Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
InmateExport.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_drvsuh40.qpm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fompdd11.ili.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_joqzxdvv.fau.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xofmnhtt.wgh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 13:12:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 13:12:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 13:12:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 13:12:10 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 26 13:12:09 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 75
|
ASCII text, with very long lines (763)
|
downloaded
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\InmateExport.exe
|
"C:\Users\user\Desktop\InmateExport.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http:///
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1984,i,17464596491835646964,8750892255793404579,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://www.google.com/async/ddljson?async=ntp:2
|
142.251.35.228
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
http://crl.m
|
unknown
|
||
|
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
|
142.251.35.228
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgRmgZjcGLnsrrEGIjB_vNXGEgS9wJOhWFsE_iSQf_VNStHm5XAaXmLVbZR8megKDZAIxcSH_CsuRT25tegyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://www.google.com/async/newtab_promos
|
142.251.35.228
|
||
|
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
|
142.251.35.228
|
||
|
https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgRmgZjcGLnsrrEGIjB1A5lMzAj7FM0IL6VyuLTZpbdu_xzXLz1UAK55X4ooHkpyrcCzZTXSkwTXgYW3TjQyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
|
142.251.35.228
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 9 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.google.com
|
142.251.35.228
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.251.35.228
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
192.168.2.5
|
unknown
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF848E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8492EB000
|
trusted library allocation
|
page read and write
|
||
|
7FF849470000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
7FF848FE7000
|
trusted library allocation
|
page read and write
|
||
|
7FF849498000
|
trusted library allocation
|
page read and write
|
||
|
339D000
|
trusted library allocation
|
page read and write
|
||
|
1C0D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721C7000
|
trusted library allocation
|
page execute read
|
||
|
1FBF0000
|
heap
|
page read and write
|
||
|
7FF4721C5000
|
trusted library allocation
|
page execute read
|
||
|
1FB61000
|
heap
|
page read and write
|
||
|
7FF849376000
|
trusted library allocation
|
page read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
1FA47000
|
heap
|
page read and write
|
||
|
7FF849560000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB2000
|
trusted library allocation
|
page read and write
|
||
|
1BB4B000
|
heap
|
page read and write
|
||
|
7FF8494F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E04000
|
trusted library allocation
|
page read and write
|
||
|
1F990000
|
heap
|
page read and write
|
||
|
21650000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
7FF849248000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849210000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8495A0000
|
trusted library allocation
|
page read and write
|
||
|
1BB4D000
|
heap
|
page read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB6000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492F7000
|
trusted library allocation
|
page read and write
|
||
|
1AEF0000
|
heap
|
page read and write
|
||
|
1BB35000
|
heap
|
page read and write
|
||
|
7FF8491D0000
|
trusted library allocation
|
page read and write
|
||
|
253C000
|
trusted library allocation
|
page read and write
|
||
|
1FB5C000
|
heap
|
page read and write
|
||
|
1FB43000
|
heap
|
page read and write
|
||
|
7FF8492D8000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4721D2000
|
trusted library allocation
|
page readonly
|
||
|
7FF849330000
|
trusted library allocation
|
page read and write
|
||
|
1FB18000
|
heap
|
page read and write
|
||
|
1A500000
|
trusted library allocation
|
page read and write
|
||
|
12819000
|
trusted library allocation
|
page read and write
|
||
|
2237E000
|
stack
|
page read and write
|
||
|
7FF849296000
|
trusted library allocation
|
page read and write
|
||
|
7FF8495F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849250000
|
trusted library allocation
|
page read and write
|
||
|
1F9E4000
|
heap
|
page read and write
|
||
|
7FF849260000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8495D0000
|
trusted library allocation
