Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
apt66ext.log.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PIL\_imaging.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PIL\_imagingcms.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PIL\_imagingft.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PIL\_imagingtk.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PIL\_webp.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\QtCore.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\QtGui.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\QtWidgets.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\iconengines\qsvgicon.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qgif.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qicns.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qico.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qjpeg.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qsvg.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qtga.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qtiff.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qwbmp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\imageformats\qwebp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\mediaservice\dsengine.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\mediaservice\qtmedia_audioengine.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\mediaservice\wmfengine.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\platforms\qminimal.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\platforms\qoffscreen.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\platforms\qwebgl.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\platforms\qwindows.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\platformthemes\qxdgdesktopportal.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\printsupport\windowsprintersupport.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\qt-plugins\styles\qwindowsvistastyle.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\PyQt5\sip.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_cffi_backend.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_elementtree.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\_tkinter.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\concrt140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\cv2\cv2.pyd
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libeay32.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libfreetype-6.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libjpeg-9.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libopenblas.WCDJNK7YVMPZQ2ME2ZZHJJRJ3JIKNDB7.gfortran-win_amd64.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libpng16-16.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\msvcp140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\msvcp140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\core\_multiarray_tests.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\core\_multiarray_umath.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\fft\_pocketfft_internal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\linalg\_umath_linalg.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\linalg\lapack_lite.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_bounded_integers.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_common.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_generator.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_mt19937.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_pcg64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_philox.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\_sfc64.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\bit_generator.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\numpy\random\mtrand.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\_freetype.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\base.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\bufferproxy.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\color.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\constants.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\display.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\draw.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\event.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\font.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\image.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\imageext.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\joystick.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\key.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\mask.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\math.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\mixer.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\mixer_music.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\mouse.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\pixelarray.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\pixelcopy.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\rect.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\rwobject.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\scrap.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\surface.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\surflock.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\time.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\pygame\transform.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\python37.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5core.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5dbus.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5gui.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5multimedia.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5network.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5printsupport.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5qml.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5qmlmodels.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5quick.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5svg.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5websockets.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\qt5widgets.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\sdl2.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\sdl2_image.dll
|
PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\sdl2_mixer.dll
|
PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\sdl2_ttf.dll
|
PE32+ executable (DLL) (GUI) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\ssleay32.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\staged_out.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\tcl86t.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\tk86t.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\vcruntime140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\vcruntime140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\zlib1.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 115 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\apt66ext.log.exe
|
"C:\Users\user\Desktop\apt66ext.log.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\onefile_7328_133646283031458294\staged_out.exe
|
"C:\Users\user\Desktop\apt66ext.log.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/joblib/threadpoolctl
|
unknown
|
||
|
https://onnx.ai/)
|
unknown
|
||
|
http://caffe.berkeleyvision.org/)
|
unknown
|
||
|
http://www.scipy.org/not/real/data.txt
|
unknown
|
||
|
https://docs.scipy.org/doc/numpy/user/basics.io.genfromtxt.html
|
unknown
|
||
|
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/JUMP/
|
unknown
|
||
|
https://docs.python.org/library/string.html#format-specification-mini-language
|
unknown
|
||
|
http://torch.ch/)
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/19634cv::mjpeg::MjpegEncoder::MjpegEncodercv::mjpeg::MotionJ
|
unknown
|
||
|
https://web.archive.org/web/20090514091424/http://brighton-webs.co.uk:80/distributions/rayleigh.asp
|
unknown
|
||
|
http://mathworld.wolfram.com/NoncentralF-Distribution.html
|
unknown
|
||
|
http://www.dai.ed.ac.uk/CVonline/LOCAL_COPIES/MANDUCHI1/Bilateral_Filtering.html
|
unknown
|
||
|
https://gist.github.com/imneme/540829265469e673d045
|
unknown
|
||
|
https://numpy.org/neps/nep-0032-remove-financial-functions.html
|
unknown
|
||
|
http://docs.python.org/library/unittest.html
|
unknown
|
||
|
https://docs.scipy.org/doc/numpy/reference/c-api.generalized-ufuncs.html
|
unknown
|
||
|
http://www.math.sfu.ca/~cbm/aands/page_69.htm
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/6293
|
unknown
|
||
|
http://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/16739
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/16736
|
unknown
|
||
|
https://www.math.hmc.edu/~benjamin/papers/CombTrig.pdf
|
unknown
|
||
|
http://crl.startssl.com/sfsca.crl0f
|
unknown
|
||
|
https://www.scipy.org
|
unknown
|
||
|
https://github.com/torch/nn/blob/master/doc/module.md
|
unknown
|
||
|
http://mathworld.wolfram.com/LaplaceDistribution.html
|
unknown
|
||
|
http://crl.startssl.com/sca-code3.crl0#
|
unknown
|
||
|
http://www.inf.ufrgs.br/~eslgastal/DomainTransform/).
