Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
aTTbUbX63Q.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt19.lst
|
PostScript document text
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_637194112741176080.bin
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000013.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000015.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\build2[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\SmartScreenCache.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_installer.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\a45d09a4-f11f-4e2f-be78-44d5031eb5a3\build2.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
MS-DOS executable
|
dropped
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
||
C:\Users\user\Desktop\BNAGMGSPLO.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\SQSJKEBWDT.jpg
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Adobe\Acrobat\DC\AdobeSysFnt19.lst.vvyu (copy)
|
PostScript document text
|
dropped
|
||
C:\Users\user\Local Settings\Adobe\Acrobat\DC\UserCache.bin.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\MSIMGSIZ.DAT.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\UrlBlock\urlblock_637194112741176080.bin.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000013.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000015.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\chrome_installer.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temporary Internet Files\Low\MSIMGSIZ.DAT.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temporary Internet Files\Low\SmartScreenCache.dat.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe.vvyu (copy)
|
MS-DOS executable
|
dropped
|
||
C:\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\ProgramData\01952765546433309423440150
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\ProgramData\06419169774441268534573689
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\ProgramData\07300448190955752008461744
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\ProgramData\08605585310134121561576042
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\ProgramData\48237248951244843175973523
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\ProgramData\49278603839175653683571463
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
||
C:\SystemID\PersonalID.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt19.lst
|
PostScript document text
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheRdr65536.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Adobe\Color\ACECache11.lst
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Comms\UnistoreDB\USS.jcp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\ConnectedDevicesPlatform\CDPGlobalSettings.cdp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\IconCache.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\addinutil.exe.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\NGenTask.exe.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\sdiagnhost.exe.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\ngen.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xml
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\brndlog.txt
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\ie4uinit-ClearIconCache.log
|
Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\ie4uinit-UserConfig.log
|
Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-100.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-125.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-150.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-200.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-400.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.VisualElementsManifest.xml
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\Resources.pri
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\ECSConfig.json
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\Policy.vpol
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_10_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_12_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_17_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_22_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_23_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_28_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_38_0.png
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\cversions.3.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3644736C-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\get[1].htm
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookie
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\AdobeARM.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\CR_0E027.tmp\setup.exe
|
MS-DOS executable
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\SetupExe(2020072310425948C).log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\aria-debug-3336.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp2541.tmp
|
MS-DOS executable
|
dropped
|
||
C:\Users\user\AppData\Local\bowsakkdestx.txt
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\CameraRoll.library-ms
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Desktop (create shortcut).DeskLink
|
data
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\UProof\CUSTOM.DIC.vvyu (copy)
|
Little-endian UTF-16 Unicode text, with no line terminators
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\Windows\Libraries\CameraRoll.library-ms.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Documents.library-ms.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Music.library-ms.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Pictures.library-ms.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Videos.library-ms.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Cookies\deprecated.cookie.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\BNAGMGSPLO.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\EOWRVPQCCS.jpg
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\EOWRVPQCCS.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\EWZCVGNOWT.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\EWZCVGNOWT.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\NVWZAPQSQL.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\NVWZAPQSQL.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\TQDFJHPUIU.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\BNAGMGSPLO\TQDFJHPUIU.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\EEGWXUHVUG.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\EEGWXUHVUG.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\EOWRVPQCCS.jpg
|
data
|
dropped
|
||
C:\Users\user\Desktop\EOWRVPQCCS.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\EOWRVPQCCS.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\EOWRVPQCCS.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\EWZCVGNOWT.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\EWZCVGNOWT.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\GRXZDKKVDB.jpg
|
data
|
dropped
|
||
C:\Users\user\Desktop\GRXZDKKVDB.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\NVWZAPQSQL.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PALRGUCVEH.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\PALRGUCVEH.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\EOWRVPQCCS.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\EOWRVPQCCS.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\GRXZDKKVDB.jpg
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\GRXZDKKVDB.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\PALRGUCVEH.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\PALRGUCVEH.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\PIVFAGEAAV.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\PIVFAGEAAV.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\PIVFAGEAAV\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SQSJKEBWDT.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\BNAGMGSPLO.pdf
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\BNAGMGSPLO.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\EEGWXUHVUG.png
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\EEGWXUHVUG.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\NVWZAPQSQL.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\NVWZAPQSQL.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\PIVFAGEAAV.xlsx
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\PIVFAGEAAV.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\SQSJKEBWDT.jpg
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\SQSJKEBWDT.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\SUAVTZKNFL.docx
|
data
|
dropped
