Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
esofttools-mboxconverter.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files\eSoftTools MBOX Converter\eSoftToolsMBOXConverter.exe (copy)
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
 |
|
|
C:\Program Files\eSoftTools MBOX Converter\is-OSA5Q.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\eSoftTools MBOX Converter\Aspose.Email.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Aspose.Email.xml (copy)
|
XML 1.0 document, ASCII text, with very long lines (388), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\ICSharpCode.SharpZipLib.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Interop.Domino.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Exchange.WebServices.Auth.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Exchange.WebServices.Auth.xml (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Exchange.WebServices.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Exchange.WebServices.xml (copy)
|
XML 1.0 document, ASCII text, with very long lines (376), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Identity.Client.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.Identity.Client.xml (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.IdentityModel.Abstractions.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\Microsoft.IdentityModel.Abstractions.xml (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\TreeksLicensingLibrary2.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\eSoftToolsMBOXConverter.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-07D2F.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-4ONU0.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-6FAG1.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-6JRSS.tmp
|
XML 1.0 document, ASCII text, with very long lines (376), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-D8MLS.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-DCGLG.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-FGMMU.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-FOP6O.tmp
|
XML 1.0 document, ASCII text, with very long lines (388), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-JBIUE.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-JOP52.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-N0BN2.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-OOJJ0.tmp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-QU4OK.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-T81CV.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\is-UMD5V.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\unins000.dat
|
InnoSetup Log 64-bit eSoftTools MBOX Converter {6D9BB583-74BB-43D5-A564-B6872F7BAF09}, version 0x418, 24809 bytes, 888683\37\user\37,
C:\Program Files\eSoftTools MBOX Converter
|
dropped
|
||
|
C:\Program Files\eSoftTools MBOX Converter\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSoftTools MBOX Converter\Contact Us.url
|
MS Windows 95 Internet shortcut text (URL=<mailto:support@esofttools.com>), ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSoftTools MBOX Converter\Uninstall eSoftTools MBOX Converter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed Oct 30 20:49:35 2024, mtime=Wed Oct 30 20:49:35 2024, atime=Wed Oct 30 20:49:05 2024, length=3250287, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSoftTools MBOX Converter\Visit Website.url
|
MS Windows 95 Internet shortcut text (URL=<https://www.esofttools.com>), ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSoftTools MBOX Converter\eSoftTools MBOX Converter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed Oct 30 20:49:35 2024, mtime=Wed Oct 30 20:49:35 2024, atime=Fri Dec 15 15:23:46 2023, length=1793000, window=hide
|
dropped
|
||
|
C:\Users\Public\Desktop\eSoftTools MBOX Converter.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Wed Oct 30 20:49:35 2024, mtime=Wed Oct 30 20:49:37 2024, atime=Fri Dec 15 15:23:46 2023, length=1793000, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\mboxconverterbuynow[1].htm
|
HTML document, ASCII text
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\is-26527.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-26527.tmp\isxdl.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-97JDV.tmp\esofttools-mboxconverter.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 20:49:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 20:49:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 20:49:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 20:49:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 30 20:49:41 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 133
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (18219), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 135
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
ASCII text, with very long lines (20364), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 137
|
ASCII text, with very long lines (2306), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (32014)
|
dropped
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (42641)
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
ASCII text, with very long lines (10466), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (32014)
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (8941)
|
dropped
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (8941)
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (18219), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with very long lines (65472)
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
Unicode text, UTF-8 text, with very long lines (65458)
|
downloaded
|
||
|
Chrome Cache Entry: 149
|
Unicode text, UTF-8 text, with very long lines (65464)
|
dropped
|
||
|
Chrome Cache Entry: 150
|
Web Open Font Format (Version 2), TrueType, length 50372, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 152
|
ASCII text, with CRLF, LF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 153
|
ASCII text, with very long lines (40884)
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
ASCII text, with very long lines (535), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 155
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 156
|
Web Open Font Format (Version 2), TrueType, length 19172, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 157
|
ASCII text, with very long lines (2565)
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
Web Open Font Format (Version 2), TrueType, length 19272, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 159
|
ASCII text, with very long lines (24766)
|
downloaded
|
||
|
Chrome Cache Entry: 160
|
ASCII text, with very long lines (906), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 161
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 162
|
ASCII text, with very long lines (2343)
|
dropped
|
||
|
Chrome Cache Entry: 163
