Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
winrar-x64-701(1).exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
||
|
C:\Users\user\7zxa.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\Default.SFX
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Default32.SFX
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Rar.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Rar.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\RarExt.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\RarExt32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\RarExtInstaller.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\UnRAR.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Uninstall.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\WinCon.SFX
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\WinCon32.SFX
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\WinRAR.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Zip.SFX
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Zip32.SFX
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Wed Apr 24 11:35:16 2024, length=108383,
window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Sun May 12 09:02:33 2024, length=46292,
window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:44 2024, mtime=Thu Oct 10 07:18:44 2024, atime=Sun May 12 09:17:28 2024, length=324272,
window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Wed May 15 06:35:22 2024, length=3286680,
window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Wed Apr 24 11:35:16 2024, length=108383,
window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Sun May 12 09:02:33 2024, length=46292,
window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:44 2024, mtime=Thu Oct 10 07:18:44 2024, atime=Sun May 12 09:17:28 2024, length=324272,
window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Archive, ctime=Thu Oct 10 07:18:43 2024, mtime=Thu Oct 10 07:18:43 2024, atime=Wed May 15 06:35:22 2024, length=3286680,
window=hide
|
dropped
|
||
|
C:\Users\user\Descript.ion
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\License.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Order.htm
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\RarExtLogo.altform-unplated_targetsize-32.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\RarExtLogo.altform-unplated_targetsize-48.png
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\RarExtLogo.altform-unplated_targetsize-64.png
|
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\RarExtPackage.msix
|
Zip archive data, at least v4.5 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\RarFiles.lst
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\ReadMe.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Resources.pri
|
data
|
dropped
|
||
|
C:\Users\user\Uninstall.lst
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\WhatsNew.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\WinRAR.chm
|
MS Windows HtmlHelp Data
|
dropped
|
||
|
C:\Users\user\rarnew.dat
|
RAR archive data, v5
|
dropped
|
||
|
C:\Users\user\zipnew.dat
|
Zip archive data (empty)
|
dropped
|
There are 29 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\winrar-x64-701(1).exe
|
"C:\Users\user\Desktop\winrar-x64-701(1).exe"
|
|
|
|
C:\Users\user\Uninstall.exe
|
"C:\Users\user\uninstall.exe" /setup
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.rarlab.com/themes.htm
|
unknown
|
||
|
https://www.win-rar.comIhttps://notifier.win-rar.com/buyredirect?L=0&BL=0&src=wrr&arch=64&ver=701H
|
unknown
|
||
|
https://www.rarlab.com/registration.php
|
unknown
|
||
|
https://www.win-rar.com
|
unknown
|
||
|
https://www.rarlab.com/reminder.php?language=$L&source=rarlab&architecture=$A&version=$Vorder.htmInt
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
|
Browse For Folder Width
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
|
Browse For Folder Height
|
||
|
HKEY_CURRENT_USER\Software\WinRAR SFX
|
C%%Program Files%WinRAR
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.rar
|
Set
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.zip
|
Set
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.jar
|
Set
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.iso
|
Set
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.z
|
Set
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\Links
|
Desktop
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\Links
|
StartMenu
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\Links
|
Programs
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup
|
ShellExt
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup
|
CascadedMenu
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup
|
MenuIcons
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup
|
LegacyMenu
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR
|
exe64
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\DropHandler
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\DropHandler
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\DragDropHandlers\WinRAR32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\WinRAR32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
|
{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\ContextMenuHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\ContextMenuHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinRAR32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA}\InProcServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA}\InProcServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\PropertySheetHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\PropertySheetHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\DragDropHandlers\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
|
{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\ContextMenuHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\ContextMenuHandlers\{B41DB860-64E4-11D2-9906-E49FADC173CA}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
