Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHzscd9uqT.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\.oracle_jre_usage\5d4b75c9d6330584.timestamp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hsperfdata_user\1668
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsmE787.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\COPYRIGHT
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\LICENSE
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\README.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\THIRDPARTYLICENSEREADME.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\Welcome.html
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JAWTAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JAWTAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JavaAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JavaAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\WindowsAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\WindowsAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\awt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\bci.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\client\Xusage.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\client\jvm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dcpr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\decora_sse.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\deploy.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dt_shmem.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dt_socket.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dtplugin\deployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dtplugin\npdeployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\eula.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\fontmanager.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\fxplugins.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\glass.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\glib-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\gstreamer-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\hprof.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\instrument.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\j2pcsc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\j2pkcs11.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jaas_nt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jabswitch.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java-rmi.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java_crw_demo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javacpl.cpl
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javacpl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_font.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_font_t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_iio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaws.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jawt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jdwp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfxmedia.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfxwebkit.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jjs.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jli.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2iexp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2launcher.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2native.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jpeg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsdt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsound.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsoundds.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\kcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\keytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\kinit.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\klist.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ktab.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\lcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\management.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\mlib_image.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcp120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\net.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\nio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\npt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\orbd.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\pack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\plugin2\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\plugin2\npjp2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\policytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_common.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_d3d.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_sw.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\resource.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\rmid.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\rmiregistry.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\servertool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\splashscreen.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ssvagent.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\sunec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\sunmscapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\tnameserv.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\unpack.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\unpack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\verify.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\w2k_lsa_auth.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\wsdetect.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\zip.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\accessibility.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\calendars.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\charsets.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\classlist
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\CIEXYZ.pf
|
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8
"XYZ to XYZ Identity Profile"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\GRAY.pf
|
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative
colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\LINEAR_RGB.pf
|
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\PYCC.pf
|
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo
YCC Print"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\sRGB.pf
|
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\content-types.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\currency.data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\ffjcext.zip
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_de.properties
|
ASCII text, with very long lines (1345), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_es.properties
|
ASCII text, with very long lines (1475), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_fr.properties
|
ASCII text, with very long lines (1575), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_it.properties
|
ASCII text, with very long lines (1392), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_ja.properties
|
ASCII text, with very long lines (2924), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_ko.properties
|
ASCII text, with very long lines (2601), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_pt_BR.properties
|
ASCII text, with very long lines (1319), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_sv.properties
|
ASCII text, with very long lines (1386), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_CN.properties
|
ASCII text, with very long lines (1857), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_HK.properties
|
ASCII text, with very long lines (1729), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_TW.properties
|
ASCII text, with very long lines (1729), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash@2x.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash_11-lic.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash_11@2x-lic.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\access-bridge-32.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\access-bridge.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\cldrdata.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\dnsns.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\jaccess.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\jfxrt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\localedata.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\nashorn.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunec.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunjce_provider.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunmscapi.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunpkcs11.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\zipfs.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\flavormap.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fontconfig.bfc
|
raw G3 (Group 3) FAX
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fontconfig.properties.src
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,422.Lucida
BrightDemiboldLucida Bright Dem
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightDemiItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc.Lucida BrightDemibold
ItalicLucida Bright Demibold Itali
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,773.Lucida
BrightItalicLucida Bright Itali
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightRegular.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,421.Lucida
BrightRegularLucida Bright Regu
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaSansDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 19 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc. Pat. Des.
289,420.Lucida SansDemiboldLucida Sa
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaSansRegular.ttf
|
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida
SansRegularLucida Sans Regu
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaTypewriterBold.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc.Lucida Sans
TypewriterBoldLucida Sans Typewrite
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaTypewriterRegular.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc.Lucida Sans TypewriterRegularLucida
Sans Typewriter R
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\hijrah-config-umalqura.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\i386\jvm.cfg
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\cursors.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\invalid32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_CopyDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_LinkDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_MoveDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\javafx.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\javaws.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jce.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr\default.jfc
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr\profile.jfc
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfxswt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jsse.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jvm.hprof.txt
|
Algol 68 source, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\logging.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management-agent.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\jmxremote.access
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\jmxremote.password.template
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\management.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\snmp.acl.template
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\net.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\plugin.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\psfont.properties.ja
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\psfontj2d.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\resources.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\rt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\US_export_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\blacklist
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\blacklisted.certs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\cacerts
|
Java KeyStore
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\java.policy
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\java.security
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\javaws.policy
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\local_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\sound.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\tzdb.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\tzmappings
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\release
|
ASCII text, with very long lines (427), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\asm-all.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\dn-compiled-module.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\dn-php-sdk.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\gson.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-app-framework.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-core.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-desktop-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-gui-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-json-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-runtime.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-xml-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-zend-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\jphp-zip-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\slf4j-api.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\slf4j-simple.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\lib\zt-zip.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\83aa4cc77f591dfc2374580bbd95f6ba_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
There are 210 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe
|
"C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\asm-all.jar;lib\dn-compiled-module.jar;lib\dn-php-sdk.jar;lib\gson.jar;lib\jphp-app-framework.jar;lib\jphp-core.jar;lib\jphp-desktop-ext.jar;lib\jphp-gui-ext.jar;lib\jphp-json-ext.jar;lib\jphp-runtime.jar;lib\jphp-xml-ext.jar;lib\jphp-zend-ext.jar;lib\jphp-zip-ext.jar;lib\slf4j-api.jar;lib\slf4j-simple.jar;lib\zt-zip.jar"
org.develnext.jphp.ext.javafx.FXLauncher
|
|
|
|
C:\Users\user\Desktop\DHzscd9uqT.exe
|
"C:\Users\user\Desktop\DHzscd9uqT.exe"
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://javafx.com/fxml/1
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalDTDR
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/augment-psvi
|
unknown
|
||
|
http://apache.org/xml/features/standard-uri-conformantD
|
unknown
|
||
|
http://apache.org/xml/properties/input-buffer-size
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
HTTP://WWW.CHAMBERSIGN.ORG
|
unknown
|
||
|
http://apache.org/xml/properties/internal/entity-manager
|
unknown
|
||
|
http://apache.org/xml/features/internal/parser-settings
|
unknown
|
||
|
http://apache.org/xml/features/dom/include-ignorable-whitespace
|
unknown
|
||
|
http://java.sun.com/xml/dom/properties/
|
unknown
|
||
|
http://apache.org/xml/properties/internal/stax-entity-resolver
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/vm/compiler/id
|
unknown
|
||
|
http://apache.org/xml/features/xinclude/fixup-base-uris
|
unknown
|
||
|
http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation
|
unknown
|
||
|
http://apache.org/xml/properties/internal/error-reporter
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema:
|
unknown
|
||
|
https://gist.github.com/maxd/63691840fc372f22f470.