|
||
C:\Users\user\Desktop\SUAVTZKNFL\SUAVTZKNFL.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Desktop\TQDFJHPUIU.mp3
|
data
|
dropped
|
||
C:\Users\user\Desktop\TQDFJHPUIU.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\BNAGMGSPLO.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\EOWRVPQCCS.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\EOWRVPQCCS.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\EWZCVGNOWT.png
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\EWZCVGNOWT.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\NVWZAPQSQL.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\NVWZAPQSQL.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\TQDFJHPUIU.mp3
|
data
|
dropped
|
||
C:\Users\user\Documents\BNAGMGSPLO\TQDFJHPUIU.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\EEGWXUHVUG.png
|
data
|
dropped
|
||
C:\Users\user\Documents\EEGWXUHVUG.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\EOWRVPQCCS.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\EOWRVPQCCS.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\EOWRVPQCCS.mp3
|
Macintosh HFS Extended version 23726 data (spared blocks) (unclean) (locked) last mounted by: '\002', created: Sun Oct 21
20:28:40 1979, last modified: Sat Jun 21 23:34:57 2042, block size: 882713852, number of blocks: -1501543925, free blocks:
-178479217
|
dropped
|
||
C:\Users\user\Documents\EOWRVPQCCS.mp3.vvyu (copy)
|
Macintosh HFS Extended version 23726 data (spared blocks) (unclean) (locked) last mounted by: '\002', created: Sun Oct 21
20:28:40 1979, last modified: Sat Jun 21 23:34:57 2042, block size: 882713852, number of blocks: -1501543925, free blocks:
-178479217
|
dropped
|
||
C:\Users\user\Documents\EWZCVGNOWT.png
|
data
|
dropped
|
||
C:\Users\user\Documents\EWZCVGNOWT.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\GRXZDKKVDB.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\GRXZDKKVDB.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.mp3
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\NVWZAPQSQL.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PALRGUCVEH.png
|
data
|
dropped
|
||
C:\Users\user\Documents\PALRGUCVEH.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\EOWRVPQCCS.mp3
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\EOWRVPQCCS.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\GRXZDKKVDB.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\GRXZDKKVDB.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\PALRGUCVEH.png
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\PALRGUCVEH.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\PIVFAGEAAV.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\PIVFAGEAAV.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\PIVFAGEAAV\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SQSJKEBWDT.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\SQSJKEBWDT.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\BNAGMGSPLO.pdf
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\BNAGMGSPLO.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\EEGWXUHVUG.png
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\EEGWXUHVUG.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\NVWZAPQSQL.mp3
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\NVWZAPQSQL.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\PIVFAGEAAV.xlsx
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\PIVFAGEAAV.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\SQSJKEBWDT.jpg
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\SQSJKEBWDT.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\SUAVTZKNFL.docx
|
data
|
dropped
|
||
C:\Users\user\Documents\SUAVTZKNFL\SUAVTZKNFL.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Documents\TQDFJHPUIU.mp3
|
data
|
dropped
|
||
C:\Users\user\Documents\TQDFJHPUIU.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\BJZFPPWAPT.pdf
|
data
|
dropped
|
||
C:\Users\user\Downloads\BJZFPPWAPT.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\BNAGMGSPLO.docx
|
data
|
dropped
|
||
C:\Users\user\Downloads\BNAGMGSPLO.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\BNAGMGSPLO.pdf
|
data
|
dropped
|
||
C:\Users\user\Downloads\BNAGMGSPLO.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\EEGWXUHVUG.png
|
data
|
dropped
|
||
C:\Users\user\Downloads\EEGWXUHVUG.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\EOWRVPQCCS.jpg
|
data
|
dropped
|
||
C:\Users\user\Downloads\EOWRVPQCCS.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\EOWRVPQCCS.mp3
|
data
|
dropped
|
||
C:\Users\user\Downloads\EOWRVPQCCS.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\EWZCVGNOWT.png
|
data
|
dropped
|
||
C:\Users\user\Downloads\EWZCVGNOWT.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\GRXZDKKVDB.jpg
|
data
|
dropped
|
||
C:\Users\user\Downloads\GRXZDKKVDB.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.mp3
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.pdf
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.pdf.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.xlsx
|
data
|
dropped
|
||
C:\Users\user\Downloads\NVWZAPQSQL.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\PALRGUCVEH.png
|
data
|
dropped
|
||
C:\Users\user\Downloads\PALRGUCVEH.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\PIVFAGEAAV.docx
|
data
|
dropped
|
||
C:\Users\user\Downloads\PIVFAGEAAV.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\PIVFAGEAAV.xlsx
|
data
|
dropped
|
||
C:\Users\user\Downloads\PIVFAGEAAV.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\SQSJKEBWDT.jpg
|
data
|
dropped
|
||
C:\Users\user\Downloads\SQSJKEBWDT.jpg.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\SQSJKEBWDT.xlsx
|
data
|
dropped
|
||
C:\Users\user\Downloads\SQSJKEBWDT.xlsx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\SUAVTZKNFL.docx
|
data
|
dropped
|
||
C:\Users\user\Downloads\SUAVTZKNFL.docx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Downloads\TQDFJHPUIU.mp3
|
data
|
dropped
|
||
C:\Users\user\Downloads\TQDFJHPUIU.mp3.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Amazon.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Amazon.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Bing.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Bing.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Facebook.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Facebook.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Google.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Google.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Live.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Live.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\NYTimes.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\NYTimes.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Reddit.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Reddit.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Twitter.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Twitter.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Wikipedia.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Wikipedia.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Favorites\Youtube.url
|
data
|
dropped
|
||
C:\Users\user\Favorites\Youtube.url.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Adobe\Acrobat\DC\AdobeCMapFnt19.lst.vvyu (copy)
|
PostScript document text
|
dropped
|
||
C:\Users\user\Local Settings\Adobe\Acrobat\DC\IconCacheRdr65536.dat.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Adobe\Color\ACECache11.lst.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Comms\UnistoreDB\USS.jcp.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Comms\UnistoreDB\USSres00001.jrs.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Comms\UnistoreDB\USSres00002.jrs.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Comms\UnistoreDB\USStmp.jtx.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\ConnectedDevicesPlatform\CDPGlobalSettings.cdp.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Google\Chrome\User Data\CrashpadMetrics-active.pma.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Google\Chrome\User Data\CrashpadMetrics.pma.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\IconCache.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\CLR_v2.0\UsageLogs\addinutil.exe.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\CLR_v4.0\UsageLogs\NGenTask.exe.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\CLR_v4.0\UsageLogs\sdiagnhost.exe.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\CLR_v4.0\ngen.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\DomainSuggestions\en-US.1.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\VersionManager\versionlist.xml.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\brndlog.txt.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\ie4uinit-ClearIconCache.log.vvyu (copy)
