IOC Report
Prism2Installer_5.16.0.exe

loading gif

Files

File Path
Type
Category
Malicious
Prism2Installer_5.16.0.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\PrismII\Configuration\DNS001.CFG
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\PrismII\Configuration\Node001.CFG
ASCII text, with very long lines (20000), with no line terminators
dropped
C:\PrismII\Configuration\ScreenID.dat (copy)
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\PrismII\Configuration\ULData.cfg
ISO-8859 text, with CRLF line terminators
dropped
C:\PrismII\Configuration\is-FCB81.tmp
ASCII text, with very long lines (65536), with no line terminators
dropped
C:\PrismII\History\HistoryForOctober2024.log
Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\PrismII\MailSend.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\PrismII\PrismII.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\PrismII\is-JJU1I.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\PrismII\is-KO5KN.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\PrismII\is-M9UEN.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\PrismII\unins000.dat
InnoSetup Log Prism2 {4FEB6242-809F-4FB9-8944-A78F798F1B1F}, version 0x418, 1749 bytes, 367706\37\user\376, C:\PrismII\376\377\377\007
dropped
C:\PrismII\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-43D6P.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-VU0SV.tmp\Prism2Installer_5.16.0.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\~DFF43006658DD9B6A4.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prism2.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Oct 23 15:04:00 2024, mtime=Wed Oct 23 15:04:03 2024, atime=Tue Aug 27 12:06:40 2024, length=157048832, window=hide
dropped
C:\Users\user\Desktop\Prism2.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Oct 23 15:04:00 2024, mtime=Wed Oct 23 15:04:07 2024, atime=Tue Aug 27 12:06:40 2024, length=157048832, window=hide
dropped
There are 9 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Prism2Installer_5.16.0.exe
"C:\Users\user\Desktop\Prism2Installer_5.16.0.exe"
C:\Users\user\AppData\Local\Temp\is-VU0SV.tmp\Prism2Installer_5.16.0.tmp
"C:\Users\user\AppData\Local\Temp\is-VU0SV.tmp\Prism2Installer_5.16.0.tmp" /SL5="$2043C,13061428,722432,C:\Users\user\Desktop\Prism2Installer_5.16.0.exe"
C:\PrismII\PrismII.exe
"C:\PrismII\PrismII.exe"

URLs

Name
IP
Malicious
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://www.aaon.com/Q9
unknown
http://www.openssl.org/support/faq.html....................
unknown
https://www.aaon.com
unknown
https://www.remobjects.com/ps
unknown
https://www.innosetup.com/
unknown
http://10.0.0.199
unknown
https://www.aaon.com/aaon-controls-technical-support
unknown
http://127.0.0.1&http://192.168.1.25
unknown
https://www.aaon.com/
unknown
http://192.168.1.25
unknown
https://www.aaon.com/aaon-controls-technical-support(https://www.aaon.comT
unknown
http://www.openssl.org/support/faq.html
unknown
There are 3 hidden URLs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: Setup Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: App Path
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
InstallLocation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: Icon Group
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: User
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: Selected Tasks
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: Deselected Tasks
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Inno Setup: Language
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
QuietUninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
Publisher
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
URLInfoAbout
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
HelpLink
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
URLUpdateInfo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
InstallDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
MajorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
MinorVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
VersionMajor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