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/java/monitor/address
|
unknown
|
||
|
http://apache.org/xml/features/include-comments
|
unknown
|
||
|
http://apache.org/xml/features/scanner/notify-char-refs
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXResult/feature#
|
unknown
|
||
|
http://apache.org/xml/properties/internal/symbol-table6
|
unknown
|
||
|
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace3
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
||
|
http://apache.org/xml/properties/dom/current-element-node7
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/ignore-external-dtd
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/ignore-external-dtd9
|
unknown
|
||
|
http://apache.org/xml/features/continue-after-fatal-error
|
unknown
|
||
|
http://apache.org/xml/features/scanner/notify-builtin-refsK
|
unknown
|
||
|
http://apache.org/xml/features/standard-uri-conformant
|
unknown
|
||
|
http://apache.org/xml/properties/internal/document-scanner
|
unknown
|
||
|
http://www.oracle.com/hotspot/jdk/
|
unknown
|
||
|
http://www.certplus.com/CRL/class2.crl
|
unknown
|
||
|
http://apache.org/xml/features/nonvalidating/load-external-dtd-A
|
unknown
|
||
|
http://bugreport.sun.com/bugreport/
|
unknown
|
||
|
http://xml.org/sax/features/string-interningr
|
unknown
|
||
|
http://java.oracle.com/
|
unknown
|
||
|
http://apache.org/xml/features/
|
unknown
|
||
|
http://apache.org/xml/features/generate-synthetic-annotations
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javaseproducts/C:
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://xml.org/sax/features/allow-dtd-events-after-endDTD
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html
|
unknown
|
||
|
http://www.certplus.com/CRL/class3P.crl
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/-
|
unknown
|
||
|
http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-only
|
unknown
|
||
|
http://xml.org/sax/features/string-interningfeature
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
http://apache.org/xml/properties/internal/namespace-binder
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/vm/gc/id
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://www.oracle.com/xml/is-standalone
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXTransformerFactory/feature
|
unknown
|
||
|
http://javafx.com/vp6decoderflvdemux
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalStylesheet
|
unknown
|
||
|
http://xml.org/sax/features/validation?
|
unknown
|
||
|
http://apache.org/xml/properties/security-manager
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javaseproducts/
|
unknown
|
||
|
http://java.sun.com/xml/dom/properties/ancestor-check
|
unknown
|
||
|
http://xml.apache.org/xslt
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/
|
unknown
|
||
|
http://javax.xml.transform.stax.StAXResult/feature
|
unknown
|
||
|
http://asm.objectweb.org
|
unknown
|
||
|
http://apache.org/xml/features/dom/include-ignorable-whitespace:
|
unknown
|
||
|
http://apache.org/xml/features/namespaces
|
unknown
|
||
|
http://apache.org/xml/properties/security-manager&
|
unknown
|
||
|
http://apache.org/xml/features/xinclude
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema-full-checking
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/
|
unknown
|
||
|
http://openjdk.java.net/jeps/220).
|
unknown
|
||
|
http://apache.org/xml/properties/internal/grammar-pool
|
unknown
|
||
|
http://apache.org/xml/properties/locale
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalSchemaD
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/reader-in-defined-state
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://trustcenter-crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl
|
unknown
|
||
|
http://apache.org/xml/features/allow-java-encodings
|
unknown
|
||
|
http://apache.org/xml/properties/internal/validator/dtdD
|
unknown
|
||
|
http://www.oracle.com/feature/use-service-mechanism
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalDTD
|
unknown
|
||
|
http://apache.org/xml/features/validation/warn-on-undeclared-elemdef3
|
unknown
|
||
|
http://apache.org/xml/xmlschema/1.0/anonymousTypes
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/normalized-value
|
unknown
|
||
|
http://apache.org/xml/features/xinclude/fixup-language
|
unknown
|
||
|
http://javax.xml.transform.dom.DOMSource/feature
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/report-cdata-event/
|
unknown
|
||
|
https://github.com/TsSaltan/DevelNext-jURL/releases/latest
|
unknown
|
||
|
http://www.quovadisglobal.com/cps
|
unknown
|
||
|
http://apache.org/xml/properties/dom/document-class-name
|
unknown
|
||
|
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace
|
unknown
|
||
|
http://apache.org/xml/properties/internal/symbol-table
|
unknown
|
||
|
http://apache.org/xml/properties/internal/error-handler=
|
unknown
|
||
|
http://www.quovadis.bm
|
unknown
|
||
|
http://apache.org/xml/features/xincludeC
|
unknown
|
||
|
http://xml.org/sax/properties/xml-string?
