Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
SecuriteInfo.com.Win64.CrypterX-gen.2144.26023.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\1sULHHpeqbgWxmRBkrwHQ2Wq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\31Q0tfhZ3ZbBeSnpH53Q6cmR.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\4eN6JMBulbZWTUqm8bHwZ2Cg.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\5CSwXytovRGWzicTtxKeyiOA.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\7GonYrcCQJRZWxpQLYX649aX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\7cokQoA6j0WDpV84Xp72tQca.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\A6zIGniAZ7NEfPoGNA99xdJC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\AO0lQiXja0SJ1xVYKQpJ0RgU.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\BScYPWRXjjJsm0UZKd8ZE404.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Ckxihb2NQynZLzb7wQqDjQv3.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\D0v59fae1RRLyzPSbsQoGGZK.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\GNcg3yiDrmzw07ZdoxfNbs1v.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\JN1IXYA8ssOWcLaqrtfgX1Ue.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\JeZCwGu4yuVGGxFvnw3BIkJ1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\KV2qLRPax2onnz5Ndu1Z5G5q.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\KZrOTs6FcYbq3nj2hpYsaJil.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\inte[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\setup294[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\timeSync[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\cad54ba5b01423b1af8ec10ab5719d97[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\71be4917[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\7725eaa6592c80f8124e769b4e8a07f7[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\Extension__Installer[1].exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\Opera_109.0.5097.45_Autoupdate_x64[2].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\060[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\setup[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\N96vu2CQjxii1alDjKixgxro.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\N9QaRzQ0AfOLtw4JsIq3BGlx.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\NOigbqKnljqgR3qaRHEw5cN9.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Obg7n5Z5efoxTsQrcye3Rd29.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\OzuxsP18idUhxNQxYYbIiZFx.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\QULdLniTDqWIS6ivnfEkWMUZ.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\S8ELmP46wfy25sPQImx4dfKP.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\SuRnIHuWYWEWXFXLcVP2Or9Q.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\0XytwVHS3WE9jtGuuRid6GiP.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\T2RIU3FpH6dczIGTG32vuvvE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\kuRSiZPmKhbW1guMqYXCvrAu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\syLcQZGPHHUJ3M0wbg0XxQZf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\AppVShNotify.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\BackgroundTransferHost.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\BdeUISrv.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\CertEnrollCtrl.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\Install.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\browserexport.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\JMPZeWvHhArmqROvY\NwfPJCCpQqPYDzK\lIVrBSt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
modified
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036016968100.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036143665496.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036143868168.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036199797216.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036226544476.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036248045740.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036332806404.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036333922764.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\Opera_installer_2404180036337438040.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\serversystemNCQ_x64.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\u224.0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\u224.1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\u63c.0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\u63s.0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\u63s.1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Tp59u6n2uhrgw2uPRJT1mo4o.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\TxcN817CnpQUUQpmxVzV0mFT.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\WIPtBriceCKAWgIcBS0bein0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Z53Wf0X0IoS1KV8zvVeoh9Jq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\a84xxA52gOFQbQH4hbzYi5Xz.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\cOM8IUNCP0DFnISRQRmA27gl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\csCwmOCWNE9UELQ4txTVhw4w.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\dIzcszODhP85SLHp5gDwads1.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\dYzlQyYiVhnqA3GhRDFvHDg1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\f0h4XS72dTppZnfmwBjhUBEA.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\gtrlRL8HQLBmCrpj7eGii9RV.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\i3cGHUfhs02OIuQ54eKiruit.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\iUqjJmkpzyvK9tYYVEHTZp1W.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\iZp2NZRM4fCHBLrmfY5yxs4H.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\iiOuEJn1yBaeJOKc16avXLXi.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\jPR83WX1aF07mPj541WJbft7.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\kTljKlVr9ONLnjGfMDuDLqq7.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\kzh8LUeSpUUvzS6kGzWDItYc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\m17a3Wi6OxEiO5FsOjI20tNz.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\mrFftTFMgiVG2LP46B9gKHBo.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\nRdMq8uD8Vn50SShh8GGGF1J.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\oE07FMGKijbqRxoSOEfcVNr4.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\q1Wrkjlqz870PPzT0bIAuAXE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\qWJzemjmehRTjWu4hQlmexeK.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\rgIKhNst6KD41QCemJfU8B6e.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\rqCKBzP3c5cie0ECqyDcHMBo.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\si8fAgQZyD6Cx4plDNMQadak.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\vRRDKxJPSQaL9EAwTnxxq5Xp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\ws45TNfHbiigh1rlfu2kvwqp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\x6grxPSTyIeA8EPDMgptrwYO.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\xMynrpRscnCMe5EhOaqNgT9P.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\xWO4HdGMj74aDnNwcibeJHOS.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\ydXU53ROIY0b9rjoj3B1m3C2.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0J7M1nQjDGRXKMq0AgiKFOvO.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0L0N3gvArkRU6k774A53L7pm.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0ikx69mladtPGsRKabYNZ6t0.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0syZq7EY0CFhtffF1dHMEDe0.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2YGFaax4VREMAQhHWBVtU9ND.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2ym1d1xnPNMzk5jErdF6V6UG.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3PIKZrWnwy05CxuZRskqCwfF.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\42AtahIwsAQ9MCwYdGXiMWgl.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4LIdC6j8pRS1z7WNkoaxi5da.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4Y9Dve63bMlMJwgLFapHtux4.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4f4biQVfkFFQ1vVSgVTRMMCQ.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5DvsXqu7rhEgw2bNo52xP7fS.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5e9YTeMdvgg279TXXoNtMM7p.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5me5kJjaX6nSu3LrmZClhT87.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7wRR3Sd9ebwAodEDhY9Igh21.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9Xgc4e7oTv5WiPHkhGWgsF6U.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AN1sPJSyeZAaO0fgnCn2d82e.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AcYm79bKwGS9urVVZVjxlnOT.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bnux0XctxY2jUEcQFRrG9ED3.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C2otv6cqxQYf5tfWSc9JYFFI.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CVcuVNYe8YDJ4yNu7pIFMe6h.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CqLkLJsKMzyqpGaqpdD80xX4.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DJgk52sDeczUV1lmMmKix3k6.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EXyR1877y9OTHbL7SmwL0Njx.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ft6HRmD3ARCfJ7A7sFRbGBMr.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\I9qlxtKCRbJZBgSVyvQk4qck.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\INrPttZcYp1b1IDxmBdj2E7I.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\J4OoATuxVsfOKcXUcxOLtc1U.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kt7mfV03aeWQu4bZPgZ3e2n8.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MnlURaBerk6x1crCbiGPEJWc.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MygBvANjLf1AX31Xj7nu95Ot.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NZRD5waRyhBspSGbBIm0gdm3.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NgmAydJthTuDbZVpKKk96QRy.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PnT9ZbC86TXnf3ynIc9924V5.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Qbfh1kEfJzQeidHl0GsAyFET.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VgsxHcqWGMZuJZrJUV5SLHQ3.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W8THWYViNOUp58e0uu5wCwhd.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WHd1pNJmpFoM8sqoNNUE4tf3.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WsK1YQ9kvBcxOEKHHnifbuin.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XFHdSFO3188VoWv0QrQcEWtV.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Y3oAYVErrIRWXBbeGz7YmX13.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YeU8iF6BbqbTpHWTeh39oBMV.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZVwZaD0pkoPBTQLpyiUwKvm0.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aCZd0jUEZLTcGXCh2D1mXI8Y.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alXN5bQawMu1k2uk8dHN6LdQ.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\boo8FP0AhS3bBXLUBRbBJy9i.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cioAsxrEgULT6QllewrDjFdd.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fCajoF0uziKOHWOtsMKiSmkf.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqngqO4IdouWvJHIpDnLTPg5.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iV9J0aMa18AmH41d2KxPgrGa.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jC9hytOXxSJLUIWk7OLwYELs.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k2JDJYYF97BxDjJvdjfGyjtZ.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kubdYrhB0F7KtjUXb85yOtnD.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lnqdr1oc3vWZb0AM6GqrJePb.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lvJmufARuJlw0oQi9mXpQ9k4.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\m35TgMK4wpj8LJ6jgGf2Xw2Z.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\moQfGiqyu6YwVfcrFdZJ5YnD.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oihjzJdDB6SwjKqgn4xLpgF2.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\olGMw8ij2FLh3ZKyyQztgUiZ.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pPDwres8UiyP6hmT2n6yLn7l.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pkqRrg5iWYbcd6JdFTMqN4du.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tAZVngHhHPzgcFHrRcS9MvT2.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tlcr68YHXdDJjhyT7wrqm3xM.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uSsGDdtTis23IdAFsKMDjhvK.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vr4X7SKAWv4hdQph3V65g9Ue.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wgrTK4F9BP7bp4UxruSjPthW.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x3w25VIhwwar8kgq72wIQMdT.bat
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\8lBOtksKAFB83rUCOP3QmQ2e.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\BuKYLuXtWRFvMUw4E6QMnePB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\N3dNHH1i3277Gfb9sVdhVcr5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\UEaGlypujmRvmbw2BfkfATn6.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\YEB6goJ_QRA9Ek_PBrASrKDk.exe
|