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/20833
|
unknown
|
||
|
https://github.com/baidut/BIMEF).
|
unknown
|
||
|
https://ipython.org
|
unknown
|
||
|
http://speleotrove.com/decimal/decarith.html
|
unknown
|
||
|
http://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
http://torch.ch
|
unknown
|
||
|
http://www.gdal.org/ogr_formats.html).
|
unknown
|
||
|
https://en.wik
|
unknown
|
||
|
http://arxiv.org/abs/1805.10941.
|
unknown
|
||
|
https://numpy.org/devdocs/user/troubleshooting-importerror.html
|
unknown
|
||
|
https://stackoverflow.com/questions/7648200/pip-install-pil-e-tickets-1-no-jpeg-png-support
|
unknown
|
||
|
https://www.tensorflow.org/)
|
unknown
|
||
|
https://www.itl.nist.gov/div898/handbook/eda/section3/eda3666.htm
|
unknown
|
||
|
https://github.com/python-pillow/Pillow/
|
unknown
|
||
|
http://mathworld.wolfram.com/NegativeBinomialDistribution.html
|
unknown
|
||
|
https://github.com/opencv/opencv_contrib/blob/master/modules/text/samples/OCRHMM_transitions_table.x
|
unknown
|
||
|
http://www.math.sfu.ca/~cbm/aands/
|
unknown
|
||
|
https://www.itl.nist.gov/div898/software/dataplot/refman2/auxillar/powpdf.pdf
|
unknown
|
||
|
http://www.ams.org/journals/mcom/1988-51-184/
|
unknown
|
||
|
https://www.pygame.org/docs/ref/color_list.html
|
unknown
|
||
|
https://www.pygame.org/contribute.html
|
unknown
|
||
|
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
|
unknown
|
||
|
http://www.oasis-open.org/committees/documents.php
|
unknown
|
||
|
http://www.pcg-random.org/posts/developing-a-seed_seq-alternative.html
|
unknown
|
||
|
http://www.startssl.com/policy0
|
unknown
|
||
|
https://people.eecs.berkeley.edu/~wkahan/Mindless.pdf
|
unknown
|
||
|
https://github.com/opencv/opencv_contrib/issues/2235
|
unknown
|
||
|
http://campar.in.tum.de/Chair/HandEyeCalibration).
|
unknown
|
||
|
https://github.com/numpy/numpy/issues/4763
|
unknown
|
||
|
https://web.archive.org/web/20090423014010/http://www.brighton-webs.co.uk:80/distributions/wald.asp
|
unknown
|
||
|
http://mathworld.wolfram.com/CauchyDistribution.html
|
unknown
|
||
|
http://mathworld.wolfram.com/HypergeometricDistribution.html
|
unknown
|
||
|
http://mathworld.wolfram.com/PoissonDistribution.html
|
unknown
|
||
|
http://mathworld.wolfram.com/SincFunction.html
|
unknown
|
||
|
http://www.inf.ufrgs.br/~eslgastal/DomainTransform/).COLOR_SPACE_Lab_D75_2MORPH_CROSSCAP_PROP_DC1394
|
unknown
|
||
|
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.476.5736&rep=rep1&type=pdf
|
unknown
|
||
|
http://graphics.berkeley.edu/papers/Tao-SAN-2012-05/
|
unknown
|
||
|
http://www.zlib.net/D
|
unknown
|
||
|
http://www.startssl.com/0P
|
unknown
|
||
|
http://homepages.inf.ed.ac.uk/rbf/HIPR2/hough.htm
|
unknown
|
||
|
http://schemas.xmlsoap.org/wsdl/
|
unknown
|
||
|
http://www.ifp.illinois.edu/~vuongle2/helen/
|
unknown
|
||
|
https://github.com/NVIDIA/caffe.
|
unknown
|
||
|
https://onnx.ai/
|
unknown
|
||
|
https://software.intel.com/openvino-toolkit)
|
unknown
|
||
|
http://underdestruction.com/2004/02/25/stackblur-2004.
|
unknown
|
||
|
http://caffe.berkeleyvision.org
|
unknown
|
||
|
https://askubuntu.com/questions/697397/python3-is-not-supporting-gtk-module
|
unknown
|
||
|
https://github.com/opencv/opencv_contrib/blob/master/modules/text/samples/webcam_demo.cpp
|
unknown
|
||
|
https://pypi.org/project/numpy-financial.