VersionMinor
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FEB6242-809F-4FB9-8944-A78F798F1B1F}_is1
EstimatedSize
There are 19 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
4AB000
unkown
page read and write
66C7000
unkown
page execute read
BF7000
direct allocation
page read and write
824000
heap
page read and write
66BF000
unkown
page execute read
8B2000
heap
page read and write
339F000
direct allocation
page read and write
59A6000
unkown
page execute read
500000
heap
page read and write
5C5B000
unkown
page execute read
824000
heap
page read and write
824000
heap
page read and write
6267000
unkown
page execute read
918000
heap
page read and write
60A7000
unkown
page execute read
6DB000
unkown
page readonly
46BD000
unkown
page execute read
625E000
unkown
page execute read
5BD6000
unkown
page execute read
CDA000
direct allocation
page read and write
775F000
unkown
page readonly
7588000
unkown
page readonly
61E7000
unkown
page execute read
401000
unkown
page execute read
4676000
unkown
page execute read
5F4F000
unkown
page execute read
3360000
direct allocation
page read and write
60CD000
unkown
page execute read
2A2B000
unkown
page execute read
53B0000
direct allocation
page read and write
546B000
unkown
page execute read
824000
heap
page read and write
63CA000
unkown
page execute read
5970000
direct allocation
page read and write
28A8000
unkown
page execute read
8A1000
heap
page read and write
5F94000
unkown
page execute read
5534000
unkown
page execute read
5BCB000
unkown
page execute read
5DED000
unkown
page execute read
5F47000
unkown
page execute read
3906000
unkown
page execute read
66CA000
unkown
page execute read
63F3000
unkown
page execute read
F3F000
unkown
page execute read
5CC9000
unkown
page execute read
824000
heap
page read and write
5DB5000
unkown
page execute read
3F25000
unkown
page execute read
63FE000
unkown
page execute read
5E86000
unkown
page execute read
824000
heap
page read and write
880000
heap
page read and write
6198000
unkown
page execute read
767A000
unkown
page readonly
2F82000
unkown
page execute read
463D000
unkown
page execute read
66C5000
unkown
page execute read
28A0000
direct allocation
page read and write
C8B000
direct allocation
page read and write
C4E000
direct allocation
page read and write
22CB000
direct allocation
page read and write
824000
heap
page read and write
3F34000
unkown
page execute read
374A000
unkown
page execute read
3AE6000
unkown
page execute read
366D000
direct allocation
page read and write
824000
heap
page read and write
3F45000
unkown
page execute read
46A9000
unkown
page execute read
338D000
direct allocation
page read and write
6022000
unkown
page execute read
6204000
unkown
page execute read
401000
unkown
page execute read
28A0000
direct allocation
page read and write
254E000
unkown
page execute read
6705000
unkown
page execute read
3F31000
unkown
page execute read
1E1F000
unkown
page execute read
3F04000
unkown
page execute read
63F0000
unkown
page execute read
460A000
unkown
page execute read
5C4C000
unkown
page execute read
229F000
direct allocation
page read and write
F93000
unkown
page execute read
3F8B000
unkown
page execute read
5476000
unkown
page execute read
824000
heap
page read and write
66B6000
unkown
page execute read
41A5000
unkown
page execute read
61CA000
unkown
page execute read
824000
heap
page read and write
5F9D000
unkown
page execute read
824000
heap
page read and write
5E03000
unkown
page execute read
4607000
unkown
page execute read
5C80000
unkown
page execute read
5F41000
unkown
page execute read
221D000
unkown
page execute read
5DDC000
unkown
page execute read
400A000
unkown
page execute read
45D6000
unkown
page execute read
4689000
unkown
page execute read
824000
heap
page read and write
CA8000
direct allocation
page read and write
3F37000
unkown
page execute read
5C13000
unkown
page execute read
5CA0000
unkown
page execute read
3F7A000
unkown
page execute read
AA6000
unkown
page execute read
5FB9000
unkown
page execute read
C92000
direct allocation
page read and write
61D1000
unkown
page execute read
BB0000
direct allocation
page read and write