|
Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Internet Explorer\ie4uinit-UserConfig.log.vvyu (copy)
|
Little-endian UTF-16 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-black_scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveMedTile.scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.contrast-white_scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-100.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-125.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-150.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-200.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\LogoImages\OneDriveSmallTile.scale-400.png.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\OneDrive.VisualElementsManifest.xml.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\Resources.pri.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\OneDrive\setup\ECSConfig.json.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\PenWorkspace\DiscoverCacheData.dat.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\Policy.vpol.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\1033\StructuredQuerySchema.bin.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_10_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_12_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_17_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_22_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_23_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_28_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_38_0.png.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\cversions.1.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\cversions.3.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3644736C-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db.vvyu
(copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\ExplorerStartupLog.etl.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_1280.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_1920.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_2560.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_768.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_96.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_custom_stream.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_exif.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_sr.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_wide.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_wide_alternate.db.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\AdobeARM.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\CR_0E027.tmp\setup.exe.vvyu (copy)
|
MS-DOS executable
|
dropped
|
||
C:\Users\user\Local Settings\Temp\JavaDeployReg.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\SetupExe(2020072310425948C).log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\aria-debug-3336.log.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\Local Settings\Temp\tmp2541.tmp.vvyu (copy)
|
MS-DOS executable
|
dropped
|
||
C:\Users\user\Local Settings\bowsakkdestx.txt.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\SendTo\Bluetooth File Transfer.LNK.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\SendTo\Desktop (create shortcut).DeskLink.vvyu (copy)
|
data
|
dropped
|
||
C:\Users\user\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\bootTel.dat
|
data
|
dropped
|
||
C:\bootTel.dat.vvyu (copy)
|
data
|
dropped
|
There are 427 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\aTTbUbX63Q.exe
|
"C:\Users\user\Desktop\aTTbUbX63Q.exe"
|
||
C:\Users\user\Desktop\aTTbUbX63Q.exe
|
"C:\Users\user\Desktop\aTTbUbX63Q.exe"
|
||
C:\Users\user\Desktop\aTTbUbX63Q.exe
|
"C:\Users\user\Desktop\aTTbUbX63Q.exe" --Admin IsNotAutoStart IsNotTask
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe --Task
|
||
C:\Users\user\Desktop\aTTbUbX63Q.exe
|
"C:\Users\user\Desktop\aTTbUbX63Q.exe" --Admin IsNotAutoStart IsNotTask
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
"C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe" --AutoStart
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe --Task
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
"C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe" --AutoStart
|
||
C:\Users\user\AppData\Local\a45d09a4-f11f-4e2f-be78-44d5031eb5a3\build2.exe
|
"C:\Users\user\AppData\Local\a45d09a4-f11f-4e2f-be78-44d5031eb5a3\build2.exe"
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
"C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe" --AutoStart
|
||
C:\Users\user\AppData\Local\a45d09a4-f11f-4e2f-be78-44d5031eb5a3\build2.exe
|
"C:\Users\user\AppData\Local\a45d09a4-f11f-4e2f-be78-44d5031eb5a3\build2.exe"
|
||
C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe
|
"C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672\aTTbUbX63Q.exe" --AutoStart
|
||
C:\Windows\SysWOW64\icacls.exe
|
icacls "C:\Users\user\AppData\Local\edc7cf87-32a9-4f06-ae60-8ca31f2b9672" /deny *S-1-1-0:(OI)(CI)(DE,DC)
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://acacaca.org/files/1/build3.exe
|
196.200.111.5
|
||
http://acacaca.org/files/1/build3.exe:
|
unknown
|
||
https://we.tl/t-QsoSRIeA
|
unknown
|
||
http://rgyui.top/dl/build2.exebqX
|
unknown
|
||
http://acacaca.org/files/1/build3.exe$runFf:&
|
unknown
|
||
https://we.tl/t-QsoSRIeAK6
|
unknown
|
||
http://rgyui.top/dl/build2.exe
|
211.40.39.251
|
||
http://acacaca.org/test2/get.php?pid=63423FF445583FE5A9A41B7CFEC3D9C4&first=true
|
196.200.111.5
|
||
http://acacaca.org/test2/get.php
|
|||
http://acacaca.org/files/1/build3.exeX
|
unknown
|
||
http://rgyui.top/dl/build2.exe$run
|
unknown
|
||
http://acacaca.org/files/1/build3.exe$run
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
http://www.nytimes.com/
|
unknown
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://api.2ip.ua/
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
https://t.me/pegasusfly1https://mas.to/
|
unknown
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
http://www.amazon.com/
|
unknown
|
||
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
|
unknown
|
||
http://www.twitter.com/
|
unknown
|
||
https://api.2ip.ua/geo.json
|
162.0.217.254
|
||
http://www.openssl.org/support/faq.html
|
unknown
|
||
https://ac.ecosia.org/autocomplete?q=
|
unknown
|
||
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
|
unknown
|
||
http://49.12.9.140:1080/6184098113.zip
|
49.12.9.140
|
||
http://www.youtube.com/
|
unknown
|
||
https://mas.to/
|
unknown
|
||
https://t.me/pegasusfly1
|
149.154.167.99
|
||
https://api.2ip.ua/geo.jsonL
|
unknown
|
||
http://www.wikipedia.com/
|
unknown
|
||
http://www.live.com/
|
unknown
|
||
http://49.12.9.140:1080/517
|
49.12.9.140
|
||
http://49.12.9.140:1080
|
unknown
|
||
http://www.reddit.com/
|
unknown
|
||
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
http://49.12.9.140:1080/
|
49.12.9.140
|
||
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
http://www.google.com/
|
unknown
|
There are 30 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
rgyui.top
|
211.40.39.251
|
||
acacaca.org
|
196.200.111.5
|
||
t.me
|
149.154.167.99
|
||
api.2ip.ua
|
162.0.217.254
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
211.40.39.251
|
rgyui.top
|
Korea Republic of
|
||
196.200.111.5
|
acacaca.org
|
Eritrea
|
||
49.12.9.140
|
unknown
|
Germany
|
||
162.0.217.254
|
api.2ip.ua
|
Canada
|
||
149.154.167.99
|
t.me
|
United Kingdom
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
SysHelper
|
||
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
|
SysHelper
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
42B0000
|
direct allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
4220000
|
direct allocation
|
page execute and read and write
|
||
4230000
|
direct allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
4270000
|
direct allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
4230000
|
direct allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
1E36342E000
|
heap
|
page read and write
|
||
1D970EE0000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
6E0000
|
heap
|
page read and write
|
||
7B0000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
819000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
93EA000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
3444000
|
unkown
|
page read and write
|
||
46A000
|
unkown
|
page readonly
|
||
88E68FE000
|
stack
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
540000
|
direct allocation
|
page read and write
|
||
