Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\rrrsyhb.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\weltervgter\Gutte.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\kajsoiestc.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B0ZBZFKQ\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvAF21.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0xfae478d5, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\blnru
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsuBDCD.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsuBDCD.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Fdrelandssanges\afproevningsstrategiernes.Ast
|
data
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Fdrelandssanges\dhourra.dei
|
data
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Pneumonolith.upl
|
data
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Regionalize\Trade199\Fremlg\Fruitstalk\fiskeriinteressernes.bnk
|
data
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Regionalize\Trade199\Fremlg\Fruitstalk\motleyest.hea
|
data
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Regionalize\Trade199\Fremlg\Fruitstalk\perivesical.cer
|
Matlab v4 mat-file (little endian) , numeric, rows 0, columns 0
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Regionalize\Trade199\Fremlg\Fruitstalk\vanskabningers.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\udskriftskartotek\chiromancy\refalling\Semestret\Implantation\Hives\Wienervalsene\Milched.gri
|
data
|
dropped
|
||
|
C:\Windows\Resources\0409\gashanens.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 8 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
"C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "250^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "244^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "227^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "255^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "244^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "253^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "130^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "131^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "139^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "139^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "242^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "195^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "208^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "197^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "247^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "221^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "212^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "240^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "153^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "220^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "195^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "133^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "201^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "137^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "193^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "133^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "157^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "216^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "145^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "201^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "137^177"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /c set /a "129^177"
|
|
|
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
"C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe"
|
|
|
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe /stext "C:\Users\user\AppData\Local\Temp\blnru"
|
|
|
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe /stext "C:\Users\user\AppData\Local\Temp\dfsjvxzdl"
|
|
|
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe
|
C:\Users\user\Desktop\PURCHASEORDERSHEET&SPECIFICATIONSDOC.exe /stext "C:\Users\user\AppData\Local\Temp\ohfuvpkfznra"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\rrrsyhb.vbs"
|
|
|
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\Conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 124 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://odc.offi
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://s1.adform.net/Banners/Elements/Files/2070608/10170131/bvpath_258/pics/k3.jpg
|
unknown
|
||
|
https://s1.adform.net/Banners/Elements/Files/2070608/10170131/bvpath_258/pics/footer.png
|
unknown
|
||
|
https://ajax.aspnetcdn.com/ajax/jquery/jquery-3.3.1.min.js
|
unknown
|
||
|
https://csp.withgoogle.com/csp/ads-programmable
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RC0ee8c30f496b428a91d7f3289a2b8a2
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RC784fc6783b2f45a09cb8efa184cc684
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://www.google.com/chrome/
|
unknown
|
||
|
http://cdp.thawte.com/ThawteRSACA2018.crl0L
|
unknown
|
||
|
https://cxcs.microsoft.net/static/public/tips/neutral/6c6740da-0bfe-48a6-83fc-c98d1919b060/3addf02b7
|
unknown
|
||
|
https://www.google.com/recaptcha/api
|
unknown
|
||
|
https://csp.withgoogle.com/csp/botguard-scs
|
unknown
|
||
|
https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl
