IOC Report
LexusXA Installer.msi

loading gif

Files

File Path
Type
Category
Malicious
LexusXA Installer.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252, Revision Number: {6E016F4D-F842-4D13-BDA0-1D990584865D}, Number of Words: 2, Subject: LexusXA Installer, Author: LexusORG, Name of Creating Application: LexusXA Installer, Template: ;1033, Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri Nov 29 15:27:42 2024, Last Saved Time/Date: Fri Nov 29 15:27:42 2024, Last Printed: Fri Nov 29 15:27:42 2024, Number of Pages: 450
initial sample
C:\Program Files (x86)\LexusORG\LexusXA Installer\LexusXA-installer-win_x64.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Programs\Lexus\is-KAK7L.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Programs\Lexus\is-LOG4N.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Programs\Lexus\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Programs\Lexus\version-iexpress-x64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\IXP000.TMP\version-checker-win-x64.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI2254.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI22D2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI2312.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI2332.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI2362.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI242E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI245E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI5736.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\MSI5766.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\RarSFX0\version-checker-won-x64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_ARC4.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_Salsa20.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_chacha20.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_pkcs1_decode.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_aes.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_aesni.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_arc2.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_blowfish.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_cast.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_cbc.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_cfb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_ctr.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_des.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_des3.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_ecb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_eksblowfish.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_ocb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Cipher\_raw_ofb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_BLAKE2b.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_BLAKE2s.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_MD2.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_MD4.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_MD5.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_RIPEMD160.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_SHA1.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_SHA224.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_SHA256.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_SHA384.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_SHA512.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_ghash_clmul.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_ghash_portable.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_keccak.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Hash\_poly1305.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Math\_modexp.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Protocol\_scrypt.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\PublicKey\_ec_ws.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\PublicKey\_ed25519.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\PublicKey\_ed448.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\PublicKey\_x25519.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Util\_cpuid_c.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\Cryptodome\Util\_strxor.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\VCRUNTIME140.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\VCRUNTIME140_1.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_asyncio.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_bz2.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_cffi_backend.cp312-win_amd64.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_ctypes.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_decimal.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_hashlib.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_lzma.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_multiprocessing.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_overlapped.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_queue.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_socket.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_sqlite3.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_ssl.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\_wmi.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography\hazmat\bindings\_rust.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\libcrypto-3.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\libffi-8.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\libssl-3.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\pyexpat.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\python3.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\python312.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\pywin32_system32\pywintypes312.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\select.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\sqlite3.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\unicodedata.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\win32\win32api.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\win32\win32crypt.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\_MEI21442\win32\win32evtlog.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-F3SOF.tmp\LexusXA-installer-win_x64.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI4F9E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI501C.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI504C.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Config.Msi\6b4ce0.rbs
data
modified
C:\Users\user\AppData\Local\Programs\Lexus\unins000.dat
InnoSetup Log 64-bit Lexus {C3ED9554-CBB3-415C-8158-443CAC428D41}, version 0x418, 2002 bytes, 216865\37\user\376, C:\Users\user\AppData\Local\Programs\Lexu
dropped
C:\Users\user\AppData\Local\Temp\RarSFX0\L.db
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\RarSFX0\decrypted_logins.csv
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-console-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-datetime-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-debug-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-errorhandling-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-file-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-file-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-file-l2-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-handle-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-heap-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-interlocked-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-libraryloader-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-localization-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-memory-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-namedpipe-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-processenvironment-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-processthreads-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-processthreads-l1-1-1.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-profile-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-rtlsupport-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-string-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-synch-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-synch-l1-2-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-sysinfo-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-timezone-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-core-util-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-conio-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-convert-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-environment-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-filesystem-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-heap-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-locale-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-math-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-process-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-runtime-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-stdio-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-string-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-time-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\api-ms-win-crt-utility-l1-1-0.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\base_library.zip
Zip archive data, at least v2.0 to extract, compression method=store
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\certifi\cacert.pem
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\INSTALLER
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\LICENSE
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\LICENSE.APACHE
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\LICENSE.BSD
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\METADATA
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\RECORD
CSV text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\WHEEL
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\cryptography-42.0.8.dist-info\top_level.txt
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\_MEI21442\ucrtbase.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-R6R4G.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lexus.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sat Nov 30 03:58:22 2024, mtime=Sat Nov 30 03:58:24 2024, atime=Sat Nov 30 03:13:16 2024, length=18222592, window=hide
dropped
C:\Windows\Installer\6b4cdf.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252, Revision Number: {6E016F4D-F842-4D13-BDA0-1D990584865D}, Number of Words: 2, Subject: LexusXA Installer, Author: LexusORG, Name of Creating Application: LexusXA Installer, Template: ;1033, Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri Nov 29 15:27:42 2024, Last Saved Time/Date: Fri Nov 29 15:27:42 2024, Last Printed: Fri Nov 29 15:27:42 2024, Number of Pages: 450
dropped
C:\Windows\Installer\6b4ce1.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252, Revision Number: {6E016F4D-F842-4D13-BDA0-1D990584865D}, Number of Words: 2, Subject: LexusXA Installer, Author: LexusORG, Name of Creating Application: LexusXA Installer, Template: ;1033, Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri Nov 29 15:27:42 2024, Last Saved Time/Date: Fri Nov 29 15:27:42 2024, Last Printed: Fri Nov 29 15:27:42 2024, Number of Pages: 450
dropped
C:\Windows\Installer\MSI5128.tmp
data
dropped
C:\Windows\Installer\SourceHash{C54536A2-F634-404D-88DE-77163336AD19}
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\inprogressinstallinfo.ipi
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\{C54536A2-F634-404D-88DE-77163336AD19}\red.exe
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
dropped
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Windows\Temp\~DF1FF8B1B79E81DE1F.TMP
data
dropped
C:\Windows\Temp\~DF260D35A8E4F96F5C.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF32AB5B47082F9D6A.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF4A2DEC39AF7DEA3A.TMP
data
dropped
C:\Windows\Temp\~DF4F8D4649F565E836.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF721735F029A9F266.TMP
data
dropped
C:\Windows\Temp\~DF74B66CF901F4F435.TMP
data
dropped
C:\Windows\Temp\~DFAB3AD4281FC78541.TMP
data
dropped
C:\Windows\Temp\~DFCDD415F8769C9FB1.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DFDF9EE5A7CF354A25.TMP
data
dropped
C:\Windows\Temp\~DFEA465B43E6B7917D.TMP
data
dropped
C:\Windows\Temp\~DFEB36C11E859D70F1.TMP
Composite Document File V2 Document, Cannot read section info
dropped
There are 156 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\LexusORG\LexusXA Installer\LexusXA-installer-win_x64.exe
"C:\Program Files (x86)\LexusORG\LexusXA Installer\LexusXA-installer-win_x64.exe"
malicious
C:\Users\user\AppData\Local\Temp\is-F3SOF.tmp\LexusXA-installer-win_x64.tmp
"C:\Users\user\AppData\Local\Temp\is-F3SOF.tmp\LexusXA-installer-win_x64.tmp" /SL5="$2044C,19187169,794112,C:\Program Files (x86)\LexusORG\LexusXA Installer\LexusXA-installer-win_x64.exe"
malicious
C:\Users\user\AppData\Local\Temp\IXP000.TMP\version-checker-win-x64.exe
C:\Users\user\AppData\Local\Temp\IXP000.TMP\version-checker-win-x64.exe
 malicious
C:\Users\user\AppData\Local\Temp\RarSFX0\version-checker-won-x64.exe
"C:\Users\user\AppData\Local\Temp\RarSFX0\version-checker-won-x64.exe"
malicious
C:\Users\user\AppData\Local\Temp\RarSFX0\version-checker-won-x64.exe
"C:\Users\user\AppData\Local\Temp\RarSFX0\version-checker-won-x64.exe"
malicious
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\LexusXA Installer.msi"
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 80745C949CFC24E358273D649EA9B511 C
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding D0A27BFD503CBB4ECD262F85E025A5D0
C:\Users\user\AppData\Local\Programs\Lexus\version-iexpress-x64.exe
"C:\Users\user\AppData\Local\Programs\Lexus\version-iexpress-x64.exe"

URLs

Name
IP
Malicious
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf
unknown
http://repository.swisssign.com/.pV
unknown
https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packages
unknown
http://aka.ms/vcpython27
unknown
https://cloud.google.com/appengine/docs/standard/runtimes
unknown
https://github.com/mhammond/pywin32
unknown
http://docs.python.org/library/unittest.html
unknown
https://setuptools.pypa.io/en/latest/
unknown
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
unknown
http://repository.swisssign.com/3
unknown
https://github.com/pyca/cryptography/actions?query=workflow%3ACI
unknown
https://wwww.certigna.fr/autorites/P
unknown
https://tools.ietf.org/html/rfc2388#section-4.4
unknown
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#https-proxy-error-http-proxyx
unknown
https://www.apache.org/licenses/LICENSE-2.0
unknown
https://packaging.python.org/en/latest/specifications/core-metadata/
unknown
https://docs.python.org/3.11/library/binascii.html#binascii.a2b_base64
unknown
https://github.com/pypa/packaging
unknown
https://refspecs.linuxfoundation.org/elf/gabi4
unknown
https://setuptools.pypa.io/en/latest/references/keywords.html#keyword-namespace-packages0
unknown
https://www.remobjects.com/ps
unknown
https://www.innosetup.com/
unknown
https://urllib3.readthedocs.io/en/stable/v2-migration-guide.htmlW
unknown
http://docs.python.org/3/library/subprocess#subprocess.Popen.kill
unknown
https://tools.ietf.org/html/rfc3610
unknown
https://github.com/platformdirs/platformdirs
unknown
https://peps.python.org/pep-0205/
unknown
http://crl.dhimyotis.com/certignarootca.crl
unknown
http://curl.haxx.se/rfc/cookie_spec.html
unknown
http://ocsp.accv.es
unknown
http://docs.python.org/3/library/subprocess#subprocess.Popen.returncode
unknown
https://upload.pypi.org/legacy/arSFX0
unknown
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
unknown
https://httpbin.org/get
unknown
http://httpbin.org/
unknown
https://packaging.python.org/en/latest/specifications/entry-points/
unknown
https://setuptools.pypa.io/en/latest/pkg_resources.html#basic-resource-access
unknown
https://pypi.org/project/build/).
unknown
https://wwww.certigna.fr/autorites/0m
unknown
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
unknown
http://foo/bar.tgz
unknown
https://github.com/python/cpython/issues/86361.
unknown
https://httpbin.org/
unknown
https://www.apache.org/licenses/
unknown
https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main
unknown
https://wwww.certigna.fr/autorites/
unknown
https://www-cs-faculty.stanford.edu/~knuth/fasc2a.ps.gz
unknown
http://www.cert.fnmt.es/dpcs//T_
unknown
https://packaging.python.org/en/latest/guides/packaging-namespace-packages/.