|
Web Open Font Format (Version 2), TrueType, length 61336, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 164
|
ASCII text, with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 165
|
ASCII text, with very long lines (20364), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 166
|
ASCII text, with CRLF, LF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 167
|
ASCII text, with very long lines (2565)
|
dropped
|
||
|
Chrome Cache Entry: 168
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 169
|
Web Open Font Format (Version 2), TrueType, length 18988, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 170
|
HTML document, Unicode text, UTF-8 text, with very long lines (1840)
|
downloaded
|
||
|
Chrome Cache Entry: 171
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 172
|
ASCII text, with very long lines (65324)
|
downloaded
|
||
|
Chrome Cache Entry: 173
|
ASCII text, with very long lines (4910), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 174
|
ASCII text, with very long lines (535), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 175
|
ASCII text, with very long lines (65464)
|
dropped
|
||
|
Chrome Cache Entry: 176
|
Unicode text, UTF-8 text, with very long lines (65458)
|
dropped
|
||
|
Chrome Cache Entry: 177
|
ASCII text, with very long lines (906), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
SVG Scalable Vector Graphics image
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
PNG image data, 124 x 77, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 182
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 183
|
ASCII text, with very long lines (65472)
|
dropped
|
||
|
Chrome Cache Entry: 184
|
Web Open Font Format (Version 2), TrueType, length 74524, version 330.15859
|
downloaded
|
||
|
Chrome Cache Entry: 185
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 186
|
ASCII text, with very long lines (2306), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 187
|
ASCII text, with very long lines (10466), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 188
|
Unicode text, UTF-8 text, with very long lines (65464)
|
downloaded
|
||
|
Chrome Cache Entry: 189
|
MS Windows icon resource - 15 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 190
|
ASCII text, with very long lines (10436), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 191
|
PNG image data, 124 x 77, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 192
|
ASCII text, with very long lines (4910), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 193
|
ASCII text, with very long lines (65464)
|
downloaded
|
||
|
Chrome Cache Entry: 194
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 195
|
MS Windows icon resource - 15 icons, 256x256, 16 colors with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced,
4 bits/pixel, 48x48, 16 colors, 4 bits/pixel
|
downloaded
|
There are 102 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\is-97JDV.tmp\esofttools-mboxconverter.tmp
|
"C:\Users\user\AppData\Local\Temp\is-97JDV.tmp\esofttools-mboxconverter.tmp" /SL5="$2041A,7226093,892928,C:\Users\user\Desktop\esofttools-mboxconverter.exe"
|
|
|
|
C:\Program Files\eSoftTools MBOX Converter\eSoftToolsMBOXConverter.exe
|
"C:\Program Files\eSoftTools MBOX Converter\eSoftToolsMBOXConverter.exe" /RestartIfNeededByRun=no
|
|
|
|
C:\Users\user\Desktop\esofttools-mboxconverter.exe
|
"C:\Users\user\Desktop\esofttools-mboxconverter.exe"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.esofttools.com/installsuccess/index.html?productname=MBOX
Converter
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1936,i,1675130224303259962,15566098447364500159,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.buynow.esofttools.com/mbox-converter-purchase.html
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlt
|
unknown
|
||
|
https://www.esofttools.com/mbox-viewer.html
|
unknown
|
||
|
https://aka.ms/msal-net-register-app)
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlw
|
unknown
|
||
|
https://www.esofttools.comDhttps://www.esofttools.com/howto/convert-mbox-mbs-msf-sbd-files.html
|
unknown
|
||
|
https://www.esofttools.com/image-to-pdf-converter.html
|
unknown
|
||
|
https://www.esofttools.com/pdf-portfolio-extractor-remover.html
|
unknown
|
||
|
https://aka.ms/msal-net-authenticationresult
|
unknown
|
||
|
https://www.esofttools.com/blog/
|
unknown
|
||
|
https://www.esofttools.com/eml-duplicate-remover.html
|
unknown
|
||
|
https://aka.ms/msal-net-sni
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.html~
|
unknown
|
||
|
https://login.microsoftonline.us
|
unknown
|
||
|
https://www.esofttools.com/nsf-to-eml.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/http
|
unknown
|
||
|
https://aka.ms/msal-net-trueMAM
|
unknown
|
||
|
https://login.microsoftonline.com/organizations/
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://www.esofttools.com/msg-converter-software.html
|
unknown
|
||
|
https://aka.ms/msal-net-up
|
unknown
|
||
|
https://aka.ms/msal-net-on-behalf-of).
|
unknown
|
||
|
https://aka.ms/msal-net-claim-challenge.
|
unknown
|
||
|
https://github.com/JamesNK/Newtonsoft.Json/issues/652
|
unknown
|
||
|
https://sso2urn:ietf:wg:oauth:2.0:oobxhttps://login.microsoftonline.com/common/oauth2/nativeclient
|
unknown
|
||
|
https://www.esofttools.com/ost-to-nsf/
|
unknown
|
||
|
https://www.esofttools.comFhttps://www.esofttools.com/support/
|
unknown
|
||
|
https://www.esofttools.com/msg-to-imap-migrator.html
|
unknown
|
||
|
https://www.esofttools.com/office365-to-yahoomail-migration-tool.html
|
unknown
|
||
|
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/pull/2046/files)
|
unknown
|
||
|
https://amp.dev/documentation/components/amp-timeago/?format=email
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.html5
|
unknown
|
||
|
https://aka.ms/msal-net-3x-cache-breaking-change).
|
unknown
|
||
|
https://www.esofttools.com/word-password-recovery.html
|
unknown
|
||
|
https://login.microsoftonline.com/common/oauth2/nativeclientb
|
unknown
|
||
|
https://www.esofttools.com/access-to-excel-conversion.html
|
unknown
|
||
|
https://www.nuget.org/packages/Microsoft.Identity.Client/
|
unknown
|
||
|
https://www.esofttools.com/ost-to-zimbra/
|
unknown
|
||
|
https://aka.ms/msal-net/application-configuration
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlJ
|
unknown
|
||
|
https://www.esofttools.com/mbox-compress-tool.html
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlE
|
unknown
|
||
|
https://www.esofttools.com/assets4/webfonts/fa-brands-400.woff2
|
192.250.231.3
|
||
|
https://www.esofttools.com/eml-to-msg-converter.html
|
unknown
|
||
|
https://outlook.office.com/EWS.AccessAsUser.AllvProvided
|
unknown
|
||
|
https://www.esofttools.com/imap-to-imap-migration-tool.html
|
unknown
|
||
|
https://www.esofttools.com/access-password-recovery.html
|
unknown
|
||
|
https://aka.ms/msal-net-application-configuration.
