IOC Report
Archive.zip

loading gif

Files

File Path
Type
Category
Malicious
Archive.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
initial sample
C:\Program Files (x86)\Icecream PDF Editor 3\CrashRpt1403.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\CrashSender1403.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\DebenuPDFLibraryDLL1212.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5Core.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5Gui.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5Network.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5Svg.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5Widgets.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\Qt5WinExtras.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-file-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-file-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-louserzation-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-processthreads-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-synch-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-core-timezone-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-convert-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-environment-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-filesystem-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-heap-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-locale-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-math-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-runtime-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-stdio-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-string-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-time-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\api-ms-win-crt-utility-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\crashrpt_lang.ini (copy)
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\icepdfeditor.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\icepdfeditor.exe.BAK
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\iconengines\is-EH0TS.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\iconengines\qsvgicon.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-2PJLM.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-348E9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-3RLDL.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-B31EP.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-C5UR9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-EOFBO.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-H3B6T.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-IUBHJ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\is-K7OKT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qgif.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qicns.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qico.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qjpeg.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qsvg.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qtga.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qtiff.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qwbmp.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\imageformats\qwebp.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-045QH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-0J7P8.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-0REOE.tmp
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-0VCGO.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-2DG5N.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-32IQI.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-33JEM.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-4RU8B.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-4VH3K.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-5FD3K.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-5NCII.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-632VQ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-6PKIS.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-71RVD.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-7RINB.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-8CTAA.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-9JTNT.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-9LV8H.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-A1NMJ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-AH44U.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-AVR5I.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-B7R59.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-BH5LP.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-C4NAE.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-CJEQM.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-CTDA2.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-D2OAP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-E29SC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-E2EPR.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-EF39E.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-EQQK5.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-F9SRF.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-FEC93.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-G9D6N.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-GIDFB.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-GS8SF.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-H2HIE.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-HDI2E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-HINO1.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-HQS0M.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-HUMQ2.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-I5AN5.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-I5I15.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-IKESB.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-IQ6N1.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-IQNAL.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-JCBAO.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-JCCI9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-JO2A2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-K28TK.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-KBLEA.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-LCLTR.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-M2DS0.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-M4EGV.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-MDI6D.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-ME4M5.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-MJ811.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-NIFON.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-NR85U.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-NULG8.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-NV1R0.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-O4563.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-OE5OD.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-OPH5U.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-PBJI8.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-QMD9M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-REGAU.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-S3L1J.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-SD5L0.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-SI4OP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-SS9TM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-T1BNR.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-TFOAP.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-UDEAJ.tmp
PDF document, version 1.7 (zip deflate encoded)
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-US2TH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-V02DP.tmp
PDF document, version 1.7 (zip deflate encoded)
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\is-V173U.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\libcrypto-1_1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\libcurl.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\libssl-1_1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\msvcp120.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\msvcp140.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\msvcp140_1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\msvcr120.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\pdf-xpansion-cjk.pds (copy)
PDF document, version 1.7 (zip deflate encoded)
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\pdf-xpansion.pds (copy)
PDF document, version 1.7 (zip deflate encoded)
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\pdfcore-x86.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\platforms\is-NOM8F.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\platforms\qwindows.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\styles\is-GOQN9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\styles\qwindowsvistastyle.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_ar.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_de.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_en.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_es.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_fr.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_it.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_nl.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_pl.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_pt.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_ru.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_th.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_tr.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\icepdfeditor_zh_cn.qm (copy)
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-0IDNT.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-6OSFV.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-81KSO.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-ARI1L.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-BD4Q1.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-LJJJ3.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-LTORS.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-NVD4K.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-PIHK5.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-RC324.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-RS931.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-S5R18.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\translations\is-SJ6S9.tmp
Qt Translation file
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\ucrtbase.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\unins000.dat
InnoSetup Log Icecream PDF Editor 3 {015AF6C3-CE60-4307-88EF-3D59C8B515FE}, version 0x418, 22262 bytes, 715575\37\user\376\, C:\Program Files (x86)\Icecream PDF Editor
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\unins000.msg
InnoSetup messages, version 5.5.3, 221 messages (UTF-16), &About Setup...
dropped
C:\Program Files (x86)\Icecream PDF Editor 3\vcruntime140.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Editor 3.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu Oct 24 11:51:34 2024, mtime=Thu Oct 24 11:51:38 2024, atime=Fri Sep 20 15:00:22 2024, length=4369472, window=hide
dropped
C:\Users\Public\Desktop\Icecream PDF Editor 3.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Thu Oct 24 11:51:34 2024, mtime=Thu Oct 24 11:51:40 2024, atime=Fri Sep 20 15:00:22 2024, length=4369472, window=hide
dropped
C:\Users\user\AppData\Local\Temp\is-7K9QH.tmp\pdf_editor_setup_Downloadly.ir.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-BA69I.tmp\pdf_editor_setup_Downloadly.ir.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-UP5T5.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
There are 167 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe"
malicious
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe"
malicious
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe"
malicious
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_d09ac12e80d793e2bb60f6dc17656721cb8751bf-2.zip\Patch.exe"
malicious
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe"
C:\Users\user\AppData\Local\Temp\is-BA69I.tmp\pdf_editor_setup_Downloadly.ir.tmp
