Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hANEXOPDF.PDF40 234057.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page:
1252, Revision Number: {52F8A70D-2919-44EF-BA03-DAC994B59AB8}, Number of Words: 2, Subject: Adobe Acrobat PDF, Author: Adobe
Acrobat PDF, Name of Creating Application: Adobe Acrobat PDF, Template: ;1046, Comments: A base dados do instalador contm
a lgica e os dados necessrios para instalar o Adobe Acrobat PDF., Title: Installation Database, Keywords: Installer, MSI,
Database, Number of Pages: 200
|
initial sample
|
 |
|
|
C:\Users\Public\Documents\DiavcthD.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Public\Documents\home21.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\pssBC6B.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scrBC59.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Installer\6dba16.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page:
1252, Revision Number: {52F8A70D-2919-44EF-BA03-DAC994B59AB8}, Number of Words: 2, Subject: Adobe Acrobat PDF, Author: Adobe
Acrobat PDF, Name of Creating Application: Adobe Acrobat PDF, Template: ;1046, Comments: A base dados do instalador contm
a lgica e os dados necessrios para instalar o Adobe Acrobat PDF., Title: Installation Database, Keywords: Installer, MSI,
Database, Number of Pages: 200
|
dropped
|
|
|
|
C:\Windows\Installer\MSIBB00.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIBB6F.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIBBBE.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIBBDE.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSIBC4E.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x1e5c2b64, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dnh1tnri.lrv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pl1nimjx.icf.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Installer\MSIBC2D.tmp
|
data
|
modified
|
||
|
C:\Windows\Installer\SourceHash{B68A296D-3AC1-440D-8DF0-1D645D15B8C2}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\Temp\~DF386061EC64175379.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF5B31A3A3F01FD564.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF785E9972F5143928.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF8830F0CE2430F0EE.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD0AFEEA37027D39C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD3B74E441E46AEE3.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
Chrome Cache Entry: 106
|
ASCII text, with very long lines (2898)
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
PNG image data, 106 x 5326, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 108
|
ASCII text, with very long lines (7408)
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
PNG image data, 106 x 5326, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
HTML document, ASCII text, with very long lines (20323)
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
ASCII text, with very long lines (2898)
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
ASCII text, with very long lines (1518)
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
ASCII text, with very long lines (1657)
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
ASCII text, with very long lines (769)
|
downloaded
|
||
|
Chrome Cache Entry: 115
|
ASCII text, with very long lines (2296)
|
downloaded
|
||
|
Chrome Cache Entry: 116
|
ASCII text, with very long lines (549)
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
ASCII text, with very long lines (769)
|
downloaded
|
||
|
Chrome Cache Entry: 118
|
Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 119
|
HTML document, ASCII text, with very long lines (14055)
|
downloaded
|
||
|
Chrome Cache Entry: 120
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 121
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 122
|
ASCII text, with very long lines (596)
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
ASCII text, with very long lines (883), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 124
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 125
|
ASCII text, with very long lines (521)
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 127
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (736)
|
downloaded
|
||
|
Chrome Cache Entry: 132
|
ASCII text, with very long lines (2296)
|
downloaded
|
||
|
Chrome Cache Entry: 133
|
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 134
|
ASCII text, with very long lines (2429), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
|
Chrome Cache Entry: 136
|
ASCII text, with very long lines (6817)
|
dropped
|
||
|
Chrome Cache Entry: 137
|
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
|
dropped
|
||
|
Chrome Cache Entry: 138
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 139
|
ASCII text, with very long lines (2347)
|
downloaded
|
||
|
Chrome Cache Entry: 140
|
HTML document, ASCII text, with very long lines (32108)
|
downloaded
|
||
|
Chrome Cache Entry: 141
|
GIF image data, version 89a, 500 x 200
|
dropped
|
||
|
Chrome Cache Entry: 142
|
ASCII text, with very long lines (739)
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
ASCII text, with very long lines (2141)
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
ASCII text, with very long lines (6817)
|
downloaded
|
||
|
Chrome Cache Entry: 145
|
ASCII text, with very long lines (736)
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
ASCII text, with very long lines (883), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 147
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 148
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 149
|
ASCII text, with very long lines (8939), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 150
|
GIF image data, version 89a, 500 x 200
|
downloaded
|
There are 64 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\hANEXOPDF.PDF40 234057.msi"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding CE2D7E5D3114F90E94C35CC7545C98DA
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Temp\pssBC6B.ps1" -propFile "C:\Users\user\AppData\Local\Temp\msiBC58.txt"
-scriptFile "C:\Users\user\AppData\Local\Temp\scrBC59.ps1" -scriptArgsFile "C:\Users\user\AppData\Local\Temp\scrBC5A.txt"
-propSep " :<->: " -testPrefix "_testValue."
|
|
|
|
C:\Users\Public\Documents\home21.exe
|
"C:\Users\Public\Documents\home21.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\Public\Documents\DiavcthD.vbs"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\Public\Documents\DiavcthD.vbs"
|
|
|
|
C:\Users\Public\Documents\home21.exe
|
"C:\Users\Public\Documents\home21.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://winhomemodulo.ddns.net/w2/
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2536 --field-trial-handle=2096,i,1416669243780171068,6153319539706403658,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
There are 2 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://aka.ms/pscore6lBzq
|
unknown
|
||
|
http://fontawesome.io
|
unknown
|
||
|
https://www.google.com.br/client_204?atyp=i&biw=1034&bih=870&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&opi=89978449
|
142.250.185.99
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://teste.meuly.online
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
https://www.google.com/images/hpp/ic_wahlberg_product_core_48.png8.png
|
142.250.185.196
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
https://www.google.com.br/images/searchbox/desktop_searchbox_sprites318_hr.webp
|
142.250.185.99
|
||
|
https://ogs.google.com.br/
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
https://teste.meulLRzq
|
unknown
|
||
|
https://ogs.google.com.br/widget/app/so?awwd=1&gm3=1&origin=https%3A%2F%2Fwww.google.com.br&cn=app&pid=1&spid=538&hl=en
|
|||
|