|
unknown
|
||
|
http://bugs.python.org/issue23606)
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/19634
|
unknown
|
||
|
https://www.numpy.org/neps/nep-0001-npy-format.html
|
unknown
|
||
|
https://engineering.purdue.edu/~malcolm/pct/CTI_Ch03.pdf
|
unknown
|
||
|
http://html4/loose.dtd
|
unknown
|
||
|
http://www.inference.org.uk/mackay/itila/
|
unknown
|
||
|
http://mathworld.wolfram.com/BinomialDistribution.html
|
unknown
|
||
|
https://github.com/opencv/opencv/issues/21326cv::initOpenEXRD:
|
unknown
|
||
|
https://pypi.org/project/numpy-financial/).
|
unknown
|
||
|
https://www.learnopencv.com/convex-hull-using-opencv-in-python-and-c/cornersQualityOOOO
|
unknown
|
||
|
https://github.com/libsdl-org/SDL.git
|
unknown
|
||
|
https://github.com/asweigart/pygetwindow
|
unknown
|
||
|
http://kobesearch.cpan.org/htdocs/Math-Cephes/Math/Cephes.html
|
unknown
|
||
|
http://www.openssl.org/V
|
unknown
|
||
|
https://scipy-cookbook.readthedocs.io/items/Ctypes.html
|
unknown
|
||
|
http://dx.doi.org/10.1016/j.cviu.2010.01.011
|
unknown
|
||
|
http://www.oasis-open.org/committees/documents.php?wg_abbrev=office-formula
|
unknown
|
||
|
https://www.mathworks.com/help/techdoc/ref/rank.html
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
http://www.xyz.edu/data
|
unknown
|
||
|
http://www.cs.tut.fi/~foi/GCF-BM3D/BM3D_TIP_2007.pdf
|
unknown
|
||
|
https://www.tensorflow.org/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
237E8936000
|
heap
|
page read and write
|
||
|
2F6F563E000
|
heap
|
page read and write
|
||
|
2F6F5750000
|
direct allocation
|
page read and write
|
||
|
2F6F5642000
|
heap
|
page read and write
|
||
|
1821000
|
unkown
|
page execute read
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
2F6F55C2000
|
heap
|
page read and write
|
||
|
2F6DAF59000
|
heap
|
page read and write
|
||
|
678A6000
|
unkown
|
page write copy
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
237E558D000
|
heap
|
page read and write
|
||
|
237DFAAC000
|
heap
|
page read and write
|
||
|
237E526D000
|
heap
|
page read and write
|
||
|
2F6F5C52000
|
heap
|
page read and write
|
||
|
67880000
|
unkown
|
page readonly
|
||
|
2F6F5B06000
|
heap
|
page read and write
|
||
|
2F6F55AB000
|
heap
|
page read and write
|
||
|
2F6FE5DA000
|
heap
|
page read and write
|
||
|
29FD000
|
unkown
|
page read and write
|
||
|
237DFAF9000
|
heap
|
page read and write
|
||
|
2F6DD260000
|
direct allocation
|
page read and write
|
||
|
2F6F5A40000
|
heap
|
page read and write
|
||
|
237E7C6A000
|
heap
|
page read and write
|
||
|
1821000
|
unkown
|
page execute read
|
||
|
2F6F5890000
|
direct allocation
|
page read and write
|
||
|
2F6F5D39000
|
heap
|
page read and write
|
||
|
2F6DD460000
|
direct allocation
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
2F6F5566000
|
heap
|
page read and write
|
||
|
2F6DAEA0000
|
heap
|
page read and write
|
||
|
E20000
|
unkown
|
page readonly
|
||
|
7100C000
|
unkown
|
page read and write
|
||
|
2F6FE3B0000
|
direct allocation
|
page read and write
|
||
|
2F6FE450000
|
direct allocation
|
page read and write
|
||
|
2F6F6070000
|
direct allocation
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
237E1330000
|
heap
|
page read and write
|
||
|
2F6DAFB2000
|
heap
|
page read and write
|
||
|
2F6DB610000
|
direct allocation
|
page read and write
|
||
|
2F6DAF4E000
|
heap
|
page read and write
|
||
|
678A7000
|
unkown
|
page readonly
|
||
|
2F6F5AC7000
|
heap
|
page read and write
|
||
|
678A2000
|
unkown
|
page read and write
|
||
|
2F6F563E000
|
heap
|
page read and write
|
||
|
2F6F60D0000
|
direct allocation
|
page read and write
|
||
|
62E9F000
|
unkown
|
page read and write
|
||
|
237E3136000
|
heap
|
page read and write
|
||
|
2F6F5C24000
|
heap
|
page read and write
|
||
|
6A8A5000
|
unkown
|
page write copy
|
||
|
