85A000

heap

page read and write

7FF8A7EE0000

unkown

page readonly

2514F86A000

heap

page read and write

23BF8F2C000

heap

page read and write

2514E73B000

heap

page read and write

2514E83A000

heap

page read and write

7FF79E6EC000

unkown

page execute and write copy

2514E83A000

heap

page read and write

777A000

heap

page read and write

7FF79E6EE000

unkown

page execute and write copy

C05000

heap

page read and write

7FF79E3F2000

unkown

page readonly

23BFB24C000

heap

page read and write

2514F569000

heap

page read and write

C172000

heap

page read and write

6C30000

heap

page read and write

2514F86A000

heap

page read and write

2514F87C000

heap

page read and write

2514F5C8000

heap

page read and write

9C40000

trusted library allocation

page read and write

C69000

heap

page read and write

23BF8F1A000

heap

page read and write

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

23BFAFF5000

heap

page read and write

23BFB366000

heap

page read and write

2514F85D000

heap

page read and write

2514F86A000

heap

page read and write

D01000

unkown

page execute read

23BFAFED000

heap

page read and write

2514F86C000

heap

page read and write

23BFAFFF000

heap

page read and write

2514F860000

heap

page read and write

2514F867000

heap

page read and write

2514E833000

heap

page read and write

2514F86A000

heap

page read and write

2514EA8C000

heap

page read and write

23BFB1F8000

heap

page read and write

2514E83A000

heap

page read and write

2F2D6575000

heap

page read and write

2514F86A000

heap

page read and write

23BFAF7E000

heap

page read and write

2514F86A000

heap

page read and write

2514E2B0000

direct allocation

page read and write

23BFB333000

heap

page read and write

2514E290000

direct allocation

page read and write

2514F863000

heap

page read and write

7FF79E66B000

unkown

page execute and write copy

9C40000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

2514F864000

heap

page read and write

23BFAFA5000

heap

page read and write

2514E832000

heap

page read and write

7FF8A7B38000

unkown

page readonly

2514F830000

heap

page read and write

23BFB364000

heap

page read and write

23BFB35C000

heap

page read and write

23BFB390000

heap

page read and write

7FF79E6F2000

unkown

page execute and write copy

23BFB0A7000

heap

page read and write

23BF8F37000

heap

page read and write

23BFB02E000

heap

page read and write

1D01D0D0000

heap

page read and write

1D01D594000

heap

page read and write

2514F87C000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFAFF8000

heap

page read and write

7FF7ED5D9000

unkown

page execute and write copy

23BFB223000

heap

page read and write

2514E83A000

heap

page read and write

FE617FD000

stack

page read and write

8D90000

heap

page read and write

7FF7B9A90000

unkown

page readonly

2514F86A000

heap

page read and write

2514F863000

heap

page read and write

A70000

heap

page read and write

C1F000

heap

page read and write

2514E751000

heap

page read and write

B870000

heap

page read and write

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

7FF79E62B000

unkown

page execute and write copy

1D01D57F000

heap

page read and write

2514F863000

heap

page read and write

23BF8F43000

heap

page read and write

B8E000

stack

page read and write

2514F860000

heap

page read and write

2514F85B000

heap

page read and write

23BFA9F5000

heap

page read and write

2514F85B000

heap

page read and write

2514E83A000

heap

page read and write

C7B000

heap

page read and write

2514F85C000

heap

page read and write

2514F86D000

heap

page read and write

23BFB0E5000

heap

page read and write

23BFB066000

heap

page read and write

2514F827000

heap

page read and write

2514F86C000

heap

page read and write

C5A000

heap

page read and write

2514F860000

heap

page read and write

1D01CCE0000

heap

page read and write

2514F7B0000

remote allocation

page read and write

2514E83A000

heap

page read and write

2514F86A000

heap

page read and write

23BFB0C4000

heap

page read and write

2514F86C000

heap

page read and write

5158000

heap

page read and write

7FF79E3F2000

unkown

page readonly

23BFA860000

heap

page read and write

2514F866000

heap

page read and write

2514C824000

heap

page read and write

2514F830000

heap

page read and write

2514E83A000

heap

page read and write

2514ECB6000

heap

page read and write

23BFAFC0000

heap

page read and write

7FF7B9AF2000

unkown

page readonly

23BFB192000

heap

page read and write

8DAB000

heap

page read and write