http://schemas.xmlsoap.org/wsdl/soap12/SV
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/soap/
|
unknown
|
||
|
http://winhomemodulo.ddns.net/w2/
|
64.226.97.61
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
https://ogs.google.com.br/widget/app/so
|
unknown
|
||
|
https://www.google.com.br/gen_204?atyp=csi&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&s=webhp&t=all&imn=11&ima=2&imad=0&imac=0&wh=907&aftie=NF&aft=1&aftp=907&adh=&ime=1&imeae=0&imeap=0&imex=1&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&imeeb=0&scp=0&cb=205653&ucb=205653&mem=ujhs.6,tjhs.10,jhsl.2173,dm.8&nv=ne.1,feid.62fc9447-4556-440a-8b9a-5cf3e8b62e83&net=dl.1450,ect.3g,rtt.300&hp=&sys=hc.4&p=bs.true&rt=hst.96,cbt.97,prt.1047,afti.1379,aftip.1045,aft.1379,aftqf.1380,xjses.1934,xjsee.1982,xjs.1982,lcp.1407,fcp.1108,wsrt.3901,cst.678,dnst.10,rqst.728,rspt.373,sslt.678,rqstt.3546,unt.2855,cstt.2868,dit.4986&zx=1720114985264&opi=89978449
|
142.250.185.99
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/http
|
unknown
|
||
|
https://teste.meuly.online/xxx/home21.exe
|
23.111.168.85
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://teste.meull
|
unknown
|
||
|
https://www.google.com.br/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=J9-GZvKjJq-Jxc8Pk7aqmA0.1720114985301&dpr=1&nolsbt=1
|
142.250.185.99
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://www.google.com.br/xjs/_/ss/k=xjs.hd.uXKqy-U68Tg.L.B1.O/am=AEwBAAAAAACAAQAAAAAAAAAAAAAAAACAAABAAAAAAAAACgCfBDAEADYEAAAAIABAAAAAAAAAKAAAAMAEAAAEAJAAEAAQEAAAAACAEEAAQAAIUASQACgIMgABAAARAAOGARAVAAwBAAAAAQQAAAAA4EYAAgQAgBAAAXgAAQAE6AABMAAIAABAAAMYCAAAAAAAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAgAKAAAAAAAAAAAAAAAAAAAACA/d=1/ed=1/br=1/rs=ACT90oGsq-SoWBQak-dlJ1cJ1f6Qo33Eng/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl
|
142.250.185.99
|
||
|
https://www.google.com.br/xjs/_/js/k=xjs.hd.en.O0yDbPOOl4Q.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAABACKAAAAAUAAAAAAAAAAAAAIAAIQBAKAAAAuAAEAEBAIAAAIBAEIBHmQAAEAAmAAAAAAQAACgIQAABAAAQAAAAAAAUAAAAAAAAAAAAAAAMIIAAAAAAAAAAAAAAAAAA6AAAAAACIEAQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG/d=0/dg=0/br=1/rs=ACT90oEbz1QcJ7_--YgKEGx4ivY8shu-hw/m=kMFpHd,sy8x,bm51tf?xjs=s4
|
142.250.185.99
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://www.borland.com/namespaces/Types-IWSDLPublish
|
unknown
|
||
|
http://fontawesome.iohttp://fontawesome.iohttp://fontawesome.io/license/http://fontawesome.io/licens
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://ogs.google.com.br/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com.br&cn=callout&pid=1&spid=538&hl=en
|
|||
|
http://winhomemodulo.ddns.net/w2/openU
|
unknown
|
||
|
https://www.google.com.br/favicon.ico
|
142.250.185.99
|
||
|
https://www.google.com.br/gen_204?atyp=i&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&dt19=2&prm23=0&zx=1720114987066&opi=89978449
|
142.250.185.99
|
||
|
http://www.borland.com/rootpart.xml
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://www.google.com.br/xjs/_/ss/k=xjs.hd.uXKqy-U68Tg.L.B1.O/am=AEwBAAAAAACAAQAAAAAAAAAAAAAAAACAAABAAAAAAAAACgCfBDAEADYEAAAAIABAAAAAAAAAKAAAAMAEAAAEAJAAEAAQEAAAAACAEEAAQAAIUASQACgIMgABAAARAAOGARAVAAwBAAAAAQQAAAAA4EYAAgQAgBAAAXgAAQAE6AABMAAIAABAAAMYCAAAAAAAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAgAKAAAAAAAAAAAAAAAAAAAACA/d=0/br=1/rs=ACT90oGsq-SoWBQak-dlJ1cJ1f6Qo33Eng/m=syj3,syka?xjs=s4
|
142.250.185.99
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.google.com.br/log?format
|
unknown
|
||
|
https://www.google.com.br/xjs/_/js/k=xjs.hd.en.O0yDbPOOl4Q.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAABACKAAAAAUAAAAAAAAAAAAAIAAIQBAKAAAAuAAEAEBAIAAAIBAEIBHmQAAEAAmAAAAAAQAACgIQAABAAAQAAAAAAAUAAAAAAAAAAAAAAAMIIAAAAAAAAAAAAAAAAAA6AAAAAACIEAQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG/d=0/dg=0/br=1/rs=ACT90oEbz1QcJ7_--YgKEGx4ivY8shu-hw/m=sytl,sytk,VsqSCc,sy1b6,P10Owf,sy19v,sy19t,syq9,gSZvdb,syw5,syw4,WlNQGd,sywi,sywg,nabPbb,syqe,syqb,syqa,syq8,DPreE,syvz,syvx,syj3,syka,CnSW2d,kQvlef,sywh,fXO0xe?xjs=s4
|
142.250.185.99
|
||
|
https://www.google.com.br/gen_204?atyp=csi&ei=LN-GZtfpG5yri-gP-v6IsAc&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.6,tjhs.10,jhsl.2173,dm.8&nv=ne.1,feid.62fc9447-4556-440a-8b9a-5cf3e8b62e83&hp=&rt=ttfb.1025,st.1027,bs.27,aaft.1027,acrt.1028,art.1028&zx=1720114988090&opi=89978449
|
142.250.185.99
|
||
|
https://www.google.com.br/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&zx=1720114990613&opi=89978449
|
142.250.185.99
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.google.com.br/gen_204?s=webhp&t=aft&atyp=csi&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&rt=wsrt.3901,aft.1379,afti.1379,cbt.97,hst.96,prt.1047&imn=11&ima=2&imad=0&imac=0&wh=907&aftie=NF&aft=1&aftp=907&opi=89978449
|
142.250.185.99
|
||
|
https://www.google.com.br/xjs/_/js/k=xjs.hd.en.O0yDbPOOl4Q.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAABACKAAAAAUAAAAAAAAAAAAAIAAIQBAKAAAAuAAEAEBAIAAAIBAEIBHmQAAEAAmAAAAAAQAACgIQAABAAAQAAAAAAAUAAAAAAAAAAAAAAAMIIAAAAAAAAAAAAAAAAAA6AAAAAACIEAQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG/d=0/dg=0/br=1/rs=ACT90oEbz1QcJ7_--YgKEGx4ivY8shu-hw/m=syf6,aLUfP?xjs=s4
|
142.250.185.99
|
||
|
https://play.google.com/log?hasfast=true&authuser=0&format=json
|
172.217.16.206
|
||
|
https://play.google.com/log?format=json&hasfast=true
|
172.217.16.206
|
||
|
http://digitalbush.com/projects/masked-input-plugin/#license)
|
unknown
|
||
|
http://fontawesome.io/license/
|
unknown
|
||
|
https://www.google.com.br/
|
|||
|
http://schemas.xmlsoap.org/wsdl/soap/#
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
https://www.thawte.com/cps0/
|
unknown
|
||
|
https://www.google.com.br/logos/doodles/2024/fourth-of-july-2024-6753651837110246-law.gif
|
142.250.185.99
|
||
|
http://schemas.xmlsoap.org/wsdl/http/
|
unknown
|
||
|
https://www.thawte.com/repository0W
|
unknown
|
||
|
http://tempuri.org/U
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
https://www.google.com.br/gen_204?atyp=csi&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&s=promo&rt=hpbas.3784,hpbarr.1030&zx=1720114988091&opi=89978449
|
142.250.185.99
|
||
|
https://www.google.com.br/client_204?cs=1&opi=89978449
|
142.250.185.99
|
||
|
https://www.advancedinstaller.com
|
unknown
|
||
|
https://teste.meuly.onDfo
|
unknown
|
||
|
https://www.google.com.br/async/hpba?vet=10ahUKEwiy08nU942HAxWvRPEDHRObCtMQj-0KCBY..i&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&opi=89978449&yv=3&cs=0&async=isImageHp:false,eventId:J9-GZvKjJq-Jxc8Pk7aqmA0,endpoint:overlay,stick:,_basejs:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.O0yDbPOOl4Q.O%2Fam%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAABACKAAAAAUAAAAAAAAAAAAAIAAIQBAKAAAAuAAEAEBAIAAAIBAEIBHmQAAEAAmAAAAAAQAACgIQAABAAAQAAAAAAAUAAAAAAAAAAAAAAAMIIAAAAAAAAAAAAAAAAAA6AAAAAACIEAQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG%2Fdg%3D0%2Fbr%3D1%2Frs%3DACT90oEbz1QcJ7_--YgKEGx4ivY8shu-hw,_basecss:%2Fxjs%2F_%2Fss%2Fk%3Dxjs.hd.uXKqy-U68Tg.L.B1.O%2Fam%3DAEwBAAAAAACAAQAAAAAAAAAAAAAAAACAAABAAAAAAAAACgCfBDAEADYEAAAAIABAAAAAAAAAKAAAAMAEAAAEAJAAEAAQEAAAAACAEEAAQAAIUASQACgIMgABAAARAAOGARAVAAwBAAAAAQQAAAAA4EYAAgQAgBAAAXgAAQAE6AABMAAIAABAAAMYCAAAAAAAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAgAKAAAAAAAAAAAAAAAAAAAACA%2Fbr%3D1%2Frs%3DACT90oGsq-SoWBQak-dlJ1cJ1f6Qo33Eng,_basecomb:%2Fxjs%2F_%2Fjs%2Fk%3Dxjs.hd.en.O0yDbPOOl4Q.O%2Fck%3Dxjs.hd.uXKqy-U68Tg.L.B1.O%2Fam%3DAEwBAAAAAACAAQAAAAAAAAAAAAAAAACAAABAAAAAAABACqCfBDAUADYEAAAAIABAAIAAIQBAKAAAAuAEEAEFAJAAEIBQEIBHmQCAEEAmQAAIUASQACgIcgABAAARAAOGARAVAAwBAAAAAQQAAAAM4MYAAgQAgBAAAXgAAQAE6AABMAAKIEBQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG%2Fd%3D1%2Fed%3D1%2Fdg%3D0%2Fbr%3D1%2Fujg%3D1%2Frs%3DACT90oHrqdFD_oFp_AmAyXzeY67GUHO6TQ,_fmt:prog,_id:a3JU5b
|
142.250.185.99
|
||
|
