Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
LPO-9180155-PDF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Forbundsstater.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Forbundsstater.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\Fernland.Reg
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Forbundsstater.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3szxrvmo.slg.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mrh50yc4.rav.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\Hithermost.Hyp87
|
dBase IV DBT, blocks size 0, block length 1024, next free block index 15990784, next free block 3132751987, next used block
5439488
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\grensav.sjl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\lokalplanrammes.sus
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\ondskabsfuldhedernes.txt
|
ASCII text, with very long lines (367), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsl302C.tmp
|
data
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LPO-9180155-PDF.exe
|
"C:\Users\user\Desktop\LPO-9180155-PDF.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"powershell.exe" -windowstyle hidden "$Fingereringerne=Get-Content 'C:\Users\user\AppData\Local\Temp\forgrovelse\konstituerendes\Fernland.Reg';$Attributnavn=$Fingereringerne.SubString(75282,3);.$Attributnavn($Fingereringerne)
"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Forbundsstater.exe
|
"C:\Users\user\AppData\Local\Temp\Forbundsstater.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C choice /C Y /N /D Y /T 3 & Del "C:\Users\user\AppData\Local\Temp\Forbundsstater.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\choice.exe
|
choice /C Y /N /D Y /T 3
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://checkip.dyndns.org/
|
132.226.247.73
|
||
|
https://www.reap.skyestates.com.mt/wp-includes/IoNHObzRr183.bin
|
108.167.181.251
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://aka.ms/pscore6lBeq
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://www.reap.skyestates.com.mt/
|
unknown
|
||
|
https://www.reap.skyestates.com.mt/wp-includes/IoNHObzRr183.bino
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 12 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
www.reap.skyestates.com.mt
|
108.167.181.251
|
||
|
checkip.dyndns.com
|
132.226.247.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
108.167.181.251
|
www.reap.skyestates.com.mt
|
United States
|
||
|
132.226.247.73
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\fordjelsesbesvret\Uninstall\Spidsfindigeres22
|
luftrr
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Forbundsstater_RASMANCS
|
FileDirectory
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8F0F000
|
direct allocation
|
page execute and read and write
|
|
|
|
21461000
|
trusted library allocation
|
page read and write
|
|
|
|
401000
|
unkown
|
page execute read
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
242EE000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
55BC000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
840C000
|
stack
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
75A0000
|
trusted library allocation
|
page read and write
|
||
|
21AE000
|
stack
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
6AFE000
|
stack
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
73B1000
|
heap
|
page read and write
|
||
|
6C80000
|
direct allocation
|
page read and write
|
||
|
7337000
|
heap
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
21608000
|
trusted library allocation
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
20DC0000
|
trusted library allocation
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
444000
|
unkown
|
page read and write
|
||
|
20F0F000
|
stack
|
page read and write
|
||
|
B0000
|
trusted library allocation
|
page read and write
|
||
|
55BF000
|
heap
|
page read and write
|
||
|
211AC000
|
stack
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
73CE000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
23F60000
|
heap
|
page execute and read and write
|
||
|
54D0000
|
direct allocation
|
page read and write
|
||
|
2CBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
DCC000
|
stack
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
5520000
|
direct allocation
|
page read and write
|
||
|
212A7000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
7530000
|
trusted library allocation
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
8260000
|
heap
|
page read and write
|
||
|
2249000
|
heap
|
page read and write
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
5608000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
55B3000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
direct allocation
|
page read and write
|
||
|
210C0000
|
remote allocation
|
page read and write
|
||
|
2DAA000
|
heap
|
page read and write
|
||
|
7600000
|
trusted library allocation
|
page read and write
|
||
|
20C9D000
|
stack
|
page read and write
|
||
|
841E000
|
heap
|
page read and write
|
||
|
2DB6000
|
heap
|
page read and write
|
||
|
5AC1000
|
trusted library allocation
|
page read and write
|
||
|
6D00000
|
direct allocation
|
page read and write
|
||
|
554A000
|
heap
|
page read and write
|
||
|
5B28000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
990F000
|
direct allocation
|
page execute and read and write
|
||
|
A30F000
|
direct allocation
|
page execute and read and write
|
||
|
734E000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page execute and read and write
|
||
|
765B000
|
stack
|
page read and write
|
||
|
BA000
|
trusted library allocation
|
page execute and read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