61A000
|
heap
|
page read and write
|
||
75D000
|
heap
|
page read and write
|
||
434000
|
unkown
|
page write copy
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2F70000
|
heap
|
page read and write
|
||
1E0F0052000
|
heap
|
page read and write
|
||
490000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E35F0A0000
|
trusted library allocation
|
page read and write
|
||
2550000
|
heap
|
page read and write
|
||
A7E9BFF000
|
stack
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
2E5E000
|
stack
|
page read and write
|
||
4480000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
4220000
|
heap
|
page read and write
|
||
77C000
|
heap
|
page read and write
|
||
5BF000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
1AF987B0000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
2827D000
|
stack
|
page read and write
|
||
88E65FB000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
3070000
|
direct allocation
|
page read and write
|
||
9C0000
|
heap
|
page read and write
|
||
262E000
|
stack
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
839000
|
heap
|
page read and write
|
||
1AF98920000
|
heap
|
page readonly
|
||
2F70000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
93AB000
|
trusted library allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1D97104A000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
557000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
431000
|
unkown
|
page execute read
|
||
7BD000
|
heap
|
page read and write
|
||
490000
|
heap
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
1AF987EE000
|
heap
|
page read and write
|
||
1D71BC80000
|
heap
|
page read and write
|
||
2F71000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
7EE000
|
stack
|
page read and write
|
||
1E3634DE000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2B7E000
|
stack
|
page read and write
|
||
2710000
|
heap
|
page read and write
|
||
31F0000
|
trusted library allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
657000
|
heap
|
page read and write
|
||
9397000
|
trusted library allocation
|
page read and write
|
||
88E627C000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2CBD000
|
stack
|
page read and write
|
||
8EF000
|
stack
|
page read and write
|
||
85B000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E0F0102000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
7BD000
|
heap
|
page read and write
|
||
28DE000
|
stack
|
page read and write
|
||
ADF000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
431000
|
unkown
|
page execute read
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E0F002A000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
2B0F000
|
stack
|
page read and write
|
||
7B8000
|
heap
|
page read and write
|
||
4185000
|
trusted library allocation
|
page execute and read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
252E000
|
unkown
|
page readonly
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E0F0802000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E0F0000000
|
heap
|
page read and write
|
||
25CE000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
9D000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
28AE000
|
stack
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E35ED10000
|
trusted library section
|
page readonly
|
||
3391000
|
trusted library allocation
|
page read and write
|
||
7AF000
|
stack
|
page read and write
|
||
61A000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
33B5000
|
trusted library allocation
|
page read and write
|
||
1D71BC02000
|
heap
|
page read and write
|
||
1E36324E000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
5BE000
|
heap
|
page read and write
|
||
72B000
|
heap
|
page read and write
|
||
1E0F0002000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1D71BC5F000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
7F7000
|
heap
|
page read and write
|
||
3530000
|
unkown
|
page read and write
|
||
93CF000
|
trusted library allocation
|
page read and write
|
||
1A89E000
|
stack
|
page read and write
|
||
2660000
|
heap
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
20D0000
|
direct allocation
|
page execute and read and write
|
||
74F000
|
stack
|
page read and write
|
||
83E000
|
heap
|
page read and write
|
||
1FD7BA58000
|
heap
|
page read and write
|
||
2828A000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E3634FC000
|
heap
|
page read and write
|
||
5E4000
|
heap
|
page read and write
|
||
5EC000
|
heap
|
page read and write
|
||
2CAEDFE000
|
stack
|
page read and write
|
||
789000
|
heap
|
page read and write
|
||
28EF000
|
stack
|
page read and write
|
||
627000
|
heap
|
page read and write
|
||
28CE000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D71BD08000
|
heap
|
page read and write
|
||
3075000
|
direct allocation
|
page read and write
|
||
64E000
|
stack
|
page read and write
|
||
2FAE000
|
heap
|
page read and write
|
||
862000
|
heap
|
page read and write
|
||
5CA000
|
heap
|
page read and write
|
||
795000
|
heap
|
page read and write
|
||
7AE000
|
heap
|
page read and write
|
||
27AF000
|
stack
|
page read and write
|
||
464000
|
unkown
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
33E0000
|
unkown
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2C7F000
|
stack
|
page read and write
|
||
24EE000
|
stack
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
46A000
|
unkown
|
page readonly
|
||
642000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
800000
|
heap
|
page read and write
|
||
931B000
|
trusted library allocation
|
page read and write
|
||
2C7E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
2F71000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2F71000
|
heap
|
page read and write
|
||
287B000
|
heap
|
page read and write
|
||
17B000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
550000
|
heap
|
page read and write
|
||
1E35DC8B000
|
heap
|
page read and write
|
||
1E363414000
|
heap
|
page read and write
|
||
1E363441000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
5C9000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
1E35F090000
|
trusted library allocation
|
page read and write
|
||
94FD000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D971108000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
60900000
|
direct allocation
|
page execute and read and write
|
||
8FE000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1FD7BB00000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
93A7000
|
trusted library allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
5E9000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
400000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D971802000
|
trusted library allocation
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
1A38F000
|
stack
|
page read and write
|
||
1E363248000
|
trusted library allocation
|
page read and write
|
||
1FD7BA02000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4CB0B7F000
|
stack
|
page read and write
|
||
1D71BC60000
|
heap
|
page read and write
|
||
29DF000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
44C0000
|
heap
|
page read and write
|
||
5AA000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2C7A000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
33DB000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
792000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
448F000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
20C8D000
|
trusted library allocation
|
page read and write
|
||
275F000
|
stack
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
3070000
|
direct allocation
|
page read and write
|
||
B9B68FF000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E3633A0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E363360000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
31E1000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
322A000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
890000
|
heap
|
page read and write
|
||
1AF985A0000
|
trusted library allocation
|
page read and write
|
||
20C0000
|
heap
|
page read and write
|
||
1E35DC13000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
83F000
|
heap
|
page read and write
|
||
279E000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
401000
|
unkown
|
page execute read
|
||
400000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
31E1000
|
trusted library allocation
|
page read and write
|
||
1E35DCFD000
|
heap
|
page read and write
|
||
1E0EFEB0000
|
heap
|
page read and write
|
||
936B000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
29E0000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1E0EFEC0000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2F5F000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2650000