http://teste.meuly.online
|
unknown
|
||
|
https://teste.me
|
unknown
|
||
|
https://www.google.com.br/xjs/_/js/md=10/k=xjs.hd.en.O0yDbPOOl4Q.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAABACKAAAAAUAAAAAAAAAAAAAIAAIQBAKAAAAuAAEAEBAIAAAIBAEIBHmQAAEAAmAAAAAAQAACgIQAABAAAQAAAAAAAUAAAAAAAAAAAAAAAMIIAAAAAAAAAAAAAAAAAA6AAAAAACIEAQAAMYCAAABAAAAKAHAMEBMEhBAAAAAAAAAAAAAAAAApAgmAsJKAggAAAAAAAAAAAAAAAAACnpxMIG/rs=ACT90oEbz1QcJ7_--YgKEGx4ivY8shu-hw
|
142.250.185.99
|
||
|
https://www.google.com.br/gen_204?atyp=i&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&ct=slh&v=t1&im=M&m=HV&pv=0.9092164420469366&me=1:1720114984323,V,0,0,1034,870:0,B,870:0,N,1,J9-GZvKjJq-Jxc8Pk7aqmA0:0,R,1,1,0,0,1034,870:0,R,1,4,267,334,500,16:2747,x:125,h,1,1,i:79,h,1,4,i:108,h,1,4,o:1007,h,1,1,o:1032,e,B&zx=1720114989421&opi=89978449
|
142.250.185.99
|
||
|
http://schemas.xmlsoap.org/wsdl/mime/
|
unknown
|
||
|
https://www.google.com.br/gen_204?s=webhp&t=cap&atyp=csi&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&rt=wsrt.3901,cbt.97,hst.96&opi=89978449
|
142.250.185.99
|
||
|
https://www.google.com.br/log?format=json&hasfast=true&authuser=0
|
142.250.185.99
|
||
|
https://www.google.com.br/gen_204?atyp=csi&ei=J9-GZvKjJq-Jxc8Pk7aqmA0&s=promo&rt=hpbas.3784&zx=1720114987061&opi=89978449
|
142.250.185.99
|
There are 70 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
winhomemodulo.ddns.net
|
64.226.97.61
|
|
|
|
ogs.google.com.br
|
unknown
|
|
|
|
apis.google.com
|
unknown
|
|
|
|
teste.meuly.online
|
23.111.168.85
|
||
|
google.com.br
|
142.250.185.227
|
||
|
www3.l.google.com
|
142.250.185.174
|
||
|
plus.l.google.com
|
172.217.16.142
|
||
|
play.google.com
|
172.217.16.206
|
||
|
www.google.com.br
|
142.250.185.99
|
||
|
www.google.com
|
142.250.74.196
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
64.226.97.61
|
winhomemodulo.ddns.net
|
Canada
|
|
|
|
142.250.185.99
|
www.google.com.br
|
United States
|
||
|
142.250.186.68
|
unknown
|
United States
|
||
|
23.111.168.85
|
teste.meuly.online
|
United States
|
||
|
172.217.16.206
|
play.google.com
|
United States
|
||
|
216.58.206.67
|
unknown
|
United States
|
||
|
142.250.185.110
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.174
|
www3.l.google.com
|
United States
|
||
|
142.250.185.196
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.74.196
|
www.google.com
|
United States
|
||
|
172.217.16.142
|
plus.l.google.com
|
United States
|
There are 4 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
DiavcthD
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A07E10A000
|
heap
|
page read and write
|
||
|
A874000
|
direct allocation
|
page read and write
|
||
|
CE93000
|
direct allocation
|
page read and write
|
||
|
1A07D202000
|
heap
|
page read and write
|
||
|
9FAF000
|
direct allocation
|
page read and write
|
||
|
EB7000
|
unkown
|
page readonly
|
||
|
991D4FD000
|
stack
|
page read and write
|
||
|
D1E7000
|
direct allocation
|
page read and write
|
||
|
D1B0000
|
direct allocation
|
page read and write
|
||
|
991D57E000
|
unkown
|
page readonly
|
||
|
B0E4000
|
direct allocation
|
page read and write
|
||
|
9FFD000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
B4DC000
|
direct allocation
|
page read and write
|
||
|
D28B000
|
direct allocation
|
page read and write
|
||
|
DC4D000
|
direct allocation
|
page read and write
|
||
|
6DEE000
|
stack
|
page read and write
|
||
|
2716C1CC000
|
heap
|
page read and write
|
||
|
C6DC000
|
direct allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
77F0000
|
unkown
|
page readonly
|
||
|
76B0000
|
trusted library allocation
|
page read and write
|
||
|
D783000
|
direct allocation
|
page read and write
|
||
|
229953F0000
|
heap
|
page read and write
|
||
|
1A07E200000
|
trusted library allocation
|
page read and write
|
||
|
D90E000
|
direct allocation
|
page read and write
|
||
|
B01A000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
EB5000
|
unkown
|
page readonly
|
||
|
1A07D970000
|
trusted library section
|
page readonly
|
||
|
CF20000
|
direct allocation
|
page read and write
|
||
|
DB5C000
|
direct allocation
|
page read and write
|
||
|
1A07E2E8000
|
trusted library allocation
|
page read and write
|
||
|
DB1C000
|
direct allocation
|
page read and write
|
||
|
CD0A000
|
direct allocation
|
page read and write
|
||
|
1A07DA80000
|
trusted library allocation
|
page read and write
|
||
|
D8A8000
|
direct allocation
|
page read and write
|
||
|
A969000
|
direct allocation
|
page read and write
|
||
|
A89C000
|
direct allocation
|
page read and write
|
||
|
A5BC000
|
direct allocation
|
page read and write
|
||
|
D72C000
|
direct allocation
|
page read and write
|
||
|
1A07CA7A000
|
heap
|
page read and write
|
||
|
991E77E000
|
unkown
|
page readonly
|
||
|
1A07D960000
|
trusted library section
|
page readonly
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
9DF0000
|
direct allocation
|
page read and write
|
||
|
A13C000
|
direct allocation
|
page read and write
|
||
|
9FE3000
|
direct allocation
|
page read and write
|
||
|
A9BC000
|
direct allocation
|
page read and write
|
||
|
A005000
|
direct allocation
|
page read and write
|
||
|
49D7000
|
heap
|
page read and write
|
||
|
1A07CAB0000
|
heap
|
page read and write
|
||
|
991E5FE000
|
stack
|
page read and write
|
||
|
1A07CA8D000
|
heap
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
CE48000
|
direct allocation
|
page read and write
|
||
|
1A07E26C000
|
trusted library allocation
|
page read and write
|
||
|
4E76000
|
trusted library allocation
|
page read and write
|
||
|
8071000
|
heap
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page read and write
|
||
|
A46A000
|
direct allocation
|
page read and write
|
||
|
6FBB000
|
stack
|
page read and write
|
||
|
A296000
|
direct allocation
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6EAE000
|
stack
|
page read and write
|
||
|
C785000
|
direct allocation
|
page read and write
|
||
|
A897000
|
direct allocation
|
page read and write
|
||
|
6E2E000
|
stack
|
page read and write
|
||
|
C547000
|
direct allocation
|
page read and write
|
||
|
1A07CB02000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
4FD5000
|
trusted library allocation
|
page read and write
|
||
|
7880000
|
trusted library allocation
|
page read and write
|
||
|
D7EC000
|
direct allocation
|
page read and write
|
||
|
AE4B000
|
direct allocation
|
page read and write
|
||
|
839D000
|
stack
|
page read and write
|
||
|
991DA7C000
|
stack
|
page read and write
|
||
|
C6A1000
|
direct allocation
|
page read and write
|
||
|
9F9D000
|
direct allocation
|
page read and write
|
||
|
D97F000
|
direct allocation
|
page read and write
|
||
|
2716C280000
|
heap
|
page read and write
|
||
|
5545000
|
trusted library allocation
|
page read and write
|
||
|
CD99000
|
direct allocation
|
page read and write
|
||
|
A78E000
|
direct allocation
|
page read and write
|
||
|
A8A1000
|
direct allocation
|
page read and write
|
||
|
EB3000
|
unkown
|
page write copy
|
||
|
EB5000
|
unkown
|
page readonly
|
||
|
D8AC000
|
direct allocation
|
page read and write
|
||
|
C7C6000
|
direct allocation
|
page read and write
|
||
|
DAFA000
|
direct allocation
|
page read and write
|
||
|
77EE000
|
stack
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
D85E000
|
direct allocation
|
page read and write
|
||
|
2E48000
|
heap
|
page read and write
|
||
|
913E000
|
stack
|
page read and write
|
||
|
229939AB000
|
heap
|
page read and write
|
||
|
1A07E2C0000
|
remote allocation
|
page read and write
|
||
|
7729000
|
trusted library allocation
|
page read and write
|
||
|
DAA8000
|
direct allocation
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
||
|
A9F8000
|
direct allocation
|
page read and write
|
||
|
A2E8000
|
direct allocation
|
page read and write
|
||
|
A95A000
|
