Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ppXCre3i9k.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Common Files\Java\Java Update\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Google\Chrome\Application\SetupMetrics\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Google\Chrome\Application\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\MoUsoCoreWorker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Media Player\Skins\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\USOShared\Logs\dllhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\smss.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MoUsoCoreWorker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\3D Objects\services.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5v7z9xH3I0.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\Music\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Fonts\XYIphamTjljSgoBQQlfKpXxgNOIO.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Common Files\Java\Java Update\2d0856477bae9b
|
ASCII text, with very long lines (732), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Common Files\Java\Java Update\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Google\Chrome\Application\2d0856477bae9b
|
ASCII text, with very long lines (666), with no line terminators
|
dropped
|
||
|
C:\Program Files\Google\Chrome\Application\SetupMetrics\2d0856477bae9b
|
ASCII text, with very long lines (648), with no line terminators
|
dropped
|
||
|
C:\Program Files\Google\Chrome\Application\SetupMetrics\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Google\Chrome\Application\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\1f93f77a7f4778
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\MoUsoCoreWorker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\Skins\2d0856477bae9b
|
ASCII text, with very long lines (427), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Media Player\Skins\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\USOShared\Logs\5940a34987c991
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOShared\Logs\dllhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Recovery\69ddcba757bf72
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\smss.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1f93f77a7f4778
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MoUsoCoreWorker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\3D Objects\c5b4cb5e9653cc
|
ASCII text, with very long lines (773), with no line terminators
|
dropped
|
||
|
C:\Users\user\3D Objects\services.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\MoUsoCoreWorker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dllhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ppXCre3i9k.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\services.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BvJvv2D5VS
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Music\2d0856477bae9b
|
ASCII text, with very long lines (797), with no line terminators
|
dropped
|
||
|
C:\Users\user\Music\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Fonts\2d0856477bae9b
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Fonts\XYIphamTjljSgoBQQlfKpXxgNOIO.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 31 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ppXCre3i9k.exe
|
"C:\Users\user\Desktop\ppXCre3i9k.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 9 /tr "'C:\Program Files (x86)\common files\Java\Java
Update\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Program Files (x86)\common files\Java\Java Update\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 13 /tr "'C:\Program Files (x86)\common files\Java\Java
Update\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 12 /tr "'C:\Program Files\Windows Media Player\Skins\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Program Files\Windows Media Player\Skins\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 8 /tr "'C:\Program Files\Windows Media Player\Skins\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 10 /tr "'C:\Program Files\Google\Chrome\Application\SetupMetrics\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Program Files\Google\Chrome\Application\SetupMetrics\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 8 /tr "'C:\Program Files\Google\Chrome\Application\SetupMetrics\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "smsss" /sc MINUTE /mo 11 /tr "'C:\Recovery\smss.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "smss" /sc ONLOGON /tr "'C:\Recovery\smss.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "smsss" /sc MINUTE /mo 13 /tr "'C:\Recovery\smss.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 10 /tr "'C:\Users\user\Music\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Users\user\Music\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 8 /tr "'C:\Users\user\Music\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 14 /tr "'C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\MoUsoCoreWorker.