"C:\Users\user\AppData\Local\Temp\is-BA69I.tmp\pdf_editor_setup_Downloadly.ir.tmp" /SL5="$601F8,22152334,238080,C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe"
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe" /SPAWNWND=$602C2 /NOTIFYWND=$601F8
C:\Users\user\AppData\Local\Temp\is-7K9QH.tmp\pdf_editor_setup_Downloadly.ir.tmp
"C:\Users\user\AppData\Local\Temp\is-7K9QH.tmp\pdf_editor_setup_Downloadly.ir.tmp" /SL5="$70300,22152334,238080,C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_274f715c8cf38126dbbd4bcae3b6fed8ecedb649.zip\pdf_editor_setup_Downloadly.ir.exe" /SPAWNWND=$602C2 /NOTIFYWND=$601F8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://icecreamapps.com/PDF-Editor/thankyou.html?v=3.27
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1952,i,74056811706744733,4401257274020997871,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://icecreamapps.com/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=1956,i,7196489178614102710,14503791149393765188,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_5947d8bd2f31bedc98f322800cabd2fb85e56117-2.zip\icepdfeditor.exe
"C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_5947d8bd2f31bedc98f322800cabd2fb85e56117-2.zip\icepdfeditor.exe"
There are 4 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://fontawesome.io
unknown
http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
unknown
http://ocsp.sectigo.com0
unknown
https://icecreamapps.com
unknown
https://ko-fi.com/radixx11
unknown
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://icecreamapps.com/PDF-Editor/thankyou.html?v=3.27
37.58.52.149
https://icecreamapps.com/PDF-Editor/uninstall.html?v=3.27
unknown
http://updates.icecreamapps.com/check.php
unknown
http://code.google.com/p/crashrpt/wiki/FAQ
unknown
http://icecreamapps.com/act/crashfix/index.php/crashReport/uploadExternalCould
unknown
https://radixx11rce3.blogspot.com
unknown
https://icecreamapps.com/act/license.phphttps://icecreamapps.com/go/license_date.phpInvalid
unknown
https://icecreamapps.com/PDF-Edito
unknown
http://icecreamapps.com/PDF-Editor/QN
unknown
https://curl.se/docs/hsts.html
unknown
http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
unknown
https://icecreamapps.com/go/help.php?prod=pde
unknown
https://icecreamapps.com/PDF-Editor/thankyou.html?v=3.27l
unknown
https://mail.ru
unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0
unknown
https://google.ru
unknown
https://icecreamapps.comU
unknown
http://updates.icecreamapps.com/check.phphttps://icecreamapps.comhttps://icecreamapps.com/PDF-Editor
unknown
https://data.icecreamapps.com
unknown
https://icecreamapps.comb
unknown
https://ko-fi.com/radixx11Q
unknown
http://icecreamapps.com/PDF-Editor/Fhttp://icecreamapps.com/PDF-Editor/Fhttp://icecreamapps.com/PDF-
unknown
http://counter-strike.com.ua/
unknown
http://icecreamapps.com/PDF-Editor/
unknown
https://icecreamapps.com/PDF-Editor/changelog.html
unknown
http://www.mpegla.com
unknown
http://www.palkornel.hu/innosetup%1
unknown
https://google.ruSome
unknown
https://data.icecreamapps.com/?pid=%1&ver=%2&dev=%3Send
unknown
http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
unknown
http://www.innosetup.com/
unknown
https://icecreamapps.com/act/license.php
unknown
https://icecreamapps.com/
37.58.52.149
https://icecreamapps.com/b
unknown
https://sectigo.com/CPS0
unknown
http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
unknown
https://curl.se/docs/http-cookies.html
unknown
http://www.aiim.org/pdfa/ns/id/
unknown
https://icecreamapps.com/PDF-Editor/upgrade.html?v=%1&t=%2
unknown
http://ocsp.thawte.com0
unknown
https://icecreamapps.com/Howto/how-to-make-icecream-pdf-editor-your-default-PDF-reader.html
unknown
https://curl.se/docs/alt-svc.html
unknown
http://www.color.org)
unknown
http://icecreamapps.com/PDF-Editor/QN;
unknown
http://www.dk-soft.org/
unknown
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
unknown
https://curl.se/docs/copyright.htmlD
unknown
http://fontawesome.io/license/
unknown
https://icecreamapps.com/PDF-Editor
unknown
https://www.thawte.com/cps0/
unknown
https://icecreamapps.com/PDF-Editor/thankyou.html?v=3.27C:
unknown
http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
unknown
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
unknown
https://icecreamapps.com/PDF-Editor/thankyou.html?v=3.274
unknown
https://icecreamapps.com/go/license_date.php
unknown
https://www.thawte.com/repository0W
unknown
http://www.winimage.com/zLibDll
unknown
http://www.remobjects.com/ps
unknown
https://ya.ru
unknown
https://curl.se/V
unknown
There are 56 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
icecreamapps.com
37.58.52.149
cl-2d703670.gcdn.co
92.223.124.62
static.icecreamapps.com
unknown

IPs

IP
Domain
Country
Malicious
239.255.255.250
unknown
Reserved
92.223.124.62
cl-2d703670.gcdn.co
Austria
37.58.52.149
icecreamapps.com
Germany

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Icecream\Icecream PDF Editor New
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Icecream\Icecream PDF Editor New
CurrentVersion
HKEY_CURRENT_USER\SOFTWARE\soft Xpansion\PDFXpansionSDK12
LogConfig
HKEY_CURRENT_USER\SOFTWARE\Icecream\Icecream PDF Editor New
SendData
HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications
C:\Program Files (x86)\Icecream PDF Editor 3
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Icecream\Icecream PDF Editor New\Capabilities
ApplicationName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Icecream\Icecream PDF Editor New\Capabilities
ApplicationDescription
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Icecream\Icecream PDF Editor New\Capabilities\FileAssociations
.pdf
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Icecream\Icecream PDF Editor New\Capabilities\MIMEAssociations
application/pdf
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.pdf\OpenWithProgids
Icecream.PDFEditor.PDF
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Icecream.PDFEditor.PDF
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Icecream.PDFEditor.PDF\Application
ApplicationName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Icecream.PDFEditor.PDF\DefaultIcon
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Icecream.PDFEditor.PDF\shell\open\command
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: Selected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: Deselected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
MinorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{015AF6C3-CE60-4307-88EF-3D59C8B515FE}_is1
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{88C6C381-2E85-11D0-94DE-444553540000} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{BD84B380-8CA2-1069-AB1D-08000948F534} {000214E6-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{F5175861-2688-11D0-9C5E-00AA00A45957} {000214E6-0000-0000-C000-000000000046} 0xFFFF
There are 38 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
63E4000
trusted library allocation
page read and write
69D8000
heap
page read and write
698A000
heap
page read and write
69E7000
heap
page read and write
6053000
trusted library allocation
page read and write
23CA000
direct allocation
page read and write
39BF000
stack
page read and write
62ED000
stack
page read and write
80A000
heap
page read and write
2845000
direct allocation
page read and write
6970000
heap
page read and write
6A48000
heap
page read and write
69EA000
heap
page read and write
677B000
trusted library allocation
page read and write
69D1000
heap
page read and write
69CF000
heap
page read and write
5130000
trusted library allocation
page read and write
5ED1000
trusted library allocation
page read and write
6452000
trusted library allocation
page read and write
66EE000
direct allocation
page read and write
69D1000
heap
page read and write
6962000
heap
page read and write
6996000
heap
page read and write
4E1A000
heap
page read and write
701000
heap
page read and write
65A9000
trusted library allocation
page read and write
6996000
heap
page read and write
7D1000
heap
page read and write
6759000
trusted library allocation
page read and write
69D8000
heap
page read and write
6947000
heap
page read and write
6A49000
heap
page read and write
5D1000
unkown
page execute and read and write
69CF000
heap
page read and write
5C20000
trusted library allocation
page read and write
377E000
stack
page read and write
63EF000
trusted library allocation
page read and write
698A000
heap
page read and write
69D4000
heap
page read and write
50C0000
trusted library allocation
page read and write
6940000
heap
page read and write
54B000
heap
page read and write
D05000
direct allocation
page read and write
6968000
heap
page read and write
69E8000
heap
page read and write
6968000
heap
page read and write
7CD000
heap
page read and write
3595000
direct allocation
page read and write
2BDE000
stack
page read and write
23C3000
direct allocation
page read and write
69D8000
heap
page read and write
2485000
heap
page read and write
27DF000
direct allocation
page read and write
850000
heap
page read and write
6996000
heap
page read and write
6738000
trusted library allocation
page read and write
2315000
heap
page read and write
373E000
stack
page read and write
6975000
heap
page read and write
69D9000
heap
page read and write
693A000
heap
page read and write
27EE000
direct allocation
page read and write
4B61000
direct allocation
page read and write
666000
unkown
page read and write
69EE000
heap
page read and write
7EE000
heap
page read and write
69CF000
heap
page read and write
697B000
heap
page read and write
6968000
heap
page read and write
69D4000
heap
page read and write
5FF0000
trusted library allocation
page read and write
69E5000
heap
page read and write
6930000
heap
page read and write
6430000
trusted library allocation
page read and write
698A000
heap
page read and write
69D1000
heap
page read and write
23DA000
direct allocation
page read and write
7A9000
heap
page read and write
69B1000
heap
page read and write
698A000
heap
page read and write
69CD000
heap
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
2580000
heap
page read and write
35C9000
direct allocation
page read and write
4E05000
heap
page read and write
23D2000
direct allocation
page read and write
69F0000
heap
page read and write
D13000
direct allocation
page read and write
7D4000
heap
page read and write
5F85000
trusted library allocation
page read and write
4E18000
heap
page read and write
5CF0000
trusted library allocation
page read and write
6941000
trusted library allocation
page read and write
502000
unkown
page read and write
69D7000
heap
page read and write
6950000
heap
page read and write
77E000
heap
page read and write
69D4000
heap
page read and write
69CE000
heap
page read and write
6050000
trusted library allocation
page read and write
69EC000
heap
page read and write
7ED000
heap
page read and write
69CD000
heap
page read and write
5E2B000
trusted library allocation
page read and write
698A000
heap
page read and write
69D0000
heap
page read and write
2670000
heap
page read and write
5E23000
trusted library allocation
page read and write
69CF000
heap
page read and write
4B59000
direct allocation
page read and write
69E6000
heap
page read and write
D28000
direct allocation
page read and write
6931000
heap
page read and write
84B000
heap
page read and write
4F20000
trusted library allocation
page read and write
69D1000
heap
page read and write
69EF000
heap
page read and write
69D3000
heap
page read and write
69D6000
heap
page read and write
24A3000
heap
page read and write
6969000
heap
page read and write
69EB000
heap
page read and write
69EC000
heap
page read and write
69E8000
heap
page read and write
5CF0000
trusted library allocation
page read and write
69D8000
heap
page read and write
806000
heap
page read and write
35B4000
direct allocation
page read and write
73A000
heap
page read and write
697B000
heap
page read and write
699D000
heap
page read and write
697C000
heap
page read and write
5CF2000
trusted library allocation
page read and write
6062000
trusted library allocation
page read and write
69F0000
heap
page read and write
7DB000
heap
page read and write
69CC000
heap
page read and write
670000
heap
page read and write
69D6000
heap
page read and write
3781000
heap
page read and write
50E0000
trusted library allocation
