IOC Report

loading gif

Files

File Path
Type
Category
Malicious
SCAN_7295943480515097.xlsm
Microsoft Excel 2007+
initial sample
 malicious
C:\Users\user\Desktop\~$SCAN_7295943480515097.xlsm
data
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\GSCXBEVV.htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2FADF20A.png
PNG image data, 1714 x 241, 8-bit colormap, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\CBD7.tmp
Composite Document File V2 Document, Cannot read section info
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DFDF944FEFD380A8E6.TMP
data
dropped
 clean
C:\Users\user\besta.ocx
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
dropped
 clean

Processes

Path
Cmdline
Malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
 malicious
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWow64\rundll32.exe ..\besta.ocx,44532.4280415509
 malicious

URLs

Name
IP
Malicious
http://standoutglobal.com/2/MWpqeVgZ/Softwa
unknown
 malicious
http://standoutglobal.com/2/MWpqeVgZ/1-48FD
unknown
 malicious
https://vendes.marketing/agencia-de-marketing-digital/ecommerce/conversion-rate-optimization/
unknown
 clean
https://vendes.marketing/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/framer.svg
unknown
 clean
https://vendes.marketing/wp-content/uploads/elementor/css/post-1522.css?ver=1638212153
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital-en-cdmx/
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.svg?5.10.0#eico
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/e-commerce-efectivo/conversion-rate-optimizati
unknown
 clean
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
unknown
 clean
http://www.diginotar.nl/cps/pkioverheid0
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/11/logo-VNDSmkt-final-300x102.png
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-creativos/diseno-web-ux/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-marketing-digital/creacion-de-con
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/anuncios-300x270.png
unknown
 clean
http://schemas.open
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-marketing-digital/estrategias-en-
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/e-commerce-efectivo/pagos-online/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-creativos/branding/
unknown
 clean
https://vendes.marketing/wp-content/uploads/images/comentario1.jpg
unknown
 clean
https://vendes.marketing/
107.180.46.229
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-creativos/fotografia-y-edicion/
unknown
 clean
https://connect.facebook.net/en_US/fbevents.js
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?
unknown
 clean
http://standoutglobal.c
unknown
 clean
https://vendes.marketing/blog/
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/visual-Studio.svg
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-marketing-digital/publicidad-digi
unknown
 clean
https://vendes.marketing/comments/feed/
unknown
 clean
https://vendes.marketing/wp-includes/js/wp-embed.min.js?ver=5.8.2
unknown
 clean
http://vendes.marketing/transmigrant/Wplzr/
107.180.46.229
 clean
https://s.w.org/images/core/emoji/13.1.0/svg/1f609.svg
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.mi
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/e-commerce-efectivo/tienda-online-con-magento/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/marketing-para-el-sector-salud/
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.cs
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/11/logo-VNDSmkt-final-1536x522.png
unknown
 clean
http://www.windows.com/pctv.
unknown
 clean
https://vendes.marketing/wp-includes/wlwmanifest.xml
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-desarrollo-web/automatizacion-de-
unknown
 clean
http://schemas.openformatrg/drawml/2006/spreadsheetD
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/figma.svg
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/marketing-digital-con-instagram.png
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.2
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital-en-monterrey/
unknown
 clean
https://vendes.marketing/nY
unknown
 clean
https://schema.org
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/consultoria-en-marketing-basado-e
unknown
 clean
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/auditorias-y-optimizacion-de-camp
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-desarrollo-web/desarrollo-de-mega
unknown
 clean
https://vendes.marketing/wp-content/uploads/elementor/css/post-2157.css?ver=1638212282
unknown
 clean
https://vendes.marketing/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.4
unknown
 clean
http://standoutglobal.co
unknown
 clean
https://connect.facebook.net/es_LA/sdk/xfbml.customerchat.js
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js?ver=5.6.6