602000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
236DD000
|
stack
|
page read and write
|
||
|
7000000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
212BE000
|
trusted library allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
51E1000
|
trusted library allocation
|
page read and write
|
||
|
242AE000
|
stack
|
page read and write
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
6CA0000
|
direct allocation
|
page read and write
|
||
|
837C000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
55A8000
|
heap
|
page read and write
|
||
|
3432000
|
heap
|
page read and write
|
||
|
223F000
|
remote allocation
|
page execute and read and write
|
||
|
42E000
|
unkown
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
21508000
|
trusted library allocation
|
page read and write
|
||
|
536E000
|
stack
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2484D000
|
stack
|
page read and write
|
||
|
8483000
|
heap
|
page read and write
|
||
|
5AE9000
|
trusted library allocation
|
page read and write
|
||
|
A0000
|
trusted library allocation
|
page read and write
|
||
|
2113F000
|
stack
|
page read and write
|
||
|
C2000
|
trusted library allocation
|
page read and write
|
||
|
212E5000
|
trusted library allocation
|
page read and write
|
||
|
5589000
|
heap
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
heap
|
page read and write
|
||
|
7420000
|
trusted library allocation
|
page read and write
|
||
|
23F1D000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
4980000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
2D2A000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
direct allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
B70F000
|
direct allocation
|
page execute and read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
21628000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
23CE0000
|
heap
|
page read and write
|
||
|
81B0000
|
trusted library allocation
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
4F5000
|
heap
|
page read and write
|
||
|
2CAE000
|
stack
|
page read and write
|
||
|
10E000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
32E8000
|
heap
|
page read and write
|
||
|
21431000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
243EF000
|
stack
|
page read and write
|
||
|
360F000
|
stack
|
page read and write
|
||
|
8429000
|
heap
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
212D6000
|
trusted library allocation
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
90000
|
trusted library allocation
|
page read and write
|
||
|
573F000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page read and write
|
||
|
215A2000
|
trusted library allocation
|
page read and write
|
||
|
2DC3000
|
heap
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
2D7A000
|
heap
|
page read and write
|
||
|
2140F000
|
stack
|
page read and write
|
||
|
21431000
|
trusted library allocation
|
page read and write
|
||
|
81A0000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
2488E000
|
stack
|
page read and write
|
||
|
73EB000
|
heap
|
page read and write
|
||
|
75B0000
|
trusted library allocation
|
page read and write
|
||
|
55BA000
|
heap
|
page read and write
|
||
|
547F000
|
stack
|
page read and write
|
||
|
32AF000
|
stack
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
752D000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
4968000
|
trusted library allocation
|
page read and write
|
||
|
7680000
|
trusted library allocation
|
page read and write
|
||
|
212D9000
|
trusted library allocation
|
page read and write
|
||
|
51E9000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
heap
|
page execute and read and write
|
||
|
75C0000
|
trusted library allocation
|
page read and write
|
||
|
2CB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
20D9D000
|
stack
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
72F0000
|
heap
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
8190000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
554E000
|
heap
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
2FA0000
|
heap
|
page readonly
|
||
|
212C4000
|
trusted library allocation
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
2155A000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2B36000
|
heap
|
page read and write
|
||
|
20E0E000
|
stack
|
page read and write
|
||
|
1700000
|
remote allocation
|
page execute and read and write
|
||
|
21552000
|
trusted library allocation
|
page read and write
|
||
|
B2000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
5C67000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
54BE000
|
stack
|
page read and write
|
||
|
2DA7000
|
heap
|
page read and write
|
||
|
215C3000
|
trusted library allocation
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
2CB4000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library allocation
|
page read and write
|
||
|
4AC1000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
4AB0000
|
heap
|
page execute and read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
403F000
|
remote allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6CB0000
|
direct allocation
|
page read and write
|
||
|
8155000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
2160C000
|
trusted library allocation
|
page read and write
|
||
|
27BD000
|
stack
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
2CB0000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21150000
|
direct allocation
|
page read and write
|
||
|
94000
|
trusted library allocation
|
page read and write
|
||
|
73E2000
|
heap
|
page read and write
|
||
|
7F8C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B23000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
22467000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6F60000