9ED0000

trusted library allocation

page read and write

2514F860000

heap

page read and write

23BFAF5E000

heap

page read and write

C81000

heap

page read and write

2514F86D000

heap

page read and write

23BFB395000

heap

page read and write

2514E834000

heap

page read and write

2514E83A000

heap

page read and write

23BFAFEA000

heap

page read and write

1D01D567000

heap

page read and write

8559000

heap

page read and write

2514F86A000

heap

page read and write

7FF7ED201000

unkown

page execute read

1D01D034000

heap

page read and write

2514F86E000

heap

page read and write

2514F863000

heap

page read and write

2514F5F2000

heap

page read and write

7FF7ED48E000

unkown

page execute and write copy

1D01D033000

heap

page read and write

23BFB231000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F85B000

heap

page read and write

2514E83A000

heap

page read and write

2514E83A000

heap

page read and write

23BFAFF2000

heap

page read and write

2514EC18000

heap

page read and write

2514F860000

heap

page read and write

A900000

trusted library allocation

page read and write

23BF8F59000

heap

page read and write

9F50000

trusted library allocation

page read and write

857F000

heap

page read and write

2514E6B0000

heap

page read and write

C5B000

heap

page read and write

2514F866000

heap

page read and write

8E00000

heap

page read and write

23BF8F7D000

heap

page read and write

8DBE000

heap

page read and write

2514ED66000

heap

page read and write

2514F872000

heap

page read and write

5157000

heap

page read and write

2514F863000

heap

page read and write

C071000

heap

page read and write

2514F86D000

heap

page read and write

2514F87D000

heap

page read and write

23BF8F73000

heap

page read and write

2514E832000

heap

page read and write

2514F82C000

heap

page read and write

2514F86D000

heap

page read and write

2514F872000

heap

page read and write

D01000

unkown

page execute read

2514F86C000

heap

page read and write

2514F830000

heap

page read and write

23BF8F7D000

heap

page read and write

105C000

unkown

page readonly

2F2D64E3000

heap

page read and write

23BFB38D000

heap

page read and write

2514F5ED000

heap

page read and write

7F6F000

stack

page read and write

2514E834000

heap

page read and write

1D01D581000

heap

page read and write

2514F87C000

heap

page read and write

23BF8F37000

heap

page read and write

23BFAF87000

heap

page read and write

2514E834000

heap

page read and write

2514F860000

heap

page read and write

2514F867000

heap

page read and write

7FF79DCB0000

unkown

page readonly

2514F5D9000

heap

page read and write

7FF79E3F2000

unkown

page readonly

2514F82C000

heap

page read and write

2514F86C000

heap

page read and write

2514F865000

heap

page read and write

84C1000

heap

page read and write

7FF79E6F0000

unkown

page execute and write copy

2514F830000

heap

page read and write

2514F85C000

heap

page read and write

7FF8A7EE0000

unkown

page readonly

1D01D59D000

heap

page read and write

2514F85C000

heap

page read and write

BFF0000

heap

page read and write

2514F86D000

heap

page read and write

2514F87C000

heap

page read and write

23BFB11E000

heap

page read and write

BDF1000

heap

page read and write

2514E835000

heap

page read and write

23BFB02A000

heap

page read and write

23BFB393000

heap

page read and write

7FF8A7A50000

unkown

page readonly

23BFAF7D000

heap

page read and write

2514F87C000

heap

page read and write

2514F860000

heap

page read and write

2514C7EF000

heap

page read and write

78AE000

stack

page read and write

D00000

unkown

page readonly

7D30000

trusted library allocation

page read and write

23BFB1F7000

heap

page read and write

2514E833000

heap

page read and write

7FF7ED316000

unkown

page execute and read and write

23BFB390000

heap

page read and write

9C40000

trusted library allocation

page read and write

8550000

heap

page read and write

23BFB09A000

heap

page read and write

7FF79E672000

unkown

page execute and read and write

23BFB192000

heap

page read and write

7D60000

trusted library allocation

page read and write

9C56000

heap

page read and write

2514E832000

heap

page read and write

2514F86A000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFB086000

heap

page read and write

23BFAF62000

heap

page read and write

23BFAF41000

heap

page read and write

2514F86A000

heap

page read and write

8DC8000

heap

page read and write

2514EB0B000

heap

page read and write