2F6F5AC0000
|
heap
|
page read and write
|
||
|
2F6F5850000
|
direct allocation
|
page read and write
|
||
|
237E6475000
|
heap
|
page read and write
|
||
|
2F6F5A73000
|
heap
|
page read and write
|
||
|
2F6F5E40000
|
direct allocation
|
page read and write
|
||
|
DA256FB000
|
stack
|
page read and write
|
||
|
237E54A9000
|
heap
|
page read and write
|
||
|
2F6FE150000
|
direct allocation
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
2F6FE8E0000
|
direct allocation
|
page read and write
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
2F6F5B1B000
|
heap
|
page read and write
|
||
|
62EA2000
|
unkown
|
page write copy
|
||
|
62E9E000
|
unkown
|
page readonly
|
||
|
7FF67E3D1000
|
unkown
|
page execute read
|
||
|
2F6F55FA000
|
heap
|
page read and write
|
||
|
7FF67D9D0000
|
unkown
|
page readonly
|
||
|
FA4692E000
|
stack
|
page read and write
|
||
|
6AF10000
|
unkown
|
page readonly
|
||
|
2F6DB79A000
|
heap
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
6AF15000
|
unkown
|
page write copy
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
678A1000
|
unkown
|
page readonly
|
||
|
2F6F56EB000
|
heap
|
page read and write
|
||
|
2F6FE400000
|
direct allocation
|
page read and write
|
||
|
2F6DD0E3000
|
heap
|
page read and write
|
||
|
237DFB2C000
|
heap
|
page read and write
|
||
|
2F6F56EA000
|
heap
|
page read and write
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
7FF7613F1000
|
unkown
|
page execute read
|
||
|
6789E000
|
unkown
|
page readonly
|
||
|
6AE81000
|
unkown
|
page execute read
|
||
|
237E53F0000
|
heap
|
page read and write
|
||
|
237DFB27000
|
heap
|
page read and write
|
||
|
237E7C07000
|
heap
|
page read and write
|
||
|
2F6F5EE0000
|
direct allocation
|
page read and write
|
||
|
2F6DB890000
|
direct allocation
|
page read and write
|
||
|
2F6F5642000
|
heap
|
page read and write
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
69A33000
|
unkown
|
page readonly
|
||
|
237E725A000
|
heap
|
page read and write
|
||
|
2F6F563E000
|
heap
|
page read and write
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
2F6FE550000
|
direct allocation
|
page read and write
|
||
|
2F6DD260000
|
direct allocation
|
page read and write
|
||
|
237E52D7000
|
heap
|
page read and write
|
||
|
2F6FE110000
|
direct allocation
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
2221000
|
unkown
|
page execute read
|
||
|
237DF970000
|
heap
|
page read and write
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
2F6DB8D0000
|
direct allocation
|
page read and write
|
||
|
2F6FE760000
|
direct allocation
|
page read and write
|
||
|
2F6DAF56000
|
heap
|
page read and write
|
||
|
68B78000
|
unkown
|
page read and write
|
||
|
2F6DB796000
|
heap
|
page read and write
|
||
|
237DFAF3000
|
heap
|
page read and write
|
||
|
2F6DB79C000
|
heap
|
page read and write
|
||
|
2F6DAF7E000
|
heap
|
page read and write
|
||
|
6AF16000
|
unkown
|
page readonly
|
||
|
237E13F0000
|
heap
|
page read and write
|
||
|
2F6F5D11000
|
heap
|
page read and write
|
||
|
FA4435D000
|
stack
|
page read and write
|
||
|
7100F000
|
unkown
|
page write copy
|
||
|
237E7957000
|
heap
|
page read and write
|
||
|
68B7B000
|
unkown
|
page readonly
|
||
|
237E7C17000
|
heap
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
2F6F560D000
|
heap
|
page read and write
|
||
|
2F6F5C1E000
|
heap
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
237E685A000
|
heap
|
page read and write
|
||
|
2F6F560D000
|
heap
|
page read and write
|
||
|
237DFB19000
|
heap
|
page read and write
|
||
|
2F6F5BFB000
|
heap
|
page read and write
|
||
|
2F6F5E1E000
|
heap
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
2F6DB825000
|
heap
|
page read and write
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
2F6F59C0000
|
direct allocation
|
page read and write