direct allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page readonly
|
||
|
9DF0000
|
direct allocation
|
page read and write
|
||
|
1A07C9A0000
|
trusted library allocation
|
page read and write
|
||
|
22993A06000
|
heap
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
DB93000
|
direct allocation
|
page read and write
|
||
|
B0B9000
|
direct allocation
|
page read and write
|
||
|
AFFE000
|
direct allocation
|
page read and write
|
||
|
D81C000
|
direct allocation
|
page read and write
|
||
|
AFB6000
|
direct allocation
|
page read and write
|
||
|
A1C1000
|
direct allocation
|
page read and write
|
||
|
A534000
|
direct allocation
|
page read and write
|
||
|
9FCB000
|
direct allocation
|
page read and write
|
||
|
991F8FE000
|
stack
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
6CCB000
|
unkown
|
page readonly
|
||
|
76C0000
|
trusted library allocation
|
page read and write
|
||
|
B4EF000
|
direct allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
A1D5000
|
direct allocation
|
page read and write
|
||
|
AFD2000
|
direct allocation
|
page read and write
|
||
|
7715000
|
trusted library allocation
|
page read and write
|
||
|
A877000
|
direct allocation
|
page read and write
|
||
|
D94C000
|
direct allocation
|
page read and write
|
||
|
D9CA000
|
direct allocation
|
page read and write
|
||
|
229939AE000
|
heap
|
page read and write
|
||
|
9FAA000
|
direct allocation
|
page read and write
|
||
|
C761000
|
direct allocation
|
page read and write
|
||
|
A2B8000
|
direct allocation
|
page read and write
|
||
|
A4D1000
|
direct allocation
|
page read and write
|
||
|
875E000
|
stack
|
page read and write
|
||
|
9F9F000
|
direct allocation
|
page read and write
|
||
|
A934000
|
direct allocation
|
page read and write
|
||
|
991D77E000
|
unkown
|
page readonly
|
||
|
1A07C940000
|
heap
|
page read and write
|
||
|
90FE000
|
stack
|
page read and write
|
||
|
6CCE000
|
unkown
|
page readonly
|
||
|
A465000
|
direct allocation
|
page read and write
|
||
|
EB3000
|
unkown
|
page write copy
|
||
|
A27E000
|
direct allocation
|
page read and write
|
||
|
A7E2000
|
direct allocation
|
page read and write
|
||
|
74C2000
|
heap
|
page read and write
|
||
|
5404000
|
trusted library allocation
|
page read and write
|
||
|
A66B000
|
direct allocation
|
page read and write
|
||
|
E78000
|
unkown
|
page write copy
|
||
|
CDA2000
|
direct allocation
|
page read and write
|
||
|
D800000
|
direct allocation
|
page read and write
|
||
|
B0EC000
|
direct allocation
|
page read and write
|
||
|
4E78000
|
unkown
|
page readonly
|
||
|
7542000
|
heap
|
page read and write
|
||
|
1A07E270000
|
trusted library allocation
|
page read and write
|
||
|
A68D000
|
direct allocation
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
1A07E307000
|
trusted library allocation
|
page read and write
|
||
|
EAE000
|
unkown
|
page write copy
|
||
|
AB22000
|
direct allocation
|
page read and write
|
||
|
D079000
|
direct allocation
|
page read and write
|
||
|
4E78000
|
unkown
|
page readonly
|
||
|
A932000
|
direct allocation
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page read and write
|
||
|
DA3F000
|
direct allocation
|
page read and write
|
||
|
AF63000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
A87F000
|
direct allocation
|
page read and write
|
||
|
AC15000
|
direct allocation
|
page read and write
|
||
|
74B7000
|
heap
|
page read and write
|
||
|
991DE7B000
|
stack
|
page read and write
|
||
|
D96E000
|
direct allocation
|
page read and write
|
||
|
9F70000
|
direct allocation
|
page read and write
|
||
|
A767000
|
direct allocation
|
page read and write
|
||
|
9F74000
|
direct allocation
|
page read and write
|
||
|
9F21000
|
direct allocation
|
page read and write
|
||
|
AA7B000
|
direct allocation
|
page read and write
|
||
|
991E67E000
|
unkown
|
page readonly
|
||
|
A10E000
|
direct allocation
|
page read and write
|
||
|
991D87E000
|
stack
|
page read and write
|
||
|
A66D000
|
direct allocation
|
page read and write
|
||
|
B9FD000
|
direct allocation
|
page read and write
|
||
|
48A0000
|
trusted library allocation
|
page read and write
|
||
|
1A07D1F0000
|
trusted library allocation
|
page read and write
|
||
|
DC90000
|
direct allocation
|
page read and write
|
||
|
C78B000
|
direct allocation
|
page read and write
|
||
|
A2FB000
|
direct allocation
|
page read and write
|
||
|
9F5B000
|
direct allocation
|
page read and write
|
||
|
CBE2000
|
direct allocation
|
page read and write
|
||
|
7EF10000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9DD000
|
direct allocation
|
page read and write
|
||
|
1A07E084000
|
heap
|
page read and write
|
||
|
991E57E000
|
unkown
|
page readonly
|
||
|
B0BD000
|
direct allocation
|
page read and write
|
||
|
B0D7000
|
direct allocation
|
page read and write
|
||
|
A1BF000
|
direct allocation
|
page read and write
|
||
|
7548000
|
heap
|
page read and write
|
||
|
B02C000
|
direct allocation
|
page read and write
|
||
|
D2F9000
|
direct allocation
|
page read and write
|
||
|
A440000
|
direct allocation
|
page read and write
|
||
|
4FE6000
|
trusted library allocation
|
page read and write
|
||
|
1A07E20E000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
48F0000
|
heap
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
A3E4000
|
direct allocation
|
page read and write
|
||
|
C796000
|
direct allocation
|
page read and write
|
||
|
1A07E01F000
|
heap
|
page read and write
|
||
|
CD06000
|
direct allocation
|
page read and write
|
||
|
B83A000
|
direct allocation
|
page read and write
|
||
|
A319000
|
direct allocation
|
page read and write
|
||
|
1A07E291000
|
trusted library allocation
|
page read and write
|
||
|
A1FC000
|
direct allocation
|
page read and write
|
||
|
86DE000
|
stack
|
page read and write
|
||
|
7A10000
|
unkown
|
page read and write
|
||
|
8860000
|
heap
|
page read and write
|
||
|
D023000
|
direct allocation
|
page read and write
|
||
|
2716C180000
|
heap
|
page read and write
|
||
|
D0E7000
|
direct allocation
|
page read and write
|
||
|
1A07CB13000
|
heap
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
2EC7000
|
heap
|
page read and write
|
||
|
CD14000
|
direct allocation
|
page read and write
|
||
|
7850000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F63000
|
direct allocation
|
page read and write
|
||
|
DB87000
|
direct allocation
|
page read and write
|
||
|
D9E9000
|
direct allocation
|
page read and write
|
||
|
A8AC000
|
direct allocation
|
page read and write
|
||
|
1A07E218000
|
trusted library allocation
|
page read and write
|
||
|
B142000
|
direct allocation
|
page read and write
|
||
|
AC64000
|
direct allocation
|
page read and write
|
||
|
DC0C000
|
direct allocation
|
page read and write
|
||
|
1A07CA96000
|
heap
|
page read and write
|
||
|
5D49000
|
trusted library allocation
|
page read and write
|
||
|
48A8000
|
trusted library allocation
|
page read and write
|
||
|
991DD7E000
|
unkown
|
page readonly
|
||
|
A35F000
|
direct allocation
|
page read and write
|
||
|
B1F0000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
EB5000
|
unkown
|
page readonly
|
||
|
7720000
|
trusted library allocation
|
page read and write
|
||
|
A38D000
|
direct allocation
|
page read and write
|
||
|
A92C000
|
direct allocation
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
2716C188000
|
heap
|
page read and write
|
||
|
4FE2000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
1A07D200000
|
heap
|
page read and write
|
||
|
9FA4000
|
direct allocation
|
page read and write
|
||
|
7490000
|
heap
|
page execute and read and write
|
||
|
6CCE000
|
unkown
|
page readonly
|
||
|
4D21000
|
trusted library allocation
|
page read and write
|
||
|
AAFC000
|
direct allocation
|
page read and write
|
||
|
1A07E215000
|
trusted library allocation
|