|
unknown
|
||
|
http://site.com/
|
unknown
|
||
|
http://apache.org/xml/properties/internal/dtd-processor7
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pastebin.com
|
104.20.3.235
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
507E000
|
direct allocation
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
AF7C000
|
direct allocation
|
page read and write
|
||
|
1183000
|
heap
|
page read and write
|
||
|
15260000
|
heap
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
1A842000
|
heap
|
page read and write
|
||
|
527B000
|
direct allocation
|
page read and write
|
||
|
198A0000
|
direct allocation
|
page read and write
|
||
|
598000
|
heap
|
page read and write
|
||
|
5D1000
|
heap
|
page read and write
|
||
|
6C68A000
|
unkown
|
page read and write
|
||
|
6B696000
|
unkown
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
529B000
|
direct allocation
|
page read and write
|
||
|
4EB7000
|
direct allocation
|
page read and write
|
||
|
508C000
|
direct allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
1A8D0000
|
direct allocation
|
page read and write
|
||
|
ADF7000
|
direct allocation
|
page read and write
|
||
|
16C7F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4EA0000
|
direct allocation
|
page read and write
|
||
|
6EA01000
|
unkown
|
page execute read
|
||
|
19DDE000
|
stack
|
page read and write
|
||
|
A41C000
|
direct allocation
|
page read and write
|
||
|
4E07000
|
direct allocation
|
page read and write
|
||
|
15911000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
4E58000
|
direct allocation
|
page read and write
|
||
|
15374000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
AF93000
|
direct allocation
|
page read and write
|
||
|
4F42000
|
direct allocation
|
page read and write
|
||
|
16C07000
|
heap
|
page read and write
|
||
|
4EAE000
|
direct allocation
|
page read and write
|
||
|
4E68000
|
direct allocation
|
page read and write
|
||
|
446000
|
unkown
|
page readonly
|
||
|
4EAA000
|
direct allocation
|
page read and write
|
||
|
626000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
52A4000
|
direct allocation
|
page read and write
|
||
|
4EFD000
|
direct allocation
|
page read and write
|
||
|
A3B5000
|
direct allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
4EE6000
|
direct allocation
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
154AE000
|
unkown
|
page read and write
|
||
|
15C13000
|
heap
|
page read and write
|
||
|
15287000
|
heap
|
page read and write
|
||
|
6C280000
|
unkown
|
page readonly
|
||
|
4F2D000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6C5C1000
|
unkown
|
page readonly
|
||
|
4F3C000
|
direct allocation
|
page read and write
|
||
|
6C28D000
|
unkown
|
page readonly
|
||
|
4EDF000
|
direct allocation
|
page read and write
|
||
|
AF5C000
|
direct allocation
|
page read and write
|
||
|
50AD000
|
direct allocation
|
page read and write
|
||
|
1118000
|
heap
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
B5C000
|
stack
|
page read and write
|
||
|
4E55000
|
direct allocation
|
page read and write
|
||
|
19CE8000
|
heap
|
page read and write
|
||
|
6C2C1000
|
unkown
|
page readonly
|
||
|
6C277000
|
unkown
|
page readonly
|
||
|
4E2D000
|
direct allocation
|
page read and write
|
||
|
5013000
|
direct allocation
|
page read and write
|
||
|
15B2A000
|
heap
|
page read and write
|
||
|
4F61000
|
direct allocation
|
page read and write
|
||
|
16350000
|
direct allocation
|
page read and write
|
||
|
4E49000
|
direct allocation
|
page read and write
|
||
|
4EDC000
|
direct allocation
|
page read and write
|
||
|
19EBD000
|
stack
|
page read and write
|
||
|
19C8F000
|
heap
|
page read and write
|
||
|
19CA1000
|
heap
|
page read and write
|
||
|
C28000
|
unkown
|
page readonly
|
||
|
AE18000
|
direct allocation
|
page read and write
|
||
|
A393000
|
direct allocation
|
page read and write
|
||
|
A386000
|
direct allocation
|
page read and write
|
||
|
A404000
|
direct allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
6C0F1000
|
unkown
|
page execute read
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
AF8B000
|
direct allocation
|
page read and write
|
||
|
1715B000
|
stack
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
1570E000
|
stack
|
page read and write
|
||
|
1B0D8000
|
direct allocation
|
page read and write
|
||
|
16C4B000
|
heap
|
page read and write
|
||
|
5239000
|
direct allocation
|
page read and write
|
||
|
11AA000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
15A44000
|
heap
|
page read and write
|
||
|
4E8A000
|
direct allocation
|
page read and write
|
||
|
1183000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
5274000
|
direct allocation
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
16C4B000
|
heap
|
page read and write
|
||
|
19C96000
|
heap
|
page read and write
|
||
|
4E7A000
|
direct allocation
|
page read and write
|
||
|
6B020000
|
unkown
|
page readonly
|
||
|
6B697000
|
unkown
|
page write copy
|
||
|
ADB4000
|
direct allocation
|
page read and write
|
||
|
1579E000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
5263000
|
direct allocation
|
page read and write
|
||
|
6B69D000
|
unkown
|
page read and write
|
||
|
6C65E000
|
unkown
|
page write copy
|
||
|
529E000
|
direct allocation
|
page read and write
|
||
|
1AAA0000
|
trusted library allocation
|
page read and write
|
||
|
6C6D0000
|
unkown
|
page readonly
|
||
|
16C5B000
|
heap
|
page read and write
|
||
|
6C784000
|
unkown
|
page read and write
|
||
|
6C2D0000
|
unkown
|
page readonly
|
||
|
4E83000
|
direct allocation
|
page read and write
|
||
|
19CA1000
|
heap
|
page read and write
|
||
|
6B5A1000
|
unkown
|
page execute read
|
||
|
A379000
|
direct allocation
|
page read and write
|
||
|
C28000
|
unkown
|
page readonly
|
||
|
6C174000
|