unknown
https://packaging.python.org/en/latest/specifications/pyproject-toml/#declaring-project-metadata-the
unknown
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
unknown
https://cryptography.io/en/latest/installation/
unknown
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
unknown
https://www.python.org/psf/license/
unknown
https://docs.python.org/3/library/multiprocessing.html
unknown
https://github.com/pypa/setuptools/issues/417#issuecomment-392298401
unknown
http://crl.securetrust.com/STCA.crl
unknown
http://wwwsearch.sf.net/):
unknown
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
unknown
http://www.accv.es/legislacion_c.htm
unknown
http://tools.ietf.org/html/rfc6125#section-6.4.3
unknown
https://cryptography.io/en/latest/security/
unknown
http://crl.xrampsecurity.com/XGCA.crl0
unknown
https://bugs.python.org/issue44497.
unknown
http://www.cert.fnmt.es/dpcs/
unknown
https://packaging.python.org/specifications/entry-points/
unknown
https://github.com/jaraco/jaraco.functools/issues/5
unknown
http://www.accv.es00
unknown
https://www.python.org/psf/license/)
unknown
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
unknown
http://www.rfc-editor.org/info/rfc7253
unknown
https://github.com/pyca/cryptography/issues
unknown
http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf
unknown
https://readthedocs.org/projects/cryptography/badge/?version=latest
unknown
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
unknown
http://google.com/
unknown
https://mahler:8092/site-updates.py
unknown
https://urllib3.readthedocs.io/en/stable/v2-migration-guide.html
unknown
https://github.com/pypa/setuptools/issues/new?template=distutils-deprecation.yml0;
unknown
https://github.com/python/importlib_metadata/issues/396P_i
unknown
http://crl.securetrust.com/SGCA.crl
unknown
http://.../back.jpeg
unknown
https://tools.ietf.org/html/rfc7231#section-4.3.6)
unknown
http://tools.ietf.org/html/rfc5869
unknown
https://github.com/pyca/cryptography
unknown
http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html
unknown
https://cryptography.io/
unknown
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#https-proxy-error-http-proxy
unknown
https://httpbin.org/post
unknown
https://github.com/pyca/cryptography/
unknown
https://github.com/Ousret/charset_normalizer
unknown
https://github.com/urllib3/urllib3/issues/497
unknown
http://www.firmaprofesional.com/cps0
unknown
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warningsP
unknown
http://ocsp.accv.esh
unknown
http://crl.securetrust.com/SGCA.crl0
unknown
http://crl.securetrust.com/STCA.crl0
unknown
http://yahoo.com/
unknown
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
discord.com
162.159.137.232

IPs

IP
Domain
Country
Malicious
162.159.137.232
discord.com
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER_Classes\.exe\OpenWithProgids
LexusFile.exe
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\6b4ce0.rbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\6b4ce0.rbsLow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BAADFEA2AF095549AE450C56CEBF8BE
2A63545C436FD40488ED77613363DA91
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFDFD07B8065BF48852C16AA642E597
2A63545C436FD40488ED77613363DA91
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B868650966C8E444BBD10DAC29FDE685
2A63545C436FD40488ED77613363DA91
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\LexusORG\LexusXA Installer\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\LexusORG\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Windows\Installer\{C54536A2-F634-404D-88DE-77163336AD19}\
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LexusORG\LexusXA Installer
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LexusORG\LexusXA Installer
Path
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
LocalPackage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Size
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\252A01B8261F1E949A8C5B1BAD1B2623
2A63545C436FD40488ED77613363DA91
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\InstallProperties
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C54536A2-F634-404D-88DE-77163336AD19}
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\2A63545C436FD40488ED77613363DA91
MainFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\Features
MainFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A63545C436FD40488ED77613363DA91\Patches
AllPatches
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
PackageCode
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
Assignment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
AdvertiseFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
ProductIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
AuthorizedLUAApp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
DeploymentFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\252A01B8261F1E949A8C5B1BAD1B2623
2A63545C436FD40488ED77613363DA91
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91\SourceList
PackageName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91\SourceList\Net
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91\SourceList\Media
DiskPrompt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91\SourceList\Media
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91
Clients
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2A63545C436FD40488ED77613363DA91\SourceList
LastUsedSource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
StringCacheGeneration
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER_Classes\LexusFile.exe
NULL
HKEY_CURRENT_USER_Classes\LexusFile.exe\DefaultIcon
NULL
HKEY_CURRENT_USER_Classes\LexusFile.exe\shell\open\command
NULL
HKEY_CURRENT_USER_Classes\Applications\version-iexpress-x64.exe\SupportedTypes
.myp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: Setup Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: App Path
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
InstallLocation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: Icon Group
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: User
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: Selected Tasks
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: Deselected Tasks
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Inno Setup: Language
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
QuietUninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
Publisher
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
InstallDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
MajorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
MinorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
VersionMajor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
VersionMinor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3ED9554-CBB3-415C-8158-443CAC428D41}_is1
EstimatedSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
There are 105 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FFE0C0C1000
unkown
page execute read
1690D981000
heap
page read and write
BBA787F000
stack
page read and write
1690E32C000
heap
page read and write
1690DCE7000
heap
page read and write
1690E264000
heap
page read and write
EA7000
heap
page read and write
2E1B000
stack
page read and write
144AA6B5000
heap
page read and write
144AA6C2000
heap
page read and write
37D0000
heap
page read and write
1690E41D000
heap
page read and write
1690BF40000
heap
page read and write
144AA6B5000
heap
page read and write
1690EC8A000
heap
page read and write
7292000
heap
page read and write
1690E2D6000
heap
page read and write
1690E2D3000
heap
page read and write
9EE000
unkown
page read and write
3690000
heap
page read and write
7FFE00733000
unkown
page readonly
1690E130000
heap
page read and write
1690E3BD000
heap
page read and write
331F000
direct allocation
page read and write
2C2D000
direct allocation
page read and write
3048000
direct allocation
page read and write
1690E32C000
heap
page read and write
7FFE08ED0000
unkown
page readonly
1690E38B000
heap
page read and write
1690EF3E000
heap
page read and write
1690D97D000
heap
page read and write
1690F042000
heap
page read and write
7FFE01795000
unkown
page readonly
1690DDA4000
heap
page read and write
7FFE10240000
unkown
page readonly
1690D966000
heap
page read and write
1690DDA2000
heap
page read and write
1690EEA4000
heap
page read and write
144AA6B4000
heap
page read and write
1690EE64000
heap
page read and write
144AA6C3000
heap
page read and write
7FF70E890000
unkown
page readonly
1690D982000
heap
page read and write
1690EF4F000
heap
page read and write
1690D9A7000
heap
page read and write
1690EE84000
heap
page read and write
7FFE01790000
unkown
page readonly
7FFDFA526000
unkown
page read and write
7FFE0CFDE000
unkown
page readonly
1690ED31000
heap
page read and write
144AA6C2000
heap
page read and write
7FFDFA5AD000
unkown
page write copy
1690E2D4000
heap
page read and write
1690E32F000
heap
page read and write
1690E43A000
heap
page read and write
3033000
direct allocation
page read and write
87C000
heap
page read and write
2F5E000
stack
page read and write
7FFE02A15000
unkown
page readonly
1690D930000
heap
page read and write
144AA670000
heap
page read and write
32F0000
direct allocation
page read and write
7FFDF9E30000
unkown
page execute read
1690D99C000
heap
page read and write
CAA000
trusted library allocation
page read and write
1690E1AE000
heap
page read and write
2F5F000
direct allocation
page read and write
144AA6B5000
heap
page read and write
EBA000
heap
page read and write
36D0000
heap
page read and write
1690D8A0000
heap
page read and write
1690EB20000
heap
page read and write
144AA6B5000
heap
page read and write
1690E5F0000
direct allocation
page read and write
144AA6B8000
heap
page read and write
1690EFC0000
heap
page read and write
4FDC000
stack
page read and write
1690BF28000
heap
page read and write
7FFE0E189000
unkown
page readonly
1690EC31000
heap
page read and write
7FFE02A11000
unkown
page execute read
1690E23D000
heap
page read and write
1690EFDA000
heap
page read and write
1690BEF5000
heap
page read and write
1690DC31000
heap
page read and write
7FFDFF170000
unkown
page readonly
1690ECB1000
heap
page read and write
2B9D000
direct allocation
page read and write
13C8000
heap
page read and write
1690E22D000
heap
page read and write
1690DD26000
heap
page read and write
7FFE002A1000
unkown
page readonly
1690E249000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE148E0000
unkown
page readonly
1690EF1E000
heap
page read and write
7FFE0CF85000
unkown
page readonly
144AA6BC000
heap
page read and write
1690EE8E000
heap
page read and write
1690BF35000
heap
page read and write
144AA6B5000
heap
page read and write
1690D922000
heap
page read and write
1690EFC4000
heap
page read and write
1690E190000
heap
page read and write
1690D8E2000
heap
page read and write
1FF6BDE000
stack
page read and write
7FFDF9F74000
unkown
page read and write
1690EF1E000
heap
page read and write
7FF7CD3CE000
unkown
page readonly
1690EC88000
heap
page read and write
1690EF3E000
heap
page read and write
7FFE130C8000
unkown
page readonly
1690E3A4000
heap
page read and write
1690DC31000
heap
page read and write
7FFE11BE1000
unkown
page execute read
1690F034000
heap
page read and write
144AA6B3000
heap
page read and write
1690DD0B000
heap
page read and write
1690D8E6000
heap
page read and write
FF6000
heap
page read and write