page read and write
|
||
|
AFA1000
|
direct allocation
|
page read and write
|
||
|
A894000
|
direct allocation
|
page read and write
|
||
|
A887000
|
direct allocation
|
page read and write
|
||
|
1A07DEA0000
|
trusted library allocation
|
page read and write
|
||
|
A057000
|
direct allocation
|
page read and write
|
||
|
A8B2000
|
direct allocation
|
page read and write
|
||
|
991E07E000
|
unkown
|
page readonly
|
||
|
1A07D302000
|
heap
|
page read and write
|
||
|
1A07D501000
|
trusted library allocation
|
page read and write
|
||
|
D9E5000
|
direct allocation
|
page read and write
|
||
|
A92F000
|
direct allocation
|
page read and write
|
||
|
D7F2000
|
direct allocation
|
page read and write
|
||
|
D2FF000
|
direct allocation
|
page read and write
|
||
|
1A07D990000
|
trusted library section
|
page readonly
|
||
|
493E000
|
stack
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
1A07DF20000
|
trusted library allocation
|
page read and write
|
||
|
B0C8000
|
direct allocation
|
page read and write
|
||
|
EB3000
|
unkown
|
page write copy
|
||
|
D77F000
|
direct allocation
|
page read and write
|
||
|
A012000
|
direct allocation
|
page read and write
|
||
|
8190000
|
direct allocation
|
page read and write
|
||
|
9FA8000
|
direct allocation
|
page read and write
|
||
|
8862000
|
heap
|
page read and write
|
||
|
8410000
|
heap
|
page read and write
|
||
|
A8C2000
|
direct allocation
|
page read and write
|
||
|
DC71000
|
direct allocation
|
page read and write
|
||
|
9FA2000
|
direct allocation
|
page read and write
|
||
|
6E6E000
|
stack
|
page read and write
|
||
|
EB7000
|
unkown
|
page readonly
|
||
|
A48D000
|
direct allocation
|
page read and write
|
||
|
9FDC000
|
direct allocation
|
page read and write
|
||
|
1A07CA78000
|
heap
|
page read and write
|
||
|
D8F3000
|
direct allocation
|
page read and write
|
||
|
1A07E054000
|
heap
|
page read and write
|
||
|
EAE000
|
unkown
|
page write copy
|
||
|
B250000
|
direct allocation
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page read and write
|
||
|
A185000
|
direct allocation
|
page read and write
|
||
|
A929000
|
direct allocation
|
page read and write
|
||
|
AD63000
|
direct allocation
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
2716C380000
|
heap
|
page read and write
|
||
|
2716C360000
|
heap
|
page read and write
|
||
|
A017000
|
direct allocation
|
page read and write
|
||
|
48D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49BC000
|
stack
|
page read and write
|
||
|
49D0000
|
heap
|
page read and write
|
||
|
9FF8000
|
direct allocation
|
page read and write
|
||
|
D260000
|
direct allocation
|
page read and write
|
||
|
AF8F000
|
direct allocation
|
page read and write
|
||
|
1A07DF30000
|
trusted library allocation
|
page read and write
|
||
|
AA1A000
|
direct allocation
|
page read and write
|
||
|
2716C4A0000
|
heap
|
page read and write
|
||
|
D317000
|
direct allocation
|
page read and write
|
||
|
B10A000
|
direct allocation
|
page read and write
|
||
|
9FDE000
|
direct allocation
|
page read and write
|
||
|
1A07F000000
|
heap
|
page read and write
|
||
|
CF6F000
|
direct allocation
|
page read and write
|
||
|
991E97E000
|
unkown
|
page readonly
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
AFE7000
|
direct allocation
|
page read and write
|
||
|
B025000
|
direct allocation
|
page read and write
|
||
|
3C42AFE000
|
stack
|
page read and write
|
||
|
ABBB000
|
direct allocation
|
page read and write
|
||
|
A29B000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
991E87E000
|
stack
|
page read and write
|
||
|
D1FC000
|
direct allocation
|
page read and write
|
||
|
B00C000
|
direct allocation
|
page read and write
|
||
|
D93E000
|
direct allocation
|
page read and write
|
||
|
A2C4000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
715B000
|
stack
|
page read and write
|
||
|
F97000
|
unkown
|
page readonly
|
||
|
AE16000
|
direct allocation
|
page read and write
|
||
|
3C427FE000
|
stack
|
page read and write
|
||
|
5D8C000
|
trusted library allocation
|
page read and write
|
||
|
991EBFE000
|
stack
|
page read and write
|
||
|
870DAFB000
|
stack
|
page read and write
|
||
|
9DF0000
|
direct allocation
|
page read and write
|
||
|
1A07CA27000
|
heap
|
page read and write
|
||
|
A3FE000
|
direct allocation
|
page read and write
|
||
|
C788000
|
direct allocation
|
page read and write
|
||
|
CDD4000
|
direct allocation
|
page read and write
|
||
|
991EE7C000
|
stack
|
page read and write
|
||
|
7598000
|
heap
|
page read and write
|
||
|
A0D6000
|
direct allocation
|
page read and write
|
||
|
4E78000
|
unkown
|
page readonly
|
||
|
1A07E0D2000
|
heap
|
page read and write
|
||
|
A3B7000
|
direct allocation
|
page read and write
|
||
|
A621000
|
direct allocation
|
page read and write
|
||
|
A16D000
|
direct allocation
|
page read and write
|
||
|
A30B000
|
direct allocation
|
page read and write
|
||
|
A514000
|
direct allocation
|
page read and write
|
||
|
4E78000
|
unkown
|
page readonly
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
D825000
|
direct allocation
|
page read and write
|
||
|
1A07DF10000
|
trusted library allocation
|
page read and write
|
||
|
74B0000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
1A07C970000
|
heap
|
page read and write
|
||
|
C667000
|
direct allocation
|
page read and write
|
||
|
48E0000
|
heap
|
page execute and read and write
|
||
|
1A07E2FF000
|
trusted library allocation
|
page read and write
|
||
|
151000
|
unkown
|
page execute read
|
||
|
1A07D31A000
|
heap
|
page read and write
|
||
|
1A07DF64000
|
trusted library allocation
|
page read and write
|
||
|
A4EA000
|
direct allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
1A07D1C1000
|
trusted library allocation
|
page read and write
|
||
|
3C428FE000
|
stack
|
page read and write
|
||
|
9E0B000
|
direct allocation
|
page read and write
|
||
|
1A07E2C2000
|
trusted library allocation
|
page read and write
|
||
|
A7F0000
|
direct allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
D1F1000
|
direct allocation
|
page read and write
|
||
|
E78000
|
unkown
|
page write copy
|
||
|
AFAB000
|
direct allocation
|
page read and write
|
||
|
A927000
|
direct allocation
|
page read and write
|
||
|
1A000000000
|
trusted library allocation
|
page read and write
|
||
|
B036000
|
direct allocation
|
page read and write
|
||
|
B9E8000
|
direct allocation
|
page read and write
|
||
|
CDCD000
|
direct allocation
|
page read and write
|
||
|
1A07E2C0000
|
remote allocation
|
page read and write
|
||
|
1A07E200000
|
trusted library allocation
|
page read and write
|
||
|
CDBD000
|
direct allocation
|
page read and write
|
||
|
1A07E24D000
|
trusted library allocation
|
page read and write
|
||
|
1A07E208000
|
trusted library allocation
|
page read and write
|
||
|
8340000
|
trusted library allocation
|
page read and write
|
||
|
A181000
|
direct allocation
|
page read and write
|
||
|
D8D6000
|
direct allocation
|
page read and write
|
||
|
4FF8000
|
trusted library allocation
|
page read and write
|
||
|
B268000
|
direct allocation
|
page read and write
|
||
|
C767000
|
direct allocation
|
page read and write
|
||
|
5343000
|
trusted library allocation
|
page read and write
|
||
|
3099000
|
trusted library allocation
|
page read and write
|
||
|
9F99000
|
direct allocation
|
page read and write
|
||
|
2716C1B6000
|
heap
|
page read and write
|
||
|
2F03000
|
heap
|
page read and write
|
||
|
A311000
|
direct allocation
|
page read and write
|
||
|
229939A0000
|
heap
|
page read and write
|
||
|
ABE3000
|
direct allocation
|
page read and write
|
||
|
2E79000
|
heap
|
page read and write
|
||
|
1A07D30C000
|
heap
|
page read and write
|
||
|
9DF0000
|
direct allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
D6D6000
|
direct allocation
|
page read and write