unkown
|
page write copy
|
||
|
4ED9000
|
direct allocation
|
page read and write
|
||
|
19FA0000
|
trusted library allocation
|
page read and write
|
||
|
5005000
|
direct allocation
|
page read and write
|
||
|
1A8BE000
|
stack
|
page read and write
|
||
|
171B0000
|
direct allocation
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
16C0F000
|
heap
|
page read and write
|
||
|
4EEA000
|
direct allocation
|
page read and write
|
||
|
6C2A3000
|
unkown
|
page readonly
|
||
|
6C287000
|
unkown
|
page readonly
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
4E1A000
|
direct allocation
|
page read and write
|
||
|
4EF7000
|
direct allocation
|
page read and write
|
||
|
52A1000
|
direct allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
15321000
|
heap
|
page read and write
|
||
|
ACF1000
|
direct allocation
|
page read and write
|
||
|
AE2E000
|
direct allocation
|
page read and write
|
||
|
6C290000
|
unkown
|
page readonly
|
||
|
1B090000
|
direct allocation
|
page read and write
|
||
|
6C10B000
|
unkown
|
page read and write
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
5247000
|
direct allocation
|
page read and write
|
||
|
6C655000
|
unkown
|
page read and write
|
||
|
AAAE000
|
direct allocation
|
page read and write
|
||
|
1587F000
|
unkown
|
page read and write
|
||
|
5236000
|
direct allocation
|
page read and write
|
||
|
4E61000
|
direct allocation
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
5257000
|
direct allocation
|
page read and write
|
||
|
52C3000
|
direct allocation
|
page read and write
|
||
|
A69B000
|
direct allocation
|
page read and write
|
||
|
500D000
|
direct allocation
|
page read and write
|
||
|
6C10C000
|
unkown
|
page readonly
|
||
|
6B900000
|
unkown
|
page readonly
|
||
|
4F3E000
|
direct allocation
|
page read and write
|
||
|
196A0000
|
heap
|
page read and write
|
||
|
16C58000
|
heap
|
page read and write
|
||
|
11AA000
|
heap
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page read and write
|
||
|
6C275000
|
unkown
|
page read and write
|
||
|
19C41000
|
heap
|
page read and write
|
||
|
4E5E000
|
direct allocation
|
page read and write
|
||
|
7F8C1000
|
trusted library allocation
|
page execute read
|
||
|
A897000
|
direct allocation
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
AF11000
|
direct allocation
|
page read and write
|
||
|
6C301000
|
unkown
|
page execute read
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
6B699000
|
unkown
|
page write copy
|
||
|
1A7F6000
|
heap
|
page read and write
|
||
|
1AF00000
|
direct allocation
|
page read and write
|
||
|
6B96F000
|
unkown
|
page readonly
|
||
|
2D3A000
|
direct allocation
|
page execute and read and write
|
||
|
1743C000
|
unkown
|
page read and write
|
||
|
19CA7000
|
heap
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
6C110000
|
unkown
|
page readonly
|
||
|
A3AD000
|
direct allocation
|
page read and write
|
||
|
A35B000
|
direct allocation
|
page read and write
|
||
|
A707000
|
direct allocation
|
page read and write
|
||
|
15B5A000
|
heap
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
4F0E000
|
direct allocation
|
page read and write
|
||
|
19C96000
|
heap
|
page read and write
|
||
|
16A13000
|
heap
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
157EE000
|
unkown
|
page read and write
|
||
|
19C4A000
|
heap
|
page read and write
|
||
|
19CE8000
|
heap
|
page read and write
|
||
|
50AF000
|
direct allocation
|
page read and write
|
||
|
A417000
|
direct allocation
|
page read and write
|
||
|
4E3A000
|
direct allocation
|
page read and write
|
||
|
1B0D0000
|
direct allocation
|
page read and write
|
||
|
117E000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
500A000
|
direct allocation
|
page read and write
|
||
|
16B70000
|
heap
|
page read and write
|
||
|
4ECE000
|
direct allocation
|
page read and write
|
||
|
16B00000
|
heap
|
page read and write
|
||
|
4E9D000
|
direct allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
A8CE000
|
direct allocation
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page read and write
|
||
|
AE26000
|
direct allocation
|
page read and write
|
||
|
29E5000
|
heap
|
page read and write
|
||
|
4F00000
|
direct allocation
|
page read and write
|
||
|
19C4A000
|
heap
|
page read and write
|
||
|
A36A000
|
direct allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6C2EC000
|
unkown
|
page read and write
|
||
|
19C92000
|
heap
|
page read and write
|
||
|
19F60000
|
trusted library allocation
|
page read and write
|
||
|
ADDC000
|
direct allocation
|
page read and write
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
19CE8000
|
heap
|
page read and write
|
||
|
4E03000
|
direct allocation
|
page read and write
|
||
|
2290000
|
heap
|
page read and write
|
||
|
19E6E000
|
stack
|
page read and write
|
||
|
5254000
|
direct allocation
|
page read and write
|
||
|
5298000
|
direct allocation
|
page read and write
|
||
|
15388000
|
heap
|
page read and write
|
||
|
4F03000
|
direct allocation
|
page read and write
|
||
|
6C65C000
|
unkown
|
page write copy
|
||
|
16C3D000
|
heap
|
page read and write
|
||
|
2DA2000
|
direct allocation
|
page execute and read and write
|
||
|
4E36000
|
direct allocation
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
16B50000
|
heap
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
52C9000
|
direct allocation
|
page read and write
|
||
|
1157000
|
heap
|
page read and write
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
19C98000
|
heap
|
page read and write
|
||
|
A761000
|
direct allocation
|
page read and write
|
||
|
4EEC000
|
direct allocation
|
page read and write
|
||
|
6C2B0000
|
unkown
|
page readonly
|
||
|
16BF0000
|
heap
|
page read and write
|
||
|
525D000
|
direct allocation
|
page read and write
|
||
|