page read and write
1A296899000
heap
page read and write
6996000
heap
page read and write
6869000
trusted library allocation
page read and write
69B1000
heap
page read and write
673F000
trusted library allocation
page read and write
69D4000
heap
page read and write
69CD000
heap
page read and write
70D000
heap
page read and write
F7E000
stack
page read and write
4F00000
trusted library allocation
page read and write
7A9000
heap
page read and write
6050000
trusted library allocation
page read and write
673E000
trusted library allocation
page read and write
5FF0000
trusted library allocation
page read and write
69B8000
heap
page read and write
697C000
heap
page read and write
69EE000
heap
page read and write
4B07000
direct allocation
page read and write
6996000
heap
page read and write
69D8000
heap
page read and write
66E1000
direct allocation
page read and write
6730000
trusted library allocation
page read and write
4E32000
heap
page read and write
69CD000
heap
page read and write
69D0000
heap
page read and write
73E000
heap
page read and write
3735000
heap
page read and write
5F52000
trusted library allocation
page read and write
6940000
heap
page read and write
C6E000
stack
page read and write
414D000
stack
page read and write
5C20000
trusted library allocation
page read and write
5FF0000
trusted library allocation
page read and write
69D0000
heap
page read and write
69E6000
heap
page read and write
C8C000
direct allocation
page read and write
63E1000
trusted library allocation
page read and write
698A000
heap
page read and write
69EB000
heap
page read and write
698A000
heap
page read and write
27EF000
direct allocation
page read and write
5B20000
heap
page read and write
2822000
direct allocation
page read and write
4E0C000
heap
page read and write
69CF000
heap
page read and write
6968000
heap
page read and write
788000
heap
page read and write
3743000
heap
page read and write
69E8000
heap
page read and write
F8A000
heap
page read and write
69B8000
heap
page read and write
698A000
heap
page read and write
39FE000
stack
page read and write
91F000
heap
page read and write
35BB000
direct allocation
page read and write
3700000
heap
page read and write
6988000
heap
page read and write
6DB5000
trusted library allocation
page read and write
5D1000
unkown
page execute and read and write
5C20000
trusted library allocation
page read and write
5CF0000
trusted library allocation
page read and write
69CE000
heap
page read and write
69D1000
heap
page read and write
6A48000
heap
page read and write
4BC9000
direct allocation
page read and write
D05000
direct allocation
page read and write
2370000
direct allocation
page read and write
2443000
direct allocation
page read and write
69CE000
heap
page read and write
6A48000
heap
page read and write
5E20000
trusted library allocation
page read and write
6968000
heap
page read and write
6730000
trusted library allocation
page read and write
843000
heap
page read and write
5E2D000
trusted library allocation
page read and write
401000
unkown
page execute read
6A4A000
heap
page read and write
69D2000
heap
page read and write
75A000
heap
page read and write
69ED000
heap
page read and write
69B8000
heap
page read and write
5C4000
unkown
page execute and read and write
69ED000
heap
page read and write
3609000
direct allocation
page read and write
69CD000
heap
page read and write
39AF000
direct allocation
page read and write
D52000
direct allocation
page read and write
1A2967F0000
heap
page read and write
2410000
direct allocation
page read and write
5F43000
trusted library allocation
page read and write
282B13F000
stack
page read and write
69B4000
heap
page read and write
749000
heap
page read and write
6996000
heap
page read and write
5E22000
trusted library allocation
page read and write
5FF8000
trusted library allocation
page read and write
CC6000
direct allocation
page read and write
69CF000
heap
page read and write
69E9000
heap
page read and write
69E5000
heap
page read and write
69D6000
heap
page read and write
2BA5000
heap
page read and write
69E7000
heap
page read and write
83A000
heap
page read and write
69E7000
heap
page read and write
69A3000
heap
page read and write
6996000
heap
page read and write
22B0000
direct allocation
page read and write
4E04000
heap
page read and write
917000
heap
page read and write
A2E000
stack
page read and write
2827000
direct allocation
page read and write
3300000
direct allocation
page read and write
2458000
direct allocation
page read and write
84B000
heap
page read and write
2368000
direct allocation
page read and write
23C4000
direct allocation
page read and write
69CD000
heap
page read and write
6940000
heap
page read and write
697C000
heap
page read and write
82A000
heap
page read and write
64D7000
trusted library allocation
page read and write
699C000
heap
page read and write
6973000
heap
page read and write
6994000
heap
page read and write
603A000
trusted library allocation
page read and write
69CF000
heap
page read and write
5E8B000
trusted library allocation
page read and write
35D5000
direct allocation
page read and write
5E6D000
trusted library allocation
page read and write
6050000
trusted library allocation
page read and write
4E32000
heap
page read and write
69CE000
heap
page read and write
69CC000
heap
page read and write
698A000
heap
page read and write
698C000
heap
page read and write
5E0000
heap
page read and write
69CC000
heap
page read and write
69EA000
heap
page read and write
2446000
direct allocation
page read and write
69D0000
heap
page read and write
69CE000
heap
page read and write
79E000
heap
page read and write
698A000
heap
page read and write
69E5000
heap
page read and write
69E6000
heap
page read and write
2388000
direct allocation
page read and write
698C000
heap
page read and write
69E7000
heap
page read and write
7DD000
heap
page read and write
5F44000
trusted library allocation
page read and write
6C72000
trusted library allocation
page read and write
82A000
heap
page read and write
D6F000
direct allocation
page read and write
23A0000
direct allocation
page read and write
69F2000
heap
page read and write
69D1000
heap
page read and write
7C1000
heap
page read and write
69E4000
heap
page read and write
69ED000
heap
page read and write
69E8000
heap
page read and write
7B4000
heap
page read and write
5D21000
heap
page read and write
754000
heap
page read and write
69CE000
heap
page read and write
5FF0000
trusted library allocation
page read and write
69E7000
heap
page read and write
4F20000
trusted library allocation
page read and write
4B93000
direct allocation
page read and write
6973000
heap
page read and write
78E000
stack
page read and write
7AC000
heap
page read and write
359E000
direct allocation
page read and write
4E04000
heap
page read and write
69D2000
heap
page read and write
667F000
direct allocation
page read and write
6A7000
unkown
page readonly
97E000
heap
page read and write
5E80000
trusted library allocation
page read and write
7EB000
heap
page read and write
6968000
heap
page read and write
69CD000
heap
page read and write
6968000
heap
page read and write
69E7000
heap
page read and write
69CD000
heap
page read and write
373C000
heap
page read and write
69B8000
heap
page read and write
698A000
heap
page read and write
5E20000
trusted library allocation
page read and write
69CE000
heap
page read and write
6946000
heap
page read and write
2BA0000
heap
page read and write
698A000
heap
page read and write
632E000
stack
page read and write
1A2966F0000
heap
page read and write
6968000
heap
page read and write
69B4000
heap
page read and write
6983000
heap
page read and write
412000
unkown
page write copy
5FFD000
trusted library allocation
page read and write
6A49000
heap
page read and write
69EF000
heap
page read and write
6996000
heap
page read and write
69E6000
heap
page read and write
6998000
heap
page read and write
2320000
direct allocation
page read and write
373A000
heap
page read and write
50C0000
trusted library allocation
page read and write
696E000
heap
page read and write
4E0F000
heap
page read and write
69D1000
heap
page read and write
6968000
heap
page read and write
69CE000
heap
page read and write
69EF000
heap
page read and write
647C000
trusted library allocation
page read and write
5F40000
trusted library allocation
page read and write
6840000
trusted library allocation
page read and write
69EE000
heap
page read and write
D1B000
direct allocation
page read and write
4E0F000
heap
page read and write
6968000
heap
page read and write
8FF000
stack
page read and write
643F000
trusted library allocation
page read and write
4BA3000
direct allocation
page read and write
DBA000
heap
page read and write
D15000
direct allocation
page read and write
50C0000
trusted library allocation
page read and write
6956000
heap
page read and write
81E000
stack
page read and write
6994000
heap
page read and write
69E8000
heap
page read and write
91F000
heap
page read and write
69CD000
heap
page read and write
69EB000
heap
page read and write
836000
heap
page read and write
D3C000
direct allocation
page read and write
69D7000
heap
page read and write
5E87000
heap
page read and write
AC0000
heap
page read and write
6730000
trusted library allocation
page read and write
69D1000
heap
page read and write
69D6000
heap
page read and write
23B4000
direct allocation
page read and write
35AC000
direct allocation
page read and write
6440000
trusted library allocation
page read and write
69CF000
heap
page read and write
239F000
direct allocation
page read and write
6968000
heap
page read and write
97F000
stack
page read and write
23F4000
direct allocation
page read and write
698A000
heap
page read and write
6429000
trusted library allocation
page read and write
5EDF000
stack
page read and write
920000
heap
page read and write
6968000
heap
page read and write
6003000
trusted library allocation
page read and write
C7E000
direct allocation
page read and write
6943000
heap
page read and write
855000
heap
page read and write
1F0000
heap
page read and write
69CC000
heap
page read and write
5FFC000
trusted library allocation
page read and write
6953000
heap
page read and write
69E5000
heap
page read and write
23D1000
direct allocation
page read and write
2460000
direct allocation
page execute and read and write
6A49000
heap
page read and write
69D1000
heap
page read and write
D84000
direct allocation
page read and write
4E05000
heap
page read and write
69CC000
heap
page read and write
69F3000
heap
page read and write
6451000
trusted library allocation
page read and write
6996000
heap
page read and write
4B95000
direct allocation
page read and write
69D6000
heap
page read and write
5FFB000
trusted library allocation
page read and write
69D1000
heap
page read and write
69D0000
heap
page read and write
5E20000
trusted library allocation
page read and write
5C8C000
stack
page read and write
6A48000
heap
page read and write
2812000
direct allocation
page read and write
713000
heap
page read and write
920000
heap
page read and write
6A49000
heap
page read and write
6968000
heap
page read and write
3561000
direct allocation
page read and write
6987000
heap
page read and write
D4B000
direct allocation
page read and write
69D0000
heap
page read and write
240B000
direct allocation
page read and write
460000
heap
page read and write
69E8000
heap
page read and write
69EE000
heap
page read and write
3FB0000
trusted library allocation
page read and write
69CF000
heap
page read and write
845000
heap
page read and write
23AF000
direct allocation
page read and write
69D0000
heap
page read and write
69E9000
heap
page read and write
4F8000
heap
page read and write
5CF3000
trusted library allocation
page read and write
4F00000
trusted library allocation
page read and write
69EC000
heap
page read and write
69CD000
heap
page read and write
2391000
direct allocation
page read and write
69CC000
heap
page read and write
6063000
trusted library allocation
page read and write
69D1000
heap
page read and write
77B000
heap
page read and write
5EE2000
trusted library allocation
page read and write
74E000
heap
page read and write
69D0000
heap
page read and write
5F40000
trusted library allocation
page read and write
6968000
heap
page read and write
69F0000
heap
page read and write
69EF000
heap
page read and write
826000
heap
page read and write
643E000
