Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
x-manager_v3.2.16_build98_install.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\BuckEyeCam\X7D Base\xbase.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
 |
|
|
C:\BuckEyeCam\X7D Base\cc3270.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\drivers\is-UM198.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\drivers\x7d_driver_setup.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\features.dat (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\ffmpeg.exe (copy)
|
PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv0001004fhw00000050.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01010000hw00000044.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01010000hw0000524d.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01030000hw00000080.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01030000hw00000082.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01030000hw00000084.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv01030000hw00000086.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv02050001hw00000041.fwr (copy)
|
Sony PlayStation Audio
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv02050001hw00000046.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv02050001hw0000004d.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv020A0000hw00004249.fwr (copy)
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\fv04070011hw0000007d.fwr (copy)
|
dBase IV DBT, block length 512, next free block index 4470651, next free block 3961101357, next used block 4160985705
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-01S7E.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-1126O.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-18RGR.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-1FO0K.tmp
|
dBase IV DBT, block length 512, next free block index 4470651, next free block 3961101357, next used block 4160985705
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-36CA4.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-BS7V4.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-MCBLK.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-OEE6U.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-PHU4R.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-RRR26.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-SP47Q.tmp
|
Sony PlayStation Audio
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\firmware\is-US8AQ.tmp
|
data
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-09PPP.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-15JQ5.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-35PPD.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-363IA.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-6HOHU.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-86H01.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-B63VE.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-CCAQ9.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-CO4IA.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-F5AKD.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-IN0F5.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-LE01K.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-OM9I1.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-PAR7S.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-QCM61.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-QQSBT.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-T8KBQ.tmp
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\is-TM5LR.tmp
|
PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libcrypto-1_1.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libcurl.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libeay32.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libgcc_s_dw2-1.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libssh2-1.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libssl-1_1.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\libstdc++-6.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\livecam.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\log.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\msys-1.0.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\msys-z.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\bell.wav (copy)
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 48000 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\digital_camera.wav (copy)
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\film_camera.wav (copy)
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\is-O50KP.tmp
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\is-OK6V1.tmp
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 48000 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\sounds\is-UAKGQ.tmp
|
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 11025 Hz
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\ssleay32.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\teamviewerqs-idcqvsqvk7.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\unins000.dat
|
InnoSetup Log X-Series Network Manager {D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}, version 0x418, 8517 bytes, 061544\37\user\376,