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorker" /sc ONLOGON /tr "'C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\MoUsoCoreWorker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 8 /tr "'C:\Program Files\Windows Defender Advanced Threat Protection\en-GB\MoUsoCoreWorker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 6 /tr "'C:\Program Files\Google\Chrome\Application\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Program Files\Google\Chrome\Application\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 8 /tr "'C:\Program Files\Google\Chrome\Application\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 14 /tr "'C:\Windows\Fonts\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIO" /sc ONLOGON /tr "'C:\Windows\Fonts\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "XYIphamTjljSgoBQQlfKpXxgNOIOX" /sc MINUTE /mo 7 /tr "'C:\Windows\Fonts\XYIphamTjljSgoBQQlfKpXxgNOIO.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 9 /tr "'C:\Users\Default\Start Menu\Programs\MoUsoCoreWorker.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorker" /sc ONLOGON /tr "'C:\Users\Default\Start Menu\Programs\MoUsoCoreWorker.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "MoUsoCoreWorkerM" /sc MINUTE /mo 13 /tr "'C:\Users\Default\Start Menu\Programs\MoUsoCoreWorker.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 8 /tr "'C:\Users\All Users\USOShared\Logs\dllhost.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Users\All Users\USOShared\Logs\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 11 /tr "'C:\Users\All Users\USOShared\Logs\dllhost.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "servicess" /sc MINUTE /mo 6 /tr "'C:\Users\user\3D Objects\services.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "services" /sc ONLOGON /tr "'C:\Users\user\3D Objects\services.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "servicess" /sc MINUTE /mo 10 /tr "'C:\Users\user\3D Objects\services.exe'" /rl HIGHEST /f
|
|
|
|
C:\ProgramData\USOShared\Logs\dllhost.exe
|
"C:\Users\All Users\USOShared\Logs\dllhost.exe"
|
|
|
|
C:\ProgramData\USOShared\Logs\dllhost.exe
|
"C:\Users\All Users\USOShared\Logs\dllhost.exe"
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MoUsoCoreWorker.exe
|
"C:\Users\Default\Start Menu\Programs\MoUsoCoreWorker.exe"
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MoUsoCoreWorker.exe
|
"C:\Users\Default\Start Menu\Programs\MoUsoCoreWorker.exe"
|
|
|
|
C:\Users\user\3D Objects\services.exe
|
"C:\Users\user\3D Objects\services.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\5v7z9xH3I0.bat"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 32 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?TnqYKyaIywq=qs3uS75r3jqkbptI0tYXMWWVaJ&N8UxeC0d2aYn8OLau6G6fERS=XSlT&hUILssjwMhlL=rcGaJB6lZUMQIrCsGuPKf3Dfwgc1&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&TnqYKyaIywq=qs3uS75r3jqkbptI0tYXMWWVaJ&N8UxeC0d2aYn8OLau6G6fERS=XSlT&hUILssjwMhlL=rcGaJB6lZUMQIrCsGuPKf3Dfwgc1
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/
|
unknown
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?aJEFD=DIiJHxHsWaRJglNiUoApJ&IThUZKOIFYxaBzNs=mEB6eANyK32zZFYdk9PmxY7dNV2VFj&UlrYkIgnTTfOQ=TpTY6bz8FJOH&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&aJEFD=DIiJHxHsWaRJglNiUoApJ&IThUZKOIFYxaBzNs=mEB6eANyK32zZFYdk9PmxY7dNV2VFj&UlrYkIgnTTfOQ=TpTY6bz8FJOH
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?UDHxzzcas1EAv9DMmpw3fnZY=rCOtt0GvVNct1WrGn4NENdapnoSCQPr&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&UDHxzzcas1EAv9DMmpw3fnZY=rCOtt0GvVNct1WrGn4NENdapnoSCQPr
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online
|
unknown
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?ovGqtVTp5BaF90XbIwsVGXLk7k=vVAyytNBuojB9pcX5x&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&ovGqtVTp5BaF90XbIwsVGXLk7k=vVAyytNBuojB9pcX5x
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?P0BWwn=xD8KOAFhnF&er6UzMZnhq2HEMUzYMEwRy=DOAeMSQttP8JwM4Bz6J&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&P0BWwn=xD8KOAFhnF&er6UzMZnhq2HEMUzYMEwRy=DOAeMSQttP8JwM4Bz6J
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?RVpUqBOi8pHAIsyoJmOvSI=fxU8LTF1zIvPTL2gmsQeSxS9T9dZc&1XIZJhVCCO2x=1WdfdQFmCB&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&RVpUqBOi8pHAIsyoJmOvSI=fxU8LTF1zIvPTL2gmsQeSxS9T9dZc&1XIZJhVCCO2x=1WdfdQFmCB
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?Tzm6OxIQRqZYunjCd1MOgk=nBBU0zIwqR&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&Tzm6OxIQRqZYunjCd1MOgk=nBBU0zIwqR
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/@==gbJBzYuFDT
|
|
||
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?VEid32e=5KnOfaDp2o1CFqeYZF38NP&fhjudVNYdmm6E03w=rHwBASGojKEx9fcppIq5pk&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&VEid32e=5KnOfaDp2o1CFqeYZF38NP&fhjudVNYdmm6E03w=rHwBASGojKEx9fcppIq5pk
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?KzH0=bh&DxjZjfOCS8Hqrt2FJM=4Pt5s&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&KzH0=bh&DxjZjfOCS8Hqrt2FJM=4Pt5s
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?wV6yMDoEOp6CE4ikEee1q2H6Zy7H=EZuKHnNiGrv0rY8Q86rX&tJRGN3N9ZXFhdJQL16Q=C7xsA9eIpb1Q&AVQcE4u9jrTqTNOsFGAbCiwV=FOYET7gzwcyAswBfUdQ&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&wV6yMDoEOp6CE4ikEee1q2H6Zy7H=EZuKHnNiGrv0rY8Q86rX&tJRGN3N9ZXFhdJQL16Q=C7xsA9eIpb1Q&AVQcE4u9jrTqTNOsFGAbCiwV=FOYET7gzwcyAswBfUdQ
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?VNzfEh38AspOaytSRK9BLXVflf=P3WpIeO4GbcHw2HzYd7uOVMZKu&m82T4iroEoDhuL4m0zDMJDh7Bn=l3r7eXql6OIhiENDLV6NiUsV&Hhpia4RQxGvXqiJDj7Y=SfI5AVlFaMRKVYX0BDfT0Qu&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&VNzfEh38AspOaytSRK9BLXVflf=P3WpIeO4GbcHw2HzYd7uOVMZKu&m82T4iroEoDhuL4m0zDMJDh7Bn=l3r7eXql6OIhiENDLV6NiUsV&Hhpia4RQxGvXqiJDj7Y=SfI5AVlFaMRKVYX0BDfT0Qu