|
page read and write
|
||
|
124E6000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
1B22D000
|
heap
|
page read and write
|
||
|
1C120000
|
trusted library allocation
|
page read and write
|
||
|
7FF849370000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAB0000
|
heap
|
page read and write
|
||
|
7FF849270000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721D7000
|
trusted library allocation
|
page execute read
|
||
|
1F9CC000
|
heap
|
page read and write
|
||
|
1BA4F000
|
heap
|
page read and write
|
||
|
7FF84930B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
2C71000
|
trusted library allocation
|
page read and write
|
||
|
1BF40000
|
trusted library allocation
|
page read and write
|
||
|
7FF849334000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
216A2000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
1B39E000
|
stack
|
page read and write
|
||
|
21670000
|
trusted library allocation
|
page read and write
|
||
|
1BA8E000
|
heap
|
page read and write
|
||
|
7FF8492F9000
|
trusted library allocation
|
page read and write
|
||
|
7FF849361000
|
trusted library allocation
|
page read and write
|
||
|
21660000
|
trusted library allocation
|
page read and write
|
||
|
7FF849230000
|
trusted library allocation
|
page read and write
|
||
|
1BA31000
|
heap
|
page read and write
|
||
|
7FF848E5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4721F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B242000
|
heap
|
page read and write
|
||
|
1FB2E000
|
heap
|
page read and write
|
||
|
1BA0B000
|
heap
|
page read and write
|
||
|
1B0DD000
|
heap
|
page read and write
|
||
|
7FF4721C9000
|
trusted library allocation
|
page execute read
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
68E000
|
heap
|
page read and write
|
||
|
1B9A4000
|
heap
|
page read and write
|
||
|
7FF8492C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
7FF849160000
|
trusted library allocation
|
page read and write
|
||
|
1BA71000
|
heap
|
page read and write
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
24D1000
|
trusted library allocation
|
page read and write
|
||
|
1B79B000
|
stack
|
page read and write
|
||
|
1B101000
|
heap
|
page read and write
|
||
|
1AF93000
|
heap
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
unkown
|
page readonly
|
||
|
124E9000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA41000
|
heap
|
page read and write
|
||
|
7FF849448000
|
trusted library allocation
|
page read and write
|
||
|
1B298000
|
heap
|
page read and write
|
||
|
7FF8494CA000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
1FB8E000
|
heap
|
page read and write
|
||
|
1CFEF000
|
stack
|
page read and write
|
||
|
7FF849570000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492E6000
|
trusted library allocation
|
page read and write
|
||
|
1FB45000
|
heap
|
page read and write
|
||
|
7FF849430000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
7FF849620000
|
trusted library allocation
|
page read and write
|
||
|
7FF849420000
|
trusted library allocation
|
page read and write
|
||
|
1F9E2000
|
heap
|
page read and write
|
||
|
21630000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492FD000
|
trusted library allocation
|
page read and write
|
||
|
286A000
|
trusted library allocation
|
page read and write
|
||
|
7FF849298000
|
trusted library allocation
|
page read and write
|
||
|
1B9C9000
|
heap
|
page read and write
|
||
|
1B0C0000
|
heap
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
1B99A000
|
heap
|
page read and write
|
||
|
7FF4721CB000
|
trusted library allocation
|
page execute read
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
12802000
|
trusted library allocation
|
page read and write
|
||
|
1FB74000
|
heap
|
page read and write
|
||
|
1FBB2000
|
heap
|
page read and write
|
||
|
7FF849553000
|
trusted library allocation
|
page read and write
|
||
|
7FF849350000
|
trusted library allocation
|
page read and write
|
||
|
1FB5E000
|
heap
|
page read and write
|
||
|
1D97F000
|
stack
|
page read and write
|
||
|
1FCE5000
|
heap
|
page read and write
|
||
|
7FF849280000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8493A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
7FF849610000
|
trusted library allocation
|
page read and write
|
||
|
1B20D000
|
heap
|
page read and write
|
||
|
1FBE3000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
1C0E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA8000
|
trusted library allocation
|
page read and write
|
||
|
1B990000
|
heap
|
page read and write
|
||
|
1256A000
|
trusted library allocation
|
page read and write
|
||
|
24C0000
|
heap
|
page execute and read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721CA000
|
trusted library allocation
|
page readonly
|
||
|
7FF849240000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1A000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