C:\BuckEyeCam\X7D Base\376\377\377\007
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\BuckEyeCam\X7D Base\zlib1.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuckEye Cam\X-Series Network Manager\X-Series Network Manager.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Thu Oct 24 01:28:39 2024, mtime=Thu Oct 24 01:28:40 2024, atime=Fri Oct 11 12:48:22 2024, length=14263592, window=hide
|
dropped
|
||
|
C:\Users\Public\Desktop\X-Series Network Manager.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Thu Oct 24 01:28:39 2024, mtime=Thu Oct 24 01:28:45 2024, atime=Fri Oct 11 12:48:22 2024, length=14263592, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-2MKEL.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-Q65GG.tmp\x-manager_v3.2.16_build98_install.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 65 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\BuckEyeCam\X7D Base\xbase.exe
|
"C:\BuckEyeCam\X7D Base\xbase.exe" -distribute-firmware
|
|
|
|
C:\BuckEyeCam\X7D Base\xbase.exe
|
"C:\BuckEyeCam\X7D Base\xbase.exe"
|
|
|
|
C:\Users\user\Desktop\x-manager_v3.2.16_build98_install.exe
|
"C:\Users\user\Desktop\x-manager_v3.2.16_build98_install.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-Q65GG.tmp\x-manager_v3.2.16_build98_install.tmp
|
"C:\Users\user\AppData\Local\Temp\is-Q65GG.tmp\x-manager_v3.2.16_build98_install.tmp" /SL5="$10478,35222396,832512,C:\Users\user\Desktop\x-manager_v3.2.16_build98_install.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://html4/loose.dtd
|
unknown
|
||
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://www.buckeyecam.com
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/update_uws_x80cam_1.3.0.x80up
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aidetector5.0_install.exe
|
unknown
|
||
|
https://downloads.buckeyecam.com:443/updates/xcatalog/t
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/xcellbase_2.10.0.x7dupx80up6s
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
https://downloads.buckeyecam.com/
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/
|
74.219.166.227
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/xcellbase_2.10.0.x7dup
|
unknown
|
||
|
http://www.buckeyecam.com9jI
|
unknown
|
||
|
http://www.buckeyecam.comYkI
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/feeder_2.5.1.x7dup
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://www.zlib.net/DVarFileInfo$
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aimegadetector4.0_install.exeee
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/update_uws_x82cam_1.3.0.x80up
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/update_4.7.17.x7dup
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/update_x80cam_1.3.0.x80up
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html
|
unknown
|
||
|
https://curl.haxx.se/docs/http-cookies.html#
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/thermalcam_0.1.79.x80up
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aidetector1.1_install.exe
|
unknown
|
||
|
http://www.buckeyecam.com2http://www.buckeyecam.com2http://www.buckeyecam.com
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aidetector1.0_install.exe
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aimegadetector4.0_install.exe
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/n
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/x-manager_v3.2.16_build98_install.exe
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
https://curl.haxx.se/docs/copyright.htmlD
|
unknown
|
||
|
https://curl.haxx.se/V
|
unknown
|
||
|
https://downloads.buckeyecam.co
|
unknown
|
||
|
https://downloads.buckeyecam.com/G
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/aidetector1.0_install.exe0up
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/x80echo_1.1.0.x80up
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
||
|
http://https://ssh://socket://telnet://tcp://scandir.cresultb64
|
unknown
|
||
|
https://downloads.buckeyecam.com/site/changes.htmlButtonSelect70GlowButtonSelect70OKYesUnable
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/echo_2.5.1.x7dup
|
unknown
|
||
|
http://downloads.buckeyecam.com/site/x.htmlOKYesWould
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/activator_2.5.1.x7dup
|
unknown
|
||
|
HTTPS://DOWNLOADS.BUCKEYECAM.COM/UPDATES/XCATALOG/
|
unknown
|
||
|
http://.jpg
|
unknown
|
||
|
https://downloads.buckeyecam.com/updates/xcatalog/update_x82cam_1.3.0.x80up
|
unknown
|
||
|
HTTP://HTTPS://https://https://downloads.buckeyecam.com/updates/xcatalog/FWManager:
|
unknown
|
There are 38 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
downloads.buckeyecam.com
|
74.219.166.227
|
||
|
206.23.85.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
74.219.166.227
|
downloads.buckeyecam.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: App Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: User
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: Selected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: Deselected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Inno Setup: Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
MajorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
MinorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6BF303E-FC3F-4EFE-8D8F-33D3C616F00E}_is1