trusted library allocation
page read and write
69E6000
heap
page read and write
69EA000
heap
page read and write
69D1000
heap
page read and write
698A000
heap
page read and write
5D20000
heap
page read and write
63E0000
trusted library allocation
page read and write
697F000
heap
page read and write
27C2000
direct allocation
page read and write
4850000
heap
page read and write
4F32000
trusted library allocation
page read and write
27FE000
direct allocation
page read and write
DD6000
heap
page read and write
69E6000
heap
page read and write
69D1000
heap
page read and write
69E7000
heap
page read and write
441000
unkown
page readonly
69D1000
heap
page read and write
69CF000
heap
page read and write
69E8000
heap
page read and write
23E1000
direct allocation
page read and write
6968000
heap
page read and write
7DA000
heap
page read and write
69C1000
heap
page read and write
7A4000
heap
page read and write
35CE000
direct allocation
page read and write
4E01000
heap
page read and write
69ED000
heap
page read and write
23C4000
direct allocation
page read and write
923000
heap
page read and write
69D1000
heap
page read and write
4F22000
trusted library allocation
page read and write
5F50000
trusted library allocation
page read and write
6996000
heap
page read and write
5E8A000
trusted library allocation
page read and write
69EF000
heap
page read and write
6730000
trusted library allocation
page read and write
27C9000
direct allocation
page read and write
6848000
trusted library allocation
page read and write
697C000
heap
page read and write
6970000
heap
page read and write
6988000
heap
page read and write
4F23000
trusted library allocation
page read and write
69D0000
heap
page read and write
6994000
heap
page read and write
530000
heap
page read and write
688E000
trusted library allocation
page read and write
684B000
trusted library allocation
page read and write
23E8000
direct allocation
page read and write
6840000
trusted library allocation
page read and write
6889000
trusted library allocation
page read and write
69D5000
heap
page read and write
63E4000
trusted library allocation
page read and write
3B3E000
stack
page read and write
6968000
heap
page read and write
697E000
heap
page read and write
59E000
stack
page read and write
79D000
heap
page read and write
69F0000
heap
page read and write
710000
heap
page read and write
283E000
direct allocation
page read and write
673C000
trusted library allocation
page read and write
69CC000
heap
page read and write
69D5000
heap
page read and write
400000
unkown
page readonly
4B8F000
direct allocation
page read and write
69EF000
heap
page read and write
69D0000
heap
page read and write
698A000
heap
page read and write
70E000
stack
page read and write
2A95000
heap
page read and write
728000
heap
page read and write
C6F000
stack
page read and write
69CF000
heap
page read and write
CD6000
direct allocation
page read and write
B0F000
stack
page read and write
25B3000
heap
page read and write
69CD000
heap
page read and write
618E000
direct allocation
page read and write
6968000
heap
page read and write
69CE000
heap
page read and write
280C000
direct allocation
page read and write
69D1000
heap
page read and write
6780000
trusted library allocation
page read and write
5F42000
trusted library allocation
page read and write
5ECB000
trusted library allocation
page read and write
E3E000
stack
page read and write
8FF000
stack
page read and write
697C000
heap
page read and write
69E6000
heap
page read and write
23E5000
direct allocation
page read and write
4F20000
trusted library allocation
page read and write
710000
heap
page read and write
69E8000
heap
page read and write
4E04000
heap
page read and write
6931000
heap
page read and write
697E000
heap
page read and write
6968000
heap
page read and write
6996000
heap
page read and write
69CE000
heap
page read and write
69E7000
heap
page read and write
241F000
direct allocation
page read and write
242D000
direct allocation
page read and write
698A000
heap
page read and write
281B000
direct allocation
page read and write
7D5000
heap
page read and write
2847000
direct allocation
page read and write
69D6000
heap
page read and write
5DE000
stack
page read and write
63E0000
trusted library allocation
page read and write
69EF000
heap
page read and write
50C0000
trusted library allocation
page read and write
280B000
direct allocation
page read and write
6998000
heap
page read and write
4B91000
direct allocation
page read and write
CB2000
direct allocation
page read and write
241F000
direct allocation
page read and write
7DB000
heap
page read and write
74A000
heap
page read and write
5C9F000
stack
page read and write
698A000
heap
page read and write
6DC8000
trusted library allocation
page read and write
3551000
direct allocation
page read and write
751000
heap
page read and write
4F23000
trusted library allocation
page read and write
697F000
heap
page read and write
5D9D000
stack
page read and write
69CD000
heap
page read and write
698A000
heap
page read and write
6486000
trusted library allocation
page read and write
5C20000
trusted library allocation
page read and write
35EC000
direct allocation
page read and write
5E8D000
trusted library allocation
page read and write
4F20000
trusted library allocation
page read and write
4B8D000
direct allocation
page read and write
6940000
heap
page read and write
5EE0000
trusted library allocation
page read and write
373E000
heap
page read and write
69D0000
heap
page read and write
F3F000
stack
page read and write
419000
unkown
page write copy
418000
unkown
page read and write
69CD000
heap
page read and write
6996000
heap
page read and write
3350000
heap
page read and write
6947000
heap
page read and write
3700000
heap
page read and write
69D0000
heap
page read and write
69D0000
heap
page read and write
6037000
trusted library allocation
page read and write
4BF0000
direct allocation
page read and write
4F24000
trusted library allocation
page read and write
5E8E000
trusted library allocation
page read and write
D68000
direct allocation
page read and write
2819000
direct allocation
page read and write
69ED000
heap
page read and write
70C000
heap
page read and write
69EE000
heap
page read and write
69CF000
heap
page read and write
643D000
trusted library allocation
page read and write
69CE000
heap
page read and write
5CF0000
trusted library allocation
page read and write
3702000
heap
page read and write
69EC000
heap
page read and write
790000
heap
page read and write
6996000
heap
page read and write
6956000
heap
page read and write
5E89000
trusted library allocation
page read and write
242F000
direct allocation
page read and write
91A000
heap
page read and write
69CF000
heap
page read and write
400000
unkown
page readonly
69CC000
heap
page read and write
6950000
heap
page read and write
7D5000
heap
page read and write
69D6000
heap
page read and write
698A000
heap
page read and write
69CE000
heap
page read and write
69CD000
heap
page read and write
93E000
stack
page read and write
69D8000
heap
page read and write
7B5000
heap
page read and write
3340000
direct allocation
page read and write
6A48000
heap
page read and write
69EA000
heap
page read and write
4B53000
direct allocation
page read and write
60AE000
stack
page read and write
6968000
heap
page read and write
D44000
direct allocation
page read and write
832000
heap
page read and write
CDD000
direct allocation
page read and write
69E9000
heap
page read and write
412000
unkown
page read and write
23BD000
direct allocation
page read and write
5FF9000
trusted library allocation
page read and write
79F000
heap
page read and write
69EB000
heap
page read and write
6996000
heap
page read and write
6840000
trusted library allocation
page read and write
B2F000
stack
page read and write
5E20000
trusted library allocation
page read and write
69E5000
heap
page read and write
97E000
heap
page read and write
69D5000
heap
page read and write
4B97000
direct allocation
page read and write
D59000
direct allocation
page read and write
69EE000
heap
page read and write
34F0000
unkown
page read and write
69D7000
heap
page read and write
4BB9000
direct allocation
page read and write
69D1000
heap
page read and write
69F0000
heap
page read and write
69EF000
heap
page read and write
244A000
direct allocation
page read and write
698A000
heap
page read and write
69D8000
heap
page read and write
19C000
stack
page read and write
2660000
heap
page read and write
3500000
direct allocation
page read and write
69E7000
heap
page read and write
506000
unkown
page read and write
69CF000
heap
page read and write
412000
unkown
page read and write
69D0000
heap
page read and write
69E9000
heap
page read and write
69CD000
heap
page read and write
697C000
heap
page read and write
69E6000
heap
page read and write
4E04000
heap
page read and write
5FB000
unkown
page execute and read and write
69F0000
heap
page read and write
82A000
heap
page read and write
69EF000
heap
page read and write
4B3F000
direct allocation
page read and write
698A000
heap
page read and write
5F58000
trusted library allocation
page read and write
D19000
direct allocation
page read and write
7B2000
heap
page read and write
69EA000
heap
page read and write
5F52000
trusted library allocation
page read and write
4E3A000
heap
page read and write
6946000
heap
page read and write
6779000
trusted library allocation
page read and write
69EB000
heap
page read and write
5EE2000
trusted library allocation
page read and write
6847000
trusted library allocation
page read and write
69D4000
heap
page read and write
6120000
trusted library allocation
page read and write
5E20000
trusted library allocation
page read and write
2426000
direct allocation
page read and write
69CE000
heap
page read and write
6994000
heap
page read and write
69AA000
heap
page read and write
694D000
heap
page read and write
5F40000
trusted library allocation
page read and write
698A000
heap
page read and write
4B81000
direct allocation
page read and write
736000
heap
page read and write
677C000
trusted library allocation
page read and write
5EE0000
trusted library allocation
page read and write
697C000
heap
page read and write
69CC000
heap
page read and write
69E7000
heap
page read and write
3579000
direct allocation
page read and write
2368000
direct allocation
page read and write
69D7000
heap
page read and write
4B47000
direct allocation
page read and write
2436000
direct allocation
page read and write
69EB000
heap
page read and write
698A000
heap
page read and write
D6F000
direct allocation
page read and write
3781000
heap
page read and write
69CD000
heap
page read and write
4E0000
heap
page read and write
358E000
direct allocation
page read and write
6977000
heap
page read and write
96B000
heap
page read and write
69D8000
heap
page read and write
6851000
trusted library allocation
page read and write
69E8000
heap
page read and write
6A48000
heap
page read and write
69D8000
heap
page read and write
7B7000
heap
page read and write
69ED000
heap
page read and write
2399000
direct allocation
page read and write
50D000
unkown
page write copy
698A000
heap
page read and write
6973000
heap
page read and write
6996000
heap
page read and write
69D1000
heap
page read and write
714000
heap
page read and write
69CF000
heap
page read and write
69E9000
heap
page read and write
3300000
heap
page read and write
CDD000
direct allocation
page read and write
69D7000
heap
page read and write
69E8000
heap
page read and write
35B1000
direct allocation
page read and write
832000
heap
page read and write
69D4000
heap
page read and write
DB6000
heap
page read and write
69E9000
heap
page read and write
688A000
trusted library allocation
page read and write
D4B000
direct allocation
page read and write
69E7000
heap
page read and write
34DC000
stack
page read and write
698A000
heap
page read and write
6968000
heap
page read and write
23D2000
direct allocation
page read and write
4AE000
stack
page read and write
6968000
heap
page read and write
698A000
heap
page read and write
6968000
heap
page read and write
69D5000
heap
page read and write
69EA000
heap
page read and write
F8E000
heap
page read and write
39FC000
stack
page read and write
5FF8000
trusted library allocation
page read and write
69D1000
heap
page read and write
7DB000
heap
page read and write
69CD000
heap
page read and write