|
WinRAR
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities
|
ApplicationDescription
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.rar
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.zip
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.cab
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.arj
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.lz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tlz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.lzh
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.lha
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.7z
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tar
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.gz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tgz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.uue
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.xxe
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.uu
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.bz2
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tbz2
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.bz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tbz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.jar
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.iso
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.z
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.taz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.xz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.txz
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.zipx
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.zst
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.tzst
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WinRAR\Capabilities\FileAssociations
|
.001
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.rar
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.rar
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.rar
|
ShellNew
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rar\ShellNew
|
FileName
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.zip
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.zip
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.zip
|
ShellNew
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.zip\ShellNew
|
FileName
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.cab
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.cab
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.cab
|
ShellNew
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.arj
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.arj
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.arj
|
ShellNew
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.arj
|
NULL
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.lz
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.tar
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.tar
|
Type
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.uue
|
Exist
|
||
|
HKEY_CURRENT_USER\Software\WinRAR\Setup\.uue
|
Type
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.uue
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\DefaultIcon
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\DefaultIcon
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rev
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.REV
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.REV\shell\open\command
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.REV\DefaultIcon
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR\shellex\DropHandler
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinRAR.ZIP\shellex\DropHandler
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rar
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.zip
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cab
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lz
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.tar
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
There are 109 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
114000
|
heap
|
page read and write
|
||
|
39BC000
|
stack
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
30E000
|
heap
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
374C000
|
stack
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
3121000
|
heap
|
page read and write
|
||
|
2219000
|
heap
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page read and write
|
||
|
483000
|
heap
|
page read and write
|
||
|
13F781000
|
unkown
|
page execute read
|
||
|
311000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
5E56000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
13FA72000
|
unkown
|
page readonly
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
426000
|
heap
|
page read and write
|
||
|
2A6000
|
heap
|
page read and write
|
||
|
2C8000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
30E000
|
heap
|
page read and write
|
||
|
13FA41000
|
unkown
|
page execute read
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
5E56000
|
heap
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
13F7EA000
|
unkown
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
314D000
|
heap
|
page read and write
|
||
|
5E84000
|
heap
|
page read and write
|
||
|
486000
|
heap
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
13FA8F000
|
unkown
|
page readonly
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
6BB0000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
2070000
|
trusted library allocation
|
page read and write
|
||
|
311000
|
heap
|
page read and write
|
||
|
3143000
|
heap
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
13FA8F000
|
unkown
|
page readonly
|
||
|
3127000
|
heap
|
page read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
3151000
|
heap
|