|
77.222.57.208
|
|
|
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?WPqxBIO3l8KwOT9NhTLGwYvdmRH=idQh7nQF2GrDezz7t&93c8fc6a5829094a07918d043a4ab930=4466e54fac4c9d4ef3d0997a871fb311&6eb901588398ed62b3e4a5d26c80dcd1=gY0ETZycTO2YDZ1IDOxM2MzczY2MDO0MzYwE2M4E2M2UjNjRGO1QGN&WPqxBIO3l8KwOT9NhTLGwYvdmRH=idQh7nQF2GrDezz7t
|
77.222.57.208
|
|
|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://esdjasd.maxkrnldc.online/L1nc0In.php?wV6yMDoEOp6CE4ikEee1q2H6Zy7H=EZuKHnNiGrv0rY8Q86rX&tJRGN3
|
unknown
|
There are 7 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
esdjasd.maxkrnldc.online
|
77.222.57.208
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
77.222.57.208
|
esdjasd.maxkrnldc.online
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
smss
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MoUsoCoreWorker
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MoUsoCoreWorker
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
dllhost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
dllhost
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
services
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
services
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
XYIphamTjljSgoBQQlfKpXxgNOIO
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MoUsoCoreWorker
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\c5d12342a0370bd4ac04a2383341eeca0b1a8f5c
|
4382073e4b55b69c45d4282000535e2280130b62
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dllhost_RASMANCS
|
FileDirectory
|
There are 38 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2541000
|
trusted library allocation
|
page read and write
|
|
|
|
28E8000
|
trusted library allocation
|
page read and write
|
|
|
|
2FA5000
|
trusted library allocation
|
page read and write
|
|
|
|
2C79000
|
trusted library allocation
|
page read and write
|
|
|
|
28A1000
|
trusted library allocation
|
page read and write
|
|
|
|
2911000
|
trusted library allocation
|
page read and write
|
|
|
|
3451000
|
trusted library allocation
|
page read and write
|
|
|
|
2D84000
|
trusted library allocation
|
page read and write
|
|
|
|
34A4000
|
trusted library allocation
|
page read and write
|
|
|
|
3498000
|
trusted library allocation
|
page read and write
|
|
|
|
2D31000
|
trusted library allocation
|
page read and write
|
|
|
|
1B686000
|
stack
|
page read and write
|
||
|
1B68E000
|
stack
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
2A6F000
|
trusted library allocation
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1D60000
|
heap
|
page execute and read and write
|
||
|
1B7F0000
|
heap
|
page execute and read and write
|
||
|
1D3C000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
1BBB8000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page execute and read and write
|
||
|
2962000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B923000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
1AD60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
B5C000
|
heap
|
page read and write
|
||
|
7FFD9B92B000
|
trusted library allocation
|
page read and write
|
||
|
1BA0F000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
1BB8E000
|
stack
|
page read and write
|
||
|
1B802000
|
heap
|
page read and write
|
||
|
892000
|
heap
|
page read and write
|
||
|
2339A108000
|
heap
|
page read and write
|
||
|
E56999E000
|
stack
|
page read and write
|
||
|
12F9D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B91C000
|
trusted library allocation
|
page read and write
|
||
|
1AFC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B90C000
|
trusted library allocation
|
page read and write
|
||
|
E569CFF000
|
stack
|
page read and write
|
||
|
E99000
|
heap
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2530000
|
heap
|
page execute and read and write
|
||
|
1BB7A000
|
heap
|
page read and write
|
||
|
7FFD9B93B000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
264C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
ACB000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
12918000
|
trusted library allocation
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
2654000
|
trusted library allocation
|
page read and write
|
||
|
2641000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1006000
|
heap
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
1B08E000
|
stack
|
page read and write
|
||
|
7FFD9B961000
|
trusted library allocation
|
page read and write
|
||
|
E569C7E000
|
stack
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
28FD000
|
trusted library allocation
|
page read and write
|
||
|
1065000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AACC000
|
stack
|
page read and write
|
||
|
1B582000
|
stack
|
page read and write
|
||
|
7FFD9B806000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
1B8E3000
|
heap
|
page read and write
|
||
|
7FFD9B91A000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
1B8EE000
|
stack
|
page read and write
|
||
|
1142000
|
heap
|
page read and write
|
||
|
FDB000
|
heap
|
page read and write
|
||
|
1B923000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
AE4000
|
heap
|