144AA6C3000
heap
page read and write
1690EEF4000
heap
page read and write
1690E312000
heap
page read and write
144AA6C3000
heap
page read and write
7FF70E8D3000
unkown
page read and write
1690BF1C000
heap
page read and write
E6D000
unkown
page read and write
1690DC13000
heap
page read and write
1690E23E000
heap
page read and write
1690E393000
heap
page read and write
1690D9A8000
heap
page read and write
137A000
heap
page read and write
7FFDF9B5E000
unkown
page execute read
2BBB000
direct allocation
page read and write
CB0000
heap
page read and write
1690DD32000
heap
page read and write
7FFE11BCC000
unkown
page read and write
7FFE0C0A1000
unkown
page execute read
1690ECD4000
heap
page read and write
2B8B000
direct allocation
page read and write
1690E2D7000
heap
page read and write
1690D6F0000
direct allocation
page read and write
144AA6B5000
heap
page read and write
1690D98D000
heap
page read and write
1690BEF4000
heap
page read and write
7FF70E8D6000
unkown
page readonly
9F5000
unkown
page read and write
1690DC9D000
heap
page read and write
1690ED47000
heap
page read and write
1690E3BD000
heap
page read and write
1690DD07000
heap
page read and write
1690E152000
heap
page read and write
1690DC6A000
heap
page read and write
1690ECE4000
heap
page read and write
2F6E000
direct allocation
page read and write
1690D983000
heap
page read and write
1690EC9A000
heap
page read and write
1690EE64000
heap
page read and write
7FFE0121B000
unkown
page readonly
1690E0F1000
heap
page read and write
1690EF1C000
heap
page read and write
1690DC28000
heap
page read and write
1690E1A9000
heap
page read and write
1690E213000
heap
page read and write
1690E4C5000
heap
page read and write
1690DD10000
heap
page read and write
1690DD26000
heap
page read and write
1D8ED4D7000
heap
page read and write
4E30000
trusted library allocation
page read and write
1690E312000
heap
page read and write
1690E393000
heap
page read and write
7162000
heap
page read and write
1690E247000
heap
page read and write
1690E312000
heap
page read and write
1690F084000
heap
page read and write
1690EC9F000
heap
page read and write
1690D8D8000
heap
page read and write
144AA6B5000
heap
page read and write
1690ECB2000
heap
page read and write
E60000
heap
page read and write
1690ECE4000
heap
page read and write
2F7C000
direct allocation
page read and write
1690E26E000
heap
page read and write
1690D981000
heap
page read and write
6E3000
stack
page read and write
1690E22C000
heap
page read and write
1690E3D3000
heap
page read and write
1690E147000
heap
page read and write
1690DC3E000
heap
page read and write
1690F04C000
heap
page read and write
1690D964000
heap
page read and write
1690EF04000
heap
page read and write
1690D95A000
heap
page read and write
1690D975000
heap
page read and write
B0E000
stack
page read and write
2BFB000
direct allocation
page read and write
1690BF45000
heap
page read and write
1690E31D000
heap
page read and write
1690DC3E000
heap
page read and write
1690D97C000
heap
page read and write
1690DD10000
heap
page read and write
7FF70E8CE000
unkown
page read and write
1690E19D000
heap
page read and write
1690E32C000
heap
page read and write
E80000
heap
page read and write
144AA6C4000
heap
page read and write
1690DD1E000
heap
page read and write
7FFDF9E32000
unkown
page readonly
1690ED47000
heap
page read and write
1690E168000
heap
page read and write
1690E146000
heap
page read and write
1690EE64000
heap
page read and write
1690DD3A000
heap
page read and write
1690BE50000
heap
page read and write
7FFE013A0000
unkown
page readonly
1690D992000
heap
page read and write
144AA6B5000
heap
page read and write
1FF739E000
stack
page read and write
7FFE0E160000
unkown
page readonly
1690EEFD000
heap
page read and write
35ED000
direct allocation
page read and write
1690DDB0000
heap
page read and write
1690BF14000
heap
page read and write
1690DDDF000
heap
page read and write
1690BF34000
heap
page read and write
7FFE120C6000
unkown
page readonly
1690DD1F000
heap
page read and write
1690E4CC000
heap
page read and write
1690E393000
heap
page read and write
7FFE01221000
unkown
page execute read
1690D99C000
heap
page read and write
71F4000
heap
page read and write
1690EE18000
heap
page read and write
E70000
heap
page read and write
1690D8CA000
heap
page read and write
DA4000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
1690EE83000
heap
page read and write
1690ED47000
heap
page read and write
1690DDA9000
heap
page read and write
144AA6C2000
heap
page read and write
1690E1CD000
heap
page read and write
7100000
heap
page read and write
1690DC3F000
heap
page read and write
1690DD3F000
heap
page read and write
1690E190000
heap
page read and write
1690E1B7000
heap
page read and write
1690E435000
heap
page read and write
1690DBF1000
heap
page read and write
7FFE013A1000
unkown
page execute read
1690E2E2000
heap
page read and write
1690BCD0000
heap
page read and write
1690D93B000
heap
page read and write
1D8ED300000
heap
page read and write
1690E25A000
heap
page read and write
7FFDF9F71000
unkown
page write copy
1690EEA4000
heap
page read and write
1690DC9D000
heap
page read and write
144AA6BA000
heap
page read and write
30DB000
stack
page read and write
1690E34A000
heap
page read and write
7FFE13318000
unkown
page read and write
1690DD51000
heap
page read and write
1690DD51000
heap
page read and write
1690BF22000
heap
page read and write
144AA6B5000
heap
page read and write
1690DBF0000
heap
page read and write
1690F9BC000
direct allocation
page read and write
1690F063000
heap
page read and write
1690E1DE000
heap
page read and write
71C3000
heap
page read and write
7FF70E891000
unkown
page execute read
1690DC51000
heap
page read and write
7FFDF9B47000
unkown
page execute read
1690E402000
heap
page read and write
1690D98C000
heap
page read and write
750000
heap
page read and write
144AA6C3000
heap
page read and write
EEA000
heap
page read and write
1690E1BE000
heap
page read and write
1690D8D8000
heap
page read and write
9EE000
unkown
page write copy
1690E339000
heap
page read and write
1690F9A8000
direct allocation
page read and write
1690FA60000
direct allocation
page read and write
1D8ED3E0000
heap
page read and write
1690BE60000
heap
page read and write
1690DEF0000
direct allocation
page read and write
7FFE11073000
unkown
page readonly
7FF70E8BB000
unkown
page readonly
7FF70E891000
unkown
page execute read
1690E393000
heap
page read and write
ED7000
heap
page read and write
1690E179000
heap
page read and write
370E000
heap
page read and write
FF7000
heap
page read and write
1690EEF5000
heap
page read and write
1690DD51000
heap
page read and write
1690E31D000
heap
page read and write
7FF70E8BB000
unkown
page readonly
1690DC3D000
heap
page read and write
1690E47D000
heap
page read and write
7FF7CC9CE000
unkown
page readonly
1690DD1A000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B4000
heap
page read and write
1690EF3E000
heap
page read and write
1690E111000
heap
page read and write
1690E4AA000
heap
page read and write
1690EF96000
heap
page read and write
9FD000
unkown
page read and write
1690E36A000
heap
page read and write
E20000
heap
page read and write
1690BF44000
heap
page read and write
1690E22C000
heap
page read and write
E62000
unkown
page readonly
1690DC2E000
heap
page read and write
1690DDA8000
heap
page read and write
1690DC1D000
heap
page read and write
1690EFA4000
heap
page read and write
1690E152000
heap
page read and write
7FFE11075000
unkown
page readonly
7FFE12E11000
unkown
page execute read
144AA6B5000
heap
page read and write
1690DDF0000
direct allocation
page read and write
1690E45B000
heap
page read and write
6FA000
stack
page read and write
870000
heap
page read and write
EBE000
heap
page read and write
1690E1DF000
heap
page read and write
144AA6C3000
heap
page read and write
1690BDB0000
heap
page read and write
1690E114000
heap
page read and write
1690E23E000
heap
page read and write
1690E216000
heap
page read and write
144AA6C1000
heap
page read and write
21289DE000
stack
page read and write
7FFE13200000
unkown
page readonly
1690EDCD000
heap
page read and write
1690D92A000
heap
page read and write
144AA6BC000
heap
page read and write
1690E3B6000
heap
page read and write
1690F05E000
heap
page read and write
1690D99C000
heap
page read and write
144AA6B3000
heap
page read and write
1690D9AE000
heap
page read and write
EFE000
heap
page read and write
1690EC9B000
heap
page read and write
E6D000
unkown
page write copy
1690DC46000
heap
page read and write
1690F07A000
heap
page read and write
1690D96D000
heap
page read and write
1690D980000
heap
page read and write
1690EE8E000
heap
page read and write
1690ED35000
heap
page read and write
7FFE0C0B0000
unkown
page readonly
1690D95A000
heap
page read and write
1690D94A000
heap
page read and write
1690E32F000
heap
page read and write
1690D8FF000
heap
page read and write
EE1000
heap
page read and write
DA0000
heap
page read and write
1690DDC4000
heap
page read and write
1690BEF1000
heap
page read and write
1690DD61000
heap
page read and write
1690DC1D000
heap
page read and write
7FFE120C0000
unkown
page readonly
1690EFB6000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6C4000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE130C1000
unkown
page execute read
1D8ED4D7000
heap
page read and write
144AA6BB000
heap
page read and write
1690E14D000
heap
page read and write
1690ED5A000
heap
page read and write
144AA6B5000
heap
page read and write
E90000
unkown
page read and write
5630000
heap
page read and write
1690DC4E000
heap
page read and write
BBA75DE000
stack
page read and write
7FFE130C0000
unkown
page readonly
1690E422000
heap
page read and write
1690F00E000
heap
page read and write
1690F0B1000
heap
page read and write
7FFDFA5E1000
unkown
page read and write
7FFE0B2C1000
unkown
page execute read
5B30000
direct allocation
page read and write
1690E1A6000
heap
page read and write
7FFE0EA70000
unkown
page readonly
144AA6B5000
heap
page read and write
1690DDC3000
heap
page read and write
144AA6C1000
heap
page read and write
1690E264000
heap
page read and write
1690DC03000
heap
page read and write
1690EF0B000
heap
page read and write
3490000
direct allocation
page read and write
1690DC85000
heap
page read and write
7FFE11BC7000
unkown
page readonly
1690DC65000
heap
page read and write
1690E20F000
heap
page read and write
7FFE10258000
unkown
page readonly
BBA755B000
stack
page read and write
1690E12A000
heap
page read and write
7FF70E8BB000
unkown
page readonly
1690D8F0000
heap
page read and write
1690BEEE000
heap
page read and write
1690E339000
heap
page read and write
1690DC27000
heap
page read and write
1690DDA9000
heap
page read and write
7FFE00734000
unkown
page read and write
7FFE00700000
unkown
page readonly
1690E186000
heap
page read and write
1690D936000
heap
page read and write
1690DC03000
heap
page read and write
1690DD10000
heap
page read and write
1690E4CC000
heap
page read and write
1690DDD7000
heap
page read and write
1690DC64000
heap
page read and write
1690E44A000
heap
page read and write
1690D900000
heap
page read and write
1690E1B9000
heap
page read and write
1690DC53000
heap
page read and write
7FFE1321E000
unkown
page readonly
1690E124000
heap
page read and write
7150000
heap
page read and write
7EF7B000
direct allocation
page read and write
1690DC14000
heap
page read and write
EB7000
heap
page read and write
1690DC85000
heap
page read and write
7FFE01492000
unkown
page readonly
43EB000
heap