23BFAD60000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

23BFAF7C000

heap

page read and write

2514F86A000

heap

page read and write

8DBE000

heap

page read and write

9C40000

trusted library allocation

page read and write

21335C38000

heap

page read and write

23BFB00D000

heap

page read and write

23BFAFF5000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFB126000

heap

page read and write

2514E834000

heap

page read and write

51C1000

heap

page read and write

2514E835000

heap

page read and write

2514F87C000

heap

page read and write

2514F85C000

heap

page read and write

2514F863000

heap

page read and write

2514F86C000

heap

page read and write

23BFAF9B000

heap

page read and write

2514F86A000

heap

page read and write

2514F87D000

heap

page read and write

2514E83A000

heap

page read and write

23BF8F66000

heap

page read and write

2514F866000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

2514F82C000

heap

page read and write

2514F86A000

heap

page read and write

2514F5A7000

heap

page read and write

2514F87D000

heap

page read and write

2514E770000

heap

page read and write

7FF8B7E3D000

unkown

page readonly

D00000

unkown

page readonly

2514F866000

heap

page read and write

BF0000

heap

page read and write

2514F86A000

heap

page read and write

23BFB06E000

heap

page read and write

CA4000

heap

page read and write

2514F86C000

heap

page read and write

2514EB66000

heap

page read and write

23BFB02E000

heap

page read and write

7FF79E6EE000

unkown

page execute and write copy

9C40000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

23BF8F85000

heap

page read and write

C5F000

heap

page read and write

23BFAFFF000

heap

page read and write

7FF79E6C2000

unkown

page execute and write copy

23BFB02E000

heap

page read and write

23BFA9FE000

heap

page read and write

2514F863000

heap

page read and write

2514F86A000

heap

page read and write

2514F85D000

heap

page read and write

7620000

trusted library allocation

page read and write

8DD2000

heap

page read and write

7FF7ED73B000

unkown

page readonly

51C4000

heap

page read and write

7FF8A7A51000

unkown

page execute read

2514F85B000

heap

page read and write

1D01D03B000

heap

page read and write

23BFAFA1000

heap

page read and write

7FF79E6A4000

unkown

page execute and read and write

7FF79E6C6000

unkown

page execute and write copy

2514F85D000

heap

page read and write

23BFAFA5000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514EA9F000

heap

page read and write

7FF79E6D0000

unkown

page execute and write copy

2514F5C7000

heap

page read and write

23BFAF5D000

heap

page read and write

CA9000

heap

page read and write

2514E83A000

heap

page read and write

23BFB11A000

heap

page read and write

7FF79EB38000

unkown

page readonly

23BFAF89000

heap

page read and write

7FF7ED34E000

unkown

page execute and write copy

2514F860000

heap

page read and write

2F2D6760000

heap

page read and write

8DAD000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F5A7000

heap

page read and write

2514ECCF000

heap

page read and write

23BFB11E000

heap

page read and write

8DBE000

heap

page read and write

857C000

heap

page read and write

2514F87D000

heap

page read and write

2514F863000

heap

page read and write

2514F86A000

heap

page read and write

84CC000

heap

page read and write

2514F864000

heap

page read and write

2514F85B000

heap

page read and write

1D01D569000

heap

page read and write

2514F85C000

heap

page read and write

2514F86A000

heap

page read and write

23BFA9F0000

heap

page read and write

2514E751000

heap

page read and write

2514E83A000

heap

page read and write

7FF7ED34D000

unkown

page execute and read and write

2514F872000

heap

page read and write

2514F867000

heap

page read and write

2514E83A000

heap

page read and write

2514F863000

heap

page read and write

2514F85B000

heap

page read and write

8740000

trusted library allocation

page read and write

A8D0000

trusted library allocation

page read and write

2514E770000

trusted library allocation

page read and write

2514F863000

heap

page read and write

2514F864000

heap

page read and write

23BFAF67000

heap

page read and write

7FF8A7EDD000

unkown

page execute and write copy

2514E2B0000

direct allocation

page read and write

8740000

trusted library allocation

page read and write

2514CA75000

heap

page read and write

7FF8A7B38000

unkown

page readonly

23BFB393000

heap

page read and write

C6A000

heap

page read and write

D01000

unkown

page execute read

2514E833000

