IOC Report
https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_windows-x64_1_10_1.exe

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\java.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
malicious
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\MessagesDefault
ASCII text, with very long lines (363)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_0_1mu2pq3.utf8
ASCII text, with very long lines (363)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_10_1mu2pq3_wnegrj.png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_11_1mu2pq3.txt
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_12_1mu2pq3_1l2apw7.ico
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_13_1mu2pq3_x7nby6.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_14_1mu2pq3_vd2dea.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_15_1mu2pq3_un9apv.png
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_16_1mu2pq3_1xth8wx.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_17_1mu2pq3_259ij1.png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_18_1mu2pq3_1w6mnzb.png
PNG image data, 79 x 53, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_18_1mu2pq3_1w6mnzb@2x.png
PNG image data, 157 x 106, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_1_1mu2pq3.utf8
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_2_1mu2pq3.utf8
Unicode text, UTF-8 text, with very long lines (470)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_3_1mu2pq3.utf8
Unicode text, UTF-8 text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_4_1mu2pq3_1qcjq5g.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_5_1mu2pq3_14adzqr.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_6_1mu2pq3_1bf9cql.png
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_7_1mu2pq3_njuzm5.png
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_8_1mu2pq3_1reef1z.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4j_extf_9_1mu2pq3_fwd21f.png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4jparams.conf
XML 1.0 document, ASCII text, with very long lines (573), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\i4jruntime.jar
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\installer.ico
MS Windows icon resource - 12 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre.tar.gz
gzip compressed data, original size modulo 2^32 101792256
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\ASSEMBLY_EXCEPTION
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\LICENSE
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\THIRD_PARTY_README
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\JAWTAccessBridge-64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\JavaAccessBridge-64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\WindowsAccessBridge-64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-console-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-datetime-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-debug-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-errorhandling-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-file-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-file-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-file-l2-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-handle-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-heap-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-interlocked-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-libraryloader-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-localization-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-memory-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-namedpipe-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-processenvironment-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-processthreads-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-processthreads-l1-1-1.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-profile-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-rtlsupport-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-string-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-synch-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-synch-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-sysinfo-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-timezone-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-core-util-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-conio-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-convert-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-environment-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-filesystem-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-heap-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-locale-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-math-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-multibyte-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-private-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-process-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-runtime-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-stdio-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-string-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-time-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\api-ms-win-crt-utility-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\attach.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\awt.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\dt_shmem.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\dt_socket.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\fontmanager.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\freetype.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\hprof.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\instrument.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\j2gss.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\j2pcsc.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\j2pkcs11.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jaas_nt.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jabswitch.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\java-rmi.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\java.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\java_crw_demo.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\javaw.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jawt.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jdwp.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jjs.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jli.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jpeg.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jsdt.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jsound.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\jsoundds.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\keytool.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\kinit.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\klist.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\ktab.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\lcms.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\management.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\mlib_image.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\msvcp140.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\net.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\nio.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\npt.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\orbd.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\pack200.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\policytool.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\rmid.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\rmiregistry.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\sawindbg.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\server\Xusage.txt
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\server\jvm.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\servertool.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\splashscreen.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\sspi_bridge.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\sunec.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\sunmscapi.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\tnameserv.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\ucrtbase.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\unpack.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\unpack200.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\vcruntime140.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\verify.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\w2k_lsa_auth.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\zip.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\accessibility.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\amd64\jvm.cfg
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\calendars.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\charsets.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\classlist
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\cmm\CIEXYZ.pf
Microsoft color profile 2.3, type lcms, XYZ/XYZ-abst device by lcms, 784 bytes, 28-12-2006 18:07:22, no copyright tag "lcms XYZ identity"
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\cmm\GRAY.pf
Microsoft color profile 2.3, type lcms, GRAY/XYZ-mntr device by lcms, 556 bytes, 28-12-2006 18:07:22, no copyright tag "lcms gray virtual profile"
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\cmm\LINEAR_RGB.pf
ColorSync color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 488 bytes, 28-3-2008 14:24:37, transparent, relative colorimetric "linear sRGB"
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\cmm\PYCC.pf
ColorSync color profile 4.0, type lcms, 3CLR/XYZ-spac device by lcms, 234080 bytes, 10-4-2008 10:24:22, transparent, relative colorimetric, 0xf0e75c55d21e4d8c MD5 'PYCC from PCD 045'
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\cmm\sRGB.pf
Microsoft color profile 2.3, type lcms, RGB/XYZ-mntr device by lcms, 6876 bytes, 28-12-2006 18:07:22, no copyright tag "sRGB built-in"
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\content-types.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\currency.data
data
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\access-bridge-64.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\cldrdata.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\dnsns.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\jaccess.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\localedata.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\meta-index
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\nashorn.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\sunec.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\sunjce_provider.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\sunmscapi.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\sunpkcs11.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\ext\zipfs.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\flavormap.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\fontconfig.bfc
raw G3 (Group 3) FAX
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\fontconfig.properties.src
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\hijrah-config-umalqura.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\cursors.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\invalid32x32.gif
GIF image data, version 89a, 32 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_CopyDrop32x32.gif
GIF image data, version 89a, 31 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
GIF image data, version 89a, 32 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_LinkDrop32x32.gif
GIF image data, version 89a, 31 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
GIF image data, version 89a, 32 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_MoveDrop32x32.gif
GIF image data, version 89a, 31 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
GIF image data, version 89a, 32 x 32
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jce.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jfr.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jfr\default.jfc
XML 1.0 document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jfr\profile.jfc
XML 1.0 document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jsse.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\jvm.hprof.txt
Algol 68 source, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\logging.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\management-agent.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\management\jmxremote.access
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\management\jmxremote.password.template
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\management\management.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\management\snmp.acl.template
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\meta-index
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\net.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\psfont.properties.ja
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\psfontj2d.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\resources.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\rt.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\blacklisted.certs
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\cacerts
Java KeyStore
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\java.policy
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\java.security
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\policy\limited\US_export_policy.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\policy\limited\local_policy.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\policy\unlimited\US_export_policy.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\security\policy\unlimited\local_policy.jar
Java archive data (JAR)
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\sound.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\tzdb.dat
data
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\lib\tzmappings
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\release
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\stats.properties
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\user.jar
Zip archive data, at least v1.0 to extract, compression method=store
dropped
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\user\flatlaf.jar
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Users\user\AppData\Local\Temp\hsperfdata_user\3804
data
dropped
C:\Users\user\AppData\Local\Temp\hsperfdata_user\6284
data
dropped
C:\Users\user\AppData\Local\Temp\i4j_log_OpenWebStart_1752523011779975933.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\i4j_nlog_1.log
Unicode text, UTF-8 (with BOM) text, with very long lines (410), with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\83aa4cc77f591dfc2374580bbd95f6ba_9e146be9-c76a-4720-bcdb-53011b87bd06
data
dropped
C:\Users\user\Desktop\cmdline.out
ASCII text, with very long lines (557), with CRLF line terminators
modified
C:\Users\user\Desktop\download\OpenWebStart_windows-x64_1_10_1.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
There are 196 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_windows-x64_1_10_1.exe" > cmdline.out 2>&1
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
malicious
C:\Users\user\Desktop\download\OpenWebStart_windows-x64_1_10_1.exe
"C:\Users\user\Desktop\download\OpenWebStart_windows-x64_1_10_1.exe"
malicious
C:\Users\user\AppData\Local\Temp\e4jA753.tmp_dir1732193841\jre\bin\java.exe
"c:\users\user\appdata\local\temp\E4JA75~1.TMP\jre\bin\java.exe" -version
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
malicious
C:\Windows\SysWOW64\wget.exe
wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_windows-x64_1_10_1.exe"

URLs

Name
IP
Malicious
https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_windows-x64_1_10_1.exe
malicious
http://apache.org/xml/features/dom/create-entity-ref-nodes
unknown
http://apache.org/xml/features/validation/dynamic
unknown
http://apache.org/xml/features/validation/schema/augment-psvi
unknown
https://adoptium.net/
unknown
http://java.sun.com/xml/schema/features/
unknown
https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_H?