unknown
 clean
https://vendes.marketing/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
unknown
 clean
http://schemas.openformatrg/package/2006/r
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/digital-partner-incubadora-de-neg
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3
unknown
 clean
https://vendes.marketing/wp-includes/js/imagesloaded.min.js?ver=4.1.4
unknown
 clean
https://vendes.marketing/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fvendes.marketing%2F
unknown
 clean
https://vendes.marketing/xmlrpc.php?rsd
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/elementor.svg
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-marketing-digital/inbound-marketi
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8
unknown
 clean
https://vendes.marketing/wp-content/themes/twentytwentyone/assets/css/ie.css?ver=1.4
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver
unknown
 clean
https://www.thinkwithgoogle.com/intl/es-419/futuro-del-marketing/transformacion-digital/tiendas-omni
unknown
 clean
https://vendes.marketing/feed/
unknown
 clean
https://vendes.marketing/wp-content/uploads/images/caso-exito1.png
unknown
 clean
http://crl.entrust.net/2048ca.crl0
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/consultoria-para-adsense/
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0)
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/apple_android.svg
unknown
 clean
http://www.msnbc.com/news/ticker.txt
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/ecommerce/emailing/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-creativos/produccion-audiovisual/
unknown
 clean
http://ocsp.entrust.net03
unknown
 clean
http://schemas.openformatrg/package/2006/content-t
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/anuncios.png
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/e-commerce-efectivo/tiendas-en-facebook-e-inst
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/ecommerce/
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/marketing-digital-con-facebook.png
unknown
 clean
https://vendes.marketing/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/ecommerce/pagos-online/
unknown
 clean
https://vendes.marketing/wp-content/uploads/elementor/css/post-2017.css?ver=1638212282
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-de-desarrollo-web/
unknown
 clean
https://vendes.marketing/wp-content/uploads/2021/10/marketing-digital-con-youtube.png
unknown
 clean
https://vendes.marketing/wp-content/uploads/images/comentario5-m.jpg
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/e-commerce-efectivo/tienda-online-con-shopify/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/consultorias/marketing-para-inmobiliarias-cons
unknown
 clean
https://vendes.marketing/agencia-de-marketing-digital/servicios-creativos/diseno-grafico/
unknown
 clean
https://vendes.marketing/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
standoutglobal.com
162.240.9.126
 clean
vendes.marketing
107.180.46.229
 clean

IPs

IP
Domain
Country
Malicious
162.240.9.126
standoutglobal.com
United States
clean
107.180.46.229
vendes.marketing
United States
clean

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
-e$
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
MTTT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\2E907
2E907
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
oq$
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\wuaueng.dll,-400
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\3D7B9
3D7B9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\3E5CD
3E5CD
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
EXCELFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
There are 59 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
5780000
unkown
page read and write
 clean
7F5C000
stack
page read and write
 clean
7FC5000
unkown
page read and write
 clean
5A50000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
4330000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
7FC5000
unkown
page read and write
 clean
57CA000
unkown
page read and write
 clean
3530000
unkown
page read and write
 clean
7A30000
heap private
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
5040000
unkown
page read and write
 clean
3550000
unkown
page read and write
 clean
24A9000
heap private
page read and write
 clean
6E90000
unkown
page read and write
 clean
3E60000
unkown
page read and write
 clean
1DA8000
unkown
page read and write
 clean
78E0000
unkown
page read and write
 clean
BFF000
unkown
page read and write
 clean
484000
heap default
page read and write
 clean
1E0000
unkown image
page readonly
 clean
2FA0000
unkown
page read and write
 clean
20000
unkown image
page readonly
 clean
4D6F000
stack
page read and write
 clean
57C6000
unkown
page read and write
 clean