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\bLSHn6d_smbEd3DDHsdhdb9F.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\e5ADH4rW9PcD5gtgsREzjuVn.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\iTHBJLcts9pEuoqVNgU3srbu.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\jQql7MG2XChbxjQ6gNLJX8a8.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\mglK9j1udRLIlNMmqHDs89S5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\poDcVPAkLsUtWqX_rqUuGuhg.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\tk993DcPKxGC0yxEJOpWA4Uq.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\xFUB9mqMmDXHB6bYEudfe3bz.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\zfmWdTyj1A0x7CDHTSCFc6P6.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\0XytwVHS3WE9jtGuuRid6GiP.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\0oplAGcqdSD8dY40aY8KDRaa.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\1HakjlIwxygCinOPkQfhRxwL.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\3wiDjAuNAMEeKc2Sp8AJvkHN.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\4zJ5E9cuigEXwPfwJBBf2Voo.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\5QOOoyFK4iimcVizzTfwyofF.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\7ifrWkUACu1QmnINWqs0eu9h.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\C3zBXysGYP5W2fmci6hd0XEB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\EVcXAn6aSSI07ttXmnvL0m1a.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\F6G6Y5cEUOHQw9dTwu4nNoIO.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\GGlApx2WKpOBsEMsKqplE6Uf.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\HmEe3wDzeiBBjESYuBab3Xp4.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\IWT1vUWgcWghP1zoHHmuoKa9.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\IpPaPlW8SuKj6HZ6PbpzdKUK.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\JIsbjewlnghreiCB15kllzTk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\JPl4ZLOvy3fY5RSXGk5s9Gl5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\KAKoKagL31aeT9tvPuu3L1bc.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\KI5P6OyhHMwNaNA4w0xtd3UY.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\KlC0MO7JlENai4lmIm0fgxCd.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\LLoAVhqqC3TlPmj3xeFbhIJr.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\MphEWivXVroFMrkzyLgmuj2t.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\PMy8rA40PiG6kLCCQ4O29elX.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Pn5ZHf0b4pBQKwEbywjz1WNa.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\PqdYh9kiVSkf3FjC9RDfcS2e.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Q1ZjqgqRF9GO7rx2KZzJIL2b.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\QHuPF3k4no0JL9DdGqDYtkCG.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\QKDjQ5sBUXPsok7hLKm8Jxa7.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\SU1be6oqYDorLkUc1l6IPPFB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Sj3OVhjmKPY77wuH4sHs0IWD.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\T2RIU3FpH6dczIGTG32vuvvE.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\UIlweOQ5afwPPuh3ds8U6N2a.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\UZEIOb5AJt4PKuFpMNcUE5kB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\VZQMh0fhaUDqSIPOKlnYI2fB.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Vh2fqCjm9jPtwuJrcfbbwxLj.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\XEAazEoSTmJSOa66cXm6S07v.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\YFF0xQcRAUpBPwLPUp2RM5MU.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Yz2gr4IqEnTCH1g642bo4hrO.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\Zo2cLek54856t9hHiM76hOvA.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\aTkqzhHOj7NgaroFiyZu2tdl.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\cvz8uTBLcjJDrWiUkH9ou3st.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\dhes16NzxQrsGp1NLOpKhYEG.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\exiuFZUeNjcDMo0MgYdiT1SB.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\fBaSCDbc3PgwiKtKElJM21wM.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\kBnX25PRDA3FRCf96qRj6qpV.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\kuRSiZPmKhbW1guMqYXCvrAu.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\mm4Q31XfpYKjbn6ceSwXhER9.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\puSUyQPbhGQYc8ea6l8rcmDp.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\remGzM3ucI0rwNvHqGHEYSnk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\s9S2YPHvXa7oseKyop7fDJGM.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\syLcQZGPHHUJ3M0wbg0XxQZf.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\u7khEnv04mT2EDLzgGnRMGoz.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\v2MiP1iSJrMhmInOYy5QW224.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\wjaGPzkDQjpdcbjBR9AwSFKW.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\ySa0tmdKXLMzZNFqxzPk3yl0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\z2yKWzT0GXgmaQHim8qSwTt8.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\Pictures\zMgiNzEE9vHMTa7pUx4El30p.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
C:\Windows\System32\GroupPolicy\gpt.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_72840a9326b146c8f797fe2c317b7fd81655ef_07b00b77_725b6b51-d5b5-4457-94a8-6a7675320663\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER12CF.tmp.txt
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1F25.tmp.csv
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WER41B2.tmp.txt
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD34A.tmp.dmp
|
Mini DuMP crash report, 16 streams, Thu Apr 18 00:35:57 2024, 0x1205a4 type
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD530.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD58E.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD5AC.tmp.csv
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERD61A.tmp.txt
|
data
|
dropped
|
||
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF479.tmp.csv
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\EEmi2L6GuCPkhaixWFWgtXmC.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\KWbVzicuAiSBYHryJZst17v9.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\Kocn1QGnt5lNON74XhjpO8L3.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\PL_Clients[1].bmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\crypted[1].bmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\files[1].bmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\setup[1].htm
|
HTML document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\crypted[1].bmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\imgdrive_2_1[1].bmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\QI8XvF6duFZ0OdsmbJPQIRnh.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\system.ini
|
Windows SYSTEM.INI
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kbqdpqh2.ayj.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lx4u5kb0.4sm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pfx1wdjg.dd1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ptzfit01.psd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\YGTS10whU5xLzk2bVxVWnmYS.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\YZSfYHwWFKrX6Pjkpe42m3a3.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\lxJL7FOaOc6Tkk0XNttI4ctE.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\mLelSKT2LDJXIBhhiZbtJLRy.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\oQDwIFVWS8CDFis7e7hIkdVf.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\sZo8dt9VSX8cm31TuXOiptH3.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Local\zU6BSyD8WoQsImtLem5lAF2x.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
|
data
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\q8kYHwm3PccnSPsq8WHAVhzd.exe
|
HTML document, Non-ISO extended-ASCII text, with very long lines (17875)
|
dropped
|
||
C:\Users\user\Documents\SimpleAdobe\t1TVh5wiN6nn0UU6UNFGbozD.exe
|
HTML document, Non-ISO extended-ASCII text, with very long lines (17875)
|
dropped
|
||
C:\Users\user\Pictures\72ikwo0xN8m7DIEmg8FL68i9.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\D1DNzbYhZ5irlEMiXjcU2a2e.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\JsR15JaJDFzaXbSvvkMXKGOy.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\OwiOgmO3oIyIM5MtwxyFTS2j.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\VBK0acBbP8jSA9iTV62oCIGo.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\bxrHv2BMlcULxp3nGjO9PIeE.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\c02zgoz7VFjrBiCTIiJdXKzh.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\dNJx8I5qbjWEp5UtzqYCiiad.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\dTzJTeCvH5akGV8vPoopaG4c.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\gRYJFiU6bkvQhx8faYvTd9ih.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Users\user\Pictures\jvm8OUFmYtzvgwR72YgLOVLo.exe
|
HTML document, Unicode text, UTF-8 text, with very long lines (1460)
|
dropped
|
||
C:\Windows\System32\GroupPolicy\Machine\Registry.pol
|
RAGE Package Format (RPF),
|
dropped
|
||
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 271 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.2144.26023.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.2144.26023.exe"
|
||
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\SecuriteInfo.com.Win64.CrypterX-gen.2144.26023.exe"
-Force
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
|
||
C:\Users\user\Pictures\JPl4ZLOvy3fY5RSXGk5s9Gl5.exe
|
"C:\Users\user\Pictures\JPl4ZLOvy3fY5RSXGk5s9Gl5.exe"
|
||
C:\Users\user\Pictures\JIsbjewlnghreiCB15kllzTk.exe
|
"C:\Users\user\Pictures\JIsbjewlnghreiCB15kllzTk.exe"
|
||
C:\Users\user\Pictures\KI5P6OyhHMwNaNA4w0xtd3UY.exe
|
"C:\Users\user\Pictures\KI5P6OyhHMwNaNA4w0xtd3UY.exe"
|
||
C:\Users\user\Pictures\XEAazEoSTmJSOa66cXm6S07v.exe
|
"C:\Users\user\Pictures\XEAazEoSTmJSOa66cXm6S07v.exe"
|
||
C:\Users\user\Pictures\Yz2gr4IqEnTCH1g642bo4hrO.exe
|
"C:\Users\user\Pictures\Yz2gr4IqEnTCH1g642bo4hrO.exe"
|
||
C:\Users\user\Pictures\3wiDjAuNAMEeKc2Sp8AJvkHN.exe
|
"C:\Users\user\Pictures\3wiDjAuNAMEeKc2Sp8AJvkHN.exe"
|
||
C:\Users\user\Pictures\SU1be6oqYDorLkUc1l6IPPFB.exe
|
"C:\Users\user\Pictures\SU1be6oqYDorLkUc1l6IPPFB.exe"
|
||
C:\Users\user\Pictures\Vh2fqCjm9jPtwuJrcfbbwxLj.exe
|
"C:\Users\user\Pictures\Vh2fqCjm9jPtwuJrcfbbwxLj.exe"
|
||
C:\Users\user\Pictures\GGlApx2WKpOBsEMsKqplE6Uf.exe
|
"C:\Users\user\Pictures\GGlApx2WKpOBsEMsKqplE6Uf.exe"
|
||
C:\Users\user\Pictures\kBnX25PRDA3FRCf96qRj6qpV.exe
|
"C:\Users\user\Pictures\kBnX25PRDA3FRCf96qRj6qpV.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k WerSvcGroup
|
||
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 208 -p 7412 -ip 7412
|
||
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 7412 -s 1156
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Users\user\Pictures\7ifrWkUACu1QmnINWqs0eu9h.exe
|
"C:\Users\user\Pictures\7ifrWkUACu1QmnINWqs0eu9h.exe"
|
||
C:\Users\user\Pictures\T2RIU3FpH6dczIGTG32vuvvE.exe
|
"C:\Users\user\Pictures\T2RIU3FpH6dczIGTG32vuvvE.exe" --silent --allusers=0
|
||
C:\Users\user\Pictures\T2RIU3FpH6dczIGTG32vuvvE.exe
|
C:\Users\user\Pictures\T2RIU3FpH6dczIGTG32vuvvE.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler
"--database=C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera
Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable
--annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.45 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2bc,0x6c60e1d0,0x6c60e1dc,0x6c60e1e8
|
||
C:\Users\user\Pictures\QHuPF3k4no0JL9DdGqDYtkCG.exe
|
"C:\Users\user\Pictures\QHuPF3k4no0JL9DdGqDYtkCG.exe"
|
||
C:\Users\user\Pictures\syLcQZGPHHUJ3M0wbg0XxQZf.exe
|
"C:\Users\user\Pictures\syLcQZGPHHUJ3M0wbg0XxQZf.exe" --silent --allusers=0
|
||
C:\Users\user\Pictures\syLcQZGPHHUJ3M0wbg0XxQZf.exe
|
C:\Users\user\Pictures\syLcQZGPHHUJ3M0wbg0XxQZf.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler
"--database=C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera
Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable
--annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.45 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x6bf8e1d0,0x6bf8e1dc,0x6bf8e1e8
|
||
C:\Users\user\Pictures\wjaGPzkDQjpdcbjBR9AwSFKW.exe
|
"C:\Users\user\Pictures\wjaGPzkDQjpdcbjBR9AwSFKW.exe"
|
||
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5me5kJjaX6nSu3LrmZClhT87.bat"
"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Users\user\Pictures\PqdYh9kiVSkf3FjC9RDfcS2e.exe
|
"C:\Users\user\Pictures\PqdYh9kiVSkf3FjC9RDfcS2e.exe"
|
||
C:\Users\user\Pictures\0XytwVHS3WE9jtGuuRid6GiP.exe
|
"C:\Users\user\Pictures\0XytwVHS3WE9jtGuuRid6GiP.exe" --silent --allusers=0
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\T2RIU3FpH6dczIGTG32vuvvE.exe
|
"C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\T2RIU3FpH6dczIGTG32vuvvE.exe" --version
|
||
C:\Users\user\Pictures\0XytwVHS3WE9jtGuuRid6GiP.exe
|
C:\Users\user\Pictures\0XytwVHS3WE9jtGuuRid6GiP.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler
"--database=C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\user\AppData\Roaming\Opera
Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable
--annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=109.0.5097.45 --initial-client-data=0x29c,0x2a0,0x2a4,0x278,0x2a8,0x6b0de1d0,0x6b0de1dc,0x6b0de1e8
|
||
C:\Users\user\Pictures\mm4Q31XfpYKjbn6ceSwXhER9.exe
|
"C:\Users\user\Pictures\mm4Q31XfpYKjbn6ceSwXhER9.exe"
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
|
||
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
|
||
C:\Users\user\AppData\Local\oE07FMGKijbqRxoSOEfcVNr4.exe
|
"C:\Users\user\AppData\Local\oE07FMGKijbqRxoSOEfcVNr4.exe"
|
||
C:\Users\user\Pictures\1HakjlIwxygCinOPkQfhRxwL.exe
|
"C:\Users\user\Pictures\1HakjlIwxygCinOPkQfhRxwL.exe"
|
||
C:\Users\user\Pictures\F6G6Y5cEUOHQw9dTwu4nNoIO.exe
|
"C:\Users\user\Pictures\F6G6Y5cEUOHQw9dTwu4nNoIO.exe"
|
||
C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\0XytwVHS3WE9jtGuuRid6GiP.exe
|
"C:\Users\user\AppData\Local\Temp\.opera\Opera Installer Temp\0XytwVHS3WE9jtGuuRid6GiP.exe" --version
|
||
C:\Users\user\Pictures\kuRSiZPmKhbW1guMqYXCvrAu.exe
|
"C:\Users\user\Pictures\kuRSiZPmKhbW1guMqYXCvrAu.exe" --silent --allusers=0
|
||
C:\Users\user\AppData\Local\Temp\7zS2746.tmp\Install.exe
|
.\Install.exe /sQwdidHh "385118" /S
|
There are 32 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://vk.com/Nuq
|
unknown
|
||
http://5.42.66.10/download/th/retail.phpsJ(
|
unknown
|
||
https://meet.crazyfigs.top/style/060.exeV
|
unknown
|
||
https://legal.opera.com/terms
|
unknown
|
||
https://sun6-21.userapi.com/c236331/u5294803/docs/d24/3cad94b79c70/imgdrive_2_1.bmp?extra=KSt_51f-h8
|
unknown
|
||
https://carthewasher.net/bfdb39976dca392638e6450f1175fa96/cad54ba5b01423b1af8ec10ab5719d97.exe
|
unknown
|
||
https://help.opera.com/latest/
|
unknown
|
||
https://vk.com:80/doc5294803_668661395?hash=uQQoAVY7lWMuchlYkCFbK0P2SVazuAiimzHIh07ASrs&dl=WO5eZhu0J
|
unknown
|
||
https://policies.google.com/terms;
|
unknown
|
||
https://papi.vk.com/pushsse/ruim
|
unknown
|
||
https://baldurgatez.com/
|
unknown
|
||
http://www.indyproject.org/
|
unknown
|
||
https://meet.crazyfigs.top/style/060.exeb
|
unknown
|
||
https://yip.su/redirect-
|
unknown
|
||
http://localhost:3001api/prefs/?product=$1&version=$2..