unknown
http://apache.org/xml/features/dom/create-entity-ref-nodesC
unknown
http://apache.org/xml/properties/internal/validator/dtd
unknown
http://apache.org/xml/properties/input-buffer-size
unknown
http://apache.org/xml/properties/internal/datatype-validator-factory
unknown
http://apache.org/xml/properties/internal/validator/schema
unknown
http://timestamp.sectigo.com
unknown
http://apache.org/xml/features/validate-annotations
unknown
https://www.formdev.com/flatlaf/
unknown
http://xml.org/sax/properties/lexical-handlercT
unknown
http://xml.org/sax/features/namespace-prefixes
unknown
https://adoptium.netC
unknown
https://openwebstart.com/
unknown
http://apache.org/xml/properties/internal/entity-manager
unknown
http://apache.org/xml/properties/internal/dtd-processor
unknown
http://apache.org/xml/features/namespace-growth
unknown
http://xml.org/sax/features/string-interning
unknown
http://apache.org/xml/features/internal/parser-settings
unknown
http://repository.certum.pl/ccsca2021.cer0
unknown
http://www.oracle.com/feature/use-service-mechanismva/la
unknown
http://apache.org/xml/features/dom/include-ignorable-whitespace
unknown
https://www.apache.org/licenses/LICENSE-2.0
unknown
http://apache.org/xml/features/create-cdata-nodes
unknown
http://java.sun.com/xml/dom/properties/
unknown
http://javax.xml.transform.stax.StAXResult/featurekH
unknown
http://apache.org/xml/properties/internal/stax-entity-resolver
unknown
https://adoptium.net/java.vendor.url.bughttps://github.com/adoptium/adoptium-support/issues%d.%djava
unknown
http://www.ej-technologies.com/shared-mime-info-extss
unknown
http://java.sun.com/xml/stream/properties/reader-in-defined-statering;Lj
unknown
http://javax.xml.XMLConstants/feature/secure-processing
unknown
http://xml.apache.org/xslt;q
unknown
http://apache.org/xml/features/xinclude/fixup-base-uris
unknown
http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation
unknown
http://www.freedesktop.org/standards/shared-mime-info
unknown
http://apache.org/xml/properties/internal/error-reporter
unknown
http://apache.org/xml/properties/internal/namespace-context
unknown
http://apache.org/xml/features/validation/schema:
unknown
http://apache.org/xml/features/warn-on-duplicate-entitydef
unknown
http://ccsca2021.ocsp-certum.com05
unknown
http://javax.xml.XMLConstants/property/accessExternalSchema
unknown
http://apache.org/xml/features/include-comments
unknown
http://apache.org/xml/features/scanner/notify-char-refs
unknown
http://apache.org/xml/properties/input-buffer-sizece
unknown
http://www.certum.pl/CPS0
unknown
http://apache.org/xml/properties/internal/symbol-table6
unknown
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace3
unknown
http://apache.org/xml/properties/dom/current-element-node7
unknown
http://java.sun.com/xml/stream/properties/ignore-external-dtd
unknown
http://javax.xml.transform.stax.StAXSource/feature
unknown
http://apache.org/xml/features/continue-after-fatal-error
unknown
http://apache.org/xml/features/standard-uri-conformant
unknown
http://apache.org/xml/properties/internal/document-scanner
unknown
https://objects.githubusercontent.com/github-production-release-asset-2e65be/187595602/0e11e7a6-f296
unknown
http://www.ej-technologies.com/shared-mime-info-ext
unknown
https://adoptium.net.K
unknown
http://xml.org/sax/features/validation&
unknown
http://xml.org/sax/features/use-entity-resolver2
unknown
http://apache.org/xml/properties/internal/entity-resolver
unknown
https://adoptium.net.KT
unknown
http://null.oracle.com/
unknown
http://apache.org/xml/features/
unknown
http://apache.org/xml/features/generate-synthetic-annotations
unknown
http://xml.org/sax/features/allow-dtd-events-after-endDTD
unknown
http://apache.org/xml/features/validation/balance-syntax-trees
unknown
https://www.formdev.com/flatlaf/how-to-customize/
unknown
http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-only
unknown
http://apache.org/xml/properties/internal/namespace-binder
unknown
http://javax.xml.XMLConstants/property/accessExternalDTD;
unknown
http://www.oracle.com/xml/is-standalone
unknown
https://adoptium.net.SG
unknown
http://javax.xml.transform.sax.SAXTransformerFactory/feature
unknown
http://xml.org/sax/features/validation
unknown
http://javax.xml.XMLConstants/property/accessExternalStylesheet
unknown
http://apache.org/xml/properties/internal/xinclude-handler
unknown
http://apache.org/xml/properties/security-manager
unknown
http://java.sun.com/xml/dom/properties/ancestor-check
unknown
http://xml.apache.org/xslt
unknown
http://java.sun.com/xml/stream/properties/
unknown
http://apache.org/xml/features/validation/schema
unknown
http://javax.xml.transform.stax.StAXResult/feature
unknown
https://adoptium.net.K/
unknown
http://java.sun.com/xml/dom/properties/r
unknown
http://www.freedesktop.org/standards/shared-mime-infoass
unknown
http://xml.org/sax/properties/dom-nodeC
unknown
http://apache.org/xml/properties/internal/dtd-scanner
unknown
http://xml.org/sax/properties/lexical-handler
unknown
http://apache.org/xml/properties/schema/external-schemaLocation
unknown
http://apache.org/xml/features/dom/include-ignorable-whitespace:
unknown
http://ocsp.sectigo.com0
unknown
http://xml.org/sax/features/
unknown
http://xml.org/sax/features/age
unknown
https://github.com/karakun/OpenWebStart/releases/download/v1.10.1/OpenWebStart_windows-x64_1_10_1.ex
unknown
http://apache.org/xml/properties/internal/error-handler
unknown
https://github.com/adoptium/adoptium-
unknown
https://adoptium.net
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
github.com
140.82.121.4
objects.githubusercontent.com
185.199.110.133

IPs

IP
Domain
Country
Malicious
140.82.121.4
github.com
United States
185.199.110.133
objects.githubusercontent.com
Netherlands

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\ej-technologies\exe4j\pids
c:\users\user\desktop\download\openwebstart_windows-x64_1_10_1.exe
HKEY_CURRENT_USER\SOFTWARE\ej-technologies\exe4j
InstallStarted_3804
HKEY_CURRENT_USER\SOFTWARE\ej-technologies\exe4j
InstallStarted
HKEY_CURRENT_USER\SOFTWARE\ej-technologies\exe4j
InstallStarted_3804
HKEY_CURRENT_USER\SOFTWARE\ej-technologies\exe4j
InstallStarted

Memdumps

Base Address
Regiontype
Protect
Malicious
66635000
unkown
page write copy
23DAFA47000
heap
page read and write
D56EA000
direct allocation
page read and write
23DB003B000
heap
page read and write
2B6D000
heap
page read and write
23DAFBE4000
heap
page read and write
23DAFCE2000
heap
page read and write
23DAFB37000
heap
page read and write
23D94B96000
heap
page read and write
23DAF931000
heap
page read and write
23DAFD61000
heap
page read and write
23DAFFDB000
heap
page read and write
23DAFE31000
heap
page read and write
23DAF9FF000
heap
page read and write
7E08BFA000
unkown
page read and write