|
unknown
|
||
|
https://tools.ietf.org/html/rfc4959
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlaaC:
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlUb
|
unknown
|
||
|
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-signed-http-request-03#section-3
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlT
|
unknown
|
||
|
https://embed.tawk.to/_s/v4/app/67183cd0c15/css/max-widget.css
|
104.22.44.142
|
||
|
https://www.esofttools.com/blog/how-to-enable-imap-settings-on-gmail/Ahttps://www.esofttools.com/blo
|
unknown
|
||
|
https://www.esofttools.com/imap-to-office365-migration-tool.html
|
unknown
|
||
|
https://aka.ms/msal-net-app-cache-serialization
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlM
|
unknown
|
||
|
https://www.esofttools.com/nsf-viewer.html
|
unknown
|
||
|
https://management.azure.net/.default
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlN
|
unknown
|
||
|
https://github.com/AzureAD/microsoft-authentication-library-common-for-android/blob/dev/common/src/m
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmlj
|
unknown
|
||
|
http://www.contoso.com/
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.htmla
|
unknown
|
||
|
https://www.buynow.esofttools.com/osttopstconverter-purchase.html
|
unknown
|
||
|
https://www.esofttools.com/company/copyright.html
|
unknown
|
||
|
https://plus.google.com/109003424848299083380
|
unknown
|
||
|
https://aka.ms/msal-net-4x-cache-breaking-change
|
unknown
|
||
|
https://login.microsoftonline.com/common/oauth2/nativeclient3urn:ietf:wg:oauth:2.0:oob
|
unknown
|
||
|
https://tools.ietf.org/html/rfc7636)
|
unknown
|
||
|
https://aka.ms/msal-net-invalid-client
|
unknown
|
||
|
https://www.esofttools.com/exchange-server-database-recovery.html
|
unknown
|
||
|
https://www.esofttools.com/gmail-to-office365-migrator.html
|
unknown
|
||
|
https://aka.ms/msal-net-client-credentials.
|
unknown
|
||
|
https://www.esofttools.com/assets4/font4/montserrat-v14-latin-regular.woff2
|
192.250.231.3
|
||
|
https://aka.ms/msal-net-up.
|
unknown
|
||
|
https://www.esofttools.com/thunderbird-to-outlook-converter.html
|
unknown
|
||
|
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
|
unknown
|
||
|
https://tools.ietf.org/html/rfc4731
|
unknown
|
||
|
https://tools.ietf.org/html/rfc4978
|
unknown
|
||
|
https://aka.ms/msal-net-claim-challenge
|
unknown
|
||
|
https://www.buynow.esofttools.com/mbox-converter-purchase.html02748O
|
unknown
|
||
|
https://aka.ms/msal-net-client-credentials)
|
unknown
|
||
|
https://aka.ms/msal-net-iwa
|
unknown
|
||
|
https://aka.ms/adal_token_cache_serialization.
|
unknown
|
||
|
https://aka.ms/msal-net-UiRequiredException
|
unknown
|
||
|
https://aka.ms/msal-net-register-app
|
unknown
|
||
|
https://login.microsoftonline.com
|
unknown
|
||
|
https://www.esofttools.com/fileusedsoftware/mboxconverterbuynow.html
|
192.250.231.3
|
||
|
https://va.tawk.to/v1/session/start
|
172.67.15.14
|
||
|
https://aka.ms/msal-net-throttling
|
unknown
|
||
|
https://www.esofttools.com/eml-to-imap-migrator.html
|
unknown
|
||
|
http://docs.oasis-open.org/ws-sx/ws-trust/200512
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
unknown
|
||
|
http://www.sodipodi.com/
|
unknown
|
||
|
https://aka.ms/msal-net-acquire-token-interactively
|
unknown
|
||
|
https://aka.ms/msal-net-4x-cache-breaking-changeZ
|
unknown
|
||
|
https://www.esofttools.com/excel-password-recovery.html
|
unknown
|
||
|
https://aka.ms/msal-net-enable-keychain-groups
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
embed.tawk.to
|
104.22.44.142
|
||
|
va.tawk.to
|
172.67.15.14
|
||
|
jsdelivr.map.fastly.net
|
151.101.129.229
|
||
|
vsa53.tawk.to
|
172.67.15.14
|
||
|
vsa81.tawk.to
|
104.22.45.142
|
||
|
esofttools.com
|
192.250.231.3
|
||
|
www.google.com
|
142.250.185.100
|
||
|
analytics.google.com
|
142.250.184.238
|
||
|
td.doubleclick.net
|
172.217.16.194
|
||
|
vsa96.tawk.to
|
172.67.15.14
|
||
|
vsa63.tawk.to
|
104.22.44.142
|
||
|
stats.g.doubleclick.net
|
142.250.110.155
|
||
|
cdn.jsdelivr.net
|
unknown
|
||
|
www.esofttools.com
|
unknown
|
||
|
use.fontawesome.com
|
unknown
|
There are 5 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.15.14
|
va.tawk.to
|
United States
|
||
|
151.101.129.229
|
jsdelivr.map.fastly.net
|
United States
|
||
|
104.22.45.142
|
vsa81.tawk.to
|
United States
|
||
|
142.250.185.100
|
www.google.com
|
United States
|
||
|
192.250.231.3
|
esofttools.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
142.250.110.155
|
stats.g.doubleclick.net
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.22.44.142
|
embed.tawk.to
|
United States
|
||
|
142.250.184.238
|
analytics.google.com
|
United States
|
||
|
172.217.16.194
|
td.doubleclick.net
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: App Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: User
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: Selected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: Deselected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Inno Setup: Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
DisplayIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
MajorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
MinorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6D9BB583-74BB-43D5-A564-B6872F7BAF09}_is1
|
EstimatedSize
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A8F0000
|
trusted library allocation
|
page read and write
|
||
|