|
EstimatedSize
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4EF0000
|
remote allocation
|
page read and write
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
62E9D000
|
unkown
|
page read and write
|
||
|
D12000
|
unkown
|
page read and write
|
||
|
1742000
|
heap
|
page read and write
|
||
|
334E000
|
direct allocation
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
1766000
|
heap
|
page read and write
|
||
|
C2A000
|
unkown
|
page read and write
|
||
|
33E9000
|
direct allocation
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
6BD21000
|
unkown
|
page execute read
|
||
|
31CD000
|
direct allocation
|
page read and write
|
||
|
6BD20000
|
unkown
|
page readonly
|
||
|
1767000
|
heap
|
page read and write
|
||
|
63B6C000
|
unkown
|
page readonly
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
FED000
|
unkown
|
page readonly
|
||
|
175D000
|
heap
|
page read and write
|
||
|
9780000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
17AC000
|
heap
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
3200000
|
direct allocation
|
page read and write
|
||
|
338C000
|
direct allocation
|
page read and write
|
||
|
324D000
|
direct allocation
|
page read and write
|
||
|
689D9000
|
unkown
|
page readonly
|
||
|
3453000
|
heap
|
page read and write
|
||
|
6BD17000
|
unkown
|
page readonly
|
||
|
892C000
|
stack
|
page read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
E10000
|
unkown
|
page read and write
|
||
|
32C1000
|
direct allocation
|
page read and write
|
||
|
93EE000
|
stack
|
page read and write
|
||
|
16ED000
|
heap
|
page read and write
|
||
|
51A9000
|
direct allocation
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
80F000
|
heap
|
page read and write
|
||
|
1767000
|
heap
|
page read and write
|
||
|
6BD95000
|
unkown
|
page execute read
|
||
|
C4D000
|
unkown
|
page read and write
|
||
|
BDF000
|
unkown
|
page read and write
|
||
|
6BCCC000
|
unkown
|
page execute read
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
2590000
|
direct allocation
|
page read and write
|
||
|
3203000
|
direct allocation
|
page read and write
|
||
|
170A000
|
heap
|
page read and write
|
||
|
1B6A000
|
heap
|
page read and write
|
||
|
5E7E000
|
direct allocation
|
page read and write
|
||
|
23B9000
|
direct allocation
|
page read and write
|
||
|
171F000
|
heap
|
page read and write
|
||
|
6BD0B000
|
unkown
|
page readonly
|
||
|
B9B000
|
unkown
|
page execute read
|
||
|
2247000
|
direct allocation
|
page read and write
|
||
|
C5A000
|
unkown
|
page read and write
|
||
|
22EA000
|
direct allocation
|
page read and write
|
||
|
E86000
|
unkown
|
page read and write
|
||
|
C50000
|
unkown
|
page read and write
|
||
|
22E1000
|
direct allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
224E000
|
direct allocation
|
page read and write
|
||
|
857000
|
heap
|
page read and write
|
||
|
6BC91000
|
unkown
|
page execute read
|
||
|
82B000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
689FF000
|
unkown
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
1AF0000
|
heap
|
page read and write
|
||
|
54D0000
|
direct allocation
|
page read and write
|
||
|
63B74000
|
unkown
|
page read and write
|
||
|
2348000
|
direct allocation
|
page read and write
|
||
|
24B3000
|
direct allocation
|
page read and write
|
||
|
1742000
|
heap
|
page read and write
|
||
|
51D1000
|
direct allocation
|
page read and write
|
||
|
11D5000
|
unkown
|
page readonly
|
||
|
7F860000
|
direct allocation
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
6E95A000
|
unkown
|
page readonly
|
||
|
2496000
|
direct allocation
|
page read and write
|
||
|
6BF2A000
|
unkown
|
page readonly
|
||
|
6BF55000
|
unkown
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
23B2000
|
direct allocation
|
page read and write
|
||
|
3330000
|
direct allocation
|
page read and write
|
||
|
24A4000
|
direct allocation
|
page read and write
|
||
|
2454000
|
direct allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
93000
|
stack
|
page read and write
|
||
|
CFB000
|
unkown
|
page read and write
|
||
|
FE4000
|
unkown
|
page read and write
|
||
|
8CAF000
|
stack
|
page read and write
|
||
|
173E000
|
heap
|
page read and write
|
||
|
1A30000
|
direct allocation
|
page execute and read and write
|
||
|
24AC000
|
direct allocation
|
page read and write
|
||
|
D5A000
|
unkown
|
page read and write
|
||
|
2324000
|
direct allocation
|
page read and write
|
||
|
FED000
|
unkown
|
page readonly
|
||
|
2255000
|
direct allocation
|
page read and write
|
||
|
239B000
|
direct allocation
|
page read and write
|
||
|
2418000
|
direct allocation
|
page read and write
|
||
|
821000
|
heap
|
page read and write
|
||
|
D40000
|
unkown
|
page read and write
|
||
|
8DED000
|
stack
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
C83000
|
unkown
|
page read and write
|
||
|
16E1000
|
heap
|
page read and write
|
||
|
689C2000
|
unkown
|
page write copy
|
||
|
51EF000
|
direct allocation
|
page read and write
|
||
|
232C000
|
direct allocation
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
C45000
|
unkown
|
page read and write
|
||
|
17AC000
|
heap
|
page read and write
|
||
|
C2A000
|
unkown
|
page read and write
|
||
|
C88000
|