5DAB000
unkown
page execute read
8A4000
heap
page read and write
4016000
unkown
page execute read
824000
heap
page read and write
2291000
direct allocation
page read and write
5E90000
unkown
page execute read
23F3000
unkown
page execute read
824000
heap
page read and write
45DB000
unkown
page execute read
5DFE000
unkown
page execute read
6725000
unkown
page execute read
59CB000
unkown
page execute read
4640000
unkown
page execute read
824000
heap
page read and write
6716000
unkown
page execute read
2D1B000
unkown
page execute read
6713000
unkown
page execute read
3F4E000
unkown
page execute read
66B0000
unkown
page execute read
860000
heap
page read and write
19A000
stack
page read and write
63F9000
unkown
page execute read
235D000
direct allocation
page read and write
3B1F000
stack
page read and write
63A8000
unkown
page execute read
444D000
unkown
page execute read
36B7000
direct allocation
page read and write
461B000
unkown
page execute read
5DF9000
unkown
page execute read
579B000
direct allocation
page read and write
CAF000
direct allocation
page read and write
8A5000
heap
page read and write
5F67000
unkown
page execute read
F37000
unkown
page execute read
41E9000
unkown
page execute read
6C7000
unkown
page readonly
46B4000
unkown
page execute read
50B2000
unkown
page execute read
890000
heap
page read and write
618D000
unkown
page execute read
902000
heap
page read and write
606A000
unkown
page execute read
5B9B000
unkown
page execute read
61D3000
unkown
page execute read
670D000
unkown
page execute read
6AE000
unkown
page write copy
22B5000
direct allocation
page read and write
5DA2000
unkown
page execute read
868000
heap
page read and write
636E000
unkown
page execute read
66BC000
unkown
page execute read
5F5A000
unkown
page execute read
C5D000
direct allocation
page read and write
26E2000
unkown
page execute read
3360000
direct allocation
page read and write
23FC000
unkown
page execute read
2D11000
unkown
page execute read
29C5000
unkown
page execute read
824000
heap
page read and write
66D0000
unkown
page execute read
460D000
unkown
page execute read
63AD000
unkown
page execute read
7584000
unkown
page readonly
90A000
heap
page read and write
7677000
unkown
page readonly
824000
heap
page read and write
2F6F000
unkown
page execute read
700000
heap
page read and write
63D3000
unkown
page execute read
63A1000
unkown
page execute read
30D5000
unkown
page execute read
603F000
unkown
page execute read
897000
heap
page read and write
3F51000
unkown
page execute read
2900000
heap
page read and write
400000
unkown
page readonly
2364000
direct allocation
page read and write
63E4000
unkown
page execute read
824000
heap
page read and write
824000
heap
page read and write
CF9000
heap
page read and write
66EA000
unkown
page execute read
53EB000
unkown
page execute read
5E8B000
unkown
page execute read
824000
heap
page read and write
6B5000
unkown
page read and write
63EA000
unkown
page execute read
75A0000
unkown
page readonly
20E8000
unkown
page execute read
C74000
direct allocation
page read and write
824000
heap
page read and write
421E000
unkown
page execute read
3F57000
unkown
page execute read
824000
heap
page read and write
22BC000
direct allocation
page read and write
1CE6000
unkown
page execute read
61E4000
unkown
page execute read
3F88000
unkown
page execute read
2B86000
unkown
page execute read
66F6000
unkown
page execute read
824000
heap
page read and write
824000
heap
page read and write
5E2C000
unkown
page execute read
8BA000
heap
page read and write
1A6B000
unkown
page execute read
87B000
heap
page read and write
61B3000
unkown
page execute read
66C2000
unkown
page execute read
610000
heap
page read and write
AA0000
heap
page read and write
63ED000
unkown
page execute read
5C0A000
unkown
page execute read
63B6000
unkown
page execute read
22AE000
direct allocation
page read and write
5C32000
unkown
page execute read
89F000
heap
page read and write
9B000
stack
page read and write
368D000
direct allocation
page read and write
72E000
stack
page read and write
3FC1000
unkown
page execute read
19A2000
unkown
page execute read
61C8000
unkown
page execute read