113DA000
|
trusted library allocation
|
page read and write
|
||
|
14CE2000
|
heap
|
page read and write
|
||
|
2973000
|
trusted library allocation
|
page read and write
|
||
|
113B0000
|
trusted library allocation
|
page read and write
|
||
|
ABF000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
DA59000
|
heap
|
page read and write
|
||
|
C60A000
|
heap
|
page read and write
|
||
|
1163E000
|
stack
|
page read and write
|
||
|
2530000
|
direct allocation
|
page read and write
|
||
|
C669000
|
heap
|
page read and write
|
||
|
3892000
|
direct allocation
|
page read and write
|
||
|
50C0000
|
direct allocation
|
page read and write
|
||
|
AA1000
|
direct allocation
|
page read and write
|
||
|
DB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2849000
|
heap
|
page read and write
|
||
|
B350000
|
trusted library allocation
|
page read and write
|
||
|
AAAE000
|
stack
|
page read and write
|
||
|
1178E000
|
stack
|
page read and write
|
||
|
B8A0000
|
trusted library allocation
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
2610000
|
direct allocation
|
page read and write
|
||
|
88E000
|
stack
|
page read and write
|
||
|
D52000
|
trusted library allocation
|
page read and write
|
||
|
2609000
|
direct allocation
|
page read and write
|
||
|
2625000
|
direct allocation
|
page read and write
|
||
|
AED000
|
heap
|
page read and write
|
||
|
1136C000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
D6FE000
|
heap
|
page read and write
|
||
|
ADC000
|
direct allocation
|
page read and write
|
||
|
43D3000
|
trusted library allocation
|
page read and write
|
||
|
D932000
|
heap
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB2000
|
trusted library allocation
|
page read and write
|
||
|
5101000
|
direct allocation
|
page read and write
|
||
|
1136E000
|
trusted library allocation
|
page read and write
|
||
|
D969000
|
heap
|
page read and write
|
||
|
A07000
|
direct allocation
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
BA10000
|
trusted library allocation
|
page read and write
|
||
|
F8E4000
|
trusted library allocation
|
page read and write
|
||
|
2684000
|
direct allocation
|
page read and write
|
||
|
2999000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
trusted library allocation
|
page read and write
|
||
|
25D0000
|
direct allocation
|
page read and write
|
||
|
C657000
|
heap
|
page read and write
|
||
|
A711000
|
trusted library allocation
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
C47E000
|
unkown
|
page readonly
|
||
|
AC75000
|
trusted library allocation
|
page read and write
|
||
|
4EF7000
|
trusted library allocation
|
page read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
A6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
D9F1000
|
heap
|
page read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
A63000
|
trusted library allocation
|
page execute and read and write
|
||
|
E51E000
|
stack
|
page read and write
|
||
|
3C0000
|
unkown
|
page execute and read and write
|
||
|
ACD000
|
direct allocation
|
page read and write
|
||
|
11166000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
DA00000
|
heap
|
page read and write
|
||
|
F8F9000
|
trusted library allocation
|
page read and write
|
||
|
14CEB000
|
heap
|
page read and write
|
||
|
14CF0000
|
heap
|
page read and write
|
||
|
269B000
|
direct allocation
|
page read and write
|
||
|
26E4000
|
direct allocation
|
page read and write
|
||
|
D65000
|
trusted library allocation
|
page execute and read and write
|
||
|
A6F0000
|
trusted library allocation
|
page read and write
|
||
|
ADC000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
AC60000
|
trusted library allocation
|
page read and write
|
||
|
B5A3000
|
heap
|
page read and write
|
||
|
3A9E000
|
stack
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
10B9C000
|
stack
|
page read and write
|
||
|
1095E000
|
stack
|
page read and write
|
||
|
399F000
|
heap
|
page read and write
|
||
|
A76000
|
heap
|
page read and write
|
||
|
297D000
|
trusted library allocation
|
page read and write
|
||
|
B4E0000
|
unkown
|
page readonly
|
||
|
B55000
|
heap
|
page read and write
|
||
|
7FE15000
|
direct allocation
|
page read and write
|
||
|
C630000
|
heap
|
page read and write
|
||
|
29B5000
|
trusted library allocation
|
page read and write
|
||
|
C646000
|
heap
|
page read and write
|
||
|
DCA2000
|
trusted library allocation
|
page read and write
|
||
|
A93000
|
heap
|
page read and write
|
||
|
B510000
|
heap
|
page read and write
|
||
|
AB8000
|
direct allocation
|
page read and write
|
||
|
D9DF000
|
heap
|
page read and write
|
||
|
D6C4000
|
heap
|
page read and write
|
||
|
A8A000
|
heap
|
page read and write
|
||
|
AC4A000
|
trusted library allocation
|
page read and write
|
||
|
26F3000
|
direct allocation
|
page read and write
|
||
|
10FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C0000
|
direct allocation
|
page read and write
|
||
|
A32000
|
direct allocation
|
page read and write
|
||
|
AF1000
|
direct allocation
|
page read and write
|
||
|
AC2000
|
heap
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
B8F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
FA03000
|
trusted library allocation
|
page read and write
|
||
|
D680000
|
heap
|
page read and write
|
||
|
B8B1000
|
trusted library allocation
|
page read and write
|
||
|
266C000
|
direct allocation
|
page read and write
|
||
|
A6FB000
|
trusted library allocation
|