page read and write
144AA6C3000
heap
page read and write
1690E18D000
heap
page read and write
1690E4EE000
heap
page read and write
1690E32F000
heap
page read and write
1690D9A2000
heap
page read and write
1690ED7B000
heap
page read and write
1690DCDD000
heap
page read and write
1690E163000
heap
page read and write
144AA6C3000
heap
page read and write
1690DC48000
heap
page read and write
EF2000
heap
page read and write
144AA6C2000
heap
page read and write
2F92000
direct allocation
page read and write
2F83000
direct allocation
page read and write
144AA6B5000
heap
page read and write
32E0000
direct allocation
page read and write
1690E4F0000
direct allocation
page read and write
1690E23E000
heap
page read and write
1690DC52000
heap
page read and write
7FFE01455000
unkown
page readonly
1690E15B000
heap
page read and write
4CEB000
heap
page read and write
ED2000
heap
page read and write
1690E258000
heap
page read and write
4CEE000
heap
page read and write
2B75000
direct allocation
page read and write
3A0D000
stack
page read and write
7292000
heap
page read and write
21287E2000
stack
page read and write
1690E332000
heap
page read and write
1690D8EA000
heap
page read and write
144AA6C3000
heap
page read and write
1690EEA4000
heap
page read and write
1690FA34000
direct allocation
page read and write
1690E2D3000
heap
page read and write
1690EF4C000
heap
page read and write
1690E216000
heap
page read and write
1690E263000
heap
page read and write
7FFE11BE9000
unkown
page readonly
1690E453000
heap
page read and write
1690DDB7000
heap
page read and write
1690EEE8000
heap
page read and write
1690DCDE000
heap
page read and write
1690E19C000
heap
page read and write
7FFDFA5F0000
unkown
page write copy
144AA6B8000
heap
page read and write
1690DDBD000
heap
page read and write
1690D927000
heap
page read and write
1690E262000
heap
page read and write
2B2B000
direct allocation
page read and write
21287ED000
stack
page read and write
12EE000
stack
page read and write
1690EF83000
heap
page read and write
1690D8D5000
heap
page read and write
1690E32C000
heap
page read and write
EA4000
heap
page read and write
144AA6B5000
heap
page read and write
1690D99E000
heap
page read and write
1690F084000
heap
page read and write
1690E2E9000
heap
page read and write
1690E148000
heap
page read and write
1690E4DF000
heap
page read and write
7FFE148E1000
unkown
page execute read
1690E153000
heap
page read and write
1690BE30000
unkown
page readonly
7231000
heap
page read and write
1690BF45000
heap
page read and write
1690BF32000
heap
page read and write
7FFE01220000
unkown
page readonly
1690E2D3000
heap
page read and write
7FF70E8D6000
unkown
page readonly
1690D99C000
heap
page read and write
1690D90D000
heap
page read and write
1690DC2E000
heap
page read and write
1690F084000
heap
page read and write
1690E167000
heap
page read and write
1690DC3E000
heap
page read and write
1690E312000
heap
page read and write
1690DC36000
heap
page read and write
2C09000
direct allocation
page read and write
7FFE0B2C4000
unkown
page read and write
1690DDD1000
heap
page read and write
1690E1AC000
heap
page read and write
1690E152000
heap
page read and write
1690E332000
heap
page read and write
1690DD10000
heap
page read and write
1690DD25000
heap
page read and write
1690D983000
heap
page read and write
1D8EF0E8000
heap
page read and write
7FF70E8CE000
unkown
page write copy
1690EDCC000
heap
page read and write
1690EC3F000
heap
page read and write
1690E1AE000
heap
page read and write
1690EFCF000
heap
page read and write
7FFE110F5000
unkown
page readonly
1690DD9B000
heap
page read and write
1D8ED4B7000
heap
page read and write
39CE000
stack
page read and write
144AA6B5000
heap
page read and write
7FFE0E187000
unkown
page read and write
2C34000
direct allocation
page read and write
7FFE01354000
unkown
page readonly
1690E263000
heap
page read and write
1FF71AF000
stack
page read and write
1690BF1A000
heap
page read and write
902000
heap
page read and write
1690D906000
heap
page read and write
2C43000
direct allocation
page read and write
9F0000
unkown
page read and write
144AA6C3000
heap
page read and write
144AA6C3000
heap
page read and write
1690EFA8000
heap
page read and write
3E6000
stack
page read and write
1690E152000
heap
page read and write
144AA6B5000
heap
page read and write
1690DC6B000
heap
page read and write
7FFE01791000
unkown
page execute read
1690DD42000
heap
page read and write
1690EEE8000
heap
page read and write
1690D95D000
heap
page read and write
1690DC2E000
heap
page read and write
7FFE00730000
unkown
page readonly
1690E124000
heap
page read and write
144AA6C3000
heap
page read and write
1690BF33000
heap
page read and write
1690DCB5000
heap
page read and write
144AA6B5000
heap
page read and write
1690DC13000
heap
page read and write
1690D92A000
heap
page read and write
7FFE02A13000
unkown
page readonly
1690EDF8000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6C3000
heap
page read and write
1690E3B8000
heap
page read and write
7FF70E8BB000
unkown
page readonly
1690E32C000
heap
page read and write
1690F0B3000
heap
page read and write
1690E379000
heap
page read and write
144AA6BA000
heap
page read and write
3637000
direct allocation
page read and write
7FFDF9B57000
unkown
page execute read
1690DC9D000
heap
page read and write
7FFE10264000
unkown
page read and write
1690E3BE000
heap
page read and write
1690E47D000
heap
page read and write
1690E4C0000
heap
page read and write
7FFE13319000
unkown
page readonly
1690E32F000
heap
page read and write
6E7000
stack
page read and write
1690DFF0000
direct allocation
page read and write
2B27000
direct allocation
page read and write
7FFE11503000
unkown
page readonly
2B60000
direct allocation
page read and write
7FF7CC9C0000
unkown
page readonly
1690D962000
heap
page read and write
1690DD9F000
heap
page read and write
1690E4A6000
heap
page read and write
71F4000
heap
page read and write
1D8ED4B0000
heap
page read and write
1690E380000
heap
page read and write
7FF70E8D6000
unkown
page readonly
1690DC9D000
heap
page read and write
1690DD10000
heap
page read and write
1690DC52000
heap
page read and write
7FFDF9EA6000
unkown
page readonly
144AA6B5000
heap
page read and write
7FFDF9AE2000
unkown
page execute read
7FFE10241000
unkown
page execute read
144AA6B5000
heap
page read and write
1690E32F000
heap
page read and write
1690E1B7000
heap
page read and write
7292000
heap
page read and write
1690ECD5000
heap
page read and write
144AA6B5000
heap
page read and write
1690E47D000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE11BBA000
unkown
page read and write
1690DD41000
heap
page read and write
1690F630000
direct allocation
page read and write
1690ED47000
heap
page read and write
7FFE0EA74000
unkown
page readonly
1690DCA8000
heap
page read and write
144AA6B4000
heap
page read and write
7FFE117E2000
unkown
page readonly
1690DD34000
heap
page read and write
1690DC49000
heap
page read and write
1690E4DB000
heap
page read and write
8AE000
heap
page read and write
2F67000
direct allocation
page read and write
1D8ED780000
heap
page read and write
2B90000
direct allocation
page read and write
1690E205000
heap
page read and write
1690F035000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
1690D960000
heap
page read and write
6CFA000
heap
page read and write
1690E32F000
heap
page read and write
32D0000
heap
page read and write
1690D955000
heap
page read and write
1690E133000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE110F0000
unkown
page readonly
7FFE11EA5000
unkown
page read and write
1690DDD4000
heap
page read and write
7FFDFF222000
unkown
page readonly
7FFE00290000
unkown
page readonly
1690EC35000
heap
page read and write
144AA6C3000
heap
page read and write
1690E1CB000
heap
page read and write
1690E1DD000
heap
page read and write
D99000
unkown
page readonly
1690E332000
heap
page read and write
1690BF28000
heap
page read and write
2B20000
direct allocation
page read and write
16BE000
stack
page read and write
1690E26E000
heap
page read and write
1690D94A000
heap
page read and write
1690E8F0000
direct allocation
page read and write
1690D9A9000
heap
page read and write
1690E433000
heap
page read and write
1690EDCC000
heap
page read and write
1690DC97000
heap
page read and write
1690E1BE000
heap
page read and write
1690DD9D000
heap
page read and write
144AA6C3000
heap
page read and write
1690D8D5000
heap
page read and write
2BA2000
direct allocation
page read and write
7FFE0CFB1000
unkown
page execute read
7FFE120C1000
unkown
page execute read
1690D980000
heap
page read and write
7FFDFA650000
unkown
page readonly
E91000
unkown
page readonly
1690EDE7000
heap
page read and write
144AA6B5000
heap
page read and write
1690D927000
heap
page read and write
1690D99D000
heap
page read and write
CB8000
heap
page read and write
1690EFB7000
heap
page read and write
1690E24C000
heap
page read and write
1690DC2E000
heap
page read and write
1690E339000
heap
page read and write
7FFE101DF000
unkown
page readonly
1690DC76000
heap
page read and write
1690EF1E000
heap
page read and write
1690D97C000
heap
page read and write
7FFDFA5B0000
unkown
page read and write
1690E19D000
heap
page read and write
1690E261000
heap
page read and write
106B000
stack
page read and write
1690E39F000
heap
page read and write
1690E19D000
heap
page read and write
144AA6C4000
heap
page read and write
1690DD45000
heap
page read and write
1690DDA9000
heap
page read and write
144AA6B5000
heap
page read and write
A07000
unkown
page readonly
1690BF10000
heap
page read and write
144AA6C1000
heap
page read and write
1690DC21000
heap
page read and write
7FFE0C0C5000
unkown
page read and write
144AA6B5000
heap
page read and write
1690DC8A000
heap
page read and write
2FE1000
direct allocation
page read and write
1690E332000
heap
page read and write
7FF70E8D0000
unkown
page read and write
7FFDFAAA5000
unkown
page readonly
7FFE101D1000
unkown
page execute read
7FFE10233000
unkown
page readonly
7FFDFF282000
unkown
page read and write
1690DC0D000
heap
page read and write
1690F003000
heap
page read and write
7FFDF9E69000
unkown
page readonly
1690E393000
heap
page read and write
1690DD10000
heap
page read and write
3016000
direct allocation
page read and write
1690DDBF000
heap
page read and write
1690BF36000
heap
page read and write
144AA6BB000
heap
page read and write
1690DD43000
heap
page read and write
D92000
unkown
page read and write
1690DDE8000
heap
page read and write
1690E1E5000
heap
page read and write
144AA6B5000
heap
page read and write
1690DC8A000
heap
page read and write
1690E332000
heap
page read and write
7FFE130C4000
unkown
page readonly
1690D8F0000
heap
page read and write
1690E31D000
heap
page read and write
901000
heap
page read and write
1690ED47000
heap
page read and write
1690E4A1000
heap
page read and write
4CE3000
heap
page read and write
7FFE148E6000
unkown
page readonly
144AA6C2000
heap
page read and write
144AA6BB000
heap
page read and write
7FFDFA270000
unkown
page readonly
1690E38D000
heap
page read and write
87B000
heap
page read and write
1690EF17000
heap
page read and write
7FFE11BB0000
unkown
page readonly
7FFE10235000
unkown
page readonly
144AA690000
heap
page read and write
35EF000
direct allocation
page read and write
1690E31D000
heap
page read and write
1690DD1D000
heap
page read and write
2B6E000
direct allocation
page read and write
1690E3D4000
heap
page read and write
1690DDA8000
heap
page read and write
1690E2E8000
heap
page read and write