237A000
direct allocation
page read and write
22C3000
direct allocation
page read and write
A5E000
stack
page read and write
3125000
unkown
page execute read
3F85000
unkown
page execute read
CBD000
direct allocation
page read and write
582B000
unkown
page execute read
6148000
unkown
page execute read
2305000
direct allocation
page read and write
2279000
direct allocation
page read and write
618B000
unkown
page execute read
2F61000
unkown
page execute read
5D06000
unkown
page execute read
34A5000
unkown
page execute read
CB6000
direct allocation
page read and write
63FC000
unkown
page execute read
3F54000
unkown
page execute read
2872000
unkown
page execute read
824000
heap
page read and write
4EB0000
heap
page read and write
78DD000
unkown
page readonly
63B3000
unkown
page execute read
66CD000
unkown
page execute read
5C59000
unkown
page execute read
402C000
unkown
page execute read
F29000
unkown
page execute read
552A000
unkown
page execute read
353E000
stack
page read and write
BBB000
direct allocation
page read and write
7A8F000
unkown
page readonly
8AB000
heap
page read and write
2298000
direct allocation
page read and write
66AD000
unkown
page execute read
8BA000
heap
page read and write
6031000
unkown
page execute read
91D000
heap
page read and write
5033000
unkown
page execute read
824000
heap
page read and write
C4B000
direct allocation
page read and write
6017000
unkown
page execute read
287F000
unkown
page execute read
774A000
unkown
page readonly
BDA000
direct allocation
page read and write
98DB000
unkown
page readonly
4A9000
unkown
page write copy
32D6000
unkown
page execute read
C7B000
direct allocation
page read and write
29E9000
unkown
page execute read
1A33000
unkown
page execute read
5DF2000
unkown
page execute read
CCC000
direct allocation
page read and write
5613000
unkown
page execute read
469D000
unkown
page execute read
3F3C000
unkown
page execute read
2B74000
unkown
page execute read
5C82000
unkown
page execute read
560A000
unkown
page execute read
400000
unkown
page readonly
8A4000
heap
page read and write
3FF2000
unkown
page execute read
4A9000
unkown
page read and write
2514000
unkown
page execute read
66B3000
unkown
page execute read
5E16000
unkown
page execute read
F30000
unkown
page execute read
6702000
unkown
page execute read
2373000
direct allocation
page read and write
6719000
unkown
page execute read
8A2000
heap
page read and write
5255000
unkown
page execute read
1997000
unkown
page execute read
824000
heap
page read and write
63D0000
unkown
page execute read
3F19000
unkown
page execute read
5472000
unkown
page execute read
2706000
unkown
page execute read
5F5E000
unkown
page execute read
22F6000
direct allocation
page read and write
3C1F000
stack
page read and write
8A4000
heap
page read and write
824000
heap
page read and write
4626000
unkown
page execute read
C84000
direct allocation
page read and write
5FC2000
unkown
page execute read
66F3000
unkown
page execute read
8C1000
heap
page read and write
84DB000
unkown
page readonly
5BEE000
unkown
page execute read
20F6000
unkown
page execute read
6B0000
unkown
page read and write
2332000
direct allocation
page read and write
670B000
unkown
page execute read
5CEC000
unkown
page execute read
824000
heap
page read and write
824000
heap
page read and write
5BE3000
unkown
page execute read
517B000
unkown
page execute read
C0C000
direct allocation
page read and write
626C000
unkown
page execute read
508000
heap
page read and write
560F000
unkown
page execute read
60E1000
unkown
page execute read
7761000
unkown
page readonly
4E16000
unkown
page execute read
22A7000
direct allocation
page read and write
C40000
direct allocation
page read and write
34E3000
unkown
page execute read
66E5000
unkown
page execute read
63F6000
unkown
page execute read
CF5000
heap
page read and write
66DF000
unkown
page execute read
2339000
direct allocation
page read and write
6077000
unkown
page execute read
5DE3000
unkown
page execute read
2F8B000
unkown
page execute read
61D6000
unkown
page execute read
2F4C000
unkown
page execute read
824000
heap
page read and write
7A9D000
unkown
page readonly
5DFC000
