IOCReport

loading gif

Files

File Path
Type
Category
Malicious
Request for Quotation (RFQ).xlsx
CDFV2 Encrypted
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\dan[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
downloaded
 malicious
C:\Users\user\Desktop\~$Request for Quotation (RFQ).xlsx
data
dropped
 malicious
C:\Users\Public\vbc.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, 60080 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\1499C3D2.png
PNG image data, 476 x 244, 8-bit/color RGB, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\21A7353E.jpeg
gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 700x990, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6A8387D5.emf
Windows Enhanced Metafile (EMF) image data version 0x10000
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6F569DAB.png
PNG image data, 566 x 429, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7B58EFF1.jpeg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 191x263, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\862DD3FC.png
PNG image data, 566 x 429, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\87C26827.png
PNG image data, 476 x 244, 8-bit/color RGB, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8FEB23B0.png
PNG image data, 399 x 605, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B121FC63.jpeg
gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 700x990, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C6662BCD.png
PNG image data, 399 x 605, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FA8E76A.jpeg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 191x263, frames 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\Cab71DC.tmp
Microsoft Cabinet archive data, 60080 bytes, 1 file
dropped
 clean
C:\Users\user\AppData\Local\Temp\Tar71DD.tmp
data
modified
 clean
There are 9 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
'C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE' -Embedding
 malicious
C:\Users\Public\vbc.exe
'C:\Users\Public\vbc.exe'
malicious
C:\Users\Public\vbc.exe
C:\Users\Public\vbc.exe
 malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
'C:\Program Files\Microsoft Office\Office14\EXCEL.EXE' /automation -Embedding
 clean

URLs

Name
IP
Malicious
http://192.227.228.121/dan.exe
192.227.228.121
 malicious
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
unknown
 clean
http://127.0.0.1:HTTP/1.1
unknown
 clean
http://DynDns.comDynDNS
unknown
 clean
http://DPosyL.com
unknown
 clean
https://sectigo.com/CPS0
unknown
 clean
http://crl.entrust.net/server1.crl0
unknown
 clean
http://us2.smtp.mailhostbox.com
unknown
 clean
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
unknown
 clean
http://ocsp.entrust.net03
unknown
 clean
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
unknown
 clean
http://www.diginotar.nl/cps/pkioverheid0
unknown
 clean
https://github.com/georgw777/MediaManager
unknown
 clean
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
unknown
 clean
https://github.com/georgw777/MediaManager;https://github.com/georgw777/
unknown
 clean
http://MzDfYxjI5Zul5lFh.org
unknown
 clean
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
unknown
 clean
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://www.day.com/dam/1.0
unknown
 clean
http://ocsp.sectigo.com0A
unknown
 clean
http://www.%s.comPA
unknown
 clean
http://ocsp.entrust.net0D
unknown
 clean
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
 clean
https://secure.comodo.com/CPS0
unknown
 clean
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
unknown
 clean
http://servername/isapibackend.dll
unknown
 clean
http://crl.entrust.net/2048ca.crl0
unknown
 clean
https://github.com/georgw777/
unknown
 clean
There are 18 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
us2.smtp.mailhostbox.com
208.91.198.143
 clean

IPs

IP
Domain
Country
Malicious
192.227.228.121
unknown
United States
malicious
208.91.198.143
us2.smtp.mailhostbox.com
United States
clean

