Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PInstaller.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\.oracle_jre_usage\5a479ad919b8cd0e.timestamp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hsperfdata_user\1816
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nssDB2F.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\COPYRIGHT
|
ISO-8859 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\LICENSE
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\README.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\THIRDPARTYLICENSEREADME.txt
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\Welcome.html
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\asm-all.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JAWTAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JAWTAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JavaAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\JavaAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\WindowsAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\WindowsAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\awt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\bci.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\client\Xusage.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\client\jvm.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dcpr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\decora_sse.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\deploy.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dt_shmem.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dt_socket.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dtplugin\deployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\dtplugin\npdeployJava1.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\eula.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\fontmanager.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\fxplugins.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\glass.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\glib-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\gstreamer-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\hprof.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\instrument.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\j2pcsc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\j2pkcs11.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jaas_nt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jabswitch.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java-rmi.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\java_crw_demo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javacpl.cpl
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javacpl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_font.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_font_t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javafx_iio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaws.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jawt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jdwp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfxmedia.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jfxwebkit.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jjs.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jli.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2iexp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2launcher.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2native.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jp2ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jpeg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsdt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsound.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\jsoundds.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\kcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\keytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\kinit.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\klist.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ktab.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\lcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\management.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\mlib_image.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcp120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\net.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\nio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\npt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\orbd.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\pack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\plugin2\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\plugin2\npjp2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\policytool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_common.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_d3d.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\prism_sw.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\resource.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\rmid.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\rmiregistry.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\servertool.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\splashscreen.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\ssvagent.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\sunec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\sunmscapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\tnameserv.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\unpack.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\unpack200.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\verify.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\w2k_lsa_auth.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\wsdetect.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\zip.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\dn-compiled-module.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\dn-php-sdk.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\gson.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-app-framework.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-core.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-desktop-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-gui-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-json-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-runtime.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-xml-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-zend-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\jphp-zip-ext.jar
|
Zip archive data, at least v1.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\accessibility.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\calendars.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\charsets.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\classlist
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\CIEXYZ.pf
|
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8
"XYZ to XYZ Identity Profile"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\GRAY.pf
|
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative
colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\LINEAR_RGB.pf
|
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\PYCC.pf
|
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo
YCC Print"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\cmm\sRGB.pf
|
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\content-types.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\currency.data
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\ffjcext.zip
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_de.properties
|
ASCII text, with very long lines (1345), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_es.properties
|
ASCII text, with very long lines (1475), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_fr.properties
|
ASCII text, with very long lines (1575), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_it.properties
|
ASCII text, with very long lines (1392), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_ja.properties
|
ASCII text, with very long lines (2924), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_ko.properties
|
ASCII text, with very long lines (2601), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_pt_BR.properties
|
ASCII text, with very long lines (1319), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_sv.properties
|
ASCII text, with very long lines (1386), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_CN.properties
|
ASCII text, with very long lines (1857), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_HK.properties
|
ASCII text, with very long lines (1729), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\messages_zh_TW.properties
|
ASCII text, with very long lines (1729), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash@2x.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash_11-lic.gif
|
GIF image data, version 89a, 320 x 139
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\deploy\splash_11@2x-lic.gif
|
GIF image data, version 89a, 640 x 278
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\access-bridge-32.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\access-bridge.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\cldrdata.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\dnsns.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\jaccess.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\jfxrt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\localedata.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\nashorn.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunec.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunjce_provider.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunmscapi.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\sunpkcs11.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\ext\zipfs.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\flavormap.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fontconfig.bfc
|
raw G3 (Group 3) FAX
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fontconfig.properties.src
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,422.Lucida
BrightDemiboldLucida Bright Dem
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightDemiItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc.Lucida BrightDemibold
ItalicLucida Bright Demibold Itali
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightItalic.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,773.Lucida
BrightItalicLucida Bright Itali
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaBrightRegular.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,421.Lucida
BrightRegularLucida Bright Regu
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaSansDemiBold.ttf
|
TrueType Font data, 15 tables, 1st "LTSH", 19 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc. Pat. Des.
289,420.Lucida SansDemiboldLucida Sa
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaSansRegular.ttf
|
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida
SansRegularLucida Sans Regu
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaTypewriterBold.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc.Lucida Sans
TypewriterBoldLucida Sans Typewrite
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\fonts\LucidaTypewriterRegular.ttf
|
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc.Lucida Sans TypewriterRegularLucida
Sans Typewriter R
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\hijrah-config-umalqura.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\i386\jvm.cfg
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\cursors.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\invalid32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_CopyDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_LinkDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_MoveDrop32x32.gif
|
GIF image data, version 89a, 31 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\javafx.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\javaws.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jce.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr\default.jfc
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfr\profile.jfc
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jfxswt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jsse.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\jvm.hprof.txt
|
Algol 68 source, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\logging.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management-agent.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\jmxremote.access
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\jmxremote.password.template
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\management.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\management\snmp.acl.template
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\meta-index
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\net.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\plugin.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\psfont.properties.ja
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\psfontj2d.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\resources.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\rt.jar
|
Java archive data (JAR)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\US_export_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\blacklist
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\blacklisted.certs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\cacerts
|
Java KeyStore
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\java.policy
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\java.security
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\javaws.policy
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\security\local_policy.jar
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\sound.properties
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\tzdb.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\lib\tzmappings
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\release
|
ASCII text, with very long lines (427), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\slf4j-api.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\slf4j-simple.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\zt-zip.jar
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\83aa4cc77f591dfc2374580bbd95f6ba_9e146be9-c76a-4720-bcdb-53011b87bd06
|
data
|
dropped
|
There are 210 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe
|
"C:\Users\user\AppData\Roaming\InstallerPDW\jre\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "jre\.;jre\..;jre\asm-all.jar;jre\bin;jre\COPYRIGHT;jre\dn-compiled-module.jar;jre\dn-php-sdk.jar;jre\gson.jar;jre\jphp-app-framework.jar;jre\jphp-core.jar;jre\jphp-desktop-ext.jar;jre\jphp-gui-ext.jar;jre\jphp-json-ext.jar;jre\jphp-runtime.jar;jre\jphp-xml-ext.jar;jre\jphp-zend-ext.jar;jre\jphp-zip-ext.jar;jre\lib;jre\LICENSE;jre\README.txt;jre\release;jre\slf4j-api.jar;jre\slf4j-simple.jar;jre\THIRDPARTYLICENSEREADME-JAVAFX.txt;jre\THIRDPARTYLICENSEREADME.txt;jre\Welcome.html;jre\zt-zip.jar"
org.develnext.jphp.ext.javafx.FXLauncher
|
|
|
|
C:\Users\user\Desktop\PInstaller.exe
|
"C:\Users\user\Desktop\PInstaller.exe"
|
||
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
C:\Users\user\AppData\Roaming\InstallerPDW\install.exe
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://javafx.com/fxml/1
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalDTDR
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/augment-psvi
|
unknown
|
||
|
http://apache.org/xml/properties/input-buffer-size
|
unknown
|
||
|
http://www.chambersign.org1
|
unknown
|
||
|
http://repository.swisssign.com/0
|
unknown
|
||
|
HTTP://WWW.CHAMBERSIGN.ORG
|
unknown
|
||
|
http://repository.swisssign.com/3
|
unknown
|
||
|
http://apache.org/xml/properties/internal/entity-manager
|
unknown
|
||
|
http://apache.org/xml/features/internal/parser-settings
|
unknown
|
||
|
http://apache.org/xml/features/dom/include-ignorable-whitespace
|
unknown
|
||
|
http://java.sun.com/xml/dom/properties/
|
unknown
|
||
|
http://apache.org/xml/properties/internal/stax-entity-resolver
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/vm/compiler/id
|
unknown
|
||
|
http://apache.org/xml/features/xinclude/fixup-base-uris
|
unknown
|
||
|
http://apache.org/xml/properties/schema/external-noNamespaceSchemaLocation
|
unknown
|
||
|
http://apache.org/xml/properties/internal/error-reporter
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema:
|
unknown
|
||
|
http://apache.org/xml/properties/internal/namespace-binderA
|
unknown
|
||
|
https://gist.github.com/maxd/63691840fc372f22f470.