6E90000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7290000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
5BB1000
unkown
page read and write
 clean
5780000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
2F30000
unkown image
page readonly
 clean
331F000
stack
page read and write
 clean
3170000
unkown
page read and write
 clean
464000
unkown
page read and write
 clean
5BB2000
unkown
page read and write
 clean
978000
heap private
page read and write
 clean
4480000
unkown
page read and write
 clean
6F20000
unkown
page read and write
 clean
5762000
unkown
page read and write
 clean
974000
heap private
page read and write
 clean
5690000
unkown
page read and write
 clean
5790000
unkown
page read and write
 clean
430000
heap private
page read and write
 clean
4140000
unkown
page read and write
 clean
2120000
unkown
page read and write
 clean
321000
unkown
page read and write
 clean
4135000
unkown
page read and write
 clean
52D7000
unkown image
page readonly
 clean
7F80000
unkown
page read and write
 clean
8130000
unkown
page read and write
 clean
3B0000
heap private
page read and write
 clean
30D0000
heap private
page read and write
 clean
7FC5000
unkown
page read and write
 clean
73BC000
stack
page read and write
 clean
8155000
unkown
page read and write
 clean
57E0000
unkown
page read and write
 clean
6F0000
unkown image
page readonly
 clean
348F000
stack
page read and write
 clean
446F000
stack
page read and write
 clean
F0000
unkown
page read and write
 clean
326000
unkown
page read and write
 clean
2F4000
unkown
page read and write
 clean
50D000
heap default
page read and write
 clean
6E0000
unkown image
page readonly
 clean
57F0000
unkown
page read and write
 clean
7FA8000
unkown
page read and write
 clean
577E000
unkown
page read and write
 clean
45B000
heap default
page read and write
 clean
497000
heap default
page read and write
 clean
880000
unkown image
page readonly
 clean
8120000
unkown
page read and write
 clean
2F50000
unkown
page read and write
 clean
307000
unkown
page read and write
 clean
460000
unkown
page read and write
 clean
4AE000
heap default
page read and write
 clean
56B0000
unkown
page read and write
 clean
4B2C000
unkown
page read and write
 clean
34F0000
unkown
page read and write
 clean
503F000
unkown
page read and write
 clean
2100000
unkown
page read and write
 clean
6E30000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
4020000
heap private
page read and write
 clean
56CB000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
1CC000
unkown
page read and write
 clean
1D97000
unkown
page read and write
 clean
410000
heap default
page read and write
 clean
110000
heap default
page read and write
 clean
5BB8000
unkown
page read and write
 clean
278000
unkown
page read and write
 clean
7DD0000
heap private
page read and write
 clean
79AB000
unkown
page read and write
 clean
3150000
unkown
page read and write
 clean
56B9000
unkown
page read and write
 clean
20000
unkown image
page readonly
 clean
3340000
unkown
page read and write
 clean
79D0000
unkown
page read and write
 clean
1F10000
unkown image
page readonly
 clean
456000
heap default
page read and write
 clean
6F50000
heap private
page read and write
 clean
4B30000
unkown
page read and write
 clean
5BC0000
unkown
page read and write
 clean
6FD0000
unkown
page read and write
 clean
3210000
unkown
page read and write
 clean
2F20000
unkown image
page readonly
 clean
56E0000
heap private
page read and write
 clean
30000
unkown image
page read and write
 clean
100000
heap private
page read and write
 clean
5780000
unkown
page read and write
 clean
5770000
unkown
page read and write
 clean
73D0000
heap private
page read and write
 clean
6E04000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
200000
heap private
page read and write
 clean
190000
unkown
page read and write
 clean
8592000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
8134000
unkown
page read and write
 clean
3B0000
unkown
page read and write
 clean
7F80000
unkown
page read and write
 clean
890000
unkown image
page readonly
 clean
78D0000
unkown
page read and write
 clean
5944000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7FA8000
unkown
page read and write
 clean
3490000
unkown
page read and write
 clean
2F0000
unkown
page read and write
 clean
3540000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
503A000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
34A0000
unkown
page read and write
 clean
79B0000
unkown
page read and write
 clean
3F60000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
2145000
heap private
page read and write
 clean
56C3000
unkown
page read and write
 clean
570000
unkown image
page readonly
 clean
352D000
unkown
page read and write
 clean
700000
unkown image
page readonly
 clean
5790000
unkown
page read and write
 clean
5767000
unkown
page read and write
 clean
2D14000