D66FF000
direct allocation
page read and write
A91000
heap
page read and write
23DAE736000
heap
page read and write
23DAFBCB000
heap
page read and write
2B92000
heap
page read and write
23DAFE23000
heap
page read and write
D607B000
direct allocation
page read and write
26EB678C000
heap
page read and write
23DAFA06000
heap
page read and write
23DAFB9A000
heap
page read and write
23DAEA71000
heap
page read and write
23DAE2D1000
heap
page read and write
2B9E000
heap
page read and write
23DAE702000
heap
page read and write
7E082FF000
stack
page read and write
2B9A000
heap
page read and write
23DAFB3E000
heap
page read and write
23DB0042000
heap
page read and write
26EB6714000
heap
page read and write
23DAFD90000
heap
page read and write
23DAE717000
heap
page read and write
D57CA000
direct allocation
page read and write
7FF650F35000
unkown
page readonly
23DAE90A000
heap
page read and write
23DB011C000
heap
page read and write
23DAFB3E000
heap
page read and write
D61DB000
direct allocation
page read and write
329F000
stack
page read and write
23DAFB37000
heap
page read and write
23DAFF0C000
heap
page read and write
66637000
unkown
page read and write
7FF650EF0000
unkown
page readonly
23DAEA71000
heap
page read and write
66654000
unkown
page write copy
23DAFBBC000
heap
page read and write
23DAF9F6000
heap
page read and write
D6EE9000
direct allocation
page read and write
D55A0000
direct allocation
page read and write
23DAFF63000
heap
page read and write
D57EA000
direct allocation
page read and write
2B91000
heap
page read and write
23DAFE5F000
heap
page read and write
1C0000
heap
page read and write
D5C07000
direct allocation
page read and write
23DAFF92000
heap
page read and write
66651000
unkown
page write copy
23DAE960000
heap
page read and write
66697000
unkown
page read and write
23DAFC04000
heap
page read and write
26EA00C5000
heap
page read and write
23DAFA88000
heap
page read and write
23DAFF92000
heap
page read and write
23DAE74A000
heap
page read and write
23DAFB40000
heap
page read and write
23DAED51000
heap
page read and write
23DAED90000
heap
page read and write
23DAFCFA000
heap
page read and write
23DAFC4E000
heap
page read and write
23DAFF0C000
heap
page read and write
23DAFD83000
heap
page read and write
23DAFC44000
heap
page read and write
120C000
heap
page read and write
7FF7C1D51000
unkown
page execute read
23DAE851000
heap
page read and write
23DAFFDB000
heap
page read and write
23DAFD7D000
heap
page read and write
23DAFD86000
heap
page read and write
23DAEDC1000
heap
page read and write
23DAFADB000
heap
page read and write
26EA197E000
direct allocation
page execute and read and write
D5F91000
direct allocation
page read and write
80352000
direct allocation
page read and write
23DAFB37000
heap
page read and write
23DAFA1B000
heap
page read and write
66634000
unkown
page read and write
6669F000
unkown
page read and write
23DAFB37000
heap
page read and write
23DAFC91000
heap
page read and write
D5BCB000
direct allocation
page read and write
23DAFC6D000
heap
page read and write
23DB000B000
heap
page read and write
23DAE962000
heap
page read and write
23DAFC9D000
heap
page read and write
23DAFBA9000
heap
page read and write
23DAFB9B000
heap
page read and write
23DB0042000
heap
page read and write
23DAEC76000
heap
page read and write
23DAFFAA000
heap
page read and write
23DAED8F000
heap
page read and write
23DAE840000
heap
page read and write
7FFE13200000
unkown
page readonly
D5729000
direct allocation
page read and write
23DAFD0C000
heap
page read and write
26EB679E000
heap
page read and write
23DAFFD6000
heap
page read and write
23DAFB7C000
heap
page read and write
23DAE397000
heap
page read and write
23DAFA60000
heap
page read and write
D55A8000
direct allocation
page read and write
23DAFBC1000
heap
page read and write
D5F33000
direct allocation
page read and write
23DAFA80000
heap
page read and write
D6EC4000
direct allocation
page read and write
D5EDB000
direct allocation
page read and write
23DAE8BE000
heap
page read and write
23DAF990000
heap
page read and write
23DAFEB1000
heap
page read and write
23DAEA23000
heap
page read and write
D65F6000
direct allocation
page read and write
7FFE13290000
unkown
page write copy
23DAFD86000
heap
page read and write
23DAFC1D000
heap
page read and write
23DAFC1C000
heap
page read and write
23DAFBE2000
heap
page read and write
26EB5F11000
heap
page read and write
80204000
direct allocation
page read and write
23D94B8B000
heap
page read and write
23DAED67000
heap
page read and write
23DAFB3B000
heap
page read and write
23DAFC1C000
heap
page read and write
23DAF958000
heap
page read and write
2B9A000
heap
page read and write
23DAFA90000
heap
page read and write
23DAEC87000
heap
page read and write
23DAFF03000
heap
page read and write
23DAFBFC000
heap
page read and write
23DAE2E0000
heap
page read and write
D55FD000
direct allocation
page read and write
23DAFE6B000
heap
page read and write
D5731000
direct allocation
page read and write
23DB0106000
heap
page read and write
23DAFE91000
heap
page read and write
6646B000
unkown
page readonly
23DAFB15000
heap
page read and write
D652C000
direct allocation
page read and write
23DAFC34000
heap
page read and write
23DAECAC000
heap
page read and write
23DAFE5F000
heap
page read and write
23DAE9B7000
heap
page read and write
D651C000
direct allocation
page read and write
23DAFC9D000
heap
page read and write
23DAFA06000
heap
page read and write
23DAFB90000
heap
page read and write
66659000
unkown
page write copy
23DAED58000
heap
page read and write
23DAFB5B000
heap
page read and write
23DAFABC000
heap
page read and write
D6DEA000
direct allocation
page read and write
26EB5F5E000
heap
page read and write
23DAFF2B000
heap
page read and write
23DAFDC8000
heap
page read and write
7E08CFE000
unkown
page read and write
D5C7A000
direct allocation
page read and write
23DAFE87000
heap
page read and write
23DAE580000
heap
page read and write
23DAFAA3000
heap
page read and write
23DAE949000
heap
page read and write
23DAFFD6000
heap
page read and write
23DAFA3E000
heap
page read and write
23DAFCBD000
heap
page read and write
23DAFA51000
heap
page read and write
23DAF98E000
heap
page read and write
23DAED2D000
heap
page read and write
23DAFBB0000
heap
page read and write
66656000
unkown
page read and write
23DAFE33000
heap
page read and write
D675D000
direct allocation
page read and write
23DAF989000
heap
page read and write
23DAE742000
heap
page read and write
7E08AFF000
unkown
page read and write
23D94B91000
heap
page read and write
23DAFFD6000
heap
page read and write
23DAFF97000
heap
page read and write
D6ADE000
direct allocation
page read and write
23DAFD86000
heap
page read and write
23DAFF2B000
heap
page read and write
23DAFABC000
heap
page read and write
23DAEDB5000
heap