|
unknown
|
||
|
http://apache.org/xml/properties/schema/external-schemaLocationJ
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/java/monitor/address
|
unknown
|
||
|
http://apache.org/xml/features/include-comments
|
unknown
|
||
|
http://apache.org/xml/features/scanner/notify-char-refs
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXResult/feature#
|
unknown
|
||
|
http://apache.org/xml/properties/internal/symbol-table6
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalStylesheet8
|
unknown
|
||
|
http://apache.org/xml/features/namespacesY
|
unknown
|
||
|
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace3
|
unknown
|
||
|
http://policy.camerfirma.com0
|
unknown
|
||
|
http://apache.org/xml/properties/dom/current-element-node7
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/ignore-external-dtd
|
unknown
|
||
|
http://apache.org/xml/features/continue-after-fatal-error
|
unknown
|
||
|
http://apache.org/xml/features/standard-uri-conformant
|
unknown
|
||
|
http://apache.org/xml/properties/internal/document-scanner
|
unknown
|
||
|
http://www.oracle.com/hotspot/jdk/
|
unknown
|
||
|
http://www.certplus.com/CRL/class2.crl
|
unknown
|
||
|
http://bugreport.sun.com/bugreport/
|
unknown
|
||
|
http://java.oracle.com/
|
unknown
|
||
|
http://apache.org/xml/features/
|
unknown
|
||
|
http://apache.org/xml/features/generate-synthetic-annotations
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javaseproducts/C:
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://xml.org/sax/features/allow-dtd-events-after-endDTD
|
unknown
|
||
|
http://cps.chambersign.org/cps/chambersroot.html
|
unknown
|
||
|
http://www.certplus.com/CRL/class3P.crl
|
unknown
|
||
|
http://apache.org/xml/features/internal/validation/schema/use-grammar-pool-only
|
unknown
|
||
|
http://xml.org/sax/features/string-interningfeature
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalSchemaHJs
|
unknown
|
||
|
http://apache.org/xml/properties/internal/namespace-binder
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/vm/gc/id
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://apache.org/xml/features/validate-annotations9
|
unknown
|
||
|
http://www.oracle.com/xml/is-standalone
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/ignore-external-dtdR
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXTransformerFactory/feature
|
unknown
|
||
|
http://javafx.com/vp6decoderflvdemux
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalStylesheet
|
unknown
|
||
|
http://apache.org/xml/properties/security-manager
|
unknown
|
||
|
http://www.oracle.com/technetwork/java/javaseproducts/
|
unknown
|
||
|
http://java.sun.com/xml/dom/properties/ancestor-check
|
unknown
|
||
|
http://xml.apache.org/xslt
|
unknown
|
||
|
http://www.oracle.com/hotspot/jvm/
|
unknown
|
||
|
http://javax.xml.transform.stax.StAXResult/feature
|
unknown
|
||
|
http://asm.objectweb.org
|
unknown
|
||
|
http://policy.camerfirma.coms
|
unknown
|
||
|
http://apache.org/xml/features/validation/warn-on-duplicate-attdef:
|
unknown
|
||
|
http://apache.org/xml/features/xinclude
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema-full-checking
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/
|
unknown
|
||
|
http://apache.org/xml/properties/internal/dtd-scanner7
|
unknown
|
||
|
http://openjdk.java.net/jeps/220).
|
unknown
|
||
|
http://apache.org/xml/properties/internal/grammar-pool
|
unknown
|
||
|
http://apache.org/xml/properties/locale
|
unknown
|
||
|
http://java.sun.com/xml/stream/properties/reader-in-defined-state
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://trustcenter-crl.certificat2.com/Keynectis/KEYNECTIS_ROOT_CA.crl
|
unknown
|
||
|
http://javax.xml.transform.sax.SAXTransformerFactory/feature/xmlfilterss
|
unknown
|
||
|
http://apache.org/xml/features/allow-java-encodings
|
unknown
|
||
|
http://apache.org/xml/properties/internal/validator/dtdD
|
unknown
|
||
|
http://www.oracle.com/feature/use-service-mechanism
|
unknown
|
||
|
http://xml.org/sax/features/validations
|
unknown
|
||
|
http://javax.xml.XMLConstants/property/accessExternalDTD
|
unknown
|
||
|
http://apache.org/xml/xmlschema/1.0/anonymousTypes
|
unknown
|
||
|
http://javax.xml.transform.stream.StreamSource/feature
|
unknown
|
||
|
http://apache.org/xml/features/validation/schema/normalized-value
|
unknown
|
||
|
http://javax.xml.transform.stax.StAXSource/feature#
|
unknown
|
||
|
http://apache.org/xml/features/xinclude/fixup-language
|
unknown
|
||
|
http://javax.xml.transform.dom.DOMSource/feature
|
unknown
|
||
|
https://github.com/TsSaltan/DevelNext-jURL/releases/latest
|
unknown
|
||
|
http://www.quovadisglobal.com/cps
|
unknown
|
||
|
http://apache.org/xml/properties/dom/document-class-name
|
unknown
|
||
|
http://java.sun.com/xml/schema/features/report-ignored-element-content-whitespace
|
unknown
|
||
|
http://apache.org/xml/properties/internal/symbol-table
|
unknown
|
||
|
http://apache.org/xml/properties/internal/error-handler=
|
unknown
|
||
|
http://www.quovadis.bm
|
unknown
|
||
|
http://apache.org/xml/features/xincludeC
|
unknown
|
||
|
http://xml.org/sax/properties/xml-string?