Registry

Path
Value
Malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
uq7
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
MTTT
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ReviewToken
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
EDA48
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
VBAFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
DefaultSheetR2L
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
UseSystemSeparators
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ThousandsSeparator
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
DecimalSeparator
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
;z7
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
F254C
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
F319B
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Max Display
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 1
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 2
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 3
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 4
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 5
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 6
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 7
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 8
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 9
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 10
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 11
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 12
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 13
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 14
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 15
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 16
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 17
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 18
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 19
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 20
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
Item 21
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
LastPurgeTime
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
EXCELFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_3082
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1036
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
SpellingAndGrammarFiles_1033
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
ProductFiles
 clean
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
F254C
 clean
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
EquationEditorFilesIntl_1033
 clean
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
SavedLegacySettings
 clean
C:\Users\Public\vbc.exe
Blob
 clean
C:\Users\Public\vbc.exe
Blob
 clean
C:\Users\Public\vbc.exe
Blob
 clean
C:\Users\Public\vbc.exe
Blob
 clean
C:\Users\Public\vbc.exe
Blob
 clean
C:\Users\Public\vbc.exe
Blob
 clean
There are 56 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
21B6000
unkown
page read and write
 malicious
2318000
unkown
page read and write
 malicious
3199000
unkown
page read and write
 malicious
2291000
unkown
page read and write
 malicious
402000
unkown
page execute and read and write
 malicious
7309000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
1F30000
unkown
page read and write
 clean
260000
unkown
page read and write
 clean
67C0000
heap private
page read and write
 clean
900000
unkown image
page readonly
 clean
5280000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
9A000
unkown
page read and write
 clean
1ED2000
heap private
page read and write
 clean
280000
unkown
page read and write
 clean
2A0000
unkown
page execute and read and write
 clean
1F10000
unkown
page read and write
 clean
470000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
1F45000
unkown
page read and write
 clean
55E000
unkown
page read and write
 clean
2020000
heap private
page read and write
 clean
312000
unkown
page read and write
 clean
118000
heap private
page read and write
 clean
2042000
heap private
page read and write
 clean
50C0000
unkown
page read and write
 clean
4E00000
unkown
page read and write
 clean
61CF000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
272000
unkown
page read and write
 clean
4940000
heap private
page read and write
 clean
5E0000
unkown
page readonly
 clean
255000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
49EE000
unkown
page read and write
 clean
1E80000
unkown
page read and write
 clean
51C0000
unkown
page read and write
 clean
152000
unkown
page read and write
 clean
1E90000
unkown
page read and write
 clean
1F10000
unkown
page read and write
 clean
5211000
unkown
page read and write
 clean
8F6000
unkown
page read and write
 clean
5236000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
3C0000
unkown
page readonly
 clean
1DE0000
unkown
page read and write
 clean
492C000
unkown
page read and write
 clean
1F40000
unkown
page read and write
 clean
2186000
unkown
page read and write
 clean
AC2F000
unkown
page read and write
 clean
82D000
heap default
page read and write
 clean
7E7000
heap default
page read and write
 clean
9D0000
unkown image
page readonly
 clean
5D0000
heap private
page read and write
 clean
8E0000
unkown
page read and write
 clean
37C000
heap default
page read and write
 clean
2130000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
21A8000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
529D000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
2130000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
1E00000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
5461000
heap private
page read and write
 clean
280000
unkown
page read and write
 clean
900000
unkown image
page readonly
 clean
290000
unkown
page read and write
 clean