144AA6B5000
heap
page read and write
2FA7000
direct allocation
page read and write
7FFE0C0B7000
unkown
page readonly
56E3000
heap
page read and write
1690E3AD000
heap
page read and write
1690F012000
heap
page read and write
144AA6C3000
heap
page read and write
1690EF48000
heap
page read and write
1690E182000
heap
page read and write
144AA6C3000
heap
page read and write
1690E41D000
heap
page read and write
7FFE10234000
unkown
page read and write
1690E1BE000
heap
page read and write
1690D92B000
heap
page read and write
1690ECB1000
heap
page read and write
1690DD26000
heap
page read and write
1690E208000
heap
page read and write
1690E339000
heap
page read and write
144AA6B5000
heap
page read and write
2BA9000
direct allocation
page read and write
1690E420000
heap
page read and write
A00000
unkown
page write copy
1690E3A8000
heap
page read and write
1690EF74000
heap
page read and write
1690E1BE000
heap
page read and write
7FFDFF21E000
unkown
page readonly
1690DC35000
heap
page read and write
144AA6BA000
heap
page read and write
1690DD1C000
heap
page read and write
6C6000
stack
page read and write
1690D902000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE13301000
unkown
page execute read
7FFDFA3B1000
unkown
page readonly
144AA6C3000
heap
page read and write
120E000
stack
page read and write
1690DDB5000
heap
page read and write
305E000
stack
page read and write
1690EE91000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
32E0000
direct allocation
page read and write
1690DD9B000
heap
page read and write
2F99000
direct allocation
page read and write
7FFDF9AE8000
unkown
page execute read
1690DD2F000
heap
page read and write
1690E1DE000
heap
page read and write
7FF7CC9CE000
unkown
page readonly
1690D96D000
heap
page read and write
1690F0B1000
heap
page read and write
1690E170000
heap
page read and write
2C18000
direct allocation
page read and write
1690F012000
heap
page read and write
1690D959000
heap
page read and write
1690BF2F000
heap
page read and write
1690D981000
heap
page read and write
1690F08B000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
1690E170000
heap
page read and write
1690F071000
heap
page read and write
7FFE01352000
unkown
page execute read
144AA6B5000
heap
page read and write
1690E31D000
heap
page read and write
1690DC45000
heap
page read and write
1690E32A000
heap
page read and write
1690F003000
heap
page read and write
7FFE0B2C0000
unkown
page readonly
1690DD74000
heap
page read and write
1690E312000
heap
page read and write
2FB7000
direct allocation
page read and write
1690E13B000
heap
page read and write
1690D942000
heap
page read and write
309E000
stack
page read and write
2C4A000
direct allocation
page read and write
144AA6B5000
heap
page read and write
2B51000
direct allocation
page read and write
ED0000
heap
page read and write
1690EF04000
heap
page read and write
1690F0B3000
heap
page read and write
1690E332000
heap
page read and write
F12000
heap
page read and write
7FFE0071F000
unkown
page readonly
8AD000
heap
page read and write
1690DD08000
heap
page read and write
1690E264000
heap
page read and write
1690E24B000
heap
page read and write
1690E312000
heap
page read and write
7FFE08ED2000
unkown
page readonly
7FFE110F3000
unkown
page readonly
12F0000
heap
page read and write
1690EFDB000
heap
page read and write
1690D956000
heap
page read and write
D95000
unkown
page write copy
1690E2DE000
heap
page read and write
1690BF12000
heap
page read and write
1690DDB1000
heap
page read and write
7FFE117E1000
unkown
page execute read
1690DC2E000
heap
page read and write
898000
heap
page read and write
1690DC22000
heap
page read and write
144AA6C2000
heap
page read and write
1690E3A0000
heap
page read and write
144AA6C3000
heap
page read and write
1690D909000
heap
page read and write
1690EDCE000
heap
page read and write
7FFDFA5AE000
unkown
page read and write
1690E196000
heap
page read and write
1690DC2F000
heap
page read and write
1690F05E000
heap
page read and write
3303000
direct allocation
page read and write
7FFDFF171000
unkown
page execute read
1690EFD7000
heap
page read and write
2F75000
direct allocation
page read and write
E30000
unkown
page readonly
1690E22C000
heap
page read and write
7FFDF9FAA000
unkown
page readonly
1690E200000
heap
page read and write
1690EFCF000
heap
page read and write
1690BF25000
heap
page read and write
1690E17A000
heap
page read and write
1690E242000
heap
page read and write
1690DD10000
heap
page read and write
C80000
heap
page read and write
7FFE0C0B5000
unkown
page readonly
4BE0000
heap
page read and write
1690DDEE000
heap
page read and write
144AA6B5000
heap
page read and write
1690D919000
heap
page read and write
1690E143000
heap
page read and write
1690EEF4000
heap
page read and write
848000
heap
page read and write
1690DDBB000
heap
page read and write
1690E263000
heap
page read and write
7FFDF9FC0000
unkown
page readonly
1690E339000
heap
page read and write
79E000
stack
page read and write
1690E2D7000
heap
page read and write
1690DC58000
heap
page read and write
1690BF32000
heap
page read and write
7FFE01225000
unkown
page read and write
1690DCB9000
heap
page read and write
7FFE0CFB0000
unkown
page readonly
1690EE64000
heap
page read and write
1690FA44000
direct allocation
page read and write
1690F960000
direct allocation
page read and write
7292000
heap
page read and write
1690E17E000
heap
page read and write
D89000
unkown
page read and write
144AA6B5000
heap
page read and write
1690D992000
heap
page read and write
1690E312000
heap
page read and write
1690DC2E000
heap
page read and write
1690ECE4000
heap
page read and write
1690E12E000
heap
page read and write
1690E1C0000
heap
page read and write
1690E2D3000
heap
page read and write
7FFDFA970000
unkown
page readonly
1690E260000
heap
page read and write
1690DC46000
heap
page read and write
1690E3F3000
heap
page read and write
EA2000
heap
page read and write
1690EFC4000
heap
page read and write
C0E000
stack
page read and write
1690DD0C000
heap
page read and write
144AA6BA000
heap
page read and write
1690D95D000
heap
page read and write
7FF70E8CE000
unkown
page read and write
1690EF9E000
heap
page read and write
1690EE64000
heap
page read and write
7FFE117E4000
unkown
page readonly
71F4000
heap
page read and write
144AA6B3000
heap
page read and write
1690E196000
heap
page read and write
1690E143000
heap
page read and write
1690E180000
heap
page read and write
7FFDF9B32000
unkown
page execute read
144AA6B5000
heap
page read and write
1690D92F000
heap
page read and write
1690EE18000
heap
page read and write
144AA6C3000
heap
page read and write
3008000
direct allocation
page read and write
1370000
heap
page read and write
1690BF34000
heap
page read and write
144AA6B5000
heap
page read and write
1690E131000
heap
page read and write
1690EFDF000
heap
page read and write
7261000
heap
page read and write
8BD000
heap
page read and write
1690E24F000
heap
page read and write
2B7C000
direct allocation
page read and write
1690E32F000
heap
page read and write
1690E4EE000
heap
page read and write
1690ECAB000
heap
page read and write
7150000
heap
page read and write
1690D8CB000
heap
page read and write
2C51000
direct allocation
page read and write
1690E336000
heap
page read and write
7FFDFA524000
unkown
page write copy
1690E12B000
heap
page read and write
1690BDE0000
heap
page read and write
1690DDB2000
heap
page read and write
1690E332000
heap
page read and write
300F000
direct allocation
page read and write
1690FA58000
direct allocation
page read and write
882000
heap
page read and write
1690E3D8000
heap
page read and write
1690E41D000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE10230000
unkown
page readonly
1690E420000
heap
page read and write
7FFE0071C000
unkown
page read and write
1690E22D000
heap
page read and write
7FFDFA5E2000
unkown
page write copy
1690BE20000
direct allocation
page read and write
1690E1BE000
heap
page read and write
1690D99C000
heap
page read and write
144AA6B5000
heap
page read and write
1690EF93000
heap
page read and write
1690DD7C000
heap
page read and write
3B0F000
stack
page read and write
35DF000
direct allocation
page read and write
2C26000
direct allocation
page read and write
7FFE0C0C0000
unkown
page readonly
1690E392000
heap
page read and write
1690D8E6000
heap
page read and write
1690E36A000
heap
page read and write
7FFE00291000
unkown
page execute read
144AA6C2000
heap
page read and write
7FFE0E16D000
unkown
page readonly
E91000
unkown
page readonly
1690D955000
heap
page read and write
878000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE0E181000
unkown
page write copy
1690F980000
direct allocation
page read and write
1690E4EE000
heap
page read and write
1690E42B000
heap
page read and write
7FF7CC9C1000
unkown
page execute read
7FFE11BC1000
unkown
page execute read
7FFE00731000
unkown
page execute read
1690E3CF000
heap
page read and write
903000
heap
page read and write
2F39000
direct allocation
page read and write
EB1000
heap
page read and write
144AA6B5000
heap
page read and write
1FF758E000
stack
page read and write
144AA6C2000
heap
page read and write
7FFE0B2C5000
unkown
page readonly
1690D8F0000
heap
page read and write
360D000
direct allocation
page read and write
1690EB30000
direct allocation
page read and write
FBE000
stack
page read and write
2BC6000
direct allocation
page read and write
1690E23F000
heap
page read and write
7FFDFA241000
unkown
page readonly
1690E1BE000
heap
page read and write
6F2000
stack
page read and write
1690E208000
heap
page read and write
715A000
heap
page read and write
1690E3A2000
heap
page read and write
1690D96C000
heap
page read and write
7FF7CD3CE000
unkown
page readonly
1690E17F000
heap
page read and write
1690DD61000
heap
page read and write
CE0000
unkown
page readonly
D97000
unkown
page readonly
1690EFEA000
heap
page read and write
1690DD11000
heap
page read and write
1690E143000
heap
page read and write
7FFE0EA71000
unkown
page execute read
7FFE148E9000
unkown
page readonly
1690EE79000
heap
page read and write
1690E2E6000
heap
page read and write
7FFDFA5AB000
unkown
page write copy
7FF70E8CE000
unkown
page write copy
1330000
heap
page read and write
7FFDFA5BA000
unkown
page readonly
1690E16D000
heap
page read and write
1690EFDB000
heap
page read and write
1690D97F000
heap
page read and write
144AA6B5000
heap
page read and write
36D1000
heap
page read and write
7FFDF9F78000
unkown
page readonly
4EDC000
stack
page read and write
1690DC9D000
heap
page read and write
1690EFEF000
heap
page read and write
144AA6B5000
heap
page read and write
1690E3B7000
heap
page read and write
1690E261000
heap
page read and write
313B000
stack
page read and write
7FFE11BBB000
unkown
page readonly
1690E22C000
heap
page read and write
7FFE01211000
unkown
page execute read
1690DC60000
heap
page read and write
7FFDFA632000
unkown
page read and write
7FFDFF284000
unkown
page readonly
1690F988000
direct allocation
page read and write
7130000
heap
page read and write
1690EF51000
heap
page read and write
1690DD0B000
heap
page read and write
7FFE01224000
unkown
page readonly
1690E1E0000
heap
page read and write
1690F00A000
heap
page read and write
144AA6B5000
heap
page read and write
1690E2D3000
heap
page read and write
7FFE11070000
unkown
page readonly
134E000
stack
page read and write
1690DC63000
heap
page read and write
1690E31D000
heap
page read and write
1690D98C000
heap
page read and write
1690E4CA000
heap
page read and write
1690DD34000
heap