|
heap
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page read and write
|
||
|
2FC7000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
731A000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
20C5E000
|
stack
|
page read and write
|
||
|
6BDE000
|
stack
|
page read and write
|
||
|
6B50000
|
heap
|
page execute and read and write
|
||
|
5510000
|
direct allocation
|
page read and write
|
||
|
6FBE000
|
stack
|
page read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
2CD0000
|
trusted library allocation
|
page read and write
|
||
|
210C0000
|
remote allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
2446F000
|
stack
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
23720000
|
heap
|
page read and write
|
||
|
6CC0000
|
direct allocation
|
page read and write
|
||
|
4A3F000
|
remote allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
21450000
|
heap
|
page execute and read and write
|
||
|
21550000
|
trusted library allocation
|
page read and write
|
||
|
426000
|
unkown
|
page read and write
|
||
|
23F5F000
|
stack
|
page read and write
|
||
|
21300000
|
heap
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
42A000
|
unkown
|
page read and write
|
||
|
339E000
|
unkown
|
page read and write
|
||
|
22489000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
2153B000
|
trusted library allocation
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
6F20000
|
direct allocation
|
page read and write
|
||
|
55B8000
|
heap
|
page read and write
|
||
|
3680000
|
trusted library allocation
|
page read and write
|
||
|
8117000
|
stack
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6D20000
|
direct allocation
|
page read and write
|
||
|
2C27000
|
heap
|
page read and write
|
||
|
212D1000
|
trusted library allocation
|
page read and write
|
||
|
6CE0000
|
direct allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
244AE000
|
stack
|
page read and write
|
||
|
73AA000
|
heap
|
page read and write
|
||
|
2887000
|
heap
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
2CF8000
|
heap
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
7400000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
93000
|
trusted library allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
5CA000
|
heap
|
page read and write
|
||
|
215A6000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
trusted library allocation
|
page read and write
|
||
|
21562000
|
trusted library allocation
|
page read and write
|
||
|
C7000
|
trusted library allocation
|
page execute and read and write
|
||
|
7007000
|
heap
|
page read and write
|
||
|
5375000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
7540000
|
trusted library allocation
|
page execute and read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
55BF000
|
heap
|
page read and write
|
||
|
6CD0000
|
direct allocation
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
8180000
|
trusted library allocation
|
page read and write
|
||
|
E0C000
|
stack
|
page read and write
|
||
|
40B000
|
unkown
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
849B000
|
heap
|
page read and write
|
||
|
21514000
|
trusted library allocation
|
page read and write
|
||
|
20F5E000
|
stack
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
7740000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6FFD000
|
stack
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
7660000
|
trusted library allocation
|
page execute and read and write
|
||
|
8270000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
direct allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
612000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
241AF000
|
stack
|
page read and write
|
||
|
215AA000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
329E000
|
unkown
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
2C3F000
|
remote allocation
|
page execute and read and write
|
||
|
6F10000
|
direct allocation
|
page read and write
|
||
|
6D40000
|
direct allocation
|
page read and write
|
||
|
6B55000
|
heap
|
page execute and read and write
|
||
|
210FE000
|
stack
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
215AE000
|
trusted library allocation
|
page read and write
|
||
|
2DFD000
|
stack
|
page read and write
|
||
|
2159A000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
55FA000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
5377000
|
heap
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
8630000
|
direct allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
23DE0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
21416000
|
trusted library allocation
|
page read and write
|
||
|
B6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C00000
|
trusted library section
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
88F000
|
stack
|
page read and write
|
||
|
216E000
|
stack
|
page read and write
|
||
|
21566000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
277C000
|
stack
|
page read and write
|
||
|
83CE000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
843C000
|
heap
|
page read and write
|
||
|
376F000
|
heap
|
page read and write
|
||
|
80000
|
trusted library allocation
|
page read and write
|
||
|
6CF0000
|
direct allocation
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
72F2000
|
heap
|
page read and write
|
||
|
8410000
|
heap
|
page read and write
|
||
|
7180000
|
heap
|
page read and write
|
||
|
5370000
|
heap
|
page read and write
|
||
|
21510000
|
trusted library allocation
|
page read and write
|
||
|
2105F000
|
stack
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
72F4000
|
heap
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21502000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
76ED000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
