Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Shipping documents 000293994900.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Settings.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsj89C.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsvB4E.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\660.jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "File source: https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg",
baseline, precision 8, 550x309, components 3
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Editere.ter
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Gaberloonie.Pla73
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Wodewose235.enc
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\dharma.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\shears.sip
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Shipping documents 000293994900.exe
|
"C:\Users\user\Desktop\Shipping documents 000293994900.exe"
|
|
|
|
C:\Users\user\Desktop\Shipping documents 000293994900.exe
|
"C:\Users\user\Desktop\Shipping documents 000293994900.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://84.38.133.42/FZBmQQQpasdj30.bin
|
84.38.133.42
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
84.38.133.42
|
unknown
|
Latvia
|
||
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\Behagesygens\broilingly\uncost
|
skrivestningen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Shipping documents 000293994900_RASMANCS
|
FileDirectory
|
There are 226 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6125000
|
direct allocation
|
page execute and read and write
|
|
|
|
3578C000
|
trusted library allocation
|
page read and write
|
|
|
|
35761000
|
trusted library allocation
|
page read and write
|
|
|
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
378B6000
|
trusted library allocation
|
page read and write
|
||
|
239F000
|
stack
|
page read and write
|
||
|
16F0000
|
remote allocation
|
page execute and read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
5495000
|
heap
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
388E0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
378AE000
|
stack
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
35480000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
378DD000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
388D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
35746000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
38C77000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
direct allocation
|
page read and write
|
||
|
10E000
|
stack
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
38010000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
3878E000
|
stack
|
page read and write
|
||
|
38A4E000
|
unkown
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
3830C000
|
stack
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
356CF000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
3840F000
|
stack
|
page read and write
|
||
|
38897000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
direct allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
34EDE000
|
stack
|
page read and write
|
||
|
37F8D000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
35786000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37FD3000
|
trusted library allocation
|
page read and write
|
||
|
378CE000
|
trusted library allocation
|
page read and write
|
||
|
3574F000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
direct allocation
|
page execute and read and write
|
||
|
3820C000
|
stack
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
direct allocation
|
page read and write
|
||
|
36739000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
5447000
|
heap
|
page read and write
|
||
|
37FD1000
|
trusted library allocation
|
page read and write
|
||
|
35788000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
3798D000
|
trusted library allocation
|
page read and write
|
||
|
5390000
|
direct allocation
|
page read and write
|
||
|
38E0F000
|
stack
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
354CA000
|
stack
|
page read and write
|
||
|
21A5000
|
remote allocation
|
page execute and read and write
|
||
|
35460000
|
trusted library allocation
|
page read and write
|
||
|
3796E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5247000
|
heap
|
page read and write
|
||
|
36711000
|
trusted library allocation
|
page read and write
|
||
|
388D0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37983000
|
trusted library allocation
|
page read and write
|
||
|
37FE2000
|
trusted library allocation
|
page read and write
|
||
|
67B000
|
heap
|
page read and write
|
||
|
51F0000
|
heap
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
3511B000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
5725000
|
direct allocation
|
page execute and read and write
|
||
|
53A7000
|
heap
|
page read and write
|
||
|
35700000
|
heap
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
37FD1000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37C0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
38425000
|
heap
|
page read and write
|
||
|
35280000
|
heap
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
17A5000
|
remote allocation
|
page execute and read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
378C2000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
6DB0000
|
direct allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
5245000
|
heap
|
page read and write
|
||
|
534F000
|
stack
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
600000
|
direct allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
223E000
|
stack
|
page read and write
|
||
|
3888F000
|
stack
|
page read and write
|
||
|
3FA5000
|
remote allocation
|
page execute and read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
49A5000
|
remote allocation
|
page execute and read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
5464000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
384CC000
|
heap
|
page read and write
|
||
|
54D3000
|
heap
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
2250000
|
heap
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
388B0000
|
trusted library allocation
|
page read and write
|
||
|
3792C000
|
stack
|
page read and write
|
||
|
3844E000
|
heap
|
page read and write
|
||
|
37FEC000
|
trusted library allocation
|
page read and write
|
||
|
378B4000
|
trusted library allocation
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
direct allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
35120000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
5A0000
|
direct allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
229E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
409000
|
unkown
|
page write copy
|
||
|
6DC0000
|
direct allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
523E000
|
stack
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
3575D000
|
trusted library allocation
|
page read and write
