Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
u9aPQQIwhj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Settings.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsh4048.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsw3DE5.tmp
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Banebrydere.Spe107
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Trskelen\660.jpg
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "File source: https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg",
baseline, precision 8, 550x309, components 3
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Trskelen\Editere.ter
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Trskelen\Wodewose235.enc
|
data
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Trskelen\dharma.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Uploadable\normallnnens\Trskelen\shears.sip
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\u9aPQQIwhj.exe
|
"C:\Users\user\Desktop\u9aPQQIwhj.exe"
|
|
|
|
C:\Users\user\Desktop\u9aPQQIwhj.exe
|
"C:\Users\user\Desktop\u9aPQQIwhj.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
172.67.74.152
|
||
|
http://84.38.133.42/SaclKvrenGmYaqCeKqHVn198.binY
|
unknown
|
||
|
https://www.wikihow.com/Image:Type-Step-1-Version-6.jpg
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://84.38.133.42/SaclKvrenGmYaqCeKqHVn198.bin
|
84.38.133.42
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
172.67.74.152
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
84.38.133.42
|
unknown
|
Latvia
|
||
|
172.67.74.152
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\Behagesygens\broilingly\uncost
|
skrivestningen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Locales Approx
|
C Langs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\u9aPQQIwhj_RASMANCS
|
FileDirectory
|
There are 224 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
35FDB000
|
trusted library allocation
|
page read and write
|
|
|
|
35FB1000
|
trusted library allocation
|
page read and write
|
|
|
|
5FBA000
|
direct allocation
|
page execute and read and write
|
|
|
|
359F0000
|
heap
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page execute and read and write
|
||
|
3889C000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
36FC3000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
358DE000
|
stack
|
page read and write
|
||
|
35890000
|
trusted library allocation
|
page read and write
|
||
|
39000000
|
trusted library allocation
|
page read and write
|
||
|
39007000
|
trusted library allocation
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page execute and read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38ABC000
|
stack
|
page read and write
|
||
|
35B4B000
|
stack
|
page read and write
|
||
|
4FA000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
391BE000
|
unkown
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
3585E000
|
stack
|
page read and write
|
||
|
69BA000
|
direct allocation
|
page execute and read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
3903D000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
5BA1000
|
heap
|
page read and write
|
||
|
3565F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
36F61000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
367A000
|
remote allocation
|
page execute and read and write
|
||
|
3887E000
|
stack
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
38FFF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35BA0000
|
direct allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
3813D000
|
trusted library allocation
|
page read and write
|
||
|
5B7D000
|
heap
|
page read and write
|
||
|
35FAD000
|
trusted library allocation
|
page read and write
|
||
|
5B0B000
|
heap
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35DC0000
|
trusted library allocation
|
page read and write
|
||
|
35D18000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35F9F000
|
trusted library allocation
|
page read and write
|
||
|
3947E000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
54F000
|
heap
|
page read and write
|
||
|
5A60000
|
direct allocation
|
page read and write
|
||
|
35DD0000
|
remote allocation
|
page read and write
|
||
|
393E7000
|
trusted library allocation
|
page read and write
|
||
|
388B0000
|
heap
|
page execute and read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
3933F000
|
stack
|
page read and write
|
||
|
5B31000
|
heap
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
10E000
|
stack
|
page read and write
|
||
|
39040000
|
trusted library allocation
|
page execute and read and write
|
||
|
36F89000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5B24000
|
heap
|
page read and write
|
||
|
35F1D000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
35FE1000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
4E9000
|
heap
|
page read and write
|
||
|
35DD0000
|
remote allocation
|
page read and write
|
||
|
5AF4000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
35DB0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
heap
|
page read and write
|
||
|
3883E000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
21A0000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
451000
|
unkown
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page execute and read and write
|
||
|
38887000
|
trusted library allocation
|
page read and write
|
||
|
22D4000
|
heap
|
page read and write
|
||
|
3917F000
|
unkown
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
514000
|
heap
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
5E0000
|
direct allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
direct allocation
|
page read and write
|
||
|
5B2E000
|
heap
|
page read and write
|
||
|
35F11000
|
trusted library allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
39030000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
16F0000
|
remote allocation
|
page execute and read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
655000
|
heap
|
page read and write
|
||
|
35F0E000
|
trusted library allocation
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
407A000
|
remote allocation
|
page execute and read and write
|
||
|
38133000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39030000
|
trusted library allocation
|
page read and write
|
||
|
39010000
|
trusted library allocation
|
page read and write
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
374D000
|
stack
|
page read and write
|
||
|
35DB0000
|
trusted library allocation
|
page read and write
|
||
|
4A7A000
|
remote allocation
|
page execute and read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
direct allocation
|
page read and write
|
||
|
7617000
|
heap
|
page read and write
|
||
|
AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
35F0A000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
35BB0000
|
direct allocation
|
page read and write
|
||
|
38AEF000
|
heap
|
page read and write
|
||
|
21A5000
|
heap
|
page read and write
|
||
|
35DE0000
|
heap
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
35DC0000
|
heap
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
4AE000
|
heap
|
page read and write
|
||
|
212E000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
3811D000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
39050000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39000000
|
trusted library allocation
|
page read and write
|
||
|
38B66000
|
heap
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
55BA000
|
direct allocation
|
page execute and read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
364C000
|
stack
|
page read and write
|
||
|
59F0000
|
direct allocation
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
38AC1000
|
heap
|
page read and write
|
||
|
5D0000
|