|
||
|
62E81000
|
unkown
|
page execute read
|
||
|
69A01000
|
unkown
|
page execute read
|
||
|
2F6F553E000
|
heap
|
page read and write
|
||
|
E21000
|
unkown
|
page execute read
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
2F6DAFC6000
|
heap
|
page read and write
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
6A89A000
|
unkown
|
page read and write
|
||
|
2F6F5C2A000
|
heap
|
page read and write
|
||
|
2F6F5E05000
|
heap
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
2F6DAED0000
|
heap
|
page read and write
|
||
|
2F6DAF43000
|
heap
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
237E5533000
|
heap
|
page read and write
|
||
|
2F6F5C11000
|
heap
|
page read and write
|
||
|
237E5435000
|
heap
|
page read and write
|
||
|
2F6F5E24000
|
heap
|
page read and write
|
||
|
237E5372000
|
heap
|
page read and write
|
||
|
62E80000
|
unkown
|
page readonly
|
||
|
2F6DAF0B000
|
heap
|
page read and write
|
||
|
7100B000
|
unkown
|
page readonly
|
||
|
2F6DAF1A000
|
heap
|
page read and write
|
||
|
68B41000
|
unkown
|
page execute read
|
||
|
7FF67D9D1000
|
unkown
|
page execute read
|
||
|
2F6FE500000
|
trusted library allocation
|
page read and write
|
||
|
E21000
|
unkown
|
page execute read
|
||
|
7FF67E692000
|
unkown
|
page readonly
|
||
|
2F6F5519000
|
heap
|
page read and write
|
||
|
237E3B36000
|
heap
|
page read and write
|
||
|
2F6F5D02000
|
heap
|
page read and write
|
||
|
237E527D000
|
heap
|
page read and write
|
||
|
2F6F5E05000
|
heap
|
page read and write
|
||
|
2F6DB1A0000
|
direct allocation
|
page read and write
|
||
|
237E4536000
|
heap
|
page read and write
|
||
|
DA255FE000
|
stack
|
page read and write
|
||
|
2F6F5890000
|
direct allocation
|
page read and write
|
||
|
2F6F5D05000
|
heap
|
page read and write
|
||
|
7FF67D9D0000
|
unkown
|
page readonly
|
||
|
67881000
|
unkown
|
page execute read
|
||
|
237E1D36000
|
heap
|
page read and write
|
||
|
7FF7613F0000
|
unkown
|
page readonly
|
||
|
2F6F5BA5000
|
heap
|
page read and write
|
||
|
2F6F5C3F000
|
heap
|
page read and write
|
||
|
2F6F5810000
|
direct allocation
|
page read and write
|
||
|
237DFA90000
|
heap
|
page read and write
|
||
|
2F6F56E7000
|
heap
|
page read and write
|
||
|
7FF67E6C8000
|
unkown
|
page write copy
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
237DFB33000
|
heap
|
page read and write
|
||
|
2F6DAFC4000
|
heap
|
page read and write
|
||
|
2F6FE320000
|
direct allocation
|
page read and write
|
||
|
2F6DB7B4000
|
heap
|
page read and write
|
||
|
237E8921000
|
heap
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
2B79000
|
unkown
|
page readonly
|
||
|
2F6F6110000
|
direct allocation
|
page read and write
|
||
|
2F6F5B1B000
|
heap
|
page read and write
|
||
|
2F6DB120000
|
direct allocation
|
page read and write
|
||
|
2F6DB245000
|
heap
|
page read and write
|
||
|
7FF7613F1000
|
unkown
|
page execute read
|
||
|
2F6FE590000
|
direct allocation
|
page read and write
|
||
|
2F6F55FA000
|
heap
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
DA251B6000
|
stack
|
page read and write
|
||
|
FA44CDE000
|
stack
|
page read and write
|
||
|
2F6DAF80000
|
heap
|
page read and write
|
||
|
67897000
|
unkown
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
2F6F5642000
|
heap
|
page read and write
|
||
|
2F6DAFB5000
|
heap
|
page read and write
|
||
|
2F6F5E80000
|
direct allocation
|
page read and write
|
||
|
2F6FE190000
|
direct allocation
|
page read and write
|
||
|
237E5487000
|
heap
|
page read and write
|
||
|
2F6F5C24000
|
heap
|
page read and write
|
||
|
237E79A5000
|
heap
|
page read and write
|
||
|
2F6F5AC9000
|
heap
|
page read and write
|
||
|
2F6DB87F000
|
heap
|
page read and write
|
||
|
2F6F5642000
|
heap
|
page read and write
|
||
|
62E95000
|
unkown
|
page readonly
|
||
|
2F6F6180000
|