520C000
unkown
page read and write
 clean
289000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
2170000
unkown
page read and write
 clean
9D0000
unkown image
page readonly
 clean
5A0000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
165000
unkown
page execute and read and write
 clean
5236000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
1DE0000
unkown
page read and write
 clean
2130000
unkown
page read and write
 clean
4D70000
heap private
page execute and read and write
 clean
250000
unkown
page read and write
 clean
1DE0000
unkown
page read and write
 clean
4290000
unkown
page read and write
 clean
3B7000
unkown
page read and write
 clean
2A0000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
1DF0000
unkown
page read and write
 clean
4C9000
heap private
page read and write
 clean
250000
unkown
page read and write
 clean
2140000
unkown
page read and write
 clean
72E2000
unkown
page read and write
 clean
43E0000
unkown
page read and write
 clean
1E9F000
unkown
page read and write
 clean
51FE000
unkown
page read and write
 clean
650000
unkown
page readonly
 clean
285000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
5C0000
unkown
page read and write
 clean
6E60000
unkown
page readonly
 clean
2140000
unkown
page read and write
 clean
83F000
heap default
page read and write
 clean
280000
unkown
page read and write
 clean
A8DE000
unkown
page read and write
 clean
1DE8000
unkown
page read and write
 clean
A83E000
unkown
page read and write
 clean
1FF0000
unkown
page read and write
 clean
902000
unkown image
page execute read
 clean
2123000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
452E000
unkown
page read and write
 clean
1E0000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
230000
unkown
page execute and read and write
 clean
6E5F000
unkown
page read and write
 clean
5211000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
263000
unkown
page execute and read and write
 clean
23F8000
unkown
page read and write
 clean
4FC1000
unkown
page read and write
 clean
582D000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
1EF0000
unkown
page read and write
 clean
59FE000
unkown
page read and write
 clean
650E000
unkown
page read and write
 clean
878000
heap default
page read and write
 clean
255000
unkown
page read and write
 clean
45F000
unkown
page read and write
 clean
4C0000
heap private
page read and write
 clean
397000
heap default
page read and write
 clean
45D0000
unkown
page readonly
 clean
8E0000
unkown
page read and write
 clean
4420000
unkown
page read and write
 clean
902000
unkown image
page execute read
 clean
8F0000
unkown
page read and write
 clean
726F000
unkown
page read and write
 clean
4D6E000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
3F0000
unkown
page execute and read and write
 clean
487E000
unkown
page read and write
 clean
240000
unkown
page read and write
 clean
51A6000
unkown
page read and write
 clean
20AE000
unkown
page read and write | page guard
 clean
250000
unkown
page read and write
 clean
AE0E000
unkown
page read and write
 clean
2130000
unkown
page read and write
 clean
1EF0000
unkown
page read and write
 clean
6CAE000
unkown
page read and write
 clean
1FB0000
unkown
page read and write
 clean
3F2000
heap default
page read and write
 clean
250000
unkown
page read and write
 clean
571D000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
51F000
unkown
page read and write
 clean
133000
unkown
page execute and read and write
 clean
2160000
unkown
page read and write
 clean
65E0000
heap private
page read and write
 clean
270000
heap default
page read and write
 clean
1EB0000
heap private
page read and write
 clean
4DB0000
unkown
page readonly
 clean
270000
unkown
page read and write
 clean
5220000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
2161000
unkown
page read and write
 clean
5A0000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
5203000
unkown
page read and write
 clean
8F1000
unkown
page read and write
 clean
20B0000
unkown
page readonly
 clean
51B4000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
370000
heap default
page read and write
 clean
1EFE000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
50DD000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
4A3E000
unkown
page read and write
 clean
23CA000
unkown
page read and write
 clean
5CB0000
unkown
page readonly
 clean
31B000
unkown
page execute and read and write
 clean
250000
unkown
page read and write
 clean
260000
unkown
page read and write
 clean
37A000
heap default
page read and write
 clean
4800000
unkown
page readonly
 clean
1DF0000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
290000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
1EB4000
heap private
page read and write
 clean
1F20000
unkown
page read and write
 clean
5236000
unkown
page read and write
 clean
400000
unkown
page execute and read and write
 clean
255000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
20E0000
heap private
page read and write
 clean
560000
heap private
page execute and read and write
 clean
55AE000
unkown
page read and write
 clean
22B000
unkown
page read and write
 clean
354000
heap default
page read and write
 clean
902000
unkown image
page execute read
 clean
1DE0000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
47EF000
unkown
page read and write
 clean
228000
unkown
page read and write
 clean
1FA0000
unkown
page read and write
 clean
1DF0000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
5D0000
heap default
page read and write
 clean
1DE0000
unkown
page read and write
 clean
16B000
unkown
page execute and read and write
 clean
22E5000
unkown
page read and write
 clean
26D000
unkown
page execute and read and write
 clean
4406000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