page read and write
23DAFBF8000
heap
page read and write
23DAFA48000
heap
page read and write
23DAFD6F000
heap
page read and write
23DAFCED000
heap
page read and write
23DAF9C6000
heap
page read and write
23DAFF03000
heap
page read and write
23DAFB4C000
heap
page read and write
9B000
stack
page read and write
23DAFF4E000
heap
page read and write
23DB0217000
heap
page read and write
23DAFBFC000
heap
page read and write
D6A78000
direct allocation
page read and write
26EA18D1000
direct allocation
page execute and read and write
D6F6A000
direct allocation
page read and write
D5580000
direct allocation
page read and write
D56F4000
direct allocation
page read and write
23DAFB3E000
heap
page read and write
305F000
stack
page read and write
23DAE73A000
heap
page read and write
80257000
direct allocation
page read and write
23DAFB90000
heap
page read and write
23DAFB05000
heap
page read and write
7FFE1A4D2000
unkown
page readonly
D6E5D000
direct allocation
page read and write
23DAFF03000
heap
page read and write
26EB5EF0000
heap
page read and write
666A4000
unkown
page readonly
D5C87000
direct allocation
page read and write
23DAEAB0000
heap
page read and write
7FF650F32000
unkown
page readonly
23DB0133000
heap
page read and write
23DAFECB000
heap
page read and write
D571F000
direct allocation
page read and write
66633000
unkown
page write copy
7FFE14630000
unkown
page readonly
23DAEDB9000
heap
page read and write
8045D000
direct allocation
page read and write
D6F12000
direct allocation
page read and write
23DAFA75000
heap
page read and write
23DB0106000
heap
page read and write
23DAFC9D000
heap
page read and write
23DAFADB000
heap
page read and write
23DAFF4E000
heap
page read and write
26EA18E6000
direct allocation
page execute and read and write
23DAFBDD000
heap
page read and write
23DAFBE4000
heap
page read and write
23DAFBB0000
heap
page read and write
2B9E000
heap
page read and write
2B96000
heap
page read and write
23DAFB2D000
heap
page read and write
D5BEC000
direct allocation
page read and write
23DAE85B000
heap
page read and write
23DAF969000
heap
page read and write
23DAFD86000
heap
page read and write
23DAE89D000
heap
page read and write
23DB013E000
heap
page read and write
23DAED56000
heap
page read and write
23DAFC91000
heap
page read and write
23DB0106000
heap
page read and write
23DAFE87000
heap
page read and write
23DAE9B2000
heap
page read and write
26EA18B9000
direct allocation
page execute and read and write
23DAFE87000
heap
page read and write
23DAF9B7000
heap
page read and write
23DAFE17000
heap
page read and write
23DAEC6A000
heap
page read and write
D68DE000
direct allocation
page read and write
23DAFF65000
heap
page read and write
D66BA000
direct allocation
page read and write
23DAFC9D000
heap
page read and write
23DAFB7D000
heap
page read and write
23DAFF97000
heap
page read and write
23DAFABC000
heap
page read and write
23DAFB99000
heap
page read and write
7FFE126D1000
unkown
page execute read
23DAEDC1000
heap
page read and write
7FFE1A460000
unkown
page readonly
23DAFC6D000
heap
page read and write
23DAFA51000
heap
page read and write
23DAE9D9000
heap
page read and write
23DAF950000
heap
page read and write
6664F000
unkown
page read and write
23D94B88000
heap
page read and write
7FFE1A46D000
unkown
page readonly
23DAFA90000
heap
page read and write
23DAFC3D000
heap
page read and write
7E083FF000
stack
page read and write
23DAE4D1000
heap
page read and write
23DAFD86000
heap
page read and write
23DAFE0B000
heap
page read and write
666A4000
unkown
page readonly
23DAFFBF000
heap
page read and write
7FF650F2F000
unkown
page read and write
23DAE74F000
heap
page read and write
D6E40000
direct allocation
page read and write
23DAED51000
heap
page read and write
23DAFCE4000
heap
page read and write
23DAFABC000
heap
page read and write
309E000
stack
page read and write
23DAFB08000
heap
page read and write
23DAE8A6000
heap
page read and write
66634000
unkown
page read and write
23DAEDC1000
heap
page read and write
23DAFBEC000
heap
page read and write
23DAFE0B000
heap
page read and write
23DAE307000
heap
page read and write
D6B38000
direct allocation
page read and write
23DAFBE4000
heap
page read and write
23DAFE11000
heap
page read and write
23DAFBF8000
heap
page read and write
23DAFA60000
heap
page read and write
23DAFABC000
heap
page read and write
7E08DFC000
unkown
page read and write
23DAFD19000
heap
page read and write
23DAF940000
heap
page read and write
26E9FE86000
heap
page read and write
D5740000
direct allocation
page read and write
23DAE8BE000
heap
page read and write
D6E77000
direct allocation
page read and write
23DAFB34000
heap
page read and write
65EC0000
unkown
page readonly
23DAF990000
heap
page read and write
23DAFB34000
heap
page read and write
7E08EFF000
unkown
page read and write
6646B000
unkown
page readonly
23DAFE31000
heap
page read and write
23DAFB08000
heap
page read and write
23DAFC6D000
heap
page read and write
7FF650F35000
unkown
page readonly
23DAFB34000
heap
page read and write
23DAFEF9000
heap
page read and write
23DAFD13000
heap
page read and write
26EA18BE000
direct allocation
page execute and read and write
23DAFFAA000
heap
page read and write
23DAFE33000
heap
page read and write
D5ED8000
direct allocation
page read and write
23DAFD19000
heap
page read and write
23DAED6C000
heap
page read and write
23DB0106000
heap
page read and write
D62A5000
direct allocation
page read and write
23DAFBE4000
heap
page read and write
23DAE924000
heap
page read and write
7FF650F39000
unkown
page readonly
7FFE1A4C0000
unkown
page readonly
23DAFADC000
heap
page read and write
23DAFBF8000
heap
page read and write
1200000
heap
page read and write
23DAEC50000
heap
page read and write
23D94B8B000
heap
page read and write
23DAFB08000
heap
page read and write
23DAFADC000
heap
page read and write
66692000
unkown
page read and write
23DAFAF0000
heap
page read and write
23DAE841000
heap
page read and write
7E080FF000
stack
page read and write
23DAFB53000
heap
page read and write
D5BF4000
direct allocation
page read and write
23DAFD13000
heap
page read and write
2B9E000
heap
page read and write
D620C000
direct allocation
page read and write
23DAEA71000
heap
page read and write
23DAECA4000
heap
page read and write
9CC000
stack
page read and write
23DAFA72000
heap
page read and write
23DAE860000
heap
page read and write
23DAFD86000
heap
page read and write
23D94B7F000
heap
page read and write
23DAF9C3000
heap
page read and write
23DAFA26000
heap
page read and write
23DAFC0A000
heap
page read and write
23DAEC63000
heap
page read and write
23DAE8E5000
heap
page read and write
23DAFE5F000
heap
page read and write
23DAFC91000
heap
page read and write
26EB0870000
direct allocation
page read and write
23DAE57F000
heap
page read and write
23DAFADC000
heap