unkown
page execute read
60F8000
unkown
page execute read
5E9A000
unkown
page execute read
2BC6000
unkown
page execute read
45E5000
unkown
page execute read
525A000
unkown
page execute read
461E000
unkown
page execute read
419B000
unkown
page execute read
4B7000
unkown
page readonly
824000
heap
page read and write
7FE2E000
direct allocation
page read and write
5C04000
unkown
page execute read
824000
heap
page read and write
41F7000
unkown
page execute read
824000
heap
page read and write
4632000
unkown
page execute read
C34000
direct allocation
page read and write
197F000
unkown
page execute read
2381000
direct allocation
page read and write
3F22000
unkown
page execute read
6254000
unkown
page execute read
32F6000
unkown
page execute read
61CC000
unkown
page execute read
3FF6000
unkown
page execute read
C64000
direct allocation
page read and write
8FC000
heap
page read and write
5269000
unkown
page execute read
82F000
stack
page read and write
45F9000
unkown
page execute read
8FB000
unkown
page execute read
4026000
unkown
page execute read
758E000
unkown
page readonly
5C84000
unkown
page execute read
6093000
unkown
page execute read
2340000
direct allocation
page read and write
5F9F000
unkown
page execute read
6722000
unkown
page execute read
BE1000
direct allocation
page read and write
3F7D000
unkown
page execute read
824000
heap
page read and write
5BE1000
unkown
page execute read
59C6000
unkown
page execute read
2B60000
trusted library allocation
page read and write
882000
heap
page read and write
F48000
unkown
page execute read
5C08000
unkown
page execute read
3F77000
unkown
page execute read
66FF000
unkown
page execute read
5BAF000
unkown
page execute read
19AF000
unkown
page execute read
5257000
unkown
page execute read
F9B000
unkown
page execute read
3370000
direct allocation
page read and write
A92000
unkown
page execute read
824000
heap
page read and write
5DBF000
unkown
page execute read
234F000
direct allocation
page read and write
60DF000
unkown
page execute read
824000
heap
page read and write
6681000
unkown
page execute read
2F8D000
unkown
page execute read
5E11000
unkown
page execute read
22EE000
direct allocation
page read and write
422D000
unkown
page execute read
6133000
unkown
page execute read
5BAA000
unkown
page execute read
58C9000
direct allocation
page read and write
57A4000
unkown
page execute read
29E0000
heap
page read and write
7FB7B000
direct allocation
page read and write
5BD2000
unkown
page execute read
5C8B000
unkown
page execute read
5C4E000
unkown
page execute read
5B6E000
unkown
page execute read
824000
heap
page read and write
63C7000
unkown
page execute read
2AD0000
heap
page read and write
2903000
heap
page read and write
6401000
unkown
page execute read
32FD000
unkown
page execute read
463A000
unkown
page execute read
6024000
unkown
page execute read
5C68000
unkown
page execute read
46A0000
unkown
page execute read
5C75000
unkown
page execute read
3F82000
unkown
page execute read
46B7000
unkown
page execute read
232A000
direct allocation
page read and write
BC1000
direct allocation
page read and write
824000
heap
page read and write
2321000
direct allocation
page read and write
6C0000
unkown
page write copy
609A000
unkown
page execute read
5E84000
unkown
page execute read
22E7000
direct allocation
page read and write
46BA000
unkown
page execute read
5B8E000
unkown
page execute read
5DF7000
unkown
page execute read
6058000
unkown
page execute read
3F48000
unkown
page execute read
5BAC000
unkown
page execute read
5F38000
unkown
page execute read
7AC3000
unkown
page readonly
66FC000
unkown
page execute read
5C06000
unkown
page execute read
45FC000
unkown
page execute read
668A000
unkown
page execute read
30F6000
unkown
page execute read
5FAA000
unkown
page execute read
96F000
stack
page read and write
469A000
unkown
page execute read
22E0000
direct allocation
page read and write
8A8000
heap
page read and write
61C4000
unkown
page execute read
6257000
unkown
page execute read
4643000
unkown
page execute read
373C000
unkown
page execute read
5BE9000
unkown
page execute read
825000
heap
page read and write
824000
heap
page read and write