6996000
heap
page read and write
5CD000
unkown
page execute and read and write
D9A000
direct allocation
page read and write
502000
unkown
page read and write
6A48000
heap
page read and write
7AC000
heap
page read and write
4F20000
trusted library allocation
page read and write
5D02000
trusted library allocation
page read and write
27DA000
direct allocation
page read and write
694A000
heap
page read and write
69EE000
heap
page read and write
69CE000
heap
page read and write
401000
unkown
page execute and read and write
69CF000
heap
page read and write
5EE3000
trusted library allocation
page read and write
2434000
direct allocation
page read and write
69E9000
heap
page read and write
7DD000
heap
page read and write
696C000
heap
page read and write
27D1000
direct allocation
page read and write
69EE000
heap
page read and write
964000
heap
page read and write
69CD000
heap
page read and write
69F0000
heap
page read and write
C70000
direct allocation
page read and write
6975000
heap
page read and write
963000
heap
page read and write
6957000
heap
page read and write
6A48000
heap
page read and write
5EE0000
trusted library allocation
page read and write
69EE000
heap
page read and write
69D1000
heap
page read and write
6052000
trusted library allocation
page read and write
69E8000
heap
page read and write
69E9000
heap
page read and write
69D1000
heap
page read and write
B6E000
stack
page read and write
799000
heap
page read and write
69D1000
heap
page read and write
5F40000
trusted library allocation
page read and write
69CD000
heap
page read and write
6968000
heap
page read and write
4F20000
trusted library allocation
page read and write
69EC000
heap
page read and write
400000
unkown
page readonly
4F23000
trusted library allocation
page read and write
4BA1000
direct allocation
page read and write
69F0000
heap
page read and write
4E0F000
heap
page read and write
4E04000
heap
page read and write
69B8000
heap
page read and write
23BC000
direct allocation
page read and write
5CF000
unkown
page execute and read and write
4B99000
direct allocation
page read and write
CB9000
direct allocation
page read and write
69D0000
heap
page read and write
4B0000
heap
page read and write
69D0000
heap
page read and write
35D0000
direct allocation
page read and write
69E6000
heap
page read and write
6730000
trusted library allocation
page read and write
6039000
trusted library allocation
page read and write
5EE3000
trusted library allocation
page read and write
6996000
heap
page read and write
69CF000
heap
page read and write
6968000
heap
page read and write
69CF000
heap
page read and write
6968000
heap
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
69EC000
heap
page read and write
373A000
heap
page read and write
23CB000
direct allocation
page read and write
25B0000
heap
page read and write
D13000
direct allocation
page read and write
23BD000
direct allocation
page read and write
698A000
heap
page read and write
429F000
stack
page read and write
697F000
heap
page read and write
6439000
trusted library allocation
page read and write
69D0000
heap
page read and write
5EE3000
trusted library allocation
page read and write
23B0000
direct allocation
page read and write
724000
heap
page read and write
647E000
trusted library allocation
page read and write
23D3000
direct allocation
page read and write
603E000
trusted library allocation
page read and write
83A000
unkown
page readonly
69D1000
heap
page read and write
4BC9000
direct allocation
page read and write
5C9000
unkown
page execute and read and write
4F20000
trusted library allocation
page read and write
6840000
trusted library allocation
page read and write
5D01000
trusted library allocation
page read and write
5FF5000
trusted library allocation
page read and write
5E22000
trusted library allocation
page read and write
5E6B000
trusted library allocation
page read and write
43C000
unkown
page readonly
4F00000
trusted library allocation
page read and write
6438000
trusted library allocation
page read and write
80E000
heap
page read and write
2830000
direct allocation
page read and write
244A000
direct allocation
page read and write
69CF000
heap
page read and write
688B000
trusted library allocation
page read and write
699F000
heap
page read and write
6996000
heap
page read and write
4BAB000
direct allocation
page read and write
69CD000
heap
page read and write
4BAD000
direct allocation
page read and write
69CF000
heap
page read and write
6A48000
heap
page read and write
27B2000
direct allocation
page read and write
5E80000
trusted library allocation
page read and write
429F000
stack
page read and write
CFD000
stack
page read and write
69EA000
heap
page read and write
69CE000
heap
page read and write
5C20000
trusted library allocation
page read and write
69ED000
heap
page read and write
2381000
direct allocation
page read and write
2830000
direct allocation
page read and write
6737000
trusted library allocation
page read and write
7FF000
stack
page read and write
752000
heap
page read and write
69CF000
heap
page read and write
400000
unkown
page readonly
23FB000
direct allocation
page read and write
6973000
heap
page read and write
DB0000
heap
page read and write
69D9000
heap
page read and write
6996000
heap
page read and write
2418000
direct allocation
page read and write
69B4000
heap
page read and write
83A000
heap
page read and write
358E000
direct allocation
page read and write
69CD000
heap
page read and write
23B5000
direct allocation
page read and write
4F00000
trusted library allocation
page read and write
69D7000
heap
page read and write
5EDE000
trusted library allocation
page read and write
69EB000
heap
page read and write
69D1000
heap
page read and write
69D1000
heap
page read and write
69CE000
heap
page read and write
69D1000
heap
page read and write
69EA000
heap
page read and write
2820000
direct allocation
page read and write
5E20000
trusted library allocation
page read and write
69CF000
heap
page read and write
5E23000
trusted library allocation
page read and write
69E8000
heap
page read and write
69D3000
heap
page read and write
5D02000
trusted library allocation
page read and write
2B40000
trusted library allocation
page read and write
698A000
heap
page read and write
69D5000
heap
page read and write
6062000
trusted library allocation
page read and write
63F1000
trusted library allocation
page read and write
6478000
trusted library allocation
page read and write
6050000
trusted library allocation
page read and write
2530000
direct allocation
page read and write
69F0000
heap
page read and write
69D0000
heap
page read and write
4E32000
heap
page read and write
698A000
heap
page read and write
49E000
stack
page read and write
7B3000
heap
page read and write
616000
heap
page read and write
3540000
direct allocation
page read and write
69E7000
heap
page read and write
820000
heap
page read and write
6890000
trusted library allocation
page read and write
697C000
heap
page read and write
4BE5000
direct allocation
page read and write
6487000
trusted library allocation
page read and write
6A30000
heap
page read and write
6A48000
heap
page read and write
6968000
heap
page read and write
69EC000
heap
page read and write
70F000
heap
page read and write
6968000
heap
page read and write
82F000
heap
page read and write
69CF000
heap
page read and write
4750000
heap
page read and write
3703000
heap
page read and write
7E9000
unkown
page read and write
4E18000
heap
page read and write
7D4000
heap
page read and write
5FFF000
trusted library allocation
page read and write
713000
heap
page read and write
35C7000
direct allocation
page read and write
A3F000
stack
page read and write
69CE000
heap
page read and write
69B4000
heap
page read and write
A0E000
stack
page read and write
5E20000
trusted library allocation
page read and write
734000
heap
page read and write
4BD8000
direct allocation
page read and write
69D0000
heap
page read and write
D7D000
direct allocation
page read and write
6970000
heap
page read and write
69CD000
heap
page read and write
50A000
unkown
page read and write
6996000
heap
page read and write
5F40000
trusted library allocation
page read and write
6969000
heap
page read and write
6968000
heap
page read and write
69CF000
heap
page read and write
346E000
stack
page read and write
4E3A000
heap
page read and write
11BE000
stack
page read and write
5CF4000
trusted library allocation
page read and write
6489000
trusted library allocation
page read and write
6977000
heap
page read and write
69BB000
heap
page read and write
69D4000
heap
page read and write
838000
heap
page read and write
830000
heap
page read and write
19A000
stack
page read and write
69ED000
heap
page read and write
2530000
direct allocation
page read and write
69D8000
heap
page read and write
6A48000
heap
page read and write
2837000
direct allocation
page read and write
6998000
heap
page read and write
2803000
direct allocation
page read and write
2443000
direct allocation
page read and write
69CE000
heap
page read and write
1A296AF5000
heap
page read and write
D44000
direct allocation
page read and write
69E8000
heap
page read and write
23D8000
direct allocation
page read and write
69CE000
heap
page read and write
35E5000
direct allocation
page read and write
2409000
direct allocation
page read and write
698A000
heap
page read and write
69D9000
heap
page read and write
69F0000
heap
page read and write
6996000
heap
page read and write
69E9000
heap
page read and write
4BA3000
direct allocation
page read and write
6A48000
heap
page read and write
35A5000
direct allocation
page read and write
698A000
heap
page read and write
6935000
heap
page read and write
6940000
heap
page read and write
69EB000
heap
page read and write
27F7000
direct allocation
page read and write
69CE000
heap
page read and write
6E8000
heap
page read and write
5ECB000
trusted library allocation
page read and write
50C1000
trusted library allocation
page read and write
698A000
heap
page read and write
69CE000
heap
page read and write
69EC000
heap
page read and write
69E8000
heap
page read and write
199000
stack
page read and write
684F000
trusted library allocation
page read and write
69CF000
heap
page read and write
5CF3000
trusted library allocation
page read and write
4BF0000
direct allocation
page read and write
69E6000
heap
page read and write
69CF000
heap
page read and write
696E000
heap
page read and write
3458000
direct allocation
page read and write
5FC0000
trusted library allocation
page read and write
7E0000
heap
page read and write
69E9000
heap
page read and write
99D000
stack
page read and write
69EC000
heap
page read and write
696C000
heap
page read and write
69CD000
heap
page read and write
4E04000
heap
page read and write
6996000
heap
page read and write
697C000
heap
page read and write
6953000
heap
page read and write
69D2000
heap
page read and write
698A000
heap
page read and write
717000
heap
page read and write
5EF3000
trusted library allocation
page read and write
5EF2000
trusted library allocation
page read and write
69F0000
heap
page read and write
6998000
heap
page read and write
63F1000
trusted library allocation
page read and write
6996000
heap
page read and write
757000
heap
page read and write
94C000
heap
page read and write
4F20000
trusted library allocation
page read and write
502000
unkown
page write copy
3610000
direct allocation
page read and write
7D7000
heap
page read and write
69EA000
heap
page read and write
732000
heap
page read and write
282B0BC000
stack
page read and write
688C000
trusted library allocation
page read and write
5C20000
trusted library allocation
page read and write
7CD000
heap
page read and write
69D0000
heap
page read and write
69F1000
heap
page read and write
69ED000
heap
page read and write
5CA0000
trusted library allocation
page read and write
5CF0000
trusted library allocation
page read and write
677C000
trusted library allocation
page read and write
3620000
direct allocation
page read and write
6968000
heap
page read and write
69EC000
heap
page read and write
69D5000
heap
page read and write
5F40000
trusted library allocation
page read and write
69D0000
heap
page read and write
6968000
heap
page read and write
69E5000
heap
page read and write
7AF000
heap
page read and write
6A48000
heap
page read and write
6998000
heap
page read and write
69D9000
heap
page read and write
