Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
whatsappjpg.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Settings.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsc8B5F.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsd8DD2.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\660.jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "File source: https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg",
baseline, precision 8, 550x309, components 3
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Editere.ter
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Wodewose235.enc
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\dharma.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\howadji.Pte
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\shears.sip
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\whatsappjpg.exe
|
"C:\Users\user\Desktop\whatsappjpg.exe"
|
|
|
|
C:\Users\user\Desktop\whatsappjpg.exe
|
"C:\Users\user\Desktop\whatsappjpg.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://hublore.in/disha/mDdzfEwyp125.binh(
|
unknown
|
||
|
https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg
|
unknown
|
||
|
http://hublore.in/disha/mDdzfEwyp125.bin
|
45.43.14.134
|
||
|
http://mail.hearing-vision.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://hublore.in/disha/mDdzfEwyp125.binp(
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.hearing-vision.com
|
203.161.184.34
|
|
|
|
ip-api.com
|
208.95.112.1
|
|
|
|
hublore.in
|
45.43.14.134
|
||
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
203.161.184.34
|
mail.hearing-vision.com
|
Indonesia
|
|
|
|
45.43.14.134
|
hublore.in
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\Behagesygens\broilingly\uncost
|
skrivestningen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\whatsappjpg_RASMANCS
|
FileDirectory
|
There are 231 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
36483000
|
trusted library allocation
|
page read and write
|
|
|
|
364AF000
|
trusted library allocation
|
page read and write
|
|
|
|
5FA6000
|
direct allocation
|
page execute and read and write
|
|
|
|
500000
|
heap
|
page read and write
|
||
|
38F18000
|
heap
|
page read and write
|
||
|
38F69000
|
heap
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
7A30000
|
direct allocation
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
3622D000
|
trusted library allocation
|
page read and write
|
||
|
5E15000
|
heap
|
page read and write
|
||
|
38650000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2236000
|
remote allocation
|
page execute and read and write
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
55A6000
|
direct allocation
|
page execute and read and write
|
||
|
39423000
|
trusted library allocation
|
page read and write
|
||
|
7A00000
|
direct allocation
|
page read and write
|
||
|
38840000
|
heap
|
page execute and read and write
|
||
|
38F12000
|
heap
|
page read and write
|
||
|
1836000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
39460000
|
trusted library allocation
|
page read and write
|
||
|
7AA7000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
15C000
|
stack
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page execute and read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
3876C000
|
stack
|
page read and write
|
||
|
38F00000
|
heap
|
page read and write
|
||
|
7DA6000
|
direct allocation
|
page execute and read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
38830000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
7970000
|
heap
|
page read and write
|
||
|
216E000
|
stack
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
377D000
|
stack
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
38820000
|
trusted library allocation
|
page read and write
|
||
|
36226000
|
trusted library allocation
|
page read and write
|
||
|
35D6F000
|
stack
|
page read and write
|
||
|
3946F000
|
trusted library allocation
|
page read and write
|
||
|
3604B000
|
stack
|
page read and write
|
||
|
39480000
|
trusted library allocation
|
page read and write
|
||
|
3635F000
|
stack
|
page read and write
|
||
|
35F4D000
|
stack
|
page read and write
|
||
|
364AB000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
direct allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
36451000
|
trusted library allocation
|
page read and write
|
||
|
38F8C000
|
heap
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2120000
|
heap
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
3942D000
|
trusted library allocation
|
page read and write
|
||
|
387B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39920000
|
trusted library allocation
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
36240000
|
trusted library allocation
|
page read and write
|
||
|
39431000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
35EF0000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
395CD000
|
stack
|
page read and write
|
||
|
7A10000
|
direct allocation
|
page read and write
|
||
|
7980000
|
direct allocation
|
page read and write
|
||
|
564000
|
heap
|
page read and write
|
||
|
87A6000
|
direct allocation
|
page execute and read and write
|
||
|
4A36000
|
remote allocation
|
page execute and read and write
|
||
|
38F6C000
|
heap
|
page read and write
|
||
|
69A6000
|
direct allocation
|
page execute and read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
35AEF000
|
stack
|
page read and write
|
||
|
38F87000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
38F37000
|
heap
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
3960F000
|
unkown
|
page read and write
|
||
|
36200000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39930000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
39466000
|
trusted library allocation
|
page read and write
|
||
|
79F0000
|
direct allocation
|
page read and write
|
||
|
44F000
|
unkown
|
page read and write
|
||
|
3937E000
|
stack
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
4036000
|
remote allocation
|
page execute and read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
4E0000
|
direct allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
38F01000
|
heap
|
page read and write
|
||
|
5DD0000
|
heap
|
page read and write
|
||
|
620000
|
direct allocation
|
page read and write
|
||
|
7990000
|
direct allocation
|
page read and write
|
||
|
10E000
|
stack
|
page read and write
|
||
|
39441000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
3927E000
|
stack
|
page read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
551000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
3978E000
|
stack
|
page read and write
|
||
|
5E0B000
|
heap
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
36250000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
direct allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
3923F000
|
stack
|
page read and write
|
||
|
364C5000
|
trusted library allocation
|
page read and write
|
||
|
39930000
|
trusted library allocation
|
page read and write
|
||
|
21A5000
|
heap
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39920000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
heap
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
3643C000
|
stack
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
600000
|
direct allocation
|
page read and write
|
||
|
2C36000
|
remote allocation
|
page execute and read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
3621E000
|
trusted library allocation
|
page read and write
|
||
|
5D84000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3620B000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