|
direct allocation
|
page read and write
|
||
1E35DC56000
|
heap
|
page read and write
|
||
1D971000000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E363350000
|
trusted library allocation
|
page read and write
|
||
28280000
|
heap
|
page read and write
|
||
93B1000
|
trusted library allocation
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
2E1E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E35DA30000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
275F000
|
stack
|
page read and write
|
||
196000
|
stack
|
page read and write
|
||
1D71BA30000
|
heap
|
page read and write
|
||
550000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
55B000
|
direct allocation
|
page read and write
|
||
A7E9E7A000
|
stack
|
page read and write
|
||
1E35ED20000
|
trusted library section
|
page readonly
|
||
226E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2B20000
|
heap
|
page read and write
|
||
1E35ECE0000
|
trusted library section
|
page readonly
|
||
27FC1000
|
heap
|
page read and write
|
||
2B7E000
|
stack
|
page read and write
|
||
85B000
|
heap
|
page read and write
|
||
1E363270000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E35ED00000
|
trusted library section
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E3634FE000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
29E0000
|
heap
|
page read and write
|
||
6A0000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
420F000
|
stack
|
page read and write
|
||
1D71BC5A000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
81D000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2230000
|
heap
|
page read and write
|
||
2E1E000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1AF987A8000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
5E0000
|
heap
|
page read and write
|
||
4CB076E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
40E0000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E363489000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
2F70000
|
remote allocation
|
page read and write
|
||
1AF987EF000
|
heap
|
page read and write
|
||
1E3634A3000
|
heap
|
page read and write
|
||
438E000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
28290000
|
trusted library allocation
|
page read and write
|
||
6097A000
|
direct allocation
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
494000
|
heap
|
page read and write
|
||
3CF000
|
stack
|
page read and write
|
||
4CB07EE000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1E363264000
|
trusted library allocation
|
page read and write
|
||
1E363270000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
3218000
|
trusted library allocation
|
page read and write
|
||
2A3D000
|
stack
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
4A8000
|
unkown
|
page write copy
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
6096E000
|
direct allocation
|
page read and write
|
||
27940000
|
trusted library allocation
|
page read and write
|
||
1D71BC5C000
|
heap
|
page read and write
|
||
3D0000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
9397000
|
trusted library allocation
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E363457000
|
heap
|
page read and write
|
||
266A000
|
heap
|
page read and write
|
||
1AF987ED000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
7BE000
|
stack
|
page read and write
|
||
5EC000
|
heap
|
page read and write
|
||
9DF000
|
stack
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
45E0000
|
heap
|
page read and write
|
||
939F000
|
trusted library allocation
|
page read and write
|
||
276E000
|
stack
|
page read and write
|
||
9910000
|
trusted library allocation
|
page read and write
|
||
1E35DD25000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
494000
|
heap
|
page read and write
|
||
2F1F000
|
stack
|
page read and write
|
||
1E35EBF0000
|
trusted library allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D71BD02000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
542000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1AF994D0000
|
trusted library allocation
|
page read and write
|
||
8A8000
|
heap
|
page read and write
|
||
1E0F0108000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2827F000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
49A000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
286F000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E0F005A000
|
heap
|
page read and write
|
||
1A99F000
|
stack
|
page read and write
|
||
2DBA000
|
stack
|
page read and write
|
||
608000
|
heap
|
page read and write
|
||
22B0000
|
heap
|
page read and write
|
||
1E36344E000
|
heap
|
page read and write
|
||
A7E967E000
|
stack
|
page read and write
|
||
34E8000
|
unkown
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
25EF000
|
stack
|
page read and write
|
||
558000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
31E5000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
278E000
|
stack
|
page read and write
|
||
B70000
|
heap
|
page read and write
|
||
2A0E000
|
stack
|
page read and write
|
||
9327000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
2CAE96C000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1FD7BA00000
|
heap
|
page read and write
|
||
1E35ECF0000
|
trusted library section
|
page readonly
|
||
1D71BC62000
|
heap
|
page read and write
|
||
2CAEC7F000
|
stack
|
page read and write
|
||
7E4000
|
heap
|
page read and write
|
||
1D971051000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
7C0000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1A85E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
434000
|
unkown
|
page write copy
|
||
1AF989D5000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
B0F000
|
stack
|
page read and write
|
||
31E1000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E35E518000
|
heap
|
page read and write
|
||
4350000
|
heap
|
page read and write
|
||
2B7D000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
655000
|
heap
|
page read and write
|
||
2F71000
|
heap
|
page read and write
|
||
27B0000
|
heap
|
page read and write
|
||
2680000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D71BC5B000
|
heap
|
page read and write
|
||
7FF000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2CAE9EF000
|
stack
|
page read and write
|
||
1AF986D0000
|
heap
|
page read and write
|
||
60980000
|
direct allocation
|
page readonly
|
||
2F71000
|
heap
|
page read and write
|
||
1FD7B970000
|
trusted library allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
860000
|
heap
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
252B000
|
unkown
|
page read and write
|
||
27740000
|
trusted library allocation
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1A4CE000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
4260000
|
heap
|
page read and write
|
||
30B0000
|
trusted library allocation
|
page read and write
|
||
542000
|
direct allocation
|
page read and write
|
||
4CB0D77000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1D97104C000
|
heap
|
page read and write
|
||
2F70000
|
heap
|
page read and write
|
||
9361000
|
trusted library allocation
|
page read and write
|
||
8BE000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
4FDB1AC000
|
stack
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
25FA000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
28170000
|
heap
|
page read and write
|
||
5E7000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
9FF000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
7DD000
|
heap
|
page read and write
|
||
B7E000
|
stack
|
page read and write
|
||
B3E000
|
stack
|
page read and write
|
||
1D970FE0000
|
trusted library allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
7FA000
|
heap
|
page read and write
|
||
790000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
31F0000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
20B0000
|
direct allocation
|
page read and write
|
||
1D971013000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
33F4000
|
unkown
|
page read and write
|
||
2AD000
|
stack
|
page read and write
|
||
939F000
|
trusted library allocation
|
page read and write
|
||
2B3A000
|
stack
|
page read and write
|
||
62A000
|
heap
|
page read and write
|
||
860000
|
heap
|
page read and write
|
||
5C7000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E35DC90000
|
heap
|
page read and write
|
||
B4E000
|
stack
|
page read and write
|
||
240000
|
heap
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
2A3D000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
27840000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