69CD000
heap
page read and write
4E04000
heap
page read and write
99000
stack
page read and write
5E80000
trusted library allocation
page read and write
5EF1000
trusted library allocation
page read and write
2540000
heap
page read and write
698A000
heap
page read and write
6063000
trusted library allocation
page read and write
69D0000
heap
page read and write
686A000
trusted library allocation
page read and write
4F20000
trusted library allocation
page read and write
69BC000
heap
page read and write
677E000
trusted library allocation
page read and write
6A48000
heap
page read and write
822000
heap
page read and write
6968000
heap
page read and write
69D9000
heap
page read and write
749000
heap
page read and write
69E9000
heap
page read and write
801000
heap
page read and write
69CD000
heap
page read and write
69D7000
heap
page read and write
698A000
heap
page read and write
4B9F000
direct allocation
page read and write
6036000
trusted library allocation
page read and write
69D0000
heap
page read and write
35C2000
direct allocation
page read and write
C74000
direct allocation
page read and write
4E04000
heap
page read and write
50C0000
trusted library allocation
page read and write
844000
heap
page read and write
6994000
heap
page read and write
90F000
stack
page read and write
6936000
heap
page read and write
6953000
heap
page read and write
698A000
heap
page read and write
6996000
heap
page read and write
846000
heap
page read and write
69C1000
heap
page read and write
69E8000
heap
page read and write
69ED000
heap
page read and write
5F0000
unkown
page execute and read and write
9B000
stack
page read and write
69E6000
heap
page read and write
6968000
heap
page read and write
6994000
heap
page read and write
2319000
heap
page read and write
69D1000
heap
page read and write
69CE000
heap
page read and write
5F52000
trusted library allocation
page read and write
69E5000
heap
page read and write
69CD000
heap
page read and write
550000
heap
page read and write
2A60000
heap
page read and write
3542000
direct allocation
page read and write
69CF000
heap
page read and write
26A0000
direct allocation
page execute and read and write
69D4000
heap
page read and write
5F0000
heap
page read and write
69D0000
heap
page read and write
6968000
heap
page read and write
6968000
heap
page read and write
2320000
direct allocation
page read and write
6968000
heap
page read and write
401000
unkown
page execute read
786000
heap
page read and write
673A000
trusted library allocation
page read and write
4F00000
trusted library allocation
page read and write
69CD000
heap
page read and write
2A90000
heap
page read and write
5F05000
trusted library allocation
page read and write
69D0000
heap
page read and write
69D0000
heap
page read and write
69D9000
heap
page read and write
27D2000
direct allocation
page read and write
2300000
heap
page read and write
69D0000
heap
page read and write
698A000
heap
page read and write
69CF000
heap
page read and write
69D4000
heap
page read and write
6841000
trusted library allocation
page read and write
69D9000
heap
page read and write
6994000
heap
page read and write
919000
heap
page read and write
69B4000
heap
page read and write
4B9D000
direct allocation
page read and write
5FF5000
trusted library allocation
page read and write
6996000
heap
page read and write
23B6000
direct allocation
page read and write
6968000
heap
page read and write
342E000
direct allocation
page read and write
69B8000
heap
page read and write
69D1000
heap
page read and write
537000
heap
page read and write
6A48000
heap
page read and write
5ECA000
trusted library allocation
page read and write
7A9000
heap
page read and write
69E5000
heap
page read and write
6943000
heap
page read and write
658000
unkown
page execute and read and write
69D4000
heap
page read and write
776000
heap
page read and write
6970000
heap
page read and write
4BDF000
direct allocation
page read and write
698A000
heap
page read and write
696E000
heap
page read and write
69CD000
heap
page read and write
69E9000
heap
page read and write
83F000
heap
page read and write
672E000
stack
page read and write
2690000
heap
page read and write
5CF0000
trusted library allocation
page read and write
3580000
direct allocation
page read and write
7CD000
heap
page read and write
69E4000
heap
page read and write
5FC8000
trusted library allocation
page read and write
4B28000
direct allocation
page read and write
2AF0000
trusted library allocation
page read and write
27E1000
direct allocation
page read and write
5B5C000
heap
page read and write
6970000
heap
page read and write
6A31000
heap
page read and write
69CD000
heap
page read and write
243C000
direct allocation
page read and write
647A000
trusted library allocation
page read and write
69CE000
heap
page read and write
5E29000
trusted library allocation
page read and write
69D0000
heap
page read and write
69D8000
heap
page read and write
698A000
heap
page read and write
65C000
unkown
page write copy
4F20000
trusted library allocation
page read and write
6994000
heap
page read and write
5FF1000
trusted library allocation
page read and write
6427000
trusted library allocation
page read and write
27D8000
direct allocation
page read and write
4E05000
heap
page read and write
6996000
heap
page read and write
6968000
heap
page read and write
60A0000
direct allocation
page read and write
69CE000
heap
page read and write
69EF000
heap
page read and write
6968000
heap
page read and write
2480000
heap
page read and write
69D0000
heap
page read and write
5EE3000
trusted library allocation
page read and write
4920000
trusted library allocation
page read and write
6968000
heap
page read and write
758000
heap
page read and write
7F0000
heap
page read and write
6998000
heap
page read and write
69BE000
heap
page read and write
69E5000
heap
page read and write
6994000
heap
page read and write
6996000
heap
page read and write
6973000
heap
page read and write
5E2A000
trusted library allocation
page read and write
812000
heap
page read and write
7D4000
heap
page read and write
6430000
trusted library allocation
page read and write
97000
stack
page read and write
69CE000
heap
page read and write
767000
heap
page read and write
6730000
trusted library allocation
page read and write
69F0000
heap
page read and write
387F000
stack
page read and write
69E5000
heap
page read and write
24F0000
direct allocation
page read and write
6934000
heap
page read and write
69CC000
heap
page read and write
4B9B000
direct allocation
page read and write
5E32000
trusted library allocation
page read and write
69E9000
heap
page read and write
6038000
trusted library allocation
page read and write
DC0000
heap
page read and write
69EA000
heap
page read and write
6996000
heap
page read and write
696C000
heap
page read and write
69B4000
heap
page read and write
DE0000
heap
page read and write
5E20000
trusted library allocation
page read and write
69EC000
heap
page read and write
27E7000
direct allocation
page read and write
5CF2000
trusted library allocation
page read and write
5ECD000
trusted library allocation
page read and write
643B000
trusted library allocation
page read and write
69BC000
heap
page read and write
69E9000
heap
page read and write
4B99000
direct allocation
page read and write
6978000
heap
page read and write
5F43000
trusted library allocation
page read and write
69E7000
heap
page read and write
404E000
stack
page read and write
4E3A000
heap
page read and write
69EE000
heap
page read and write
70A000
heap
page read and write
4E40000
heap
page read and write
960000
heap
page read and write
6994000
heap
page read and write
6477000
trusted library allocation
page read and write
69D0000
heap
page read and write
696C000
heap
page read and write
D8C000
direct allocation
page read and write
69CC000
heap
page read and write
4F0000
heap
page read and write
69A7000
heap
page read and write
5F53000
trusted library allocation
page read and write
69CF000
heap
page read and write
6001000
trusted library allocation
page read and write
69F0000
heap
page read and write
935000
heap
page read and write
69A3000
heap
page read and write
6977000
heap
page read and write
780000
heap
page read and write
697B000
heap
page read and write
644E000
trusted library allocation
page read and write
69E8000
heap
page read and write
2429000
direct allocation
page read and write
7BF000
heap
page read and write
6121000
trusted library allocation
page read and write
69CF000
heap
page read and write
6970000
heap
page read and write
F80000
heap
page read and write
6968000
heap
page read and write
69EF000
heap
page read and write
7EB000
heap
page read and write
7AF000
heap
page read and write
684A000
trusted library allocation
page read and write
69DA000
heap
page read and write
3700000
heap
page read and write
69CD000
heap
page read and write
69A9000
heap
page read and write
69CD000
heap
page read and write
69CC000
heap
page read and write
7BB000
heap
page read and write
61EC000
stack
page read and write
6968000
heap
page read and write
23EC000
direct allocation
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
69CD000
heap
page read and write
69E5000
heap
page read and write
451000
unkown
page execute read
63F2000
trusted library allocation
page read and write
6BE000
stack
page read and write
69E9000
heap
page read and write
4E07000
heap
page read and write
69D9000
heap
page read and write
6C5F000
trusted library allocation
page read and write
5E80000
trusted library allocation
page read and write
697C000
heap
page read and write
69E6000
heap
page read and write
3790000
heap
page read and write
95E000
heap
page read and write
4F20000
trusted library allocation
page read and write
5FF0000
trusted library allocation
page read and write
69CD000
heap
page read and write
27CA000
direct allocation
page read and write
69BF000
heap
page read and write
34DE000
stack
page read and write
7DA000
heap
page read and write
758000
heap
page read and write
6025000
trusted library allocation
page read and write
5CF3000
trusted library allocation
page read and write
6968000
heap
page read and write
69D1000
heap
page read and write
93000
stack
page read and write
69D1000
heap
page read and write
69EF000
heap
page read and write
23DD000
direct allocation
page read and write
4E00000
heap
page read and write
69D2000
heap
page read and write
69D1000
heap
page read and write
6973000
heap
page read and write
12BF000
stack
page read and write
69E9000
heap
page read and write
69BF000
heap
page read and write
C90000
direct allocation
page read and write
69EC000
heap
page read and write
79E000
heap
page read and write
CCD000
direct allocation
page read and write
620000
heap
page read and write
27F5000
direct allocation
page read and write
419E000
stack
page read and write
5F43000
trusted library allocation
page read and write
6996000
heap
page read and write
6840000
trusted library allocation
page read and write
69E6000
heap
page read and write
69E5000
heap
page read and write
6968000
heap
page read and write
363F000
direct allocation
page read and write
6869000
trusted library allocation
page read and write
7E0000
heap
page read and write
284E000
direct allocation
page read and write
7FF000
stack
page read and write
603C000
trusted library allocation
page read and write
69D8000
heap
page read and write
69EF000
heap
page read and write
5CF0000
trusted library allocation
page read and write
4F32000
trusted library allocation
page read and write
A3F000
stack
page read and write
760000
heap
page read and write
69D5000
heap
page read and write
6968000
heap
page read and write
7DA000
heap
page read and write
4E17000
heap
page read and write
69ED000
heap
page read and write
642F000
stack
page read and write
69CE000
heap
page read and write
6968000
heap
page read and write
D52000
direct allocation
page read and write
69CE000
heap
page read and write
69CF000
heap
page read and write
7B4000
heap
page read and write
69E5000
heap
page read and write
718000
heap
page read and write
6430000
trusted library allocation
page read and write
5F40000
trusted library allocation
page read and write
6968000
heap
page read and write
69E6000
heap
page read and write
69E8000
heap
page read and write
5F6000
heap
page read and write
6430000
trusted library allocation
page read and write
6973000
heap
page read and write
5FD3000