heap

page read and write

23BFAF77000

heap

page read and write

7FF8A7A50000

unkown

page readonly

7FF79E6EA000

unkown

page execute and write copy

2514E834000

heap

page read and write

23BFB11E000

heap

page read and write

8740000

trusted library allocation

page read and write

2514E6F9000

heap

page read and write

2514E832000

heap

page read and write

7FF79EBFA000

unkown

page readonly

84C4000

heap

page read and write

7FF7ED735000

unkown

page execute and write copy

2514F863000

heap

page read and write

2514F85C000

heap

page read and write

2514F86D000

heap

page read and write

1D01D03A000

heap

page read and write

7FF79E6C2000

unkown

page execute and write copy

2514F86A000

heap

page read and write

8DE0000

heap

page read and write

23BFAFBD000

heap

page read and write

2514F85C000

heap

page read and write

2514F85B000

heap

page read and write

A50000

heap

page read and write

8740000

trusted library allocation

page read and write

23BFB049000

heap

page read and write

2514F86D000

heap

page read and write

23BF8F5F000

heap

page read and write

2514F86A000

heap

page read and write

A1F0000

trusted library allocation

page read and write

23BFAFC0000

heap

page read and write

2514E834000

heap

page read and write

2514F86A000

heap

page read and write

F9A000

unkown

page readonly

21335F90000

heap

page read and write

23BFB105000

heap

page read and write

23BFB1BA000

heap

page read and write

7D70000

heap

page read and write

2514F86C000

heap

page read and write

2514E83A000

heap

page read and write

23BFB101000

heap

page read and write

23BFB046000

heap

page read and write

2514F85B000

heap

page read and write

8DB0000

heap

page read and write

2514F86A000

heap

page read and write

21335CCA000

heap

page read and write

2514F867000

heap

page read and write

52DF000

stack

page read and write

2514F860000

heap

page read and write

8DFF000

heap

page read and write

2514F87C000

heap

page read and write

7FF8A7EE0000

unkown

page readonly

7FF7B9B0C000

unkown

page read and write

2514F86A000

heap

page read and write

2514F860000

heap

page read and write

7FF79E6E2000

unkown

page execute and write copy

2514F82C000

heap

page read and write

6B60000

heap

page read and write

23BFB22B000

heap

page read and write

23BFA9FA000

heap

page read and write

2514F85C000

heap

page read and write

7FF79DCB1000

unkown

page execute read

1D01D59D000

heap

page read and write

23BFB390000

heap

page read and write

7D80000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

7FF8A7A51000

unkown

page execute read

23BFAF8C000

heap

page read and write

2514F86A000

heap

page read and write

2514F86C000

heap

page read and write

7FF79E6F2000

unkown

page execute and write copy

2514F82C000

heap

page read and write

23BFB330000

heap

page read and write

2514E250000

direct allocation

page execute and read and write

7FF79E62B000

unkown

page execute and write copy

23BFB21A000

heap

page read and write

2514F860000

heap

page read and write

23BFA9F7000

heap

page read and write

23BF8F3A000

heap

page read and write

2514F563000

heap

page read and write

7FF79E6F2000

unkown

page execute and write copy

2514E832000

heap

page read and write

2514C7D9000

heap

page read and write

CE3000

heap

page read and write

23BFAF3C000

heap

page read and write

2514E832000

heap

page read and write

23BFA8D6000

direct allocation

page execute and read and write

2514E833000

heap

page read and write

BAF1000

heap

page read and write

23BFAF49000

heap

page read and write

2514F82C000

heap

page read and write

23BFAD60000

trusted library allocation

page read and write

9D60000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

2514F82E000

heap

page read and write

2514F85F000

heap

page read and write

2514F87C000

heap

page read and write

2514F86C000

heap

page read and write

23BFB017000

heap

page read and write

2514C8AE000

heap

page read and write

C57000

heap

page read and write

7FF79EB11000

unkown

page execute and read and write

2514F5D9000

heap

page read and write

7FF79E6C4000

unkown

page execute and write copy

2F2D8100000

heap

page read and write

7D30000

trusted library allocation

page read and write

2514F862000

heap

page read and write

2514E83A000

heap

page read and write

23BFB0C4000

heap

page read and write

8DB1000

heap

page read and write

2514EC79000

heap

page read and write

2514E83A000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F866000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