unkown
|
page read and write
|
||
|
2232000
|
direct allocation
|
page read and write
|
||
|
23C7000
|
direct allocation
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
37A1000
|
direct allocation
|
page read and write
|
||
|
1792000
|
heap
|
page read and write
|
||
|
1B40000
|
heap
|
page read and write
|
||
|
7CAE000
|
stack
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
6BCD3000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
EC6000
|
unkown
|
page read and write
|
||
|
2341000
|
direct allocation
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
6FC40000
|
unkown
|
page readonly
|
||
|
11E7000
|
unkown
|
page readonly
|
||
|
81AC000
|
stack
|
page read and write
|
||
|
D3D000
|
unkown
|
page read and write
|
||
|
16EA000
|
heap
|
page read and write
|
||
|
330C000
|
direct allocation
|
page read and write
|
||
|
7DEE000
|
stack
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
3228000
|
direct allocation
|
page read and write
|
||
|
23C0000
|
direct allocation
|
page read and write
|
||
|
1762000
|
heap
|
page read and write
|
||
|
E46000
|
unkown
|
page read and write
|
||
|
5228000
|
direct allocation
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
3A70000
|
heap
|
page read and write
|
||
|
6BD8F000
|
unkown
|
page execute read
|
||
|
3193000
|
direct allocation
|
page read and write
|
||
|
4EF0000
|
remote allocation
|
page read and write
|
||
|
6BBB1000
|
unkown
|
page execute read
|
||
|
1500000
|
heap
|
page read and write
|
||
|
337D000
|
direct allocation
|
page read and write
|
||
|
703000
|
unkown
|
page readonly
|
||
|
2240000
|
direct allocation
|
page read and write
|
||
|
248F000
|
direct allocation
|
page read and write
|
||
|
CBC000
|
unkown
|
page read and write
|
||
|
231D000
|
direct allocation
|
page read and write
|
||
|
6BD0E000
|
unkown
|
page execute read
|
||
|
6D6000
|
unkown
|
page read and write
|
||
|
DB8000
|
unkown
|
page read and write
|
||
|
D71000
|
unkown
|
page read and write
|
||
|
17DE000
|
heap
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
6BC75000
|
unkown
|
page execute read
|
||
|
11D0000
|
unkown
|
page readonly
|
||
|
34AF000
|
direct allocation
|
page read and write
|
||
|
3322000
|
direct allocation
|
page read and write
|
||
|
3376000
|
direct allocation
|
page read and write
|
||
|
6D1000
|
unkown
|
page read and write
|
||
|
1A20000
|
heap
|
page read and write
|
||
|
1732000
|
heap
|
page read and write
|
||
|
D89000
|
unkown
|
page read and write
|
||
|
6BCA9000
|
unkown
|
page execute read
|
||
|
2444000
|
direct allocation
|
page read and write
|
||
|
3CAF000
|
stack
|
page read and write
|
||
|
7CD3000
|
heap
|
page read and write
|
||
|
6BC12000
|
unkown
|
page readonly
|
||
|
9505000
|
heap
|
page read and write
|
||
|
23CE000
|
direct allocation
|
page read and write
|
||
|
16EF000
|
heap
|
page read and write
|
||
|
16B0000
|
heap
|
page read and write
|
||
|
31F2000
|
direct allocation
|
page read and write
|
||
|
25F0000
|
direct allocation
|
page execute and read and write
|
||
|
63B40000
|
unkown
|
page readonly
|
||
|
62E9C000
|
unkown
|
page readonly
|
||
|
87AF000
|
stack
|
page read and write
|
||
|
7FE000
|
heap
|
page read and write
|
||
|
897000
|
heap
|
page read and write
|
||
|
BE9000
|
unkown
|
page read and write
|
||
|
6BD9F000
|
unkown
|
page execute read
|
||
|
5EB6000
|
direct allocation
|
page read and write
|
||
|
1708000
|
heap
|
page read and write
|
||
|
4EF0000
|
remote allocation
|
page read and write
|
||
|
C4A000
|
unkown
|
page read and write
|
||
|
33B0000
|
direct allocation
|
page read and write
|
||
|
5ECB000
|
direct allocation
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
3317000
|
direct allocation
|
page read and write
|
||
|
C0F000
|
unkown
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
D15000
|
unkown
|
page read and write
|
||
|
5E25000
|
direct allocation
|
page read and write
|
||
|
6DE000
|
unkown
|
page readonly
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
FF3000
|
unkown
|
page read and write
|
||
|
2239000
|
direct allocation
|
page read and write
|
||
|
33D4000
|
direct allocation
|
page read and write
|
||
|
2C90000
|
trusted library allocation
|
page read and write
|
||
|
6BE0B000
|
unkown
|
page readonly
|
||
|
5F0A000
|
direct allocation
|
page read and write
|
||
|
816F000
|
stack
|
page read and write
|
||
|
FF3000
|
unkown
|
page write copy
|
||
|
EF5000
|
unkown
|
page read and write
|
||
|
249D000
|
direct allocation
|
page read and write
|
||
|
2693000
|
heap
|
page read and write
|
||
|
1B10000
|
heap
|
page read and write
|
||
|
5EE7000
|
direct allocation
|
page read and write
|
||
|
3791000
|
direct allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
8E2E000
|
stack
|
page read and write
|
||
|
6FC41000
|
unkown
|
page execute read
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
C1A000
|
unkown
|
page read and write
|
||
|
2264000
|
direct allocation
|
page read and write
|
||
|
F60000
|
unkown
|
page read and write
|
||
|
BC6000
|
unkown
|
page write copy
|
||
|
894000
|
heap
|
page read and write
|
||
|
E48000
|
unkown
|
page read and write
|
||
|
23EB000
|
direct allocation
|
page read and write
|
||
|
6BCF7000
|
unkown
|
page write copy
|
||
|
7CB0000
|
heap
|
page read and write