direct allocation
|
page read and write
|
||
|
3805E000
|
stack
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
38ACC000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
73BA000
|
direct allocation
|
page execute and read and write
|
||
|
39010000
|
trusted library allocation
|
page read and write
|
||
|
5DAF000
|
stack
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
87BA000
|
direct allocation
|
page execute and read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
5B94000
|
heap
|
page read and write
|
||
|
5B75000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
2C7A000
|
remote allocation
|
page execute and read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38128000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38AEF000
|
heap
|
page read and write
|
||
|
380DE000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
35F50000
|
heap
|
page execute and read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
38B5C000
|
heap
|
page read and write
|
||
|
4A30000
|
direct allocation
|
page execute and read and write
|
||
|
4ED000
|
heap
|
page read and write
|
||
|
39400000
|
trusted library allocation
|
page read and write
|
||
|
5CAF000
|
stack
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
547A000
|
remote allocation
|
page execute and read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38120000
|
trusted library allocation
|
page read and write
|
||
|
5AB0000
|
heap
|
page read and write
|
||
|
359DF000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
5A50000
|
direct allocation
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
38700000
|
heap
|
page read and write
|
||
|
4BBA000
|
direct allocation
|
page execute and read and write
|
||
|
5917000
|
heap
|
page read and write
|
||
|
58DE000
|
stack
|
page read and write
|
||
|
600000
|
direct allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
5B9A000
|
heap
|
page read and write
|
||
|
5A70000
|
direct allocation
|
page read and write
|
||
|
35FD7000
|
trusted library allocation
|
page read and write
|
||
|
392FE000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
39400000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
direct allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
7DBA000
|
direct allocation
|
page execute and read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
39040000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35C00000
|
heap
|
page read and write
|
||
|
35F16000
|
trusted library allocation
|
page read and write
|
||
|
38EFE000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
direct allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
588E000
|
stack
|
page read and write
|
||
|
389BC000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35F22000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
direct allocation
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
38883000
|
trusted library allocation
|
page read and write
|
||
|
35BFA000
|
stack
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35EFE000
|
trusted library allocation
|
page read and write
|
||
|
39000000
|
trusted library allocation
|
page read and write
|
||
|
58F0000
|
direct allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
35D09000
|
stack
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
5B9A000
|
heap
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
39430000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35EF0000
|
trusted library allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
38892000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
39010000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
35DD0000
|
remote allocation
|
page read and write
|
||
|
38701000
|
heap
|
page read and write
|
||
|
5900000
|
direct allocation
|
page read and write
|
||
|
5915000
|
heap
|
page read and write
|
||
|
227A000
|
remote allocation
|
page execute and read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
38B21000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
5F0000
|
direct allocation
|
page read and write
|
||
|
5B91000
|
heap
|
page read and write
|
||
|
44F000
|
unkown
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
35DB0000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
5B5E000
|
heap
|
page read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
434000
|
unkown
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
38881000
|
trusted library allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
38881000
|
trusted library allocation
|
page read and write
|
||
|
38891000
|
trusted library allocation
|
page read and write
|
||
|
38120000
|
trusted library allocation
|
page read and write
|
||
|
7FDF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
512000
|
heap
|
page read and write
|
||
|
39020000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
direct allocation
|
page read and write
|
||
|
180000
|
trusted library allocation
|
page read and write
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
39070000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
35A4D000
|
stack
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
35DB0000
|
trusted library allocation
|
page read and write
|
||
|
35F02000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
3809C000
|
stack
|
page read and write
|
||
|
5B82000
|
heap
|
page read and write
|
||
|
38DFF000
|
stack
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
4E4000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
39440000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39020000
|
trusted library allocation
|
page read and write
|
||
|
5AB7000
|
heap
|
page read and write
|
||
|
5C0000
|
direct allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
direct allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
3575F000
|
stack
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
39000000
|
trusted library allocation
|
page read and write
|
||
|
35F61000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
direct allocation
|
page read and write
|
||
|
35EEF000
|
stack
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
39000000
|
trusted library allocation
|
page read and write
|
||
|
35F96000
|
trusted library allocation
|
page read and write
|
||
|
454000
|
unkown
|
page readonly
|
||
|
5B9D000
|
heap
|
page read and write
|
||
|
3813D000
|
trusted library allocation
|
page read and write
|
||
|
2763000
|
heap
|
page read and write
|
||
|
35FD9000
|
trusted library allocation
|
page read and write
|
||
|
392BF000
|
stack
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
393E0000
|
trusted library allocation
|
page read and write
|
||
|
39060000
|
trusted library allocation
|
page read and write
|
||
|
38AC0000
|
heap
|
page read and write
|
||
|
39400000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
5B95000
|
heap
|
page read and write
|
||
|
39010000
|
trusted library allocation
|
page read and write
|
||
|
38140000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
388A0000
|
trusted library allocation
|
page read and write
|
||
|
38881000
|
trusted library allocation
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
187A000
|
remote allocation
|
page execute and read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39410000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
35EFB000
|
trusted library allocation
|
page read and write
|
||
|
393F0000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38880000
|
trusted library allocation
|
page read and write
|
||
|
38130000
|
trusted library allocation
|
page read and write
|
||
|
3957F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
39420000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
||
|
38890000
|
trusted library allocation
|
page read and write
|
There are 407 hidden memdumps, click here to show them.