page read and write
|
||
|
4EB000
|
heap
|
page read and write
|
||
|
384F000
|
stack
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
41F000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
5F11000
|
heap
|
page read and write
|
||
|
5B70000
|
heap
|
page read and write
|
||
|
3152000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
315000
|
heap
|
page read and write
|
||
|
23AD000
|
stack
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
2225000
|
heap
|
page read and write
|
||
|
5ED0000
|
heap
|
page read and write
|
||
|
418000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
5EAB000
|
heap
|
page read and write
|
||
|
266000
|
heap
|
page read and write
|
||
|
3138000
|
heap
|
page read and write
|
||
|
5E49000
|
heap
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
2C4000
|
heap
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
6BB0000
|
heap
|
page read and write
|
||
|
29E000
|
heap
|
page read and write
|
||
|
5E7F000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
5EAB000
|
heap
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
315000
|
heap
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
2C4000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
22C0000
|
trusted library allocation
|
page read and write
|
||
|
2F9F000
|
stack
|
page read and write
|
||
|
3115000
|
heap
|
page read and write
|
||
|
311000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
3610000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
stack
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
5E6F000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
31E5000
|
heap
|
page read and write
|
||
|
2FE000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
314D000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
7FFFFF91000
|
trusted library allocation
|
page execute read
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
13FA84000
|
unkown
|
page write copy
|
||
|
13F780000
|
unkown
|
page readonly
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
302000
|
heap
|
page read and write
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
5EB7000
|
heap
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
2229000
|
heap
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
489000
|
heap
|
page read and write
|
||
|
13FA40000
|
unkown
|
page readonly
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
2FD000
|
heap
|
page read and write
|
||
|
1D20000
|
heap
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
3158000
|
heap
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
300000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
3119000
|
heap
|
page read and write
|
||
|
7FFFFF92000
|
trusted library allocation
|
page readonly
|
||
|
46F000
|
heap
|
page read and write
|
||
|
486000
|
heap
|
page read and write
|
||
|
473000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
4B5000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
49F000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
289000
|
heap
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
471000
|
heap
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
13F781000
|
unkown
|
page execute read
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
77D0000
|
heap
|
page read and write
|
||
|
3143000
|
heap
|
page read and write
|
||
|
7FFFFF96000
|
trusted library allocation
|
page readonly
|
||
|
63AE000
|
stack
|
page read and write
|
||
|
13F7D7000
|
unkown
|
page write copy
|
||
|
423000
|
heap
|
page read and write
|
||
|
312C000
|
heap
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
487000
|
heap
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
1D25000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
311000
|
heap
|
page read and write
|
||
|
2E6000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
6FED000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
5F93000
|
heap
|
page read and write
|
||
|
230000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
5E47000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
13F7EB000
|
unkown
|
page readonly
|
||
|
7FFFFF97000
|
trusted library allocation
|
page execute read
|
||
|
5E4F000
|
heap
|
page read and write
|
||
|
45B000
|
heap
|
page read and write
|
||
|
652C000
|
stack
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
5F11000
|
heap
|
page read and write
|
||
|
5EAE000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
7811000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
13F7DE000
|
unkown
|
page read and write
|
||
|
5E56000
|
heap
|
page read and write
|
||
|
13F7EB000
|
unkown
|
page readonly
|
||
|
5E9F000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
13F7E6000
|
unkown
|
page readonly
|
||
|
314F000
|
heap
|
page read and write
|
||
|
5E8E000
|
heap
|
page read and write
|
||
|
315000
|
heap
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
22D0000
|
trusted library allocation
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
5E8E000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
7FFFFF93000
|
trusted library allocation
|
page execute read
|
||
|
314F000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
5E47000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
6250000
|
trusted library allocation
|
page read and write
|
||
|
5EAB000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
28E000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
441000
|
heap
|
page read and write
|
||
|
2D3000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
5F52000
|
heap
|
page read and write
|
||
|
5E4F000
|
heap
|
page read and write
|
||
|
3B4000
|
heap
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
1D5B000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
5E47000
|
heap
|
page read and write
|
||
|
482000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
41E000
|
heap
|
page read and write
|
||
|
302000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