|
||
|
813000
|
heap
|
page read and write
|
||
|
6BF48000
|
unkown
|
page readonly
|
||
|
B9E000
|
unkown
|
page execute read
|
||
|
23F8000
|
direct allocation
|
page read and write
|
||
|
978E000
|
heap
|
page read and write
|
||
|
6BE80000
|
unkown
|
page readonly
|
||
|
322F000
|
direct allocation
|
page read and write
|
||
|
3450000
|
heap
|
page read and write
|
||
|
3A71000
|
heap
|
page read and write
|
||
|
68A00000
|
unkown
|
page write copy
|
||
|
81EE000
|
stack
|
page read and write
|
||
|
6BF5A000
|
unkown
|
page readonly
|
||
|
E16000
|
unkown
|
page read and write
|
||
|
9950000
|
heap
|
page read and write
|
||
|
31FB000
|
direct allocation
|
page read and write
|
||
|
C8D000
|
unkown
|
page read and write
|
||
|
2279000
|
direct allocation
|
page read and write
|
||
|
83E000
|
heap
|
page read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
6BDE5000
|
unkown
|
page read and write
|
||
|
504F000
|
stack
|
page read and write
|
||
|
2281000
|
direct allocation
|
page read and write
|
||
|
6BDF7000
|
unkown
|
page readonly
|
||
|
E2B000
|
unkown
|
page read and write
|
||
|
170A000
|
heap
|
page read and write
|
||
|
C4B000
|
unkown
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
6BC15000
|
unkown
|
page readonly
|
||
|
3338000
|
direct allocation
|
page read and write
|
||
|
175C000
|
heap
|
page read and write
|
||
|
2436000
|
direct allocation
|
page read and write
|
||
|
C78000
|
unkown
|
page read and write
|
||
|
32E7000
|
direct allocation
|
page read and write
|
||
|
866F000
|
stack
|
page read and write
|
||
|
DA0000
|
unkown
|
page read and write
|
||
|
3295000
|
direct allocation
|
page read and write
|
||
|
FEA000
|
unkown
|
page read and write
|
||
|
BE7000
|
unkown
|
page read and write
|
||
|
16FD000
|
heap
|
page read and write
|
||
|
521F000
|
direct allocation
|
page read and write
|
||
|
6C9000
|
unkown
|
page read and write
|
||
|
33B7000
|
direct allocation
|
page read and write
|
||
|
6BEEA000
|
unkown
|
page execute read
|
||
|
3208000
|
direct allocation
|
page read and write
|
||
|
6BC30000
|
unkown
|
page readonly
|
||
|
83C000
|
heap
|
page read and write
|
||
|
1AF3000
|
heap
|
page read and write
|
||
|
6BC8E000
|
unkown
|
page execute read
|
||
|
68A05000
|
unkown
|
page readonly
|
||
|
689F7000
|
unkown
|
page read and write
|
||
|
6BCC3000
|
unkown
|
page execute read
|
||
|
34A5000
|
direct allocation
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
32FD000
|
direct allocation
|
page read and write
|
||
|
5EEF000
|
direct allocation
|
page read and write
|
||
|
689CD000
|
unkown
|
page readonly
|
||
|
6BD98000
|
unkown
|
page execute read
|
||
|
51FF000
|
direct allocation
|
page read and write
|
||
|
62E80000
|
unkown
|
page readonly
|
||
|
C7B000
|
unkown
|
page read and write
|
||
|
883000
|
heap
|
page read and write
|
||
|
62E81000
|
unkown
|
page execute read
|
||
|
2288000
|
direct allocation
|
page read and write
|
||
|
5E20000
|
direct allocation
|
page read and write
|
||
|
62EA0000
|
unkown
|
page write copy
|
||
|
3366000
|
direct allocation
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
171B000
|
heap
|
page read and write
|
||
|
FD0000
|
unkown
|
page read and write
|
||
|
BD6000
|
unkown
|
page read and write
|
||
|
E18000
|
unkown
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
33BE000
|
direct allocation
|
page read and write
|
||
|
806C000
|
stack
|
page read and write
|
||
|
6FD08000
|
unkown
|
page readonly
|
||
|
842000
|
heap
|
page read and write
|
||
|
9500000
|
heap
|
page read and write
|
||
|
228F000
|
direct allocation
|
page read and write
|
||
|
6BF6A000
|
unkown
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
EDD000
|
unkown
|
page read and write
|
||
|
245B000
|
direct allocation
|
page read and write
|
||
|
5EE1000
|
direct allocation
|
page read and write
|
||
|
FCB000
|
unkown
|
page read and write
|
||
|
2333000
|
direct allocation
|
page read and write
|
||
|
23E4000
|
direct allocation
|
page read and write
|
||
|
2408000
|
direct allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
19CF000
|
stack
|
page read and write
|
||
|
1605000
|
heap
|
page read and write
|
||
|
229F000
|
direct allocation
|
page read and write
|
||
|
2462000
|
direct allocation
|
page read and write
|
||
|
6BEF0000
|
unkown
|
page execute read
|
||
|
1B15000
|
heap
|
page read and write
|
||
|
32B9000
|
direct allocation
|
page read and write
|
||
|
1B65000
|
heap
|
page read and write
|
||
|
8F6D000
|
stack
|
page read and write
|
||
|
BA3000
|
unkown
|
page read and write
|
||
|
1726000
|
heap
|
page read and write
|
||
|
6FCCA000
|
unkown
|
page read and write
|
||
|
22A6000
|
direct allocation
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
23D5000
|
direct allocation
|
page read and write
|
||
|
372C000
|
direct allocation
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
242C000
|
direct allocation
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
16F9000
|
heap
|
page read and write
|
||
|
83EF000
|
stack
|
page read and write
|
||
|
6BCF9000
|
unkown
|
page read and write
|
||
|
51E3000
|
direct allocation
|
page read and write
|
||
|
DCF000
|
unkown
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
3190000
|
direct allocation
|
page read and write