2514F87C000

heap

page read and write

2514F86A000

heap

page read and write

8740000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

23BFB0A1000

heap

page read and write

2514F85C000

heap

page read and write

7FF79E6F2000

unkown

page execute and write copy

2514E6C3000

heap

page read and write

7FF7B9AF2000

unkown

page readonly

2514F86A000

heap

page read and write

23BFB10B000

heap

page read and write

7FF79E6E2000

unkown

page execute and write copy

2514F867000

heap

page read and write

2514E834000

heap

page read and write

7FF8A7EDD000

unkown

page execute and write copy

2514E1D0000

heap

page read and write

2514ED92000

heap

page read and write

C030000

heap

page read and write

51DB000

heap

page read and write

F9A000

unkown

page readonly

2514F86E000

heap

page read and write

2514E83A000

heap

page read and write

2514F863000

heap

page read and write

CAA000

heap

page read and write

2514F86A000

heap

page read and write

2F2D653A000

heap

page read and write

2514F86D000

heap

page read and write

C66000

heap

page read and write

23BFB33B000

heap

page read and write

8740000

trusted library allocation

page read and write

2514E834000

heap

page read and write

1D01D58E000

heap

page read and write

7FF79E6CE000

unkown

page execute and write copy

7FF8A7AFB000

unkown

page readonly

23BFB169000

heap

page read and write

2514F86A000

heap

page read and write

23BFB05E000

heap

page read and write

23BFAF51000

heap

page read and write

2514F87C000

heap

page read and write

23BFAF53000

heap

page read and write

2514E832000

heap

page read and write

FE616FC000

stack

page read and write

7FF8B7E00000

unkown

page readonly

8DAB000

heap

page read and write

23BFB11E000

heap

page read and write

7FF79E6C8000

unkown

page execute and write copy

23BFB12E000

heap

page read and write

23BFB22B000

heap

page read and write

23BF8F49000

heap

page read and write

2514E833000

heap

page read and write

CCE000

heap

page read and write

23BFB08A000

heap

page read and write

23BFAFD6000

heap

page read and write

7FF79EB27000

unkown

page execute and read and write

850F000

heap

page read and write

84DE000

heap

page read and write

2514F86A000

heap

page read and write

23BFAF49000

heap

page read and write

23BFB18E000

heap

page read and write

2514F82C000

heap

page read and write

2514F830000

heap

page read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

C58000

heap

page read and write

8DB1000

heap

page read and write

2514F86E000

heap

page read and write

2514E734000

heap

page read and write

2514F86A000

heap

page read and write

C59000

heap

page read and write

2514E835000

heap

page read and write

2514F86A000

heap

page read and write

23BFAFA1000

heap

page read and write

23BFB006000

heap

page read and write

7FF79EBFA000

unkown

page readonly

2514F863000

heap

page read and write

2514F86A000

heap

page read and write

23BFB359000

heap

page read and write

7FF79E723000

unkown

page execute and write copy

2514F86D000

heap

page read and write

23BFB241000

heap

page read and write

7FF79EB38000

unkown

page readonly

23BFB116000

heap

page read and write

2514C8AE000

heap

page read and write

23BFB39E000

heap

page read and write

2514ECC9000

heap

page read and write

2514F86D000

heap

page read and write

7FF79DCB1000

unkown

page execute read

B8F0000

heap

page read and write

7FF79E627000

unkown

page execute and read and write

23BFAFC0000

heap

page read and write

1D01D574000

heap

page read and write

7FF79E6D0000

unkown

page execute and write copy

CC2000

heap

page read and write

23BFB359000

heap

page read and write

2514E834000

heap

page read and write

9C40000

trusted library allocation

page read and write

8740000

trusted library allocation

page read and write

2514F866000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F860000

heap

page read and write

6BB0000

heap

page read and write

23BF8EAB000

heap

page read and write

105B000

unkown

page readonly

2514E836000

heap

page read and write

2514E702000

heap

page read and write

2514E770000

trusted library allocation

page read and write

7BCE000

stack

page read and write

9C40000

trusted library allocation

page read and write

2514F86D000

heap

page read and write

9A40000

direct allocation

page read and write

23BFB115000

heap

page read and write

7FF79E90D000

unkown

page execute and write copy

7FF7ED48A000

unkown

page execute and write copy

2514F86C000

heap

page read and write

CAA000

heap

page read and write

23BFAF7E000

heap

page read and write

2514E834000

heap

page read and write

2514F86A000

heap

page read and write

2514E833000

heap

page read and write

7FF8A7EDC000

unkown

page execute and read and write

23BFAF44000

heap

page read and write

2514E83A000

heap

page read and write

23BFAA15000

heap

page read and write

515E000

heap

page read and write

2514F865000

heap

page read and write

8740000

trusted library allocation