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pastebin.com
|
104.20.3.235
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.20.3.235
|
pastebin.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5408000
|
direct allocation
|
page read and write
|
||
|
158E000
|
heap
|
page read and write
|
||
|
6C03D000
|
unkown
|
page readonly
|
||
|
1A186000
|
heap
|
page read and write
|
||
|
5305000
|
direct allocation
|
page read and write
|
||
|
1601D000
|
heap
|
page read and write
|
||
|
1B281000
|
heap
|
page read and write
|
||
|
1548000
|
heap
|
page read and write
|
||
|
532F000
|
direct allocation
|
page read and write
|
||
|
AB8B000
|
direct allocation
|
page read and write
|
||
|
1B61E000
|
stack
|
page read and write
|
||
|
1A4B0000
|
trusted library allocation
|
page read and write
|
||
|
15EDC000
|
heap
|
page read and write
|
||
|
5466000
|
direct allocation
|
page read and write
|
||
|
15BD000
|
heap
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
15ECC000
|
heap
|
page read and write
|
||
|
54E9000
|
direct allocation
|
page read and write
|
||
|
17210000
|
heap
|
page read and write
|
||
|
B2C4000
|
direct allocation
|
page read and write
|
||
|
6C3FB000
|
unkown
|
page read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
171ED000
|
heap
|
page read and write
|
||
|
B1A5000
|
direct allocation
|
page read and write
|
||
|
AA93000
|
direct allocation
|
page read and write
|
||
|
5535000
|
direct allocation
|
page read and write
|
||
|
1A4F0000
|
trusted library allocation
|
page read and write
|
||
|
5316000
|
direct allocation
|
page read and write
|
||
|
158E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5486000
|
direct allocation
|
page read and write
|
||
|
6C431000
|
unkown
|
page readonly
|
||
|
1A186000
|
heap
|
page read and write
|
||
|
5451000
|
direct allocation
|
page read and write
|
||
|
52FF000
|
direct allocation
|
page read and write
|
||
|
17177000
|
heap
|
page read and write
|
||
|
550C000
|
direct allocation
|
page read and write
|
||
|
15A1000
|
heap
|
page read and write
|
||
|
15710000
|
heap
|
page read and write
|
||
|
54AA000
|
direct allocation
|
page read and write
|
||
|
5428000
|
direct allocation
|
page read and write
|
||
|
6ADD0000
|
unkown
|
page readonly
|
||
|
AD94000
|
direct allocation
|
page read and write
|
||
|
171C1000
|
heap
|
page read and write
|
||
|
5246000
|
direct allocation
|
page read and write
|
||
|
A813000
|
direct allocation
|
page read and write
|
||
|
1580E000
|
heap
|
page read and write
|
||
|
AABF000
|
direct allocation
|
page read and write
|
||
|
1710C000
|
heap
|
page read and write
|
||
|
1720B000
|
heap
|
page read and write
|
||
|
1574000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
52D5000
|
direct allocation
|
page read and write
|
||
|
530C000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
16FDB000
|
heap
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
6C524000
|
unkown
|
page read and write
|
||
|
6BF29000
|
unkown
|
page readonly
|
||
|
170B6000
|
heap
|
page read and write
|
||
|
19B90000
|
heap
|
page read and write
|
||
|
551E000
|
direct allocation
|
page read and write
|
||
|
6F989000
|
unkown
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
5457000
|
direct allocation
|
page read and write
|
||
|
53CB000
|
direct allocation
|
page read and write
|
||
|
163D0000
|
direct allocation
|
page read and write
|
||
|
5515000
|
direct allocation
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
15725000
|
heap
|
page read and write
|
||
|
5437000
|
direct allocation
|
page read and write
|
||
|
157D000
|
heap
|
page read and write
|
||
|
1A179000
|
heap
|
page read and write
|
||
|
54B9000
|
direct allocation
|
page read and write
|
||
|
6B700000
|
unkown
|
page readonly
|
||
|
16FAB000
|
heap
|
page read and write
|
||
|
159D000
|
heap
|
page read and write
|
||
|
6C030000
|
unkown
|
page readonly
|
||
|
A798000
|
direct allocation
|
page read and write
|
||
|
6B701000
|
unkown
|
page execute read
|
||
|
1B010000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
direct allocation
|
page read and write
|
||
|
5362000
|
direct allocation
|
page read and write
|
||
|
1B331000
|
heap
|
page read and write
|
||
|
53F6000
|
direct allocation
|
page read and write
|
||
|
54F3000
|
direct allocation
|
page read and write
|
||
|
5412000
|
direct allocation
|
page read and write
|
||
|
1AFAE000
|
stack
|
page read and write
|
||
|
5319000
|
direct allocation
|
page read and write
|
||
|
5476000
|
direct allocation
|
page read and write
|
||
|
52AF000
|
direct allocation
|
page read and write
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
149D000
|
heap
|
page read and write
|
||
|
626000
|
stack
|
page read and write
|
||
|
6C361000
|
unkown
|
page readonly
|
||
|
582B000
|
direct allocation
|
page read and write
|
||
|
1A520000
|
heap
|
page read and write
|
||
|
1A113000
|
heap
|
page read and write
|
||
|
538E000
|
direct allocation
|
page read and write
|
||
|
6BEA1000
|
unkown
|
page execute read
|
||
|
1A119000
|
heap
|
page read and write
|
||
|
55FA000
|
direct allocation
|
page read and write
|
||
|
15826000
|
heap
|
page read and write
|
||
|
15A9000
|
heap
|
page read and write
|
||
|
1B364000
|
heap
|
page read and write
|
||
|
1707A000
|
heap
|
page read and write
|
||
|
52FC000
|
direct allocation
|
page read and write
|
||
|
316A000
|
direct allocation
|
page execute and read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
A8A0000
|
direct allocation
|
page read and write
|
||
|
5388000
|
direct allocation
|
page read and write
|
||
|
6C026000
|
unkown
|
page write copy
|
||
|
543D000
|
direct allocation
|
page read and write
|
||
|
5302000
|
direct allocation
|
page read and write
|
||
|
5380000
|
direct allocation
|
page read and write
|
||
|
5313000
|
direct allocation
|
page read and write
|
||
|
1A4AF000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
7A5000
|
unkown
|
page read and write
|
||
|
3130000
|