page read and write
23DAEA08000
heap
page read and write
2B6A000
heap
page read and write
7FF650F2F000
unkown
page write copy
23D94B41000
heap
page read and write
23DAE73F000
heap
page read and write
23DAFF2B000
heap
page read and write
23DAEA2A000
heap
page read and write
23DAFBCB000
heap
page read and write
23DAF9AD000
heap
page read and write
7FFE13252000
unkown
page readonly
23DAE9C9000
heap
page read and write
23DAE944000
heap
page read and write
23DAFE0B000
heap
page read and write
23DAE3FF000
heap
page read and write
23DAFECB000
heap
page read and write
23DAFD6F000
heap
page read and write
23DAECAC000
heap
page read and write
23DAFAF0000
heap
page read and write
6663A000
unkown
page write copy
23DAE6E3000
heap
page read and write
23DAFA48000
heap
page read and write
26EB5F1D000
heap
page read and write
8046F000
direct allocation
page read and write
23DAE8A9000
heap
page read and write
D6ACC000
direct allocation
page read and write
23DAFA9E000
heap
page read and write
23DAFD3C000
heap
page read and write
23DAFC4E000
heap
page read and write
23DAFAAA000
heap
page read and write
D6984000
direct allocation
page read and write
23DAFB40000
heap
page read and write
23DAFD83000
heap
page read and write
23DAFB3E000
heap
page read and write
D5F77000
direct allocation
page read and write
D673A000
direct allocation
page read and write
23DAFBB0000
heap
page read and write
23DAED56000
heap
page read and write
7FFE14644000
unkown
page read and write
23DAFE23000
heap
page read and write
66630000
unkown
page write copy
D55BB000
direct allocation
page read and write
26E9FDA8000
heap
page read and write
23DAFA46000
heap
page read and write
23DAFCF9000
heap
page read and write
23DAE4F1000
heap
page read and write
23DAEC76000
heap
page read and write
23DAFBCD000
heap
page read and write
7FFE1A4D1000
unkown
page read and write
23DAFECB000
heap
page read and write
23DAFADC000
heap
page read and write
D5C6D000
direct allocation
page read and write
7FF650F1E000
unkown
page readonly
D571A000
direct allocation
page read and write
A30000
heap
page read and write
23DAFA89000
heap
page read and write
23DAFD63000
heap
page read and write
23DB0042000
heap
page read and write
1205000
heap
page read and write
23DAFA48000
heap
page read and write
D6311000
direct allocation
page read and write
23DAFB90000
heap
page read and write
23DAF968000
heap
page read and write
23D94B96000
heap
page read and write
23DAFBFC000
heap
page read and write
23DAFA60000
heap
page read and write
2BA1000
heap
page read and write
23DAFFBF000
heap
page read and write
23DAFD10000
heap
page read and write
23DAE9C2000
heap
page read and write
23DAFABC000
heap
page read and write
23DAEC93000
heap
page read and write
23DAFBC9000
heap
page read and write
23DAE4F1000
heap
page read and write
65EC0000
unkown
page readonly
23DAE4C1000
heap
page read and write
D5C76000
direct allocation
page read and write
7E087FE000
unkown
page read and write
26EB6650000
heap
page read and write
D5FC1000
direct allocation
page read and write
23DAFF92000
heap
page read and write
7FFE126F9000
unkown
page readonly
23DAFA75000
heap
page read and write
D5592000
direct allocation
page read and write
23DAFE31000
heap
page read and write
803E4000
direct allocation
page read and write
23DAEA13000
heap
page read and write
23DAFCDD000
heap
page read and write
23DAFD7D000
heap
page read and write
23DAFB13000
heap
page read and write
23DAFD83000
heap
page read and write
23DAFE31000
heap
page read and write
80054000
direct allocation
page read and write
D5EE8000
direct allocation
page read and write
23DAFADC000
heap
page read and write
23DAFF97000
heap
page read and write
23DAFAB3000
heap
page read and write
23DAFE17000
heap
page read and write
7E085FF000
stack
page read and write
23DB0042000
heap
page read and write
23DAFA48000
heap
page read and write
23DAE2D9000
heap
page read and write
23DAFE6B000
heap
page read and write
23DAE91F000
heap
page read and write
23DAED47000
heap
page read and write
66659000
unkown
page write copy
23DAFBCB000
heap
page read and write
23DAEC6A000
heap
page read and write
23DAFFDB000
heap
page read and write
D6CF8000
direct allocation
page read and write
6663F000
unkown
page write copy
23DAFB34000
heap
page read and write
7E088FE000
unkown
page read and write
23DAFE6B000
heap
page read and write
23DAE500000
heap
page read and write
D648F000
direct allocation
page read and write
190000
heap
page read and write
26EA1875000
direct allocation
page execute and read and write
23DAFF92000
heap
page read and write
23DAFA1E000
heap
page read and write
23DAFE33000
heap
page read and write
23DAFF2B000
heap
page read and write
23DAFC24000
heap
page read and write
23DAF9EE000
heap
page read and write
26EB5F0C000
heap
page read and write
23DAFB7C000
heap
page read and write
23DAFD63000
heap
page read and write
23DAFBB0000
heap
page read and write
D6153000
direct allocation
page read and write
1C6000
heap
page read and write
66632000
unkown
page read and write
D6507000
direct allocation
page read and write
D5580000
direct allocation
page read and write
D5FEA000
direct allocation
page read and write
23DAE95A000
heap
page read and write
23DAF9A5000
heap
page read and write
23DAF961000
heap
page read and write
23DAFF5C000
heap
page read and write
23DB0004000
heap
page read and write
66697000
unkown
page read and write
23DAFAA3000
heap
page read and write
23DAFAAA000
heap
page read and write
23DAFFDB000
heap
page read and write
D598A000
direct allocation
page read and write
23DAFB13000
heap
page read and write
23DAFD86000
heap
page read and write
23DAFFBF000
heap
page read and write
26EB67A8000
heap
page read and write
D573D000
direct allocation
page read and write
23DAE979000
heap
page read and write
23DAE74D000
heap
page read and write
23DAFBCB000
heap
page read and write
23DAFABC000
heap
page read and write
7FFE14631000
unkown
page execute read
7FFE1328F000
unkown
page read and write
23DAFCDD000
heap
page read and write
23DAFBF8000
heap
page read and write
23DAFBC7000
heap
page read and write
23DAFA48000
heap
page read and write
23DAFA60000
heap
page read and write
23DAFB2D000
heap
page read and write
2E5F000
stack
page read and write
23DAED4F000
heap
page read and write
7FF7C1DEF000
unkown
page write copy
23DAEDB2000
heap
page read and write
6669A000
unkown
page read and write
23DB0042000
heap
page read and write
D5702000
direct allocation
page read and write
23DAFA80000
heap
page read and write
23DAFCBD000
heap
page read and write
D6097000
direct allocation
page read and write
23DAE8D1000
heap
page read and write
26EA196A000
direct allocation
page execute and read and write
26EA00C0000
heap
page read and write
23DAFB37000
heap
page read and write
7FFE126F5000
unkown
page read and write
26EB56F0000
direct allocation
page read and write