5CF6000
unkown
page execute read
4629000
unkown
page execute read
671F000
unkown
page execute read
824000
heap
page read and write
5E81000
unkown
page execute read
3720000
unkown
page execute read
4637000
unkown
page execute read
8FC000
heap
page read and write
7A7E000
unkown
page readonly
3B36000
unkown
page execute read
88D000
heap
page read and write
5C22000
unkown
page execute read
462C000
unkown
page execute read
3921000
heap
page read and write
2910000
direct allocation
page execute and read and write
2A0E000
unkown
page execute read
5DC1000
unkown
page execute read
60A1000
unkown
page execute read
313A000
unkown
page execute read
824000
heap
page read and write
5DC8000
unkown
page execute read
7517000
unkown
page readonly
3116000
unkown
page execute read
58EE000
unkown
page execute read
4621000
unkown
page execute read
46C0000
unkown
page execute read
C39000
direct allocation
page read and write
4602000
unkown
page execute read
560D000
unkown
page execute read
C05000
direct allocation
page read and write
401B000
unkown
page execute read
3F1F000
unkown
page execute read
2D09000
unkown
page execute read
4615000
unkown
page execute read
824000
heap
page read and write
5FFA000
unkown
page execute read
86E000
stack
page read and write
3F5C000
unkown
page execute read
824000
heap
page read and write
5D0A000
unkown
page execute read
630F000
unkown
page execute read
22D2000
direct allocation
page read and write
60C0000
unkown
page execute read
401000
unkown
page execute read
5FDE000
unkown
page execute read
621A000
unkown
page execute read
337B000
direct allocation
page read and write
824000
heap
page read and write
30C9000
unkown
page execute read
59DA000
unkown
page execute read
5FF6000
unkown
page execute read
4694000
unkown
page execute read
5DE9000
unkown
page execute read
462F000
unkown
page execute read
8FB000
unkown
page execute read
824000
heap
page read and write
2F71000
unkown
page execute read
3F62000
unkown
page execute read
3F91000
unkown
page execute read
C13000
direct allocation
page read and write
3F3F000
unkown
page execute read
5FCF000
unkown
page execute read
1DF5000
unkown
page execute read
824000
heap
page read and write
1A02000
unkown
page execute read
6AE000
unkown
page read and write
2899000
unkown
page execute read
26FB000
unkown
page execute read
3820000
heap
page read and write
61DF000
unkown
page execute read
A92000
unkown
page execute read
AA6000
unkown
page execute read
5E0C000
unkown
page execute read
5E7D000
unkown
page execute read
5823000
unkown
page execute read
8B1000
heap
page read and write
46AF000
unkown
page execute read
236C000
direct allocation
page read and write
28F0000
heap
page read and write
7FB60000
direct allocation
page read and write
5616000
unkown
page execute read
824000
heap
page read and write
5F73000
unkown
page execute read
5235000
unkown
page execute read
392E000
unkown
page execute read
3F42000
unkown
page execute read
400000
unkown
page readonly
75A3000
unkown
page readonly
824000
heap
page read and write
5B83000
unkown
page execute read
4623000
unkown
page execute read
602F000
unkown
page execute read
605C000
unkown
page execute read
6015000
unkown
page execute read
3F2B000
unkown
page execute read
5C3C000
unkown
page execute read
824000
heap
page read and write
63D9000
unkown
page execute read
401000
unkown
page execute read
A71000
unkown
page execute read
29AE000
unkown
page execute read
45EE000
unkown
page execute read
1CDD000
unkown
page execute read
4B9000
unkown
page readonly
61AD000
unkown
page execute read
4618000
unkown
page execute read
55ED000
unkown
page execute read
60C2000
unkown
page execute read
2A18000
unkown
page execute read
3F28000
unkown
page execute read
3FFF000
unkown
page execute read
4680000
unkown
page execute read
3AD0000
unkown
page execute read
7ADB000
unkown
page readonly
8BF000
heap
page read and write
66E8000
unkown
page execute read
3F65000
unkown
page execute read
365F000
direct allocation
page read and write
5E42000
unkown
page execute read
63C1000
unkown
page execute read
5F76000
unkown
page execute read
2D14000
unkown
page execute read
59CE000
unkown