direct allocation
|
page execute and read and write
|
||
|
16015000
|
heap
|
page read and write
|
||
|
15F3000
|
heap
|
page read and write
|
||
|
52EE000
|
direct allocation
|
page read and write
|
||
|
6C027000
|
unkown
|
page readonly
|
||
|
15EED000
|
heap
|
page read and write
|
||
|
171B1000
|
heap
|
page read and write
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
1A181000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
15FE2000
|
heap
|
page read and write
|
||
|
6C093000
|
unkown
|
page readonly
|
||
|
2F40000
|
unkown
|
page read and write
|
||
|
5419000
|
direct allocation
|
page read and write
|
||
|
52B5000
|
direct allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
1A11D000
|
heap
|
page read and write
|
||
|
6C092000
|
unkown
|
page read and write
|
||
|
549B000
|
direct allocation
|
page read and write
|
||
|
6B444000
|
unkown
|
page write copy
|
||
|
2DEE000
|
stack
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
1582E000
|
heap
|
page read and write
|
||
|
535F000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B668000
|
direct allocation
|
page read and write
|
||
|
55EC000
|
direct allocation
|
page read and write
|
||
|
15260000
|
direct allocation
|
page read and write
|
||
|
A77D000
|
direct allocation
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
1AEC8000
|
direct allocation
|
page read and write
|
||
|
5454000
|
direct allocation
|
page read and write
|
||
|
5525000
|
direct allocation
|
page read and write
|
||
|
7F783000
|
trusted library allocation
|
page execute read
|
||
|
5584000
|
direct allocation
|
page read and write
|
||
|
AAC7000
|
direct allocation
|
page read and write
|
||
|
6BEAA000
|
unkown
|
page readonly
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
1599E000
|
stack
|
page read and write
|
||
|
5544000
|
direct allocation
|
page read and write
|
||
|
A7B2000
|
direct allocation
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
316E000
|
direct allocation
|
page execute and read and write
|
||
|
AFDE000
|
direct allocation
|
page read and write
|
||
|
15200000
|
direct allocation
|
page read and write
|
||
|
54FD000
|
direct allocation
|
page read and write
|
||
|
532A000
|
direct allocation
|
page read and write
|
||
|
6C3FD000
|
unkown
|
page read and write
|
||
|
5356000
|
direct allocation
|
page read and write
|
||
|
DE4000
|
unkown
|
page write copy
|
||
|
A7A0000
|
direct allocation
|
page read and write
|
||
|
15A9000
|
heap
|
page read and write
|
||
|
5376000
|
direct allocation
|
page read and write
|
||
|
5434000
|
direct allocation
|
page read and write
|
||
|
17146000
|
heap
|
page read and write
|
||
|
580D000
|
direct allocation
|
page read and write
|
||
|
6C0A0000
|
unkown
|
page readonly
|
||
|
3132000
|
direct allocation
|
page execute and read and write
|
||
|
6ADFC000
|
unkown
|
page read and write
|
||
|
565C000
|
direct allocation
|
page read and write
|
||
|
6C080000
|
unkown
|
page readonly
|
||
|
160C4000
|
heap
|
page read and write
|
||
|
52BA000
|
direct allocation
|
page read and write
|
||
|
31D2000
|
direct allocation
|
page execute and read and write
|
||
|
15B7E000
|
unkown
|
page read and write
|
||
|
AA60000
|
direct allocation
|
page read and write
|
||
|
54BF000
|
direct allocation
|
page read and write
|
||
|
1A181000
|
heap
|
page read and write
|
||
|
1710C000
|
heap
|
page read and write
|
||
|
17146000
|
heap
|
page read and write
|
||
|
5350000
|
direct allocation
|
page read and write
|
||
|
552F000
|
direct allocation
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
DC0000
|
unkown
|
page readonly
|
||
|
53A3000
|
direct allocation
|
page read and write
|
||
|
6B6B1000
|
unkown
|
page execute read
|
||
|
1A16A000
|
heap
|
page read and write
|
||
|
51FE000
|
stack
|
page read and write
|
||
|
5460000
|
direct allocation
|
page read and write
|
||
|
31CB000
|
direct allocation
|
page execute and read and write
|
||
|
1703B000
|
heap
|
page read and write
|
||
|
53B6000
|
direct allocation
|
page read and write
|
||
|
170AA000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
1A4D0000
|
trusted library allocation
|
page read and write
|
||
|
1600D000
|
heap
|
page read and write
|
||
|
1A181000
|
heap
|
page read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
15CEE000
|
stack
|
page read and write
|
||
|
54F7000
|
direct allocation
|
page read and write
|
||
|
6B446000
|
unkown
|
page read and write
|
||
|
53FC000
|
direct allocation
|
page read and write
|
||
|
537D000
|
direct allocation
|
page read and write
|
||
|
AAA4000
|
direct allocation
|
page read and write
|
||
|
53C5000
|
direct allocation
|
page read and write
|
||
|
5335000
|
direct allocation
|
page read and write
|
||
|
57FB000
|
direct allocation
|
page read and write
|
||
|
53A6000
|
direct allocation
|
page read and write
|
||
|
1A11D000
|
heap
|
page read and write
|
||
|
1B1A8000
|
heap
|
page read and write
|
||
|
548A000
|
direct allocation
|
page read and write
|
||
|
16F47000
|
heap
|
page read and write
|
||
|
1A500000
|
trusted library allocation
|
page read and write
|
||
|
15817000
|
heap
|
page read and write
|
||
|
413000
|
unkown
|
page write copy
|
||
|
1A1B8000
|
heap
|
page read and write
|
||
|
171C4000
|
heap
|
page read and write
|
||
|
1B658000
|
direct allocation
|
page read and write
|
||
|
5502000
|
direct allocation
|
page read and write
|
||
|
5807000
|
direct allocation
|
page read and write
|
||
|
5473000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15BD000
|
heap
|
page read and write
|
||
|
6E23C000
|
unkown
|
page read and write
|
||
|
6E220000
|
unkown
|
page readonly
|
||
|
15AA000
|
heap
|
page read and write
|
||
|
15C0F000
|
unkown
|
page read and write
|
||
|
2F50000
|
direct allocation
|
page read and write
|
||
|
52DB000
|
direct allocation
|
page read and write
|
||
|
6C407000
|
unkown
|
page read and write
|
||
|
7F785000
|
trusted library allocation
|
page execute read
|
||
|
5391000
|
direct allocation
|