5C7000
|
heap
|
page read and write
|
||
1D971029000
|
heap
|
page read and write
|
||
1E3633A0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1E35DD13000
|
heap
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
2F1F000
|
stack
|
page read and write
|
||
2E1E000
|
stack
|
page read and write
|
||
838000
|
heap
|
page read and write
|
||
2F30000
|
trusted library section
|
page readonly
|
||
88E64FF000
|
stack
|
page read and write
|
||
1D71BAA0000
|
heap
|
page read and write
|
||
4CB0F7E000
|
stack
|
page read and write
|
||
76E000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
1A9D0000
|
remote allocation
|
page read and write
|
||
64E000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2F71000
|
heap
|
page read and write
|
||
1E363390000
|
trusted library allocation
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
29DF000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1FD7B8D0000
|
heap
|
page read and write
|
||
2F70000
|
heap
|
page read and write
|
||
A7E977C000
|
stack
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
780000
|
heap
|
page read and write
|
||
269E000
|
stack
|
page read and write
|
||
2A1E000
|
stack
|
page read and write
|
||
1AF989D0000
|
heap
|
page read and write
|
||
1E35DC79000
|
heap
|
page read and write
|
||
802000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
252E000
|
unkown
|
page readonly
|
||
7A3000
|
heap
|
page read and write
|
||
1D71BC00000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
540000
|
direct allocation
|
page read and write
|
||
2DBE000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
540000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
1B0000
|
remote allocation
|
page read and write
|
||
854000
|
heap
|
page read and write
|
||
9D000
|
stack
|
page read and write
|
||
4210000
|
direct allocation
|
page read and write
|
||
1E363130000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
1E35F071000
|
trusted library allocation
|
page read and write
|
||
1E35E502000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4CB06EB000
|
stack
|
page read and write
|
||
88E62FF000
|
stack
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
1A75E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
266B000
|
heap
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
1E363502000
|
heap
|
page read and write
|
||
1E363260000
|
trusted library allocation
|
page read and write
|
||
1D71BC85000
|
heap
|
page read and write
|
||
1E35E513000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1E35DBB0000
|
trusted library section
|
page read and write
|
||
196000
|
stack
|
page read and write
|
||
19A000
|
stack
|
page read and write
|
||
26BF7000
|
trusted library allocation
|
page read and write
|
||
2827B000
|
stack
|
page read and write
|
||
6A5000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1AA0E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1E35DCAF000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
26CA0000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
421A000
|
trusted library allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3253000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
276F000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
22AE000
|
stack
|
page read and write
|
||
1AF98990000
|
trusted library allocation
|
page read and write
|
||
A7E98FE000
|
stack
|
page read and write
|
||
5C5000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
81D000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
3070000
|
direct allocation
|
page read and write
|
||
28CE000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4CB0E7F000
|
stack
|
page read and write
|
||
1A5CF000
|
stack
|
page read and write
|
||
83D000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
93B4000
|
trusted library allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
5CA000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
6096F000
|
direct allocation
|
page readonly
|
||
1E3634EC000
|
heap
|
page read and write
|
||
558000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
5CA000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
620000
|
heap
|
page read and write
|
||
2CAEE79000
|
stack
|
page read and write
|
||
9D000
|
stack
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
19A000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E35DC3D000
|
heap
|
page read and write
|
||
1E35E415000
|
heap
|
page read and write
|
||
2C7F000
|
stack
|
page read and write
|
||
1E35DAA0000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
trusted library allocation
|
page read and write
|
||
1E363261000
|
trusted library allocation
|
page read and write
|
||
9AF000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2F30000
|
trusted library section
|
page readonly
|
||
6A5000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
29CF000
|
stack
|
page read and write
|
||
27B2000
|
trusted library allocation
|
page execute and read and write
|
||
2560000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
9CF000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
32E2000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4FDB8FB000
|
stack
|
page read and write
|
||
418F000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
434000
|
unkown
|
page write copy
|
||
401000
|
unkown
|
page execute read
|
||
92F0000
|
trusted library allocation
|
page read and write
|
||
1D971113000
|
heap
|
page read and write
|
||
69E000
|
stack
|
page read and write
|
||
578000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
95FD000
|
stack
|
page read and write
|
||
2F30000
|
trusted library section
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
1E35DD02000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
A7E9A7E000
|
stack
|
page read and write
|
||
2660000
|
heap
|
page read and write
|
||
1E35E400000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
264E000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page read and write
|
||
B9B627C000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
26A0000
|
heap
|
page read and write
|
||
B0F000
|
stack
|
page read and write
|
||
2E20000
|
remote allocation
|
page read and write
|
||
627000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
4560000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
3460000
|
unkown
|
page read and write
|
||
6DE000
|
stack
|
page read and write
|
||
B78000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
1FD7BB02000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E3634FE000
|
heap
|
page read and write
|
||
279E000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
608000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
2CBD000
|
stack
|
page read and write
|
||
2BEF000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
98E0000
|
direct allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
605000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
7E9000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
1E363370000
|
trusted library allocation
|
page read and write
|
||
1D970E80000
|
heap
|
page read and write
|
||
1E3630B0000
|
trusted library allocation
|
page read and write
|
||
46A000
|
unkown
|
page readonly
|
||
88E67F7000
|
stack
|
page read and write
|
||
1E3634EA000
|
heap
|
page read and write
|
||
B9B65FB000
|
stack
|
page read and write
|
||
288F000
|
stack
|
page read and write
|
||
1AD20000
|
unclassified section
|
page read and write
|
||
1E35DC00000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
2F70000
|
remote allocation
|
page read and write
|
||
286F000
|
stack
|
page read and write
|
||
632000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
3478000
|
unkown
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
608000
|
heap
|
page read and write
|
||
1D971100000
|
heap
|
page read and write
|
||
618000
|
heap
|
page read and write
|
||
1E35DCA2000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E3634F0000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
A7E947D000
|
stack
|
page read and write
|
||
419C000
|
trusted library allocation
|
page execute and read and write
|
||
2E1E000
|
stack
|
page read and write
|
||
6097B000
|
direct allocation
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
1E0F0113000
|
heap
|
page read and write
|
||
1E35E518000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
252B000
|
unkown
|
page read and write
|
||
1D97103C000
|
heap
|
page read and write
|
||
1A9D0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
798000
|
heap
|
page read and write
|
||
A7E9B7D000
|
stack
|
page read and write
|
||
60901000
|
direct allocation
|
page execute read
|
||
540000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
529000