|
unknown
|
||
https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new
|
unknown
|
||
https://starsmm.org/om/525403/setup.exer-end-point:R
|
unknown
|
||
https://www.opera.com/download/
|
unknown
|
||
https://login.vk.com/?act=logout&hash=ff5c930db01817b629&_origin=https%3A%2F%2Fvk.com&lrt=BDpxh3TFcr
|
unknown
|
||
https://meet.crazyfigs.top/:
|
unknown
|
||
https://vk.com
|
unknown
|
||
https://www.instagram.com
|
unknown
|
||
https://st6-22.vk.com/dist/web/common_web.4f7e5a9b.css
|
unknown
|
||
https://st6-22.vk.com/dist/web/chunks/palette.434ea2ce.js
|
unknown
|
||
http://www.avantbrowser.com)MOT-V9mm/
|
unknown
|
||
https://st6-22.vk.com/dist/web/docs.20074c02.css
|
unknown
|
||
https://st6-22.vk.com/dist/web/site_layout.f88780c8.js
|
unknown
|
||
https://cdn.discordapp.com/attachments/1088058556286251082/1111230812579450950/TsgVtmYNoFT.zipMozill
|
unknown
|
||
https://turnitin.com/robot/crawlerinfo.html)cannot
|
unknown
|
||
http://www.exabot.com/go/robot)Opera/9.80
|
unknown
|
||
http://www.innosetup.com
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
https://starsmm.org:80/
|
unknown
|
||
https://vk.com/doc5294803_668661395?hash=uQQoAVY7lWMuchlYkCFbK0P2SVazuAiimzHIh07ASrs&dl=WO5eZhu0JdqJ
|
unknown
|
||
https://crashstats-collector.opera.com/collector/submitNEB
|
unknown
|
||
https://gigachadfanclub.org/bfdb39976dca392638e6450f1175fa96/7725eaa6592c80f8124e769b4e8a07f7.exe4V
|
unknown
|
||
https://iplogger.org/privacy/
|
unknown
|
||
https://crashpad.chromium.org/
|
unknown
|
||
https://addons.opera.com/en/extensions/details/dify-cashback/
|
unknown
|
||
https://autoupdate.geo.opera.com/geolocation/
|
unknown
|
||
http://www.google.com/bot.html)crypto/ecdh:
|
unknown
|
||
https://crashstats-collector.opera.com/collector/submit
|
unknown
|
||
https://st6-22.vk.com/dist/web/page_layout.7b5800c2.js
|
unknown
|
||
https://st6-22.vk.com/dist/web/polyfills.isolated.edaffb7b.js
|
unknown
|
||
https://opera.com/privacy
|
unknown
|
||
http://www.spidersoft.com)
|
unknown
|
||
https://sun6-21.userapi.com/c909328/u5294803/docs/d54/8868a626addc/files.bmp?extra=4Jh-lFC-FBDEqT-xO
|
unknown
|
||
https://vk.com/0u0uDuw
|
unknown
|
||
https://gamemaker.io)
|
unknown
|
||
http://autoupdate-staging.services.ams.osa/v4/v5/netinstaller///windows/x64v2/Fetching
|
unknown
|
||
http://https://_bad_pdb_file.pdb
|
unknown
|
||
https://triedchicken.net:80/cad54ba5b01423b1af8ec10ab5719d97.exe
|
unknown
|
||
https://stats.vk-portal.net
|
unknown
|
||
http://5.42.65.64/download.php?pub=inte-J
|
unknown
|
||
https://st6-22.vk.com/dist/web/unauthorized.4bbc412d.js
|
unknown
|
||
https://st6-22.vk.com/css/al/fonts_utf.7fa94ada.css
|
unknown
|
||
https://r.mradx.net
|
unknown
|
||
http://www.google.com/feedfetcher.html)HKLM
|
unknown
|
||
https://baldurgatez.com/7725eaa6592c80f8124e769b4e8a07f7.exeUniverse
|
unknown
|
||
https://ipinfo.io/namehttps://ipgeolocation.io/status
|
unknown
|
||
https://st6-22.vk.com/dist/web/unauthorized.20074c02.css
|
unknown
|
||
https://blockchain.infoindex
|
unknown
|
||
https://gamemaker.io/en/get.
|
unknown
|
||
https://gamemaker.io
|
unknown
|
||
https://meet.crazyfigs.top/style/060.exez
|
unknown
|
||
https://jonathantwo.com
|
unknown
|
||
https://st6-22.vk.com/dist/web/raven_logger.ea0a2239.js
|
unknown
|
||
https://static.vk.me
|
unknown
|
||
http://www.alexa.com/help/webmasters;
|
unknown
|
||
https://st6-22.vk.com/dist/web/chunks/react.759f82b6.js
|
unknown
|
||
https://starsmm.org:80/Extension__Installer.exe
|
unknown
|
||
https://monoblocked.com/525403/setup.exe(
|
unknown
|
||
https://st6-22.vk.com
|
unknown
|
||
http://ocsp.sectigo.com0
|
unknown
|
||
https://crashpad.chromium.org/bug/new
|
unknown
|
||
https://iplogger.org/
|
unknown
|
||
http://google.com
|
unknown
|
||
https://carthewasher.net/
|
unknown
|
||
https://monoblocked.com/
|
unknown
|
||
https://st6-22.vk.com/dist/web/performance_observers.4d12f60f.js
|
unknown
|
||
https://cdn.ampproject.org
|
unknown
|
||
http://185.172.128.59/ISetup2.exe
|
unknown
|
||
https://management.core.usgovcloudapi.netGODEBUG
|
unknown
|
||
https://st6-22.vk.com/css/al/vk_sans_display_faux.7d208ecb.css
|
unknown
|
||
https://st6-22.vk.com/dist/web/likes.72a3dfff.js
|
unknown
|
||
https://monoblocked.com/525403/setup.exe
|
unknown
|
||
https://crashstats-collector.opera.com/collector/submit0x298
|
unknown
|
||
https://st6-22.vk.com/dist/web/chunks/vkui.bce4c996.js
|
unknown
|
||
https://triedchicken.net/B
|
unknown
|
||
https://st6-22.vk.com/dist/web/jobs_devtools_notification.14f96f02.js
|
unknown
|
||
https://st6-22.vk.com/dist/web/chunks/audioplayer-lib.93b52d88.css
|
unknown
|
||
http://svc.iolo.com/__svc/sbv/DownloadManager.ashx
|
unknown
|
||
https://st6-22.vk.com/dist/web/site_layout.20074c02.css
|
unknown
|
||
https://cdn.syndication.twimg.com
|
unknown
|
||
https://dev.vk.com
|
unknown
|
||
https://vk.com/browser_reports?de
|
unknown
|
||
https://st6-22.vk.com/dist/web/error_monitoring_classic.isolated.99143b54.js
|
unknown
|
||
https://st6-22.vk.com/dist/web/grip.0b3b493f.js
|
unknown
|
||
https://securepubads.g.doubleclick.net
|
unknown
|
||
https://monoblocked.com/525403/setup.exep
|
unknown
|
There are 90 hidden URLs, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
185.172.128.90
|
unknown
|
Russian Federation
|
||
34.117.186.192
|
unknown
|
United States
|
||
85.192.56.26
|
unknown
|
Russian Federation
|
||
37.221.125.202
|
unknown
|
Lithuania
|
||
193.233.132.175
|
unknown
|
Russian Federation
|
||
176.97.76.106
|
unknown
|
United Kingdom
|
||
37.228.108.133
|
unknown
|
Norway
|
||
37.228.108.132
|
unknown
|
Norway
|
||
185.172.128.59
|
unknown
|
Russian Federation
|
||
172.67.161.113
|
unknown
|
United States
|
||
185.66.90.243
|
unknown
|
Ukraine
|
||
172.67.132.113
|
unknown
|
United States
|
||
172.67.169.146
|
unknown
|
United States
|
||
104.21.79.77
|
unknown
|
United States
|
||
104.21.31.124
|
unknown
|
United States
|
||
95.142.206.2
|
unknown
|
Russian Federation
|
||
95.142.206.1
|
unknown
|
Russian Federation
|
||
104.21.63.150
|
unknown
|
United States
|
||
104.21.90.14
|
unknown
|
United States
|
||
104.21.37.250
|
unknown
|
United States
|
||
172.67.207.236
|
unknown
|
United States
|
||
172.67.169.89
|
unknown
|
United States
|
||
185.172.128.228
|
unknown
|
Russian Federation
|
||
172.67.176.131
|
unknown
|
United States
|
||
185.172.128.203
|
unknown
|
Russian Federation
|
||
104.21.5.28
|
unknown
|
United States
|
||
172.67.75.163
|
unknown
|
United States
|
||
93.186.225.194
|
unknown
|
Russian Federation
|
||
20.189.173.21
|
unknown
|
United States
|
||
5.42.66.10
|
unknown
|
Russian Federation
|
||
5.42.65.64
|
unknown
|
Russian Federation
|
||
172.67.19.24
|
unknown
|
United States
|
||
179.33.180.97
|
unknown
|
Colombia
|
||
107.167.110.218
|
unknown
|
United States
|
||
104.21.91.214
|
unknown
|
United States
|
||
107.167.110.216
|
unknown
|
United States
|
||
5.42.64.17
|
unknown
|
Russian Federation
|
||
107.167.110.211
|
unknown
|
United States
|
||
23.53.13.176
|
unknown
|
United States
|
||
45.130.41.108
|
unknown
|
Russian Federation
|
||
107.167.125.189
|
unknown
|
United States
|
There are 31 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
|
EnableLUA
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions
|
Exclusions_Extensions
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Exclusions\Extensions
|
exe
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableAntiSpyware
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender
|
DisableRoutinelyTakingAction
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableOnAccessProtection
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableIOAVProtection
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{C2D6C799-1878-4A10-AE0B-BB0304219A47}Machine\SOFTWARE\Policies\Microsoft\Windows
Defender\Real-Time Protection
|
DisableRawWriteNotification
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance
|
Enabled
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASAPI32
|
FileDirectory
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CasPol_RASMANCS
|
FileDirectory
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
ProgramId
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
FileId
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
LowerCaseLongPath
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
LongPathHash
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Name
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
OriginalFileName
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Publisher
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Version
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
BinFileVersion
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
BinaryType
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
ProductName
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
ProductVersion
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
LinkDate
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
BinProductVersion
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
AppxPackageFullName
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
AppxPackageRelativeId
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Size
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Language
|
||
\REGISTRY\A\{f5a52765-31f6-7d5e-b9b9-186f2ce4fe30}\Root\InventoryApplicationFile\securiteinfo.com|6e690a07d8ff6518
|
Usn
|
||
HKEY_CURRENT_USER\SOFTWARE\BroomCleaner
|
Installed
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
|
C:\
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
There are 43 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
843000
|
unkown
|
page execute and read and write
|
||
1E7B80B0000
|
trusted library allocation
|
page read and write
|
||
843000
|
unkown
|
page execute and read and write
|
||
843000
|
unkown
|
page execute and read and write
|
||
3966C000
|
direct allocation
|
page read and write
|
||
8F8497E000
|
stack
|
page read and write
|
||
1C316095000
|
heap
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
1C315F90000
|
heap
|
page read and write
|
||
4BAF000
|
heap
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
347F000
|
stack
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
42344000
|
direct allocation
|
page read and write
|
||
1C315F70000
|
heap
|
page read and write
|
||
25AB2E92000
|
heap
|
page read and write
|
||
4E444000
|
direct allocation
|
page read and write
|
||
1E7B7AD0000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
2DC0000
|
heap
|
page read and write
|
||
25AB2C80000
|
heap
|
page read and write
|
||
18D759F0000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
33244000
|
direct allocation
|
page read and write
|
||
1C315F86000
|
heap
|
page read and write
|
||
1C315F83000
|
heap
|
page read and write
|
||
1200000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
18D758F0000
|
heap
|
page read and write
|
||
1C315F8D000
|
heap
|
page read and write
|
||
2D80000
|
heap
|
page read and write
|
||
1C315F46000
|
heap
|
page read and write
|
||
1C315F4E000
|
heap
|
page read and write
|
||
1188000
|
stack
|
page read and write
|
||
1C315F79000
|
heap
|
page read and write
|
||
44A000
|
unkown
|
page readonly
|
||
1C315F9F000
|
heap
|
page read and write
|
||
B9F937E000
|
unkown
|
page readonly
|
||
3F1000
|
unkown
|
page execute read
|
||
4F7C000
|
stack
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
13CB000
|
heap
|
page read and write
|
||
3A2F000
|
unkown
|
page readonly
|
||
2FE4000
|
heap
|
page read and write
|
||
7FF7897C1000
|
unkown
|
page readonly
|
||
1C316071000
|
heap
|
page read and write
|
||
8F8439F000
|
stack
|
page read and write
|
||
55260000
|
direct allocation
|
page read and write
|
||
3E4E000
|
heap
|
page read and write
|
||
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
108C000
|
stack
|
page read and write
|
||
1C31676D000
|
heap
|
page read and write
|
||
2F9E000
|
stack
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
1C315F94000
|
heap
|
page read and write
|
||
1780000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
7FF6A1463000
|
unkown
|
page readonly
|
||
1C31674D000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
CFC7FC000
|
stack
|
page read and write
|
||
F15000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
F81000
|
unkown
|
page execute read
|
||
495000
|
heap
|
page read and write
|
||
34DC000
|
trusted library allocation
|
page read and write
|
||
4B1F000
|
stack
|
page read and write
|
||
F4A000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
3967C000
|
direct allocation
|
page read and write
|
||
ACB000
|
heap
|
page read and write
|
||
1C315E64000
|
heap
|
page read and write
|
||
B7000
|
unkown
|
page readonly
|
||
1565000
|
heap
|
page read and write
|
||
1E7B7BE0000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
B9F8A7E000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
42338000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4E490000
|
direct allocation
|
page read and write
|
||
30FE000
|
unkown
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
F30000
|
heap
|
page read and write
|
||
2F0E000
|
heap
|
page read and write
|
||
8F84D7C000
|
stack
|
page read and write
|
||
56F20000
|
direct allocation
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
AD7000
|
heap
|
page read and write
|
||
F30000
|
heap
|
page read and write
|
||
5526C000
|
direct allocation
|
page read and write
|
||
F80000
|
unkown
|
page readonly
|
||
6BACE000
|
unkown
|
page read and write
|
||
3C70000
|
heap
|
page read and write
|
||
70000
|
unkown
|
page readonly
|
||
1C315F9B000
|
heap
|
page read and write
|
||
7FF7EC041000
|
unkown
|
page readonly
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C316914000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
41A000
|