page read and write
|
||
|
2708000
|
direct allocation
|
page read and write
|
||
|
D8BF000
|
heap
|
page read and write
|
||
|
2694000
|
direct allocation
|
page read and write
|
||
|
DA10000
|
heap
|
page read and write
|
||
|
14D23000
|
heap
|
page read and write
|
||
|
38BC000
|
trusted library allocation
|
page read and write
|
||
|
10A9B000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
ABF0000
|
trusted library allocation
|
page read and write
|
||
|
50D1000
|
direct allocation
|
page read and write
|
||
|
1134B000
|
stack
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
DA9E000
|
heap
|
page read and write
|
||
|
38E1000
|
direct allocation
|
page read and write
|
||
|
113C4000
|
trusted library allocation
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
AC5000
|
heap
|
page read and write
|
||
|
A40000
|
direct allocation
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
A0E000
|
direct allocation
|
page read and write
|
||
|
D911000
|
heap
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
A8E000
|
heap
|
page read and write
|
||
|
AC2B000
|
trusted library allocation
|
page read and write
|
||
|
A66000
|
direct allocation
|
page read and write
|
||
|
5DC0000
|
heap
|
page read and write
|
||
|
3ADE000
|
stack
|
page read and write
|
||
|
D90A000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
29AA000
|
trusted library allocation
|
page read and write
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
AB4000
|
heap
|
page read and write
|
||
|
11290000
|
trusted library allocation
|
page execute and read and write
|
||
|
6C6000
|
unkown
|
page write copy
|
||
|
DC0000
|
heap
|
page execute and read and write
|
||
|
DA2A000
|
heap
|
page read and write
|
||
|
F9F0000
|
trusted library allocation
|
page read and write
|
||
|
AC31000
|
trusted library allocation
|
page read and write
|
||
|
11390000
|
trusted library allocation
|
page read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
43CE000
|
trusted library allocation
|
page read and write
|
||
|
D9E6000
|
heap
|
page read and write
|
||
|
A73000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
2601000
|
direct allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
D6F2000
|
heap
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
B5F0000
|
heap
|
page read and write
|
||
|
8A6000
|
heap
|
page read and write
|
||
|
26DD000
|
direct allocation
|
page read and write
|
||
|
FA1F000
|
trusted library allocation
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
2B04000
|
trusted library allocation
|
page read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
2884000
|
trusted library allocation
|
page read and write
|
||
|
AC27000
|
trusted library allocation
|
page read and write
|
||
|
113D8000
|
trusted library allocation
|
page read and write
|
||
|
A76E000
|
stack
|
page read and write
|
||
|
D708000
|
heap
|
page read and write
|
||
|
C5A5000
|
heap
|
page read and write
|
||
|
1396E000
|
stack
|
page read and write
|
||
|
113BE000
|
trusted library allocation
|
page read and write
|
||
|
D956000
|
heap
|
page read and write
|
||
|
A57000
|
direct allocation
|
page read and write
|
||
|
14AED000
|
heap
|
page read and write
|
||
|
113DC000
|
trusted library allocation
|
page read and write
|
||
|
BB3D000
|
stack
|
page read and write
|
||
|
7F7C2000
|
trusted library allocation
|
page execute read
|
||
|
4D90000
|
heap
|
page execute and read and write
|
||
|
2530000
|
direct allocation
|
page read and write
|
||
|
38F1000
|
direct allocation
|
page read and write
|
||
|
B586000
|
heap
|
page read and write
|
||
|
3960000
|
heap
|
page read and write
|
||
|
D8B5000
|
heap
|
page read and write
|
||
|
A9A000
|
heap
|
page read and write
|
||
|
DC84000
|
trusted library allocation
|
page read and write
|
||
|
B400000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
direct allocation
|
page read and write
|
||
|
D8A0000
|
heap
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
AC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
3C2000
|
unkown
|
page execute and read and write
|
||
|
BA35000
|
heap
|
page read and write
|
||
|
113E8000
|
trusted library allocation
|
page read and write
|
||
|
B535000
|
heap
|
page read and write
|
||
|
BB40000
|
trusted library allocation
|
page read and write
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
B5CA000
|
heap
|
page read and write
|
||
|
3B30000
|
heap
|
page read and write
|
||
|
3851000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
62ED000
|
stack
|
page read and write
|
||
|
2981000
|
trusted library allocation
|
page read and write
|
||
|
F8EB000
|
trusted library allocation
|
page read and write
|
||
|
26EC000
|
direct allocation
|
page read and write
|
||
|
43CB000
|
trusted library allocation
|
page read and write
|
||
|
11378000
|
trusted library allocation
|
page read and write
|
||
|
113C6000
|
trusted library allocation
|
page read and write
|
||
|
113CE000
|
trusted library allocation
|
page read and write
|
||
|
B568000
|
heap
|
page read and write
|
||
|
F970000
|
trusted library allocation
|
page read and write
|
||
|
A71D000
|
trusted library allocation
|
page read and write
|
||
|
B740000
|
trusted library allocation
|
page execute and read and write
|
||
|
B422000
|
unkown
|
page readonly
|
||
|
C5EF000
|
heap
|
page read and write
|
||
|
A8EE000
|
stack
|
page read and write
|
||
|
C580000
|
heap
|
page read and write
|
||
|
D9D5000
|
heap
|
page read and write