page read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
12D31000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF80000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3527000
|
trusted library allocation
|
page read and write
|
||
|
1B48F000
|
stack
|
page read and write
|
||
|
1BA7D000
|
heap
|
page read and write
|
||
|
267A000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page execute and read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BACE000
|
stack
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AE80000
|
heap
|
page execute and read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
FBB000
|
heap
|
page read and write
|
||
|
1BAAE000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
12543000
|
trusted library allocation
|
page read and write
|
||
|
1BB35000
|
heap
|
page read and write
|
||
|
B35000
|
heap
|
page read and write
|
||
|
7FFD9B8B1000
|
trusted library allocation
|
page execute and read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
1B935000
|
heap
|
page read and write
|
||
|
776000
|
stack
|
page read and write
|
||
|
25AB000
|
trusted library allocation
|
page read and write
|
||
|
1B8CC000
|
heap
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B93C000
|
trusted library allocation
|
page read and write
|
||
|
1B98D000
|
heap
|
page read and write
|
||
|
7FFD9B750000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1B6EE000
|
stack
|
page read and write
|
||
|
1B990000
|
heap
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
128A1000
|
trusted library allocation
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
2339A020000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
2339A050000
|
heap
|
page read and write
|
||
|
1B4EF000
|
stack
|
page read and write
|
||
|
264E000
|
trusted library allocation
|
page read and write
|
||
|
B87000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
7FFD9B752000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1B982000
|
heap
|
page read and write
|
||
|
1B90B000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
24EF000
|
stack
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
2339A0E8000
|
heap
|
page read and write
|
||
|
530000
|
unkown
|
page readonly
|
||
|
1B38E000
|
stack
|
page read and write
|
||
|
A20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
12541000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
1AE2D000
|
stack
|
page read and write
|
||
|
7FFD9B76C000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
3515000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
1BAD5000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
12F98000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1090000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
7FFD9B943000
|
trusted library allocation
|
page read and write
|
||
|
1AECE000
|
stack
|
page read and write
|
||
|
2977000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1B902000
|
heap
|
page execute and read and write
|
||
|
D5F000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
26BF000
|
trusted library allocation
|
page read and write
|
||
|
252E000
|
stack
|
page read and write
|
||
|
7FFD9B8FC000
|
trusted library allocation
|
page read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
3518000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
262D000
|
trusted library allocation
|
page read and write
|
||
|
1BAFE000
|
stack
|
page read and write
|
||
|
203F000
|
stack
|
page read and write
|
||
|
1E8E000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
B45000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7FFD9B936000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1BAFF000
|
stack
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC7000
|
heap
|
page read and write
|
||
|
7FFD9B754000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
1B8B6000
|
heap
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1BC84000
|
stack
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
1B88E000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
EFC000
|
heap
|
page read and write
|
||
|
1BBCD000
|
heap
|
page read and write
|
||
|
1B980000
|
heap
|
page execute and read and write
|
||
|
1B6AF000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
2339A030000
|
heap
|
page read and write
|
||
|
85C000
|
heap
|
page read and write
|
||
|
7FFD9B7A7000
|
trusted library allocation
|
page read and write
|
||
|
13453000
|
trusted library allocation
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
1B48E000
|
stack
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
12921000
|
trusted library allocation
|
page read and write
|
||
|
1790000
|
trusted library allocation
|
page read and write
|
||
|
13458000
|
trusted library allocation
|
page read and write
|
||
|
1BB9D000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6E000
|
stack
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
3055000
|
trusted library allocation
|
page read and write
|
||
|
2A2E000
|
trusted library allocation
|
page read and write
|
||
|
17B0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
746000
|
stack
|
page read and write
|
||
|
1167000
|
heap
|
page read and write
|
||
|
2DFF000
|
trusted library allocation
|
page read and write
|
||
|
E56991C000
|
stack
|
page read and write
|
||
|
12911000
|
trusted library allocation