|
unknown
|
||
|
https://s1.adform.net/Banners/Elements/Files/2070608/10170131/10170131.js?ADFassetID=10170131&bv=258
|
unknown
|
||
|
https://www.google.com/chrome/https://
|
unknown
|
||
|
http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
|
unknown
|
||
|
https://www.msn.com
|
unknown
|
||
|
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=b2df1cf6-0873-4430-916b-9612e80
|
unknown
|
||
|
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-light.wo
|
unknown
|
||
|
https://btloader.com/tag?o=6208086025961472&upapi=true
|
unknown
|
||
|
http://www.imvu.comata
|
unknown
|
||
|
https://use.typekit.net/af/eaf09c/000000000000000000017703/27/d?subset_id=2&fvd=n7&v=3
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/svg/72/MostlySunnyDay.svg
|
unknown
|
||
|
https://b1sync.zemanta.com/usersync/msn/?puid=101156F9176C6E98058F466E16B36FAC
|
unknown
|
||
|
https://contextual.med
|
unknown
|
||
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_311%2Cw_207%2Cc_pad%2
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RCe691e5baee9945259179326d0658843
|
unknown
|
||
|
http://ocsp.sca1b.amazontrust.com06
|
unknown
|
||
|
http://certs.godaddy.com/repository/1301
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contextual.media.net/checks
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://certs.godaddy.com/repository/0
|
unknown
|
||
|
https://pki.goog/repository/0
|
unknown
|
||
|
https://www.msn.com/
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RCd01d50cad19649bf857a22be5995480
|
unknown
|
||
|
http://cacerts.thawte.com/ThawteRSACA2018.crt0
|
unknown
|
||
|
http://crl.godaddy.com/gdroot-g2.crl0F
|
unknown
|
||
|
http://crl.rootg2.amazontrust.com/rootg2.crl0
|
unknown
|
||
|
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=2542116;cat=chrom0;ord=8672137916610;
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://www.msn.com/?ocid=iehp
|
unknown
|
||
|
https://cvision.media.net/new/300x300/2/45/221/3/7d5dc6a9-5325-442d-926e-f2c668b8e65e.jpg?v=9
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RC8cd6be4f72cf4da1aa891e7da23d144
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
http://trc.taboola.com/p3p.xml
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RC028e72ad6b944b8183346fecb32a729
|
unknown
|
||
|
https://tpc.g
|
unknown
|
||
|
https://2542116.fls.doublecli
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-US/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
||
|
https://s1.adform.net/Banners/Elements/Files/2070608/10170131/bvpath_258/pics/k2.jpg
|
unknown
|
||
|
http://crl.godaddy.com/gdig2s1-2558.crl0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://csp.withgoogle.com/csp/report-to/botguard-scs
|
unknown
|
||
|
https://www.msn.com/de-ch/https://
|
unknown
|
||
|
http://certificates.godaddy.com/repository/0
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
|
unknown
|
||
|
https://eb2.3lift.com/sync?
|
unknown
|
||
|
https://acdn.adnxs.com/dmp/async_usersync.html
|
unknown
|
||
|
https://assets.adobedtm.com/launch-EN7b3d710ac67a4a1195648458258f97dd.min.js
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb&ndcParam=QUZE
|
unknown
|
||
|
http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl0
|
unknown
|
||
|
https://csp.withgoogle.com/csp/report-to/adspam-signals-scs
|
unknown
|
||
|
http://pki.goog/repo/certs/gts1c3.der07
|
unknown
|
||
|
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=clien612;cat=chromx;ord=1;num=7209567
|
unknown
|
||
|
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
|
unknown
|
||
|
https://www.google.com/pa
|
unknown
|
||
|
https://srtb.msn.com/auction?a=de-ch&b=bba24733ba4a487f8f8706bf3811269e&c=MSN&d=https%3A%2F%2Fwww.ms
|
unknown
|
||
|
https://2542116.fls.doubleclick.net/activ
|
unknown
|
||
|
https://2542116.fls.double
|
unknown
|
||
|
https://use.typekit.net/af/cb695f/000000000000000000017701/27/d?subset_id=2&fvd=n4&v=3
|
unknown
|
||
|
https://www.msn.com/de-ch/?ocid=iehp
|
unknown
|
||
|
https://www.google.com/chrome/thank-you.html?statcb=0&installdataindex=empty&defaultbrowser=0
|
unknown
|
||
|
https://cdn.taboola.com/TaboolaCookieSyncScript.js
|
unknown
|
||
|
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
|
unknown
|
||
|
https://static.doubleclick.net/dynamic/5/283983386/11928812572019506176_2845462151855228713.jpeg
|
unknown
|
||
|
https://www.msn.com/spartan/en-gb/kernel/appcache/cache.appcache?locale=en-GB&market=GB&enableregula
|
unknown
|
||
|
https://www.msn.com/spartan/ientp?locale=en-GB&market=GB&enableregulatorypsm=0&enablecpsm=0&NTLogo=1
|
unknown
|
||
|
https://www.msn.com/_h/9c38ab9f/webcore/externalscripts/oneTrustV2/scripttemplates/otSDKStub.js
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RCefb91313fdae420ebbea45d8f044894
|
unknown
|
||
|
https://adservice.google.com/ddm/fls/i/src=2542116;type=chrom322;cat=chrom01g;ord=3739368433491;gtm=
|
unknown
|
||
|
https://www.google.com/pagead/drt/ui
|
unknown
|
||
|
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
|
unknown
|
||
|
https://sb.scorecardresearch.com/beacon.js
|
unknown
|
||
|
http://pki.goog/gsr1/gsr1.crt02
|
unknown
|
||
|
http://pki.goog/repo/certs/gts1c3.der0$
|
unknown
|
||
|
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1632306836522&c7=https%3A%2F%2Fwww.