unkown
|
page readonly
|
||
1E7B5FA0000
|
trusted library allocation
|
page read and write
|
||
1C315F78000
|
heap
|
page read and write
|
||
109E000
|
stack
|
page read and write
|
||
3A7C000
|
heap
|
page read and write
|
||
15AB000
|
trusted library allocation
|
page execute and read and write
|
||
7FF7EB722000
|
unkown
|
page read and write
|
||
B90B7FB000
|
stack
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
7FF6A0F91000
|
unkown
|
page write copy
|
||
30FE000
|
unkown
|
page read and write
|
||
840000
|
unkown
|
page execute and read and write
|
||
C00000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
B90AEFE000
|
stack
|
page read and write
|
||
6B700000
|
unkown
|
page readonly
|
||
1C315E6A000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C316201000
|
heap
|
page read and write
|
||
1C316079000
|
heap
|
page read and write
|
||
F46000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
304F000
|
stack
|
page read and write
|
||
1C3160A4000
|
heap
|
page read and write
|
||
2E838000
|
direct allocation
|
page read and write
|
||
7FF7EB719000
|
unkown
|
page read and write
|
||
6BABA000
|
unkown
|
page write copy
|
||
420000
|
unkown
|
page write copy
|
||
328E000
|
stack
|
page read and write
|
||
1C31637C000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C315E60000
|
heap
|
page read and write
|
||
1360000
|
heap
|
page read and write
|
||
552C0000
|
direct allocation
|
page read and write
|
||
1C315F85000
|
heap
|
page read and write
|
||
2E7E000
|
stack
|
page read and write
|
||
F4F000
|
heap
|
page read and write
|
||
1C315FF2000
|
heap
|
page read and write
|
||
1C3168EC000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
130A000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
34CF000
|
stack
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
1C316293000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
7FF788CC1000
|
unkown
|
page execute read
|
||
88DB7AE000
|
stack
|
page read and write
|
||
5420000
|
heap
|
page read and write
|
||
6BABB000
|
unkown
|
page read and write
|
||
1C316B45000
|
heap
|
page read and write
|
||
D11000
|
unkown
|
page execute read
|
||
41A000
|
unkown
|
page readonly
|
||
12C2000
|
trusted library allocation
|
page read and write
|
||
55240000
|
direct allocation
|
page read and write
|
||
1E7B61F0000
|
heap
|
page read and write
|
||
76C000
|
stack
|
page read and write
|
||
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
44A000
|
unkown
|
page readonly
|
||
30FF000
|
unkown
|
page readonly
|
||
C5000
|
unkown
|
page read and write
|
||
1C315DD0000
|
trusted library allocation
|
page read and write
|
||
1C315E9B000
|
heap
|
page read and write
|
||
49F0000
|
heap
|
page read and write
|
||
1C315E87000
|
heap
|
page read and write
|
||
1C315F4E000
|
heap
|
page read and write
|
||
251A41C0000
|
remote allocation
|
page read and write
|
||
F5D000
|
stack
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
1E7B79D0000
|
heap
|
page read and write
|
||
2F9A000
|
heap
|
page read and write
|
||
1C31662D000
|
heap
|
page read and write
|
||
2F1E000
|
heap
|
page execute and read and write
|
||
1C31637D000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
7D0000
|
heap
|
page read and write
|
||
1C315F86000
|
heap
|
page read and write
|
||
1C316228000
|
heap
|
page read and write
|
||
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
F46000
|
heap
|
page read and write
|
||
13C7000
|
unkown
|
page write copy
|
||
4A10000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C315E92000
|
heap
|
page read and write
|
||
F70000
|
unkown
|
page readonly
|
||
1C315F82000
|
heap
|
page read and write
|
||
1C316EFB000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
2F8C000
|
stack
|
page read and write
|
||
56E38000
|
direct allocation
|
page read and write
|
||
7FF788EA5000
|
unkown
|
page readonly
|
||
1C315F9B000
|
heap
|
page read and write
|
||
7FF7EC08B000
|
unkown
|
page readonly
|
||
7FF6A0BA6000
|
unkown
|
page execute read
|
||
F40000
|
heap
|
page read and write
|
||
7FFD9B95B000
|
trusted library allocation
|
page read and write
|
||
42300000
|
direct allocation
|
page read and write
|
||
552B0000
|
direct allocation
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
1E7B7A29000
|
heap
|
page read and write
|
||
DC5000
|
heap
|
page read and write
|
||
E60000
|
heap
|
page read and write
|
||
251A4241000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
2F0E000
|
stack
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
18D76080000
|
trusted library allocation
|
page read and write
|
||
1C3168D2000
|
heap
|
page read and write
|
||
EC5000
|
heap
|
page read and write
|
||
55224000
|
direct allocation
|
page read and write
|
||
1C315F86000
|
heap
|
page read and write
|
||
1C315FF5000
|
heap
|
page read and write
|
||
17B0000
|
trusted library allocation
|
page read and write
|
||
4E40C000
|
direct allocation
|
page read and write
|
||
2E904000
|
direct allocation
|
page read and write
|
||
2ADB000
|
stack
|
page read and write
|
||
2D60000
|
heap
|
page read and write
|
||
42238000
|
direct allocation
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
1C315F83000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
1C316731000
|
heap
|
page read and write
|
||
BBB000
|
stack
|
page read and write
|
||
1E7B6001000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
251A4180000
|
heap
|
page read and write
|
||
F46000
|
heap
|
page read and write
|
||
B9F917E000
|
unkown
|
page readonly
|
||
F32000
|
heap
|
page read and write
|
||
30FF000
|
stack
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
1C315F7C000
|
heap
|
page read and write
|
||
1548000
|
heap
|
page read and write
|
||
518E000
|
stack
|
page read and write
|
||
E91000
|
heap
|
page read and write
|
||
1E7B60AD000
|
heap
|
page read and write
|
||
1C316E92000
|
heap
|
page read and write
|
||
B90AFFF000
|
stack
|
page read and write
|
||
1C31606C000
|
heap
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
324E000
|
heap
|
page read and write
|
||
2E30000
|
heap
|
page read and write
|
||
5525C000
|
direct allocation
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
CFC0CB000
|
stack
|
page read and write
|
||
68F0000
|
heap
|
page read and write
|
||
6A711000
|
unkown
|
page execute read
|
||
25AB2E3A000
|
heap
|
page read and write
|
||
251A4302000
|
heap
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
2CBE000
|
stack
|
page read and write
|
||
7F0000
|
heap
|
page read and write
|
||
7FF6A09B0000
|
unkown
|
page readonly
|
||
427000
|
unkown
|
page readonly
|
||
4E46C000
|
direct allocation
|
page read and write
|
||
25AB2E13000
|
unkown
|
page read and write
|
||
204E000
|
heap
|
page read and write
|
||
575E000
|
heap
|
page read and write
|
||
1BB000
|
stack
|
page read and write
|
||
3F0000
|
unkown
|
page readonly
|
||
1C315FAB000
|
heap
|
page read and write
|
||
7FF6A0F92000
|
unkown
|
page execute read
|
||
1C315E64000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
4231C000
|
direct allocation
|
page read and write
|
||
33240000
|
direct allocation
|
page read and write
|
||
7FF7EBB21000
|
unkown
|
page read and write
|
||
3567000
|
trusted library allocation
|
page read and write
|
||
1C31606C000
|
heap
|
page read and write
|
||
1C316094000
|
heap
|
page read and write
|
||
1C316077000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
FDA000
|
unkown
|
page readonly
|
||
18D75A2B000
|
heap
|
page read and write
|
||
7FFD9B973000
|
trusted library allocation
|
page read and write
|
||
1C315E84000
|
heap
|
page read and write
|
||
1C31604E000
|
heap
|
page read and write
|
||
12A4000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
ECC000
|
stack
|
page read and write
|
||
3016000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
33224000
|
direct allocation
|
page read and write
|
||
1C31637D000
|
heap
|
page read and write
|
||
2DF5000
|
heap
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
2E0E000
|
stack
|
page read and write
|
||
71000
|
unkown
|
page execute read
|
||
42350000
|
direct allocation
|
page read and write
|
||
1C315F82000
|
heap
|
page read and write
|
||
C40000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4B60000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
7FF788CC0000
|
unkown
|
page readonly
|
||
318F000
|
stack
|
page read and write
|
||
37BF000
|
stack
|
page read and write
|
||
124E000
|
stack
|
page read and write
|
||
2D00000
|
heap
|
page read and write
|
||
7FF7892A1000
|
unkown
|
page read and write
|
||
4B0000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
1C315F61000
|
heap
|
page read and write
|
||
207B5844000
|
heap
|
page read and write
|
||
F3E000
|
heap
|
page read and write
|
||
56F04000
|
direct allocation
|
page read and write
|
||
3583000
|
trusted library allocation
|
page read and write
|
||
1C31631D000
|
heap
|
page read and write
|
||
F57000
|
heap
|
page read and write
|
||
1C315F8D000
|
heap
|
page read and write
|
||
55BC000
|
stack
|
page read and write
|
||
7FF4CFFD0000
|
trusted library allocation
|
page execute and read and write
|
||
1C315EC3000
|
heap
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
39601000
|
direct allocation
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
1C316008000
|
heap
|
page read and write
|
||
1C315F3F000
|
heap
|
page read and write
|
||
5840000
|
heap
|
page read and write
|
||
12D8000
|
heap
|
page read and write
|
||
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
4C7000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
1C31602A000
|
heap
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
3170000
|
heap
|
page read and write
|
||
C40000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
19C000
|
stack
|
page read and write
|
||
1C3172D9000
|
heap
|
page read and write
|
||
F38000
|
heap
|
page read and write
|
||
1C316024000
|
heap
|
page read and write
|
||
3325C000
|
direct allocation
|
page read and write
|
||
AF4000
|
stack
|
page read and write
|
||
41B000
|
unkown
|
page readonly
|
||
BB000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
7FF7EB725000
|
unkown
|
page readonly
|
||
1E7B5F50000
|
heap
|
page read and write
|
||
25AB2D80000
|
trusted library allocation
|
page read and write
|
||
E67000
|
heap
|
page read and write
|
||
33260000
|
direct allocation
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
165C000
|
stack
|
page read and write
|
||
1C31675A000
|
heap
|
page read and write
|
||
1F2BE3A0000
|
heap
|
page read and write
|
||
42304000
|
direct allocation
|
page read and write
|
||
1C315DD0000
|
trusted library allocation
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
22435F0E000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1C31664C000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
EF2000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
8F84A79000
|
stack
|
page read and write
|
||
1C315F4B000
|
heap
|
page read and write
|
||
21172B30000
|
heap
|
page read and write
|
||
1C31637C000
|
heap
|
page read and write
|
||
2F60000
|
heap
|
page read and write
|
||
F40000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
1C316B12000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
EAB000
|
heap
|
page read and write
|
||
437000
|
unkown
|
page readonly
|
||
1C315E97000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
330B8000
|
direct allocation
|
page read and write
|
||
7FFD9B981000
|
trusted library allocation
|
page read and write
|
||
33254000
|
direct allocation
|
page read and write
|
||
1E7B602B000
|
heap
|
page read and write
|
||
2ED0000
|
direct allocation
|
page execute and read and write
|
||
775000
|
unkown
|
page write copy
|
||
1C31605D000
|
heap
|
page read and write
|
||
3327C000
|
direct allocation
|
page read and write
|
||
10EE000
|
stack
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
26EB8000
|
direct allocation
|
page read and write
|
||
1E7C7EA7000
|
trusted library allocation
|
page read and write
|
||
11E0000
|
heap
|
page read and write
|
||
1E7B5FCC000
|
heap
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
1C315E64000
|
heap
|
page read and write
|
||
33214000
|
direct allocation
|
page read and write
|
||
1E7B7D9A000
|
trusted library allocation
|
page read and write
|
||
4E480000
|
direct allocation
|
page read and write
|
||
1E7B5D40000
|
unkown
|
page readonly
|
||
9C000
|
stack
|
page read and write
|
||
1C31629B000
|
heap
|
page read and write
|
||
6BAB9000
|
unkown
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
4B20000
|
heap
|
page read and write
|
||
1E7B5FED000
|
heap
|
page read and write
|
||
2E0C000
|
stack
|
page read and write
|
||
251A4200000
|
heap
|
page read and write
|
||
319E000
|
stack
|
page read and write
|
||
1C315F90000
|
heap
|
page read and write
|
||
130E000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
8F84C7E000
|
stack
|
page read and write
|
||
980000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
2034000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
2DF0000
|
heap
|
page read and write
|
||
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
F31000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
1C316ED8000
|
heap
|
page read and write
|
||
1C31662C000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
2D50000
|
heap
|
page read and write
|
||
1C314147000
|
heap
|
page read and write
|
||
1C316073000
|
heap
|
page read and write
|
||
FC7000
|
unkown
|
page readonly
|
||
25AB2E8A000
|
heap
|
page read and write
|
||
25AB2E38000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
1C315E5C000
|
heap
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
9C000
|
stack
|
page read and write
|
||
1C315E52000
|
heap
|
page read and write
|
||
1540000
|
heap
|
page read and write
|
||
7FF789773000
|
unkown
|
page readonly
|
||
CFC000
|
stack
|
page read and write