15CD4000
|
heap
|
page read and write
|
||
|
5251000
|
direct allocation
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
AE3E000
|
direct allocation
|
page read and write
|
||
|
AF2E000
|
direct allocation
|
page read and write
|
||
|
6C300000
|
unkown
|
page readonly
|
||
|
AF19000
|
direct allocation
|
page read and write
|
||
|
19C3F000
|
heap
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1166000
|
heap
|
page read and write
|
||
|
4E0A000
|
direct allocation
|
page read and write
|
||
|
6B030000
|
unkown
|
page readonly
|
||
|
1180000
|
heap
|
page read and write
|
||
|
52D8000
|
direct allocation
|
page read and write
|
||
|
525A000
|
direct allocation
|
page read and write
|
||
|
2D02000
|
direct allocation
|
page execute and read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
AFA2000
|
direct allocation
|
page read and write
|
||
|
15CDB000
|
heap
|
page read and write
|
||
|
4F5B000
|
direct allocation
|
page read and write
|
||
|
1169000
|
heap
|
page read and write
|
||
|
AE38000
|
direct allocation
|
page read and write
|
||
|
11A9000
|
heap
|
page read and write
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
16C0B000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
19CA1000
|
heap
|
page read and write
|
||
|
159B4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
6C29D000
|
unkown
|
page readonly
|
||
|
1176000
|
heap
|
page read and write
|
||
|
A4BC000
|
direct allocation
|
page read and write
|
||
|
117C000
|
heap
|
page read and write
|
||
|
16B70000
|
heap
|
page read and write
|
||
|
6C281000
|
unkown
|
page execute read
|
||
|
4E8D000
|
direct allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
273C000
|
heap
|
page read and write
|
||
|
A3C2000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
ADA3000
|
direct allocation
|
page read and write
|
||
|
A9AB000
|
direct allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
16C72000
|
heap
|
page read and write
|
||
|
2BA7000
|
heap
|
page read and write
|
||
|
A3B2000
|
direct allocation
|
page read and write
|
||
|
6C667000
|
unkown
|
page read and write
|
||
|
6C179000
|
unkown
|
page readonly
|
||
|
AB89000
|
direct allocation
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
4EBB000
|
direct allocation
|
page read and write
|
||
|
15B08000
|
heap
|
page read and write
|
||
|
7F8C3000
|
trusted library allocation
|
page execute read
|
||
|
19C8F000
|
heap
|
page read and write
|
||
|
2D94000
|
direct allocation
|
page execute and read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
52AB000
|
direct allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
4E3D000
|
direct allocation
|
page read and write
|
||
|
4E33000
|
direct allocation
|
page read and write
|
||
|
16C3D000
|
heap
|
page read and write
|
||
|
6C65B000
|
unkown
|
page read and write
|
||
|
6C2B1000
|
unkown
|
page execute read
|
||
|
16AE0000
|
heap
|
page read and write
|
||
|
11F2000
|
heap
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
528F000
|
direct allocation
|
page read and write
|
||
|
1AA9D000
|
stack
|
page read and write
|
||
|
616000
|
stack
|
page read and write
|
||
|
16C07000
|
heap
|
page read and write
|
||
|
C1C000
|
unkown
|
page readonly
|
||
|
1A9CB000
|
direct allocation
|
page read and write
|
||
|
15E10000
|
direct allocation
|
page read and write
|
||
|
4F64000
|
direct allocation
|
page read and write
|
||
|
AF84000
|
direct allocation
|
page read and write
|
||
|
4F35000
|
direct allocation
|
page read and write
|
||
|
6B694000
|
unkown
|
page write copy
|
||
|
A9B3000
|
direct allocation
|
page read and write
|
||
|
524B000
|
direct allocation
|
page read and write
|
||
|
AB55000
|
direct allocation
|
page read and write
|
||
|
6C671000
|
unkown
|
page read and write
|
||
|
8A2000
|
heap
|
page read and write
|
||
|
AAA1000
|
direct allocation
|
page read and write
|
||
|
5278000
|
direct allocation
|
page read and write
|
||
|
6C272000
|
unkown
|
page write copy
|
||
|
95F000
|
stack
|
page read and write
|
||
|
6B021000
|
unkown
|
page execute read
|
||
|
2D52000
|
direct allocation
|
page execute and read and write
|
||
|
15A9C000
|
heap
|
page read and write
|
||
|
1AC72000
|
heap
|
page read and write
|
||
|
4E6E000
|
direct allocation
|
page read and write
|
||
|
19CA1000
|
heap
|
page read and write
|
||
|
16C3D000
|
heap
|
page read and write
|
||
|
4E65000
|
direct allocation
|
page read and write
|
||
|
15368000
|
heap
|
page read and write
|
||
|
1AC30000
|
heap
|
page read and write
|
||
|
1959E000
|
unkown
|
page read and write
|
||
|
16C9E000
|
heap
|
page read and write
|
||
|
4E1D000
|
direct allocation
|
page read and write
|
||
|
111B000
|
heap
|
page read and write
|
||
|
16920000
|
heap
|
page read and write
|
||
|
118C000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
119B000
|
heap
|
page read and write
|
||
|
16C0F000
|
heap
|
page read and write
|
||
|
6C651000
|
unkown
|
page read and write
|
||
|
521E000
|
direct allocation
|
page read and write
|
||
|
6B951000
|
unkown
|
page execute read
|
||
|
6C2EE000
|
unkown
|
page readonly
|
||
|
16C0F000
|
heap
|
page read and write
|
||
|
14E00000
|
direct allocation
|
page read and write
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
4F52000
|
direct allocation
|
page read and write
|
||
|
4EC3000
|
direct allocation
|
page read and write
|
||
|
116C000
|
heap
|
page read and write
|
||
|
4E9A000
|
direct allocation
|
page read and write
|
||
|
1743A000
|
unkown
|
page read and write
|
||
|
A366000
|
direct allocation
|
page read and write
|
||
|
A3C7000
|
direct allocation
|
page read and write
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
6C191000
|
unkown
|
page execute read
|
||
|
52B9000
|
direct allocation
|
page read and write
|
||
|
1B03E000
|
stack
|
page read and write
|