|
||
|
226B000
|
direct allocation
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
7BAC000
|
stack
|
page read and write
|
||
|
68941000
|
unkown
|
page execute read
|
||
|
87B000
|
heap
|
page read and write
|
||
|
22D9000
|
direct allocation
|
page read and write
|
||
|
375A000
|
direct allocation
|
page read and write
|
||
|
5F28000
|
direct allocation
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
6BE11000
|
unkown
|
page readonly
|
||
|
88A000
|
heap
|
page read and write
|
||
|
3788000
|
direct allocation
|
page read and write
|
||
|
E02000
|
unkown
|
page read and write
|
||
|
5EF2000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3763000
|
direct allocation
|
page read and write
|
||
|
6BC20000
|
unkown
|
page read and write
|
||
|
E71000
|
unkown
|
page read and write
|
||
|
5E44000
|
direct allocation
|
page read and write
|
||
|
82EF000
|
stack
|
page read and write
|
||
|
6BF56000
|
unkown
|
page write copy
|
||
|
BDC000
|
unkown
|
page read and write
|
||
|
6BDE9000
|
unkown
|
page readonly
|
||
|
2420000
|
direct allocation
|
page read and write
|
||
|
243D000
|
direct allocation
|
page read and write
|
||
|
2670000
|
heap
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
39F7000
|
heap
|
page read and write
|
||
|
6C061000
|
unkown
|
page readonly
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
6BC31000
|
unkown
|
page execute read
|
||
|
BD1000
|
unkown
|
page read and write
|
||
|
63B41000
|
unkown
|
page execute read
|
||
|
2398000
|
direct allocation
|
page read and write
|
||
|
37C5000
|
direct allocation
|
page read and write
|
||
|
8A2C000
|
stack
|
page read and write
|
||
|
22B4000
|
direct allocation
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
841000
|
heap
|
page read and write
|
||
|
C40000
|
unkown
|
page read and write
|
||
|
2298000
|
direct allocation
|
page read and write
|
||
|
175A000
|
heap
|
page read and write
|
||
|
374C000
|
direct allocation
|
page read and write
|
||
|
2488000
|
direct allocation
|
page read and write
|
||
|
32F6000
|
direct allocation
|
page read and write
|
||
|
6BE41000
|
unkown
|
page read and write
|
||
|
7F5000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
C7E000
|
unkown
|
page read and write
|
||
|
8BAE000
|
stack
|
page read and write
|
||
|
33CC000
|
direct allocation
|
page read and write
|
||
|
BDF000
|
stack
|
page read and write
|
||
|
32C9000
|
direct allocation
|
page read and write
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
802E000
|
stack
|
page read and write
|
||
|
6E960000
|
unkown
|
page read and write
|
||
|
6BC07000
|
unkown
|
page write copy
|
||
|
6BF22000
|
unkown
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
E18000
|
unkown
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
8B6F000
|
stack
|
page read and write
|
||
|
3BAE000
|
stack
|
page read and write
|
||
|
2690000
|
heap
|
page read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
7FE35000
|
direct allocation
|
page read and write
|
||
|
BB7000
|
unkown
|
page read and write
|
||
|
91AF000
|
stack
|
page read and write
|
||
|
62E96000
|
unkown
|
page readonly
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
170C000
|
heap
|
page read and write
|
||
|
6BD11000
|
unkown
|
page write copy
|
||
|
83E000
|
heap
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
6C05A000
|
unkown
|
page read and write
|
||
|
E86000
|
unkown
|
page read and write
|
||
|
5620000
|
trusted library allocation
|
page read and write
|
||
|
6BE43000
|
unkown
|
page read and write
|
||
|
6BCBF000
|
unkown
|
page execute read
|
||
|
3393000
|
direct allocation
|
page read and write
|
||
|
37C3000
|
direct allocation
|
page read and write
|
||
|
23DD000
|
direct allocation
|
page read and write
|
||
|
6FD3B000
|
unkown
|
page readonly
|
||
|
94EF000
|
stack
|
page read and write
|
||
|
FD0000
|
unkown
|
page read and write
|
||
|
1752000
|
heap
|
page read and write
|
||
|
178E000
|
stack
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
68940000
|
unkown
|
page readonly
|
||
|
6BD51000
|
unkown
|
page execute read
|
||
|
33F1000
|
direct allocation
|
page read and write
|
||
|
9501000
|
heap
|
page read and write
|
||
|
233A000
|
direct allocation
|
page read and write
|
||
|
6BE81000
|
unkown
|
page execute read
|
||
|
770000
|
heap
|
page read and write
|
||
|
6BF67000
|
unkown
|
page readonly
|
||
|
5217000
|
direct allocation
|
page read and write
|
||
|
BC6000
|
unkown
|
page read and write
|
||
|
6C060000
|
unkown
|
page write copy
|
||
|
6C013000
|
unkown
|
page readonly
|
||
|
CBF000
|
unkown
|
page read and write
|
||
|
3384000
|
direct allocation
|
page read and write
|
||
|
19E0000
|
heap
|
page read and write
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
8F2F000
|
stack
|
page read and write
|
||
|
63B6B000
|
unkown
|
page write copy
|
||
|
689C9000
|
unkown
|
page readonly
|
||
|
839000
|
heap
|
page read and write
|
||
|
22AD000
|
direct allocation
|
page read and write
|
||
|
DE7000
|
unkown
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
689FF000
|
unkown
|
page read and write
|
||
|
24C1000
|
direct allocation
|
page read and write
|
||
|
BAC000
|
unkown
|
page read and write
|
||
|
1737000
|
heap
|
page read and write
|
||
|
329C000
|
direct allocation
|