|
remote allocation
|
page execute and read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1AF989E0000
|
trusted library allocation
|
page read and write
|
||
1A48F000
|
stack
|
page read and write
|
||
1AF987E6000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page read and write
|
||
1E363120000
|
trusted library allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
1D971070000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
494000
|
heap
|
page read and write
|
||
264E000
|
stack
|
page read and write
|
||
5CA000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
4A8000
|
unkown
|
page write copy
|
||
400000
|
unkown
|
page readonly
|
||
28DE000
|
stack
|
page read and write
|
||
980000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E0EFF20000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
83F000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3072000
|
direct allocation
|
page read and write
|
||
431000
|
unkown
|
page execute read
|
||
1AF98770000
|
trusted library allocation
|
page read and write
|
||
1D97104F000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
196000
|
stack
|
page read and write
|
||
29E0000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
46A000
|
unkown
|
page readonly
|
||
1E363240000
|
trusted library allocation
|
page read and write
|
||
95E000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
6A0000
|
heap
|
page read and write
|
||
1AF98910000
|
trusted library allocation
|
page read and write
|
||
1D97107A000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
540000
|
direct allocation
|
page read and write
|
||
710000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
2B7E000
|
stack
|
page read and write
|
||
434000
|
unkown
|
page write copy
|
||
5C6000
|
heap
|
page read and write
|
||
1AF987ED000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
850000
|
heap
|
page read and write
|
||
1E0F0100000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1D71BC5E000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
1E0F003C000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
28DE000
|
stack
|
page read and write
|
||
1E35DC95000
|
heap
|
page read and write
|
||
7C0000
|
heap
|
page read and write
|
||
2E20000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
29AF000
|
stack
|
page read and write
|
||
2F1F000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E0F0060000
|
heap
|
page read and write
|
||
26D1F000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2CBE000
|
stack
|
page read and write
|
||
1E363400000
|
heap
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
8CE000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4A8000
|
heap
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
27C60000
|
trusted library allocation
|
page read and write
|
||
88E66FD000
|
stack
|
page read and write
|
||
2DBB000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1AF98760000
|
trusted library allocation
|
page read and write
|
||
B3F000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1E35DA40000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
408E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
400000
|
unkown
|
page readonly
|
||
1FD7BB13000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
64E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E3630A0000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E363464000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1A9D0000
|
remote allocation
|
page read and write
|
||
529000
|
remote allocation
|
page execute and read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
494000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
431000
|
unkown
|
page execute read
|
||
88E637E000
|
stack
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
1D71BC13000
|
heap
|
page read and write
|
||
4193000
|
trusted library allocation
|
page execute and read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E35DC76000
|
heap
|
page read and write
|
||
A7E9377000
|
stack
|
page read and write
|
||
6A7000
|
heap
|
page read and write
|
||
862000
|
heap
|
page read and write
|
||
939F000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E3634F6000
|
heap
|
page read and write
|
||
938F000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
B20000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E3633A0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
529000
|
remote allocation
|
page execute and read and write
|
||
79E000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1E0F07C0000
|
trusted library allocation
|
page read and write
|
||
6E8000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
5C6000
|
heap
|
page read and write
|
||
289F000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
860000
|
heap
|
page read and write
|
||
21F0000
|
heap
|
page read and write
|
||
989000
|
heap
|
page read and write
|
||
1E0F0066000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2A3D000
|
stack
|
page read and write
|
||
2F70000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4CB0C7B000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
A7E8F2B000
|
stack
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
280FE000
|
stack
|
page read and write
|
||
1AC29000
|
trusted library allocation
|
page read and write
|
||
2F1F000
|
stack
|
page read and write
|
||
289F000
|
stack
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
1E0F0013000
|
heap
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
B9B67FC000
|
stack
|
page read and write
|
||
28314000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
93B4000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E363502000
|
heap
|
page read and write
|
||
9399000
|
trusted library allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
400000
|
unkown
|
page readonly
|
||
25F0000
|
heap
|
page read and write
|
||
252B000
|
unkown
|
page read and write
|
||
83D000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
6097D000
|
direct allocation
|
page read and write
|
||
830000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
45C000
|
unkown
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
632000
|
heap
|
page read and write
|
||
2CBE000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
265E000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
51A000
|
remote allocation
|
page execute and read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
280C0000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
1FD7BA78000
|
heap
|
page read and write
|
||
1AB0F000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
718000
|
heap
|
page read and write
|
||
88E69FE000
|
stack
|
page read and write
|
||
420F000
|
stack
|
page read and write
|
||
272F000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4410000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
806000
|
heap
|
page read and write
|
||
1D71BD00000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
A7E957B000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1E35DC70000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2DE0000
|
trusted library section
|
page readonly
|
||
4A8000
|
unkown
|
page write copy
|
||
1E363422000
|
heap
|
page read and write
|
||
1D71BD13000
|
heap
|
page read and write
|
||
2870000
|
heap
|
page read and write
|
||
1E35ECD0000
|
trusted library section
|
page readonly
|
||
838000
|
heap
|
page read and write
|
||
6FE000
|
stack
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
274F000
|
stack
|
page read and write
|
||
93AC000
|
trusted library allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4D1000
|
heap
|
page read and write
|
||
2B3A000
|
stack
|
page read and write
|
||
2690000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
2B3A000
|
stack
|
page read and write
|
||
46B0000
|
heap
|
page read and write
|
||
1AF989D9000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
407E000
|
stack
|
page read and write
|
||
9312000
|
trusted library allocation
|
page read and write
|
||
1E35DCA0000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
196000
|
stack
|
page read and write
|
||
1D970E70000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
252B000
|
unkown
|
page read and write
|
||
1E0F0080000
|
heap
|
page read and write
|
||
70E000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
434000
|
unkown
|
page write copy
|
||
529000
|
remote allocation
|
page execute and read and write
|
||
31F0000
|
trusted library allocation
|
page read and write
|
||
1D971084000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E363310000
|
trusted library allocation
|
page read and write
|
||
4A8000
|
unkown
|
page read and write
|
||
1E35DC29000
|
heap
|
page read and write
|
||