page read and write
E31000
unkown
page execute read
7FFE01793000
unkown
page readonly
1690BEF0000
heap
page read and write
1690D95D000
heap
page read and write
1690E3CC000
heap
page read and write
1690DD45000
heap
page read and write
1690DD41000
heap
page read and write
7FFE0CF81000
unkown
page execute read
86F000
heap
page read and write
7FFE11EA3000
unkown
page readonly
1690DC9D000
heap
page read and write
7FF7CC9C9000
unkown
page readonly
7FFE0CFDB000
unkown
page read and write
1690DBF1000
heap
page read and write
1D8ED400000
heap
page read and write
2BD4000
direct allocation
page read and write
144AA6B4000
heap
page read and write
1690DDA3000
heap
page read and write
7FFE012D0000
unkown
page readonly
1690DD7C000
heap
page read and write
1690DCEE000
heap
page read and write
2A8E000
stack
page read and write
1690F0A6000
heap
page read and write
1690DDDF000
heap
page read and write
7FFE0CF83000
unkown
page readonly
86A000
heap
page read and write
1690D8F0000
heap
page read and write
1690FA74000
direct allocation
page read and write
7FFDFF27F000
unkown
page readonly
1690DDA9000
heap
page read and write
1690D927000
heap
page read and write
820000
heap
page read and write
8BD000
heap
page read and write
1690DC2D000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE0C0A3000
unkown
page readonly
7FFE10312000
unkown
page read and write
1690EF3E000
heap
page read and write
144AA6B5000
heap
page read and write
1690DD08000
heap
page read and write
1690EDCB000
heap
page read and write
1690E47D000
heap
page read and write
1690E438000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE01210000
unkown
page readonly
1690D8F8000
heap
page read and write
2FAE000
direct allocation
page read and write
144AA6C4000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6C0000
heap
page read and write
1690F004000
heap
page read and write
1690BE68000
heap
page read and write
7FFE02A10000
unkown
page readonly
1690DD07000
heap
page read and write
30C3000
heap
page read and write
144AA6C3000
heap
page read and write
7FFDF9AD2000
unkown
page execute read
144AA6B4000
heap
page read and write
1690E3B5000
heap
page read and write
C91000
trusted library allocation
page read and write
1690EFA4000
heap
page read and write
1690BF28000
heap
page read and write
1690DC6D000
heap
page read and write
1690EF04000
heap
page read and write
1690BF31000
heap
page read and write
7FFE13201000
unkown
page execute read
1690EFC4000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B5000
heap
page read and write
1690E4B5000
heap
page read and write
144AA6B5000
heap
page read and write
715A000
heap
page read and write
1690E32C000
heap
page read and write
144AA6C3000
heap
page read and write
1690E22C000
heap
page read and write
EE7000
heap
page read and write
1690DC57000
heap
page read and write
8CB000
heap
page read and write
7FFE0C0C6000
unkown
page readonly
1690DD34000
heap
page read and write
144AA6B5000
heap
page read and write
7FFDFA5E4000
unkown
page read and write
1690DCF2000
heap
page read and write
144AA6C3000
heap
page read and write
1690D9AE000
heap
page read and write
144AA6B4000
heap
page read and write
144AA6C3000
heap
page read and write
1690DD08000
heap
page read and write
1690D9A2000
heap
page read and write
1690E19D000
heap
page read and write
1690BEDD000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
1690EEF4000
heap
page read and write
1375000
heap
page read and write
7262000
heap
page read and write
7FFE01381000
unkown
page readonly
1690E208000
heap
page read and write
34DE000
stack
page read and write
2B58000
direct allocation
page read and write
1690DC31000
heap
page read and write
7FFE11BB1000
unkown
page execute read
1690F06B000
heap
page read and write
1690E1F5000
heap
page read and write
2BCD000
direct allocation
page read and write
7FF7CC9C9000
unkown
page readonly
3627000
direct allocation
page read and write
1690E138000
heap
page read and write
1690E25F000
heap
page read and write
1690E1E0000
heap
page read and write
144AA6B6000
heap
page read and write
1690E189000
heap
page read and write
1690E161000
heap
page read and write
E84000
unkown
page read and write
1690E38A000
heap
page read and write
1690E0F0000
heap
page read and write
1690DC6D000
heap
page read and write
1690E3CE000
heap
page read and write
1690E26E000
heap
page read and write
1690D951000
heap
page read and write
1690E339000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE101D0000
unkown
page readonly
1690E3A7000
heap
page read and write
1690EE92000
heap
page read and write
1690E208000
heap
page read and write
1690EE64000
heap
page read and write
1690F087000
heap
page read and write
2B4A000
direct allocation
page read and write
7FFE08ED4000
unkown
page readonly
7F26B000
direct allocation
page read and write
144AA6BF000
heap
page read and write
1690DD05000
heap
page read and write
1690E1C7000
heap
page read and write
7FF70E8D4000
unkown
page read and write
1690E1AE000
heap
page read and write
87B000
heap
page read and write
7DE000
stack
page read and write
144AA6B5000
heap
page read and write
1690EFA5000
heap
page read and write
1690E4DF000
heap
page read and write
1690D90D000
heap
page read and write
1690E2D3000
heap
page read and write
1690DDAF000
heap
page read and write
1690DD1C000
heap
page read and write
882000
heap
page read and write
7FFE0C0A0000
unkown
page readonly
144AA6B5000
heap
page read and write
2C80000
trusted library allocation
page read and write
890000
heap
page read and write
1690EF50000
heap
page read and write
144AA6B3000
heap
page read and write
301D000
direct allocation
page read and write
1690F890000
direct allocation
page read and write
1690D934000
heap
page read and write
1690DC38000
heap
page read and write
7FFE12E15000
unkown
page readonly
1690D954000
heap
page read and write
1690E2D8000
heap
page read and write
1690EC40000
heap
page read and write
1690E49E000
heap
page read and write
1690F430000
direct allocation
page read and write
1690DC45000
heap
page read and write
1690EFA3000
heap
page read and write
1690EEFA000
heap
page read and write
2B43000
direct allocation
page read and write
1690DD9D000
heap
page read and write
1760000
heap
page read and write
2BF4000
direct allocation
page read and write
1690BF27000
heap
page read and write
144AA6C2000
heap
page read and write
1690E1DC000
heap
page read and write
4DDF000
stack
page read and write
1690DC47000
heap
page read and write
2F58000
direct allocation
page read and write
7FFE00701000
unkown
page execute read
1690E372000
heap
page read and write
7FF70E8D6000
unkown
page readonly
1690DDB9000
heap
page read and write
144AA6C3000
heap
page read and write
1690EF04000
heap
page read and write
E74000
unkown
page read and write
1690EE83000
heap
page read and write
7FFDFAAD9000
unkown
page readonly
C4E000
stack
page read and write
2FA0000
direct allocation
page read and write
37D1000
heap
page read and write
7FFE0CF80000
unkown
page readonly
1690DC66000
heap
page read and write
144AA6B5000
heap
page read and write
1690E23E000
heap
page read and write
8B0000
heap
page read and write
144AA6C2000
heap
page read and write
1690EF3E000
heap
page read and write
1690D9AD000
heap
page read and write
7FFE0CF90000
unkown
page readonly
1690E312000
heap
page read and write
1690E31D000
heap
page read and write
7106000
heap
page read and write
1690F075000
heap
page read and write
144AA6C3000
heap
page read and write
1690E3D3000
heap
page read and write
1690E32F000
heap
page read and write
1690E4AC000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6C3000
heap
page read and write
F09000
heap
page read and write
1690BEF8000
heap
page read and write
1690D97C000
heap
page read and write
1690DDB0000
heap
page read and write
7FFE110F4000
unkown
page read and write
1690DD26000
heap
page read and write
1690F043000
heap
page read and write
7FFE11500000
unkown
page readonly
7FF70E8D0000
unkown
page read and write
1690E373000
heap
page read and write
144AA6B5000
heap
page read and write
1690D919000
heap
page read and write
1690BEED000
heap
page read and write
1690DD52000
heap
page read and write
7FF70E890000
unkown
page readonly
F0D000
heap
page read and write
EB1000
heap
page read and write
7FF7CC9CC000
unkown
page write copy
CBB000
heap
page read and write
144AA6B8000
heap
page read and write
1690D904000
heap
page read and write
1690E2E6000
heap
page read and write
1690DDCC000
heap
page read and write
2C02000
direct allocation
page read and write
1690E336000
heap
page read and write
1690E2D3000
heap
page read and write
1690D990000
heap
page read and write
1690E24B000
heap
page read and write
EBA000
heap
page read and write
1690D8A4000
heap
page read and write
EAD000
heap
page read and write
1690E1AD000
heap
page read and write
1690E22C000
heap
page read and write
7FFDFF175000
unkown
page readonly
1690DD05000
heap
page read and write
EB5000
heap
page read and write
144AA6B5000
heap
page read and write
1690E1DD000
heap
page read and write
1690DD10000
heap
page read and write
1690DD9D000
heap
page read and write
144AA6B5000
heap
page read and write
1690E4C0000
heap
page read and write
901000
heap
page read and write
ED5000
heap
page read and write
1690DCC7000
heap
page read and write
2C58000
direct allocation
page read and write
86A000
heap
page read and write
901000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE0CFAB000
unkown
page readonly
1690D96C000
heap
page read and write
1690E32F000
heap
page read and write
1690E2D9000
heap
page read and write
144AA6C3000
heap
page read and write
1690DCDD000
heap
page read and write
D89000
unkown
page write copy
88F000
heap
page read and write
87B000
heap
page read and write
144AA6C3000
heap
page read and write
71F4000
heap
page read and write
7FFE11BCE000
unkown
page readonly
1690BF45000
heap
page read and write
1690E32C000
heap
page read and write
1690DD9D000
heap
page read and write
900000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE120C3000
unkown
page readonly
2FD4000
direct allocation
page read and write
1690E4A1000
heap
page read and write
879000
heap
page read and write
1690DC36000
heap
page read and write
E31000
unkown
page execute read
1690BF15000
heap
page read and write
7FFE1030E000
unkown
page readonly
144AA6C0000
heap
page read and write
144AA6BF000
heap
page read and write
144AA6B5000
heap
page read and write
1690E391000
heap
page read and write
1690BF29000
heap
page read and write
7FFE110F1000
unkown
page execute read
1690DC2B000
heap
page read and write
1690EF15000
heap
page read and write
7FFDFA971000
unkown
page execute read
144AA6C3000
heap
page read and write
1690E188000
heap
page read and write
7FFDFF1D2000
unkown
page readonly
144AA6C0000
heap
page read and write
144AA6B5000
heap
page read and write
1690BF17000
heap
page read and write
EEB000
heap
page read and write
144AA6B5000
heap
page read and write
7FFDFA5F1000
unkown
page read and write
1690E26E000
heap
page read and write
144AA6C3000
heap
page read and write
7FFDFA263000
unkown
page readonly
1690E336000
heap
page read and write
7FFE08ED1000
unkown
page execute read
1690E379000
heap
page read and write
1690D981000
heap
page read and write
1690ED31000
heap
page read and write
1690F087000
heap
page read and write
3000000
direct allocation
page read and write
144AA6B5000
heap
page read and write
1690E379000
heap
page read and write
1690EC9F000
heap
page read and write
6B9000
stack
page read and write
1D8ED4E0000
heap
page read and write
144AA6C3000
heap
page read and write