page read and write

75F4FF000

stack

page read and write

2514F86A000

heap

page read and write

8DC0000

heap

page read and write

2514F86A000

heap

page read and write

C9A000

heap

page read and write

7FF79E722000

unkown

page execute and read and write

2514F82D000

heap

page read and write

23BFB11A000

heap

page read and write

23BFB194000

heap

page read and write

23BF8F32000

heap

page read and write

2514C8B6000

heap

page read and write

7D30000

trusted library allocation

page read and write

23BFB1EE000

heap

page read and write

2514F86A000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

23BFB17A000

heap

page read and write

2514F86C000

heap

page read and write

9D60000

trusted library allocation

page read and write

2514F866000

heap

page read and write

2514ED59000

heap

page read and write

23BFB066000

heap

page read and write

23BFB10B000

heap

page read and write

2514F865000

heap

page read and write

2514E83A000

heap

page read and write

2514C86C000

heap

page read and write

2514F866000

heap

page read and write

2514E832000

heap

page read and write

BEF1000

heap

page read and write

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

8B68FFE000

stack

page read and write

25150920000

heap

page read and write

2514F82F000

heap

page read and write

2514E83A000

heap

page read and write

C16000

heap

page read and write

2514F85C000

heap

page read and write

2514F86A000

heap

page read and write

23BFB366000

heap

page read and write

23BFAFA5000

heap

page read and write

2514F864000

heap

page read and write

2514F86C000

heap

page read and write

6AE3000

heap

page read and write

7FF79E6D0000

unkown

page execute and write copy

2514F86D000

heap

page read and write

23BF8F84000

heap

page read and write

7FF79EB12000

unkown

page execute and write copy

23BFB35C000

heap

page read and write

9C40000

trusted library allocation

page read and write

856D000

heap

page read and write

CF98AFE000

stack

page read and write

7FF79EB2C000

unkown

page execute and read and write

2514F82C000

heap

page read and write

2514F87D000

heap

page read and write

6C10000

trusted library allocation

page read and write

2514F550000

heap

page read and write

23BFB042000

heap

page read and write

CD3000

heap

page read and write

2514F86A000

heap

page read and write

23BF8F43000

heap

page read and write

CA4000

heap

page read and write

1D01D584000

heap

page read and write

84E6000

heap

page read and write

2514F86D000

heap

page read and write

2514F85B000

heap

page read and write

2514F864000

heap

page read and write

7FF79EB11000

unkown

page execute and read and write

2514E83A000

heap

page read and write

2514F860000

heap

page read and write

2514F86A000

heap

page read and write

2514C888000

heap

page read and write

BBF0000

heap

page read and write

2514F5CF000

heap

page read and write

7FF79E6D2000

unkown

page execute and write copy

2514C750000

heap

page read and write

2514F865000

heap

page read and write

2F2D6583000

heap

page read and write

23BFB031000

heap

page read and write

7FF79E780000

unkown

page execute and write copy

C9A000

heap

page read and write

BB30000

heap

page read and write

2514F82C000

heap

page read and write

2514E832000

heap

page read and write

7FF8B7E4B000

unkown

page read and write

7FF8A7EDE000

unkown

page execute and read and write

2514E832000

heap

page read and write

2514E834000

heap

page read and write

2514E83A000

heap

page read and write

2514E833000

heap

page read and write

2514E832000

heap

page read and write

2514E832000

heap

page read and write

2514F85D000

heap

page read and write

2514E836000

heap

page read and write

84E5000

heap

page read and write

2514F86E000

heap

page read and write

2514F865000

heap

page read and write

23BFB008000

heap

page read and write

2514F860000

heap

page read and write

2514F86C000

heap

page read and write

2514F85C000

heap

page read and write

2514F85D000

heap

page read and write

23BFB361000

heap

page read and write

2514F86A000

heap

page read and write

2514F57C000

heap

page read and write

7FF79EB38000

unkown

page readonly

7FF79E6CC000

unkown

page execute and write copy

23BFB1D4000

heap

page read and write

2514F864000

heap

page read and write

7FF7ED318000

unkown

page execute and write copy

23BFB0A2000

heap

page read and write

7FF79E673000

unkown

page execute and write copy

84C6000

heap

page read and write

2514F86C000

heap

page read and write

23BFB1C3000

heap

page read and write

7FF79EC60000

unkown

page readonly

2514E834000

heap

page read and write

7787000

heap

page read and write

9C40000

trusted library allocation

page read and write

C7D000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F85B000

heap

page read and write

2514F86C000

heap

page read and write

7FF7ED48A000

unkown

page execute and write copy

23BFB192000

heap

page read and write

23BF8F3B000

heap

page read and write

5198000

heap