1FB7E000
|
heap
|
page read and write
|
||
|
7FF4721DC000
|
trusted library allocation
|
page readonly
|
||
|
7FF8492F0000
|
trusted library allocation
|
page read and write
|
||
|
1FBF9000
|
heap
|
page read and write
|
||
|
7FF849373000
|
trusted library allocation
|
page read and write
|
||
|
64A000
|
heap
|
page read and write
|
||
|
1BA1E000
|
heap
|
page read and write
|
||
|
1FB90000
|
heap
|
page read and write
|
||
|
26C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E2B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B0D2000
|
heap
|
page read and write
|
||
|
1BB49000
|
heap
|
page read and write
|
||
|
7FF4721D4000
|
trusted library allocation
|
page readonly
|
||
|
1B290000
|
heap
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849580000
|
trusted library allocation
|
page read and write
|
||
|
7FF849510000
|
trusted library allocation
|
page read and write
|
||
|
2A2E000
|
trusted library allocation
|
page read and write
|
||
|
1AF13000
|
heap
|
page execute and read and write
|
||
|
124D1000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
1AE9E000
|
stack
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
1FC26000
|
heap
|
page read and write
|
||
|
1FB4F000
|
heap
|
page read and write
|
||
|
7FF4721C6000
|
trusted library allocation
|
page readonly
|
||
|
1BA35000
|
heap
|
page read and write
|
||
|
2160C000
|
stack
|
page read and write
|
||
|
1C110000
|
trusted library allocation
|
page read and write
|
||
|
1B28D000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721D6000
|
trusted library allocation
|
page readonly
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849390000
|
trusted library allocation
|
page read and write
|
||
|
7FF849312000
|
trusted library allocation
|
page read and write
|
||
|
7FF8494E0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8495B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849198000
|
trusted library allocation
|
page read and write
|
||
|
1FB28000
|
heap
|
page read and write
|
||
|
1BA3B000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849590000
|
trusted library allocation
|
page read and write
|
||
|
1B9DE000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
AA0000
|
trusted library allocation
|
page read and write
|
||
|
21640000
|
trusted library allocation
|
page read and write
|
||
|
7FF8491C0000
|
trusted library allocation
|
page read and write
|
||
|
65F000
|
heap
|
page read and write
|
||
|
1B9CF000
|
heap
|
page read and write
|
||
|
7FF8490C8000
|
trusted library allocation
|
page read and write
|
||
|
1BAEF000
|
heap
|
page read and write
|
||
|
1FA8E000
|
heap
|
page read and write
|
||
|
885000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
1F9A0000
|
heap
|
page read and write
|
||
|
7FF8492C5000
|
trusted library allocation
|
page read and write
|
||
|
1FCD7000
|
heap
|
page read and write
|
||
|
1BA75000
|
heap
|
page read and write
|
||
|
7FF849190000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E24000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849445000
|
trusted library allocation
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721D5000
|
trusted library allocation
|
page execute read
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF849307000
|
trusted library allocation
|
page read and write
|
||
|
7FF849434000
|
trusted library allocation
|
page read and write
|
||
|
7FF84945F000
|
trusted library allocation
|
page read and write
|
||
|
1FB52000
|
heap
|
page read and write
|
||
|
7FF849170000
|
trusted library allocation
|
page read and write
|
||
|
7FF849302000
|
trusted library allocation
|
page read and write
|
||
|
7FF84961B000
|
trusted library allocation
|
page read and write
|
||
|
2CE9000
|
trusted library allocation
|
page read and write
|
||
|
7FF8494D6000
|
trusted library allocation
|
page read and write
|
||
|
12809000
|
trusted library allocation
|
page read and write
|
||
|
1C030000
|
trusted library allocation
|
page read and write
|
||
|
7FF84932A000
|
trusted library allocation
|
page read and write
|
||
|
7FF84954C000
|
trusted library allocation
|
page read and write
|
||
|
1A854000
|
heap
|
page read and write
|
||
|
7FF849398000
|
trusted library allocation
|
page read and write
|
||
|
1B69E000
|
stack
|
page read and write
|
||
|
7FF849525000
|
trusted library allocation
|
page read and write
|
||
|
172000
|
unkown
|
page readonly
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
7FF849380000
|
trusted library allocation
|
page read and write
|
||
|
626000
|
heap
|
page read and write
|
||
|
7FF849618000
|
trusted library allocation
|
page read and write
|
||
|
1B99E000
|
heap
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
21610000
|
trusted library allocation
|
page read and write
|
||
|
1FBF5000
|
heap
|
page read and write
|
||
|
7FF4721C1000
|
trusted library allocation
|