|
||
|
1A07CA1E000
|
heap
|
page read and write
|
||
|
A33A000
|
direct allocation
|
page read and write
|
||
|
A8B5000
|
direct allocation
|
page read and write
|
||
|
AAE4000
|
direct allocation
|
page read and write
|
||
|
A376000
|
direct allocation
|
page read and write
|
||
|
B08B000
|
direct allocation
|
page read and write
|
||
|
991DB7E000
|
unkown
|
page readonly
|
||
|
9FC4000
|
direct allocation
|
page read and write
|
||
|
A4FB000
|
direct allocation
|
page read and write
|
||
|
AF88000
|
direct allocation
|
page read and write
|
||
|
991E37E000
|
unkown
|
page readonly
|
||
|
DBFB000
|
direct allocation
|
page read and write
|
||
|
78A0000
|
trusted library allocation
|
page read and write
|
||
|
1A07E05C000
|
heap
|
page read and write
|
||
|
151000
|
unkown
|
page execute read
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
D995000
|
direct allocation
|
page read and write
|
||
|
1A07E26F000
|
trusted library allocation
|
page read and write
|
||
|
2E6D000
|
heap
|
page read and write
|
||
|
DA31000
|
direct allocation
|
page read and write
|
||
|
D947000
|
direct allocation
|
page read and write
|
||
|
991E0FE000
|
stack
|
page read and write
|
||
|
A89A000
|
direct allocation
|
page read and write
|
||
|
1A07E02C000
|
heap
|
page read and write
|
||
|
711D000
|
stack
|
page read and write
|
||
|
AF9F000
|
direct allocation
|
page read and write
|
||
|
2716DE00000
|
heap
|
page read and write
|
||
|
D0E5000
|
direct allocation
|
page read and write
|
||
|
AAC0000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
BB0B000
|
direct allocation
|
page read and write
|
||
|
870D7FE000
|
stack
|
page read and write
|
||
|
1A07D313000
|
heap
|
page read and write
|
||
|
7536000
|
heap
|
page read and write
|
||
|
A003000
|
direct allocation
|
page read and write
|
||
|
991E17E000
|
unkown
|
page readonly
|
||
|
A70E000
|
direct allocation
|
page read and write
|
||
|
991EF7E000
|
unkown
|
page readonly
|
||
|
5423000
|
trusted library allocation
|
page read and write
|
||
|
991E27E000
|
unkown
|
page readonly
|
||
|
DB8B000
|
direct allocation
|
page read and write
|
||
|
2D25000
|
heap
|
page read and write
|
||
|
991D677000
|
stack
|
page read and write
|
||
|
735E000
|
stack
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
870D4FD000
|
stack
|
page read and write
|
||
|
1A07DF30000
|
trusted library allocation
|
page read and write
|
||
|
3C426FA000
|
stack
|
page read and write
|
||
|
870D8FD000
|
stack
|
page read and write
|
||
|
9FAC000
|
direct allocation
|
page read and write
|
||
|
D892000
|
direct allocation
|
page read and write
|
||
|
AB8C000
|
direct allocation
|
page read and write
|
||
|
870D6F8000
|
stack
|
page read and write
|
||
|
1A07D215000
|
heap
|
page read and write
|
||
|
753D000
|
heap
|
page read and write
|
||
|
C67F000
|
direct allocation
|
page read and write
|
||
|
7860000
|
trusted library allocation
|
page read and write
|
||
|
991DC79000
|
stack
|
page read and write
|
||
|
151000
|
unkown
|
page execute read
|
||
|
A0C5000
|
direct allocation
|
page read and write
|
||
|
229939D0000
|
heap
|
page read and write
|
||
|
A962000
|
direct allocation
|
page read and write
|
||
|
8310000
|
heap
|
page read and write
|
||
|
74B5000
|
heap
|
page read and write
|
||
|
F97000
|
unkown
|
page readonly
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
DA26000
|
direct allocation
|
page read and write
|
||
|
A366000
|
direct allocation
|
page read and write
|
||
|
D838000
|
direct allocation
|
page read and write
|
||
|
1A07D31A000
|
heap
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
991DFFE000
|
stack
|
page read and write
|
||
|
A1C6000
|
direct allocation
|
page read and write
|
||
|
D945000
|
direct allocation
|
page read and write
|
||
|
991EA7E000
|
unkown
|
page readonly
|
||
|
9FB1000
|
direct allocation
|
page read and write
|
||
|
A960000
|
direct allocation
|
page read and write
|
||
|
B84E000
|
direct allocation
|
page read and write
|
||
|
991D1FD000
|
stack
|
page read and write
|
||
|
A889000
|
direct allocation
|
page read and write
|
||
|
A170000
|
direct allocation
|
page read and write
|
||
|
6F7D000
|
stack
|
page read and write
|
||
|
A010000
|
direct allocation
|
page read and write
|
||
|
D1CD000
|
direct allocation
|
page read and write
|
||
|
D992000
|
direct allocation
|
page read and write
|
||
|
2C97000
|
stack
|
page read and write
|
||
|
6EEE000
|
stack
|
page read and write
|
||
|
DBBD000
|
direct allocation
|
page read and write
|
||
|
C793000
|
direct allocation
|
page read and write
|
||
|
B102000
|
direct allocation
|
page read and write
|
||
|
AA22000
|
direct allocation
|
page read and write
|
||
|
1A07E2A3000
|
trusted library allocation
|
page read and write
|
||
|
151000
|
unkown
|
page execute read
|
||
|
A147000
|
direct allocation
|
page read and write
|
||
|
D958000
|
direct allocation
|
page read and write
|
||
|
A2CF000
|
direct allocation
|
page read and write
|
||
|
5D29000
|
trusted library allocation
|
page read and write
|
||
|
1A07CA7D000
|
heap
|
page read and write
|
||
|
229939B0000
|
heap
|
page read and write
|
||
|
A964000
|
direct allocation
|
page read and write
|
||
|
A247000
|
direct allocation
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
2F0C000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
5416000
|
trusted library allocation
|
page read and write
|
||
|
DA08000
|
direct allocation
|
page read and write
|
||
|
D1DD000
|
direct allocation
|
page read and write
|
||
|
AF65000
|
direct allocation
|
page read and write
|
||
|
A91C000
|
direct allocation
|
page read and write
|
||
|
7870000
|
trusted library allocation
|
page read and write
|
||
|
879E000
|
stack
|
page read and write
|
||
|
1A07CAA1000
|
heap
|
page read and write
|
||
|
3083000
|
trusted library allocation
|
page execute and read and write
|
||
|
5386000
|
trusted library allocation
|
page read and write
|
||
|
782D000
|
stack
|
page read and write
|
||
|
DB3D000
|
direct allocation
|
page read and write
|
||
|
8350000
|
trusted library allocation
|
page read and write
|
||
|
A690000
|
direct allocation
|
page read and write
|
||
|
8071000
|
heap
|
page read and write
|
||
|
A87C000
|
direct allocation
|
page read and write
|
||
|
A18A000
|
direct allocation
|
page read and write
|
||
|
77AF000
|
stack
|
page read and write
|
||
|
C800000
|
direct allocation
|
page read and write
|
||
|
991F27A000
|
stack
|
page read and write
|
||
|
B0CF000
|
direct allocation
|
page read and write
|
||
|
CD28000
|
direct allocation
|
page read and write
|
||
|
A9E0000
|
direct allocation
|
page read and write
|
||
|
76C7000
|
trusted library allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
49C0000
|
trusted library allocation
|
page read and write
|
||
|
A21C000
|
direct allocation
|
page read and write
|
||
|
B9C2000
|
direct allocation
|
page read and write
|
||
|
A2B2000
|
direct allocation
|
page read and write
|
||
|
A89F000
|
direct allocation
|
page read and write
|
||
|
B9FA000
|
direct allocation
|
page read and write
|
||
|
AD08000
|
direct allocation
|
page read and write
|
||
|
1A07CA00000
|
heap
|
page read and write
|
||
|
991E9FE000
|
stack
|
page read and write
|
||
|
7A00000
|
unkown
|
page readonly
|
||
|
1A07D840000
|
trusted library allocation
|
page read and write
|
||
|
A3BF000
|
direct allocation
|
page read and write
|
||
|
991F07E000
|
stack
|
page read and write
|
||
|
ADE4000
|
direct allocation
|
page read and write
|
||
|
ACD9000
|
direct allocation
|
page read and write
|
||
|
1A07E0C8000
|
heap
|
page read and write
|
||
|
1A07C9B0000
|
trusted library section
|
page read and write
|
||
|
A879000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
A868000
|
direct allocation
|
page read and write
|
||
|
719D000
|
stack
|
page read and write
|