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
1C08E000
|
stack
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
7FFD9B800000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
heap
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
1B7EE000
|
stack
|
page read and write
|
||
|
7FFD9B797000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B767000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
1B2E0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B753000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB14000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
FA8000
|
heap
|
page read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
1BB90000
|
heap
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B92B000
|
heap
|
page read and write
|
||
|
2C23000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
heap
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
1B384000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1D40000
|
heap
|
page read and write
|
||
|
128A3000
|
trusted library allocation
|
page read and write
|
||
|
128AD000
|
trusted library allocation
|
page read and write
|
||
|
113A000
|
heap
|
page read and write
|
||
|
1A8D0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
1B95F000
|
stack
|
page read and write
|
||
|
297B000
|
trusted library allocation
|
page read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
12D3D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
BC8000
|
heap
|
page read and write
|
||
|
1065000
|
heap
|
page read and write
|
||
|
1B8E7000
|
heap
|
page read and write
|
||
|
7FFD9B8F0000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
10FC000
|
heap
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
1043000
|
heap
|
page read and write
|
||
|
10D1000
|
heap
|
page read and write
|
||
|
EE9000
|
heap
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
7FFD9B92C000
|
trusted library allocation
|
page read and write
|
||
|
1B783000
|
stack
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
2ABF000
|
trusted library allocation
|
page read and write
|
||
|
E34000
|
heap
|
page read and write
|
||
|
7FFD9B787000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
E5F000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E52000
|
heap
|
page read and write
|
||
|
2BF8000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
7FFD9B78C000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
7FF4A0F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB1D000
|
heap
|
page read and write
|
||
|
1B890000
|
heap
|
page read and write
|
||
|
1BFFF000
|
stack
|
page read and write
|
||
|
1BB43000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
FCB000
|
heap
|
page read and write
|
||
|
2965000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2339A0F5000
|
heap
|
page read and write
|
||
|
12F91000
|
trusted library allocation
|
page read and write
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
trusted library allocation
|
page read and write
|
||
|
1B3BD000
|
stack
|
page read and write
|
||
|
2671000
|
trusted library allocation
|
page read and write
|
||
|
1B9D2000
|
heap
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C28E000
|
stack
|
page read and write
|
||
|
1345D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
C08000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
1BA8E000
|
stack
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B933000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3EF000
|
stack
|
page read and write
|
||
|
128A8000
|
trusted library allocation
|
page read and write
|
||
|
FDD000
|
heap
|
page read and write
|
||
|
EE6000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BF6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
262B000
|
trusted library allocation
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
12D33000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
1BB2B000
|
heap
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
2690000
|
heap
|
page execute and read and write
|
||
|
1B971000
|
heap
|
page read and write
|
||
|
1BBF4000
|
stack
|
page read and write
|
||
|
1B8A6000
|
heap
|
page read and write
|
||
|
B68000
|
heap
|
page read and write
|
||
|
1B8FF000
|
stack
|
page read and write
|
||
|
E1F000
|
stack
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
BCA000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
1BADE000
|
heap
|
page read and write
|
||
|
1BA9E000
|
heap
|
page read and write
|
||
|
1C57C000
|
stack
|
page read and write
|
||
|
1BDFE000
|
stack
|
page read and write
|
||
|
1B5E3000
|
stack
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
B50000
|
trusted library allocation
|
page read and write
|
||
|
34AD000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
7FFD9B92B000
|
trusted library allocation
|
page read and write
|
||
|
602000
|
unkown
|
page readonly
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B690000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1B95F000
|
heap
|
page read and write
|
||
|
7FFD9B94B000
|
trusted library allocation
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
1B94D000
|
heap
|
page read and write
|
||
|
1B26F000
|
stack
|
page read and write
|
||
|
E3E000
|
heap
|
page read and write
|
||
|
1D80000
|
trusted library allocation
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
2595000