trusted library allocation
page read and write
4BA5000
direct allocation
page read and write
765000
heap
page read and write
7FE3F000
direct allocation
page read and write
4E1C000
heap
page read and write
69BB000
heap
page read and write
69CD000
heap
page read and write
698A000
heap
page read and write
6946000
heap
page read and write
69E6000
heap
page read and write
7A6000
heap
page read and write
69EB000
heap
page read and write
7B2000
heap
page read and write
6957000
heap
page read and write
69ED000
heap
page read and write
69ED000
heap
page read and write
9B000
stack
page read and write
69EB000
heap
page read and write
2813000
direct allocation
page read and write
705000
heap
page read and write
69D9000
heap
page read and write
4BC0000
direct allocation
page read and write
713000
heap
page read and write
684C000
trusted library allocation
page read and write
6968000
heap
page read and write
69B4000
heap
page read and write
50A000
heap
page read and write
69EE000
heap
page read and write
61AF000
stack
page read and write
38BE000
stack
page read and write
69CC000
heap
page read and write
699C000
heap
page read and write
830000
heap
page read and write
69D0000
heap
page read and write
6976000
trusted library allocation
page read and write
732000
heap
page read and write
69EA000
heap
page read and write
69CD000
heap
page read and write
696B000
heap
page read and write
5FFE000
trusted library allocation
page read and write
69E8000
heap
page read and write
69D9000
heap
page read and write
6E0000
heap
page read and write
5E2E000
trusted library allocation
page read and write
23C4000
direct allocation
page read and write
69D7000
heap
page read and write
35DE000
direct allocation
page read and write
69E6000
heap
page read and write
35F4000
direct allocation
page read and write
773000
heap
page read and write
A2F000
stack
page read and write
69EB000
heap
page read and write
69D5000
heap
page read and write
69BB000
heap
page read and write
670000
heap
page read and write
93E000
stack
page read and write
69D1000
heap
page read and write
C70000
direct allocation
page read and write
69D0000
heap
page read and write
6968000
heap
page read and write
5E6E000
trusted library allocation
page read and write
5EE0000
trusted library allocation
page read and write
69E6000
heap
page read and write
69ED000
heap
page read and write
4E3A000
heap
page read and write
698A000
heap
page read and write
69CC000
heap
page read and write
69D6000
heap
page read and write
68FA000
trusted library allocation
page read and write
6940000
heap
page read and write
69A0000
heap
page read and write
6968000
heap
page read and write
770000
direct allocation
page execute and read and write
69D6000
heap
page read and write
CE8000
direct allocation
page read and write
CE8000
direct allocation
page read and write
69D7000
heap
page read and write
3602000
direct allocation
page read and write
4F20000
trusted library allocation
page read and write
550000
heap
page read and write
681A000
heap
page read and write
69CF000
heap
page read and write
7DA000
heap
page read and write
6998000
heap
page read and write
5B21000
heap
page read and write
6986000
heap
page read and write
6A48000
heap
page read and write
697B000
heap
page read and write
CB1000
direct allocation
page read and write
3780000
heap
page read and write
962000
heap
page read and write
69CE000
heap
page read and write
6430000
trusted library allocation
page read and write
DB8000
heap
page read and write
6968000
heap
page read and write
5FF0000
trusted library allocation
page read and write
6995000
heap
page read and write
2426000
direct allocation
page read and write
69CD000
heap
page read and write
69EA000
heap
page read and write
D3C000
direct allocation
page read and write
282B47F000
stack
page read and write
D27000
direct allocation
page read and write
69D0000
heap
page read and write
2663000
direct allocation
page read and write
69ED000
heap
page read and write
450000
unkown
page readonly
69CC000
heap
page read and write
69D6000
heap
page read and write
69D0000
heap
page read and write
5EE2000
trusted library allocation
page read and write
69CD000
heap
page read and write
5F52000
trusted library allocation
page read and write
5E32000
trusted library allocation
page read and write
7F4000
unkown
page readonly
69D8000
heap
page read and write
69D1000
heap
page read and write
69D1000
heap
page read and write
419E000
stack
page read and write
69E6000
heap
page read and write
117F000
stack
page read and write
6050000
trusted library allocation
page read and write
750000
heap
page read and write
B7E000
stack
page read and write
69BB000
heap
page read and write
6430000
trusted library allocation
page read and write
69D0000
heap
page read and write
69D1000
heap
page read and write
69CF000
heap
page read and write
3AFD000
stack
page read and write
6968000
heap
page read and write
6062000
trusted library allocation
page read and write
69EB000
heap
page read and write
23FB000
direct allocation
page read and write
69F0000
heap
page read and write
5EE0000
trusted library allocation
page read and write
CC6000
direct allocation
page read and write
78C000
heap
page read and write
5E22000
trusted library allocation
page read and write
792000
heap
page read and write
7E2000
heap
page read and write
698A000
heap
page read and write
69EA000
heap
page read and write
69D0000
heap
page read and write
752000
heap
page read and write
69D0000
heap
page read and write
698A000
heap
page read and write
617000
heap
page read and write
6968000
heap
page read and write
733000
heap
page read and write
6998000
heap
page read and write
69EF000
heap
page read and write
6994000
heap
page read and write
69E6000
heap
page read and write
3590000
direct allocation
page read and write
68E1000
trusted library allocation
page read and write
6A48000
heap
page read and write
69CF000
heap
page read and write
72E000
stack
page read and write
69E5000
heap
page read and write
CA1000
direct allocation
page read and write
6053000
trusted library allocation
page read and write
4B8B000
direct allocation
page read and write
695F000
heap
page read and write
697C000
heap
page read and write
4786000
heap
page read and write
CCD000
direct allocation
page read and write
69EB000
heap
page read and write
6054000
trusted library allocation
page read and write
70A000
heap
page read and write
619B000
direct allocation
page read and write
84C000
heap
page read and write
41C000
unkown
page readonly
69A7000
heap
page read and write
2451000
direct allocation
page read and write
6694000
direct allocation
page read and write
69D0000
heap
page read and write
7CC000
unkown
page write copy
4E18000
heap
page read and write
69E7000
heap
page read and write
243C000
direct allocation
page read and write
69EE000
heap
page read and write
59E000
stack
page read and write
6440000
trusted library allocation
page read and write
69CE000
heap
page read and write
69D6000
heap
page read and write
7C1000
heap
page read and write
70D000
heap
page read and write
84A000
heap
page read and write
5FA8000
heap
page read and write
6985000
heap
page read and write
5EE3000
trusted library allocation
page read and write
5E20000
trusted library allocation
page read and write
6956000
heap
page read and write
6062000
trusted library allocation
page read and write
697C000
heap
page read and write
6025000
trusted library allocation
page read and write
69D7000
heap
page read and write
6983000
heap
page read and write
1A296AF0000
heap
page read and write
D00000
heap
page read and write
6935000
heap
page read and write
6968000
heap
page read and write
711000
heap
page read and write
69EE000
heap
page read and write
D0B000
direct allocation
page read and write
643C000
trusted library allocation
page read and write
500000
unkown
page execute read
282B1BF000
stack
page read and write
35B9000
direct allocation
page read and write
6977000
heap
page read and write
69EB000
heap
page read and write
50D000
unkown
page read and write
4BA9000
direct allocation
page read and write
5E6B000
trusted library allocation
page read and write
69EE000
heap
page read and write
3700000
heap
page read and write
63E0000
trusted library allocation
page read and write
69CF000
heap
page read and write
5F43000
trusted library allocation
page read and write
697C000
heap
page read and write
6840000
trusted library allocation
page read and write
6968000
heap
page read and write
69CD000
heap
page read and write
603B000
trusted library allocation
page read and write
6996000
heap
page read and write
4F20000
trusted library allocation
page read and write
2837000
direct allocation
page read and write
69CC000
heap
page read and write
50C0000
trusted library allocation
page read and write
7F8000
heap
page read and write
69D2000
heap
page read and write
6A4A000
heap
page read and write
69D9000
heap
page read and write
3743000
heap
page read and write
69CF000
heap
page read and write
69CF000
heap
page read and write
DD0000
heap
page read and write
4E04000
heap
page read and write
2434000
direct allocation
page read and write
23A6000
direct allocation
page read and write
829000
heap
page read and write
4BA7000
direct allocation
page read and write
69B4000
heap
page read and write
69D0000
heap
page read and write
69CD000
heap
page read and write
69D1000
heap
page read and write
23CC000
direct allocation
page read and write
5E0000
heap
page read and write
69CD000
heap
page read and write
6968000
heap
page read and write
4F20000
trusted library allocation
page read and write
69CD000
heap
page read and write
79F000
heap
page read and write
6994000
heap
page read and write
2805000
direct allocation
page read and write
69CE000
heap
page read and write
69B3000
heap
page read and write
5FC8000
trusted library allocation
page read and write
6968000
heap
page read and write
AF0000
heap
page read and write
69D0000
heap
page read and write
4E18000
heap
page read and write
698A000
heap
page read and write
6050000
trusted library allocation
page read and write
69D2000
heap
page read and write
697F000
heap
page read and write
69CE000
heap
page read and write
69D7000
heap
page read and write
698A000
heap
page read and write
697C000
heap
page read and write
450000
heap
page read and write
69CE000
heap
page read and write
8F0000
heap
page read and write
69CD000
heap
page read and write
6996000
heap
page read and write
35FB000
direct allocation
page read and write
2389000
direct allocation
page read and write
69F0000
heap
page read and write
24A0000
heap
page read and write
69EE000
heap
page read and write
D8C000
direct allocation
page read and write
6996000
heap
page read and write
24F0000
direct allocation
page read and write
D59000
direct allocation
page read and write
5E6A000
trusted library allocation
page read and write
7D5000
heap
page read and write
7D5000
heap
page read and write
69CF000
heap
page read and write
5E21000
heap
page read and write
69E7000
heap
page read and write
478A000
heap
page read and write
69CE000
heap
page read and write
69EE000
heap
page read and write
6968000
heap
page read and write
69CE000
heap
page read and write
69CE000
heap
page read and write
7E6000
heap
page read and write
6053000
trusted library allocation
page read and write
75E000
heap
page read and write
6919000
trusted library allocation
page read and write
1A2967D0000
heap
page read and write
697C000
heap
page read and write
69EB000
heap
page read and write
4F20000
trusted library allocation
page read and write
6A48000
heap
page read and write
6968000
heap
page read and write
D2F000
direct allocation
page read and write
857000
heap
page read and write
25A0000
direct allocation
page execute and read and write
69D1000
heap
page read and write
6946000
heap
page read and write
1A296AC0000
heap
page read and write
69EA000
heap
page read and write
69D7000
heap
page read and write
69E4000
heap
page read and write
6968000
heap
page read and write
414E000
stack
page read and write
5DDE000
stack
page read and write
4B30000
direct allocation
page read and write
6730000
trusted library allocation
page read and write
4E18000
heap
page read and write
6968000
heap
page read and write
6973000
heap
page read and write
7B7000
heap
page read and write
69EF000
heap
page read and write
5E20000
trusted library allocation
page read and write
DF0000
heap
page read and write
805000
heap