3434000
|
heap
|
page read and write
|
||
|
5C54000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6C90000
|
direct allocation
|
page read and write
|
||
|
6F00000
|
direct allocation
|
page read and write
|
||
|
6EE0000
|
direct allocation
|
page read and write
|
||
|
2DAD000
|
heap
|
page read and write
|
||
|
7580000
|
trusted library allocation
|
page read and write
|
||
|
71B2000
|
heap
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
51E3000
|
trusted library allocation
|
page read and write
|
||
|
2CDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
20B5F000
|
stack
|
page read and write
|
||
|
245AF000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
176000
|
trusted library allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
AD0F000
|
direct allocation
|
page execute and read and write
|
||
|
2CC9000
|
trusted library allocation
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
7410000
|
trusted library allocation
|
page read and write
|
||
|
36F0000
|
heap
|
page read and write
|
||
|
21505000
|
trusted library allocation
|
page read and write
|
||
|
363F000
|
remote allocation
|
page execute and read and write
|
||
|
215B6000
|
trusted library allocation
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
215EC000
|
trusted library allocation
|
page read and write
|
||
|
8448000
|
heap
|
page read and write
|
||
|
49DE000
|
stack
|
page read and write
|
||
|
23E46000
|
heap
|
page read and write
|
||
|
8650000
|
trusted library allocation
|
page execute and read and write
|
||
|
2159E000
|
trusted library allocation
|
page read and write
|
||
|
98F000
|
stack
|
page read and write
|
||
|
2CE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CE2000
|
trusted library allocation
|
page read and write
|
||
|
626000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2161A000
|
trusted library allocation
|
page read and write
|
||
|
21517000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2155E000
|
trusted library allocation
|
page read and write
|
||
|
448000
|
unkown
|
page readonly
|
||
|
C10F000
|
direct allocation
|
page execute and read and write
|
||
|
22461000
|
trusted library allocation
|
page read and write
|
||
|
4A1C000
|
stack
|
page read and write
|
||
|
8640000
|
trusted library allocation
|
page execute and read and write
|
||
|
730A000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
27B8000
|
stack
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2240000
|
heap
|
page read and write
|
||
|
8DD0000
|
direct allocation
|
page execute and read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
210C0000
|
remote allocation
|
page read and write
|
||
|
326E000
|
stack
|
page read and write
|
||
|
2334000
|
heap
|
page read and write
|
||
|
54F0000
|
direct allocation
|
page read and write
|
||
|
5530000
|
direct allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
4C16000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21160000
|
direct allocation
|
page read and write
|
||
|
6D10000
|
direct allocation
|
page read and write
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
2498F000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
21410000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
72F8000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
183F000
|
remote allocation
|
page execute and read and write
|
||
|
8493000
|
heap
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2474C000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21523000
|
trusted library allocation
|
page read and write
|
||
|
72C0000
|
trusted library allocation
|
page read and write
|
||
|
212B4000
|
trusted library allocation
|
page read and write
|
||
|
5C6D000
|
trusted library allocation
|
page read and write
|
||
|
2371E000
|
stack
|
page read and write
|
||
|
6D30000
|
direct allocation
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
6F50000
|
heap
|
page read and write
|
||
|
772F000
|
stack
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
212F0000
|
trusted library allocation
|
page read and write
|
||
|
75F0000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
21420000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
heap
|
page read and write
|
||
|
215B2000
|
trusted library allocation
|
page read and write
|
||
|
23CE1000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
8620000
|
trusted library allocation
|
page read and write
|
||
|
8461000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7610000
|
trusted library allocation
|
page read and write
|
||
|
2BF0000
|
trusted library section
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
2442E000
|
stack
|
page read and write
|
||
|
8418000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
73F0000
|
trusted library allocation
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
72C7000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
trusted library allocation
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
21520000
|
trusted library allocation
|
page read and write
|
||
|
215D1000
|
trusted library allocation
|
page read and write
|
||
|
2245000
|
heap
|
page read and write
|
||
|
6C1E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
246D0000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
235FC000
|
stack
|
page read and write
|
||
|
2D1E000
|
heap
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
21440000
|
trusted library allocation
|
page read and write
|
||
|
8474000
|
heap
|
page read and write
|
||
|
833C000
|
stack
|
page read and write
|
||
|
21430000
|
trusted library allocation
|
page read and write
|
||
|
6C70000
|
direct allocation
|
page read and write
|
||
|
23E34000
|
heap
|
page read and write
|
There are 564 hidden memdumps, click here to show them.