page read and write
|
||
|
15F3000
|
heap
|
page read and write
|
||
|
5332000
|
direct allocation
|
page read and write
|
||
|
5233000
|
direct allocation
|
page read and write
|
||
|
54FA000
|
direct allocation
|
page read and write
|
||
|
6C022000
|
unkown
|
page write copy
|
||
|
1595E000
|
unkown
|
page read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
19A2E000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
15F3000
|
heap
|
page read and write
|
||
|
54B5000
|
direct allocation
|
page read and write
|
||
|
553B000
|
direct allocation
|
page read and write
|
||
|
5492000
|
direct allocation
|
page read and write
|
||
|
1546000
|
heap
|
page read and write
|
||
|
6E233000
|
unkown
|
page readonly
|
||
|
6B350000
|
unkown
|
page readonly
|
||
|
A10000
|
heap
|
page read and write
|
||
|
6B71F000
|
unkown
|
page readonly
|
||
|
6C0A1000
|
unkown
|
page execute read
|
||
|
1AE70000
|
direct allocation
|
page read and write
|
||
|
157C000
|
heap
|
page read and write
|
||
|
171C9000
|
heap
|
page read and write
|
||
|
5200000
|
direct allocation
|
page read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
170A2000
|
heap
|
page read and write
|
||
|
6DB41000
|
unkown
|
page execute read
|
||
|
539A000
|
direct allocation
|
page read and write
|
||
|
A7FC000
|
direct allocation
|
page read and write
|
||
|
1A27E000
|
stack
|
page read and write
|
||
|
DE4000
|
unkown
|
page read and write
|
||
|
1496000
|
heap
|
page read and write
|
||
|
540D000
|
direct allocation
|
page read and write
|
||
|
157D3000
|
heap
|
page read and write
|
||
|
53CE000
|
direct allocation
|
page read and write
|
||
|
54D7000
|
direct allocation
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
6C3F3000
|
unkown
|
page write copy
|
||
|
53DB000
|
direct allocation
|
page read and write
|
||
|
1A113000
|
heap
|
page read and write
|
||
|
54CC000
|
direct allocation
|
page read and write
|
||
|
53D6000
|
direct allocation
|
page read and write
|
||
|
55F2000
|
direct allocation
|
page read and write
|
||
|
6C3F9000
|
unkown
|
page write copy
|
||
|
171ED000
|
heap
|
page read and write
|
||
|
536B000
|
direct allocation
|
page read and write
|
||
|
54AD000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
15FD2000
|
heap
|
page read and write
|
||
|
6B6B9000
|
unkown
|
page readonly
|
||
|
15A1000
|
heap
|
page read and write
|
||
|
1A173000
|
heap
|
page read and write
|
||
|
80D000
|
heap
|
page read and write
|
||
|
A8AF000
|
direct allocation
|
page read and write
|
||
|
1A186000
|
heap
|
page read and write
|
||
|
55E8000
|
direct allocation
|
page read and write
|
||
|
30B7000
|
heap
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
15EED000
|
heap
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
171BA000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
19D80000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1A16E000
|
heap
|
page read and write
|
||
|
545D000
|
direct allocation
|
page read and write
|
||
|
53D3000
|
direct allocation
|
page read and write
|
||
|
546C000
|
direct allocation
|
page read and write
|
||
|
5410000
|
direct allocation
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
17032000
|
heap
|
page read and write
|
||
|
52BC000
|
direct allocation
|
page read and write
|
||
|
550A000
|
direct allocation
|
page read and write
|
||
|
54DD000
|
direct allocation
|
page read and write
|
||
|
5320000
|
direct allocation
|
page read and write
|
||
|
1A16D000
|
heap
|
page read and write
|
||
|
53B8000
|
direct allocation
|
page read and write
|
||
|
537A000
|
direct allocation
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1316000
|
heap
|
page read and write
|
||
|
6C529000
|
unkown
|
page readonly
|
||
|
5422000
|
direct allocation
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
6C42A000
|
unkown
|
page read and write
|
||
|
15ED3000
|
heap
|
page read and write
|
||
|
1791C000
|
unkown
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
1704B000
|
heap
|
page read and write
|
||
|
6B449000
|
unkown
|
page write copy
|
||
|
15D3E000
|
unkown
|
page read and write
|
||
|
1B58F000
|
stack
|
page read and write
|
||
|
54E6000
|
direct allocation
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
A8CA000
|
direct allocation
|
page read and write
|
||
|
542B000
|
direct allocation
|
page read and write
|
||
|
5463000
|
direct allocation
|
page read and write
|
||
|
6BEC0000
|
unkown
|
page readonly
|
||
|
15D8000
|
heap
|
page read and write
|
||
|
5512000
|
direct allocation
|
page read and write
|
||
|
52AD000
|
direct allocation
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page read and write
|
||
|
157E000
|
heap
|
page read and write
|
||
|
1A173000
|
heap
|
page read and write
|
||
|
1A127000
|
heap
|
page read and write
|
||
|
1B2FE000
|
heap
|
page read and write
|
||
|
31C4000
|
direct allocation
|
page execute and read and write
|
||
|
1A22E000
|
stack
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
538B000
|
direct allocation
|
page read and write
|
||
|
414000
|
unkown
|
page write copy
|
||
|
536E000
|
direct allocation
|
page read and write
|
||
|
5308000
|
direct allocation
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
6F98A000
|
unkown
|
page readonly
|
||
|
1AE11000
|
direct allocation
|
page read and write
|
||
|
1720B000
|
heap
|
page read and write
|
||
|
54CF000
|
direct allocation
|
page read and write
|
||
|
3172000
|
direct allocation
|
page execute and read and write
|
||
|
5385000
|
direct allocation
|
page read and write
|
||
|
3025000
|
heap
|
page read and write
|
||
|
AC29000
|
direct allocation
|
page read and write
|
||
|
549E000
|
direct allocation
|
page read and write
|
||
|
1A2BE000
|
stack
|
page read and write
|
||
|
54C9000
|
direct allocation
|
page read and write
|
||
|
6C3F1000
|
unkown
|
page read and write
|
||
|
171B1000
|
heap
|
page read and write
|
||
|
539D000
|
direct allocation
|
page read and write
|
||
|
1A186000
|
heap
|
page read and write
|