heap private
page read and write
 clean
4030000
unkown
page read and write
 clean
414F000
unkown
page read and write
 clean
26A000
unkown
page read and write
 clean
6F20000
unkown
page read and write
 clean
352B000
unkown
page read and write
 clean
44E0000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
4132000
unkown
page read and write
 clean
7900000
heap private
page read and write
 clean
5690000
unkown
page read and write
 clean
4ED6000
unkown
page read and write
 clean
3D0000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
31A0000
unkown image
page read and write
 clean
5A58000
unkown
page read and write
 clean
410000
unkown
page read and write
 clean
212D000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
44D0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
8520000
unkown
page read and write
 clean
6D50000
unkown
page read and write
 clean
6D30000
unkown image
page read and write
 clean
5AE5000
unkown
page read and write
 clean
7090000
unkown
page read and write
 clean
307000
unkown
page read and write
 clean
2A0000
unkown
page read and write
 clean
44B0000
unkown
page read and write
 clean
8520000
unkown
page read and write
 clean
7F80000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
30C8000
unkown
page read and write
 clean
7FC5000
unkown
page read and write
 clean
4024000
heap private
page read and write
 clean
5055000
unkown
page read and write
 clean
4137000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7084000
heap private
page read and write
 clean
78F0000
unkown
page read and write
 clean
470E000
stack
page read and write
 clean
7FA8000
unkown
page read and write
 clean
4C80000
unkown
page read and write
 clean
3350000
unkown
page read and write
 clean
413A000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
5910000
unkown
page read and write
 clean
576A000
unkown
page read and write
 clean
5BB1000
unkown
page read and write
 clean
560000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
9D0000
heap private
page read and write
 clean
31C0000
unkown
page read and write
 clean
6E520000
unkown image
page readonly
 clean
306000
unkown
page read and write
 clean
65300000
unkown image
page readonly
 clean
58FC000
stack
page read and write
 clean
6D53000
unkown
page read and write
 clean
79A0000
unkown
page read and write
 clean
4160000
heap private
page execute and read and write
 clean
6E848000
unkown image
page write copy
 clean
7F60000
unkown
page read and write
 clean
106000
unkown
page read and write
 clean
5B56000
unkown
page read and write
 clean
5780000
unkown
page read and write
 clean
7D3F000
stack
page read and write
 clean
60000
unkown image
page readonly
 clean
440000
unkown
page read and write
 clean
4150000
unkown
page read and write
 clean
34B0000
unkown
page read and write
 clean
2E90000
unkown
page read and write
 clean
2D32000
heap private
page read and write
 clean
5B56000
unkown
page read and write
 clean
5C50000
unkown image
page read and write
 clean
8520000
unkown
page read and write
 clean
4B2F000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
3360000
unkown
page read and write
 clean
7AE1000
unkown
page read and write
 clean
6FF0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
69F000
stack
page read and write
 clean
5AF000
stack
page read and write
 clean
10000
unkown image
page read and write
 clean
6E74000
unkown image
page readonly
 clean
477000
heap default
page read and write
 clean
2F80000
unkown
page read and write
 clean
100000
unkown
page read and write
 clean
54F7000
unkown
page read and write
 clean
7ACD000
unkown
page read and write
 clean
57E0000
unkown
page read and write
 clean
503F000
unkown
page read and write
 clean
54F0000
unkown
page read and write
 clean
5900000
unkown
page read and write
 clean
26D000
unkown
page read and write
 clean
6F20000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
5051000
unkown
page read and write
 clean
3FAD000
unkown
page read and write
 clean
4FF0000
unkown
page read and write
 clean
72B0000
unkown
page read and write
 clean
8121000
unkown
page read and write
 clean
423000
unkown
page read and write
 clean
5505000
heap private
page read and write
 clean
1CC6000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
2F60000
unkown
page read and write
 clean
6E83B000
unkown image
page read and write
 clean
5760000
unkown
page read and write
 clean
170000
unkown
page read and write
 clean
3529000
unkown
page read and write
 clean
70C6000
unkown
page read and write
 clean
4FEE000
stack
page read and write
 clean
413000
unkown
page read and write
 clean
20F7000
unkown image
page readonly
 clean
7996000
unkown
page read and write
 clean
6E70000
unkown image
page readonly
 clean
5B39000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
5940000
unkown
page read and write
 clean
72A2000
unkown
page read and write
 clean
5B9C000