1690FA28000
direct allocation
page read and write
1690DC9D000
heap
page read and write
1690DC02000
heap
page read and write
7FFDFA2E5000
unkown
page readonly
1690D8D7000
heap
page read and write
7FFE11EA0000
unkown
page readonly
1690F081000
heap
page read and write
144AA6B5000
heap
page read and write
1690EFDD000
heap
page read and write
7FF70E890000
unkown
page readonly
144AA6C3000
heap
page read and write
1690E120000
heap
page read and write
1690D966000
heap
page read and write
1690DBF1000
heap
page read and write
7FFE0CF91000
unkown
page execute read
1690E23C000
heap
page read and write
1690EFC4000
heap
page read and write
303A000
direct allocation
page read and write
1690EC30000
heap
page read and write
1690EF74000
heap
page read and write
1690DDC1000
heap
page read and write
1690E41D000
heap
page read and write
1690DC9E000
heap
page read and write
1690E437000
heap
page read and write
1690E41D000
heap
page read and write
1690E16F000
heap
page read and write
7FF7CC9C1000
unkown
page execute read
1690EDC8000
heap
page read and write
1690DDB0000
heap
page read and write
144AA6B5000
heap
page read and write
1690DC3E000
heap
page read and write
1690DC9E000
heap
page read and write
1690EDF7000
heap
page read and write
1690DC6B000
heap
page read and write
302C000
direct allocation
page read and write
1690D98D000
heap
page read and write
2BB0000
direct allocation
page read and write
7FFE002AF000
unkown
page read and write
2F8B000
direct allocation
page read and write
7FFE01216000
unkown
page readonly
1690D92F000
heap
page read and write
116C000
stack
page read and write
1690E3E8000
heap
page read and write
1690EE25000
heap
page read and write
1690F024000
heap
page read and write
144AA6B5000
heap
page read and write
741000
unkown
page execute read
1690F092000
heap
page read and write
D80000
heap
page read and write
7FFE13313000
unkown
page readonly
1690DD9D000
heap
page read and write
1690DD8C000
heap
page read and write
6E9000
stack
page read and write
1690E2D3000
heap
page read and write
E9E000
heap
page read and write
144AA6C1000
heap
page read and write
7FFE13211000
unkown
page readonly
1690FA2C000
direct allocation
page read and write
7FFE002B2000
unkown
page readonly
144AA6C3000
heap
page read and write
1690EE91000
heap
page read and write
7FFDF9B6C000
unkown
page execute read
1690E3EB000
heap
page read and write
1690BEEF000
heap
page read and write
7230000
heap
page read and write
1690E2D3000
heap
page read and write
1690D951000
heap
page read and write
1690EFC1000
heap
page read and write
1690E0F1000
heap
page read and write
1690DC4F000
heap
page read and write
144AA6C3000
heap
page read and write
7FFDF9F01000
unkown
page readonly
883000
heap
page read and write
ECA000
heap
page read and write
7E0000
heap
page read and write
1690E4C9000
heap
page read and write
1690F08B000
heap
page read and write
7192000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B5000
heap
page read and write
87B000
heap
page read and write
7FFE120C5000
unkown
page read and write
1690E126000
heap
page read and write
11CE000
stack
page read and write
1690D96E000
heap
page read and write
AF3000
stack
page read and write
7FFE1025C000
unkown
page readonly
1690E17C000
heap
page read and write
1690E237000
heap
page read and write
1690ECE4000
heap
page read and write
1690D8C2000
heap
page read and write
7FFDFAAD4000
unkown
page read and write
2B83000
direct allocation
page read and write
144AA6C1000
heap
page read and write
1690D981000
heap
page read and write
1690E4A1000
heap
page read and write
1690D98B000
heap
page read and write
7FFE11EA1000
unkown
page execute read
1690EF3E000
heap
page read and write
1690D8B8000
heap
page read and write
1690D9AE000
heap
page read and write
7FFE11EA6000
unkown
page readonly
1690DCAF000
heap
page read and write
1690DD6A000
heap
page read and write
1690E12E000
heap
page read and write
7FFE12E10000
unkown
page readonly
1690D97B000
heap
page read and write
7FFDFA528000
unkown
page write copy
1690EC9B000
heap
page read and write
7FFE0137C000
unkown
page read and write
1690DDA0000
heap
page read and write
1690E339000
heap
page read and write
1360000
direct allocation
page execute and read and write
1690EF96000
heap
page read and write
1690E433000
heap
page read and write
1690D952000
heap
page read and write
1690D9AE000
heap
page read and write
1690DD25000
heap
page read and write
1690ECD5000
heap
page read and write
330D000
direct allocation
page read and write
144AA6B5000
heap
page read and write
1690E1AE000
heap
page read and write
144AC0D4000
heap
page read and write
1690E7F0000
direct allocation
page read and write
1690D926000
heap
page read and write
2BBE000
direct allocation
page read and write
1690E4A0000
heap
page read and write
1690EFD7000
heap
page read and write
1690E31D000
heap
page read and write
1690ECD5000
heap
page read and write
1690EFC4000
heap
page read and write
144AA6C3000
heap
page read and write
1690D963000
heap
page read and write
7FFE0E161000
unkown
page execute read
144AA6B5000
heap
page read and write
1690DD0E000
heap
page read and write
15BF000
stack
page read and write
1690D925000
heap
page read and write
7101000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE00735000
unkown
page readonly
144AA6B5000
heap
page read and write
1690D928000
heap
page read and write
1690E4A1000
heap
page read and write
144AC0D0000
heap
page read and write
1FF6DCD000
stack
page read and write
A58000
unkown
page readonly
1690D919000
heap
page read and write
1690DD0A000
heap
page read and write
1690E1B9000
heap
page read and write
7FFE10265000
unkown
page readonly
1690E45D000
heap
page read and write
8B0000
heap
page read and write
7FFDF9FA6000
unkown
page readonly
740000
unkown
page readonly
1690E339000
heap
page read and write
1690F8F4000
direct allocation
page read and write
1690E2D3000
heap
page read and write
1300000
heap
page read and write
1690DDEE000
heap
page read and write
1690D9A5000
heap
page read and write
144AA6C2000
heap
page read and write
1690F008000
heap
page read and write
1690DD8B000
heap
page read and write
1690F9B4000
direct allocation
page read and write
7FFDFA5AC000
unkown
page read and write
7FFE0CF9F000
unkown
page readonly
1690D8C5000
heap
page read and write
2FCD000
direct allocation
page read and write
1690E2EA000
heap
page read and write
8CB000
heap
page read and write
1690EFAA000
heap
page read and write
1690DD26000
heap
page read and write
1690DBF8000
heap
page read and write
1690E2D3000
heap
page read and write
13C0000
heap
page read and write
1690DC25000
heap
page read and write
1690E200000
heap
page read and write
1690DDC6000
heap
page read and write
1690EE8E000
heap
page read and write
1690E2D3000
heap
page read and write
7FFE130C7000
unkown
page read and write
1690EF43000
heap
page read and write
1690DC60000
heap
page read and write
E62000
unkown
page readonly
1690DDCB000
heap
page read and write
900000
heap
page read and write
1690E32F000
heap
page read and write
1690E3E4000
heap
page read and write
1690D937000
heap
page read and write
1690DC6E000
heap
page read and write
1690F830000
direct allocation
page read and write
144AA6C3000
heap
page read and write
1690DDC8000
heap
page read and write
7FFE10231000
unkown
page execute read
144AA6BC000
heap
page read and write
1690E11F000
heap
page read and write
1690E45D000
heap
page read and write
CE1000
unkown
page execute read
7FFE0C0B1000
unkown
page execute read
1690E111000
heap
page read and write
1690DD36000
heap
page read and write
7FFE0CFA9000
unkown
page read and write
1690EE92000
heap
page read and write
1690E32C000
heap
page read and write
1690FA30000
direct allocation
page read and write
144AA6B5000
heap
page read and write
144AA6C3000
heap
page read and write
1690DD9D000
heap
page read and write
1690DC12000
heap
page read and write
144AA6B5000
heap
page read and write
144AA640000
heap
page read and write
7FF70E890000
unkown
page readonly
1690EEA4000
heap
page read and write
7FF7CC9CC000
unkown
page read and write
1690E2D3000
heap
page read and write
1690EEE8000
heap
page read and write
144AA6B3000
heap
page read and write
7FFE11BF3000
unkown
page readonly
1690D97F000
heap
page read and write
1690D964000
heap
page read and write
144AA6C2000
heap
page read and write
1690D92A000
heap
page read and write
1690EE84000
heap
page read and write
1D8ED4C6000
heap
page read and write
1690D95B000
heap
page read and write
2C3C000
direct allocation
page read and write
EBF000
heap
page read and write
7FFE01226000
unkown
page readonly
130E000
stack
page read and write
1690DD52000
heap
page read and write
1690EF96000
heap
page read and write
1690ED8C000
heap
page read and write
1690DDEB000
heap
page read and write
144AA6B5000
heap
page read and write
7EF60000
direct allocation
page read and write
1690F730000
direct allocation
page read and write
1690DDCC000
heap
page read and write
1690E24B000
heap
page read and write
1690FA50000
direct allocation
page read and write
1690D90D000
heap
page read and write
1690EDCE000
heap
page read and write
7FF70E891000
unkown
page execute read
A05000
unkown
page readonly
1690E4CC000
heap
page read and write
1690DCB9000
heap
page read and write
1690E3B8000
heap
page read and write
144AA6B5000
heap
page read and write
1690D942000
heap
page read and write
1690E17E000
heap
page read and write
2B31000
direct allocation
page read and write
E88000
heap
page read and write
1690DC6B000
heap
page read and write
1690DD8C000
heap
page read and write
EA0000
heap
page read and write
1690E4DD000
heap
page read and write
1690F08B000
heap
page read and write
2FF2000
direct allocation
page read and write
1690E6F0000
direct allocation
page read and write
7FFE101D8000
unkown
page readonly
144AA6B4000
heap
page read and write
1690E160000
heap
page read and write
144AA6C3000
heap
page read and write
1690ECD2000
heap
page read and write
1690DD35000
heap
page read and write
1690E4E4000
heap
page read and write
7FFE0B2C3000
unkown
page readonly
1690ECE4000
heap
page read and write
1690D909000
heap
page read and write
E8C000
unkown
page read and write
1690ECB0000
heap
page read and write
1690EF7F000
heap
page read and write
1690D8D5000
heap
page read and write
7FFE11501000
unkown
page execute read
1690D99C000
heap
page read and write
1690E1C0000
heap
page read and write
1690E47D000
heap
page read and write
1690E312000
heap
page read and write
1690DC30000
heap
page read and write
1690D97C000
heap
page read and write
1690E23B000
heap
page read and write
144AA6C3000
heap
page read and write
1690DCC7000
heap
page read and write
1690DD51000
heap
page read and write
1690D965000
heap
page read and write
1690DDC6000
heap
page read and write
2128BCE000
stack
page read and write
1690D770000
direct allocation
page read and write
1690E312000
heap
page read and write
1690E195000
heap
page read and write
840000
heap
page read and write
1690DD25000
heap
page read and write
1690E267000
heap
page read and write
1690EC3A000
heap
page read and write
1690E23E000
heap
page read and write
1690E45D000
heap
page read and write
1690E1DB000
heap
page read and write
EDD000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6C3000
heap
page read and write
1690DDCB000
heap
page read and write
1690EE75000
heap
page read and write
7FFE12E18000
unkown
page read and write
1690E22B000
heap
page read and write
1690EDF7000
heap
page read and write
1690E1A2000
heap
page read and write
3024000
direct allocation
page read and write
1690E3D8000
heap
page read and write