direct allocation
|
page read and write
|
||
|
68B40000
|
unkown
|
page readonly
|
||
|
2F6F5BA4000
|
heap
|
page read and write
|
||
|
2F6F5C00000
|
heap
|
page read and write
|
||
|
FA4729F000
|
stack
|
page read and write
|
||
|
2F6F5E40000
|
direct allocation
|
page read and write
|
||
|
DA254FE000
|
stack
|
page read and write
|
||
|
237E559E000
|
heap
|
page read and write
|
||
|
7FF76141E000
|
unkown
|
page read and write
|
||
|
237E52C6000
|
heap
|
page read and write
|
||
|
2F6F5C08000
|
heap
|
page read and write
|
||
|
2F6F5C27000
|
heap
|
page read and write
|
||
|
2F6DB790000
|
heap
|
page read and write
|
||
|
237E9336000
|
heap
|
page read and write
|
||
|
2F6F55AB000
|
heap
|
page read and write
|
||
|
2F6FE820000
|
direct allocation
|
page read and write
|
||
|
2F6F5790000
|
direct allocation
|
page read and write
|
||
|
237E866A000
|
heap
|
page read and write
|
||
|
2F6DB87F000
|
heap
|
page read and write
|
||
|
2B76000
|
unkown
|
page write copy
|
||
|
71000000
|
unkown
|
page readonly
|
||
|
E21000
|
unkown
|
page execute read
|
||
|
7FF67D9D1000
|
unkown
|
page execute read
|
||
|
68B76000
|
unkown
|
page readonly
|
||
|
237E6482000
|
heap
|
page read and write
|
||
|
237E5F9E000
|
heap
|
page read and write
|
||
|
2F6F5C28000
|
heap
|
page read and write
|
||
|
7FF761423000
|
unkown
|
page read and write
|
||
|
2F6DB1E0000
|
direct allocation
|
page read and write
|
||
|
68B6A000
|
unkown
|
page readonly
|
||
|
2F6DB5D0000
|
direct allocation
|
page read and write
|
||
|
2F6FE940000
|
direct allocation
|
page read and write
|
||
|
2F6F5C20000
|
heap
|
page read and write
|
||
|
237E5497000
|
heap
|
page read and write
|
||
|
2F6FE7E0000
|
direct allocation
|
page read and write
|
||
|
7FF761421000
|
unkown
|
page read and write
|
||
|
6AF12000
|
unkown
|
page read and write
|
||
|
2F6DAF2B000
|
heap
|
page read and write
|
||
|
2F6F55AB000
|
heap
|
page read and write
|
||
|
DA259FB000
|
stack
|
page read and write
|
||
|
2F6DAFC4000
|
heap
|
page read and write
|
||
|
7FF67E737000
|
unkown
|
page readonly
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
2F6F5E40000
|
direct allocation
|
page read and write
|
||
|
6A89B000
|
unkown
|
page readonly
|
||
|
2F6F5D28000
|
heap
|
page read and write
|
||
|
2F6F551A000
|
heap
|
page read and write
|
||
|
237E5423000
|
heap
|
page read and write
|
||
|
2F6DB87F000
|
heap
|
page read and write
|
||
|
2F6F553D000
|
heap
|
page read and write
|
||
|
237DFAE4000
|
heap
|
page read and write
|
||
|
2F6F55FA000
|
heap
|
page read and write
|
||
|
2F6DAF32000
|
heap
|
page read and write
|
||
|
2F6F5A84000
|
heap
|
page read and write
|
||
|
2F6F5FB0000
|
direct allocation
|
page read and write
|
||
|
2F6DB7F3000
|
heap
|
page read and write
|
||
|
2F6DD0F0000
|
direct allocation
|
page read and write
|
||
|
2F6F5C35000
|
heap
|
page read and write
|
||
|
2F6DAF19000
|
heap
|
page read and write
|
||
|
2F6DAF4C000
|
heap
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
237DFA50000
|
heap
|
page read and write
|
||
|
71001000
|
unkown
|
page execute read
|
||
|
2F6FE980000
|
direct allocation
|
page read and write
|
||
|
2F6F5510000
|
heap
|
page read and write
|
||
|
2F6FE860000
|
direct allocation
|
page read and write
|
||
|
FA45FBF000
|
stack
|
page read and write
|
||
|
2F6F5890000
|
direct allocation
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
2F6FE4F0000
|
trusted library allocation
|
page read and write
|
||
|
237E54B9000
|
heap
|
page read and write
|
||
|
2F6F556F000
|
heap
|
page read and write
|
||
|
2F6DB7AE000
|
heap
|
page read and write
|
||
|
7FF76141E000
|
unkown
|
page write copy
|
||
|
7FF761426000
|
unkown
|
page read and write
|
||
|
237E52D2000
|
heap
|
page read and write
|
||
|
DA258FF000
|
stack
|
page read and write
|
||
|
2F6F5C29000
|
heap
|
page read and write