B9B637D000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
736000
|
heap
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
80B000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1FD7BA41000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
5C0000
|
heap
|
page read and write
|
||
5E9000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
289F000
|
stack
|
page read and write
|
||
29CF000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1D71BC3C000
|
heap
|
page read and write
|
||
897000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1AF98930000
|
trusted library allocation
|
page read and write
|
||
2E20000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2B1F000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
27FC1000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1E35DBA0000
|
trusted library allocation
|
page read and write
|
||
193000
|
stack
|
page read and write
|
||
27BB000
|
heap
|
page read and write
|
||
46A000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
27E80000
|
trusted library allocation
|
page read and write
|
||
1FD7C402000
|
trusted library allocation
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1A60D000
|
stack
|
page read and write
|
||
29DF000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E3633A0000
|
trusted library allocation
|
page read and write
|
||
B9B62FE000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
85D000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2B20000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1AF98590000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
625000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1B0000
|
remote allocation
|
page read and write
|
||
2B7E000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
A7EA07F000
|
stack
|
page read and write
|
||
1A70A000
|
stack
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
4100000
|
heap
|
page read and write
|
||
6A7000
|
heap
|
page read and write
|
||
1AF98940000
|
trusted library allocation
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
196000
|
stack
|
page read and write
|
||
1E0F008A000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E363240000
|
trusted library allocation
|
page read and write
|
||
1FD7BA28000
|
heap
|
page read and write
|
||
1FD7B8E0000
|
heap
|
page read and write
|
||
2C7E000
|
stack
|
page read and write
|
||
52B000
|
remote allocation
|
page execute and read and write
|
||
494000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
3070000
|
direct allocation
|
page read and write
|
||
801000
|
heap
|
page read and write
|
||
B80000
|
heap
|
page read and write
|
||
2CAEEFD000
|
stack
|
page read and write
|
||
2CAECF9000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
27AF000
|
stack
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
1E363380000
|
trusted library allocation
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
1D71BA40000
|
heap
|
page read and write
|
||
960000
|
trusted library section
|
page readonly
|
||
A0E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
222F000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
3070000
|
direct allocation
|
page read and write
|
||
2F9E000
|
heap
|
page read and write
|
||
4FDB6FB000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
494000
|
heap
|
page read and write
|
||
1E35F093000
|
trusted library allocation
|
page read and write
|
||
1AF986F0000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
7A3000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
79E000
|
heap
|
page read and write
|
||
3528000
|
unkown
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
650000
|
heap
|
page read and write
|
||
4FDB7FB000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
30000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
A7E99FF000
|
stack
|
page read and write
|
||
5CE000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
5CA000
|
heap
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
279E000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
570000
|
heap
|
page read and write
|
||
30AC000
|
stack
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
431000
|
unkown
|
page execute read
|
||
257E000
|
stack
|
page read and write
|
||
1E35E500000
|
heap
|
page read and write
|
||
264E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
66E000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
4FDB9FE000
|
stack
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
9740000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
337E000
|
stack
|
page read and write
|
||
38E000
|
stack
|
page read and write
|
||
31F0000
|
trusted library allocation
|
page read and write
|
||
4590000
|
heap
|
page read and write
|
||
2CAED79000
|
stack
|
page read and write
|
||
A7E9CFC000
|
stack
|
page read and write
|
||
634000
|
heap
|
page read and write
|
||
46A000
|
unkown
|
page readonly
|
||
2EC000
|
stack
|
page read and write
|
||
323C000
|
trusted library allocation
|
page read and write
|
||
A7E987B000
|
stack
|
page read and write
|
||
5D0000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
321D000
|
trusted library allocation
|
page read and write
|
||
B9B64FF000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1E35E402000
|
heap
|
page read and write
|
||
4A8000
|
unkown
|
page write copy
|
||
1D71BC29000
|
heap
|
page read and write
|
||
7AF000
|
stack
|
page read and write
|
||
7DE000
|
heap
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
83E000
|
heap
|
page read and write
|
||
4410000
|
heap
|
page read and write
|
||
1D71C402000
|
trusted library allocation
|
page read and write
|
||
26A0000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2F30000
|
trusted library section
|
page readonly
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
30000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
347C000
|
stack
|
page read and write
|
||
30E0000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
B9B66F7000
|
stack
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
A3E000
|
stack
|
page read and write
|
||
1FD7BA13000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
4A8000
|
unkown
|
page read and write
|
||
31E9000
|
trusted library allocation
|
page read and write
|
||
252B000
|
unkown
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1AF98780000
|
trusted library allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
A7E997F000
|
stack
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
8DF000
|
stack
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
1E363284000
|
trusted library allocation
|
page read and write
|
||
2CBE000
|
stack
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
8A0000
|
heap
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1D71BBA0000
|
trusted library allocation
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
540000
|
direct allocation
|
page read and write
|
||
1E35DC8E000
|
heap
|
page read and write
|
||
9C000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
494000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1F0000
|
trusted library allocation
|
page read and write
|
||
1E363280000
|
trusted library allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
938C000
|
trusted library allocation
|
page read and write
|
||
A7E9D7E000
|
stack
|
page read and write
|
||
529000
|
remote allocation
|
page execute and read and write
|
||
279E000
|
stack
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2795B000
|
trusted library allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
434000
|
unkown
|
page write copy
|
||
5EC000
|
heap
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
4640000
|
heap
|
page read and write
|
||
3120000
|
heap
|
page read and write
|
||
289F000
|
stack
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
2F70000
|
remote allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
1E364000000
|
heap
|
page read and write
|
||
27FC0000
|
heap
|
page read and write
|
||
1FD7B940000
|
heap
|
page read and write
|
||
1D971102000
|
heap
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
494000
|
heap
|
page read and write
|
||
68E000
|
stack
|
page read and write
|
||
3070000
|
direct allocation
|
page read and write
|
||
431000
|
unkown
|
page execute read
|
||
1AF987A0000
|
heap
|
page read and write
|
||
26D1A000
|
trusted library allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
540000
|
direct allocation
|
page read and write
|
||
252E000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
252E000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
83D000
|
heap
|
page read and write
|
||
1B0000
|
remote allocation
|
page read and write
|
There are 1417 hidden memdumps, click here to show them.