|
unknown
|
||
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_368%2Cw_622%2Cc_fill%2Cg_faces:au
|
unknown
|
||
|
https://get3.adobe
|
unknown
|
||
|
https://assets.adobedtm.com/5ef092d1efb5/4d1d9f749fd3/2b6d8bd51279/RCacc6c4ed30494f9fad065afe638a7ca
|
unknown
|
||
|
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_311%2Cw_207%2Cc_fill%2Cg_faces:au
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
janbours92harbu01.duckdns.org
|
172.94.9.228
|
|
|
|
janbours92harbu02.duckdns.org
|
unknown
|
|
|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.94.9.228
|
janbours92harbu01.duckdns.org
|
United States
|
|
|
|
94.156.8.104
|
unknown
|
Bulgaria
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
|
Nomap
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\swazi
|
stednavnene
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\housecraft\Uninstall\Chalcocite\bredsaaningerne
|
Orientalizes
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\Straalemestrene\Uninstall\ensky
|
lkkersultent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Genos199\mellemskolen
|
pocheringer
|
||
|
HKEY_CURRENT_USER\SOFTWARE\aksoiestgb-7MC3AW
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\aksoiestgb-7MC3AW
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\aksoiestgb-7MC3AW
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
There are 1 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8BC000
|
heap
|
page read and write
|
|
|
|
5DF7000
|
heap
|
page read and write
|
|
|
|
8643000
|
direct allocation
|
page execute and read and write
|
|
|
|
5DF7000
|
heap
|
page read and write
|
|
|
|
8FB000
|
heap
|
page read and write
|
|
|
|
738000
|
heap
|
page read and write
|
||
|
36C72000
|
heap
|
page read and write
|
||
|
382AD000
|
heap
|
page read and write
|
||
|
784000
|
unkown
|
page read and write
|
||
|
2369000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
36CEC000
|
heap
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
2F30000
|
direct allocation
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
5E18000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
35D23000
|
heap
|
page read and write
|
||
|
37AB4000
|
heap
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
410B000
|
stack
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
2A95000
|
heap
|
page read and write
|
||
|
77A000
|
unkown
|
page read and write
|
||
|
384BA000
|
heap
|
page read and write
|
||
|
236A000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
36DE1000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2B45000
|
heap
|
page read and write
|
||
|
2B5F000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
37CB4000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
356ED000
|
heap
|
page read and write
|
||
|
234C000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
5E1E000
|
heap
|
page read and write
|
||
|
394B0000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
234C000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
35684000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
279B000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
5E1E000
|
heap
|
page read and write
|
||
|
368F1000
|
heap
|
page read and write
|
||
|
7BD000
|
unkown
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
509F000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
236B000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
236B000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
2B5B000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
35D24000
|
heap
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
5E55000
|
heap
|
page read and write
|
||
|
372C2000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B86000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2761000
|
heap
|
page read and write
|
||
|
236E000
|
heap
|
page read and write
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
35680000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
2363000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
281E000
|
stack
|
page read and write
|
||
|
B33000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
36E3C000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
35694000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
753000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
234C000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
6D660000
|
unkown
|
page readonly
|
||
|
236D000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2371000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2362000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
36DE1000
|
heap
|
page read and write
|
||
|
356C4000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
5E20000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
2364000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
373C1000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
236E000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
499E000
|
stack
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
2B4E000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
23C8000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
5E2A000
|
heap
|
page read and write
|
||
|
2363000
|
heap
|
page read and write
|
||
|
35690000
|
heap
|
page read and write
|
||
|
2393000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
2FEA000
|
heap
|
page read and write
|
||
|
23C9000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
3568C000
|
heap
|
page read and write
|
||
|
235C000
|
heap