|
||
|
2F6F5710000
|
direct allocation
|
page read and write
|
||
|
237E5545000
|
heap
|
page read and write
|
||
|
2F6F5B20000
|
heap
|
page read and write
|
||
|
2F6F5C24000
|
heap
|
page read and write
|
||
|
2F6F5E02000
|
heap
|
page read and write
|
||
|
1821000
|
unkown
|
page execute read
|
||
|
2F6F5960000
|
direct allocation
|
page read and write
|
||
|
2F6F5C50000
|
heap
|
page read and write
|
||
|
2F6F5C3D000
|
heap
|
page read and write
|
||
|
2F6DAF56000
|
heap
|
page read and write
|
||
|
7FF7613F0000
|
unkown
|
page readonly
|
||
|
2F6DB7F6000
|
heap
|
page read and write
|
||
|
6A8A1000
|
unkown
|
page readonly
|
||
|
2F6F5E01000
|
heap
|
page read and write
|
||
|
2F6DAF2A000
|
heap
|
page read and write
|
||
|
2F6F5B0C000
|
heap
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
2F6DB84C000
|
heap
|
page read and write
|
||
|
2F6F5890000
|
direct allocation
|
page read and write
|
||
|
237E1336000
|
heap
|
page read and write
|
||
|
237E4F36000
|
heap
|
page read and write
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
DA257FE000
|
stack
|
page read and write
|
||
|
2F6F55C4000
|
heap
|
page read and write
|
||
|
2F6F5E1B000
|
heap
|
page read and write
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
6A8A2000
|
unkown
|
page read and write
|
||
|
2F6F5D12000
|
heap
|
page read and write
|
||
|
2F6FE7A0000
|
direct allocation
|
page read and write
|
||
|
2F6F59A0000
|
direct allocation
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
2F6F5C2E000
|
heap
|
page read and write
|
||
|
2F6F5C31000
|
heap
|
page read and write
|
||
|
2B75000
|
unkown
|
page read and write
|
||
|
2F6F5C94000
|
heap
|
page read and write
|
||
|
2F6F56E8000
|
heap
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
237E7C20000
|
heap
|
page read and write
|
||
|
237E5303000
|
heap
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
237DFAEE000
|
heap
|
page read and write
|
||
|
2F6DB79D000
|
heap
|
page read and write
|
||
|
6A881000
|
unkown
|
page execute read
|
||
|
2F6F59A0000
|
direct allocation
|
page read and write
|
||
|
2F6F5C22000
|
heap
|
page read and write
|
||
|
2F6F5B20000
|
heap
|
page read and write
|
||
|
7FF761411000
|
unkown
|
page readonly
|
||
|
69A43000
|
unkown
|
page readonly
|
||
|
237E5400000
|
heap
|
page read and write
|
||
|
237E5446000
|
heap
|
page read and write
|
||
|
2F6DAF26000
|
heap
|
page read and write
|
||
|
237DFB1F000
|
heap
|
page read and write
|
||
|
237E79A3000
|
heap
|
page read and write
|
||
|
2F6DAF68000
|
heap
|
page read and write
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
2F6DAF81000
|
heap
|
page read and write
|
||
|
2F6DAF45000
|
heap
|
page read and write
|
||
|
2F6DB0A0000
|
heap
|
page read and write
|
||
|
2F6DAF08000
|
heap
|
page read and write
|
||
|
2F6DB0C0000
|
heap
|
page read and write
|
||
|
2F6F5C51000
|
heap
|
page read and write
|
||
|
2F6DD200000
|
direct allocation
|
page read and write
|
||
|
237E2736000
|
heap
|
page read and write
|
||
|
2F6F55AB000
|
heap
|
page read and write
|
||
|
237E79FA000
|
heap
|
page read and write
|
||
|
6A8A6000
|
unkown
|
page readonly
|
||
|
2F6F5B1B000
|
heap
|
page read and write
|
||
|
2F6DAF29000
|
heap
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
7FF761411000
|
unkown
|
page readonly
|
||
|
2F6DB160000
|
direct allocation
|
page read and write
|
||
|
2F6FE510000
|
direct allocation
|
page read and write
|
||
|
2A0C000
|
unkown
|
page readonly
|
||
|
2F6DB240000
|
heap
|
page read and write
|
||
|
2F6F58D0000
|
direct allocation
|
page read and write
|
||
|
237E1430000
|
heap
|
page read and write
|
||
|
6A880000
|
unkown
|
page readonly
|
||
|
237E5556000
|
heap
|
page read and write
|
||
|
2F6DB650000
|
direct allocation
|
page read and write
|
||
|
2F6DB590000
|
direct allocation
|
page read and write
|