||
|
4F07000
|
direct allocation
|
page read and write
|
||
|
A37B000
|
direct allocation
|
page read and write
|
||
|
16C86000
|
heap
|
page read and write
|
||
|
5260000
|
direct allocation
|
page read and write
|
||
|
15D10000
|
direct allocation
|
page read and write
|
||
|
4E46000
|
direct allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
1AA00000
|
trusted library allocation
|
page read and write
|
||
|
A4D7000
|
direct allocation
|
page read and write
|
||
|
16B67000
|
heap
|
page read and write
|
||
|
5221000
|
direct allocation
|
page read and write
|
||
|
15F10000
|
direct allocation
|
page read and write
|
||
|
1ACAD000
|
heap
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
6C190000
|
unkown
|
page readonly
|
||
|
4EB2000
|
direct allocation
|
page read and write
|
||
|
16C0F000
|
heap
|
page read and write
|
||
|
A350000
|
direct allocation
|
page read and write
|
||
|
11D7000
|
heap
|
page read and write
|
||
|
1AD13000
|
heap
|
page read and write
|
||
|
523C000
|
direct allocation
|
page read and write
|
||
|
1599F000
|
heap
|
page read and write
|
||
|
6C691000
|
unkown
|
page readonly
|
||
|
19C3C000
|
heap
|
page read and write
|
||
|
15B79000
|
heap
|
page read and write
|
||
|
5289000
|
direct allocation
|
page read and write
|
||
|
15B08000
|
heap
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
1ACB0000
|
heap
|
page read and write
|
||
|
15B71000
|
heap
|
page read and write
|
||
|
16C4B000
|
heap
|
page read and write
|
||
|
4EA6000
|
direct allocation
|
page read and write
|
||
|
6C786000
|
unkown
|
page write copy
|
||
|
2A80000
|
direct allocation
|
page read and write
|
||
|
1A9D0000
|
trusted library allocation
|
page read and write
|
||
|
5082000
|
direct allocation
|
page read and write
|
||
|
A5DA000
|
direct allocation
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
C01000
|
unkown
|
page execute read
|
||
|
116B000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
501C000
|
direct allocation
|
page read and write
|
||
|
16790000
|
direct allocation
|
page read and write
|
||
|
4EE3000
|
direct allocation
|
page read and write
|
||
|
A3A3000
|
direct allocation
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
16690000
|
direct allocation
|
page read and write
|
||
|
535000
|
heap
|
page read and write
|
||
|
16C51000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
119B000
|
heap
|
page read and write
|
||
|
6B024000
|
unkown
|
page readonly
|
||
|
19C3C000
|
heap
|
page read and write
|
||
|
6EA00000
|
unkown
|
page readonly
|
||
|
4F46000
|
direct allocation
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
6C0FA000
|
unkown
|
page readonly
|
||
|
4EF0000
|
direct allocation
|
page read and write
|
||
|
19C97000
|
heap
|
page read and write
|
||
|
11F2000
|
heap
|
page read and write
|
||
|
4F5E000
|
direct allocation
|
page read and write
|
||
|
15AF4000
|
heap
|
page read and write
|
||
|
1AA4E000
|
stack
|
page read and write
|
||
|
19C4A000
|
heap
|
page read and write
|
||
|
ADC9000
|
direct allocation
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
5231000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
52B6000
|
direct allocation
|
page read and write
|
||
|
19C41000
|
heap
|
page read and write
|
||
|
52CF000
|
direct allocation
|
page read and write
|
||
|
1169000
|
heap
|
page read and write
|
||
|
A632000
|
direct allocation
|
page read and write
|
||
|
2D4A000
|
direct allocation
|
page execute and read and write
|
||
|
4F18000
|
direct allocation
|
page read and write
|
||
|
2D9B000
|
direct allocation
|
page execute and read and write
|
||
|
1176000
|
heap
|
page read and write
|
||
|
169FC000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
52CC000
|
direct allocation
|
page read and write
|
||
|
16A05000
|
heap
|
page read and write
|
||
|
523F000
|
direct allocation
|
page read and write
|
||
|
4F27000
|
direct allocation
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
A4AD000
|
direct allocation
|
page read and write
|
||
|
A7A4000
|
direct allocation
|
page read and write
|
||
|
15B2A000
|
heap
|
page read and write
|
||
|
A7EC000
|
direct allocation
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
AE1F000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page execute and read and write
|
||
|
5266000
|
direct allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
A636000
|
direct allocation
|
page read and write
|
||
|
19C96000
|
heap
|
page read and write
|
||
|
6C676000
|
unkown
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
6C291000
|
unkown
|
page execute read
|
||
|
15072000
|
direct allocation
|
page read and write
|
||
|
7F8C5000
|
trusted library allocation
|
page execute read
|
||
|
4F4B000
|
direct allocation
|
page read and write
|
||
|
16C07000
|
heap
|
page read and write
|
||
|
6B90E000
|
unkown
|
page read and write
|
||
|
1A873000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page read and write
|
||
|
16C9D000
|
heap
|
page read and write
|
||
|
52BE000
|
direct allocation
|
page read and write
|
||
|
6C2A2000
|
unkown
|
page read and write
|
||
|
19C8F000
|
heap
|
page read and write
|
||
|
4D00000
|
direct allocation
|
page read and write
|
||
|
A6FD000
|
direct allocation
|
page read and write
|
||
|
526C000
|
direct allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
19CE8000
|
heap
|
page read and write
|
||
|
154EE000
|
stack
|
page read and write
|
||
|
6C66B000
|
unkown
|
page write copy
|
||
|
6C65D000
|
unkown
|
page read and write
|
||
|
4EB5000
|
direct allocation
|
page read and write
|
||
|
ADBA000
|
direct allocation
|
page read and write
|
||
|
173EC000
|
stack
|
page read and write
|
||
|
16B2F000
|
heap
|
page read and write
|
||
|
4E23000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
6B950000
|
unkown
|