page read and write
|
||
|
6BCA0000
|
unkown
|
page readonly
|
||
|
1720000
|
heap
|
page read and write
|
||
|
1707000
|
heap
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
BA3000
|
unkown
|
page read and write
|
||
|
FED000
|
unkown
|
page readonly
|
||
|
813000
|
heap
|
page read and write
|
||
|
EAE000
|
unkown
|
page read and write
|
||
|
6E95F000
|
unkown
|
page readonly
|
||
|
19B000
|
stack
|
page read and write
|
||
|
6BE2E000
|
unkown
|
page readonly
|
||
|
829000
|
heap
|
page read and write
|
||
|
63B72000
|
unkown
|
page readonly
|
||
|
5207000
|
direct allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
37CF000
|
direct allocation
|
page read and write
|
||
|
BC4000
|
unkown
|
page read and write
|
||
|
2308000
|
direct allocation
|
page read and write
|
||
|
6C05C000
|
unkown
|
page write copy
|
||
|
22F8000
|
direct allocation
|
page read and write
|
||
|
33A8000
|
direct allocation
|
page read and write
|
||
|
6FD38000
|
unkown
|
page read and write
|
||
|
87EE000
|
stack
|
page read and write
|
||
|
33A1000
|
direct allocation
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
797000
|
heap
|
page read and write
|
||
|
C8D000
|
unkown
|
page read and write
|
||
|
6BD16000
|
unkown
|
page write copy
|
||
|
23AA000
|
direct allocation
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
5EB9000
|
direct allocation
|
page read and write
|
||
|
11F1000
|
unkown
|
page readonly
|
||
|
1748000
|
heap
|
page read and write
|
||
|
9770000
|
heap
|
page read and write
|
||
|
6BC73000
|
unkown
|
page execute read
|
||
|
5E81000
|
direct allocation
|
page read and write
|
||
|
225D000
|
direct allocation
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
C96000
|
unkown
|
page read and write
|
||
|
689C5000
|
unkown
|
page readonly
|
||
|
97000
|
stack
|
page read and write
|
||
|
C94000
|
unkown
|
page read and write
|
||
|
D52000
|
unkown
|
page read and write
|
||
|
6BF3F000
|
unkown
|
page readonly
|
||
|
5E86000
|
direct allocation
|
page read and write
|
||
|
C40000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BF37000
|
unkown
|
page readonly
|
||
|
852F000
|
stack
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
6CE000
|
unkown
|
page read and write
|
||
|
6BC0D000
|
unkown
|
page readonly
|
||
|
3287000
|
direct allocation
|
page read and write
|
||
|
C50000
|
unkown
|
page read and write
|
||
|
FE4000
|
unkown
|
page read and write
|
||
|
50CF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
86AC000
|
stack
|
page read and write
|
||
|
173C000
|
heap
|
page read and write
|
||
|
5E8E000
|
direct allocation
|
page read and write
|
||
|
22C2000
|
direct allocation
|
page read and write
|
||
|
51CA000
|
direct allocation
|
page read and write
|
||
|
C0D000
|
unkown
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
16B9000
|
heap
|
page read and write
|
||
|
6BF23000
|
unkown
|
page readonly
|
||
|
3778000
|
direct allocation
|
page read and write
|
||
|
FCB000
|
unkown
|
page read and write
|
||
|
62EA1000
|
unkown
|
page readonly
|
||
|
2688000
|
direct allocation
|
page read and write
|
||
|
2680000
|
direct allocation
|
page read and write
|
||
|
90AE000
|
stack
|
page read and write
|
||
|
E6E000
|
unkown
|
page read and write
|
||
|
17DB000
|
heap
|
page read and write
|
||
|
1760000
|
heap
|
page read and write
|
||
|
5F45000
|
direct allocation
|
page read and write
|
||
|
CD5000
|
unkown
|
page read and write
|
||
|
7EB000
|
heap
|
page read and write
|
||
|
33F9000
|
direct allocation
|
page read and write
|
||
|
689D5000
|
unkown
|
page readonly
|
||
|
246A000
|
direct allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
8CEE000
|
stack
|
page read and write
|
||
|
7EEF000
|
stack
|
page read and write
|
||
|
6BCC9000
|
unkown
|
page execute read
|
||
|
3305000
|
direct allocation
|
page read and write
|
||
|
6BD11000
|
unkown
|
page execute read
|
||
|
35AC000
|
stack
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
5EC6000
|
direct allocation
|
page read and write
|
||
|
63B78000
|
unkown
|
page readonly
|
||
|
C1A000
|
unkown
|
page read and write
|
||
|
336E000
|
direct allocation
|
page read and write
|
||
|
6FCCD000
|
unkown
|
page readonly
|
||
|
6E940000
|
unkown
|
page readonly
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
2272000
|
direct allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
1099000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
33E2000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
C84000
|
unkown
|
page read and write
|
||
|
6BBB0000
|
unkown
|
page readonly
|
||
|
6E0000
|
unkown
|
page readonly
|
||
|
6C7000
|
unkown
|
page write copy
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
242F000
|
direct allocation
|
page read and write
|
||
|
689FC000
|
unkown
|
page readonly
|
||
|
832000
|
heap
|
page read and write
|
||
|
1721000
|
heap
|
page read and write
|
||
|
60F000
|
unkown
|
page execute read
|
||
|
E34000
|
unkown
|
page read and write
|
||
|
6BD7C000
|
unkown
|
page execute read
|
||
|
31D5000
|
direct allocation
|
page read and write
|
||
|
3650000
|
direct allocation
|
page read and write
|
||
|
906D000
|
stack
|
page read and write
|
||
|
6BC36000
|
unkown
|
page execute read
|
||
|
6BE25000
|
unkown
|
page readonly
|
||
|
620000
|
unkown