|
||
516000
|
heap
|
page read and write
|
||
1C315E8D000
|
heap
|
page read and write
|
||
B83000
|
heap
|
page read and write
|
||
1C31608B000
|
heap
|
page read and write
|
||
12A3000
|
trusted library allocation
|
page execute and read and write
|
||
FB5000
|
unkown
|
page write copy
|
||
823000
|
unkown
|
page read and write
|
||
7FF7EBB21000
|
unkown
|
page write copy
|
||
207B5780000
|
trusted library allocation
|
page read and write
|
||
B7000
|
unkown
|
page readonly
|
||
5509000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1290000
|
trusted library allocation
|
page read and write
|
||
1EA4000
|
heap
|
page read and write
|
||
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
1C315FB3000
|
heap
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
A71000
|
heap
|
page read and write
|
||
5856000
|
heap
|
page read and write
|
||
1C315F69000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C315E57000
|
heap
|
page read and write
|
||
12C0000
|
trusted library allocation
|
page read and write
|
||
1C316094000
|
heap
|
page read and write
|
||
F61000
|
unkown
|
page execute read
|
||
41A000
|
unkown
|
page readonly
|
||
1C315E9B000
|
heap
|
page read and write
|
||
26E0C000
|
direct allocation
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
1C316DA4000
|
heap
|
page read and write
|
||
463000
|
unkown
|
page read and write
|
||
33AE000
|
heap
|
page read and write
|
||
7FF7EB540000
|
unkown
|
page readonly
|
||
33201000
|
direct allocation
|
page read and write
|
||
1C315DD0000
|
trusted library allocation
|
page read and write
|
||
620000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
2E60000
|
direct allocation
|
page execute and read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
3280000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
1670000
|
heap
|
page read and write
|
||
F70000
|
unkown
|
page readonly
|
||
2F00000
|
heap
|
page read and write
|
||
2FC0000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
720000
|
unkown
|
page readonly
|
||
1C315F81000
|
heap
|
page read and write
|
||
1C315F7F000
|
heap
|
page read and write
|
||
FBA000
|
unkown
|
page readonly
|
||
1C315E4A000
|
heap
|
page read and write
|
||
3C75000
|
heap
|
page read and write
|
||
9DD000
|
stack
|
page read and write
|
||
721000
|
unkown
|
page execute read
|
||
B90ABFE000
|
stack
|
page read and write
|
||
33100000
|
direct allocation
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
55204000
|
direct allocation
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
54E4000
|
heap
|
page read and write
|
||
2B1C000
|
stack
|
page read and write
|
||
26E04000
|
direct allocation
|
page read and write
|
||
25AB3000000
|
heap
|
page read and write
|
||
1C316EB2000
|
heap
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
12B0000
|
trusted library allocation
|
page read and write
|
||
310F000
|
stack
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C31629B000
|
heap
|
page read and write
|
||
AFD000
|
stack
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
18D75A00000
|
heap
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
3968C000
|
direct allocation
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1677000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
3064000
|
heap
|
page read and write
|
||
F2B000
|
heap
|
page read and write
|
||
25AB2E2B000
|
heap
|
page read and write
|
||
324A000
|
heap
|
page read and write
|
||
123C000
|
stack
|
page read and write
|
||
7FF7892A2000
|
unkown
|
page execute read
|
||
1C315FA3000
|
heap
|
page read and write
|
||
1C315E6D000
|
heap
|
page read and write
|
||
1EA0000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
6AAE3000
|
unkown
|
page execute read
|
||
3110000
|
heap
|
page read and write
|
||
402000
|
remote allocation
|
page execute and read and write
|
||
1C316079000
|
heap
|
page read and write
|
||
21172B88000
|
heap
|
page read and write
|
||
77A000
|
unkown
|
page readonly
|
||
58F0000
|
direct allocation
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
4E401000
|
direct allocation
|
page read and write
|
||
533E000
|
stack
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C315F85000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
77A000
|
unkown
|
page readonly
|
||
1C31605D000
|
heap
|
page read and write
|
||
55270000
|
direct allocation
|
page read and write
|
||
6AADE000
|
unkown
|
page read and write
|
||
4235C000
|
direct allocation
|
page read and write
|
||
4C0000
|
heap
|
page read and write
|
||
4A10000
|
direct allocation
|
page read and write
|
||
445000
|
unkown
|
page read and write
|
||
552A4000
|
direct allocation
|
page read and write
|
||
1C316D60000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
FC5000
|
unkown
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
F4F000
|
stack
|
page read and write
|
||
173F000
|
stack
|
page read and write
|
||
1C315FA3000
|
heap
|
page read and write
|
||
33104000
|
direct allocation
|
page read and write
|
||
1F2BC9D0000
|
heap
|
page read and write
|
||
33AA000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
1E7B5E00000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
AAB000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
4E434000
|
direct allocation
|
page read and write
|
||
4E4A0000
|
direct allocation
|
page read and write
|
||
1C315F70000
|
heap
|
page read and write
|
||
12FA000
|
heap
|
page read and write
|
||
1C315F47000
|
heap
|
page read and write
|
||
7FF7EBFF3000
|
unkown
|
page readonly
|
||
1C315EC5000
|
heap
|
page read and write
|
||
39690000
|
direct allocation
|
page read and write
|
||
1C315F85000
|
heap
|
page read and write
|
||
F10000
|
remote allocation
|
page read and write
|
||
70000
|
unkown
|
page readonly
|
||
ACC000
|
heap
|
page read and write
|
||
1050000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
F1B000
|
stack
|
page read and write
|
||
463000
|
unkown
|
page read and write
|
||
8F8467F000
|
stack
|
page read and write
|
||
1E7B7A51000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
1C316073000
|
heap
|
page read and write
|
||
1E7C7CD1000
|
trusted library allocation
|
page read and write
|
||
19B000
|
stack
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
6BAD3000
|
unkown
|
page execute read
|
||
1C315F8D000
|
heap
|
page read and write
|
||
C77000
|
unkown
|
page execute and read and write
|
||
1807000
|
heap
|
page read and write
|
||
1E7B7A80000
|
heap
|
page read and write
|
||
302E000
|
stack
|
page read and write
|
||
4E404000
|
direct allocation
|
page read and write
|
||
F43000
|
heap
|
page read and write
|
||
1C315E59000
|
heap
|
page read and write
|
||
E4D000
|
stack
|
page read and write
|
||
1E7B6004000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
B9F927E000
|
stack
|
page read and write
|
||
1C315E6A000
|
heap
|
page read and write
|
||
76B000
|
stack
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
1C315E60000
|
heap
|
page read and write
|
||
1C31631D000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
4E4B0000
|
direct allocation
|
page read and write
|
||
2030000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
1E7B5F20000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
EFD000
|
heap
|
page read and write
|
||
2DC5000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
5522C000
|
direct allocation
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
1C315F86000
|
heap
|
page read and write
|
||
1C315EB6000
|
heap
|
page read and write
|
||
313A000
|
heap
|
page read and write
|
||
7FFD9B91C000
|
trusted library allocation
|
page read and write
|
||
C25000
|
heap
|
page read and write
|
||
B85000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
2D60000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C315F81000
|
heap
|
page read and write
|
||
7FF7EBFF3000
|
unkown
|
page readonly
|
||
3962C000
|
direct allocation
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
1C316629000
|
heap
|
page read and write
|
||
396A0000
|
direct allocation
|
page read and write
|
||
1F2BCA1E000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
F4F000
|
heap
|
page read and write
|
||
2B30000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
4650000
|
remote allocation
|
page read and write
|
||
1C315F85000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C315F7C000
|
heap
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
1C315F45000
|
heap
|
page read and write
|
||
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
30FE000
|
unkown
|
page read and write
|
||
445000
|
unkown
|
page write copy
|
||
EC4000
|
heap
|
page read and write
|
||
1C315F3D000
|
heap
|
page read and write
|
||
3240000
|
heap
|
page read and write
|
||
B9F907E000
|
stack
|
page read and write
|
||
55280000
|
direct allocation
|
page read and write
|
||
5DCB000
|
stack
|
page read and write
|
||
B90AAFE000
|
stack
|
page read and write
|
||
6BA33000
|
unkown
|
page readonly
|
||
14CF000
|
stack
|
page read and write
|
||
FCA000
|
unkown
|
page readonly
|
||
42360000
|
direct allocation
|
page read and write
|
||
1C316DD6000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
1C316079000
|
heap
|
page read and write
|
||
B90ACFD000
|
stack
|
page read and write
|
||
207B5800000
|
heap
|
page read and write
|
||
1C315F7D000
|
heap
|
page read and write
|
||
6214000
|
heap
|
page read and write
|
||
7FF79CF41000
|
unkown
|
page write copy
|
||
840000
|
unkown
|
page execute and read and write
|
||
1E7C7CD7000
|
trusted library allocation
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
B9F8F7E000
|
unkown
|
page readonly
|
||
207B5822000
|
heap
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
2F5E000
|
stack
|
page read and write
|
||
2043000
|
heap
|
page read and write
|
||
26E14000
|
direct allocation
|
page read and write
|
||
5527C000
|
direct allocation
|
page read and write
|
||
1C316228000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
2F90000
|
heap
|
page read and write
|
||
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
34A1000
|
trusted library allocation
|
page read and write
|
||
327E000
|
stack
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
33290000
|
direct allocation
|
page read and write
|
||
1E7B5FB3000
|
trusted library allocation
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
25AB3102000
|
heap
|
page read and write
|
||
2FEE000
|
stack
|
page read and write
|
||
1C316021000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page execute and read and write
|
||
56FC000
|
stack
|
page read and write
|
||
7FF789773000
|
unkown
|
page readonly
|
||
1C31764B000
|
heap
|
page read and write
|
||
300F000
|
stack
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
7FF788E99000
|
unkown
|
page read and write
|
||
F34000
|
heap
|
page read and write
|
||
767000
|
unkown
|
page readonly
|
||
F81000
|
unkown
|
page execute read
|
||
1C315F85000
|
heap
|
page read and write
|
||
2D3E000
|
unkown
|
page read and write
|
||
33038000
|
direct allocation
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
B90A9FE000
|
stack
|
page read and write
|
||
2F40000
|
heap
|
page read and write
|
||
1C316782000
|
heap
|
page read and write
|
||
3322C000
|
direct allocation
|
page read and write
|
||
46B8000
|
heap
|
page read and write
|
||
767000
|
unkown
|
page readonly
|
||
1C316035000
|
heap
|
page read and write
|
||
FC7000
|
unkown
|
page readonly
|
||
1C315F8D000
|
heap
|
page read and write
|
||
70000
|
unkown
|
page readonly
|
||
1C315E58000
|
heap
|
page read and write
|
||
7FF7892A1000
|
unkown
|
page write copy
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
25AB2E4D000
|
heap
|
page read and write
|
||
B90B0FD000
|
stack
|
page read and write
|
||
251A41C0000
|
remote allocation
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
840000
|
unkown
|
page execute and read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C315E9B000
|
heap
|
page read and write
|
||
315F000
|
stack
|
page read and write
|
||
B70000
|
heap
|
page read and write
|
||
1C317103000
|
heap
|
page read and write
|
||
1C316026000
|
heap
|
page read and write
|
||
1C316233000
|
heap
|
page read and write
|
||
56EC0000
|
direct allocation
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
7FF6A14B1000
|
unkown
|
page readonly
|
||
B68000
|
heap
|
page read and write
|
||
547E000
|
stack
|
page read and write
|
||
152C000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
8F8477A000
|
stack
|
page read and write
|
||
1C315FB3000
|
heap
|
page read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
33A0000
|
heap
|
page read and write
|
||
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
F80000
|
unkown
|
page readonly
|
||
2F57000
|
heap
|
page read and write
|
||
2E8C0000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4B50000
|
heap
|
page read and write
|
||
AD1000
|
heap
|
page read and write
|
||
1C315F49000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
552B8000
|
direct allocation
|
page read and write
|
||
367F000
|
stack
|
page read and write
|
||
1C316077000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
4930000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
4E4C8000
|
direct allocation
|
page read and write
|
||
17F0000
|
trusted library allocation
|
page read and write
|
||
FCA000
|
unkown
|
page readonly
|
||
1C31664D000
|
heap
|
page read and write
|
||
3B06DFF000
|
stack
|
page read and write
|
||
9CB000
|
stack
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
88DB6AC000
|
stack
|
page read and write
|
||
2CF0000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
1C315EBB000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
AD1000
|
heap
|
page read and write
|
||
1C315F69000
|
heap
|
page read and write
|
||
22435E70000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
F6B000
|
stack
|