page readonly
|
||
|
4E87000
|
direct allocation
|
page read and write
|
||
|
6B031000
|
unkown
|
page execute read
|
||
|
153A5000
|
heap
|
page read and write
|
||
|
52A7000
|
direct allocation
|
page read and write
|
||
|
1553E000
|
unkown
|
page read and write
|
||
|
50B4000
|
direct allocation
|
page read and write
|
||
|
15A9C000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
4E7D000
|
direct allocation
|
page read and write
|
||
|
4F11000
|
direct allocation
|
page read and write
|
||
|
119E000
|
heap
|
page read and write
|
||
|
19F50000
|
trusted library allocation
|
page read and write
|
||
|
15264000
|
heap
|
page read and write
|
||
|
6C0F0000
|
unkown
|
page readonly
|
||
|
4EC6000
|
direct allocation
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15B69000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
CA6000
|
heap
|
page read and write
|
||
|
AE04000
|
direct allocation
|
page read and write
|
||
|
A3BA000
|
direct allocation
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
7F8C2000
|
trusted library allocation
|
page readonly
|
||
|
197A0000
|
direct allocation
|
page read and write
|
||
|
4E52000
|
direct allocation
|
page read and write
|
||
|
502E000
|
direct allocation
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
1176000
|
heap
|
page read and write
|
||
|
15B79000
|
heap
|
page read and write
|
||
|
15315000
|
heap
|
page read and write
|
||
|
6C659000
|
unkown
|
page write copy
|
||
|
29B0000
|
unkown
|
page read and write
|
||
|
7F8C4000
|
trusted library allocation
|
page readonly
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2B13000
|
heap
|
page read and write
|
||
|
AF9C000
|
direct allocation
|
page read and write
|
||
|
1174000
|
heap
|
page read and write
|
||
|
19C3F000
|
heap
|
page read and write
|
||
|
6B043000
|
unkown
|
page readonly
|
||
|
6B5A0000
|
unkown
|
page readonly
|
||
|
521A000
|
direct allocation
|
page read and write
|
||
|
1A927000
|
direct allocation
|
page read and write
|
||
|
15B69000
|
heap
|
page read and write
|
||
|
1183000
|
heap
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page read and write
|
||
|
173A0000
|
heap
|
page read and write
|
||
|
4F32000
|
direct allocation
|
page read and write
|
||
|
526F000
|
direct allocation
|
page read and write
|
||
|
413000
|
unkown
|
page write copy
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
1209000
|
heap
|
page read and write
|
||
|
19C94000
|
heap
|
page read and write
|
||
|
5286000
|
direct allocation
|
page read and write
|
||
|
4E4E000
|
direct allocation
|
page read and write
|
||
|
5295000
|
direct allocation
|
page read and write
|
||
|
4E11000
|
direct allocation
|
page read and write
|
||
|
ADD0000
|
direct allocation
|
page read and write
|
||
|
6EA09000
|
unkown
|
page read and write
|
||
|
16B70000
|
heap
|
page read and write
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
19C8F000
|
heap
|
page read and write
|
||
|
4E4B000
|
direct allocation
|
page read and write
|
||
|
1954E000
|
stack
|
page read and write
|
||
|
4ECA000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
119B000
|
heap
|
page read and write
|
||
|
4F2A000
|
direct allocation
|
page read and write
|
||
|
52C6000
|
direct allocation
|
page read and write
|
||
|
4FA4000
|
direct allocation
|
page read and write
|
||
|
19F40000
|
trusted library allocation
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
1ACE1000
|
heap
|
page read and write
|
||
|
6B69A000
|
unkown
|
page read and write
|
||
|
4E42000
|
direct allocation
|
page read and write
|
||
|
6C26F000
|
unkown
|
page read and write
|
||
|
4E14000
|
direct allocation
|
page read and write
|
||
|
117D000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
527E000
|
direct allocation
|
page read and write
|
||
|
16C4B000
|
heap
|
page read and write
|
||
|
6C276000
|
unkown
|
page write copy
|
||
|
427000
|
unkown
|
page read and write
|
||
|
C24000
|
unkown
|
page read and write
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
4F58000
|
direct allocation
|
page read and write
|
||
|
AF35000
|
direct allocation
|
page read and write
|
||
|
6B97A000
|
unkown
|
page read and write
|
||
|
11AC000
|
heap
|
page read and write
|
||
|
1AFFB000
|
direct allocation
|
page read and write
|
||
|
4E77000
|
direct allocation
|
page read and write
|
||
|
AF99000
|
direct allocation
|
page read and write
|
||
|
4F1E000
|
direct allocation
|
page read and write
|
||
|
AF1F000
|
direct allocation
|
page read and write
|
||
|
1A7B0000
|
heap
|
page read and write
|
||
|
19C3D000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
16590000
|
direct allocation
|
page read and write
|
||
|
19C3F000
|
heap
|
page read and write
|
||
|
4E29000
|
direct allocation
|
page read and write
|
||
|
4E93000
|
direct allocation
|
page read and write
|
||
|
6B901000
|
unkown
|
page execute read
|
||
|
ADC3000
|
direct allocation
|
page read and write
|
||
|
1535B000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
4E0D000
|
direct allocation
|
page read and write
|
||
|
6C653000
|
unkown
|
page write copy
|
||
|
AE34000
|
direct allocation
|
page read and write
|
||
|
16AC0000
|
heap
|
page read and write
|
||
|
4F4F000
|
direct allocation
|
page read and write
|
||
|
195A0000
|
direct allocation
|
page read and write
|
||
|
16B67000
|
heap
|
page read and write
|
||
|
11F2000
|
heap
|
page read and write
|
||
|
1A9E0000
|
trusted library allocation
|
page read and write
|
||
|
4EFA000
|
direct allocation
|
page read and write
|
||
|
6C2E3000
|
unkown
|
page readonly
|
||
|
4F1B000
|
direct allocation
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
171A6000
|
unkown
|
page read and write
|
||
|
AF28000
|
direct allocation
|
page read and write
|
||
|
6C175000
|
unkown
|
page read and write
|
||
|
1A838000
|