7FFE13300000
unkown
page readonly
1690E332000
heap
page read and write
1690F530000
direct allocation
page read and write
1690EE45000
heap
page read and write
1690DDA8000
heap
page read and write
1690E45C000
heap
page read and write
1690E332000
heap
page read and write
144AA699000
heap
page read and write
1690ECE4000
heap
page read and write
1690DDCC000
heap
page read and write
1690EFCB000
heap
page read and write
1690E4A1000
heap
page read and write
7FFDF9F40000
unkown
page readonly
1690E22D000
heap
page read and write
7FFE0E180000
unkown
page read and write
1690D99C000
heap
page read and write
144AA6B5000
heap
page read and write
7FFE11BB6000
unkown
page readonly
1690E3EB000
heap
page read and write
144AA6B6000
heap
page read and write
144AA6C3000
heap
page read and write
7FFE0138F000
unkown
page readonly
1690BED8000
heap
page read and write
1690DDEC000
heap
page read and write
1690DD0F000
heap
page read and write
1690DC4F000
heap
page read and write
1690DC9D000
heap
page read and write
1690DD72000
heap
page read and write
1690E170000
heap
page read and write
144AA6C3000
heap
page read and write
1690EFBF000
heap
page read and write
3050000
heap
page read and write
2BE4000
direct allocation
page read and write
7FFE0C0C4000
unkown
page readonly
1690EF04000
heap
page read and write
1690DC2E000
heap
page read and write
1690E3D8000
heap
page read and write
144AA6C3000
heap
page read and write
1690E3B8000
heap
page read and write
1690EEF4000
heap
page read and write
1690BEFD000
heap
page read and write
370D000
heap
page read and write
1690D964000
heap
page read and write
1690D8D4000
heap
page read and write
1690E37C000
heap
page read and write
1690E3B4000
heap
page read and write
1690E17D000
heap
page read and write
3041000
direct allocation
page read and write
1690E14E000
heap
page read and write
1690E1AE000
heap
page read and write
1690D92A000
heap
page read and write
1690E2D3000
heap
page read and write
1690DC0E000
heap
page read and write
1690EC93000
heap
page read and write
1690D95F000
heap
page read and write
1690DC35000
heap
page read and write
144AA6B5000
heap
page read and write
EC8000
heap
page read and write
1690DDC7000
heap
page read and write
1690D9A2000
heap
page read and write
1690DC06000
heap
page read and write
1690E4DC000
heap
page read and write
1690F96C000
direct allocation
page read and write
1690DD4B000
heap
page read and write
1690D97C000
heap
page read and write
913000
heap
page read and write
1690DC3E000
heap
page read and write
2F51000
direct allocation
page read and write
1690F087000
heap
page read and write
1690DC38000
heap
page read and write
FF0000
heap
page read and write
1690EC46000
heap
page read and write
1690D8E1000
heap
page read and write
1690F012000
heap
page read and write
1690E147000
heap
page read and write
2B67000
direct allocation
page read and write
2C10000
direct allocation
page read and write
1690EF8C000
heap
page read and write
1690E36C000
heap
page read and write
7200000
heap
page read and write
1340000
heap
page read and write
144AA6B5000
heap
page read and write
34E0000
direct allocation
page read and write
1690DCC2000
heap
page read and write
1690E1FC000
heap
page read and write
7FFE11BF1000
unkown
page read and write
2FF9000
direct allocation
page read and write
7FFE11071000
unkown
page execute read
144AA6B5000
heap
page read and write
1690DC31000
heap
page read and write
1690D90D000
heap
page read and write
1690EF8E000
heap
page read and write
144AA6C3000
heap
page read and write
7FFE12E19000
unkown
page readonly
144AA6B5000
heap
page read and write
1690D940000
heap
page read and write
1690BF16000
heap
page read and write
1690D8E0000
heap
page read and write
1690D8F0000
heap
page read and write
43E0000
trusted library allocation
page read and write
1690D9A2000
heap
page read and write
1690E385000
heap
page read and write
1690DDB7000
heap
page read and write
1690ED22000
heap
page read and write
2C1F000
direct allocation
page read and write
7FFDFA5DF000
unkown
page read and write
30C0000
heap
page read and write
1690D8B5000
heap
page read and write
7FFDF9AC0000
unkown
page readonly
1690DDEC000
heap
page read and write
1690D98C000
heap
page read and write
1690DD03000
heap
page read and write
1690E31D000
heap
page read and write
1690DC07000
heap
page read and write
1690E3A7000
heap
page read and write
1690E164000
heap
page read and write
1690DD10000
heap
page read and write
1690DC00000
heap
page read and write
7FFE1321C000
unkown
page readonly
7FFDF9FC1000
unkown
page execute read
7FFDF9F72000
unkown
page read and write
1690E339000
heap
page read and write
34E0000
direct allocation
page read and write
144AA6C3000
heap
page read and write
1690DD12000
heap
page read and write
7FFE0C0A5000
unkown
page readonly
1690DC2E000
heap
page read and write
144AA6BB000
heap
page read and write
7FFE0C0B6000
unkown
page read and write
7FFE0148F000
unkown
page read and write
1690E20A000
heap
page read and write
7FFDFF227000
unkown
page readonly
1D8ED4CE000
heap
page read and write
D8B000
unkown
page read and write
1690E264000
heap
page read and write
7FF7CC9C0000
unkown
page readonly
1690EFDB000
heap
page read and write
1690EFC6000
heap
page read and write
7FFDFA5AA000
unkown
page read and write
1690DC2E000
heap
page read and write
1690D964000
heap
page read and write
7FFE0CFD2000
unkown
page readonly
144AA6B4000
heap
page read and write
1690ED18000
heap
page read and write
7201000
heap
page read and write
1690EE8E000
heap
page read and write
1690E3F0000
heap
page read and write
1690F071000
heap
page read and write
144AA6B5000
heap
page read and write
1690E208000
heap
page read and write
7FFE11BE0000
unkown
page readonly
1690E182000
heap
page read and write
1690E4E5000
heap
page read and write
1690DDBA000
heap
page read and write
1690D919000
heap
page read and write
7FFE101DD000
unkown
page read and write
715A000
heap
page read and write
1690E199000
heap
page read and write
71C4000
heap
page read and write
1690EC8D000
heap
page read and write
7FFE13218000
unkown
page read and write
E30000
unkown
page readonly
1690DC9D000
heap
page read and write
11D0000
heap
page read and write
1690DD44000
heap
page read and write
7FFE117E0000
unkown
page readonly
1690E4AC000
heap
page read and write
144AA6C3000
heap
page read and write
144AA6B5000
heap
page read and write
1690DC66000
heap
page read and write
1690E3B0000
heap
page read and write
1690ECE4000
heap
page read and write
1690F798000
direct allocation
page read and write
1690E47E000
heap
page read and write
1690F930000
direct allocation
page read and write
1690EC9F000
heap
page read and write
1690E207000
heap
page read and write
1690BF28000
heap
page read and write
1690D8B0000
heap
page read and write
1690DCE7000
heap
page read and write
1690E197000
heap
page read and write
1690EEE8000
heap
page read and write
2FC5000
direct allocation
page read and write
1690EF98000
heap
page read and write
1690D964000
heap
page read and write
1690BF18000
heap
page read and write
144AA6B5000
heap
page read and write
144AA6B5000
heap
page read and write
1690DDB5000
heap
page read and write
1690E14B000
heap
page read and write
7FFE11BC0000
unkown
page readonly
1690E1E6000
heap
page read and write
EE4000
heap
page read and write
1690DD34000
heap
page read and write
144AA6B4000
heap
page read and write
7FFE012D1000
unkown
page execute read
1690DDCC000
heap
page read and write
2FEA000
direct allocation
page read and write
1690E22C000
heap
page read and write
7161000
heap
page read and write
7FFE10300000
unkown
page readonly
144AA6A0000
heap
page read and write
7FF70E891000
unkown
page execute read
32FB000
direct allocation
page read and write
1690D99C000
heap
page read and write
1690D8E9000
heap
page read and write
1690DAF0000
direct allocation
page read and write
1690BF2A000
heap
page read and write
BEC000
stack
page read and write
1690DC0B000
heap
page read and write
144AA6B8000
heap
page read and write
1690E38A000
heap
page read and write
1690E160000
heap
page read and write
1690E3B8000
heap
page read and write
1690F8D4000
direct allocation
page read and write
1690E1FC000
heap
page read and write
1690EF8C000
heap
page read and write
1690E380000
heap
page read and write
1690DD33000
heap
page read and write
1690E2D3000
heap
page read and write
1690E332000
heap
page read and write
1690D8E0000
heap
page read and write
1690DD10000
heap
page read and write
144AA6BA000
heap
page read and write
7FFE01387000
unkown
page readonly
1690E3CC000
heap
page read and write
1690DDA9000
heap
page read and write
1690E458000
heap
page read and write
7FFE0EA72000
unkown
page readonly
1690E248000
heap
page read and write
1690E114000
heap
page read and write
1690E1A2000
heap
page read and write
1690EC44000
heap
page read and write
1690DC03000
heap
page read and write
1690ED39000
heap
page read and write
1690DD4A000
heap
page read and write
1690E23A000
heap
page read and write
144AA6BA000
heap
page read and write
1690E1FB000
heap
page read and write
6D5000
stack
page read and write
1690DD9C000
heap
page read and write
1690DC3E000
heap
page read and write
1690D97F000
heap
page read and write
1690DDBC000
heap
page read and write
144AA6C3000
heap
page read and write
1690E32C000
heap
page read and write
144AA630000
heap
page read and write
2F1C000
stack
page read and write
1690E1AE000
heap
page read and write
1690ED17000
heap
page read and write
EC9000
heap
page read and write
1690DD03000
heap
page read and write
1690BEF3000
heap
page read and write
87B000
heap
page read and write
2BEB000
direct allocation
page read and write
1690E17B000
heap
page read and write
144AA6B5000
heap
page read and write
1690D97C000
heap
page read and write
43E1000
heap
page read and write
1690E339000
heap
page read and write
7193000
heap
page read and write
1690D97F000
heap
page read and write
1690E32C000
heap
page read and write
1690DDA2000
heap
page read and write
1690BF11000
heap
page read and write
1690E190000
heap
page read and write
7FFDFA5E0000
unkown
page write copy
EA2000
heap
page read and write
1690ECA8000
heap
page read and write
1690E36D000
heap
page read and write
144AA6B5000
heap
page read and write
1690DDC7000
heap
page read and write
1690BF3B000
heap
page read and write
1690E31D000
heap
page read and write
7FFDF9F73000
unkown
page write copy
2FBE000
direct allocation
page read and write
1690E1CA000
heap
page read and write
7FFE10301000
unkown
page execute read
7FFDFA4B5000
unkown
page read and write
144AA6C4000
heap
page read and write
1FF69DF000
stack
page read and write
1690E140000
heap
page read and write
1690D8F0000
heap
page read and write
1690DD23000
heap
page read and write
901000
heap
page read and write
7FFDF9AC1000
unkown
page execute read
1690E336000
heap
page read and write
7FFE10313000
unkown
page readonly
1690DDCC000
heap
page read and write
1690ECD5000
heap
page read and write
882000
heap
page read and write
1690D97A000
heap
page read and write
144AA6B1000
heap
page read and write
1690E3F1000
heap
page read and write
E9A000
heap
page read and write
7FFE00712000
unkown
page readonly
144AA6C2000
heap
page read and write
1690E206000
heap
page read and write
901000
heap
page read and write
1690F984000
direct allocation
page read and write
1690E1CA000
heap
page read and write
1690FA40000
direct allocation
page read and write
1690EF02000
heap
page read and write
7FFE11505000
unkown
page readonly
144AA6B5000
heap
page read and write
There are 1975 hidden memdumps, click here to show them.