page read and write
|
||
42360000
|
direct allocation
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
995000
|
heap
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
1E7CFD00000
|
trusted library allocation
|
page read and write
|
||
1C3169C7000
|
heap
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
55214000
|
direct allocation
|
page read and write
|
||
2EE0000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
4A10000
|
heap
|
page read and write
|
||
4E460000
|
direct allocation
|
page read and write
|
||
22435E90000
|
heap
|
page read and write
|
||
1C315FA3000
|
heap
|
page read and write
|
||
7FF78980B000
|
unkown
|
page readonly
|
||
F71000
|
unkown
|
page execute read
|
||
ACAF6FF000
|
stack
|
page read and write
|
||
F81000
|
unkown
|
page execute read
|
||
116C000
|
stack
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
26E2C000
|
direct allocation
|
page read and write
|
||
18D76202000
|
trusted library allocation
|
page read and write
|
||
F2B000
|
heap
|
page read and write
|
||
497C000
|
stack
|
page read and write
|
||
1C315F3A000
|
heap
|
page read and write
|
||
1C315F4B000
|
heap
|
page read and write
|
||
18D75A02000
|
heap
|
page read and write
|
||
5140000
|
heap
|
page read and write
|
||
3326C000
|
direct allocation
|
page read and write
|
||
B9F8E7E000
|
stack
|
page read and write
|
||
3A2F000
|
unkown
|
page readonly
|
||
1C315F82000
|
heap
|
page read and write
|
||
CCC000
|
stack
|
page read and write
|
||
3110000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
B40000
|
heap
|
page read and write
|
||
30FE000
|
unkown
|
page read and write
|
||
7FF7EB541000
|
unkown
|
page execute read
|
||
1C3162E7000
|
heap
|
page read and write
|
||
1E7B60CF000
|
heap
|
page read and write
|
||
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
3A2D000
|
unkown
|
page execute and write copy
|
||
1C315F74000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
1E7B79C0000
|
heap
|
page execute and read and write
|
||
427000
|
unkown
|
page readonly
|
||
1C31605D000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
F38000
|
heap
|
page read and write
|
||
4ED000
|
heap
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
15A7000
|
trusted library allocation
|
page execute and read and write
|
||
3110000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
30FF000
|
unkown
|
page readonly
|
||
7FF7EB736000
|
unkown
|
page execute read
|
||
1C316073000
|
heap
|
page read and write
|
||
B90B2FD000
|
stack
|
page read and write
|
||
FC7000
|
unkown
|
page readonly
|
||
1C316035000
|
heap
|
page read and write
|
||
25AB3113000
|
heap
|
page read and write
|
||
1C31629B000
|
heap
|
page read and write
|
||
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C31606B000
|
heap
|
page read and write
|
||
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
2FD0000
|
heap
|
page read and write
|
||
1E7B6036000
|
heap
|
page read and write
|
||
552D8000
|
direct allocation
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1C31664A000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
36BE000
|
stack
|
page read and write
|
||
1E7B7CD1000
|
trusted library allocation
|
page read and write
|
||
FC7000
|
unkown
|
page readonly
|
||
1100000
|
heap
|
page read and write
|
||
33270000
|
direct allocation
|
page read and write
|
||
2F9E000
|
heap
|
page read and write
|
||
1C315F3F000
|
heap
|
page read and write
|
||
F80000
|
unkown
|
page readonly
|
||
2D3E000
|
unkown
|
page read and write
|
||
1F2BCA08000
|
heap
|
page read and write
|
||
1C315FFD000
|
heap
|
page read and write
|
||
318F000
|
stack
|
page read and write
|
||
195000
|
stack
|
page read and write
|
||
13C6000
|
unkown
|
page read and write
|
||
2F00000
|
heap
|
page read and write
|
||
1C315E54000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C315EA4000
|
heap
|
page read and write
|
||
1C315E84000
|
heap
|
page read and write
|
||
1C31631D000
|
heap
|
page read and write
|
||
1C316001000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C315F85000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
FD5000
|
unkown
|
page write copy
|
||
1C315F7F000
|
heap
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
1C316077000
|
heap
|
page read and write
|
||
1660000
|
trusted library allocation
|
page execute and read and write
|
||
25AB3002000
|
heap
|
page read and write
|
||
4D40000
|
heap
|
page execute and read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
1C315F80000
|
heap
|
page read and write
|
||
1E7B5F00000
|
heap
|
page read and write
|
||
55234000
|
direct allocation
|
page read and write
|
||
8F84A7E000
|
stack
|
page read and write
|
||
D10000
|
unkown
|
page readonly
|
||
1C315E60000
|
heap
|
page read and write
|
||
4AA4000
|
heap
|
page read and write
|
||
FC5000
|
unkown
|
page write copy
|
||
1C315F7F000
|
heap
|
page read and write
|
||
56EC0000
|
direct allocation
|
page read and write
|
||
463000
|
unkown
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C315F49000
|
heap
|
page read and write
|
||
39654000
|
direct allocation
|
page read and write
|
||
721000
|
unkown
|
page execute read
|
||
12D0000
|
heap
|
page read and write
|
||
2E920000
|
direct allocation
|
page read and write
|
||
490000
|
heap
|
page read and write
|
||
A10000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
2D3F000
|
unkown
|
page readonly
|
||
1C31631D000
|
heap
|
page read and write
|
||
2D60000
|
heap
|
page read and write
|
||
4E4D8000
|
direct allocation
|
page read and write
|
||
5A80000
|
direct allocation
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
2D50000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
1C315FAB000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
8F8431D000
|
stack
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4A38000
|
heap
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
1C316079000
|
heap
|
page read and write
|
||
1C315E5B000
|
heap
|
page read and write
|
||
4E470000
|
direct allocation
|
page read and write
|
||
314E000
|
stack
|
page read and write
|
||
1C315E6C000
|
heap
|
page read and write
|
||
FA7000
|
unkown
|
page readonly
|
||
1C316035000
|
heap
|
page read and write
|
||
F2B000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
6730000
|
heap
|
page read and write
|
||
1C315EAE000
|
heap
|
page read and write
|
||
1C31608C000
|
heap
|
page read and write
|
||
1C315E6B000
|
heap
|
page read and write
|
||
1C315F65000
|
heap
|
page read and write
|
||
3965C000
|
direct allocation
|
page read and write
|
||
2F10000
|
heap
|
page read and write
|
||
2D3F000
|
unkown
|
page readonly
|
||
1C315E6A000
|
heap
|
page read and write
|
||
4650000
|
remote allocation
|
page read and write
|
||
2EDE000
|
stack
|
page read and write
|
||
7D0000
|
heap
|
page read and write
|
||
1C315F80000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
493E000
|
stack
|
page read and write
|
||
1C31630A000
|
heap
|
page read and write
|
||
1C31699F000
|
heap
|
page read and write
|
||
430000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
7FF79CF42000
|
unkown
|
page execute read
|
||
F71000
|
unkown
|
page execute read
|
||
1C315EA2000
|
heap
|
page read and write
|
||
25AB2F02000
|
trusted library allocation
|
page read and write
|
||
2EB0000
|
heap
|
page read and write
|
||
2D50000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
43D0000
|
remote allocation
|
page read and write
|
||
FC5000
|
unkown
|
page write copy
|
||
12AD000
|
trusted library allocation
|
page execute and read and write
|
||
B10000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
C08000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
160E000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C316228000
|
heap
|
page read and write
|
||
3587000
|
trusted library allocation
|
page read and write
|
||
543F000
|
stack
|
page read and write
|
||
2F0A000
|
heap
|
page read and write
|
||
FCA000
|
unkown
|
page readonly
|
||
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
1E7B6056000
|
heap
|
page read and write
|
||
6AACB000
|
unkown
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
61B1000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
F10000
|
remote allocation
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
1C315F63000
|
heap
|
page read and write
|
||
1C316073000
|
heap
|
page read and write
|
||
42338000
|
direct allocation
|
page read and write
|
||
251A40A0000
|
heap
|
page read and write
|
||
207B582B000
|
heap
|
page read and write
|
||
311E000
|
stack
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
55290000
|
direct allocation
|
page read and write
|
||
2E8C0000
|
direct allocation
|
page read and write
|
||
46DDAFF000
|
stack
|
page read and write
|
||
2E838000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C315FAF000
|
heap
|
page read and write
|
||
30FE000
|
unkown
|
page read and write
|
||
2D3E000
|
unkown
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
2F86000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
7FF6A09B0000
|
unkown
|
page readonly
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
57FC000
|
stack
|
page read and write
|
||
1C3140F0000
|
remote allocation
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
39670000
|
direct allocation
|
page read and write
|
||
1C31629B000
|
heap
|
page read and write
|
||
FDA000
|
unkown
|
page readonly
|
||
133C000
|
stack
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1E7B604B000
|
heap
|
page read and write
|
||
1C315E6B000
|
heap
|
page read and write
|
||
2FE6000
|
heap
|
page read and write
|
||
2F7E000
|
stack
|
page read and write
|
||
34E0000
|
trusted library allocation
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
4E424000
|
direct allocation
|
page read and write
|
||
5814000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page execute and read and write
|
||
338F000
|
stack
|
page read and write
|
||
4DB000
|
heap
|
page read and write
|
||
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
499F000
|
stack
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
6AB000
|
stack
|
page read and write
|
||
1C315EB1000
|
heap
|
page read and write
|
||
3C4E000
|
stack
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
1C31608B000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1C315E64000
|
heap
|
page read and write
|
||
ABD000
|
heap
|
page read and write
|
||
207B6002000
|
trusted library allocation
|
page read and write
|
||
1C315FA3000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
460000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
26E01000
|
direct allocation
|
page read and write
|
||
34D0000
|
unkown
|
page readonly
|
||
1C316035000
|
heap
|
page read and write
|
||
70000
|
unkown
|
page readonly
|
||
1C315EA2000
|
heap
|
page read and write
|
||
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
422B8000
|
direct allocation
|
page read and write
|
||
C5000
|
unkown
|
page read and write
|
||
1C31625B000
|
heap
|
page read and write
|
||
4650000
|
remote allocation
|
page read and write
|
||
1C315E47000
|
heap
|
page read and write
|
||
11D0000
|
heap
|
page read and write
|
||
30CC000
|
stack
|
page read and write
|
||
BC0000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
358F000
|
stack
|
page read and write
|
||
B9F8AFE000
|
stack
|
page read and write
|
||
1C315F94000
|
heap
|
page read and write
|
||
FB7000
|
unkown
|
page readonly
|
||
396A4000
|
direct allocation
|
page read and write
|
||
420000
|
heap
|
page read and write
|
||
D10000
|
unkown
|
page readonly
|
||
2FAE000
|
heap
|
page execute and read and write
|
||
2DAE000
|
stack
|
page read and write
|
||
F81000
|
unkown
|
page execute read
|
||
30DC000
|
stack
|
page read and write
|
||
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
13DE000
|
stack
|
page read and write
|
||
6B701000
|
unkown
|
page execute read
|
||
332A4000
|
direct allocation
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
1C315F91000
|
heap
|
page read and write
|
||
207B5813000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
1C315E4A000
|
heap
|
page read and write
|
||
1E7B7A47000
|
heap
|
page read and write
|
||
21172B00000
|
heap
|
page read and write
|
||
1C315F70000
|
heap
|
page read and write
|
||
32AA000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
56BD000
|
stack
|
page read and write
|
||
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
1C315F69000
|
heap
|
page read and write
|
||
88DBAFE000
|
stack
|
page read and write
|
||
1E7B5FB0000
|
trusted library allocation
|
page read and write
|
||
1C31664F000
|
heap
|
page read and write
|
||
6900000
|
heap
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
207B583B000
|
heap
|
page read and write
|
||
1C315F85000
|
heap
|
page read and write
|
||
1C3162E7000
|
heap
|
page read and write
|
||
5590000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1C3140F0000
|
remote allocation
|
page read and write
|
||
422C0000
|
direct allocation
|
page read and write
|
||
1C316B25000
|
heap
|
page read and write
|
||
720000
|
unkown
|
page readonly
|
||
18D75910000
|
heap
|
page read and write
|
||
1C31608B000
|
heap
|
page read and write
|
||
FDA000
|
unkown
|
page readonly
|
||
1C31605B000
|
heap
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
2F6A000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
1E7B7D38000
|
trusted library allocation
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
F60000
|
unkown
|
page readonly
|
||
1C316271000
|
heap
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
EAA000
|
heap
|
page read and write
|
||
F4A000
|
heap
|
page read and write
|
||
338F000
|
stack
|
page read and write
|
||
83B000
|
stack
|
page read and write
|
||
1C316079000
|
heap
|
page read and write
|
||
159E000
|
stack
|
page read and write
|
||
4234C000
|
direct allocation
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