|
page execute read
|
||
|
2390000
|
direct allocation
|
page read and write
|
||
|
349C000
|
direct allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
856E000
|
stack
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
31E4000
|
direct allocation
|
page read and write
|
||
|
6BCFA000
|
unkown
|
page readonly
|
||
|
11D9000
|
unkown
|
page readonly
|
||
|
7F7000
|
heap
|
page read and write
|
||
|
321E000
|
direct allocation
|
page read and write
|
||
|
230F000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BD4D000
|
unkown
|
page execute read
|
||
|
893000
|
heap
|
page read and write
|
||
|
3410000
|
direct allocation
|
page execute and read and write
|
||
|
6D9000
|
unkown
|
page write copy
|
||
|
39F1000
|
heap
|
page read and write
|
||
|
2590000
|
direct allocation
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
33C5000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
2680000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C96000
|
unkown
|
page read and write
|
||
|
325C000
|
direct allocation
|
page read and write
|
||
|
175C000
|
heap
|
page read and write
|
||
|
179D000
|
heap
|
page read and write
|
||
|
CD5000
|
unkown
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
F60000
|
unkown
|
page read and write
|
||
|
6E941000
|
unkown
|
page execute read
|
||
|
108B000
|
unkown
|
page readonly
|
||
|
6BF71000
|
unkown
|
page execute read
|
||
|
3254000
|
direct allocation
|
page read and write
|
||
|
22F1000
|
direct allocation
|
page read and write
|
||
|
1701000
|
heap
|
page read and write
|
||
|
9957000
|
heap
|
page read and write
|
||
|
333F000
|
direct allocation
|
page read and write
|
||
|
6BF35000
|
unkown
|
page readonly
|
||
|
51EB000
|
direct allocation
|
page read and write
|
||
|
88EF000
|
stack
|
page read and write
|
||
|
6BF59000
|
unkown
|
page write copy
|
||
|
7FB40000
|
direct allocation
|
page read and write
|
||
|
829000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3329000
|
direct allocation
|
page read and write
|
||
|
68A04000
|
unkown
|
page write copy
|
||
|
6BED6000
|
unkown
|
page readonly
|
||
|
6E963000
|
unkown
|
page readonly
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
6BD72000
|
unkown
|
page execute read
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
3471000
|
heap
|
page read and write
|
||
|
BF6000
|
unkown
|
page read and write
|
||
|
34C1000
|
direct allocation
|
page read and write
|
||
|
31A8000
|
direct allocation
|
page read and write
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
80F000
|
heap
|
page read and write
|
||
|
3970000
|
heap
|
page read and write
|
||
|
E51000
|
unkown
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
E10000
|
unkown
|
page read and write
|
||
|
1745000
|
heap
|
page read and write
|
||
|
172F000
|
heap
|
page read and write
|
||
|
2219000
|
direct allocation
|
page read and write
|
||
|
11EA000
|
unkown
|
page readonly
|
||
|
A9E000
|
stack
|
page read and write
|
||
|
173B000
|
heap
|
page read and write
|
||
|
11DF000
|
unkown
|
page readonly
|
||
|
6BF70000
|
unkown
|
page readonly
|
||
|
396F000
|
stack
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
33DB000
|
direct allocation
|
page read and write
|
||
|
31DC000
|
direct allocation
|
page read and write
|
||
|
7CC7000
|
heap
|
page read and write
|
||
|
3333000
|
direct allocation
|
page read and write
|
||
|
6BED5000
|
unkown
|
page read and write
|
||
|
376D000
|
direct allocation
|
page read and write
|
||
|
24C8000
|
direct allocation
|
page read and write
|
||
|
1743000
|
heap
|
page read and write
|
||
|
BD3000
|
unkown
|
page read and write
|
||
|
BA3000
|
unkown
|
page write copy
|
||
|
6BC09000
|
unkown
|
page read and write
|
||
|
51D8000
|
direct allocation
|
page read and write
|
||
|
6BCA1000
|
unkown
|
page execute read
|
||
|
3470000
|
heap
|
page read and write
|
||
|
6BD10000
|
unkown
|
page read and write
|
||
|
3314000
|
direct allocation
|
page read and write
|
||
|
22D1000
|
direct allocation
|
page read and write
|
||
|
803000
|
heap
|
page read and write
|
||
|
335F000
|
direct allocation
|
page read and write
|
||
|
320F000
|
direct allocation
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
C7B000
|
unkown
|
page read and write
|
||
|
6BC0A000
|
unkown
|
page readonly
|
||
|
174C000
|
heap
|
page read and write
|
||
|
6FCCA000
|
unkown
|
page read and write
|
||
|
24BA000
|
direct allocation
|
page read and write
|
||
|
6C059000
|
unkown
|
page readonly
|
||
|
842E000
|
stack
|
page read and write
|
||
|
6C7000
|
unkown
|
page read and write
|
||
|
6BD4F000
|
unkown
|
page execute read
|
||
|
55A0000
|
trusted library allocation
|
page read and write
|
||
|
2316000
|
direct allocation
|
page read and write
|
||
|
888000
|
heap
|
page read and write
|
||
|
6C012000
|
unkown
|
page read and write
|
||
|
339A000
|
direct allocation
|
page read and write
|
||
|
FC9000
|
unkown
|
page read and write
|
||
|
63B74000
|
unkown
|
page read and write
|
||
|
5E96000
|
direct allocation
|
page read and write
|
||
|
180D000
|
heap
|
page read and write
|
||
|
5ECD000
|
direct allocation
|
page read and write
|
||
|
823000
|
heap
|
page read and write
|
||
|
BD1000
|
unkown
|
page read and write
|
There are 689 hidden memdumps, click here to show them.