page read and write

23BFAFED000

heap

page read and write

23BFAF57000

heap

page read and write

2514F872000

heap

page read and write

23BFB38D000

heap

page read and write

2514C861000

heap

page read and write

2514F86A000

heap

page read and write

2514E832000

heap

page read and write

2514E83A000

heap

page read and write

7FF79E6C4000

unkown

page execute and write copy

8740000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514F87C000

heap

page read and write

7FF8A7EDE000

unkown

page execute and read and write

8577000

heap

page read and write

1D01D57A000

heap

page read and write

23BFB1EE000

heap

page read and write

C69000

heap

page read and write

7FF79E6C8000

unkown

page execute and write copy

2514F5ED000

heap

page read and write

2514E834000

heap

page read and write

72BC000

stack

page read and write

2514F400000

heap

page read and write

23BFAF34000

heap

page read and write

B7F0000

heap

page read and write

23BFB11A000

heap

page read and write

23BFB1B6000

heap

page read and write

1D01D03E000

heap

page read and write

2514F830000

heap

page read and write

2514EAB3000

heap

page read and write

7FF79E77E000

unkown

page execute and read and write

9C40000

trusted library allocation

page read and write

2514E6EF000

heap

page read and write

8541000

heap

page read and write

2514F82A000

heap

page read and write

23BFB35E000

heap

page read and write

23BFB11E000

heap

page read and write

9C40000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

23BFA910000

trusted library allocation

page read and write

7FF79E6C2000

unkown

page execute and write copy

7620000

trusted library allocation

page read and write

23BFA9FA000

heap

page read and write

23BFAF97000

heap

page read and write

C16000

heap

page read and write

2514F86D000

heap

page read and write

2514E834000

heap

page read and write

23BF8F66000

heap

page read and write

A910000

trusted library allocation

page read and write

23BFB390000

heap

page read and write

23BFB378000

heap

page read and write

2514F872000

heap

page read and write

7FF8B8CD3000

unkown

page read and write

2514F86D000

heap

page read and write

2514E832000

heap

page read and write

2514F86A000

heap

page read and write

23BFA9F2000

heap

page read and write

2514F7B0000

remote allocation

page read and write

2514F863000

heap

page read and write

5198000

heap

page read and write

23BFB012000

heap

page read and write

23BFB0C4000

heap

page read and write

8D9A000

heap

page read and write

23BF8F56000

heap

page read and write

2514F86C000

heap

page read and write

82B0000

direct allocation

page read and write

23BFAFA5000

heap

page read and write

2514F85C000

heap

page read and write

A2CDAFF000

stack

page read and write

2514F130000

heap

page read and write

C63000

heap

page read and write

2514E216000

direct allocation

page execute and read and write

23BF8F89000

heap

page read and write

2514F860000

heap

page read and write

23BFB0FC000

heap

page read and write

7FF79E6CE000

unkown

page execute and write copy

21335E30000

heap

page read and write

2514F87C000

heap

page read and write

2514F86D000

heap

page read and write

2514EC61000

heap

page read and write

73E0000

heap

page read and write

23BFB38D000

heap

page read and write

CA4000

heap

page read and write

23BFB054000

heap

page read and write

7FF7ED48E000

unkown

page execute and write copy

7FF7ED5D6000

unkown

page execute and read and write

CF98CFD000

stack

page read and write

2514F86A000

heap

page read and write

7FF7ED200000

unkown

page readonly

23BFB05E000

heap

page read and write

23BF8F89000

heap

page read and write

2514F86A000

heap

page read and write

2514F86C000

heap

page read and write

2514E833000

heap

page read and write

2514F86A000

heap

page read and write

23BFB126000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BFB341000

heap

page read and write

23BFAF94000

heap

page read and write

2514E832000

heap

page read and write

23BF8F54000

heap

page read and write

CAD000

heap

page read and write

2514F82C000

heap

page read and write

2514F863000

heap

page read and write

BE30000

heap

page read and write

23BFB194000

heap

page read and write

1D01D57C000

heap

page read and write

2514F866000

heap

page read and write

BCD000

stack

page read and write

2514F7B0000

remote allocation

page read and write

2514C888000

heap

page read and write

CAA000

heap

page read and write

2514F86D000

heap

page read and write

25150950000

trusted library allocation

page read and write

CA0000

heap

page read and write

2514F86A000

heap

page read and write

2514F87C000

heap

page read and write

8DB1000

heap

page read and write

2F2D6480000

heap

page read and write

2514E836000

heap

page read and write

5158000

heap

page read and write

2514F863000

heap

page read and write

23BFB12A000

heap

page read and write

2514F863000

heap

page read and write

23BFA910000

direct allocation

page execute and read and write