2A0000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
2F6000
unkown
page read and write
 clean
2064000
heap private
page read and write
 clean
20000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
42FE000
unkown
page read and write
 clean
C0000
unkown
page readonly
 clean
280000
unkown
page read and write
 clean
543E000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
2140000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
8F5000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
4A8D000
unkown
page read and write
 clean
5245000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
8DF000
heap default
page read and write
 clean
520A000
unkown
page read and write
 clean
1DE0000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
5AFE000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
50C000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
521A000
unkown
page read and write
 clean
228F000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
4FC0000
unkown
page read and write
 clean
3291000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
4530000
unkown
page readonly
 clean
285000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
4D0E000
unkown
page read and write
 clean
1F20000
unkown
page read and write
 clean
F0000
unkown
page read and write
 clean
2082000
heap private
page read and write
 clean
5150000
unkown
page read and write
 clean
15A000
unkown
page execute and read and write
 clean
120000
unkown
page read and write
 clean
1DE0000
unkown
page read and write
 clean
5CAC000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
7D0000
unkown
page readonly
 clean
AADD000
unkown
page read and write
 clean
20DD000
unkown
page read and write
 clean
167000
unkown
page execute and read and write
 clean
285000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
72BB000
unkown
page read and write
 clean
1F20000
unkown
page read and write
 clean
599E000
unkown
page read and write
 clean
5090000
unkown
page write copy
 clean
AC2E000
unkown
page read and write | page guard
 clean
4F0000
heap private
page execute and read and write
 clean
769E000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
140000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
1FE0000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
2144000
unkown
page read and write
 clean
1F30000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
5C0000
unkown
page read and write
 clean
1FB0000
unkown
page readonly
 clean
520A000
unkown
page read and write
 clean
577000
heap private
page read and write
 clean
8E0000
unkown
page read and write
 clean
72BD000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
156000
unkown
page execute and read and write
 clean
1F20000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
2191000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
2A0000
unkown
page read and write
 clean
2140000
unkown
page read and write
 clean
4400000
unkown
page read and write
 clean
900000
unkown image
page readonly
 clean
8F2000
unkown
page read and write
 clean
30A000
unkown
page execute and read and write
 clean
250000
unkown
page read and write
 clean
23DE000
unkown
page read and write
 clean
307000
unkown
page execute and read and write
 clean
80000
unkown
page readonly
 clean
8E0000
unkown
page read and write
 clean
56DF000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
520A000
unkown
page read and write
 clean
1F10000
unkown
page execute and read and write
 clean
8F0000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
14D000
unkown
page execute and read and write
 clean
255000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
317000
unkown
page execute and read and write
 clean
1F10000
unkown
page read and write
 clean
8D6000
heap default
page read and write
 clean
4190000
unkown
page read and write
 clean
110000
heap private
page read and write
 clean
1F00000
unkown
page read and write
 clean
1F00000
unkown
page read and write
 clean
4BBD000
unkown
page read and write
 clean
150000
unkown
page read and write
 clean
2170000
unkown
page execute and read and write
 clean
1FDA000
unkown
page read and write
 clean
520C000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
1E10000
unkown
page read and write
 clean
3191000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
900000
unkown image
page readonly
 clean
5A8E000
unkown
page read and write
 clean
570000
heap private
page read and write
 clean
280000
unkown
page read and write
 clean
499E000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
2A0000
unkown
page read and write
 clean
1F2A000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
902000
unkown image
page execute read
 clean
258000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
494D000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
1F90000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
4BE000
unkown
page read and write
 clean
4FBE000
unkown
page read and write
 clean
1FD0000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
55EE000
unkown
page read and write
 clean
1F40000
unkown
page read and write
 clean
1FAE000
unkown
page read and write
 clean
23C4000
unkown
page read and write
 clean
2395000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
483E000
unkown
page read and write
 clean
5BC000
unkown
page read and write
 clean
270000
unkown
page readonly
 clean
8F0000
unkown
page read and write
 clean
460000
unkown
page execute and read and write
 clean
282000
unkown
page read and write
 clean
290000
unkown
page read and write
 clean
520C000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
180000
heap private
page execute and read and write
 clean
8F0000
unkown
page read and write
 clean
134000
unkown
page read and write
 clean
5236000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