22435D60000
|
heap
|
page read and write
|
||
FDA000
|
unkown
|
page readonly
|
||
6AA43000
|
unkown
|
page readonly
|
||
1C315F4E000
|
heap
|
page read and write
|
||
1C315E9B000
|
heap
|
page read and write
|
||
251A41B0000
|
trusted library allocation
|
page read and write
|
||
420000
|
unkown
|
page read and write
|
||
1C3168C3000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
EB4000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page execute and read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
337F000
|
stack
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
2E80000
|
heap
|
page read and write
|
||
314E000
|
stack
|
page read and write
|
||
19C000
|
stack
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
1250000
|
heap
|
page read and write
|
||
31D0000
|
heap
|
page read and write
|
||
B9F86CB000
|
stack
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
DDA000
|
unkown
|
page write copy
|
||
1C315EA2000
|
heap
|
page read and write
|
||
12EE000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
330C0000
|
direct allocation
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
F57000
|
heap
|
page read and write
|
||
FD5000
|
unkown
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
30FF000
|
unkown
|
page readonly
|
||
42320000
|
direct allocation
|
page read and write
|
||
1C316622000
|
heap
|
page read and write
|
||
3960C000
|
direct allocation
|
page read and write
|
||
1C316077000
|
heap
|
page read and write
|
||
1C315E51000
|
heap
|
page read and write
|
||
7FF79C960000
|
unkown
|
page readonly
|
||
2C7E000
|
stack
|
page read and write
|
||
FB7000
|
unkown
|
page readonly
|
||
B4A000
|
heap
|
page read and write
|
||
39634000
|
direct allocation
|
page read and write
|
||
1C315F90000
|
heap
|
page read and write
|
||
B90B1FA000
|
stack
|
page read and write
|
||
1C316738000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
775000
|
unkown
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
12CA000
|
trusted library allocation
|
page execute and read and write
|
||
1C31629B000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
1C315F75000
|
heap
|
page read and write
|
||
7FF6A14FB000
|
unkown
|
page readonly
|
||
1C316079000
|
heap
|
page read and write
|
||
3A29000
|
unkown
|
page read and write
|
||
1540000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
42238000
|
direct allocation
|
page read and write
|
||
1107000
|
heap
|
page read and write
|
||
14EB000
|
stack
|
page read and write
|
||
1C31629B000
|
heap
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
F38000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
177F000
|
stack
|
page read and write
|
||
7AC000
|
stack
|
page read and write
|
||
1C315FB3000
|
heap
|
page read and write
|
||
CDC000
|
stack
|
page read and write
|
||
1E7B7A2F000
|
heap
|
page read and write
|
||
195000
|
stack
|
page read and write
|
||
F57000
|
heap
|
page read and write
|
||
25AB2F00000
|
trusted library allocation
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
51E000
|
heap
|
page read and write
|
||
F60000
|
unkown
|
page readonly
|
||
F71000
|
unkown
|
page execute read
|
||
1C316B66000
|
heap
|
page read and write
|
||
25AB3113000
|
heap
|
page read and write
|
||
2E900000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
6AAC9000
|
unkown
|
page read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
8F8477F000
|
stack
|
page read and write
|
||
15C0000
|
trusted library allocation
|
page read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
71000
|
unkown
|
page execute read
|
||
1C315FB3000
|
heap
|
page read and write
|
||
55244000
|
direct allocation
|
page read and write
|
||
1C315EC5000
|
heap
|
page read and write
|
||
34CF000
|
stack
|
page read and write
|
||
ACD000
|
unkown
|
page execute and read and write
|
||
1C315F8D000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
3F1000
|
unkown
|
page execute read
|
||
4B48000
|
heap
|
page read and write
|
||
44A000
|
unkown
|
page readonly
|
||
B90B5FE000
|
stack
|
page read and write
|
||
555E000
|
stack
|
page read and write
|
||
357F000
|
stack
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C31608C000
|
heap
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
46DD9FF000
|
stack
|
page read and write
|
||
F80000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
1800000
|
heap
|
page read and write
|
||
3A2E000
|
unkown
|
page execute and read and write
|
||
1C315EA4000
|
heap
|
page read and write
|
||
251A422B000
|
heap
|
page read and write
|
||
1C315E9B000
|
heap
|
page read and write
|
||
1C316036000
|
heap
|
page read and write
|
||
25AB3100000
|
heap
|
page read and write
|
||
32A0000
|
heap
|
page read and write
|
||
B60000
|
heap
|
page read and write
|
||
5580000
|
heap
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
F3B000
|
heap
|
page read and write
|
||
106B000
|
stack
|
page read and write
|
||
1C316622000
|
heap
|
page read and write
|
||
207B5840000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1E7B5F55000
|
heap
|
page read and write
|
||
5D8F000
|
stack
|
page read and write
|
||
1547000
|
heap
|
page read and write
|
||
310E000
|
stack
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
7FF6A0B95000
|
unkown
|
page readonly
|
||
195000
|
stack
|
page read and write
|
||
D11000
|
unkown
|
page execute read
|
||
41A000
|
unkown
|
page readonly
|
||
1C315EA2000
|
heap
|
page read and write
|
||
39660000
|
direct allocation
|
page read and write
|
||
552A0000
|
direct allocation
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
1C315E6B000
|
heap
|
page read and write
|
||
71000
|
unkown
|
page execute read
|
||
D30000
|
heap
|
page read and write
|
||
ACAF4FC000
|
stack
|
page read and write
|
||
1C31601A000
|
heap
|
page read and write
|
||
1C315F57000
|
heap
|
page read and write
|
||
3A2D000
|
unkown
|
page execute and write copy
|
||
1C315EA2000
|
heap
|
page read and write
|
||
4BA4000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1EA1000
|
heap
|
page read and write
|
||
B90B6FE000
|
stack
|
page read and write
|
||
ACAF5FF000
|
stack
|
page read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
B90A8FE000
|
stack
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
1C315F8D000
|
heap
|
page read and write
|
||
1E7B60B8000
|
heap
|
page read and write
|
||
1E7B61F5000
|
heap
|
page read and write
|
||
93C000
|
stack
|
page read and write
|
||
4E454000
|
direct allocation
|
page read and write
|
||
422000
|
unkown
|
page write copy
|
||
1C315E64000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
1C315E6D000
|
heap
|
page read and write
|
||
55201000
|
direct allocation
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
25AB2F24000
|
heap
|
page read and write
|
||
1C316C10000
|
heap
|
page read and write
|
||
557F000
|
stack
|
page read and write
|
||
46DD8FC000
|
stack
|
page read and write
|
||
25AB3102000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
332A0000
|
direct allocation
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
13BB9000
|
direct allocation
|
page read and write
|
||
4D0000
|
heap
|
page read and write
|
||
12F0000
|
heap
|
page read and write
|
||
18D75A28000
|
heap
|
page read and write
|
||
1C3140F0000
|
remote allocation
|
page read and write
|
||
1C31630A000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
2EBE000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
FD5000
|
unkown
|
page read and write
|
||
1C315F3D000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
17C0000
|
heap
|
page read and write
|
||
207B5825000
|
heap
|
page read and write
|
||
3F0000
|
unkown
|
page readonly
|
||
1C315FA3000
|
heap
|
page read and write
|
||
1C315F55000
|
heap
|
page read and write
|
||
B7000
|
unkown
|
page readonly
|
||
42A000
|
unkown
|
page write copy
|
||
F4F000
|
heap
|
page read and write
|
||
1C314133000
|
heap
|
page read and write
|
||
251A4213000
|
heap
|
page read and write
|
||
41B000
|
unkown
|
page readonly
|
||
39614000
|
direct allocation
|
page read and write
|
||
1344000
|
heap
|
page read and write
|
||
317E000
|
heap
|
page read and write
|
||
1E7C7D3C000
|
trusted library allocation
|
page read and write
|
||
B7000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page execute and read and write
|
||
1F0000
|
heap
|
page read and write
|
||
1C316024000
|
heap
|
page read and write
|
||
348F000
|
stack
|
page read and write
|
||
42300000
|
direct allocation
|
page read and write
|
||
42350000
|
direct allocation
|
page read and write
|
||
1C315E5C000
|
heap
|
page read and write
|
||
33120000
|
direct allocation
|
page read and write
|
||
42238000
|
direct allocation
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
2F1E000
|
stack
|
page read and write
|
||
FB5000
|
unkown
|
page read and write
|
||
25AB2CA0000
|
heap
|
page read and write
|
||
823000
|
unkown
|
page read and write
|
||
2D60000
|
heap
|
page read and write
|
||
1F2BC9A0000
|
heap
|
page read and write
|
||
1C3170D4000
|
heap
|
page read and write
|
||
634A000
|
heap
|
page read and write
|
||
1C315F68000
|
heap
|
page read and write
|
||
4E42C000
|
direct allocation
|
page read and write
|
||
4E4C0000
|
direct allocation
|
page read and write
|
||
1C3162BF000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C31631D000
|
heap
|
page read and write
|
||
7FF6A0B92000
|
unkown
|
page read and write
|
||
31F0000
|
heap
|
page read and write
|
||
4B20000
|
heap
|
page read and write
|
||
4BE0000
|
heap
|
page read and write
|
||
4E4B8000
|
direct allocation
|
page read and write
|
||
3150000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
3A2C000
|
unkown
|
page readonly
|
||
FD5000
|
unkown
|
page write copy
|
||
4E440000
|
direct allocation
|
page read and write
|
||
8F84B7A000
|
stack
|
page read and write
|
||
10A0000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
31E0000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
823000
|
unkown
|
page read and write
|
||
21174510000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
4236C000
|
direct allocation
|
page read and write
|
||
8F84B7F000
|
stack
|
page read and write
|
||
207B5650000
|
heap
|
page read and write
|
||
EEA000
|
heap
|
page read and write
|
||
56EB8000
|
direct allocation
|
page read and write
|
||
4BF6000
|
heap
|
page read and write
|
||
A59000
|
heap
|
page read and write
|
||
4234C000
|
direct allocation
|
page read and write
|
||
21172A20000
|
heap
|
page read and write
|
||
207B5750000
|
heap
|
page read and write
|
||
1C316055000
|
heap
|
page read and write
|
||
1C315F74000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
22435EF0000
|
heap
|
page read and write
|
||
1C315E5C000
|
heap
|
page read and write
|
||
1C315F97000
|
heap
|
page read and write
|
||
3B06CFF000
|
stack
|
page read and write
|
||
4B88000
|
heap
|
page read and write
|
||
18D75B02000
|
heap
|
page read and write
|
||
1C31609E000
|
heap
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C31631D000
|
heap
|
page read and write
|
||
1C315F4E000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
B30000
|
heap
|
page read and write
|
||
1E7B5D74000
|
unkown
|
page readonly
|
||
F15000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
25AB2E7C000
|
heap
|
page read and write
|
||
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
1C316026000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
6BAD6000
|
unkown
|
page readonly
|
||
1C315FAB000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
6AAE6000
|
unkown
|
page readonly
|
||
2DC0000
|
heap
|
page read and write
|
||
1C316036000
|
heap
|
page read and write
|
||
2D85000
|
heap
|
page read and write
|
||
33038000
|
direct allocation
|
page read and write
|
||
13CF000
|
stack
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
1C315E8B000
|
heap
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
437000
|
unkown
|
page readonly
|
||
DC0000
|
heap
|
page read and write
|
||
7FF788E51000
|
unkown
|
page readonly
|
||
1C316035000
|
heap
|
page read and write
|
||
FB7000
|
unkown
|
page readonly
|
||
F61000
|
unkown
|
page execute read
|
||
C5000
|
unkown
|
page write copy
|
||
4A96000
|
heap
|
page read and write
|
||
4BF9000
|
heap
|
page read and write
|
||
1C31604E000
|
heap
|
page read and write
|
||
1C316094000
|
heap
|
page read and write
|
||
21172B9E000
|
heap
|
page read and write
|
||
2F9E000
|
stack
|
page read and write
|
||
2F0E000
|
stack
|
page read and write
|
||
1E7B7DBF000
|
trusted library allocation
|
page read and write
|
||
1C315E9B000
|
heap
|
page read and write
|
||
68EC000
|
stack
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
2855000
|
heap
|
page read and write
|
||
7FF6A0B41000
|
unkown
|
page readonly
|
||
42A000
|
unkown
|
page write copy
|
||
1C315E64000
|
heap
|
page read and write
|
||
C65000
|
heap
|
page read and write
|
||
7FF6A0F91000
|
unkown
|
page read and write
|
||
422C0000
|
direct allocation
|
page read and write
|
||
42344000
|
direct allocation
|
page read and write
|
||
3090000
|
direct allocation
|
page read and write
|
||
4E4A4000
|
direct allocation
|
page read and write
|
||
7FF79D413000
|
unkown
|
page readonly
|
||
2DAE000
|
stack
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C315EA4000
|
heap
|
page read and write
|
||
1C315FD6000
|
heap
|
page read and write
|
||
1C315F90000
|
heap
|
page read and write
|
||
30FF000
|
unkown
|
page readonly
|
||
1C315FAB000
|
heap
|
page read and write
|
||
2FE7000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
ACD000
|
unkown
|
page execute and read and write
|
||
3250000
|
heap
|
page read and write
|
||
1C315E5C000
|
heap
|
page read and write
|
||
AF0000
|
heap
|
page read and write
|
||
1C315F79000
|
heap
|
page read and write
|
||
4E414000
|
direct allocation
|
page read and write
|
||
FCA000
|
unkown
|
page readonly