|
trusted library allocation
|
page read and write
|
||
|
AE1000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2968000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B90B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B8A0000
|
heap
|
page read and write
|
||
|
1BCF3000
|
stack
|
page read and write
|
||
|
1BBBF000
|
heap
|
page read and write
|
||
|
1BA3C000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1B89D000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
1B9E1000
|
heap
|
page read and write
|
||
|
E4A000
|
heap
|
page read and write
|
||
|
2C9D000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
1BE83000
|
stack
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
2680000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
296B000
|
trusted library allocation
|
page read and write
|
||
|
E78000
|
heap
|
page read and write
|
||
|
1D005000
|
heap
|
page read and write
|
||
|
7FFD9B933000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
B11000
|
heap
|
page read and write
|
||
|
1BCF3000
|
stack
|
page read and write
|
||
|
1B9F3000
|
heap
|
page read and write
|
||
|
7FFD9B903000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1BF00000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
351B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1291D000
|
trusted library allocation
|
page read and write
|
||
|
13451000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page execute and read and write
|
||
|
B91000
|
heap
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
10CF000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
1096000
|
heap
|
page read and write
|
||
|
532000
|
unkown
|
page readonly
|
||
|
12551000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
1BB54000
|
heap
|
page read and write
|
||
|
1B9C5000
|
heap
|
page read and write
|
||
|
1B917000
|
heap
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1B1AF000
|
stack
|
page read and write
|
||
|
7FFD9B77C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B953000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B913000
|
trusted library allocation
|
page read and write
|
||
|
135F000
|
stack
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B9CC000
|
heap
|
page read and write
|
||
|
1B976000
|
heap
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBE9000
|
heap
|
page read and write
|
||
|
7FFD9B80C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
1BB99000
|
heap
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F93000
|
trusted library allocation
|
page read and write
|
||
|
3058000
|
trusted library allocation
|
page read and write
|
||
|
FC8000
|
heap
|
page read and write
|
||
|
7FFD9B75D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADE000
|
trusted library allocation
|
page read and write
|
||
|
1A570000
|
trusted library allocation
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1B8D9000
|
heap
|
page read and write
|
||
|
1BD8A000
|
stack
|
page read and write
|
||
|
B9C000
|
heap
|
page read and write
|
||
|
1D002000
|
heap
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
1C38E000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page execute and read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
155F000
|
stack
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
856000
|
heap
|
page read and write
|
||
|
1B9CE000
|
stack
|
page read and write
|
||
|
87B000
|
heap
|
page read and write
|
||
|
1B51D000
|
stack
|
page read and write
|
||
|
12D38000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B777000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
1B9E3000
|
heap
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
B9E000
|
heap
|
page read and write
|
||
|
881000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAD3000
|
heap
|
page read and write
|
||
|
1B280000
|
heap
|
page execute and read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
1B18E000
|
stack
|
page read and write
|
||
|
1B9FE000
|
stack
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1AE9D000
|
stack
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
1254D000
|
trusted library allocation
|
page read and write
|
||
|
1B28E000
|
stack
|
page read and write
|
||
|
1BBAA000
|
heap
|
page read and write
|
||
|
1B58F000
|
stack
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBFE000
|
stack
|
page read and write
|
||
|
1B9F5000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
1BB09000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
1BBCD000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BF8E000
|
stack
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90A000
|
trusted library allocation
|
page read and write
|
||
|
1A940000
|
trusted library allocation
|
page read and write
|
||
|
2339A0E0000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
B66000
|
stack
|
page read and write
|
||
|
18BE000
|
stack
|
page read and write
|
||
|
7FFD9B7AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B95B000
|
trusted library allocation
|
page read and write
|
||
|
2339A060000
|
heap
|
page read and write
|
||
|
1BCCE000
|
stack
|
page read and write
|
||
|
3512000
|
trusted library allocation
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
109C000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
There are 570 hidden memdumps, click here to show them.