|
||
|
398D000
|
stack
|
page read and write
|
||
|
666000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
35440000
|
direct allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
38419000
|
heap
|
page read and write
|
||
|
35792000
|
trusted library allocation
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
38B4F000
|
stack
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
20F5000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
378D1000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
378BB000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page read and write
|
||
|
388CD000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38BCF000
|
stack
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
5426000
|
heap
|
page read and write
|
||
|
378E2000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38011000
|
heap
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
546E000
|
heap
|
page read and write
|
||
|
38B8E000
|
stack
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
388F0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
37FE1000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
direct allocation
|
page read and write
|
||
|
38D0E000
|
stack
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
384C6000
|
heap
|
page read and write
|
||
|
38900000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
37970000
|
trusted library allocation
|
page read and write
|
||
|
35470000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
421000
|
unkown
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
356F0000
|
remote allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
38000000
|
heap
|
page execute and read and write
|
||
|
5459000
|
heap
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
6B25000
|
direct allocation
|
page execute and read and write
|
||
|
213E000
|
stack
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
590000
|
direct allocation
|
page read and write
|
||
|
150000
|
heap
|
page execute and read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
55FF000
|
stack
|
page read and write
|
||
|
352DE000
|
stack
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
37970000
|
trusted library allocation
|
page read and write
|
||
|
35460000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
54F2000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
3578A000
|
trusted library allocation
|
page read and write
|
||
|
378BE000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page read and write
|
||
|
3516E000
|
stack
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
36772000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
heap
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
5407000
|
heap
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
5492000
|
heap
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
355C9000
|
stack
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
38CA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
3526F000
|
stack
|
page read and write
|
||
|
35460000
|
trusted library allocation
|
page read and write
|
||
|
2BA5000
|
remote allocation
|
page execute and read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
34FDF000
|
stack
|
page read and write
|
||
|
37718000
|
trusted library allocation
|
page read and write
|
||
|
35460000
|
trusted library allocation
|
page read and write
|
||
|
38410000
|
heap
|
page read and write
|
||
|
35711000
|
trusted library allocation
|
page read and write
|
||
|
3501D000
|
stack
|
page read and write
|
||
|
6F1F000
|
stack
|
page read and write
|
||
|
356F0000
|
remote allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
353DF000
|
stack
|
page read and write
|
||
|
384C2000
|
heap
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
37FCE000
|
stack
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
54ED000
|
heap
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FD7000
|
trusted library allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
3848B000
|
heap
|
page read and write
|
||
|
23E4000
|
heap
|
page read and write
|
||
|
388C0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
direct allocation
|
page read and write
|
||
|
37990000
|
heap
|
page read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
388B0000
|
trusted library allocation
|
page read and write
|
||
|
5380000
|
direct allocation
|
page read and write
|
||
|
35430000
|
direct allocation
|
page read and write
|
||
|
2843000
|
heap
|
page read and write
|
||
|
3874E000
|
stack
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
5D0000
|
direct allocation
|
page read and write
|
||
|
388C0000
|
trusted library allocation
|
page read and write
|
||
|
3798D000
|
trusted library allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38CB0000
|
trusted library allocation
|
page read and write
|
||
|
38CD0000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
35470000
|
heap
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
384C9000
|
heap
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
38CC0000
|
trusted library allocation
|
page read and write
|
||
|
7F25000
|
direct allocation
|
page execute and read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
37978000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
38C70000
|
trusted library allocation
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
38C90000
|
trusted library allocation
|
page read and write
|
||
|
37FD0000
|
trusted library allocation
|
page read and write
|
||
|
356F0000
|
remote allocation
|
page read and write
|
||
|
44F000
|
unkown
|
page read and write
|
||
|
4D25000
|
direct allocation
|
page execute and read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FD1000
|
trusted library allocation
|
page read and write
|
||
|
378CA000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
388C000
|
stack
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
35A5000
|
remote allocation
|
page execute and read and write
|
||
|
38CA0000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page read and write
|
||
|
35450000
|
trusted library allocation
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
451000
|
unkown
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
378B0000
|
trusted library allocation
|
page read and write
|
||
|
378D6000
|
trusted library allocation
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
6DA0000
|
direct allocation
|
page read and write
|
||
|
37FF0000
|
trusted library allocation
|
page read and write
|
||
|
38A0F000
|
unkown
|
page read and write
|
||
|
62A000
|
heap
|
page read and write
|
||
|
3844E000
|
heap
|
page read and write
|
||
|
54FB000
|
heap
|
page read and write
|
||
|
37FE0000
|
trusted library allocation
|
page read and write
|
||
|
37980000
|
trusted library allocation
|
page read and write
|
||
|
6E1E000
|
stack
|
page read and write
|
||
|
38C80000
|
trusted library allocation
|
page read and write
|
||
|
7525000
|
direct allocation
|
page execute and read and write
|
There are 407 hidden memdumps, click here to show them.