||
|
54A6000
|
direct allocation
|
page read and write
|
||
|
1B162000
|
heap
|
page read and write
|
||
|
171B1000
|
heap
|
page read and write
|
||
|
6ADE0000
|
unkown
|
page readonly
|
||
|
553E000
|
direct allocation
|
page read and write
|
||
|
A802000
|
direct allocation
|
page read and write
|
||
|
15E55000
|
heap
|
page read and write
|
||
|
1A4C0000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
171B9000
|
heap
|
page read and write
|
||
|
6B448000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
17093000
|
heap
|
page read and write
|
||
|
534A000
|
direct allocation
|
page read and write
|
||
|
16FC3000
|
heap
|
page read and write
|
||
|
A7AA000
|
direct allocation
|
page read and write
|
||
|
52D9000
|
direct allocation
|
page read and write
|
||
|
1579000
|
heap
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
17003000
|
heap
|
page read and write
|
||
|
5346000
|
direct allocation
|
page read and write
|
||
|
1B364000
|
heap
|
page read and write
|
||
|
B2E0000
|
direct allocation
|
page read and write
|
||
|
1B2CD000
|
heap
|
page read and write
|
||
|
6F981000
|
unkown
|
page execute read
|
||
|
6C526000
|
unkown
|
page write copy
|
||
|
15FC2000
|
heap
|
page read and write
|
||
|
6BF41000
|
unkown
|
page execute read
|
||
|
1600D000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
54E3000
|
direct allocation
|
page read and write
|
||
|
6ADFD000
|
unkown
|
page readonly
|
||
|
1720F000
|
heap
|
page read and write
|
||
|
6C3FE000
|
unkown
|
page write copy
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
3030000
|
heap
|
page read and write
|
||
|
16F50000
|
heap
|
page read and write
|
||
|
53C2000
|
direct allocation
|
page read and write
|
||
|
5444000
|
direct allocation
|
page read and write
|
||
|
5480000
|
direct allocation
|
page read and write
|
||
|
1A173000
|
heap
|
page read and write
|
||
|
16FD2000
|
heap
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
15B2D000
|
stack
|
page read and write
|
||
|
5353000
|
direct allocation
|
page read and write
|
||
|
2AAF000
|
stack
|
page read and write
|
||
|
19A80000
|
direct allocation
|
page read and write
|
||
|
5310000
|
direct allocation
|
page read and write
|
||
|
6C3FC000
|
unkown
|
page write copy
|
||
|
B2D9000
|
direct allocation
|
page read and write
|
||
|
1A179000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
1A181000
|
heap
|
page read and write
|
||
|
17174000
|
heap
|
page read and write
|
||
|
B19C000
|
direct allocation
|
page read and write
|
||
|
171C9000
|
heap
|
page read and write
|
||
|
54C3000
|
direct allocation
|
page read and write
|
||
|
53BC000
|
direct allocation
|
page read and write
|
||
|
B2CD000
|
direct allocation
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
6C08D000
|
unkown
|
page readonly
|
||
|
2EE3000
|
heap
|
page read and write
|
||
|
5591000
|
direct allocation
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
15EB5000
|
heap
|
page read and write
|
||
|
5431000
|
direct allocation
|
page read and write
|
||
|
ACB1000
|
direct allocation
|
page read and write
|
||
|
171B1000
|
heap
|
page read and write
|
||
|
1B000000
|
trusted library allocation
|
page read and write
|
||
|
5518000
|
direct allocation
|
page read and write
|
||
|
6B470000
|
unkown
|
page readonly
|
||
|
6DB40000
|
unkown
|
page readonly
|
||
|
15ED3000
|
heap
|
page read and write
|
||
|
5483000
|
direct allocation
|
page read and write
|
||
|
151B000
|
heap
|
page read and write
|
||
|
AD9A000
|
direct allocation
|
page read and write
|
||
|
1AE3B000
|
direct allocation
|
page read and write
|
||
|
1B2C3000
|
heap
|
page read and write
|
||
|
55E4000
|
direct allocation
|
page read and write
|
||
|
5440000
|
direct allocation
|
page read and write
|
||
|
1701B000
|
heap
|
page read and write
|
||
|
52EB000
|
direct allocation
|
page read and write
|
||
|
6BEBB000
|
unkown
|
page read and write
|
||
|
1A1B7000
|
heap
|
page read and write
|
||
|
54E0000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page readonly
|
||
|
532D000
|
direct allocation
|
page read and write
|
||
|
1B020000
|
trusted library allocation
|
page read and write
|
||
|
533E000
|
direct allocation
|
page read and write
|
||
|
B1D6000
|
direct allocation
|
page read and write
|
||
|
15FD2000
|
heap
|
page read and write
|
||
|
52C6000
|
direct allocation
|
page read and write
|
||
|
15EDC000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
6C081000
|
unkown
|
page execute read
|
||
|
1B620000
|
direct allocation
|
page read and write
|
||
|
544E000
|
direct allocation
|
page read and write
|
||
|
1791A000
|
unkown
|
page read and write
|
||
|
170AA000
|
heap
|
page read and write
|
||
|
1A0F2000
|
heap
|
page read and write
|
||
|
53A9000
|
direct allocation
|
page read and write
|
||
|
1B1F4000
|
heap
|
page read and write
|
||
|
1601D000
|
heap
|
page read and write
|
||
|
560C000
|
direct allocation
|
page read and write
|
||
|
52C0000
|
direct allocation
|
page read and write
|
||
|
157D000
|
heap
|
page read and write
|
||
|
DE8000
|
unkown
|
page readonly
|
||
|
170B6000
|
heap
|
page read and write
|
||
|
535C000
|
direct allocation
|
page read and write
|
||
|
6E23E000
|
unkown
|
page readonly
|
||
|
6DB51000
|
unkown
|
page readonly
|
||
|
54BD000
|
direct allocation
|
page read and write
|
||
|
541C000
|
direct allocation
|
page read and write
|
||
|
A775000
|
direct allocation
|
page read and write
|
||
|
54A3000
|
direct allocation
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
AE6A000
|
direct allocation
|
page read and write
|
||
|
16FEB000
|
heap
|
page read and write
|
||
|
53C8000
|
direct allocation
|
page read and write
|
||
|
52B7000
|
direct allocation
|
page read and write
|
||
|
1568000
|
heap
|
page read and write
|
||
|
A778000
|
direct allocation
|
page read and write
|
||
|
53DE000
|
direct allocation
|
page read and write
|
||
|
161D0000
|
direct allocation
|
page read and write
|
||
|
6E221000
|
unkown
|
page execute read