page read and write
69CD000
heap
page read and write
50C0000
trusted library allocation
page read and write
242D000
direct allocation
page read and write
6970000
heap
page read and write
B2F000
stack
page read and write
69EA000
heap
page read and write
2610000
heap
page read and write
69D1000
heap
page read and write
6957000
heap
page read and write
4B9F000
direct allocation
page read and write
2489000
heap
page read and write
68D1000
trusted library allocation
page read and write
69EF000
heap
page read and write
698A000
heap
page read and write
5E33000
trusted library allocation
page read and write
69EE000
heap
page read and write
69D4000
heap
page read and write
7CD000
heap
page read and write
69E4000
heap
page read and write
51B0000
trusted library allocation
page read and write
5EE4000
trusted library allocation
page read and write
7B0000
heap
page read and write
69D5000
heap
page read and write
27FC000
direct allocation
page read and write
5FF8000
trusted library allocation
page read and write
69D9000
heap
page read and write
4B9B000
direct allocation
page read and write
91000
stack
page read and write
5B5A000
heap
page read and write
69E5000
heap
page read and write
69E5000
heap
page read and write
69D1000
heap
page read and write
6998000
heap
page read and write
69EC000
heap
page read and write
69CC000
heap
page read and write
739000
heap
page read and write
5E23000
trusted library allocation
page read and write
6889000
trusted library allocation
page read and write
69D0000
heap
page read and write
50A000
unkown
page read and write
2ADC000
stack
page read and write
CD6000
direct allocation
page read and write
6759000
trusted library allocation
page read and write
4F23000
trusted library allocation
page read and write
69CD000
heap
page read and write
23E5000
direct allocation
page read and write
69CC000
heap
page read and write
24E0000
heap
page read and write
5CF0000
trusted library allocation
page read and write
688C000
trusted library allocation
page read and write
2840000
direct allocation
page read and write
69D1000
heap
page read and write
4E17000
heap
page read and write
6984000
heap
page read and write
96B000
heap
page read and write
69CE000
heap
page read and write
69EF000
heap
page read and write
69EC000
heap
page read and write
3587000
direct allocation
page read and write
6968000
heap
page read and write
5FF0000
trusted library allocation
page read and write
4E04000
heap
page read and write
69E7000
heap
page read and write
6A48000
heap
page read and write
2829000
direct allocation
page read and write
4F24000
trusted library allocation
page read and write
19C000
stack
page read and write
5F53000
trusted library allocation
page read and write
4F00000
trusted library allocation
page read and write
647B000
trusted library allocation
page read and write
19A000
stack
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
96B000
heap
page read and write
4B87000
direct allocation
page read and write
23BD000
direct allocation
page read and write
1A296890000
heap
page read and write
697C000
heap
page read and write
4F00000
trusted library allocation
page read and write
A7F000
stack
page read and write
6A48000
heap
page read and write
7F2000
heap
page read and write
69D9000
heap
page read and write
69D1000
heap
page read and write
69EA000
heap
page read and write
8F8000
heap
page read and write
6931000
trusted library allocation
page read and write
4F00000
trusted library allocation
page read and write
C7E000
direct allocation
page read and write
69D5000
heap
page read and write
6994000
heap
page read and write
95D000
heap
page read and write
6943000
heap
page read and write
4F31000
trusted library allocation
page read and write
5EE0000
trusted library allocation
page read and write
6998000
heap
page read and write
4EC0000
trusted library allocation
page read and write
69EC000
heap
page read and write
6C77000
trusted library allocation
page read and write
69F0000
heap
page read and write
69E9000
heap
page read and write
911000
heap
page read and write
6996000
heap
page read and write
6968000
heap
page read and write
69CF000
heap
page read and write
698A000
heap
page read and write
5ED8000
trusted library allocation
page read and write
7F6000
heap
page read and write
3571000
direct allocation
page read and write
699E000
heap
page read and write
677A000
trusted library allocation
page read and write
4B9D000
direct allocation
page read and write
698A000
heap
page read and write
23EC000
direct allocation
page read and write
69CD000
heap
page read and write
32F0000
direct allocation
page read and write
77B000
heap
page read and write
69ED000
heap
page read and write
69D0000
heap
page read and write
69D1000
heap
page read and write
6968000
heap
page read and write
69D1000
heap
page read and write
6A48000
heap
page read and write
23AD000
direct allocation
page read and write
6430000
trusted library allocation
page read and write
69E4000
heap
page read and write
4E05000
heap
page read and write
69EB000
heap
page read and write
D76000
direct allocation
page read and write
69CF000
heap
page read and write
404E000
stack
page read and write
18D000
stack
page read and write
69D4000
heap
page read and write
6998000
heap
page read and write
69EF000
heap
page read and write
6973000
heap
page read and write
830000
heap
page read and write
6050000
trusted library allocation
page read and write
69D6000
heap
page read and write
69CF000
heap
page read and write
6973000
heap
page read and write
6994000
heap
page read and write
6996000
heap
page read and write
CB9000
direct allocation
page read and write
6A48000
heap
page read and write
69EF000
heap
page read and write
69CC000
heap
page read and write
7B3000
heap
page read and write
4BAF000
direct allocation
page read and write
7FD10000
direct allocation
page read and write
69E7000
heap
page read and write
6998000
heap
page read and write
69D1000
heap
page read and write
69D6000
heap
page read and write
69E4000
heap
page read and write
23A4000
direct allocation
page read and write
69CC000
heap
page read and write
2409000
direct allocation
page read and write
4F22000
trusted library allocation
page read and write
644F000
trusted library allocation
page read and write
2390000
direct allocation
page read and write
69A3000
heap
page read and write
69CF000
heap
page read and write
69CE000
heap
page read and write
6968000
heap
page read and write
CA1000
direct allocation
page read and write
673B000
trusted library allocation
page read and write
6998000
heap
page read and write
69E6000
heap
page read and write
69CF000
heap
page read and write
69D2000
heap
page read and write
6051000
trusted library allocation
page read and write
69E9000
heap
page read and write
69F0000
heap
page read and write
69E5000
heap
page read and write
D2F000
direct allocation
page read and write
27E8000
direct allocation
page read and write
6996000
heap
page read and write
69D1000
heap
page read and write
7A0000
heap
page read and write
610000
heap
page read and write
709000
heap
page read and write
69D7000
heap
page read and write
2402000
direct allocation
page read and write
513000
unkown
page readonly
5E80000
trusted library allocation
page read and write
2378000
direct allocation
page read and write
4BB9000
direct allocation
page read and write
697F000
heap
page read and write
2310000
heap
page read and write
6989000
heap
page read and write
506000
unkown
page read and write
69ED000
heap
page read and write
69EC000
heap
page read and write
DDB000
heap
page read and write
7D4000
heap
page read and write
69D1000
heap
page read and write
4F20000
trusted library allocation
page read and write
54C0000
heap
page read and write
5DE000
stack
page read and write
698A000
heap
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
69EA000
heap
page read and write
69CF000
heap
page read and write
581000
unkown
page execute and write copy
696C000
heap
page read and write
69F0000
heap
page read and write
5F40000
trusted library allocation
page read and write
69CE000
heap
page read and write
2453000
direct allocation
page read and write
69ED000
heap
page read and write
698A000
heap
page read and write
4810000
heap
page read and write
699F000
stack
page read and write
6479000
trusted library allocation
page read and write
3700000
heap
page read and write
69CE000
heap
page read and write
69CF000
heap
page read and write
4E0F000
heap
page read and write
6A48000
heap
page read and write
749000
heap
page read and write
2543000
heap
page read and write
69EB000
heap
page read and write
5CF4000
trusted library allocation
page read and write
7CD000
heap
page read and write
2663000
heap
page read and write
4E32000
heap
page read and write
50C0000
trusted library allocation
page read and write
69D2000
heap
page read and write
714000
heap
page read and write
2402000
direct allocation
page read and write
5FC0000
trusted library allocation
page read and write
684E000
trusted library allocation
page read and write
3680000
heap
page read and write
6943000
heap
page read and write
5ECE000
trusted library allocation
page read and write
D76000
direct allocation
page read and write
69E9000
heap
page read and write
CC4000
direct allocation
page read and write
69D4000
heap
page read and write
697B000
heap
page read and write
417000
unkown
page read and write
5EE0000
trusted library allocation
page read and write
685B000
heap
page read and write
B6E000
stack
page read and write
698A000
heap
page read and write
5FF0000
trusted library allocation
page read and write
63E0000
trusted library allocation
page read and write
2458000
direct allocation
page read and write
6441000
trusted library allocation
page read and write
69CE000
heap
page read and write
69D0000
heap
page read and write
2451000
direct allocation
page read and write
69D1000
heap
page read and write
6A48000
heap
page read and write
6003000
trusted library allocation
page read and write
69EC000
heap
page read and write
6968000
heap
page read and write
6A48000
heap
page read and write
5FF0000
trusted library allocation
page read and write
6A48000
heap
page read and write
6C0000
heap
page read and write
B00000
heap
page read and write
5CAF000
trusted library allocation
page read and write
69E5000
heap
page read and write
69EC000
heap
page read and write
69F0000
heap
page read and write
4B37000
direct allocation
page read and write
69D5000
heap
page read and write
6996000
heap
page read and write
6052000
trusted library allocation
page read and write
2418000
direct allocation
page read and write
69D0000
heap
page read and write
710000
heap
page read and write
6840000
trusted library allocation
page read and write
4DE000
stack
page read and write
3735000
heap
page read and write
22A0000
direct allocation
page read and write
6996000
heap
page read and write
C99000
direct allocation
page read and write
69CF000
heap
page read and write
6998000
heap
page read and write
69EF000
heap
page read and write
6968000
heap
page read and write
69D8000
heap
page read and write
69A7000
heap
page read and write
23CB000
direct allocation
page read and write
697D000
heap
page read and write
D7D000
direct allocation
page read and write
53B000
unkown
page readonly
6940000
heap
page read and write
6A48000
heap
page read and write
6A48000
heap
page read and write
5FD3000
trusted library allocation
page read and write
69D4000
heap
page read and write
4E1C000
heap
page read and write
72E000
heap
page read and write
6A48000
heap
page read and write
6A4A000
heap
page read and write
4FE000
stack
page read and write
69D7000
heap
page read and write
69CC000
heap
page read and write
6426000
trusted library allocation
page read and write
69CF000
heap
page read and write
69D6000
heap
page read and write
6998000
heap
page read and write
372F000
heap
page read and write
6957000
heap
page read and write
727000
heap
page read and write
69CF000
heap
page read and write
69CD000
heap
page read and write
6968000
heap
page read and write
D20000
direct allocation
page read and write
8BF000
stack
page read and write
5F63000
trusted library allocation
page read and write
6817000
heap
page read and write
69CD000
heap
page read and write
3AFC000
stack
page read and write
7A4000
heap
page read and write
4B87000
direct allocation
page read and write
698A000
heap
page read and write
There are 2063 hidden memdumps, click here to show them.