|
||
|
AE3000
|
heap
|
page read and write
|
||
|
29CA000
|
trusted library allocation
|
page read and write
|
||
|
A24000
|
direct allocation
|
page read and write
|
||
|
2989000
|
trusted library allocation
|
page read and write
|
||
|
A8AE000
|
stack
|
page read and write
|
||
|
3999000
|
heap
|
page read and write
|
||
|
DB61000
|
trusted library allocation
|
page read and write
|
||
|
10A5D000
|
stack
|
page read and write
|
||
|
E29000
|
heap
|
page read and write
|
||
|
26C8000
|
direct allocation
|
page read and write
|
||
|
11372000
|
trusted library allocation
|
page read and write
|
||
|
DC75000
|
trusted library allocation
|
page read and write
|
||
|
10C2E000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
1115E000
|
stack
|
page read and write
|
||
|
B577000
|
heap
|
page read and write
|
||
|
E2DB000
|
stack
|
page read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
AD4000
|
direct allocation
|
page read and write
|
||
|
D5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB70000
|
unkown
|
page readonly
|
||
|
C5D1000
|
heap
|
page read and write
|
||
|
DC71000
|
trusted library allocation
|
page read and write
|
||
|
D67000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
AFC000
|
heap
|
page read and write
|
||
|
E14E000
|
stack
|
page read and write
|
||
|
41A9000
|
trusted library allocation
|
page read and write
|
||
|
C5E9000
|
heap
|
page read and write
|
||
|
A00000
|
direct allocation
|
page read and write
|
||
|
A9A000
|
direct allocation
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
3640000
|
heap
|
page read and write
|
||
|
6CD000
|
unkown
|
page read and write
|
||
|
4CA000
|
unkown
|
page execute and read and write
|
||
|
B9F0000
|
heap
|
page read and write
|
||
|
9F9000
|
direct allocation
|
page read and write
|
||
|
11370000
|
trusted library allocation
|
page read and write
|
||
|
DA96000
|
heap
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
3961000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
A900000
|
trusted library allocation
|
page read and write
|
||
|
AEC000
|
heap
|
page read and write
|
||
|
267D000
|
direct allocation
|
page read and write
|
||
|
59FF000
|
stack
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
11164000
|
heap
|
page read and write
|
||
|
AC90000
|
trusted library allocation
|
page read and write
|
||
|
35E0000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
2676000
|
direct allocation
|
page read and write
|
||
|
113E2000
|
trusted library allocation
|
page read and write
|
||
|
E31E000
|
stack
|
page read and write
|
||
|
C620000
|
heap
|
page read and write
|
||
|
D9E3000
|
heap
|
page read and write
|
||
|
B4F8000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
DBB0000
|
trusted library allocation
|
page read and write
|
||
|
11013000
|
heap
|
page read and write
|
||
|
26D6000
|
direct allocation
|
page read and write
|
||
|
D9CC000
|
heap
|
page read and write
|
||
|
A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
113B8000
|
trusted library allocation
|
page read and write
|
||
|
6D8000
|
unkown
|
page write copy
|
||
|
113C8000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
direct allocation
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
B3D0000
|
heap
|
page read and write
|
||
|
11368000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
2634000
|
direct allocation
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
B3E0000
|
trusted library allocation
|
page read and write
|
||
|
D9D8000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
6C8000
|
unkown
|
page read and write
|
||
|
BB72000
|
unkown
|
page readonly
|
||
|
11018000
|
heap
|
page read and write
|
||
|
B94B000
|
stack
|
page read and write
|
||
|
B890000
|
heap
|
page execute and read and write
|
||
|
B420000
|
unkown
|
page readonly
|
||
|
11160000
|
heap
|
page read and write
|
||
|
11388000
|
trusted library allocation
|
page read and write
|
||
|
14AFB000
|
heap
|
page read and write
|
||
|
D9FB000
|
heap
|
page read and write
|
||
|
F8F3000
|
trusted library allocation
|
page read and write
|
||
|
E0F0000
|
heap
|
page read and write
|
||
|
AC10000
|
trusted library allocation
|
page read and write
|
||
|
2820000
|
trusted library allocation
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
B5D5000
|
heap
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
A716000
|
trusted library allocation
|
page read and write
|
||
|
11350000
|
heap
|
page read and write
|
||
|
3885000
|
direct allocation
|
page read and write
|
||
|
399C000
|
heap
|
page read and write
|
||
|
2619000
|
direct allocation
|
page read and write
|
||
|
26AA000
|
direct allocation
|
page read and write
|
||
|
A7C000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
113DE000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
E15D000
|
trusted library allocation
|
page read and write
|
||
|
A38000
|
heap
|
page read and write
|
||
|
4855000
|
trusted library section
|
page read and write
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
B500000
|
heap
|
page read and write
|
||
|
A905000
|
trusted library allocation
|
page read and write
|
||
|
261E000
|
direct allocation
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
485D000
|
trusted library section
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
AEA000
|
direct allocation
|
page read and write
|
||
|
F980000
|
trusted library allocation
|
page read and write
|
||
|
360E000
|