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
373CC000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
235C000
|
heap
|
page read and write
|
||
|
5E0A000
|
heap
|
page read and write
|
||
|
356EF000
|
heap
|
page read and write
|
||
|
23C2000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
374D6000
|
heap
|
page read and write
|
||
|
373CC000
|
heap
|
page read and write
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
3696A000
|
heap
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6BD000
|
stack
|
page read and write
|
||
|
2FA0000
|
direct allocation
|
page read and write
|
||
|
2B5B000
|
heap
|
page read and write
|
||
|
A9F000
|
stack
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
356EB000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
B3D000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
373CC000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
5DC7000
|
heap
|
page read and write
|
||
|
36BFA000
|
heap
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
2F90000
|
direct allocation
|
page read and write
|
||
|
236C000
|
heap
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
3098000
|
heap
|
page read and write
|
||
|
88A000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
23C8000
|
heap
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
2CBA000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
2F44000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2361000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
356BC000
|
heap
|
page read and write
|
||
|
356F7000
|
heap
|
page read and write
|
||
|
392A5000
|
heap
|
page read and write
|
||
|
2CB7000
|
heap
|
page read and write
|
||
|
2F80000
|
direct allocation
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
2362000
|
heap
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
236A000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
3569C000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
4F9E000
|
stack
|
page read and write
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
237E000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
7FD000
|
stack
|
page read and write
|
||
|
2FE4000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
35D24000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
400C000
|
stack
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
36B81000
|
heap
|
page read and write
|
||
|
36DB0000
|
heap
|
page read and write
|
||
|
AFD000
|
heap
|
page read and write
|
||
|
780000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
374C6000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5E38000
|
heap
|
page read and write
|
||
|
6D661000
|
unkown
|
page execute read
|
||
|
2CBB000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
5E59000
|
heap
|
page read and write
|
||
|
2F46000
|
heap
|
page read and write
|
||
|
234F000
|
heap
|
page read and write
|
||
|
374C6000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
2B5B000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
35D23000
|
heap
|
page read and write
|
||
|
2361000
|
heap
|
page read and write
|
||
|
5E43000
|
direct allocation
|
page execute and read and write
|
||
|
2368000
|
heap
|
page read and write
|
||
|
2F50000
|
direct allocation
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
29FF000
|
heap
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
373C1000
|
heap
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
387A8000
|
heap
|
page read and write
|
||
|
2B5F000
|
heap
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
39A95000
|
heap
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
2F20000
|
direct allocation
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
7A7000
|
unkown
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
2F40000
|
direct allocation
|
page read and write
|
||
|
2B54000
|
heap
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
373CB000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
2CA5000
|
heap
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
2CEF000
|
stack
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
2B48000
|
heap
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
5E42000
|
heap
|
page read and write
|
||
|
2841000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
235D000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
2359000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
2B5F000
|
heap
|
page read and write
|
||
|
2B5F000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
5E1E000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
5E0A000
|
heap
|
page read and write
|
||
|
6D67D000
|
unkown
|
page read and write
|
||
|
AF6000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
374CE000
|
heap
|
page read and write
|
||
|
2B5B000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
7A0000
|
unkown
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
18F000
|
stack
|
page read and write
|
||
|
C83000
|
heap
|
page read and write
|
||
|
235D000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
38AA9000
|
heap
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
38AAD000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
356E5000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
407000
|
unkown
|
page readonly
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
36DE1000
|
heap
|
page read and write
|
||
|
37D0000
|
trusted library allocation
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2CB7000
|
heap
|
page read and write
|
||
|
2351000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