|
||
|
6BEA0000
|
unkown
|
page readonly
|
||
|
A75B000
|
direct allocation
|
page read and write
|
||
|
5368000
|
direct allocation
|
page read and write
|
||
|
6C471000
|
unkown
|
page execute read
|
||
|
158E000
|
heap
|
page read and write
|
||
|
6B6B0000
|
unkown
|
page readonly
|
||
|
5507000
|
direct allocation
|
page read and write
|
||
|
ABEB000
|
direct allocation
|
page read and write
|
||
|
16810000
|
direct allocation
|
page read and write
|
||
|
19B80000
|
heap
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
6C025000
|
unkown
|
page read and write
|
||
|
12BC000
|
stack
|
page read and write
|
||
|
A818000
|
direct allocation
|
page read and write
|
||
|
15FE2000
|
heap
|
page read and write
|
||
|
1A34E000
|
stack
|
page read and write
|
||
|
159B000
|
heap
|
page read and write
|
||
|
157A000
|
heap
|
page read and write
|
||
|
542E000
|
direct allocation
|
page read and write
|
||
|
15C4E000
|
stack
|
page read and write
|
||
|
5498000
|
direct allocation
|
page read and write
|
||
|
178CC000
|
stack
|
page read and write
|
||
|
B1AB000
|
direct allocation
|
page read and write
|
||
|
16015000
|
heap
|
page read and write
|
||
|
6C40B000
|
unkown
|
page write copy
|
||
|
B2D3000
|
direct allocation
|
page read and write
|
||
|
551B000
|
direct allocation
|
page read and write
|
||
|
53A0000
|
direct allocation
|
page read and write
|
||
|
3182000
|
direct allocation
|
page execute and read and write
|
||
|
156CC000
|
heap
|
page read and write
|
||
|
16C50000
|
direct allocation
|
page read and write
|
||
|
53E9000
|
direct allocation
|
page read and write
|
||
|
6B44D000
|
unkown
|
page read and write
|
||
|
531D000
|
direct allocation
|
page read and write
|
||
|
AAC3000
|
direct allocation
|
page read and write
|
||
|
1B5CE000
|
stack
|
page read and write
|
||
|
A7BF000
|
direct allocation
|
page read and write
|
||
|
16E1B000
|
stack
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
6B447000
|
unkown
|
page write copy
|
||
|
6B351000
|
unkown
|
page execute read
|
||
|
5532000
|
direct allocation
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
17118000
|
heap
|
page read and write
|
||
|
6BF25000
|
unkown
|
page read and write
|
||
|
5447000
|
direct allocation
|
page read and write
|
||
|
5469000
|
direct allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
52DF000
|
direct allocation
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
5326000
|
direct allocation
|
page read and write
|
||
|
170AA000
|
heap
|
page read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
53E6000
|
direct allocation
|
page read and write
|
||
|
30B3000
|
heap
|
page read and write
|
||
|
54C6000
|
direct allocation
|
page read and write
|
||
|
7C5000
|
unkown
|
page readonly
|
||
|
15BBE000
|
stack
|
page read and write
|
||
|
1A119000
|
heap
|
page read and write
|
||
|
DC1000
|
unkown
|
page execute read
|
||
|
547A000
|
direct allocation
|
page read and write
|
||
|
52F7000
|
direct allocation
|
page read and write
|
||
|
B0A5000
|
direct allocation
|
page read and write
|
||
|
A783000
|
direct allocation
|
page read and write
|
||
|
7C5000
|
unkown
|
page readonly
|
||
|
156B000
|
heap
|
page read and write
|
||
|
AD80000
|
direct allocation
|
page read and write
|
||
|
1A179000
|
heap
|
page read and write
|
||
|
616000
|
stack
|
page read and write
|
||
|
5425000
|
direct allocation
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
17177000
|
heap
|
page read and write
|
||
|
1AFFC000
|
stack
|
page read and write
|
||
|
A9F5000
|
direct allocation
|
page read and write
|
||
|
AA71000
|
direct allocation
|
page read and write
|
||
|
1A127000
|
heap
|
page read and write
|
||
|
1710C000
|
heap
|
page read and write
|
||
|
159B000
|
heap
|
page read and write
|
||
|
A750000
|
direct allocation
|
page read and write
|
||
|
6BF24000
|
unkown
|
page write copy
|
||
|
6ADE1000
|
unkown
|
page execute read
|
||
|
16A50000
|
direct allocation
|
page read and write
|
||
|
6F980000
|
unkown
|
page readonly
|
||
|
1B300000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
53E2000
|
direct allocation
|
page read and write
|
||
|
157B000
|
heap
|
page read and write
|
||
|
1B23B000
|
heap
|
page read and write
|
||
|
6DB4A000
|
unkown
|
page readonly
|
||
|
52E8000
|
direct allocation
|
page read and write
|
||
|
543A000
|
direct allocation
|
page read and write
|
||
|
15D9000
|
heap
|
page read and write
|
||
|
1603000
|
heap
|
page read and write
|
||
|
6BEC1000
|
unkown
|
page execute read
|
||
|
54F0000
|
direct allocation
|
page read and write
|
||
|
B08A000
|
direct allocation
|
page read and write
|
||
|
545A000
|
direct allocation
|
page read and write
|
||
|
6BF40000
|
unkown
|
page readonly
|
||
|
6F986000
|
unkown
|
page readonly
|
||
|
5359000
|
direct allocation
|
page read and write
|
||
|
6C416000
|
unkown
|
page read and write
|
||
|
1A4E0000
|
trusted library allocation
|
page read and write
|
||
|
6BF23000
|
unkown
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
17880000
|
heap
|
page read and write
|
||
|
7F782000
|
trusted library allocation
|
page readonly
|
||
|
16E67000
|
unkown
|
page read and write
|
||
|
5323000
|
direct allocation
|
page read and write
|
||
|
15FC2000
|
heap
|
page read and write
|
||
|
7F781000
|
trusted library allocation
|
page execute read
|
||
|
1A181000
|
heap
|
page read and write
|
||
|
6B6BF000
|
unkown
|
page readonly
|
||
|
1A0F3000
|
heap
|
page read and write
|
||
|
6C3F5000
|
unkown
|
page read and write
|
||
|
15C9E000
|
unkown
|
page read and write
|
||
|
1564000
|
heap
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
1A540000
|
trusted library allocation
|
page read and write
|
||
|
1A0F0000
|
heap
|
page read and write
|
||
|
6B72A000
|
unkown
|
page read and write
|
||
|
16B50000
|
direct allocation
|
page read and write
|
||
|
19A7E000
|
unkown
|
page read and write
|
||
|
ABE9000
|
direct allocation
|
page read and write
|
||
|
16EC6000
|
heap
|
page read and write
|