page execute read
|
||
|
1FB76000
|
heap
|
page read and write
|
||
|
7FF8491B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF849220000
|
trusted library allocation
|
page read and write
|
||
|
1C0C0000
|
trusted library allocation
|
page read and write
|
||
|
1258A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C100000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492E1000
|
trusted library allocation
|
page read and write
|
||
|
7FF472200000
|
trusted library allocation
|
page execute and read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
7FF849180000
|
trusted library allocation
|
page read and write
|
||
|
1FA94000
|
heap
|
page read and write
|
||
|
1AF90000
|
heap
|
page read and write
|
||
|
1B9FF000
|
heap
|
page read and write
|
||
|
1BB20000
|
heap
|
page read and write
|
||
|
1BA85000
|
heap
|
page read and write
|
||
|
693000
|
heap
|
page read and write
|
||
|
1BB51000
|
heap
|
page read and write
|
||
|
7FF4721D1000
|
trusted library allocation
|
page execute read
|
||
|
7FF4721C3000
|
trusted library allocation
|
page execute read
|
||
|
2CF3000
|
trusted library allocation
|
page read and write
|
||
|
7FF8495FD000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721D3000
|
trusted library allocation
|
page execute read
|
||
|
7FF8494E9000
|
trusted library allocation
|
page read and write
|
||
|
1B984000
|
stack
|
page read and write
|
||
|
7FF4721E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FB80000
|
heap
|
page read and write
|
||
|
7FF84946C000
|
trusted library allocation
|
page read and write
|
||
|
1FADD000
|
heap
|
page read and write
|
||
|
1AF10000
|
heap
|
page execute and read and write
|
||
|
7FF849337000
|
trusted library allocation
|
page read and write
|
||
|
AD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849583000
|
trusted library allocation
|
page read and write
|
||
|
7FF8492C3000
|
trusted library allocation
|
page read and write
|
||
|
1C0F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721C2000
|
trusted library allocation
|
page readonly
|
||
|
7FF848EE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1FA58000
|
heap
|
page read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
7FF4721C0000
|
trusted library allocation
|
page readonly
|
||
|
244F000
|
stack
|
page read and write
|
||
|
1258F000
|
trusted library allocation
|
page read and write
|
||
|
1BCEE000
|
stack
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
1BA0D000
|
heap
|
page read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF84934B000
|
trusted library allocation
|
page read and write
|
||
|
AD3000
|
trusted library allocation
|
page read and write
|
||
|
1B1A0000
|
heap
|
page read and write
|
||
|
7FF8492B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
1FD1A000
|
heap
|
page read and write
|
||
|
7FF849200000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
1B24A000
|
heap
|
page read and write
|
||
|
1BDEB000
|
stack
|
page read and write
|
||
|
1FB06000
|
heap
|
page read and write
|
||
|
1AA5A000
|
stack
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
1BA92000
|
heap
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
7FF4721DD000
|
trusted library allocation
|
page execute read
|
||
|
2CED000
|
trusted library allocation
|
page read and write
|
||
|
4F4000
|
stack
|
page read and write
|
||
|
7FF848EB6000
|
trusted library allocation
|
page read and write
|
||
|
1FC99000
|
heap
|
page read and write
|
||
|
7FF849500000
|
trusted library allocation
|
page read and write
|
||
|
1AF60000
|
heap
|
page execute and read and write
|
||
|
7FF4721C8000
|
trusted library allocation
|
page readonly
|
||
|
12527000
|
trusted library allocation
|
page read and write
|
||
|
7FF849290000
|
trusted library allocation
|
page read and write
|
||
|
68C000
|
heap
|
page read and write
|
||
|
7FF4721C4000
|
trusted library allocation
|
page readonly
|
||
|
7FF848EBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA04000
|
heap
|
page read and write
|
||
|
1FB82000
|
heap
|
page read and write
|
||
|
1BA6B000
|
heap
|
page read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF8492D4000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FB86000
|
heap
|
page read and write
|
||
|
1BA11000
|
heap
|
page read and write
|
||
|
7FF849630000
|
trusted library allocation
|
page read and write
|
||
|
7FF8495BB000
|
trusted library allocation
|
page read and write
|
||
|
662000
|
heap
|
page read and write
|
||
|
1FB08000
|
heap
|
page read and write
|
||
|
7FF84949C000
|
trusted library allocation
|
page read and write
|
||
|
7FF84930E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E18000
|
trusted library allocation
|
page read and write
|
||
|
7FF84932C000
|
trusted library allocation
|
page read and write
|
||
|
1BF30000
|
trusted library allocation
|
page read and write
|
There are 334 hidden memdumps, click here to show them.