237A000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
5E0A000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
36DE1000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
2C98000
|
heap
|
page read and write
|
||
|
236D000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
2CA8000
|
heap
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
6D676000
|
unkown
|
page readonly
|
||
|
95E000
|
stack
|
page read and write
|
||
|
36C72000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
2880000
|
direct allocation
|
page read and write
|
||
|
37CBB000
|
heap
|
page read and write
|
||
|
2B54000
|
heap
|
page read and write
|
||
|
37564000
|
heap
|
page read and write
|
||
|
36E3C000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
4BE000
|
stack
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
384B0000
|
heap
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
2366000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
22E8000
|
heap
|
page read and write
|
||
|
9043000
|
direct allocation
|
page execute and read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
5E2A000
|
heap
|
page read and write
|
||
|
2361000
|
heap
|
page read and write
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
26D5000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
C8C000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
26AE000
|
stack
|
page read and write
|
||
|
2364000
|
heap
|
page read and write
|
||
|
2360000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
2664000
|
heap
|
page read and write
|
||
|
236B000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
2761000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
5E59000
|
heap
|
page read and write
|
||
|
236C000
|
heap
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
17C000
|
stack
|
page read and write
|
||
|
36BFA000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
5E0B000
|
heap
|
page read and write
|
||
|
AF0000
|
trusted library allocation
|
page read and write
|
||
|
2362000
|
heap
|
page read and write
|
||
|
2890000
|
direct allocation
|
page read and write
|
||
|
2365000
|
heap
|
page read and write
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
2F44000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
374CF000
|
heap
|
page read and write
|
||
|
5DC3000
|
heap
|
page read and write
|
||
|
2FB0000
|
direct allocation
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2B47000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
6D67F000
|
unkown
|
page readonly
|
||
|
36DE1000
|
heap
|
page read and write
|
||
|
373CB000
|
heap
|
page read and write
|
||
|
A7F000
|
stack
|
page read and write
|
||
|
37604000
|
heap
|
page read and write
|
||
|
7243000
|
direct allocation
|
page execute and read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
2F70000
|
direct allocation
|
page read and write
|
||
|
2F60000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2F46000
|
heap
|
page read and write
|
||
|
4D4000
|
heap
|
page read and write
|
||
|
2410000
|
heap
|
page read and write
|
||
|
2B41000
|
heap
|
page read and write
|
||
|
2354000
|
heap
|
page read and write
|
||
|
269B000
|
stack
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
23C9000
|
heap
|
page read and write
|
||
|
234C000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
5DDB000
|
heap
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
2B46000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
7C43000
|
direct allocation
|
page execute and read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
177000
|
stack
|
page read and write
|
||
|
2848000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
4D5000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
6843000
|
direct allocation
|
page execute and read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
5E1B000
|
heap
|
page read and write
|
||
|
2B56000
|
heap
|
page read and write
|
||
|
236B000
|
heap
|
page read and write
|
||
|
2369000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
235C000
|
heap
|
page read and write
|
||
|
26D9000
|
heap
|
page read and write
|
||
|
235C000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2FF4000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
2CCB000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
37651000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
36D81000
|
heap
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
384AA000
|
heap
|
page read and write
|
||
|
7BF000
|
unkown
|
page readonly
|
||
|
36E29000
|
heap
|
page read and write
|
||
|
385AF000
|
heap
|
page read and write
|
||
|
36E58000
|
heap
|
page read and write
|
||
|
2772000
|
heap
|
page read and write
|
||
|
27DE000
|
stack
|
page read and write
|
||
|
2B5F000
|
heap
|
page read and write
|
||
|
BCF000
|
stack
|
page read and write
|
||
|
2BB2000
|
heap
|
page read and write
|
||
|
2941000
|
heap
|
page read and write
|
||
|
88E000
|
heap
|
page read and write
|
||
|
35D22000
|
heap
|
page read and write
|
||
|
5370000
|
direct allocation
|
page execute and read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
2B49000
|
heap
|
page read and write
|
||
|
23C3000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
356F3000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
2B5C000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
5443000
|
direct allocation
|
page execute and read and write
|
||
|
2B41000
|
heap
|
page read and write
|
There are 598 hidden memdumps, click here to show them.