2514F863000

heap

page read and write

2514F85D000

heap

page read and write

23BFB08A000

heap

page read and write

2514F86A000

heap

page read and write

23BF8F84000

heap

page read and write

23BF8F3B000

heap

page read and write

BB70000

heap

page read and write

2514F866000

heap

page read and write

2514F85B000

heap

page read and write

2514F85D000

heap

page read and write

2514E83A000

heap

page read and write

9C40000

trusted library allocation

page read and write

23BF8F56000

heap

page read and write

2514F86D000

heap

page read and write

2514F86A000

heap

page read and write

CC6000

heap

page read and write

2514F86A000

heap

page read and write

2514F86C000

heap

page read and write

2514E835000

heap

page read and write

23BFB105000

heap

page read and write

23BFA9C0000

heap

page read and write

2514F86A000

heap

page read and write

2F2D6527000

heap

page read and write

78EB000

stack

page read and write

23BFAF30000

heap

page read and write

1D01CD60000

heap

page read and write

2514F86A000

heap

page read and write

23BFAFB4000

heap

page read and write

8504000

heap

page read and write

F9A000

unkown

page readonly

2514F86A000

heap

page read and write

2514F86A000

heap

page read and write

6C10000

trusted library allocation

page read and write

1D01D594000

heap

page read and write

2514F86A000

heap

page read and write

BC70000

heap

page read and write

2514F87C000

heap

page read and write

8740000

trusted library allocation

page read and write

2514E83A000

heap

page read and write

2514F866000

heap

page read and write

23BFB030000

heap

page read and write

23BFB394000

heap

page read and write

23BFB02A000

heap

page read and write

2514F863000

heap

page read and write

7FF8B803B000

unkown

page read and write

2514E834000

heap

page read and write

2514F860000

heap

page read and write

2514E83A000

heap

page read and write

80AE000

stack

page read and write

7FF7ED201000

unkown

page execute read

2514F5F1000

heap

page read and write

2514F86A000

heap

page read and write

C0B1000

heap

page read and write

2514E6C9000

heap

page read and write

2514F86A000

heap

page read and write

23BFB02A000

heap

page read and write

2514F86A000

heap

page read and write

23BFB341000

heap

page read and write

23BF8F3E000

heap

page read and write

2514F86E000

heap

page read and write

23BF8F3F000

heap

page read and write

8740000

trusted library allocation

page read and write

2514F86A000

heap

page read and write

23BFB0B7000

heap

page read and write

2514F87C000

heap

page read and write

23BFB1D4000

heap

page read and write

2F2D657F000

heap

page read and write

2514F86C000

heap

page read and write

2514F86D000

heap

page read and write

2514E834000

heap

page read and write

2514EAF5000

heap

page read and write

2514F86D000

heap

page read and write

84D6000

heap

page read and write

2514E83A000

heap

page read and write

2514F86C000

heap

page read and write

2514E833000

heap

page read and write

2514E250000

trusted library allocation

page read and write

23BFAF58000

heap

page read and write

23BFAFA1000

heap

page read and write

2514E83A000

heap

page read and write

2514F866000

heap

page read and write

23BFAA10000

heap

page read and write

2514F57C000

heap

page read and write

2514F86A000

heap

page read and write

2514F866000

heap

page read and write

23BFB1E8000

heap

page read and write

7FF79E6A5000

unkown

page execute and write copy

2514F860000

heap

page read and write

23BFB38D000

heap

page read and write

8740000

trusted library allocation

page read and write

8480000

heap

page read and write

23BFB22B000

heap

page read and write

2514F87C000

heap

page read and write

23BFB221000

heap

page read and write

2514F830000

heap

page read and write

9ED0000

trusted library allocation

page read and write

2514F159000

heap

page read and write

23BFAF42000

heap

page read and write

23BFB101000

heap

page read and write

2514F86A000

heap

page read and write

23BF8FA0000

heap

page read and write

7FF79E627000

unkown

page execute and write copy

23BFAFBA000

heap

page read and write

2514F85C000

heap

page read and write

2514C86C000

heap

page read and write

21335C90000

heap

page read and write

23BFB10E000

heap

page read and write

BC30000

heap

page read and write

23BFB366000

heap

page read and write

2514F863000

heap

page read and write

7FF8A7EDE000

unkown

page execute and read and write

23BFB046000

heap

page read and write

23BFB190000

heap

page read and write

23BFAF48000

heap

page read and write

There are 2002 hidden memdumps, click here to show them.

DOM / HTML

URL

Malicious

https://www.firedaemon.com/download-firedaemon-pro

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
FireDaemon-Pro-x64-5.4.10.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportFireDaemon-Pro-x64-5.4.10.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

DOM / HTML

IOC Report
FireDaemon-Pro-x64-5.4.10.exe