unkown
page read and write
 clean
5037000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
3180000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
97B000
heap private
page read and write
 clean
D0000
unkown
page read and write
 clean
6F40000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
30C0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7FA8000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
148000
unkown
page read and write
 clean
24A5000
heap private
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
266000
unkown
page read and write
 clean
110000
unkown image
page readonly
 clean
350E000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
7ABC000
unkown
page read and write
 clean
970000
heap private
page read and write
 clean
550E000
heap private
page read and write
 clean
7005000
unkown
page read and write
 clean
2124000
unkown
page read and write
 clean
3358000
unkown
page read and write
 clean
6D53000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
5500000
heap private
page read and write
 clean
3525000
unkown
page read and write
 clean
5684000
stack
page read and write
 clean
50F0000
unkown image
page readonly
 clean
2130000
unkown
page read and write
 clean
54FC000
unkown
page read and write
 clean
105000
heap private
page read and write
 clean
57A4000
unkown
page read and write
 clean
45EE000
stack
page read and write
 clean
57C0000
unkown
page read and write
 clean
56DB000
unkown
page read and write
 clean
3388000
unkown
page read and write
 clean
5B9C000
unkown
page read and write
 clean
31F0000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
6D50000
unkown
page read and write
 clean
470000
heap default
page read and write
 clean
5058000
unkown
page read and write
 clean
434000
heap private
page read and write
 clean
E0000
unkown
page read and write
 clean
56AD000
unkown
page read and write
 clean
6E90000
unkown
page read and write
 clean
3190000
unkown image
page readonly
 clean
7FDC000
unkown
page read and write
 clean
5051000
unkown
page read and write
 clean
6F22000
unkown
page read and write
 clean
57D0000
unkown
page read and write
 clean
1DAE000
unkown
page read and write
 clean
2110000
unkown
page read and write
 clean
7A10000
unkown
page read and write
 clean
460000
heap default
page read and write
 clean
6E36000
unkown
page read and write
 clean
31D5000
unkown
page read and write
 clean
79F0000
unkown
page read and write
 clean
5BB4000
unkown
page read and write
 clean
44A2000
unkown
page read and write
 clean
3A0000
unkown image
page readonly
 clean
44D000
heap default
page read and write
 clean
7090000
unkown
page read and write
 clean
56D0000
unkown
page read and write
 clean
5050000
unkown
page read and write
 clean
72A6000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
7990000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
5580000
unkown
page read and write
 clean
3520000
unkown
page read and write
 clean
7042000
unkown
page read and write
 clean
44B8000
unkown
page read and write
 clean
7ABC000
unkown
page read and write
 clean
7000000
heap private
page read and write
 clean
5055000
unkown
page read and write
 clean
217B000
heap private
page read and write
 clean
3370000
unkown
page read and write
 clean
6FD0000
unkown
page read and write
 clean
7F80000
unkown
page read and write
 clean
317000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
7FDC000
unkown
page read and write
 clean
6EA0000
heap private
page read and write
 clean
5A6A000
unkown
page read and write
 clean
6E84F000
unkown image
page readonly
 clean
5A9A000
unkown
page read and write
 clean
467000
heap default
page read and write
 clean
8520000
unkown
page read and write
 clean
4DE0000
unkown
page read and write
 clean
41E000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
6F30000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
3E96000
unkown
page read and write
 clean
5A75000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
420000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
30AF000
stack
page read and write
 clean
5780000
unkown
page read and write
 clean
413E000
unkown
page read and write
 clean
3A0000
heap private
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7450000
unkown
page read and write
 clean
7FDC000
unkown
page read and write
 clean
40000
unkown image
page readonly
 clean
4710000
unkown image
page readonly
 clean
3C0000
unkown
page read and write
 clean
4C90000
unkown
page read and write
 clean
72A0000
unkown
page read and write
 clean
79B0000
unkown
page read and write
 clean
7ACD000
unkown
page read and write
 clean
2103000
unkown
page read and write
 clean
1DA0000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
3320000
unkown
page read and write
 clean
6F0000
unkown image
page readonly
 clean
7FFFFFB2000
unkown image
page readonly
 clean
49D000
heap default
page read and write