23DAFFDB000
heap
page read and write
23DAFAAA000
heap
page read and write
26EB675A000
heap
page read and write
D61B8000
direct allocation
page read and write
23DAE340000
heap
page read and write
23DAFA1B000
heap
page read and write
23DAFBB0000
heap
page read and write
23DAFADB000
heap
page read and write
D64F2000
direct allocation
page read and write
23DAFB40000
heap
page read and write
23DAFADB000
heap
page read and write
23DAFFD3000
heap
page read and write
23DAE969000
heap
page read and write
23DAFFAA000
heap
page read and write
23DAFA26000
heap
page read and write
23DAFAAA000
heap
page read and write
26EB67BE000
heap
page read and write
23DAFBC7000
heap
page read and write
23DAFD86000
heap
page read and write
D615E000
direct allocation
page read and write
D55A4000
direct allocation
page read and write
23DAFE23000
heap
page read and write
23DAFFAA000
heap
page read and write
23DAE6BB000
heap
page read and write
23DAE841000
heap
page read and write
23DAE860000
heap
page read and write
23DAFABC000
heap
page read and write
66676000
unkown
page read and write
23DB0106000
heap
page read and write
6664F000
unkown
page read and write
6663A000
unkown
page write copy
2B9E000
heap
page read and write
23DAFC44000
heap
page read and write
23DAFF2C000
heap
page read and write
23DAFD68000
heap
page read and write
23DAFBF5000
heap
page read and write
23DAFD19000
heap
page read and write
23DAFAA3000
heap
page read and write
26EB67CF000
heap
page read and write
23DAFD84000
heap
page read and write
100000
heap
page read and write
23DAF9C6000
heap
page read and write
D5626000
direct allocation
page read and write
23DAFB13000
heap
page read and write
66632000
unkown
page read and write
23DAFE87000
heap
page read and write
23DAFCBD000
heap
page read and write
23DAFA88000
heap
page read and write
D65B2000
direct allocation
page read and write
D56EF000
direct allocation
page read and write
23DAEC53000
heap
page read and write
23DAFA48000
heap
page read and write
23DAE881000
heap
page read and write
D55AC000
direct allocation
page read and write
23DAE707000
heap
page read and write
23DAF93B000
heap
page read and write
23DAFBEC000
heap
page read and write
23DAFBBC000
heap
page read and write
23DAE927000
heap
page read and write
23DAE8E8000
heap
page read and write
7FFE13299000
unkown
page readonly
23DAE72D000
heap
page read and write
A58000
heap
page read and write
7FFE14645000
unkown
page readonly
23DACE16000
heap
page read and write
80085000
direct allocation
page read and write
66652000
unkown
page read and write
23DAECA4000
heap
page read and write
7E07EFC000
stack
page read and write
23DAFB3E000
heap
page read and write
2BA1000
heap
page read and write
23DAFC04000
heap
page read and write
23DAE703000
heap
page read and write
7E07FFF000
stack
page read and write
D6C95000
direct allocation
page read and write
23DAFF92000
heap
page read and write
23DAFC9E000
heap
page read and write
26EB5EF6000
heap
page read and write
26EB5FF6000
heap
page read and write
23DAFA48000
heap
page read and write
23DAFA69000
heap
page read and write
23DAFADB000
heap
page read and write
D5FEC000
direct allocation
page read and write
23DAFB8C000
heap
page read and write
23DAFAAA000
heap
page read and write
23DAF958000
heap
page read and write
23DAFB37000
heap
page read and write
23DAFB7C000
heap
page read and write
23DB0AF2000
heap
page read and write
23DAE71E000
heap
page read and write
23DAFFDB000
heap
page read and write
23DAFBF8000
heap
page read and write
23DAFD0C000
heap
page read and write
23DAFB2A000
heap
page read and write
23DAEC93000
heap
page read and write
23DAF9C7000
heap
page read and write
D5BC0000
direct allocation
page read and write
23DAEC83000
heap
page read and write
23DAFB9A000
heap
page read and write
23DAFC44000
heap
page read and write
23DAFABC000
heap
page read and write
23DAFA72000
heap
page read and write
D5743000
direct allocation
page read and write
D5E8C000
direct allocation
page read and write
23DAFB13000
heap
page read and write
23DAE6F4000
heap
page read and write
23DAFF4E000
heap
page read and write
23DAFF65000
heap
page read and write
23DAFA60000
heap
page read and write
26EA1977000
direct allocation
page execute and read and write
23DAFD19000
heap
page read and write
23DAE531000
heap
page read and write
23DAF9EE000
heap
page read and write
23DAFE31000
heap
page read and write
26EB5F30000
heap
page read and write
23DB012B000
heap
page read and write
23DAFE87000
heap
page read and write
23DAE902000
heap
page read and write
D6DCA000
direct allocation
page read and write
23D94B88000
heap
page read and write
D55F6000
direct allocation
page read and write
23DAFA79000
heap
page read and write
23DAFB2A000
heap
page read and write
66656000
unkown
page read and write
66692000
unkown
page read and write
6669A000
unkown
page read and write
23DAFF4E000
heap
page read and write
23DAFE6B000
heap
page read and write
6663F000
unkown
page write copy
23DAFBEC000
heap
page read and write
23DAFA48000
heap
page read and write
66637000
unkown
page read and write
23DAFA60000
heap
page read and write
D5C80000
direct allocation
page read and write
23DAFD78000
heap
page read and write
D6ECE000
direct allocation
page read and write
80068000
direct allocation
page read and write
23DAFF2B000
heap
page read and write
23DB0AF4000
heap
page read and write
23DAE581000
heap
page read and write
23DAFABC000
heap
page read and write
1D0000
heap
page read and write
23DAE712000
heap
page read and write
23DAEC53000
heap
page read and write
23DAFBB8000
heap
page read and write
23DAE871000
heap
page read and write
23DAFE23000
heap
page read and write
23DAFC44000
heap
page read and write
23DAE317000
heap
page read and write
23DAF983000
heap
page read and write
A84000
heap
page read and write
23DAE891000
heap
page read and write
23DAFE0B000
heap
page read and write
23DAFF65000
heap
page read and write
23DAE6E3000
heap
page read and write
23DAE753000
heap
page read and write
23DAE713000
heap
page read and write
23DAFAAB000
heap
page read and write
23DAFD7D000
heap
page read and write
7FF7C1E02000
unkown
page readonly
23DAFBB0000
heap
page read and write
7FFE1463D000
unkown
page readonly
23DAEDD1000
heap
page read and write
23DAFC1C000
heap
page read and write
23DB0133000
heap
page read and write
26EB5F65000
heap
page read and write
23DAFA3F000
heap
page read and write
23DAFC4C000
heap
page read and write
23DAFD7D000
heap
page read and write
7FF650EF1000
unkown
page execute read
7FFE1A46C000
unkown
page read and write
23DB0042000
heap
page read and write
23DAEA3D000
heap
page read and write
23DAFAF0000
heap
page read and write
23DAFB04000
heap
page read and write
80145000
direct allocation
page read and write
23DAEA43000
heap
page read and write
D6DBA000
direct allocation
page read and write