5203000
unkown
page read and write
 clean
1E00000
unkown
page read and write
 clean
1F20000
unkown
page read and write
 clean
280000
unkown
page readonly
 clean
8B3000
heap default
page read and write
 clean
89F000
heap default
page read and write
 clean
6620000
unkown
page read and write
 clean
515000
unkown
page read and write
 clean
290000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
264000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
72BD000
unkown
page read and write
 clean
5B0000
unkown
page read and write
 clean
2185000
unkown
page read and write
 clean
2170000
unkown
page read and write
 clean
760000
unkown
page readonly
 clean
2150000
unkown
page read and write
 clean
43F0000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
7E0000
heap default
page read and write
 clean
2180000
unkown
page read and write
 clean
8E1000
unkown
page read and write
 clean
40A000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
5450000
heap private
page read and write
 clean
337000
heap default
page read and write
 clean
255000
unkown
page read and write
 clean
7561000
unkown
page read and write
 clean
553E000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
51FE000
unkown
page read and write
 clean
260000
unkown
page read and write
 clean
8E5000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
1F04000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
1F10000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
1F50000
heap private
page read and write
 clean
804000
heap default
page read and write
 clean
250000
unkown
page read and write
 clean
162000
unkown
page read and write
 clean
2A5000
unkown
page read and write
 clean
5660000
heap private
page read and write
 clean
8F0000
unkown
page read and write
 clean
270000
unkown
page read and write
 clean
25B000
unkown
page read and write
 clean
4AA0000
unkown
page readonly
 clean
8FB000
unkown
page read and write
 clean
43DF000
unkown
page read and write
 clean
AFBE000
unkown
page read and write
 clean
3D0000
unkown
page readonly
 clean
7271000
unkown
page read and write
 clean
2392000
unkown
page read and write
 clean
48B0000
heap private
page execute and read and write
 clean
250000
unkown
page read and write
 clean
1EA0000
unkown
page read and write
 clean
23C0000
unkown
page read and write
 clean
5830000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
72E2000
unkown
page read and write
 clean
2160000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
510000
heap private
page read and write
 clean
510000
unkown
page read and write
 clean
21AC000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
510000
unkown
page read and write
 clean
330000
heap default
page read and write
 clean
2120000
unkown
page read and write
 clean
1F30000
unkown
page read and write
 clean
2025000
heap private
page read and write
 clean
280000
unkown
page read and write
 clean
4300000
unkown
page readonly
 clean
255000
unkown
page read and write
 clean
1FC0000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
4290000
unkown
page read and write
 clean
63DE000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
7270000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
46ED000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
2140000
unkown
page read and write
 clean
4A9F000
unkown
page read and write
 clean
2120000
unkown
page readonly
 clean
9D0000
unkown image
page readonly
 clean
5236000
unkown
page read and write
 clean
5B9E000
unkown
page read and write
 clean
13D000
unkown
page execute and read and write
 clean
8E0000
unkown
page read and write
 clean
820000
heap default
page read and write
 clean
8E4000
unkown
page read and write
 clean
228E000
unkown
page read and write | page guard
 clean
8E0000
unkown
page read and write
 clean
4410000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
6920000
heap private
page read and write
 clean
42DE000
unkown
page read and write
 clean
2060000
heap private
page read and write
 clean
900000
unkown image
page readonly
 clean
8F0000
unkown
page read and write
 clean
1F20000
unkown
page read and write
 clean
23F0000
unkown
page read and write
 clean
2150000
unkown
page read and write
 clean
250000
unkown
page read and write
 clean
61CE000
unkown
page read and write | page guard
 clean
62CF000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
1F20000
unkown
page read and write
 clean
8F3000
unkown
page read and write
 clean
5203000
unkown
page read and write
 clean
20AF000
unkown
page read and write
 clean
258000
unkown
page read and write
 clean
B70000
unkown
page readonly
 clean
4D80000
unkown
page read and write
 clean
8E0000
unkown
page read and write
 clean
255000
unkown
page read and write
 clean
2150000
heap private
page execute and read and write
 clean
8F0000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
23EC000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
23D0000
unkown
page read and write
 clean
5037000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
6A3E000
unkown
page read and write
 clean
5211000
unkown
page read and write
 clean
285000
unkown
page read and write
 clean
9D0000
unkown image
page readonly
 clean
5C0000
unkown
page read and write
 clean
2180000
unkown
page read and write
 clean
1DE7000
unkown
page read and write
 clean
1F90000
unkown
page read and write
 clean
280000
unkown
page read and write
 clean
1F30000
unkown
page read and write
 clean
4E0000
unkown
page readonly
 clean
56E000
unkown
page read and write
 clean
2FD000
unkown
page execute and read and write
 clean
900000
unkown image
page readonly
 clean
1F20000
unkown
page read and write
 clean
8F0000
unkown
page read and write
 clean
1FA0000
unkown
page read and write
 clean
There are 538 hidden memdumps, click here to show them.