421000
|
unkown
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5E0D000
|
heap
|
page read and write
|
||
|
5436000
|
remote allocation
|
page execute and read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
36221000
|
trusted library allocation
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
397CF000
|
stack
|
page read and write
|
||
|
4A60000
|
direct allocation
|
page execute and read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
394E0000
|
trusted library allocation
|
page read and write
|
||
|
3881D000
|
stack
|
page read and write
|
||
|
3854E000
|
stack
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
38F37000
|
heap
|
page read and write
|
||
|
7A20000
|
direct allocation
|
page read and write
|
||
|
35DDE000
|
stack
|
page read and write
|
||
|
39431000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39483000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
374AD000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
360FA000
|
stack
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
79B0000
|
direct allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
50A000
|
heap
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
39492000
|
trusted library allocation
|
page read and write
|
||
|
5DA7000
|
heap
|
page read and write
|
||
|
5E09000
|
heap
|
page read and write
|
||
|
36368000
|
trusted library allocation
|
page read and write
|
||
|
79E0000
|
direct allocation
|
page read and write
|
||
|
364AD000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
5DC2000
|
heap
|
page read and write
|
||
|
360B0000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
79A0000
|
direct allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
37451000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
5DA1000
|
heap
|
page read and write
|
||
|
665000
|
heap
|
page read and write
|
||
|
73A6000
|
direct allocation
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
360A0000
|
direct allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
3964E000
|
unkown
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39910000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394A0000
|
trusted library allocation
|
page read and write
|
||
|
394A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
2124000
|
heap
|
page read and write
|
||
|
38F6E000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
direct allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39470000
|
trusted library allocation
|
page read and write
|
||
|
39910000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
364B5000
|
trusted library allocation
|
page read and write
|
||
|
36400000
|
trusted library allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
3636000
|
remote allocation
|
page execute and read and write
|
||
|
3620E000
|
trusted library allocation
|
page read and write
|
||
|
39480000
|
trusted library allocation
|
page read and write
|
||
|
596000
|
heap
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
38550000
|
heap
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39910000
|
trusted library allocation
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
5D48000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
38551000
|
heap
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
38F37000
|
heap
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
27C5000
|
heap
|
page read and write
|
||
|
394A0000
|
trusted library allocation
|
page read and write
|
||
|
39433000
|
trusted library allocation
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
79C0000
|
direct allocation
|
page read and write
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E55000
|
heap
|
page read and write
|
||
|
7A8E000
|
stack
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
38F7A000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
37479000
|
trusted library allocation
|
page read and write
|
||
|
3990E000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
4C0000
|
direct allocation
|
page read and write
|
||
|
606F000
|
stack
|
page read and write
|
||
|
38F24000
|
heap
|
page read and write
|
||
|
394C0000
|
trusted library allocation
|
page read and write
|
||
|
39470000
|
trusted library allocation
|
page read and write
|
||
|
39421000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
direct allocation
|
page read and write
|
||
|
79D0000
|
direct allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
38650000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
5E50000
|
heap
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39460000
|
trusted library allocation
|
page read and write
|
||
|
4BA6000
|
direct allocation
|
page execute and read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
35D90000
|
trusted library allocation
|
page read and write
|
||
|
39460000
|
trusted library allocation
|
page read and write
|
||
|
5E40000
|
heap
|
page read and write
|
||
|
3980E000
|
stack
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
3974E000
|
stack
|
page read and write
|
||
|
36440000
|
heap
|
page execute and read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5E0F000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
61B0000
|
heap
|
page read and write
|
||
|
5E57000
|
heap
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
38F6A000
|
heap
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
39920000
|
trusted library allocation
|
page read and write
|
||
|
5D9E000
|
heap
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
36212000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
35EDF000
|
stack
|
page read and write
|
||
|
361F9000
|
stack
|
page read and write
|
||
|
38837000
|
trusted library allocation
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F6E000
|
stack
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39423000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
5E32000
|
heap
|
page read and write
|
||
|
39940000
|
trusted library allocation
|
page read and write
|
||
|
35C2E000
|
stack
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
38F7F000
|
heap
|
page read and write
|
||
|
39450000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
387D0000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
38660000
|
heap
|
page read and write
|
||
|
3621A000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
direct allocation
|
page read and write
|
||
|
35B2E000
|
stack
|
page read and write
|
||
|
20E0000
|
heap
|
page read and write
|
||
|
55E000
|
heap
|
page read and write
|
||
|
3948D000
|
trusted library allocation
|
page read and write
|
||
|
39470000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
5DCD000
|
heap
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
35C6E000
|
stack
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
16F0000
|
remote allocation
|
page execute and read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
38650000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38F01000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
39490000
|
trusted library allocation
|
page read and write
|
||
|
39910000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
54D000
|
heap
|
page read and write
|
||
|
39460000
|
trusted library allocation
|
page read and write
|
||
|
38F13000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
394B0000
|
trusted library allocation
|
page read and write
|
||
|
367C000
|
stack
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
39920000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
There are 396 hidden memdumps, click here to show them.