||
|
16FBA000
|
heap
|
page read and write
|
||
|
547C000
|
direct allocation
|
page read and write
|
||
|
317A000
|
direct allocation
|
page execute and read and write
|
||
|
17118000
|
heap
|
page read and write
|
||
|
1AD40000
|
direct allocation
|
page read and write
|
||
|
7F784000
|
trusted library allocation
|
page readonly
|
||
|
159B000
|
heap
|
page read and write
|
||
|
5394000
|
direct allocation
|
page read and write
|
||
|
DC1000
|
unkown
|
page execute read
|
||
|
5470000
|
direct allocation
|
page read and write
|
||
|
6C411000
|
unkown
|
page read and write
|
||
|
AB01000
|
direct allocation
|
page read and write
|
||
|
533B000
|
direct allocation
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
15863000
|
heap
|
page read and write
|
||
|
5397000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
158B000
|
heap
|
page read and write
|
||
|
19C80000
|
direct allocation
|
page read and write
|
||
|
54DA000
|
direct allocation
|
page read and write
|
||
|
6B409000
|
unkown
|
page readonly
|
||
|
6BEBC000
|
unkown
|
page readonly
|
||
|
5538000
|
direct allocation
|
page read and write
|
||
|
6ADD7000
|
unkown
|
page readonly
|
||
|
16026000
|
heap
|
page read and write
|
||
|
1A16A000
|
heap
|
page read and write
|
||
|
6C01F000
|
unkown
|
page read and write
|
||
|
170B6000
|
heap
|
page read and write
|
||
|
54EE000
|
direct allocation
|
page read and write
|
||
|
AB0C000
|
direct allocation
|
page read and write
|
||
|
1B1EA000
|
heap
|
page read and write
|
||
|
17146000
|
heap
|
page read and write
|
||
|
1A179000
|
heap
|
page read and write
|
||
|
6ADF3000
|
unkown
|
page readonly
|
||
|
5338000
|
direct allocation
|
page read and write
|
||
|
1A174000
|
heap
|
page read and write
|
||
|
6ADD1000
|
unkown
|
page execute read
|
||
|
162D0000
|
direct allocation
|
page read and write
|
||
|
171C4000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B225000
|
heap
|
page read and write
|
||
|
A790000
|
direct allocation
|
page read and write
|
||
|
52F1000
|
direct allocation
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
52F9000
|
direct allocation
|
page read and write
|
||
|
5365000
|
direct allocation
|
page read and write
|
||
|
6B6BE000
|
unkown
|
page read and write
|
||
|
158B000
|
heap
|
page read and write
|
||
|
5415000
|
direct allocation
|
page read and write
|
||
|
5405000
|
direct allocation
|
page read and write
|
||
|
550F000
|
direct allocation
|
page read and write
|
||
|
159EE000
|
unkown
|
page read and write
|
||
|
5529000
|
direct allocation
|
page read and write
|
||
|
6C037000
|
unkown
|
page readonly
|
||
|
6B44A000
|
unkown
|
page read and write
|
||
|
AFA6000
|
direct allocation
|
page read and write
|
||
|
5373000
|
direct allocation
|
page read and write
|
||
|
A766000
|
direct allocation
|
page read and write
|
||
|
1581A000
|
heap
|
page read and write
|
||
|
15DDE000
|
heap
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
B070000
|
direct allocation
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
5541000
|
direct allocation
|
page read and write
|
||
|
54D2000
|
direct allocation
|
page read and write
|
||
|
B1B8000
|
direct allocation
|
page read and write
|
||
|
15DD0000
|
heap
|
page read and write
|
||
|
15F8000
|
heap
|
page read and write
|
||
|
B1B1000
|
direct allocation
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
158B000
|
heap
|
page read and write
|
||
|
1577000
|
heap
|
page read and write
|
||
|
16026000
|
heap
|
page read and write
|
||
|
17680000
|
direct allocation
|
page read and write
|
||
|
5342000
|
direct allocation
|
page read and write
|
||
|
566B000
|
direct allocation
|
page read and write
|
||
|
905000
|
heap
|
page read and write
|
||
|
15A3000
|
heap
|
page read and write
|
||
|
1A510000
|
trusted library allocation
|
page read and write
|
||
|
1B670000
|
direct allocation
|
page read and write
|
||
|
16E80000
|
heap
|
page read and write
|
||
|
126C000
|
stack
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
53EC000
|
direct allocation
|
page read and write
|
||
|
AF5C000
|
direct allocation
|
page read and write
|
||
|
15CA0000
|
heap
|
page read and write
|
||
|
DDC000
|
unkown
|
page readonly
|
||
|
1603000
|
heap
|
page read and write
|
||
|
1A173000
|
heap
|
page read and write
|
||
|
1A179000
|
heap
|
page read and write
|
||
|
15EB5000
|
heap
|
page read and write
|
||
|
17177000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
53F3000
|
direct allocation
|
page read and write
|
||
|
1603000
|
heap
|
page read and write
|
||
|
552C000
|
direct allocation
|
page read and write
|
||
|
1A45E000
|
stack
|
page read and write
|
||
|
53F9000
|
direct allocation
|
page read and write
|
||
|
548E000
|
direct allocation
|
page read and write
|
||
|
6ADD4000
|
unkown
|
page readonly
|
||
|
1603000
|
heap
|
page read and write
|
||
|
6B72D000
|
unkown
|
page readonly
|
||
|
1A30D000
|
stack
|
page read and write
|
||
|
5402000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B53E000
|
stack
|
page read and write
|
||
|
52D2000
|
direct allocation
|
page read and write
|
||
|
1A39D000
|
stack
|
page read and write
|
||
|
6C470000
|
unkown
|
page readonly
|
||
|
1A186000
|
heap
|
page read and write
|
||
|
6C031000
|
unkown
|
page execute read
|
||
|
157C6000
|
heap
|
page read and write
|
||
|
7FB000
|
heap
|
page read and write
|
||
|
544B000
|
direct allocation
|
page read and write
|
||
|
5522000
|
direct allocation
|
page read and write
|
||
|
52E3000
|
direct allocation
|
page read and write
|
||
|
17118000
|
heap
|
page read and write
|
||
|
15AA000
|
heap
|
page read and write
|
||
|
53D1000
|
direct allocation
|
page read and write
|
||
|
15ECC000
|
heap
|
page read and write
|
||
|
15843000
|
heap
|
page read and write
|
||
|
52CF000
|
direct allocation
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page read and write
|
||
|
A7F5000
|
direct allocation
|
page read and write
|
There are 737 hidden memdumps, click here to show them.