7FFE1A4CD000
unkown
page readonly
23DAED15000
heap
page read and write
23DAF9EE000
heap
page read and write
D5707000
direct allocation
page read and write
D5A91000
direct allocation
page read and write
23DAFADC000
heap
page read and write
23DAFC1C000
heap
page read and write
23DAF951000
heap
page read and write
80117000
direct allocation
page read and write
23DAECFF000
heap
page read and write
23DAFD7D000
heap
page read and write
23DAFBB8000
heap
page read and write
26EB6777000
heap
page read and write
D5588000
direct allocation
page read and write
23DAF999000
heap
page read and write
D570C000
direct allocation
page read and write
23DAFC44000
heap
page read and write
65EC1000
unkown
page execute read
23DAE747000
heap
page read and write
6662E000
unkown
page read and write
23DAFA07000
heap
page read and write
23DAF9C6000
heap
page read and write
23DAFD84000
heap
page read and write
23DAFF97000
heap
page read and write
7FF650EF0000
unkown
page readonly
7FFE1A461000
unkown
page execute read
D6A98000
direct allocation
page read and write
23DAEC63000
heap
page read and write
23D94B8E000
heap
page read and write
7FF7C1D50000
unkown
page readonly
7FFE13293000
unkown
page readonly
1B0000
heap
page read and write
23DAFD2B000
heap
page read and write
D5EE1000
direct allocation
page read and write
23DAFA79000
heap
page read and write
26EB67B0000
heap
page read and write
D6323000
direct allocation
page read and write
7FFE126EA000
unkown
page readonly
23DAFAF0000
heap
page read and write
66676000
unkown
page read and write
23DAFECB000
heap
page read and write
23DAED51000
heap
page read and write
23DAED52000
heap
page read and write
D5716000
direct allocation
page read and write
23DAFC9D000
heap
page read and write
23DAFFCC000
heap
page read and write
23DAFE17000
heap
page read and write
23DAFA1F000
heap
page read and write
23DAFBFC000
heap
page read and write
23DAFA88000
heap
page read and write
26EA0020000
unkown
page read and write
23DAFF2B000
heap
page read and write
D69EC000
direct allocation
page read and write
23DAFB40000
heap
page read and write
23DAFFBF000
heap
page read and write
23DAEC9B000
heap
page read and write
23DAFD88000
heap
page read and write
23DAFBC0000
heap
page read and write
23DAFE17000
heap
page read and write
23DAFFBF000
heap
page read and write
23DAFB08000
heap
page read and write
D6022000
direct allocation
page read and write
23DAFA26000
heap
page read and write
23D94B43000
heap
page read and write
6669F000
unkown
page read and write
66652000
unkown
page read and write
D56F9000
direct allocation
page read and write
6663D000
unkown
page read and write
23DAFA46000
heap
page read and write
23DAFC6D000
heap
page read and write
23DAFF97000
heap
page read and write
23DAFACD000
heap
page read and write
23DAFE33000
heap
page read and write
23DAE90A000
heap
page read and write
23DAEAB0000
heap
page read and write
23DAFC4E000
heap
page read and write
23DAFABC000
heap
page read and write
80000000
direct allocation
page read and write
23DAF9F6000
heap
page read and write
23DAFA75000
heap
page read and write
23DAED0E000
heap
page read and write
7FFE126F7000
unkown
page readonly
11EE000
stack
page read and write
23DB0133000
heap
page read and write
23DAFD86000
heap
page read and write
2B9F000
heap
page read and write
23DAFBC7000
heap
page read and write
23D94B78000
heap
page read and write
80099000
direct allocation
page read and write
23DAEAB5000
heap
page read and write
23DAE902000
heap
page read and write
23DB0042000
heap
page read and write
23DAFECB000
heap
page read and write
66635000
unkown
page write copy
23DAFBC6000
heap
page read and write
26E9FFB0000
heap
page read and write
23DAFA1E000
heap
page read and write
23DAEC87000
heap
page read and write
23DAFABC000
heap
page read and write
D6039000
direct allocation
page read and write
23DAED5F000
heap
page read and write
7FFE13201000
unkown
page execute read
23DAFC1C000
heap
page read and write
D59FC000
direct allocation
page read and write
23DAEDC1000
heap
page read and write
23DAFE0B000
heap
page read and write
23DAF9EE000
heap
page read and write
23DAFBB9000
heap
page read and write
23DAFD61000
heap
page read and write
23DAFA06000
heap
page read and write
D562D000
direct allocation
page read and write
23DAFAF0000
heap
page read and write
23DAFF65000
heap
page read and write
23DAFD86000
heap
page read and write
D6980000
direct allocation
page read and write
23DAE850000
heap
page read and write
23DB0136000
heap
page read and write
7FF650F1E000
unkown
page readonly
23DAFD82000
heap
page read and write
23DAFA26000
heap
page read and write
A50000
heap
page read and write
23DAFB37000
heap
page read and write
23DAFC6D000
heap
page read and write
23DAFFAA000
heap
page read and write
23DAED56000
heap
page read and write
23DAFFAA000
heap
page read and write
23DAED8F000
heap
page read and write
23DAE531000
heap
page read and write
23DAED60000
heap
page read and write
7FFE13291000
unkown
page read and write
D59E3000
direct allocation
page read and write
23DAFC91000
heap
page read and write
23DAE234000
heap
page read and write
23DAFEF1000
heap
page read and write
7FFE126D0000
unkown
page readonly
23DAFB3E000
heap
page read and write
23DAFE0B000
heap
page read and write
7FFE1A4C1000
unkown
page execute read
D6199000
direct allocation
page read and write
23DAFE17000
heap
page read and write
23DAECF5000
heap
page read and write
65EC1000
unkown
page execute read
23DAFE6B000
heap
page read and write
66633000
unkown
page write copy
23DAE3E7000
heap
page read and write
23DAFE23000
heap
page read and write
23DAEC9B000
heap
page read and write
23DAFF34000
heap
page read and write
23DAFFD6000
heap
page read and write
23DAFB40000
heap
page read and write
23DAFB13000
heap
page read and write
23DAFB2A000
heap
page read and write
23DAFF53000
heap
page read and write
23DAEDD1000
heap
page read and write
23DB012C000
heap
page read and write
23DAFC6D000
heap
page read and write
23DAFD7D000
heap
page read and write
D6392000
direct allocation
page read and write
23DAE2A1000
heap
page read and write
D65FB000
direct allocation
page read and write
D6CCE000
direct allocation
page read and write
23DAFC45000
heap
page read and write
23DAEDB5000
heap
page read and write
23DAFB44000
heap
page read and write
23DAED5F000
heap
page read and write
23DAFB3E000
heap
page read and write
23DAFF92000
heap
page read and write
23DAFA90000
heap
page read and write
23DAE8A9000
heap
page read and write
23DAFD6F000
heap
page read and write
23DAFA26000
heap
page read and write
23DAEDAA000
heap
page read and write
23DAFA72000
heap
page read and write
23DAE748000
heap
page read and write
23DAFD0C000
heap
page read and write
23DAE8BE000
heap
page read and write
23DAFA60000
heap
page read and write
D6DA0000
direct allocation
page read and write
23D94B9B000
heap