 clean
5690000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
3500000
unkown
page read and write
 clean
57C8000
unkown
page read and write
 clean
30B0000
unkown
page read and write
 clean
D0000
unkown image
page readonly
 clean
365E000
stack
page read and write
 clean
50F000
heap default
page read and write
 clean
2010000
unkown image
page readonly
 clean
1DBE000
unkown
page read and write
 clean
3518000
unkown
page read and write
 clean
7190000
heap private
page read and write
 clean
B00000
heap private
page read and write
 clean
8110000
heap private
page read and write
 clean
6D10000
unkown image
page readonly
 clean
3FD8000
unkown
page read and write
 clean
3510000
unkown
page read and write
 clean
2D6000
unkown
page read and write
 clean
56A0000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
5B5F000
unkown
page read and write
 clean
3200000
unkown
page read and write
 clean
5780000
unkown
page read and write
 clean
593E000
unkown
page read and write
 clean
6F40000
unkown
page read and write
 clean
6DE8000
unkown
page read and write
 clean
34E0000
unkown
page read and write
 clean
20F0000
unkown image
page readonly
 clean
2499000
unkown
page read and write
 clean
5780000
unkown
page read and write
 clean
6D52000
unkown
page read and write
 clean
8520000
unkown
page read and write
 clean
78E6000
unkown
page read and write
 clean
34D0000
unkown
page read and write
 clean
5690000
unkown
page read and write
 clean
417000
heap default
page read and write
 clean
793F000
heap private
page read and write
 clean
503D000
unkown
page read and write
 clean
6DF4000
unkown
page read and write
 clean
6F20000
unkown
page read and write
 clean
8140000
unkown
page read and write
 clean
4E4000
heap default
page read and write
 clean
3E0000
unkown
page read and write
 clean
7909000
heap private
page read and write
 clean
5930000
unkown
page read and write
 clean
8150000
unkown
page read and write
 clean
6D60000
heap private
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
56C0000
unkown
page read and write
 clean
6E7F1000
unkown image
page readonly
 clean
3160000
unkown
page read and write
 clean
2494000
unkown
page read and write
 clean
8192000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
6FF0000
unkown
page read and write
 clean
4EE0000
unkown
page read and write
 clean
5B21000
unkown
page read and write
 clean
5780000
unkown
page read and write
 clean
2F77000
heap private
page read and write
 clean
5AA9000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
5A4A000
stack
page read and write
 clean
2490000
unkown
page read and write
 clean
85E0000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
7FEFF1A0000
unkown
page execute read
 clean
81E0000
unkown
page read and write
 clean
36E000
stack
page read and write
 clean
6E84C000
unkown image
page read and write
 clean
5695000
unkown
page read and write
 clean
3522000
unkown
page read and write
 clean
5790000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
73C0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7290000
unkown
page read and write
 clean
2F10000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
4B20000
unkown
page read and write
 clean
2D10000
heap private
page read and write
 clean
3330000
unkown
page read and write
 clean
4B40000
stack
page read and write
 clean
7F60000
unkown
page read and write
 clean
7FDC000
unkown
page read and write
 clean
5067000
unkown
page read and write
 clean
3B4000
heap private
page read and write
 clean
31D3000
unkown
page read and write
 clean
2140000
heap private
page read and write
 clean
6D20000
unkown image
page read and write
 clean
2F70000
heap private
page read and write
 clean
24A0000
heap private
page read and write
 clean
6E3A000
unkown
page read and write
 clean
8141000
unkown
page read and write
 clean
5058000
unkown
page read and write
 clean
40000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
6D40000
unkown image
page read and write
 clean
130000
unkown
page read and write
 clean
34C0000
unkown
page read and write
 clean
7080000
heap private
page read and write
 clean
5B39000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
7F60000
unkown
page read and write
 clean
2F90000
unkown
page read and write
 clean
120000
unkown
page read and write
 clean
1C90000
unkown
page read and write
 clean
4320000
unkown
page read and write
 clean
2EB0000
unkown
page read and write
 clean
6E521000
unkown image
page execute read
 clean
7FFFFFB2000
unkown image
page readonly
 clean
7F60000
unkown
page read and write
 clean
6D50000
unkown
page read and write
 clean
8555000
unkown
page read and write
 clean
5B21000
unkown
page read and write
 clean
5920000
unkown
page read and write
 clean
7AE1000
unkown
page read and write
 clean
6E844000
unkown image
page read and write
 clean
There are 508 hidden memdumps, click here to show them.