||
|
DBF0000
|
direct allocation
|
page read and write
|
||
|
A2F6000
|
direct allocation
|
page read and write
|
||
|
B093000
|
direct allocation
|
page read and write
|
||
|
A378000
|
direct allocation
|
page read and write
|
||
|
AB7E000
|
direct allocation
|
page read and write
|
||
|
3C42DFE000
|
stack
|
page read and write
|
||
|
70BA000
|
stack
|
page read and write
|
||
|
50A6000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
trusted library allocation
|
page read and write
|
||
|
1A07E0F6000
|
heap
|
page read and write
|
||
|
A892000
|
direct allocation
|
page read and write
|
||
|
A2CD000
|
direct allocation
|
page read and write
|
||
|
9F72000
|
direct allocation
|
page read and write
|
||
|
D06B000
|
direct allocation
|
page read and write
|
||
|
1A07DF50000
|
trusted library allocation
|
page read and write
|
||
|
5439000
|
trusted library allocation
|
page read and write
|
||
|
1A07E2F4000
|
trusted library allocation
|
page read and write
|
||
|
22993970000
|
heap
|
page read and write
|
||
|
48C0000
|
heap
|
page execute and read and write
|
||
|
1A07E28E000
|
trusted library allocation
|
page read and write
|
||
|
CF6C000
|
direct allocation
|
page read and write
|
||
|
CEC1000
|
direct allocation
|
page read and write
|
||
|
1A07DF32000
|
trusted library allocation
|
page read and write
|
||
|
AB9F000
|
direct allocation
|
page read and write
|
||
|
A95D000
|
direct allocation
|
page read and write
|
||
|
D1EB000
|
direct allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
1A07D980000
|
trusted library section
|
page readonly
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
DAB9000
|
direct allocation
|
page read and write
|
||
|
991F97E000
|
unkown
|
page readonly
|
||
|
2C5C000
|
stack
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
ACED000
|
direct allocation
|
page read and write
|
||
|
E78000
|
unkown
|
page write copy
|
||
|
D729000
|
direct allocation
|
page read and write
|
||
|
B4DF000
|
direct allocation
|
page read and write
|
||
|
991D0FB000
|
stack
|
page read and write
|
||
|
AF15000
|
direct allocation
|
page read and write
|
||
|
1A07E04E000
|
heap
|
page read and write
|
||
|
9F9B000
|
direct allocation
|
page read and write
|
||
|
229939D9000
|
heap
|
page read and write
|
||
|
1A07DF20000
|
trusted library allocation
|
page read and write
|
||
|
AD95000
|
direct allocation
|
page read and write
|
||
|
1A07E2A0000
|
trusted library allocation
|
page read and write
|
||
|
A88F000
|
direct allocation
|
page read and write
|
||
|
D2F6000
|
direct allocation
|
page read and write
|
||
|
B077000
|
direct allocation
|
page read and write
|
||
|
A1ED000
|
direct allocation
|
page read and write
|
||
|
A8C0000
|
direct allocation
|
page read and write
|
||
|
750F000
|
heap
|
page read and write
|
||
|
A015000
|
direct allocation
|
page read and write
|
||
|
6CCB000
|
unkown
|
page readonly
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
D830000
|
direct allocation
|
page read and write
|
||
|
1A07E0FB000
|
heap
|
page read and write
|
||
|
1A07CAFF000
|
heap
|
page read and write
|
||
|
DA2C000
|
direct allocation
|
page read and write
|
||
|
991D97E000
|
unkown
|
page readonly
|
||
|
B070000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
A9F5000
|
direct allocation
|
page read and write
|
||
|
1A07E061000
|
heap
|
page read and write
|
||
|
74DB000
|
heap
|
page read and write
|
||
|
1A07DF50000
|
trusted library allocation
|
page read and write
|
||
|
5407000
|
trusted library allocation
|
page read and write
|
||
|
AEE3000
|
direct allocation
|
page read and write
|
||
|
DA9C000
|
direct allocation
|
page read and write
|
||
|
6CCC000
|
unkown
|
page write copy
|
||
|
72EB000
|
unkown
|
page execute read
|
||
|
8450000
|
trusted library allocation
|
page read and write
|
||
|
4FCB000
|
trusted library allocation
|
page read and write
|
||
|
D943000
|
direct allocation
|
page read and write
|
||
|
9F97000
|
direct allocation
|
page read and write
|
||
|
BB47000
|
direct allocation
|
page read and write
|
||
|
1A07E041000
|
heap
|
page read and write
|
||
|
E6E000
|
unkown
|
page execute read
|
||
|
A7B6000
|
direct allocation
|
page read and write
|
||
|
3084000
|
trusted library allocation
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
C7E2000
|
direct allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
D834000
|
direct allocation
|
page read and write
|
||
|
1A07C960000
|
heap
|
page read and write
|
||
|
8ADC000
|
stack
|
page read and write
|
||
|
991F5FF000
|
stack
|
page read and write
|
||
|
1A07E2E5000
|
trusted library allocation
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
9FE1000
|
direct allocation
|
page read and write
|
||
|
6D5E000
|
stack
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
8071000
|
heap
|
page read and write
|
||
|
1A07E2FC000
|
trusted library allocation
|
page read and write
|
||
|
74A7000
|
trusted library allocation
|
page read and write
|
||
|
A5C5000
|
direct allocation
|
page read and write
|
||
|
CDB4000
|
direct allocation
|
page read and write
|
||
|
A3AA000
|
direct allocation
|
page read and write
|
||
|
D288000
|
direct allocation
|
page read and write
|
||
|
B0F4000
|
direct allocation
|
page read and write
|
||
|
991ED7E000
|
unkown
|
page readonly
|
||
|
991EB7E000
|
stack
|
page read and write
|
||
|
CCE7000
|
direct allocation
|
page read and write
|
||
|
D0C9000
|
direct allocation
|
page read and write
|
||
|
A71F000
|
direct allocation
|
page read and write
|
||
|
1A07E0C6000
|
heap
|
page read and write
|
||
|
D105000
|
direct allocation
|
page read and write
|
||
|
8460000
|
trusted library allocation
|
page read and write
|
||
|
871E000
|
stack
|
page read and write
|
||
|
991ECFE000
|
unkown
|
page readonly
|
||
|
AB16000
|
direct allocation
|
page read and write
|
||
|
A80B000
|
direct allocation
|
page read and write
|
||
|
A2DC000
|
direct allocation
|
page read and write
|
||
|
9FCF000
|
direct allocation
|
page read and write
|
||
|
6CCE000
|
unkown
|
page readonly
|
||
|
AA60000
|
direct allocation
|
page read and write
|
||
|
1A07CA5B000
|
heap
|
page read and write
|
||
|
1A07DF31000
|
trusted library allocation
|
page read and write
|
||
|
1A07E2C0000
|
remote allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
1A07E0A2000
|
heap
|
page read and write
|
||
|
AA69000
|
direct allocation
|
page read and write
|
||
|
1A07DF00000
|
trusted library allocation
|
page read and write
|
||
|
A422000
|
direct allocation
|
page read and write
|
||
|
991F37E000
|
unkown
|
page readonly
|
||
|
A659000
|
direct allocation
|
page read and write
|
||
|
991DF7E000
|
unkown
|
page readonly
|
||
|
A91E000
|
direct allocation
|
page read and write
|
||
|
9FF6000
|
direct allocation
|
page read and write
|
||
|
C72E000
|
direct allocation
|
page read and write
|
||
|
1A07E0F2000
|
heap
|
page read and write
|
||
|
3C42CFF000
|
stack
|
page read and write
|
||
|
1A07D300000
|
heap
|
page read and write
|
||
|
229939A5000
|
heap
|
page read and write
|
||
|
1A07E111000
|
heap
|
page read and write
|
||
|
A881000
|
direct allocation
|
page read and write
|
||
|
D1EF000
|
direct allocation
|
page read and write
|
||
|
870D5FE000
|
stack
|
page read and write
|
||
|
72EB000
|
unkown
|
page execute read
|
||
|
9F1A000
|
direct allocation
|
page read and write
|
||
|
7840000
|
trusted library allocation
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
B120000
|
direct allocation
|
page read and write
|
||
|
71DB000
|
stack
|
page read and write
|
||
|
1A07E2F1000
|
trusted library allocation
|
page read and write
|
||
|
1A07D35A000
|
heap
|
page read and write
|
||
|
870D3FF000
|
stack
|
page read and write
|
||
|
A151000
|
direct allocation
|
page read and write
|
||
|
A06E000
|
direct allocation
|
page read and write
|
||
|
9F27000
|