|
||
317A000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
42A000
|
unkown
|
page write copy
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
C23000
|
heap
|
page read and write
|
||
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
DDA000
|
unkown
|
page read and write
|
||
1C316220000
|
heap
|
page read and write
|
||
11E5000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
34F8000
|
heap
|
page read and write
|
||
2EBA000
|
heap
|
page read and write
|
||
18D75A13000
|
heap
|
page read and write
|
||
F70000
|
unkown
|
page readonly
|
||
970000
|
heap
|
page read and write
|
||
1C315FB3000
|
heap
|
page read and write
|
||
F71000
|
unkown
|
page execute read
|
||
1C315F86000
|
heap
|
page read and write
|
||
1E7C7CDD000
|
trusted library allocation
|
page read and write
|
||
CA000
|
unkown
|
page readonly
|
||
1C316273000
|
heap
|
page read and write
|
||
3150000
|
heap
|
page execute and read and write
|
||
1F2BC8C0000
|
heap
|
page read and write
|
||
7FF6A1463000
|
unkown
|
page readonly
|
||
1C315F7F000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
31C0000
|
heap
|
page read and write
|
||
1C316B3E000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E7B5EE0000
|
heap
|
page read and write
|
||
25AB3100000
|
heap
|
page read and write
|
||
22435E40000
|
heap
|
page read and write
|
||
3B0692C000
|
stack
|
page read and write
|
||
1C31605B000
|
heap
|
page read and write
|
||
33234000
|
direct allocation
|
page read and write
|
||
43D0000
|
remote allocation
|
page read and write
|
||
1E7B5D42000
|
unkown
|
page readonly
|
||
450000
|
heap
|
page read and write
|
||
2FB7000
|
heap
|
page read and write
|
||
26E24000
|
direct allocation
|
page read and write
|
||
422000
|
unkown
|
page write copy
|
||
7FF7EB540000
|
unkown
|
page readonly
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1C315E5B000
|
heap
|
page read and write
|
||
1E7C7CE1000
|
trusted library allocation
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
1C315F91000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
FB7000
|
unkown
|
page readonly
|
||
3110000
|
heap
|
page read and write
|
||
C2E000
|
stack
|
page read and write
|
||
1C315F8D000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
CFC6FE000
|
stack
|
page read and write
|
||
1040000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
C60000
|
heap
|
page read and write
|
||
7FF7EBB22000
|
unkown
|
page execute read
|
||
15A2000
|
trusted library allocation
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
7FF788EB6000
|
unkown
|
page execute read
|
||
1C316DEB000
|
heap
|
page read and write
|
||
1C315E64000
|
heap
|
page read and write
|
||
1C31602A000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
4AFF000
|
stack
|
page read and write
|
||
3A2C000
|
unkown
|
page readonly
|
||
1C315E8A000
|
heap
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
18D75A23000
|
heap
|
page read and write
|
||
6AACA000
|
unkown
|
page write copy
|
||
313E000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
1C315EC9000
|
heap
|
page read and write
|
||
1C315E5B000
|
heap
|
page read and write
|
||
2D50000
|
heap
|
page read and write
|
||
7FFD9B917000
|
trusted library allocation
|
page read and write
|
||
6751000
|
heap
|
page read and write
|
||
B9F87CE000
|
stack
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
2E8B8000
|
direct allocation
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
4E45C000
|
direct allocation
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
251A4202000
|
heap
|
page read and write
|
||
3320C000
|
direct allocation
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
470000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1C31606B000
|
heap
|
page read and write
|
||
DDC000
|
unkown
|
page write copy
|
||
1450000
|
heap
|
page read and write
|
||
1390000
|
heap
|
page read and write
|
||
49A0000
|
direct allocation
|
page execute and read and write
|
||
3170000
|
heap
|
page read and write
|
||
1E7B5FEA000
|
heap
|
page read and write
|
||
1C316EB0000
|
heap
|
page read and write
|
||
207B5802000
|
heap
|
page read and write
|
||
39640000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
5790000
|
heap
|
page read and write
|
||
B90A533000
|
stack
|
page read and write
|
||
2F7E000
|
heap
|
page execute and read and write
|
||
251A41C0000
|
remote allocation
|
page read and write
|
||
1E7B5FC0000
|
heap
|
page read and write
|
||
251A4080000
|
heap
|
page read and write
|
||
6365000
|
heap
|
page read and write
|
||
1C315F79000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
7FF7EBB22000
|
unkown
|
page execute read
|
||
C30000
|
heap
|
page read and write
|
||
1C3168F2000
|
heap
|
page read and write
|
||
1C31605D000
|
heap
|
page read and write
|
||
1C31631D000
|
heap
|
page read and write
|
||
1C315F61000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
990000
|
heap
|
page read and write
|
||
350B000
|
trusted library allocation
|
page read and write
|
||
1C315E64000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
43D0000
|
remote allocation
|
page read and write
|
||
B90ADFE000
|
stack
|
page read and write
|
||
EF8000
|
heap
|
page read and write
|
||
E5C000
|
stack
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
7FF6A0B89000
|
unkown
|
page read and write
|
||
328F000
|
stack
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
42238000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page execute and read and write
|
||
1C315F45000
|
heap
|
page read and write
|
||
5C8D000
|
stack
|
page read and write
|
||
1C31664E000
|
heap
|
page read and write
|
||
55254000
|
direct allocation
|
page read and write
|
||
8F84C7A000
|
stack
|
page read and write
|
||
3150000
|
heap
|
page read and write
|
||
1C315E60000
|
heap
|
page read and write
|
||
33CE000
|
stack
|
page read and write
|
||
2DD0000
|
heap
|
page read and write
|
||
1C315E89000
|
heap
|
page read and write
|
||
AAB000
|
heap
|
page read and write
|
||
1C31608B000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
7FF6A0F92000
|
unkown
|
page execute read
|
||
F70000
|
unkown
|
page readonly
|
||
2D3E000
|
unkown
|
page read and write
|
||
1C316094000
|
heap
|
page read and write
|
||
25AB2E00000
|
unkown
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
2F1E000
|
stack
|
page read and write
|
||
1C316020000
|
heap
|
page read and write
|
||
42320000
|
direct allocation
|
page read and write
|
||
1C317081000
|
heap
|
page read and write
|
||
13DE000
|
unkown
|
page read and write
|
||
251A4A02000
|
trusted library allocation
|
page read and write
|
||
25AB3013000
|
heap
|
page read and write
|
||
F40000
|
heap
|
page read and write
|
||
39644000
|
direct allocation
|
page read and write
|
||
1C315F3F000
|
heap
|
page read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
1C315E5C000
|
heap
|
page read and write
|
||
1C315F71000
|
heap
|
page read and write
|
||
7FF7892A2000
|
unkown
|
page execute read
|
||
41A000
|
unkown
|
page readonly
|
||
1C315E95000
|
heap
|
page read and write
|
||
7FF788CC0000
|
unkown
|
page readonly
|
||
1E7B6032000
|
heap
|
page read and write
|
||
2081000
|
heap
|
page read and write
|
||
42320000
|
direct allocation
|
page read and write
|
||
F10000
|
remote allocation
|
page read and write
|
||
6A710000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
5520C000
|
direct allocation
|
page read and write
|
||
1C316624000
|
heap
|
page read and write
|
||
1C315E95000
|
heap
|
page read and write
|
||
4E4CC000
|
direct allocation
|
page read and write
|
||
D80000
|
heap
|
page read and write
|
||
1C315F7B000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
1C315F7F000
|
heap
|
page read and write
|
||
1C31601A000
|
heap
|
page read and write
|
||
1C31662F000
|
heap
|
page read and write
|
||
1C315E69000
|
heap
|
page read and write
|
||
7FF6A09B1000
|
unkown
|
page execute read
|
||
1C316760000
|
heap
|
page read and write
|
||
7E0000
|
heap
|
page read and write
|
||
1E7B5FFE000
|
heap
|
page read and write
|
||
1C315F9F000
|
heap
|
page read and write
|
||
1C315F74000
|
heap
|
page read and write
|
||
FA7000
|
unkown
|
page readonly
|
||
1E7B5FE3000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E7B7AE0000
|
trusted library section
|
page read and write
|
||
C5000
|
unkown
|
page write copy
|
||
1C315E69000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
A00000
|
heap
|
page read and write
|
||
1C315FAB000
|
heap
|
page read and write
|
||
324F000
|
stack
|
page read and write
|
||
18D75A40000
|
heap
|
page read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
1C31662F000
|
heap
|
page read and write
|
||
392A000
|
heap
|
page read and write
|
||
F57000
|
heap
|
page read and write
|
||
4BF4000
|
heap
|
page read and write
|
||
1C315F4A000
|
heap
|
page read and write
|
||
3170000
|
heap
|
page read and write
|
||
330C0000
|
direct allocation
|
page read and write
|
||
1C316734000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
528E000
|
stack
|
page read and write
|
||
207B5670000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
1C315E92000
|
heap
|
page read and write
|
||
AFA000
|
stack
|
page read and write
|
||
1C316035000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
56E38000
|
direct allocation
|
page read and write
|
||
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
1C315E97000
|
heap
|
page read and write
|
||
4A16000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
ED0000
|
heap
|
page read and write
|
||
7E0000
|
heap
|
page read and write
|
||
ACD000
|
unkown
|
page execute and read and write
|
||
39624000
|
direct allocation
|
page read and write
|
||
FC5000
|
unkown
|
page read and write
|
||
19D000
|
stack
|
page read and write
|
||
1C315EA2000
|
heap
|
page read and write
|
||
1C315E64000
|
heap
|
page read and write
|
||
1C315E92000
|
heap
|
page read and write
|
||
12C6000
|
trusted library allocation
|
page execute and read and write
|
||
1C316025000
|
heap
|
page read and write
|
||
308E000
|
stack
|
page read and write
|
||
1C315FAF000
|
heap
|
page read and write
|
||
1E7B5F80000
|
trusted library allocation
|
page read and write
|
||
DDC000
|
stack
|
page read and write
|
||
42A000
|
unkown
|
page write copy
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1C315F91000
|
heap
|
page read and write
|
||
7FF7EB6D1000
|
unkown
|
page readonly
|
||
1C315FAB000
|
heap
|
page read and write
|
||
2DE0000
|
heap
|
page read and write
|
||
1C315F9B000
|
heap
|
page read and write
|
||
1C315F7C000
|
heap
|
page read and write
|
||
1C31608B000
|
heap
|
page read and write
|
||
56F00000
|
direct allocation
|
page read and write
|
||
12A0000
|
trusted library allocation
|
page read and write
|
||
552C8000
|
direct allocation
|
page read and write
|
||
32AE000
|
heap
|
page read and write
|
||
1C316273000
|
heap
|
page read and write
|
||
1C315E6D000
|
heap
|
page read and write
|
||
71000
|
unkown
|
page execute read
|
||
7FF788EA2000
|
unkown
|
page read and write
|
||
1C315F74000
|
heap
|
page read and write
|
||
F35000
|
heap
|
page read and write
|
||
F35000
|
heap
|
page read and write
|
||
21172B80000
|
heap
|
page read and write
|
||
552CC000
|
direct allocation
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
A07000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
BD0000
|
heap
|
page read and write
|
||
4BF0000
|
heap
|
page read and write
|
||
1C316071000
|
heap
|
page read and write
|
||
F40000
|
heap
|
page read and write
|
||
3328C000
|
direct allocation
|
page read and write
|
||
13E0000
|
heap
|
page read and write
|
||
1C315E51000
|
heap
|
page read and write
|
||
42304000
|
direct allocation
|
page read and write
|
||
1C316228000
|
heap
|
page read and write
|
||
1C31712B000
|
heap
|
page read and write
|
||
1EA1000
|
heap
|
page read and write
|
||
207B5902000
|
heap
|
page read and write
|
||
4E47C000
|
direct allocation
|
page read and write
|
||
1C316036000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
424000
|
unkown
|
page write copy
|
||
1C315F9F000
|
heap
|
page read and write
|
||
1C315F71000
|
heap
|
page read and write
|
||
FBA000
|
unkown
|
page readonly
|
||
1C315F97000
|
heap
|
page read and write
|
||
2D8E000
|
stack
|
page read and write
|
||
1C31606B000
|
heap
|
page read and write
|
||
1C316271000
|
heap
|
page read and write
|
||
41A000
|
unkown
|
page readonly
|
||
424000
|
unkown
|
page write copy
|
||
400000
|
unkown
|
page execute and read and write
|
||
41A000
|
unkown
|
page readonly
|
||
25AB2F15000
|
trusted library allocation
|
page read and write
|
||
2D70000
|
heap
|
page read and write
|
||
8F8487F000
|
stack
|
page read and write
|
||
F4A000
|
heap
|
page read and write
|
||
2048000
|
heap
|
page read and write
|
||
1C316056000
|
heap
|
page read and write
|
||
1C315FA7000
|
heap
|
page read and write
|
||
22435EF8000
|
heap
|
page read and write
|
||
1C315F70000
|
heap
|
page read and write
|
||
2DCE000
|
stack
|
page read and write
|
||
1C316073000
|
heap
|
page read and write
|
||
1F2BCA00000
|
heap
|
page read and write
|
||
207B583E000
|
heap
|
page read and write
|
||
1C316293000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
13A9000
|
heap
|
page read and write
|
||
15A0000
|
trusted library allocation
|
page read and write
|
||
1C316626000
|
heap
|
page read and write
|
||
3130000
|
heap
|
page read and write
|
||
33CE000
|
stack
|
page read and write
|
||
356B000
|
trusted library allocation
|
page read and write
|
||
1E7B7CC0000
|
heap
|
page execute and read and write
|
||
1C316228000
|
heap
|
page read and write
|
||
1C316201000
|
heap
|
page read and write
|
||
F58000
|
heap
|
page read and write
|
||
13DE000
|
unkown
|
page read and write
|
||
423000
|
unkown
|
page read and write
|
||
2F6E000
|
heap
|
page read and write
|
There are 1833 hidden memdumps, click here to show them.