||
|
69A00000
|
unkown
|
page readonly
|
||
|
2F6F5C24000
|
heap
|
page read and write
|
||
|
2F6F5DF3000
|
heap
|
page read and write
|
||
|
237E5412000
|
heap
|
page read and write
|
||
|
237DFB0A000
|
heap
|
page read and write
|
||
|
FA47C0F000
|
stack
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
2F6F5890000
|
direct allocation
|
page read and write
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
2F6F5ABD000
|
heap
|
page read and write
|
||
|
2F6F560D000
|
heap
|
page read and write
|
||
|
2F6F5920000
|
direct allocation
|
page read and write
|
||
|
2F6DAF27000
|
heap
|
page read and write
|
||
|
237DFB20000
|
heap
|
page read and write
|
||
|
2F6F59A0000
|
direct allocation
|
page read and write
|
||
|
2F6FE360000
|
direct allocation
|
page read and write
|
||
|
2F6DAEE4000
|
heap
|
page read and write
|
||
|
2F6DAF2B000
|
heap
|
page read and write
|
||
|
237DFAEB000
|
heap
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
69A3E000
|
unkown
|
page readonly
|
||
|
2F6F55FA000
|
heap
|
page read and write
|
||
|
71007000
|
unkown
|
page readonly
|
||
|
2F6F5581000
|
heap
|
page read and write
|
||
|
2F6F5C73000
|
heap
|
page read and write
|
||
|
7FF76142F000
|
unkown
|
page readonly
|
||
|
237DFB28000
|
heap
|
page read and write
|
||
|
678A3000
|
unkown
|
page write copy
|
||
|
6AEE9000
|
unkown
|
page readonly
|
||
|
2F6F57D0000
|
direct allocation
|
page read and write
|
||
|
237E52E3000
|
heap
|
page read and write
|
||
|
2F6F5A00000
|
direct allocation
|
page read and write
|
||
|
2F6F5B20000
|
heap
|
page read and write
|
||
|
2F6DAFC3000
|
heap
|
page read and write
|
||
|
2F6DB0E0000
|
direct allocation
|
page read and write
|
||
|
2F6FE300000
|
heap
|
page read and write
|
||
|
7FF76142F000
|
unkown
|
page readonly
|
||
|
FA4564D000
|
stack
|
page read and write
|
||
|
2F6DB825000
|
heap
|
page read and write
|
||
|
2F6FE720000
|
direct allocation
|
page read and write
|
||
|
69A40000
|
unkown
|
page read and write
|
||
|
237E1435000
|
heap
|
page read and write
|
||
|
2F6F5F70000
|
direct allocation
|
page read and write
|
||
|
237E7C30000
|
heap
|
page read and write
|
||
|
2F6F5C37000
|
heap
|
page read and write
|
||
|
2F6F5DF0000
|
heap
|
page read and write
|
||
|
2F6FE490000
|
direct allocation
|
page read and write
|
||
|
2F6DB84A000
|
heap
|
page read and write
|
||
|
2F6F5C30000
|
heap
|
page read and write
|
||
|
2F6F5580000
|
heap
|
page read and write
|
||
|
2F6F5D59000
|
heap
|
page read and write
|
||
|
2F6F5E2A000
|
heap
|
page read and write
|
||
|
2F6FE8A0000
|
direct allocation
|
page read and write
|
||
|
2F6F5C4E000
|
heap
|
page read and write
|
||
|
2F6F5E1C000
|
heap
|
page read and write
|
||
|
2F6DAF9C000
|
heap
|
page read and write
|
||
|
2F6F5F20000
|
direct allocation
|
page read and write
|
||
|
237E557B000
|
heap
|
page read and write
|
||
|
237E5523000
|
heap
|
page read and write
|
||
|
67898000
|
unkown
|
page readonly
|
||
|
2B1B000
|
unkown
|
page readonly
|
||
|
6AE80000
|
unkown
|
page readonly
|
||
|
237E556B000
|
heap
|
page read and write
|
||
|
2F6DD0E0000
|
heap
|
page read and write
|
||
|
2F6DAF09000
|
heap
|
page read and write
|
||
|
62EA3000
|
unkown
|
page readonly
|
||
|
2F6F560D000
|
heap
|
page read and write
|
||
|
2F6DD4B0000
|
direct allocation
|
page execute and read and write
|
||
|
2F6DAF7D000
|
heap
|
page read and write
|
||
|
2F6F5C92000
|
heap
|
page read and write
|
||
|
2F6DAF56000
|
heap
|
page read and write
|
||
|
2F6F5C01000
|
heap
|
page read and write
|
||
|
2F6DAFA2000
|
heap
|
page read and write
|
||
|
2F6DAFC4000
|
heap
|
page read and write
|
||
|
2F6DD4C0000
|
direct allocation
|
page read and write
|
||
|
237DFB23000
|
heap
|
page read and write
|
||
|
2F6F563E000
|
heap
|
page read and write
|
There are 436 hidden memdumps, click here to show them.