heap
|
page read and write
|
||
|
4EA3000
|
direct allocation
|
page read and write
|
||
|
4E96000
|
direct allocation
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
15910000
|
heap
|
page read and write
|
||
|
4F39000
|
direct allocation
|
page read and write
|
||
|
6B04C000
|
unkown
|
page read and write
|
||
|
5269000
|
direct allocation
|
page read and write
|
||
|
A8CB000
|
direct allocation
|
page read and write
|
||
|
1B08F000
|
stack
|
page read and write
|
||
|
2D42000
|
direct allocation
|
page execute and read and write
|
||
|
4E6B000
|
direct allocation
|
page read and write
|
||
|
15AF4000
|
heap
|
page read and write
|
||
|
1A9F0000
|
trusted library allocation
|
page read and write
|
||
|
52B1000
|
direct allocation
|
page read and write
|
||
|
1A9F0000
|
trusted library allocation
|
page read and write
|
||
|
A381000
|
direct allocation
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
116F000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
19C37000
|
heap
|
page read and write
|
||
|
118C000
|
heap
|
page read and write
|
||
|
16C3D000
|
heap
|
page read and write
|
||
|
4E17000
|
direct allocation
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
6EA06000
|
unkown
|
page readonly
|
||
|
A40A000
|
direct allocation
|
page read and write
|
||
|
6C111000
|
unkown
|
page execute read
|
||
|
1190000
|
heap
|
page read and write
|
||
|
16A70000
|
heap
|
page read and write
|
||
|
11A6000
|
heap
|
page read and write
|
||
|
4E27000
|
direct allocation
|
page read and write
|
||
|
4ED5000
|
direct allocation
|
page read and write
|
||
|
ADA8000
|
direct allocation
|
page read and write
|
||
|
4ED1000
|
direct allocation
|
page read and write
|
||
|
6EA0A000
|
unkown
|
page readonly
|
||
|
4E5B000
|
direct allocation
|
page read and write
|
||
|
A3FD000
|
direct allocation
|
page read and write
|
||
|
5224000
|
direct allocation
|
page read and write
|
||
|
196B0000
|
heap
|
page read and write
|
||
|
52DC000
|
direct allocation
|
page read and write
|
||
|
16C07000
|
heap
|
page read and write
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
6B04D000
|
unkown
|
page readonly
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
4F0A000
|
direct allocation
|
page read and write
|
||
|
6B6C0000
|
unkown
|
page readonly
|
||
|
1190000
|
heap
|
page read and write
|
||
|
A622000
|
direct allocation
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
AF41000
|
direct allocation
|
page read and write
|
||
|
1AC7C000
|
heap
|
page read and write
|
||
|
4F14000
|
direct allocation
|
page read and write
|
||
|
19D9F000
|
stack
|
page read and write
|
||
|
19C96000
|
heap
|
page read and write
|
||
|
2D3E000
|
direct allocation
|
page execute and read and write
|
||
|
6C6D1000
|
unkown
|
page execute read
|
||
|
1B0E0000
|
direct allocation
|
page read and write
|
||
|
4EBE000
|
direct allocation
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
1179000
|
heap
|
page read and write
|
||
|
19C41000
|
heap
|
page read and write
|
||
|
1582E000
|
stack
|
page read and write
|
||
|
19C96000
|
heap
|
page read and write
|
||
|
16AB7000
|
heap
|
page read and write
|
||
|
15B71000
|
heap
|
page read and write
|
||
|
19CD8000
|
heap
|
page read and write
|
||
|
5292000
|
direct allocation
|
page read and write
|
||
|
16C6D000
|
heap
|
page read and write
|
||
|
6B027000
|
unkown
|
page readonly
|
||
|
C00000
|
unkown
|
page readonly
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
446000
|
unkown
|
page readonly
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
C24000
|
unkown
|
page write copy
|
||
|
1110000
|
heap
|
page read and write
|
||
|
118C000
|
heap
|
page read and write
|
||
|
6C2D1000
|
unkown
|
page execute read
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
261F000
|
stack
|
page read and write
|
||
|
11FA000
|
heap
|
page read and write
|
||
|
1ABEA000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
19D4E000
|
stack
|
page read and write
|
||
|
6B909000
|
unkown
|
page readonly
|
||
|
1575F000
|
unkown
|
page read and write
|
||
|
15B5A000
|
heap
|
page read and write
|
||
|
5243000
|
direct allocation
|
page read and write
|
||
|
1AEFE000
|
stack
|
page read and write
|
||
|
A686000
|
direct allocation
|
page read and write
|
||
|
4EF3000
|
direct allocation
|
page read and write
|
||
|
6C2BA000
|
unkown
|
page readonly
|
||
|
C1C000
|
unkown
|
page readonly
|
||
|
16C6A000
|
heap
|
page read and write
|
||
|
5227000
|
direct allocation
|
page read and write
|
||
|
19F70000
|
trusted library allocation
|
page read and write
|
||
|
16AA0000
|
heap
|
page read and write
|
||
|
16A97000
|
heap
|
page read and write
|
||
|
A903000
|
direct allocation
|
page read and write
|
||
|
6C173000
|
unkown
|
page read and write
|
||
|
6B90F000
|
unkown
|
page readonly
|
||
|
19C9D000
|
heap
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
6B659000
|
unkown
|
page readonly
|
||
|
6C789000
|
unkown
|
page readonly
|
||
|
119B000
|
heap
|
page read and write
|
||
|
11BD000
|
heap
|
page read and write
|
||
|
4F48000
|
direct allocation
|
page read and write
|
||
|
A39C000
|
direct allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
19C10000
|
heap
|
page read and write
|
||
|
4F23000
|
direct allocation
|
page read and write
|
||
|
AA9C000
|
direct allocation
|
page read and write
|
||
|
19F80000
|
heap
|
page read and write
|
||
|
6B698000
|
unkown
|
page read and write
|
||
|
52DF000
|
direct allocation
|
page read and write
|
||
|
4F55000
|
direct allocation
|
page read and write
|
||
|
6B97D000
|
unkown
|
page readonly
|
||
|
5281000
|
direct allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
11AB000
|
heap
|
page read and write
|
||
|
19E2C000
|
stack
|
page read and write
|
There are 739 hidden memdumps, click here to show them.