direct allocation
|
page read and write
|
||
|
7553000
|
heap
|
page read and write
|
||
|
1A07CA8F000
|
heap
|
page read and write
|
||
|
776E000
|
stack
|
page read and write
|
||
|
AA9D000
|
direct allocation
|
page read and write
|
||
|
1A07E11B000
|
heap
|
page read and write
|
||
|
72EB000
|
unkown
|
page execute read
|
||
|
1A07E260000
|
trusted library allocation
|
page read and write
|
||
|
B98D000
|
direct allocation
|
page read and write
|
||
|
E6E000
|
unkown
|
page execute read
|
||
|
1A07E264000
|
trusted library allocation
|
page read and write
|
||
|
A9EA000
|
direct allocation
|
page read and write
|
||
|
D2EA000
|
direct allocation
|
page read and write
|
||
|
1A07DFF0000
|
trusted library allocation
|
page read and write
|
||
|
8A9C000
|
stack
|
page read and write
|
||
|
A112000
|
direct allocation
|
page read and write
|
||
|
9FA6000
|
direct allocation
|
page read and write
|
||
|
9FFB000
|
direct allocation
|
page read and write
|
||
|
EB7000
|
unkown
|
page readonly
|
||
|
991E1FE000
|
stack
|
page read and write
|
||
|
A2E3000
|
direct allocation
|
page read and write
|
||
|
4D7B000
|
trusted library allocation
|
page read and write
|
||
|
1A07CA13000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
1A07CA73000
|
heap
|
page read and write
|
||
|
48E5000
|
heap
|
page execute and read and write
|
||
|
731E000
|
stack
|
page read and write
|
||
|
A153000
|
direct allocation
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page execute and read and write
|
||
|
D940000
|
direct allocation
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
2716C4A5000
|
heap
|
page read and write
|
||
|
EAE000
|
unkown
|
page write copy
|
||
|
707E000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
991E47C000
|
stack
|
page read and write
|
||
|
1A07D950000
|
trusted library section
|
page readonly
|
||
|
1A07E2BA000
|
trusted library allocation
|
page read and write
|
||
|
870CF5A000
|
stack
|
page read and write
|
||
|
D7F6000
|
direct allocation
|
page read and write
|
||
|
A42D000
|
direct allocation
|
page read and write
|
||
|
A21A000
|
direct allocation
|
page read and write
|
||
|
D94A000
|
direct allocation
|
page read and write
|
||
|
A3D5000
|
direct allocation
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
1A07E0E6000
|
heap
|
page read and write
|
||
|
A3F2000
|
direct allocation
|
page read and write
|
||
|
A5E9000
|
direct allocation
|
page read and write
|
||
|
C81E000
|
direct allocation
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
A20D000
|
direct allocation
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
1A07E10E000
|
heap
|
page read and write
|
||
|
991E6FE000
|
stack
|
page read and write
|
||
|
A0EB000
|
direct allocation
|
page read and write
|
||
|
22993890000
|
heap
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
A13A000
|
direct allocation
|
page read and write
|
||
|
A0F3000
|
direct allocation
|
page read and write
|
||
|
2F2E000
|
heap
|
page read and write
|
||
|
9FC8000
|
direct allocation
|
page read and write
|
||
|
A884000
|
direct allocation
|
page read and write
|
||
|
6DAE000
|
stack
|
page read and write
|
||
|
50C6000
|
trusted library allocation
|
page read and write
|
||
|
A0D4000
|
direct allocation
|
page read and write
|
||
|
EB7000
|
unkown
|
page readonly
|
||
|
A88C000
|
direct allocation
|
page read and write
|
||
|
AFBF000
|
direct allocation
|
page read and write
|
||
|
B118000
|
direct allocation
|
page read and write
|
||
|
1A07CA43000
|
heap
|
page read and write
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
9FCD000
|
direct allocation
|
page read and write
|
||
|
991F57E000
|
unkown
|
page readonly
|
||
|
D2B2000
|
direct allocation
|
page read and write
|
||
|
75A5000
|
heap
|
page read and write
|
||
|
1A07E10A000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page read and write
|
||
|
991F47D000
|
stack
|
page read and write
|
||
|
6CCC000
|
unkown
|
page write copy
|
||
|
8060000
|
direct allocation
|
page read and write
|
||
|
CF62000
|
direct allocation
|
page read and write
|
||
|
755E000
|
heap
|
page read and write
|
||
|
A396000
|
direct allocation
|
page read and write
|
||
|
CD24000
|
direct allocation
|
page read and write
|
||
|
D111000
|
direct allocation
|
page read and write
|
||
|
A7B4000
|
direct allocation
|
page read and write
|
||
|
991F17E000
|
unkown
|
page readonly
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
81B7000
|
direct allocation
|
page read and write
|
||
|
A79A000
|
direct allocation
|
page read and write
|
||
|
5427000
|
trusted library allocation
|
page read and write
|
||
|
D98E000
|
direct allocation
|
page read and write
|
||
|
1A07E102000
|
heap
|
page read and write
|
||
|
1A07E250000
|
trusted library allocation
|
page read and write
|
||
|
AABC000
|
direct allocation
|
page read and write
|
||
|
A188000
|
direct allocation
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
1A07DF60000
|
trusted library allocation
|
page read and write
|
||
|
AC96000
|
direct allocation
|
page read and write
|
||
|
F97000
|
unkown
|
page readonly
|
||
|
1A07D940000
|
trusted library section
|
page readonly
|
||
|
1A07E256000
|
trusted library allocation
|
page read and write
|
||
|
1A07E100000
|
heap
|
page read and write
|
||
|
72DE000
|
stack
|
page read and write
|
||
|
D25E000
|
direct allocation
|
page read and write
|
||
|
6CCB000
|
unkown
|
page readonly
|
||
|
30B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
E6E000
|
unkown
|
page execute read
|
||
|
754F000
|
heap
|
page read and write
|
||
|
CF69000
|
direct allocation
|
page read and write
|
||
|
1A07E000000
|
heap
|
page read and write
|
||
|
ACCC000
|
direct allocation
|
page read and write
|
||
|
75C1000
|
heap
|
page read and write
|
||
|
1A07E272000
|
trusted library allocation
|
page read and write
|
||
|
2716C4AE000
|
heap
|
page read and write
|
||
|
A4A7000
|
direct allocation
|
page read and write
|
||
|
F97000
|
unkown
|
page readonly
|
||
|
1A07E31A000
|
trusted library allocation
|
page read and write
|
||
|
870D9FF000
|
stack
|
page read and write
|
||
|
83E0000
|
heap
|
page read and write
|
||
|
A382000
|
direct allocation
|
page read and write
|
||
|
150000
|
unkown
|
page readonly
|
||
|
CF65000
|
direct allocation
|
page read and write
|
||
|
870D2FE000
|
stack
|
page read and write
|
||
|
D2FC000
|
direct allocation
|
page read and write
|
||
|
1A07DFF0000
|
trusted library allocation
|
page read and write
|
||
|
2716C1E3000
|
heap
|
page read and write
|
||
|
5D21000
|
trusted library allocation
|
page read and write
|
||
|
6CCC000
|
unkown
|
page write copy
|
||
|
76D0000
|
trusted library allocation
|
page read and write
|
||
|
5068000
|
trusted library allocation
|
page read and write
|
||
|
7A84000
|
heap
|
page read and write
|
||
|
3C429FD000
|
stack
|
page read and write
|
There are 825 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://www.google.com.br/
|
||
|
https://www.google.com.br/
|
||
|
https://www.google.com.br/
|
||
|
https://ogs.google.com.br/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com.br&cn=callout&pid=1&spid=538&hl=en
|
||
|
https://ogs.google.com.br/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com.br&cn=callout&pid=1&spid=538&hl=en
|
||
|
https://ogs.google.com.br/widget/callout?prid=19037050&pgid=19037049&puid=9ceb59a7585b55bd&cce=1&dc=1&origin=https%3A%2F%2Fwww.google.com.br&cn=callout&pid=1&spid=538&hl=en
|
||
|
https://ogs.google.com.br/widget/app/so?awwd=1&gm3=1&origin=https%3A%2F%2Fwww.google.com.br&cn=app&pid=1&spid=538&hl=en
|
||
|
https://ogs.google.com.br/widget/app/so?awwd=1&gm3=1&origin=https%3A%2F%2Fwww.google.com.br&cn=app&pid=1&spid=538&hl=en
|
||
|
https://ogs.google.com.br/widget/app/so?awwd=1&gm3=1&origin=https%3A%2F%2Fwww.google.com.br&cn=app&pid=1&spid=538&hl=en
|