direct allocation
|
page read and write
|
||
|
D97C000
|
heap
|
page read and write
|
||
|
3E2D000
|
stack
|
page read and write
|
||
|
9D2000
|
direct allocation
|
page read and write
|
||
|
294B000
|
trusted library allocation
|
page read and write
|
||
|
AC6000
|
direct allocation
|
page read and write
|
||
|
74D0000
|
trusted library section
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
931000
|
stack
|
page read and write
|
||
|
262D000
|
direct allocation
|
page read and write
|
||
|
D840000
|
trusted library allocation
|
page read and write
|
||
|
FA08000
|
trusted library allocation
|
page read and write
|
||
|
7F7C0000
|
trusted library allocation
|
page execute read
|
||
|
A81000
|
direct allocation
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
A8D000
|
heap
|
page read and write
|
||
|
10BDE000
|
stack
|
page read and write
|
||
|
A70E000
|
trusted library allocation
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
A90C000
|
trusted library allocation
|
page read and write
|
||
|
C570000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6F9000
|
heap
|
page read and write
|
||
|
C636000
|
heap
|
page read and write
|
||
|
1116F000
|
heap
|
page read and write
|
||
|
9F1000
|
direct allocation
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
D703000
|
heap
|
page read and write
|
||
|
FF50000
|
trusted library allocation
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
113A0000
|
trusted library allocation
|
page read and write
|
||
|
11398000
|
trusted library allocation
|
page read and write
|
||
|
3C2000
|
unkown
|
page readonly
|
||
|
A50000
|
direct allocation
|
page read and write
|
||
|
10FD0000
|
trusted library allocation
|
page read and write
|
||
|
D6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
3D2F000
|
stack
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
4F03000
|
heap
|
page read and write
|
||
|
B960000
|
trusted library section
|
page readonly
|
||
|
A70000
|
heap
|
page read and write
|
||
|
DB80000
|
trusted library allocation
|
page read and write
|
||
|
AA7000
|
heap
|
page read and write
|
||
|
A1D000
|
direct allocation
|
page read and write
|
||
|
7F7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FB30000
|
direct allocation
|
page read and write
|
||
|
11010000
|
heap
|
page read and write
|
||
|
29B1000
|
trusted library allocation
|
page read and write
|
||
|
14AE0000
|
heap
|
page read and write
|
||
|
D9F3000
|
heap
|
page read and write
|
||
|
113C0000
|
trusted library allocation
|
page read and write
|
||
|
10750000
|
trusted library allocation
|
page read and write
|
||
|
A15000
|
direct allocation
|
page read and write
|
||
|
DBD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
280C000
|
stack
|
page read and write
|
||
|
D8B3000
|
heap
|
page read and write
|
||
|
1139E000
|
trusted library allocation
|
page read and write
|
||
|
A9E000
|
heap
|
page read and write
|
||
|
6D0000
|
unkown
|
page read and write
|
||
|
6DD000
|
unkown
|
page readonly
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
B880000
|
heap
|
page read and write
|
||
|
25F3000
|
direct allocation
|
page read and write
|
||
|
DA85000
|
heap
|
page read and write
|
||
|
9AF000
|
stack
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
D56000
|
trusted library allocation
|
page execute and read and write
|
||
|
A39000
|
direct allocation
|
page read and write
|
||
|
B4F0000
|
heap
|
page read and write
|
||
|
AC50000
|
trusted library allocation
|
page read and write
|
||
|
D9A0000
|
heap
|
page read and write
|
||
|
D85000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
298D000
|
trusted library allocation
|
page read and write
|
||
|
3C0000
|
unkown
|
page readonly
|
||
|
14CE0000
|
heap
|
page read and write
|
||
|
A2B000
|
direct allocation
|
page read and write
|
||
|
BA30000
|
heap
|
page read and write
|
||
|
2617000
|
direct allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
2830000
|
direct allocation
|
page execute and read and write
|
||
|
11050000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
29C0000
|
direct allocation
|
page read and write
|
||
|
D99E000
|
heap
|
page read and write
|
||
|
DA82000
|
heap
|
page read and write
|
||
|
9EA000
|
direct allocation
|
page read and write
|
||
|
B34E000
|
stack
|
page read and write
|
||
|
3999000
|
heap
|
page read and write
|
||
|
ABF6000
|
trusted library allocation
|
page read and write
|
||
|
6C6000
|
unkown
|
page read and write
|
||
|
A5F000
|
direct allocation
|
page read and write
|
||
|
113E0000
|
trusted library allocation
|
page read and write
|
||
|
118CE000
|
stack
|
page read and write
|
||
|
2862000
|
trusted library allocation
|
page read and write
|
||
|
38CE000
|
direct allocation
|
page read and write
|
||
|
A86E000
|
stack
|
page read and write
|
||
|
26FA000
|
direct allocation
|
page read and write
|
||
|
B720000
|
trusted library allocation
|
page execute and read and write
|
||
|
74CE000
|
stack
|
page read and write
|
||
|
25EC000
|
direct allocation
|
page read and write
|
||
|
B950000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
14CED000
|
heap
|
page read and write
|
||
|
B8D0000
|
trusted library allocation
|
page read and write
|
||
|
10760000
|
trusted library allocation
|
page execute and read and write
|
||
|
ABF2000
|
trusted library allocation
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
AED000
|
heap
|
page read and write
|
||
|
E157000
|