49A000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
459000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
13FA72000
|
unkown
|
page readonly
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
31B2000
|
heap
|
page read and write
|
||
|
5E45000
|
heap
|
page read and write
|
||
|
489000
|
heap
|
page read and write
|
||
|
49C000
|
heap
|
page read and write
|
||
|
5E84000
|
heap
|
page read and write
|
||
|
5F52000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
315B000
|
heap
|
page read and write
|
||
|
3A7000
|
heap
|
page read and write
|
||
|
21EE000
|
stack
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
225000
|
stack
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
13FA41000
|
unkown
|
page execute read
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
312000
|
heap
|
page read and write
|
||
|
77D1000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
5E84000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
3B6E000
|
stack
|
page read and write
|
||
|
3117000
|
heap
|
page read and write
|
||
|
3144000
|
heap
|
page read and write
|
||
|
311B000
|
heap
|
page read and write
|
||
|
2FA5000
|
trusted library allocation
|
page read and write
|
||
|
5E60000
|
heap
|
page read and write
|
||
|
2138000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31F5000
|
heap
|
page read and write
|
||
|
2215000
|
heap
|
page read and write
|
||
|
3116000
|
heap
|
page read and write
|
||
|
3127000
|
heap
|
page read and write
|
||
|
5E6F000
|
heap
|
page read and write
|
||
|
3119000
|
heap
|
page read and write
|
||
|
5E9F000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
68CC000
|
stack
|
page read and write
|
||
|
31C1000
|
heap
|
page read and write
|
||
|
21F000
|
stack
|
page read and write
|
||
|
311E000
|
heap
|
page read and write
|
||
|
13F7EA000
|
unkown
|
page write copy
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
49C000
|
heap
|
page read and write
|
||
|
6BAC000
|
stack
|
page read and write
|
||
|
6A0F000
|
stack
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
3D7000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
5AD0000
|
heap
|
page read and write
|
||
|
2DB000
|
heap
|
page read and write
|
||
|
312E000
|
heap
|
page read and write
|
||
|
5D1E000
|
stack
|
page read and write
|
||
|
5E84000
|
heap
|
page read and write
|
||
|
2C6000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
5E56000
|
heap
|
page read and write
|
||
|
7FFFFF95000
|
trusted library allocation
|
page execute read
|
||
|
3191000
|
heap
|
page read and write
|
||
|
13F7D7000
|
unkown
|
page read and write
|
||
|
13F7C4000
|
unkown
|
page readonly
|
||
|
49A000
|
heap
|
page read and write
|
||
|
294000
|
heap
|
page read and write
|
||
|
13F7C4000
|
unkown
|
page readonly
|
||
|
13F7E6000
|
unkown
|
page readonly
|
||
|
314D000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
2DB000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
5F94000
|
heap
|
page read and write
|
||
|
30E000
|
heap
|
page read and write
|
||
|
6FF4000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
314A000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
482000
|
heap
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
2B9000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
13FA84000
|
unkown
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
432000
|
heap
|
page read and write
|
||
|
2B5000
|
heap
|
page read and write
|
||
|
3034000
|
heap
|
page read and write
|
||
|
2FE000
|
heap
|
page read and write
|
||
|
311E000
|
heap
|
page read and write
|
||
|
13FA40000
|
unkown
|
page readonly
|
||
|
489000
|
heap
|
page read and write
|
||
|
49C000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31F2000
|
heap
|
page read and write
|
||
|
2DE0000
|
trusted library allocation
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
311B000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
5EC7000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
31E7000
|
heap
|
page read and write
|
||
|
2EB000
|
heap
|
page read and write
|
||
|
432000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
5EAB000
|
heap
|
page read and write
|
||
|
5E6F000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
486000
|
heap
|
page read and write
|
||
|
5DE1000
|
heap
|
page read and write
|
||
|
314F000
|
heap
|
page read and write
|
||
|
6FE9000
|
heap
|
page read and write
|
||
|
40E000
|
heap
|
page read and write
|
||
|
5E7F000
|
heap
|
page read and write
|
||
|
43E000
|
heap
|
page read and write
|
||
|
49E000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
7FFFFF94000
|
trusted library allocation
|
page readonly
|
||
|
2FA5000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
5E6F000
|
heap
|
page read and write
|
||
|
121000
|
trusted library allocation
|
page read and write
|
||
|
31B4000
|
heap
|
page read and write
|
||
|
5E95000
|
heap
|
page read and write
|
||
|
6640000
|
trusted library allocation
|
page read and write
|
||
|
5F93000
|
heap
|
page read and write
|
||
|
2FB000
|
heap
|
page read and write
|
||
|
30E000
|
heap
|
page read and write
|
||
|
306000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
31EC000
|
heap
|
page read and write
|
||
|
31EE000
|
heap
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page read and write
|
||
|
13F780000
|
unkown
|
page readonly
|
||
|
310A000
|
heap
|
page read and write
|
||
|
2B0000
|
heap
|
page read and write
|
||
|
31FA000
|
heap
|
page read and write
|
||
|
5DE1000
|
heap
|
page read and write
|
||
|
5E7F000
|
heap
|
page read and write
|
||
|
2A9000
|
stack
|
page read and write
|
||
|
3115000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
6530000
|
trusted library allocation
|
page read and write
|
||
|
5ECC000
|
heap
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
5DE0000
|
heap
|
page read and write
|
There are 443 hidden memdumps, click here to show them.