page execute read
CF0000
heap
page read and write
1CEE000
unkown
page execute read
824000
heap
page read and write
2A39000
unkown
page execute read
41A1000
unkown
page execute read
6085000
unkown
page execute read
393E000
unkown
page execute read
824000
heap
page read and write
882000
heap
page read and write
18D000
stack
page read and write
7128000
unkown
page execute read
224E000
unkown
page execute read
63E7000
unkown
page execute read
824000
heap
page read and write
FA4000
unkown
page execute read
5F6B000
unkown
page execute read
824000
heap
page read and write
912000
heap
page read and write
66D9000
unkown
page execute read
3F7F000
unkown
page execute read
2348000
direct allocation
page read and write
5B5D000
unkown
page execute read
5FB7000
unkown
page execute read
3F6E000
unkown
page execute read
5E9D000
unkown
page execute read
5D21000
unkown
page execute read
5FE9000
unkown
page execute read
468F000
unkown
page execute read
2B84000
unkown
page execute read
783C000
unkown
page readonly
19D5000
unkown
page execute read
5E94000
unkown
page execute read
2D17000
unkown
page execute read
627A000
unkown
page execute read
3F1C000
unkown
page execute read
8EDB000
unkown
page readonly
3F10000
unkown
page execute read
4645000
unkown
page execute read
5BB7000
unkown
page execute read
CE1000
direct allocation
page read and write
331A000
unkown
page execute read
5B77000
unkown
page execute read
56C8000
direct allocation
page read and write
BB7000
direct allocation
page read and write
3F2E000
unkown
page execute read
4686000
unkown
page execute read
3F94000
unkown
page execute read
1CCF000
unkown
page execute read
93000
stack
page read and write
830000
heap
page read and write
752A000
unkown
page readonly
45FF000
unkown
page execute read
820000
heap
page read and write
36A7000
direct allocation
page read and write
4634000
unkown
page execute read
BD3000
direct allocation
page read and write
5FC4000
unkown
page execute read
19D000
stack
page read and write
C22000
direct allocation
page read and write
824000
heap
page read and write
66B9000
unkown
page execute read
7743000
unkown
page readonly
5D08000
unkown
page execute read
BFE000
direct allocation
page read and write
8C5000
heap
page read and write
824000
heap
page read and write
6708000
unkown
page execute read
3F97000
unkown
page execute read
887000
heap
page read and write
A9E000
stack
page read and write
5C15000
unkown
page execute read
824000
heap
page read and write
5D71000
unkown
page execute read
63CD000
unkown
page execute read
4C0000
heap
page read and write
824000
heap
page read and write
5CBB000
unkown
page execute read
2388000
direct allocation
page read and write
50BA000
unkown
page execute read
5B72000
direct allocation
page read and write
45F6000
unkown
page execute read
6BD000
unkown
page read and write
66F9000
unkown
page execute read
5CD6000
unkown
page execute read
66D3000
unkown
page execute read
6C5000
unkown
page readonly
BE8000
direct allocation
page read and write
19C1000
unkown
page execute read
8BA000
heap
page read and write
5F83000
unkown
page execute read
A71000
unkown
page execute read
4697000
unkown
page execute read
378E000
stack
page read and write
6259000
unkown
page execute read
63BB000
unkown
page execute read
4B2000
unkown
page read and write
5F8E000
unkown
page execute read
61ED000
unkown
page execute read
6728000
unkown
page execute read
63C4000
unkown
page execute read
525D000
unkown
page execute read
58EB000
unkown
page execute read
5B9F000
unkown
page execute read
5BF9000
unkown
page execute read
3920000
heap
page read and write
825000
heap
page read and write
3F8E000
unkown
page execute read
88A000
heap
page read and write
6009000
unkown
page execute read
C56000
direct allocation
page read and write
230D000
direct allocation
page read and write
5D04000
unkown
page execute read
5882000
direct allocation
page read and write
5B87000
unkown
page execute read
639D000
unkown
page execute read
4B5000
unkown
page write copy
46B2000
unkown
page execute read
767D000
unkown
page readonly
1A1F000
unkown
page execute read
66DC000
unkown
page execute read
3F74000
unkown
page execute read