trusted library allocation
|
page read and write
|
||
|
AA8000
|
direct allocation
|
page read and write
|
||
|
BA00000
|
trusted library allocation
|
page execute and read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
38B3000
|
direct allocation
|
page read and write
|
||
|
ABEE000
|
stack
|
page read and write
|
||
|
DA7E000
|
heap
|
page read and write
|
||
|
DAB0000
|
trusted library section
|
page read and write
|
||
|
E29F000
|
stack
|
page read and write
|
||
|
6D5000
|
unkown
|
page read and write
|
||
|
14D36000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
A68000
|
heap
|
page read and write
|
||
|
82A000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
399D000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
61EC000
|
stack
|
page read and write
|
||
|
11260000
|
trusted library allocation
|
page read and write
|
||
|
38BA000
|
trusted library allocation
|
page read and write
|
||
|
F9F4000
|
trusted library allocation
|
page read and write
|
||
|
10F8F000
|
stack
|
page read and write
|
||
|
AF8000
|
direct allocation
|
page read and write
|
||
|
AA4000
|
heap
|
page read and write
|
||
|
FA00000
|
trusted library allocation
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
35E0000
|
direct allocation
|
page read and write
|
||
|
B8E0000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
BA20000
|
trusted library allocation
|
page read and write
|
||
|
C590000
|
heap
|
page read and write
|
||
|
6F3000
|
unkown
|
page readonly
|
||
|
E155000
|
trusted library allocation
|
page read and write
|
||
|
38A2000
|
direct allocation
|
page read and write
|
||
|
39A0000
|
heap
|
page read and write
|
||
|
38C2000
|
direct allocation
|
page read and write
|
||
|
DA87000
|
heap
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
AC14000
|
trusted library allocation
|
page read and write
|
||
|
DA80000
|
heap
|
page read and write
|
||
|
D8D3000
|
heap
|
page read and write
|
||
|
613F000
|
stack
|
page read and write
|
||
|
D9EC000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
399C000
|
heap
|
page read and write
|
||
|
AC9000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
2701000
|
direct allocation
|
page read and write
|
||
|
AA9000
|
heap
|
page read and write
|
||
|
F9CE000
|
stack
|
page read and write
|
||
|
13A6C000
|
stack
|
page read and write
|
||
|
A8FB000
|
trusted library allocation
|
page read and write
|
||
|
38AF000
|
direct allocation
|
page read and write
|
||
|
A64000
|
trusted library allocation
|
page read and write
|
||
|
29D3000
|
heap
|
page read and write
|
||
|
D9AD000
|
heap
|
page read and write
|
||
|
113BC000
|
trusted library allocation
|
page read and write
|
||
|
2830000
|
trusted library allocation
|
page read and write
|
||
|
DA9B000
|
heap
|
page read and write
|
||
|
AE3000
|
direct allocation
|
page read and write
|
||
|
B57F000
|
heap
|
page read and write
|
||
|
26CF000
|
direct allocation
|
page read and write
|
||
|
D9B3000
|
heap
|
page read and write
|
||
|
D62000
|
trusted library allocation
|
page read and write
|
||
|
3848000
|
direct allocation
|
page read and write
|
||
|
F8DE000
|
stack
|
page read and write
|
||
|
2660000
|
direct allocation
|
page read and write
|
||
|
38D8000
|
direct allocation
|
page read and write
|
||
|
E410000
|
trusted library allocation
|
page execute and read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
25FA000
|
direct allocation
|
page read and write
|
||
|
D9DB000
|
heap
|
page read and write
|
||
|
AB9000
|
heap
|
page read and write
|
||
|
296F000
|
trusted library allocation
|
page read and write
|
||
|
26A2000
|
direct allocation
|
page read and write
|
||
|
FA17000
|
trusted library allocation
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
E0A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
738D000
|
stack
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
3B31000
|
heap
|
page read and write
|
||
|
4860000
|
trusted library section
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
4D93000
|
heap
|
page execute and read and write
|
||
|
B508000
|
heap
|
page read and write
|
||
|
FA10000
|
trusted library allocation
|
page read and write
|
||
|
787000
|
heap
|
page read and write
|
||
|
C5BD000
|
heap
|
page read and write
|
||
|
266F000
|
direct allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
1137C000
|
trusted library allocation
|
page read and write
|
||
|
A49000
|
direct allocation
|
page read and write
|
||
|
117CB000
|
stack
|
page read and write
|
||
|
BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
B504000
|
heap
|
page read and write
|
||
|
B594000
|
heap
|
page read and write
|
||
|
ABAF000
|
stack
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
113F0000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
AAC000
|
heap
|
page read and write
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
F9F7000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library section
|
page read and write
|
||
|
B730000
|
heap
|
page read and write
|
||
|
D91A000
|
heap
|
page read and write
|
||
|
14530000
|
trusted library allocation
|
page read and write
|
||
|
DA76000
|
heap
|
page read and write
|
||
|
F8F7000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
DA8B000
|
heap
|
page read and write
|
||
|
6DF000
|
unkown
|
page readonly
|
There are 572 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|
||
|
https://www.esofttools.com/installsuccess/?productname=MBOX%20Converter
|