page read and write
23DAFC04000
heap
page read and write
2BA1000
heap
page read and write
23DAFD88000
heap
page read and write
23DAFA3E000
heap
page read and write
7FF650F32000
unkown
page readonly
26EB5F4C000
heap
page read and write
23DAEDCA000
heap
page read and write
23DAEA3D000
heap
page read and write
26E9FF90000
heap
page read and write
66630000
unkown
page write copy
23DAFBC0000
heap
page read and write
D569D000
direct allocation
page read and write
23DAFAF0000
heap
page read and write
26EB6749000
heap
page read and write
D69F0000
direct allocation
page read and write
D5F54000
direct allocation
page read and write
23DAFE93000
heap
page read and write
23DAEA08000
heap
page read and write
66654000
unkown
page write copy
23DAEA1B000
heap
page read and write
80115000
direct allocation
page read and write
7FF7C1DBB000
unkown
page readonly
23DAEC83000
heap
page read and write
23DAEC89000
heap
page read and write
23DAFD86000
heap
page read and write
A0E000
stack
page read and write
23DAFB40000
heap
page read and write
23DAFA79000
heap
page read and write
23DAFC1C000
heap
page read and write
6663D000
unkown
page read and write
26EA18B5000
direct allocation
page execute and read and write
D666C000
direct allocation
page read and write
23DAFE93000
heap
page read and write
23DAFF97000
heap
page read and write
23DAEA3D000
heap
page read and write
23DAFF03000
heap
page read and write
23DAFD86000
heap
page read and write
23D94B88000
heap
page read and write
23DAFA26000
heap
page read and write
23DAFA46000
heap
page read and write
23D94B84000
heap
page read and write
23DAFB13000
heap
page read and write
23DAEA08000
heap
page read and write
23DAFB3E000
heap
page read and write
23DAFFD6000
heap
page read and write
23DAFCE4000
heap
page read and write
80358000
direct allocation
page read and write
23DAFD19000
heap
page read and write
D6D0F000
direct allocation
page read and write
23DAFCEC000
heap
page read and write
23DAEA2A000
heap
page read and write
23DB021C000
heap
page read and write
23DB0106000
heap
page read and write
23DAFBFC000
heap
page read and write
23DAFCE2000
heap
page read and write
23DB0AFB000
heap
page read and write
D6EAF000
direct allocation
page read and write
23DAE972000
heap
page read and write
23DAFE5F000
heap
page read and write
26EA18C8000
direct allocation
page execute and read and write
D63FA000
direct allocation
page read and write
23DAFB08000
heap
page read and write
23DAFADC000
heap
page read and write
D5697000
direct allocation
page read and write
80126000
direct allocation
page read and write
23DAFC2D000
heap
page read and write
D6617000
direct allocation
page read and write
23DAE85B000
heap
page read and write
23DAF9A1000
heap
page read and write
23DAFCBD000
heap
page read and write
23DAF9F6000
heap
page read and write
23DAE913000
heap
page read and write
23DAFFBF000
heap
page read and write
23DAE531000
heap
page read and write
23DAFF65000
heap
page read and write
D5711000
direct allocation
page read and write
23DAFBC6000
heap
page read and write
23DAFB3B000
heap
page read and write
23DAFD86000
heap
page read and write
7E084FE000
stack
page read and write
23DAFE33000
heap
page read and write
26E9FEB0000
heap
page read and write
120B000
heap
page read and write
23DAE8E8000
heap
page read and write
26EA1870000
direct allocation
page execute and read and write
26EB676A000
heap
page read and write
D55B7000
direct allocation
page read and write
23DAFE31000
heap
page read and write
26E9FE7E000
heap
page read and write
23DAED50000
heap
page read and write
23DAFA1E000
heap
page read and write
23DAED15000
heap
page read and write
26E9FDA0000
heap
page read and write
23DAED06000
heap
page read and write
23DB0133000
heap
page read and write
2B60000
heap
page read and write
23DAE858000
heap
page read and write
23DAF9B7000
heap
page read and write
23DAE291000
heap
page read and write
7FF7C1E3C000
unkown
page readonly
23DAFB40000
heap
page read and write
23DAEDC2000
heap
page read and write
26EB66F0000
heap
page read and write
6662E000
unkown
page read and write
23DAFB40000
heap
page read and write
23DAE57F000
heap
page read and write
D6598000
direct allocation
page read and write
2B96000
heap
page read and write
23DAFFDB000
heap
page read and write
23DAFC91000
heap
page read and write
26EB677F000
heap
page read and write
23DAFA49000
heap
page read and write
80010000
direct allocation
page read and write
23DAFA17000
heap
page read and write
23DAFAA3000
heap
page read and write
23DAFBD5000
heap
page read and write
23DAFBEC000
heap
page read and write
D5EF0000
direct allocation
page read and write
23DB0133000
heap
page read and write
26E9FDE1000
heap
page read and write
26EB67C7000
heap
page read and write
23DAEAB0000
heap
page read and write
23DAE2E0000
heap
page read and write
23DAED5F000
heap
page read and write
23DAE828000
heap
page read and write
23DAFA90000
heap
page read and write
100000000
direct allocation
page read and write
23DAFA3E000
heap
page read and write
23DB0228000
heap
page read and write
23DAFA1B000
heap
page read and write
23DAF9C6000
heap
page read and write
23DAE479000
heap
page read and write
D6D90000
direct allocation
page read and write
23DAEC89000
heap
page read and write
66651000
unkown
page write copy
23DAED98000
heap
page read and write
23DAFABC000
heap
page read and write
23DAFE5F000
heap
page read and write
23DAFF65000
heap
page read and write
23DAFB37000
heap
page read and write
23DAFBE4000
heap
page read and write
23DAFB34000
heap
page read and write
7FFE1A468000
unkown
page readonly
23DAFADB000
heap
page read and write
D5724000
direct allocation
page read and write
23DAFECB000
heap
page read and write
7FF650F39000
unkown
page readonly
D55F3000
direct allocation
page read and write
23DAFBEC000
heap
page read and write
23DB01F4000
heap
page read and write
23DAFB2A000
heap
page read and write
23DAFA63000
heap
page read and write
D6035000
direct allocation
page read and write
D56FE000
direct allocation
page read and write
23DAFBF8000
heap
page read and write
23DAFB9A000
heap
page read and write
23DAE2A8000
heap
page read and write
23DAE9D2000
heap
page read and write
23DAECEE000
heap
page read and write
23DAFB2A000
heap
page read and write
23DAF9C6000
heap
page read and write
23DAF9AF000
heap
page read and write
23DAFCEC000
heap
page read and write
23DAFBFC000
heap
page read and write
23DAFA3E000
heap
page read and write
23DB0042000
heap
page read and write
7FF650EF1000
unkown
page execute read
8013D000
direct allocation
page read and write
23DAFBEC000
heap
page read and write
23DAFC1E000
heap
page read and write
23DAFB08000
heap
page read and write
23DAED9F000
heap
page read and write
23DB0106000
heap
page read and write
23DAE578000
heap
page read and write
There are 1067 hidden memdumps, click here to show them.