46AC000
unkown
page execute read
45F1000
unkown
page execute read
3EFE000
unkown
page execute read
61E9000
unkown
page execute read
3F5F000
unkown
page execute read
CA0000
direct allocation
page read and write
63BE000
unkown
page execute read
CE8000
direct allocation
page read and write
3FE3000
unkown
page execute read
BF0000
direct allocation
page read and write
66E2000
unkown
page execute read
60DC000
unkown
page execute read
89B000
heap
page read and write
824000
heap
page read and write
8A5000
heap
page read and write
23D8000
unkown
page execute read
46A3000
unkown
page execute read
5FD1000
unkown
page execute read
46A6000
unkown
page execute read
3F68000
unkown
page execute read
2109000
unkown
page execute read
81E000
stack
page read and write
19D9000
unkown
page execute read
F85000
unkown
page execute read
5FE0000
unkown
page execute read
66A4000
unkown
page execute read
4414000
unkown
page execute read
824000
heap
page read and write
4003000
unkown
page execute read
60AD000
unkown
page execute read
5C2D000
unkown
page execute read
5CEA000
unkown
page execute read
5D37000
unkown
page execute read
824000
heap
page read and write
C1B000
direct allocation
page read and write
6184000
unkown
page execute read
604C000
unkown
page execute read
3F4B000
unkown
page execute read
61BB000
unkown
page execute read
CD3000
direct allocation
page read and write
5F69000
unkown
page execute read
610E000
unkown
page execute read
2356000
direct allocation
page read and write
3383000
direct allocation
page read and write
61D8000
unkown
page execute read
5CE8000
unkown
page execute read
5B6A000
unkown
page execute read
66ED000
unkown
page execute read
63B0000
unkown
page execute read
58E3000
unkown
page execute read
5C92000
unkown
page execute read
4604000
unkown
page execute read
824000
heap
page read and write
5B90000
unkown
page execute read
5F81000
unkown
page execute read
5FAC000
unkown
page execute read
CC4000
direct allocation
page read and write
2314000
direct allocation
page read and write
2410000
heap
page read and write
5BD8000
unkown
page execute read
45F3000
unkown
page execute read
198E000
unkown
page execute read
5CAE000
unkown
page execute read
5A80000
direct allocation
page read and write
825000
heap
page read and write
A9D000
unkown
page execute read
3F5A000
unkown
page execute read
4691000
unkown
page execute read
6697000
unkown
page execute read
34F0000
direct allocation
page read and write
59C8000
unkown
page execute read
3F6B000
unkown
page execute read
824000
heap
page read and write
A9D000
unkown
page execute read
824000
heap
page read and write
6275000
unkown
page execute read
66A2000
unkown
page execute read
B9F000
stack
page read and write
6710000
unkown
page execute read
3F39000
unkown
page execute read
3113000
unkown
page execute read
2101000
unkown
page execute read
824000
heap
page read and write
41CE000
unkown
page execute read
5172000
unkown
page execute read
8B7000
heap
page read and write
22D9000
direct allocation
page read and write
63D6000
unkown
page execute read
C99000
direct allocation
page read and write
589D000
direct allocation
page read and write
6271000
unkown
page execute read
3912000
unkown
page execute read
22FE000
direct allocation
page read and write
671C000
unkown
page execute read
66D6000
unkown
page execute read
3F71000
unkown
page execute read
66A7000
unkown
page execute read
5F87000
unkown
page execute read
6006000
unkown
page execute read
5BC5000
unkown
page execute read
5BFB000
unkown
page execute read
5F45000
unkown
page execute read
3370000
direct allocation
page read and write
7A91000
unkown
page readonly
4610000
unkown
page execute read
F8C000
unkown
page execute read
824000
heap
page read and write
30E1000
unkown
page execute read
2F93000
unkown
page execute read
23E9000
unkown
page execute read
468C000
unkown
page execute read
60C4000
unkown
page execute read
66AA000
unkown
page execute read
89B000
heap
page read and write
2972000
direct allocation
page read and write
6263000
unkown
page execute read
5BBE000
unkown
page execute read
4D0000
heap
page read and write
There are 827 hidden memdumps, click here to show them.